SAC-PA:CloudSecurity

BalajiPalanisamy

1

SchoolofInformationSciencesUniversityofPittsburgh

bpalan@pitt.edu

Cloud computing Benefits

For clients:◦ No upfront commitment in

buying/leasing hardware◦ Can scale usage according to demand◦ Barriers to entry lowered for startups

For providers:◦ Increased utilization of datacenter

resources minimizes cost

2

So, if cloud computing is so great, why aren’t everyone doing it?

3

Clouds are still subject to traditional data

confidentiality, integrity, availability, and privacy

issues, plus some additional attacks

AWS Security Advice

4

7.2. Security. We strive to keep Your Content secure, but cannot

guarantee that we will be successful at doing so, given the nature of

the Internet. Accordingly, without limitation to Section 4.3 above

and Section 11.5 below, you acknowledge that you bear sole

responsibility for adequate security, protection and backup of Your

Content. We strongly encourage you, where available and

appropriate, to use encryption technology to protect Your Content

from unauthorized access and to routinely archive Your

Content. We will have no liability to you for any unauthorized

access or use, corruption, deletion, destruction or loss of any of

Your Content.

Source:http://aws-portal.amazon.com/gp/aws/developer/terms-and-conditions.html

Example: Online Course Database

5

StudentId

Name Addr GP

A CreditCard …

Student

CourseId

Name InstrId …

Course

CourseId

StudentId

Grade …

StudentCourse

Encryption and DbaaS: Functionality

6

ClientApp

SELECT *FROM coursesWHERE StudentId = 1234

Encryption and DbaaS: Functionality

7

ClientApp

SELECT *FROM coursesWHERE StudentId = 1234

Encrypted

[HIL+02]SIGMOD Test of Time Award

Deterministic Encryption Scheme

Encr

Decr

The quick brown fox jumps over the lazy dog

000102030405060708090a0b0c0d0e0f

a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df

a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df

000102030405060708090a0b0c0d0e0f

The quick brown fox jumps over the lazy dog

Key:

8CryptoTextbook:[KL07]

Plaintext

Plaintext

Ciphertext

Ciphertext

Key:

Nondeterministic Encryption Scheme

EncrThe quick brown fox jumps over the lazy dog

000102030405060708090a0b0c0d0e0f

a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df

EncrThe quick brown fox jumps over the lazy dog

000102030405060708090a0b0c0d0e0f

fa636a2825b339c940668a3157244d17247240236966b3fa6ed2753288425b6c69c4e0d86a7b0430d8cdb78070b4c55a

Key:

9

Example:AES+CBC+variableIV

Deterministic Encryption

10

StudentId AssignId

Score

1 1 68

1 2 71

3 4 99

… … …

select *from assignmentwhere studentid = 1

Deterministic Encryption

11

StudentId_DET AssignId Score

bd6e7c3df2b5779e0b61216e8b10b689

1 68

bd6e7c3df2b5779e0b61216e8b10b689

2 71

7ad5fda789ef4e272bca100b3d9ff59f

4 99

… … …

select *from assignmentwhere studentid_det = bd6e7c3df2b5779e0b61216e8b10b689

Homomorphic Encryption

7ad5fda789ef4e272bca100b3d9ff59f

bd6e7c3df2b5779e0b61216e8b10b689

7a9f102789d5f50b2beffd9f3dca4ea7

Encryptionkeyisnotaninput

12

Order Preserving Encryption

13

Value Enc (Value)

1 0x0001102789d5f50b2beffd9f3dca4ea7

2 0x0065fda789ef4e272bcf102787a93903

3 0x009b5708e13665a7de14d3d824ca9f15

4 0x04e062ff507458f9be50497656ed654c

5 0x08db34fb1f807678d3f833c2194a759e

[BCN11,PLZ13]

Order-Preserving Encryption

14

StudentId

AssignId

Score

1 1 68

1 2 71

3 4 99

… … …

select *from assignmentwhere score >= 90

Order-Preserving Encryption

15

StudentId

AssignId

Score_OPE

1 1 0x0065fda789ef4e272bcf102787a93903

1 2 0x009b5708e13665a7de14d3d824ca9f15

3 4 0x08db34fb1f807678d3f833c2194a759e

… … …

select *from assignmentwhere score_OPE >= 0x04e062ff507458f9be50497656ed654c

Homomorphic Encryption Schemes

FullyHomomorphicEncryption

Order-PreservingEncryption

DeterministicEncryption

Non-DeterministicEncryption

PaillierCryptosystem

ElGamalCryptosystem

(Anyfunction)

16

[G09,G10]

[P99] [E84]

[BCN11,PLZ13]

Homomorphic Encryption Schemes

FullyHomomorphicEncryption

Order-PreservingEncryption

DeterministicEncryption

Non-DeterministicEncryption

PaillierCryptosystem

ElGamalCryptosystem

(Anyfunction)

