Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
SAC-PA:CloudSecurity
BalajiPalanisamy
1
SchoolofInformationSciencesUniversityofPittsburgh
Cloud computing Benefits
For clients:◦ No upfront commitment in
buying/leasing hardware◦ Can scale usage according to demand◦ Barriers to entry lowered for startups
For providers:◦ Increased utilization of datacenter
resources minimizes cost
2
So, if cloud computing is so great, why aren’t everyone doing it?
3
Clouds are still subject to traditional data
confidentiality, integrity, availability, and privacy
issues, plus some additional attacks
AWS Security Advice
4
7.2. Security. We strive to keep Your Content secure, but cannot
guarantee that we will be successful at doing so, given the nature of
the Internet. Accordingly, without limitation to Section 4.3 above
and Section 11.5 below, you acknowledge that you bear sole
responsibility for adequate security, protection and backup of Your
Content. We strongly encourage you, where available and
appropriate, to use encryption technology to protect Your Content
from unauthorized access and to routinely archive Your
Content. We will have no liability to you for any unauthorized
access or use, corruption, deletion, destruction or loss of any of
Your Content.
Source:http://aws-portal.amazon.com/gp/aws/developer/terms-and-conditions.html
Example: Online Course Database
5
StudentId
Name Addr GP
A CreditCard …
Student
CourseId
Name InstrId …
Course
CourseId
StudentId
Grade …
StudentCourse
Encryption and DbaaS: Functionality
6
ClientApp
SELECT *FROM coursesWHERE StudentId = 1234
Encryption and DbaaS: Functionality
7
ClientApp
SELECT *FROM coursesWHERE StudentId = 1234
Encrypted
[HIL+02]SIGMOD Test of Time Award
Deterministic Encryption Scheme
Encr
Decr
The quick brown fox jumps over the lazy dog
000102030405060708090a0b0c0d0e0f
a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df
a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df
000102030405060708090a0b0c0d0e0f
The quick brown fox jumps over the lazy dog
Key:
8CryptoTextbook:[KL07]
Plaintext
Plaintext
Ciphertext
Ciphertext
Key:
Nondeterministic Encryption Scheme
EncrThe quick brown fox jumps over the lazy dog
000102030405060708090a0b0c0d0e0f
a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df
EncrThe quick brown fox jumps over the lazy dog
000102030405060708090a0b0c0d0e0f
fa636a2825b339c940668a3157244d17247240236966b3fa6ed2753288425b6c69c4e0d86a7b0430d8cdb78070b4c55a
Key:
9
Example:AES+CBC+variableIV
Deterministic Encryption
10
StudentId AssignId
Score
1 1 68
1 2 71
3 4 99
… … …
select *from assignmentwhere studentid = 1
Deterministic Encryption
11
StudentId_DET AssignId Score
bd6e7c3df2b5779e0b61216e8b10b689
1 68
bd6e7c3df2b5779e0b61216e8b10b689
2 71
7ad5fda789ef4e272bca100b3d9ff59f
4 99
… … …
select *from assignmentwhere studentid_det = bd6e7c3df2b5779e0b61216e8b10b689
Homomorphic Encryption
7ad5fda789ef4e272bca100b3d9ff59f
bd6e7c3df2b5779e0b61216e8b10b689
7a9f102789d5f50b2beffd9f3dca4ea7
Encryptionkeyisnotaninput
12
Order Preserving Encryption
13
Value Enc (Value)
1 0x0001102789d5f50b2beffd9f3dca4ea7
2 0x0065fda789ef4e272bcf102787a93903
3 0x009b5708e13665a7de14d3d824ca9f15
4 0x04e062ff507458f9be50497656ed654c
5 0x08db34fb1f807678d3f833c2194a759e
[BCN11,PLZ13]
Order-Preserving Encryption
14
StudentId
AssignId
Score
1 1 68
1 2 71
3 4 99
… … …
select *from assignmentwhere score >= 90
Order-Preserving Encryption
15
StudentId
AssignId
Score_OPE
1 1 0x0065fda789ef4e272bcf102787a93903
1 2 0x009b5708e13665a7de14d3d824ca9f15
3 4 0x08db34fb1f807678d3f833c2194a759e
… … …
select *from assignmentwhere score_OPE >= 0x04e062ff507458f9be50497656ed654c
Homomorphic Encryption Schemes
FullyHomomorphicEncryption
Order-PreservingEncryption
DeterministicEncryption
Non-DeterministicEncryption
PaillierCryptosystem
ElGamalCryptosystem
(Anyfunction)
16
[G09,G10]
[P99] [E84]
[BCN11,PLZ13]
Homomorphic Encryption Schemes
FullyHomomorphicEncryption
Order-PreservingEncryption
DeterministicEncryption
Non-DeterministicEncryption
PaillierCryptosystem
ElGamalCryptosystem
(Anyfunction)
17
[G09,G10]
[P99] [E84]
[BCN11,PLZ13]
PartialHomomorphicEncryption
Homomorphic Encryption Schemes
FullyHomomorphicEncryption
Order-PreservingEncryption
