Download
security and privacy in cloud computing n.
Skip this Video
Loading SlideShow in 5 Seconds..
Security and Privacy in Cloud Computing PowerPoint Presentation
Download Presentation
Security and Privacy in Cloud Computing

Security and Privacy in Cloud Computing

128 Views Download Presentation
Download Presentation

Security and Privacy in Cloud Computing

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Security and Privacy in Cloud Computing Ragib HasanUniversity of Alabama at BirminghamCS 491/691/791 Fall 2011 Lecture 10 09/15/2011

  2. Securing Data Integrity Goal: Learn about PoR based techniques for protecting data integrity in clouds Review Assignment #4 Kevin D. Bowers, Ari Juels, and AlinaOprea. HAIL: A high-availability and integrity layer for cloud storage. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS '09), 2009 Fall 2011 Lecture 10 | UAB | Ragib Hasan

  3. PoR: Proof of Retrievability • Definition: • A compact proof that • the stored file is intact • It can be retrieved • Difference with PDP? • PDP proves the file is present in the server • PDP doesn’t prove the file is retrievable in entirety Fall 2011 Lecture 10 | UAB | Ragib Hasan

  4. Overview of PoR File F Key Generator File Encoder Key k Challenge c Response r Client Server Fall 2011 Lecture 10 | UAB | Ragib Hasan

  5. HAIL: High Availability and Integrity Layer (RSA Labs) RAID for clouds!! Uses PoR and distributed file storage to ensure retrievability, integrity, and availability Allows recovering from malicious cloud providers Fall 2011 Lecture 10 | UAB | Ragib Hasan

  6. Why we need HAIL? • PoR allows checking data retrievability, but if data is deleted by malicious provider, nothing can be done. • Even single bit errors can render file useless • Idea: • Use error-correcting codes to ignore small errors • Use PoR to detect larger errors • Use RAID like redundancy using multiple cloud providers (to ensure reconstruction) Fall 2011 Lecture 10 | UAB | Ragib Hasan

  7. Advantages of HAIL Strong file-intactness assurance Low overhead Strong adversarial model Direct client-server communication Fall 2011 Lecture 10 | UAB | Ragib Hasan

  8. File block File block File block RAID (Redundant Array of Inexpensive Disks) Parity block F F1 F2 F3 F1F2 F3 Fall 2011 Lecture 10 | UAB | Ragib Hasan

  9. The Cloud isn’t necessarily so nice Provider A Provider B Provider C Provider D X X X F F1 F2 F3 F1F2 F3 • What if service providers lose data but… don’t tell you until file is lost? Fall 2011 Lecture 10 | UAB | Ragib Hasan

  10. Mobile adversary • A mobile adversary moves from device to device, corrupting as it goes—potentially silently • Mobile adversary models, e.g., system failures / corruptions over time, virus propagation • RAID isn’t designed for this kind of adversary • Designed for limited, readily detectable failures in devices you own—the benign case Fall 2011 Lecture 10 | UAB | Ragib Hasan

  11. Mobile adversary • In cryptography, usual approach to mobile adversary is proactive Fall 2011 Lecture 10 | UAB | Ragib Hasan

  12. Mobile adversary • In cryptography, usual approach to mobile adversary is proactive • Another, cheaper possibility is reactive: We detect and remediate • Like whack-a-mole! • PORs can provide detection here… Fall 2011 Lecture 10 | UAB | Ragib Hasan

  13. HAIL design principle TAR: Test and Redistribute • Divide time into epochs • At each epoch, test for any corruption/missing blocks • Rebuild corrupted blocks by getting data from other cloud providers, and distributing to damaged copy Fall 2011 Lecture 10 | UAB | Ragib Hasan

  14. Multiple providers: Naïve approach Google EMC Atmos Amazon S3 F F F Naïve approach F Sample and check consistency across providers Client Fall 2011 Lecture 10 | UAB | Ragib Hasan

  15. Creeping attack Google EMC Atmos Amazon S3 F F F F F F File can not be recovered after [n/b] epochs The probability that client samples the corrupted block is low Client Fall 2011 Lecture 10 | UAB | Ragib Hasan 15

  16. Local PoR checks are costly Google EMC Atmos Amazon S3 F F F POR POR POR F ECC Cons: requires integrity checks for each replica Client 16 Fall 2011 Lecture 10 | UAB | Ragib Hasan

  17. HAIL overview Fall 2011 Lecture 10 | UAB | Ragib Hasan

  18. Reconstruction in HAIL Fall 2011 Lecture 10 | UAB | Ragib Hasan

  19. Dispersal code P1 P2 P3 P4 P5 dispersal (n,m) F F Dispersal code parity blocks Client Fall 2011 Lecture 10 | UAB | Ragib Hasan

  20. Dispersal code P1 P2 P3 P4 P5 Dispersal code parity Stripe POR encoding F Dispersal code parity blocks How to increase file lifetime? Check that stripe is a codeword in dispersal code POR encoding to correct small corruption Client Fall 2011 Lecture 10 | UAB | Ragib Hasan

  21. Increasing file lifetime with MACs P1 P2 P3 P4 P5 MAC MAC MAC MAC MAC Can we reduce storage overhead? Client Fall 2011 Lecture 10 | UAB | Ragib Hasan

  22. Integrity-protected dispersal code P1 P2 P3 P4 P5 hk1(m) hk2(m) m UHF + PRF Reed-Solomon dispersal code Client Fall 2011 Lecture 10 | UAB | Ragib Hasan

  23. Integrity-protected dispersal code P1 P2 P3 P4 P5 + PRF m MACs embedded into parity symbols Client Fall 2011 Lecture 10 | UAB | Ragib Hasan

  24. Things to consider Practicality of the scheme (test and redistribute) Attacker model Other security issues Fall 2011 Lecture 10 | UAB | Ragib Hasan