Cryptographic Cloud Storage

B99705013 廖以圻

B99705025 陳育旋

Seny Kamara & Kristin Lauter senyk@microsoft .com klauter@microsoft.com

Micorsoft Reaserch













Introduction of the cloud storage service

The basic concept of cryptography

Architecture of a cryptographic storage service

Benefit of a cryptographic storage service

The core component of a cryptographic storage service

Summary


















Summary





Cloud infrastructure can be categorized as private or public

Benefit of public storage service : availability reliability efficient retrieval data sharing



Main concern for a public storage service :

1. confidentiality

2. integrity

we argue for designing a virtual private storage service based on recently cryptographic techniques.


















Summary

symmetric & asymmetric encryption

Symmetric encryption

Asymmetric encryption

Asymmetric encryption


















Summary









Data processor (aka. DP): process data before it is sent to cloud.

Data verifier (aka. DV): checks whether the data in the cloud has been tempered with.

Token generator (aka. TG): generate tokens that enable the cloud storage to retrieve segments of customer data.

credential generator (CG): implements an access control policy by issuing credentials

( 憑據 ) to the various parties in the system



A CUMSTOMER ARCHITECTURE



AN ENTERPRISE ARCHITECTURE







A story begin with three party: Alice, Bob and storage provider.

Alice wants to share data with Bob.

HOW TO DO THAT??





First, Alice and Bob using the same DP, DV,

TG .

Alice generate a cryptography key (master key), which is kept in local.

















When Alice wants to upload files.

Using DP:

Attaches metadata and encrypt and encode.

Using DV:

Verifying the integrity of data.

Using TG:

Wants to retrieve data.

Send token to the cloud storage to search the appropriate encrypted file.







When Bob wants to retrieve some file.

Alice uses TG to make a token to Bob, and also uses a CG to make a credential to Bob.

After Bob receive token and credential, he uses the token to retrieve data, and decrypt it with credential.



A CUMSTOMER ARCHITECTURE



AN ENTERPRISE ARCHITECTURE





MegaCorp wants to share data with

PartnerCorp, MegaCorp store data in cloud storage provider.

Depending on the particular scenario, dedicated machines will run various core components.





 each MegaCorp and PartnerCorp employee receives a credential from the credential generator.

所有人的 credential 都不同，依職位劃分。

Whenever a MegaCorp employee generates data that needs to be stored in the cloud, it sends the data together with an associated decryption policy to the dedicated machine for processing.







To retrieve data from the cloud, an employee requests an appropriate token from the dedicated machine.

Different TOKENS can access different information.

Usage of DV is the same as before.





A PartnerCorp employee needs access to

MegaCorp's data, he authenticates itself to

MegaCorp's dedicated machine and sends it a keyword.

The dedicated machine returns an appropriate token which the employee uses to recover the appropriate files.



In the case that MegaCorp is a very large organization, Data processor may have great loading.

v



Another case the dedicated machines only run data verifiers, token generators and credential generators while the data processing is distributed to each employee.


















Summary





Control of the data is maintained by the customer.

the security properties are derived from cryptography.













Regulatory compliance

Geographic restrictions

Subpoenas

Security breaches

Electronic discovery

Data retention and destruction







Regulatory compliance ( 保護資料 )

Laws for protecting data.

Sol: Data processor and encryption may help.







Geographic restrictions

It can be difficult to ascertain exactly where one's data is being stored once it is sent to the cloud. some customers may be reluctant to use a public cloud for fear of increasing their legal exposure.

Sol: All data are stored in encrypted form.







Subpoenas

If the data is stored in a public cloud, the request may be made to the cloud provider and the latter could even be prevented from notifying the customer.

Sol: data is stored in encrypted form and since the customer retains possession of all the keys.







Security breaches( 漏洞 )

There is always the possibility of a security breach.

Sol: data integrity can be verified at any time.







Electronic discovery organizations are required to preserve and produce records for litigation. Organizations with high levels of litigation may need to keep a copy of large amounts of data.

Sol: a customer can verify the integrity of its data at any point in time.







Data retention and destruction( 資料保留或刪除 )

It can be difficult for a customer to ascertain the integrity of the data or to verify whether it was properly discarded.

Sol: Secure data erasure can be electively achieved by just erasing the master key



Anyway, it’s all about the point:



Encrypted data and Data Verifier.


















Summary



The drawback of the cryptographic storage service :

We have to download all the data , decrypt it and search locally.

The organization have to retrieve all the data to verify the integrity



Improvement :

1.DP index the data and encrypt it under a unique key

2.Encrypt the index using searchable encryption

3.encrypt the unique key with attributebased encryption

4.data verifier can verify their integrity using a proof of storage









A way to encrypt a search index

Given a token for a keyword , one can retrieve pointers to the encrypted files

But sometimes the searching may information to service provider leak some

SSE /ASE /ESE /mSSE











Symmetric searchable encryption (SSE)

Single writer /single reader (SWSR) based on symmetric primitives

Without any token the server learn nothing about the data except its length

Given a token with keyword learn which document contain learn w w , the provider w without

Disadvantage : search time / update











Asymmetric searchable encryption (ASE)

Many writer /single reader (MWSR) based on symmetric primitives

Without any token the server learn nothing about the data except its length

Given a token with keyword w learn which document contain

, the provider w

Disadvantage : the token

w

can be learned





Efficient ASE (ESE)

Search time is more efficient than ASE

Disadvantage : the token

w

can be learned







Multi-user SSE

Single writer /many reader (SWMR)

The owner can add and revoke users’ search privilege over his data



Improvement :









Each user in the system is provided with a decryption key that has a set of attribute with it (credentials)

Decryption will only work if the attribute associated with the decryption key match the policy used to encrypt the massage



Improvement :













Which the server can prove to the client that it did not tamper with the data

The protocol can be executed an arbitray number of times

The amount of information exchanged is independent of the size of the data

Private /public verifiable

Cryptographic Cloud Storage

we argue for designing a virtual private storage service based on recently cryptographic techniques.

Disadvantage : search time / update

Disadvantage : the token

can be learned

Disadvantage : the token

can be learned

Related documents

Products

Support

Cryptographic Cloud Storage

we argue for designing a virtual private storage service based on recently cryptographic techniques.

Disadvantage : search time / update

Disadvantage : the token

can be learned

Disadvantage : the token

can be learned

Related documents

Add this document to collection(s)

Add this document to saved

Suggest us how to improve StudyLib