DeterministicEncryption
Non-DeterministicEncryption
PaillierCryptosystem
ElGamalCryptosystem
(Anyfunction)
18
[G09,G10]
[P99] [E84]
[BCN11,PLZ13]
PartialHomomorphicEncryption
Homomorphic Encryption Schemes: Performance
Scheme Spacefor 1integer(bits)
Timefor1operation
Cosmictimescales
ms
sDeterministic
Order-preserving
PaillierElGamal
FullyHomomorphicEncryption
19
Trusted Client Architecture
� Distributed query processing between untrusted DBMS and client-end DBMS shell
DBMSShell
Client Query Fragment
KeyDBMS
Server Query Fragment
Encrypted Data
Client App
Plaintext Query
Plaintext Results
CryptDB Architecture
� Web proxy rewrites queries, decrypts result
� Leverage P.H.E techniques
WebProxy
Client App
DBMS +UDFs
Rewritten Query
Encrypted DataKey
PlainTextQuery
PlainTextResults
[PRZ+11]
Secure In-Cloud Compute Architecture
� Distributed query processing between untrusted DBMS and trusted cloud compute
� Solutions differ in granularity of integration
DBMS
Untrusted Query Fragment
Encrypted Data
TrustedCompute
Trusted Query Fragment
Key
Encrypted Data
QueryTranslation& Splitting
Client App
Plaintext Results Plaintext
Query
Secure Processors
� TrustedDB◦ Trusted compute is
a full DBMS
Client App
CloudDBMS
Query
Results
IBM SecureCo-processor
Key
EmbeddedLinux & SQL Lite
Storage
[BS11]
TrustedDB Hybrid Example
24[BS11]
Partioned Computing
� Hybrid Clouds◦ Public cloud for non-sensitive data◦ Private cloud for sensitive data◦ Data and compute shipped between them
� Example Hybrid Cloud architectures◦ SEDIC (CCS 2011)◦ SEMROD (SIGMOD 2015)◦ VNCACHE (CCGrid 2014)
25
How can Ann delete her sensitive email?� She doesn’t know where all the copies are� Services may retain data for long after user
tries to delete
Loss of Control: Data Lives Forever
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
26
Ann CarlaSensitive email
ISP
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
Archived Copies Can Resurface Years Later
27
ISP
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
Some time later…
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
CarlaAnn
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
Retroactive attack on archived data
n A system composed of individually-owned computers that make a portion of their resources available directly to their peers without intermediary managed hosts or servers. [~wikipedia]
Important P2P properties (for Vanish):n Huge scale – millions of nodesn Geographic distribution – hundreds of countriesn Decentralization – individually-owned, no single point of trustn Constant evolution – nodes constantly join and leave
Vanish Peer-To-Peer Protocol (OSDI’06)
28
Timed-releaseofSelf-emergingData(ICDCS’17,CLOUD’17)
generated
timer
released
Securelyprotected
Availableforreceivers
Use cases: • non-releasable private data may become releasable due to the degradation of
time-varying data privacy.• time-sensitive online events: secure voting mechanism, online examination.
Timed release of self emerging data:• securely hide the protected data from being accessed prior to the release
time.• automatic appearance of the stored data at the predetermined release
time.
S R
Self-emergingData
Parameters:•Totalfragmentnumber– m(3)•Thresholdfragmentnumber– n(2)•Length– l(3)
Package generation
Package routing
The adjust one-hop scheme can only support medium emerging time period. We propose the multi-hop scheme to handle the very long requirements:
Instead of deploying a single set of nodes to hold the packages during the entire T, we now arrange multiple sets of nodes to carry the packages in relay from the sender to the receiver. Also, the single usage of the erasure coding is now extended to a nested usage so that the old packages can be merged at each set of nodes to generate new packages and the reduced number of alive packages can be replenished during each re-generation.
ChaoLiandBalajiPalanisamy,"Timed-releaseofSelf-emergingDatausingDistributedHashTables",Proc.of37thIEEEInternationalConferenceonDistributedComputingSystems,Atlanta,USA.(ICDCS2017).
ChaoLiandBalajiPalanisamy,"Emerge:Self-emergingDataReleaseusingCloudDataStorage",Proc.of10thIEEEInternationalConferenceonCloudComputing,Honolulu,USA.(IEEECLOUD2017).
� Thank you & Questions
31