Speaker: Meng-Ting Tsai Date:2010/11/16 Toward Publicly Auditable Secure Cloud Data Storage Services Cong Wang and Kui Ren..etc IEEE Communications Society.

Slides:

Advertisements

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Advertisements

Operating System Security

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Secure Systems Research Group - FAU Process Standards (and Process Improvement)

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Database Administration and Security Transparencies 1.

Software Certification and Attestation Rajat Moona Director General, C-DAC.

Information Systems Audit Program. Benefit Audit programs are necessary to perform an effective and efficient audit. Audit programs are essentially checklists.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.

Introduction Cloud characteristics Security and Privacy aspects Principal parties in the cloud Trust in the cloud 1. Trust-based privacy protection 2.Subjective.

Chapter 1 – Introduction

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Lecture Nine Database Planning, Design, and Administration

Cloud Usability Framework

Cloud Computing Guide & Handbook SAI USA Madhav Panwar.

SPRING 2011 CLOUD COMPUTING Cloud Computing San José State University Computer Architecture (CS 147) Professor Sin-Min Lee Presentation by Vladimir Serdyukov.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Introduction to Databases Transparencies 1. ©Pearson Education 2009 Objectives Common uses of database systems. Meaning of the term database. Meaning.

Cloud Computing.

Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2

Construction of efficient PDP scheme for Distributed Cloud Storage. By Manognya Reddy Kondam.

Abstract Provable data possession (PDP) is a probabilistic proof technique for cloud service providers (CSPs) to prove the clients' data integrity without.

Organization  Introduction to Network Coding  Practical Network Coding  Secure Network Coding  Structured File Sharing  Conclusion.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.

A Cloud is a type of parallel and distributed system consisting of a collection of inter- connected and virtualized computers that are dynamically provisioned.

A Survey on Secure Cloud Data Storage ZENG, Xi CAI, Peng

Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.

Privacy-Preserving Public Auditing for Secure Cloud Storage

SecureMR: A Service Integrity Assurance Framework for MapReduce Author: Wei Wei, Juan Du, Ting Yu, Xiaohui Gu Source: Annual Computer Security Applications.

HPCC 2015, August , New York, USA Wei Chang c Joint work with Qin Liu a, Guojun Wang b, and Jie Wu c a. Hunan University, P. R. China b. Central.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Enabling Dynamic Data and Indirect Mutual Trust for Cloud Computing Storage Systems.

By: Ashish Gohel 8 th sem ISE.. Why Cloud Computing ? Cloud Computing platforms provides easy access to a company’s high-performance computing and storage.

Plan  Introduction  What is Cloud Computing?  Why is it called ‘’Cloud Computing’’?  Characteristics of Cloud Computing  Advantages of Cloud Computing.

Identity-Based Distributed Provable Data Possession in Multi-Cloud Storage.

Presented by: Suparita Parakarn Kinzang Wangdi Research Report Presentation Computer Network Security.

Speaker: Meng-Ting Tsai Date:2011/04/26 Establishing Trust in Cloud Computing IEEE Computer Society.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Using SaaS and Cloud computing For “On Demand” E Learning Services Application to Navigation and Fishing Simulator Author Maha KHEMAJA, Nouha AMMARI, Fayssal.

Cloud Computing Project By:Jessica, Fadiah, and Bill.

Distributed System Concepts and Architectures 2.3 Services Fall 2011 Student: Fan Bai

A Multimedia Presentation by Louis Balzani. o Source of extreme power o High elasticity o Large data centers generate 5-7x savings.

Abstract With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to the commercial.

P2: Privacy-Preserving Communication and Precise Reward Architecture for V2G Networks in Smart Grid P2: Privacy-Preserving Communication and Precise Reward.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Company small business cloud solution Client UNIVERSITY OF BEDFORDSHIRE.

Speaker: Meng-Ting Tsai Date:2010/11/25 The Information Assurance Practices of Cloud Computing Vendors IEEE Communications Society.

Data Integrity Proofs in Cloud Storage Author: Sravan Kumar R and Ashutosh Saxena. Source: The Third International Conference on Communication Systems.

Harnessing the Cloud for Securely Outsourcing Large- Scale Systems of Linear Equations.

3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.

LOGO Cloud Storage Oriented Cipher-text Search Protocol.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Database Laboratory Regular Seminar TaeHoon Kim Article.

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.

Introduction To Cloud Computing By Diptee Chikmurge And Minakshi Vharkate Asst.Professor MIT AOE Alandi(D),Pune.

Lan Zhou, Vijay Varadharajan, and Michael Hitchens

INFORMATION SYSTEMS SECURITY and CONTROL

ONLINE SECURE DATA SERVICE

Terms: Data: Database: Database Management System: INTRODUCTION

Presentation transcript:

Speaker: Meng-Ting Tsai Date:2010/11/16 Toward Publicly Auditable Secure Cloud Data Storage Services Cong Wang and Kui Ren..etc IEEE Communications Society

Directory Introduction Cloud Storage Architecture and Security Threats Ensuring Cloud Data Security Concluding Remarks 2015/10/21 2

Introduction(1) Cloud computing has been envisioned as the next- generation architecture of the IT: 1. On-demand self-service. 2. Ubiquitous network access. 3. Location-independent resource pooling. 4. Rapid resource elasticity. 5. Usage-based pricing. 6. Transference of risk. 2015/10/21 3

