Download
data security for cloud storage systems n.
Skip this Video
Loading SlideShow in 5 Seconds..
Data Security for Cloud Storage Systems PowerPoint Presentation
Download Presentation
Data Security for Cloud Storage Systems

Data Security for Cloud Storage Systems

284 Views Download Presentation
Download Presentation

Data Security for Cloud Storage Systems

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Data Security for Cloud Storage Systems Xiaohua Jia Shen Zhen Graduate School Harbin Institute of Technology

  2. Outline • Cloud Storage Systems • Auditing as a Service • Access Control as a Service Dept. of Computer Science City University of Hong Kong

  3. Cloud Storage Systems Dept. of Computer Science City University of Hong Kong

  4. Cloud Storage Systems – data owners • A model of online storage • Cloud Service Providers • Operate large data centers • Virtualize storage pools • Data Owners • Buy or rent storage in a pay-as-you-go model • Data stored in virtual storage Dept. of Computer Science City University of Hong Kong

  5. Cloud Storage Systems - users • Separation of data ownership and service provider Users can access data from anywhere and at anytime Owners Users Dept. of Computer Science City University of Hong Kong

  6. Security Challenges Cloud Servers are not fully trustable: • Data Integrity Data could be corrupted or even deleted in the cloud. • Data Access control Data may be given access to unauthorized users. Dept. of Computer Science City University of Hong Kong

  7. Data Integrity Auditing as a Service Dept. of Computer Science City University of Hong Kong

  8. Auditing as a Service Checking On Retrieval is not adequate: • Not sufficient: random sampling cannot cover large size of data • Not convenient: overhead is too high Auditing as a Service • A service to check the cloud data integrity • Conducted by a Third Party Auditor Dept. of Computer Science City University of Hong Kong

  9. Why Third Party Auditing? A third party auditor can • Provide unbiased auditing results • Benefit for both data owners and service providers • Data Owners – be ensured data integrity • Service Providers – Build good reputation • Able to do a good job efficiently • Professional Expertise • Computing Capabilities Dept. of Computer Science City University of Hong Kong

  10. Research Issues • Privacy Preservation • Keep the data confidential against the auditor • Dynamic Auditing • Allow dynamic updates of data in the cloud • Batch Auditing • Combine multiple auditing tasks together to improve efficiency Dept. of Computer Science City University of Hong Kong

  11. Architecture of 3rd Party Auditing Initialization: Data owner sends 1) encrypted data & verification tags to server, and 2) data index to auditor • Challenge: Auditor sends Challenge to cloud server • Proof: Server responses with Proof • Verification: Auditor verifies correctness of the Proof Auditor Cloud Servers Owners Dept. of Computer Science City University of Hong Kong

  12. An Auditing Algorithm • Initialization • Data Segmentation – Improve Efficiency • Homomorphic Tag – Batch Auditing … … m m1 mi mn Divide m into n blocks … … mij mi mi1 mil Split mi into l sectors • System Parameters: • G1, G2 , GT: multiplicative groups with the same prime order p • e: pairing operation maps a pair of points from G1 and G2 to a point in GT • g1: generator of G1; g2: generator of G2 Dept. of Computer Science City University of Hong Kong

  13. Initialization (cont’d) … … m1 mi mn m … … mij mi mi1 mil ti = (h(skh, FID||i)Πj=1->lg1xjmij)skt abstract information of m: FID, # of blocks, index table, etc. • skt: secret tag key kept by owner skh: secret hash key shared with auditor • g2skt : public tag key shared with auditor g1xj : random key shared with the cloud Auditor Cloud Servers Dept. of Computer Science City University of Hong Kong

  14. Sampling Auditing • Challenge from auditor: C = ({i, vi}iQ, R = (g2skt)r) • Proof by Cloud: P = (DP, TP) • Data Proof: DP = Πj=1->le(g1xj, R)MPj where MPj = ΣiQvimij • Tag Proof: TP = ΠiQtivi … … … … … … mq mij m1j mqj mi m1 mq1 m11 mi1 mil m1l mql MP1 MPj MPl Dept. of Computer Science City University of Hong Kong

