Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine.

Published byRobert Phelps Modified over 9 years ago

Similar presentations

Presentation on theme: "Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine."— Presentation transcript:

1 Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine

2 Cloud Computing X as a service, where X is: X as a service, where X is: –Infrastructure, platforms, Software, – Storage, Application, test environments… Characteristics: Characteristics: –Elastic-- Use as much as your needs –Pay for only what you use –Don’t worry about: –system management headaches –Failures –loss of data due to failures –.. –Cheaper due to economy of scale –Better control over IT investments Challenges Challenges –scalability, elasticity, consistency, big data management, interoperability, migration, multi-tenancy, pricing … 2 Utility model

3 Cloud Computing X as a service, where X is: X as a service, where X is: –Infrastructure, platforms, Software, – Storage, Application, test environments… Characteristics: Characteristics: –Elastic -- Use as much as your needs –Pay for only what you use –Don’t worry about –No system management headaches –, loss of data due to failures –Cheaper due to economy of scale –Better control over IT investment Infrastructure Challenges: Infrastructure Challenges: –Scale, multi-tenancy, elasticity, consistency, big data management, interoperability, migration, pricing … 3 Utility model

4 Implications of Loss of Control 4 End Users Cloud Integrity Integrity Will the CSP serve my data correctly? Will the CSP serve my data correctly? Can my data get corrupted? Can my data get corrupted? Availability Availability Will I have access to my data and services at all times? Will I have access to my data and services at all times? Security Security Will the CSP implement its own security policies appropriately? Will the CSP implement its own security policies appropriately? Privacy & confidentiality Privacy & confidentiality Will sensitive data remain confidential? Will sensitive data remain confidential? Will my data be vulnerable to misuse? By other tenants? By the service provider? Will my data be vulnerable to misuse? By other tenants? By the service provider?

5 So will Crypto Researchers Solve the Problem? 5 Large body of research in applied crypto over 2 decades Generality, Efficiency, Security Binary notion of security Semantic security, Perfect Secrecy Great for some user- communities (military, government, trade-secrets) Overprotection if user- community is common users of the cloud. -How much are we willing to pay to prevent leakage of “Mom’s secret recipe”. -.-. Encrypte d search / computati on Queries over encrypted (semi- )structure d data Bucketizatio n (Hacigumus, Sigmod 2002, Hore, VLDB 2004, VLDBJ 2012) OPE (Agraw al Sigmod 2004) Range queries on encrypted data (Shi, S&P 2007) Onion encryption (Popa et al., Sosp ‘11) Fully homomorph ic encryption (Gentry, STOC 2009) Keyword search over encrypted text Symmetri c key based schemes Searchable document encryption (Song, S&P 2000) Encrypted bloom filters (Goh, 2003) Encrypted inverted lists (Curtmola, CCS 2006) Public- key based schemes Bilinear maps (Boneh,Eu rocrypt 2003) Conjuncti ve keyword search (Golle, ACNS 2004) Other schemes (informati on hiding) Coloring based document indexing (Hore, SDM 2012) Classification of Research on Encrypted Search [ Hacigumus, et. al. Survey, 2007, Bagherzandi et al., Encyclopedia entry 2011 ]

6 Risk Based Data Processing in Clouds Risk Based Approach Data (R) Workload (Q) Sensitivity Disclosure Performance Cost Usability Each point represents a different representation of data User Specific constraints on disclosure, costs, etc. Multi Criteria Optimization Data, Workload Partitions (R Cli, R Serv, Q Cli, Q Serv ) and Workload Execution Plan Challenges: Modeling risks – function of trust, security, data representation, sensitivity, exposure duration, usefulness to adversary, … Modeling risks – function of trust, security, data representation, sensitivity, exposure duration, usefulness to adversary, … Mechanism to trace “sensitivity/risk provenance” Mechanism to trace “sensitivity/risk provenance” Mechanisms to Partition Computation & data -- Robust, adaptive, efficient, general,.. Mechanisms to Partition Computation & data -- Robust, adaptive, efficient, general,.. Systems we are building (RADICLE Project at UCI) CloudProtect – (usability versus confidentiality tradeoff) CloudProtect – (usability versus confidentiality tradeoff) –empowers end-users to control loss of data in using web applications such as Box, Google Drive, picasa, shutterfly, etc. Hybridizer – (Cost, performance, confidentiality tradeoffs) Hybridizer – (Cost, performance, confidentiality tradeoffs) – partitioning Hive & map reduce jobs across hybrid clouds to control information leakage Empower owners to strike a balance between risk, performance, and costs by steering data & computation appropriately in mixed trust environments

Download ppt "Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine."

