Cloud views2010 google docs privacy

CENTRO TECNOLÓXICO DE TELECOMUNICACIÓNS DE GALICIA

Privacy for Google Docs: Implementing a

Transparent Encryption Layer

Lilian [email protected]

GRADIANT, Galician Research and Development Centre in Advanced Telecommunication

mailto:[email protected]

CENTRO TECNOLÓXICO DE TELECOMUNICACIÓNS DE GALICIA 2

Outline

• Introduction

• Firefox Add-on

• Using the secure Google Docs

• Conclusion and Future Work


Cloud Computing• Distributed computing + distributed storage +

virtualization.

• Advantages for users:

– Scalability.

– Ubiquity.

– Pay-per-use.

– No HW/maintenance cost.

IaaS

PaaS

SaaS


Cloud Privacy• Problems:

– Confidentiality: sensitive data exposed to the infrastructure provider.

– Privacy of the information: unauthorized access to private data by users.

– Loss of data: can users really trust on provider’s infrastructure reliability?


Document editing SaaS

Maximum document size Maximum storage Price

Real time collaboration

Edit uploaded documents Type documents

Google Docs 500K 1 GB free Yes Yes Text Spreadsheets Presentations

Zoho - 1 GB free No Yes Text Spreadsheets Presentations

Microsoft Office Live

25MB 500 MB free No No Text Spreadsheets Presentations

ThinkFree 10 MB 1 GB 30 days trial Yes - Text Spreadsheets Presentations

Feng Office - 300MB 30 days trial Yes Text Spreadsheets Presentations

Adobe BuzzWord 10 MB - free Yes No Text

Maximum document size

Maximum storage Price Real time

collaborationEdit uploaded documents

Type documents

Google Docs 500K 1 GB free Yes YesText

Spreadsheets Presentations

Zoho - 1 GB free No YesText


Microsoft Office Live 25MB 500 MB free No No

Text Spreadsheets Presentations

ThinkFree 10 MB 1 GB 30 days trial Yes -Text


Feng Office - 300MB 30 days trial YesText


Adobe BuzzWord 10 MB - free Yes No Text


Firefox Add-on• Master password.

• Hidden indices: algorithm + options

– User index: information about encrypted and not shared documents.

– Shared index: information about encrypted and shared documents.


Firefox Add-on

• Channel listeners: intercept the communication with Google Docs servers.

• Google Docs API • AJAX requests

• XUL (interface) + JavaScript.

authentication,documents list, sharing permissions...


Firefox Add-on

Algorithm, options

docId

Recover

Store

Google docsCloud

Encrypteddocuments

Client with Internet browser

EncryptionDecryption

module

Browser add-on

Cipheredtext

S

tore

Recover

Index

Plaintext


Using the secure Google Docs: Changes in interface


Using the secure Google Docs: Encrypting a

document


Using the secure Google Docs: Supported algorithms

Name Block size Key size Security SpeedSpeed

depends onkey size?

AES Advanced Encryption Standard 128 bits 128, 192, 256

bits Secure Fast Yes

DES Data Encryption Standard 64 bits 56 bits Insecure Slow -

Triple DES

Triple Data Encryption Algorithm 64 bits 56-168 bits Moderately secure Very Slow No

Blowfish - 64 bits 32-448 bits Moderately secure Fast No

RC4 Rivest Cipher 4 64 bits 8-2048 bits Insecure Very fast No

TEA Tiny Encryption Algorithm 64 bits 128 bits Insecure Fast No

xxTEA Corrected Block TEA

arbitrary, (min 64 bits) 128 bits Moderately secure Fast No


Using the secure Google Docs:

Opening document w/o plugin


Conclusion and Future Work

• New security layer to protect Google Docs documents in a transparent way.

• Encryption in client-side: content of documents sent and stored in Google cloud servers are not accessible.

• Encrypted shared documents in development.• Ciphered spreadsheets: need of server side

support (operations performed in server-side).

CENTRO TECNOLÓXICO DE TELECOMUNICACIÓNS DE GALICIA

Privacy for Google Docs: Implementing a

Transparent Encryption Layer

THANK YOU FOR YOUR ATTENTION!!

Lilian [email protected]

mailto:[email protected]

Technology

Cloud views2010 google docs privacy