  15. Sampling Auditing • Challenge from auditor : C = ({i, vi}iQ , R = (g2skt)r) • Proof by Cloud: P = (DP, TP) • Data Proof: DP = Πj=1->le(g1xj, R)MPj where MPj = ΣiQvimij • Tag Proof: TP = ΠiQtivi • Verification by auditor: Hchal = ΣiQh(skh, FID||i)rvi DP·e(Hchal , g2skt) = e(TP, g2r) ? Dept. of Computer Science City University of Hong Kong

  16. References • Kan Yang and Xiaohua Jia. “Security for Cloud Storage Systems”, Springer 2014, ISBN 978-1-4614-7872-0. • Kan Yang and Xiaohua Jia. “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing”. IEEE Trans. on Parallel and Distributed Systems (TPDS), Vol 24, Issue 9, September 2013. • Kan Yang and Xiaohua Jia. “Data Storage Auditing Service in Cloud Computing: Challenges, Methods and Opportunities”. World Wide Web, Vol 15, Issue 4, July 2012. Dept. of Computer Science City University of Hong Kong

  17. Data Access Control Access Control as a Service Dept. of Computer Science City University of Hong Kong

  18. SK Access Control as a Service • Data stored in server is encrypted. • Encryption-based Access Control • Each authorized user receives a secret key • Users can decrypt ciphertext by their secret keys Owner User Dept. of Computer Science City University of Hong Kong

  19. Difficulties in Key Distribution • Asymmetric Key Encryption (users pub-key for encryption) • Multi-copies of encrypted data for difference users • Symmetric Key Encryption • Difficulties in key distribution Dept. of Computer Science City University of Hong Kong

  20. A Wish-list for Encryption-based Access Control • Key management is scalable • No need of online trusted server for access control • Expressive access control polices Attribute-Based Encryption (ABE) is a promising direction to go! Dept. of Computer Science City University of Hong Kong

  21. OR Prof AND PhD CS Ciphertext-Policy Attribute-Based Encryption (CP-ABE) • Data are encrypted by the access policy • Secret keys are associated with attributes • Attributes are mathematically incorporated into the key (CS AND PhD) OR Prof Alice Bob SK {EE, Prof} {CS, PhD} Dept. of Computer Science City University of Hong Kong

  22. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) • Ciphertext can be decrypted iff attributes in the key satisfy the access policy Satisfies {EE, Prof} (CS AND PhD) OR Prof Alice • No 3rd party evaluates the policy and makes access decision (server is excluded) • Policy checking is embedded in cryptography Dept. of Computer Science City University of Hong Kong

  23. OR AND Professor CS Dept. PhD Attribute-Based Access Control (ABAC) MSK   PK    Owner Authority   SKBob: “CS Dept.” “Professor” SKKevin: “CS Dept.” “Master” Dept. of Computer Science City University of Hong Kong

  24. Advantages of ABAC • Access policy is defined by owners • Access policy is enforced by the cryptography • nobody explicitly evaluates the policies and makes an access decision • Only one copy of ciphertext is generated for each file Dept. of Computer Science City University of Hong Kong

  25. Basic Construction • G: multiplicative group of prime order p. • Intuitive Hardness Discrete Log: Given: g, ga Hard to find: a • Bilinear mape: GG GT Def: An admissible bilinear map e: GG GT is: • Non-degenerate: g generates G  e(g, g) generates GT. • Bilinear: e(ga, gb) = (e(g,g))ab a,bZp, gG • Efficiently computable Dept. of Computer Science City University of Hong Kong

  26. MSK OR OR PK SK SK AND AND Professor Professor CS Dept. CS Dept. PhD PhD “CS Dept.” “PhD” “CS Dept.” “PhD” CP-ABE Algorithms Setup(λ) -> MSK, PK KeyGen(MSK, Attrs.) -> SK Encrypt(PK ,M, Access policy) -> CT Decrypt(SK, CT)-> M Dept. of Computer Science City University of Hong Kong

  27. MSK Public Key System Setup Authority a, b RZP MSK = a PK = ( g, gb, e(g, g)a , H: {0,1}*  G ) Dept. of Computer Science City University of Hong Kong