Similar presentations

Querying Encrypted Data using Fully Homomorphic Encryption Murali Mani, UMFlint Talk given at CIDR, Jan 7, 2013 1.

Querying Encrypted Data using Fully Homomorphic Encryption Murali Mani, UMFlint Talk given at CIDR, Jan 7,
Prepared for [xxxx] – Commercial in Confidence connect transform protect A Cloudy Cyberspace? Tony Roadknight – Technical Architect.

Prepared for [xxxx] – Commercial in Confidence connect transform protect A Cloudy Cyberspace? Tony Roadknight – Technical Architect.
Trust Management of Services in Cloud Environments:

Trust Management of Services in Cloud Environments:
Operating System Security

Operating System Security
A Privacy Preserving Index for Range Queries

A Privacy Preserving Index for Range Queries
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,

NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,
Towards a dynamic multi-cloud computing universe Divy Agrawal & Amr El Abbadi UC Santa Barbara

Towards a dynamic multi-cloud computing universe Divy Agrawal & Amr El Abbadi UC Santa Barbara
Introduction to Practical Cryptography Lecture 9 Searchable Encryption.

Introduction to Practical Cryptography Lecture 9 Searchable Encryption.
2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.

2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.
CryptDB: A Practical Encrypted Relational DBMS Raluca Ada Popa, Nickolai Zeldovich, and Hari Balakrishnan MIT CSAIL New England Database Summit 2011.

CryptDB: A Practical Encrypted Relational DBMS Raluca Ada Popa, Nickolai Zeldovich, and Hari Balakrishnan MIT CSAIL New England Database Summit 2011.
UT DALLAS Erik Jonsson School of Engineering & Computer Science FEARLESS engineering BigSecret: A Secure Data Management Framework for Key-Value Stores.

UT DALLAS Erik Jonsson School of Engineering & Computer Science FEARLESS engineering BigSecret: A Secure Data Management Framework for Key-Value Stores.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.

Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Future Work Needed Kenneth Wade Najim Yaqubie. Outline 1.Model is simple 2.Too many assumptions 3.Conflicting internal architectures 4.Security Challenges.

Future Work Needed Kenneth Wade Najim Yaqubie. Outline 1.Model is simple 2.Too many assumptions 3.Conflicting internal architectures 4.Security Challenges.
1 Efficient Conjunctive Keyword Search on Encrypted Data Storage System Author : Jin Wook Byun Dong Hoon Lee Jongin Lim Presentered by Chia Jui Hsu Date.

1 Efficient Conjunctive Keyword Search on Encrypted Data Storage System Author : Jin Wook Byun Dong Hoon Lee Jongin Lim Presentered by Chia Jui Hsu Date.
 Relational Cloud: A Database-as-a-Service for the Cloud Carlo Curino, Evan Jones, Raluca Ada Popa, Nirmesh Malaviya, Eugene Wu, Sam Madden, Hari Balakrishnan,

 Relational Cloud: A Database-as-a-Service for the Cloud Carlo Curino, Evan Jones, Raluca Ada Popa, Nirmesh Malaviya, Eugene Wu, Sam Madden, Hari Balakrishnan,
Research interest: Secure database outsourcing Presented by Alla Lanovenko Thesis Adviser: Professor Huiping Guo 599 A 11 December 2006.

Research interest: Secure database outsourcing Presented by Alla Lanovenko Thesis Adviser: Professor Huiping Guo 599 A 11 December 2006.
Engineering the Cloud Andrew McCombs March 10th, 2011.

Engineering the Cloud Andrew McCombs March 10th, 2011.
Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.

Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.

Similar presentations

Ads by Google