Introduction(2) From the data owners’ perspective, a flexible on-demand manner brings appealing benefits: 1. Relief of the burden of storage management. 2. Universal data access with independent geographical locations. 3. Avoidance of capital expenditure on hardware, software, personnel maintenance. 2015/10/21 4

Introduction(3) Since cloud service providers (CSP) are separate administrative entities, data outsourcing actually relinquishes the owner’s ultimate control over the fate of their data. 2015/10/21 5

Introduction(4) Outages and security breaches of noteworthy cloud services appear from time to time. EX : Gmail’s mass deletion incident. There are various motivations for CSPs to behave unfaithfully toward cloud customers regarding the status of their outsourced data. EX : Hiding data loss incidents to maintain a reputation. 2015/10/21 6

Introduction(5) Traditional cryptographic primitives for the purpose of data security protection cannot be directly adopted. It is often insufficient to detect data corruption only when accessing the data. The tasks of auditing the data correctness in a cloud environment can be formidable and expensive for data owners. 2015/10/21 7

Introduction(6) To fully ensure data security and save data owners’ computation resources, we propose to enable publicly auditable cloud storage services TPA( Third Party Auditor ). TPA provides a transparent yet cost-effective method for establishing trust between data owner and cloud server. 2015/10/21 8

Introduction(7) This article is intended as a call for action, aiming to motivate further research on dependable cloud storage services and enable public auditing services to become a reality. We sketch a set of building blocks, including recently developed cryptographic primitives (e.g., homomorphic authenticator). 2015/10/21 9

Directory Introduction Cloud Storage Architecture and Security Threats Ensuring Cloud Data Security Concluding Remarks 2015/10/21 10

Cloud Storage Architecture and Security Threats(1) Problem Statement: We begin with a high-level architecture description of cloud data storage services illustrated in Fig /10/21 11

Cloud Storage Architecture and Security Threats(2) 2015/10/21 12

Cloud Storage Architecture and Security Threats(3) Security Threats ： We consider both malicious outsiders and a semi-trusted CS ( Cloud Server ) as potential adversaries interrupting cloud data storage services. For its own benefit the CS might neglect to keep or deliberately delete rarely accessed data files that belong to ordinary cloud owners. 2015/10/21 13

Cloud Storage Architecture and Security Threats(4) Desirable Properties for Public Auditing ： (1)Minimize Auditing Overhead. (2)Protect Data Privacy. (3)Support Data Dynamics. (4)Support Batch Auditing. 2015/10/21 14

Cloud Storage Architecture and Security Threats(5) (1)Minimize Auditing Overhead ： Any extra online burden on a data owner should also be as low as possible. (2)Protect Data Privacy ： TPA should be able to efficiently audit the cloud data storage without demanding a local copy of data or even learning the data content. 2015/10/21 15

Cloud Storage Architecture and Security Threats(6) (3)Support Data Dynamics ： As a cloud storage service is not just a data warehouse, owners are subject to dynamically updating their data via various application purposes. (4)Support Batch Auditing ： The prevalence of large-scale cloud storage service further demands auditing efficiency. 2015/10/21 16

Directory Introduction Cloud Storage Architecture and Security Threats Ensuring Cloud Data Security Concluding Remarks 2015/10/21 17

Ensuring Cloud Data Security(1) 2015/10/21 18

Ensuring Cloud Data Security(2) Traditional Methods Revisited. Utilizing Homomorphic Authenticators. Protecting Data Privacy. Supporting Data Dynamics. Handling Multiple Concurrent Tasks. Further Challenges. 2015/10/21 19

Ensuring Cloud Data Security(3) Traditional Methods Revisited ： A straightforward approach to protect the data integrity would be using traditional cryptographic methods, MACs ( Message Authentication Codes ). While this method allows data owners to verify the correctness of the received data from the cloud, it does not give any assurance about the correctness of other outsourced data. 2015/10/21 20

Ensuring Cloud Data Security(4) A particular drawback is that the number of times a data file can be audited is limited by the number of secret keys that must be fixed a priori. 2015/10/21 21

Ensuring Cloud Data Security(5) Utilizing Homomorphic Authenticators ： Homomorphic authenticators are unforgeable metadata generated from individual data blocks. Using this technique requires additional information encoded along with the data before outsourcing. 2015/10/21 22

Ensuring Cloud Data Security(6) 2015/10/21 23

Ensuring Cloud Data Security(7) Protecting Data Privacy ： If enough linear combinations of the same blocks are collected, the TPA can simply derive the sampled data content by solving a system of linear equations. This drawback greatly affects the security of using homomorphic- authenticator-based. 2015/10/21 24

Ensuring Cloud Data Security(8) To address this concern, a proper approach is to combine the homomorphic authenticator with random masking. 2015/10/21 25

Ensuring Cloud Data Security(9) Supporting Data Dynamics ： Using homomorphic authenticators helps achieve a constant communication overhead for public auditability. 2015/10/21 26

Ensuring Cloud Data Security(10) Handling Multiple Concurrent Tasks ： Such a technique supports the aggregation of multiple signatures by distinct signers on distinct messages into a single signature and thus allows efficient verification for the authenticity of all messages.

Ensuring Cloud Data Security(11) Further Challenges ： 1.Accountability 2.Multi-Writer Model 3.Performance

Directory Introduction Cloud Storage Architecture and Security Threats Ensuring Cloud Data Security Concluding Remarks 2015/10/21 29

Concluding Remarks Cloud computing has been envisioned as the next- generation architecture of enterprise IT. We believe security in cloud computing, an area full of challenges.

Thank you for your attention!!