  28. Secret Key Generation Authority Authority issues secret keys for users who have attributes Alice Charlie Bob “CS Dept.” “Professor” “CS Dept.” “Master” “EE Dept.” “PhD” Dept. of Computer Science City University of Hong Kong

  29. OR Prof AND CS Dept. PhD Collusion Attack • Users may collude to decrypt data by combining their attributes  Charlie Bob “CS Dept.” “Master” “EE Dept.” “PhD” Dept. of Computer Science City University of Hong Kong

  30. Prevent Collusion Attack Authority Bob has attributes: {“Master”, “CS Dept.”, “TA”} MSK = a SK = ( ga+bt, gt, H(“Master”)t, H(“CS Dept.”)t,H(“TA”)t) t: random number in Zp. It ties components in SK together Personalization! Collusion Resistance Dept. of Computer Science City University of Hong Kong

  31. SK SK Key Personalization Bob: “CS Dept.” … ga+bt, gt, H(“CS Dept.”)t, Random t Charlie: “PhD” … H(“PhD”)t’ ga+bt’, gt’, Components are incompatible Random t’ Dept. of Computer Science City University of Hong Kong

  32. OR AND Professor OR CS Dept. PhD M AND Prof CS Dept. PhD Data Encryption PK = ( g, gb, e(g, g)a , H: {0,1}*  G ) Data Owner Given M and policy, owner generates a random secret s s s s1=s s3=r s2=s-r Ciphertext: CT = ( M e(g,g)as, gs, C1 = (gbs1H(“Prof”)r1, gr1), C2 = (gbs2H(“PhD”)r2, C3 = (gbs3H(“CS Dept.”)r3, gr3) ) . Dept. of Computer Science City University of Hong Kong

  33. Data Decryption Ciphertext CT CT = ( Me(g,g)as, gs, C1= (gbs1H(“Prof”)r1, gr1), C2 = (gbs2H(“PhD”)r2, gr2), C3 = (gbs3H(“CS Dept.”)r3, gr3) ) Secret Key SK SK = ( ga+bt, gt, H(“Prof”)t, H(“PhD”)t,H(“CS Dept.”)t) e(ga+bt, gs)=e(g,g)as e(g,g)bts e(gbs3H(“CS Dept.”)r3, gt) e(gbs2H(“PhD”)r2, gt) e(gbs1H(“Prof”)r1, gt) “PhD” AND “CS Dept.” “Prof” OR e(gr3, H(“CS Dept.”)t) e(gr2, H(“PhD”)t) e(gr1, H(“Prof”)t) . =e(g,g)bts2 e(g,g)bts3 = e(g,g)bts e(g,g)bts= Dept. of Computer Science City University of Hong Kong

  34. AND OR CS dept. manager marketing Research Challenges • Multiple Authorities Authority in CityU Authority in Google Bob: “CS dept.” Kevin: “manager” Dept. of Computer Science City University of Hong Kong

  35. Research Challenges • Attribution Revocation • Prevent revoked users from decrypting new ciphertexts • Guarantee new users to decrypt previous ciphertexts • Decryption Efficiency • Mobile Devices • Policy Hidden K Yang, X Jia, K Ren, R Xie and L Huang. “Enabling Efficient Access Control with Dynamic Policy Updating for Big Data in the Cloud”, INFOCOM’14. K Yang, X Jia, K Ren and B Zhang. “DAC-MACS: Effective Data Access Control for Multi-Authority Cloud Storage Systems”, INFOCOM’13, extended version in IEEE Trans on Information Forensics and Security 8(11), 2013. K Yang and X Jia. “Attributed-based Access Control for Multi-authority Systems in Cloud Storage,” ICDCS’12. Dept. of Computer Science City University of Hong Kong

  36. Summary • Cloud server is not fully trusted by data owners • Data Integrity • Auditing as a Service • Data Access Control • Access Control as a Service Dept. of Computer Science City University of Hong Kong

  37. Thank You! Q&A Dept. of Computer Science City University of Hong Kong