17

[G09,G10]

[P99] [E84]

[BCN11,PLZ13]

PartialHomomorphicEncryption

Homomorphic Encryption Schemes

FullyHomomorphicEncryption

Order-PreservingEncryption

DeterministicEncryption

Non-DeterministicEncryption

PaillierCryptosystem

ElGamalCryptosystem

(Anyfunction)

18

[G09,G10]

[P99] [E84]

[BCN11,PLZ13]

PartialHomomorphicEncryption

Homomorphic Encryption Schemes: Performance

Scheme Spacefor 1integer(bits)

Timefor1operation

Cosmictimescales

ms

sDeterministic

Order-preserving

PaillierElGamal

FullyHomomorphicEncryption

19

Trusted Client Architecture

� Distributed query processing between untrusted DBMS and client-end DBMS shell

DBMSShell

Client Query Fragment

KeyDBMS

Server Query Fragment

Encrypted Data

Client App

Plaintext Query

Plaintext Results

CryptDB Architecture

� Web proxy rewrites queries, decrypts result

� Leverage P.H.E techniques

WebProxy

Client App

DBMS +UDFs

Rewritten Query

Encrypted DataKey

PlainTextQuery

PlainTextResults

[PRZ+11]

Secure In-Cloud Compute Architecture

� Distributed query processing between untrusted DBMS and trusted cloud compute

� Solutions differ in granularity of integration

DBMS

Untrusted Query Fragment

Encrypted Data

TrustedCompute

Trusted Query Fragment

Key

Encrypted Data

QueryTranslation& Splitting

Client App

Plaintext Results Plaintext

Query

Secure Processors

� TrustedDB◦ Trusted compute is

a full DBMS

Client App

CloudDBMS

Query

Results

IBM SecureCo-processor

Key

EmbeddedLinux & SQL Lite

Storage

[BS11]

TrustedDB Hybrid Example

24[BS11]

Partioned Computing

� Hybrid Clouds◦ Public cloud for non-sensitive data◦ Private cloud for sensitive data◦ Data and compute shipped between them

� Example Hybrid Cloud architectures◦ SEDIC (CCS 2011)◦ SEMROD (SIGMOD 2015)◦ VNCACHE (CCGrid 2014)

25

How can Ann delete her sensitive email?� She doesn’t know where all the copies are� Services may retain data for long after user

tries to delete

Loss of Control: Data Lives Forever

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

26

Ann CarlaSensitive email

ISP

SensitiveSenstive

Sensitive

SensitiveSenstive

Sensitive

SensitiveSenstive

Sensitive

SensitiveSenstive

Sensitive

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

Archived Copies Can Resurface Years Later

27

ISP

SensitiveSenstive

Sensitive

SensitiveSenstive

Sensitive

Some time later…

SensitiveSenstive

Sensitive

SensitiveSenstive

Sensitive

CarlaAnn

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

This is sensitive stuff.

Retroactive attack on archived data

n A system composed of individually-owned computers that make a portion of their resources available directly to their peers without intermediary managed hosts or servers. [~wikipedia]

Important P2P properties (for Vanish):n Huge scale – millions of nodesn Geographic distribution – hundreds of countriesn Decentralization – individually-owned, no single point of trustn Constant evolution – nodes constantly join and leave

Vanish Peer-To-Peer Protocol (OSDI’06)

28

Timed-releaseofSelf-emergingData(ICDCS’17,CLOUD’17)

generated

timer

released

Securelyprotected

Availableforreceivers

Use cases: • non-releasable private data may become releasable due to the degradation of

time-varying data privacy.• time-sensitive online events: secure voting mechanism, online examination.

Timed release of self emerging data:• securely hide the protected data from being accessed prior to the release

time.• automatic appearance of the stored data at the predetermined release

time.

S R

Self-emergingData

Parameters:•Totalfragmentnumber– m(3)•Thresholdfragmentnumber– n(2)•Length– l(3)

Package generation

Package routing

The adjust one-hop scheme can only support medium emerging time period. We propose the multi-hop scheme to handle the very long requirements:

Instead of deploying a single set of nodes to hold the packages during the entire T, we now arrange multiple sets of nodes to carry the packages in relay from the sender to the receiver. Also, the single usage of the erasure coding is now extended to a nested usage so that the old packages can be merged at each set of nodes to generate new packages and the reduced number of alive packages can be replenished during each re-generation.

ChaoLiandBalajiPalanisamy,"Timed-releaseofSelf-emergingDatausingDistributedHashTables",Proc.of37thIEEEInternationalConferenceonDistributedComputingSystems,Atlanta,USA.(ICDCS2017).

ChaoLiandBalajiPalanisamy,"Emerge:Self-emergingDataReleaseusingCloudDataStorage",Proc.of10thIEEEInternationalConferenceonCloudComputing,Honolulu,USA.(IEEECLOUD2017).

� Thank you & Questions

31