On securing untrusted clouds with cryptography

Chen, Yao; Sion, Radu

doi:10.1145/1866919.1866935

Cited by 60 publications

(41 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, recent insights [4] into the cost-performance trade-off seem to suggest that things stand somewhat differently. Specifically, at scale, in outsourced contexts, computation inside secure processors is orders of magnitude cheaper than any equivalent cryptographic operation performed on the provider's unsecured common server hardware 1 , despite the overall greater acquisition cost of secure hardware.…”

Section: Overviewmentioning

confidence: 99%

TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality

Bajaj

Sion

2014

IEEE Trans. Knowl. Data Eng.

Self Cite

187

136

View full text Add to dashboard Cite

Abstract-TrustedDB is an outsourced database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints without having to trust the service provider. TrustedDB achieves this by leveraging server-hosted tamper-proof trusted hardware in critical query processing stages.TrustedDB does not limit the query expressiveness of supported queries. And, despite the cost overhead and performance limitations of trusted hardware, the costs per query are orders of magnitude lower than any (existing or) potential future software-only mechanisms. TrustedDB is built and runs on actual hardware, and its performance and costs are evaluated here. I. OVERVIEWOutsourcing has finally arrived, due in no small part to the availability of cheap high speed networks, storage and CPUs. Clients can now minimize their management overheads and virtually eliminate infrastructure costs Virtually all major "cloud" providers today offer a database service of some kind as part of their overall solution. Numerous startups also feature more targeted data management and/or database platforms.Yet, significant challenges lie in the path of large-scale adoption. Such services often require their customers to inherently trust the provider with full access to the outsourced datasets. But numerous instances of illicit insider behavior or data leaks have left clients reluctant to place sensitive data under the control of a remote, third-party provider, without practical assurances of privacy and confidentiality -especially in business, healthcare and government frameworks. And today's privacy guarantees of such services are at best declarative and subject customers to unreasonable fine-print clauses -e.g., allowing the server operator (or malicious attackers gaining access to its systems) to use customer behavior and content for commercial, profiling, or governmental surveillance purposes [5,6].Existing research addresses several such outsourcing security aspects, including access privacy, searches on encrypted data, range queries, and aggregate queries. To achieve privacy, in most of these efforts data is encrypted before outsourcing. Once encrypted however, inherent limitations in the types of primitive operations that can be performed on encrypted data lead to fundamental expressiveness and practicality constraints.Recent theoretical cryptography results provide hope by proving the existence of universal homomorphisms, i.e., encryption mechanisms that allow computation of arbitrary functions without decrypting the inputs [12]. Unfortunately actual instances of such mechanisms seem to be decades away from being practical [7].Ideas have also been proposed to leverage tamper-proof hardware to privately process data server-side, ranging from smartcard deployment [9] in healthcare, to more general database operations [3,8,10].Yet, common wisdom so far has been that trusted hardware is generally impractical due to its performance limitations and higher acquisition costs. As a result, with very few exceptions [9]...

show abstract

Section: Overviewmentioning

confidence: 99%

TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality

Bajaj

Sion

2014

IEEE Trans. Knowl. Data Eng.

Self Cite

187

136

View full text Add to dashboard Cite

show abstract

“…In the world of computing, security and privacy issues are a major concern and cloud computing is no exception to these issues. A study ascertains that securing outsourced data and computation against mistrusted clouds is indeed costlier than the associated savings, with outsourcing mechanisms up to several orders of magnitudes costlier than their no outsourced locally run alternatives [3]. From the view of a broad class of potential users, using cloud is much like trusting the telephone company-or Gmail, or even the post office-to keep communications private.…”

Section: Related Workmentioning

confidence: 99%

Cloud Computing Security Improvement using Diffie Hellman and AES

Malik¹

2015

IJCA

View full text Add to dashboard Cite

Security is often cited as one of the most contentious issues in Cloud computing. It is argued that as the Cloud is intended to handle large amounts of data, attackers can be sure of a high pay-off for their activities.. In addition, to benefit from the Economies of scale, the applications and operating systems are homogenized to a few images restricting the variations of products used within the Cloud. Millions of users are surfing the Cloud for various purposes, therefore they need highly safe and persistent services. The future of cloud, especially in expanding the range of applications, involves a much deeper degree of privacy, and authentication. We propose a simple data protection model where data is encrypted using AES and Authenticated by Diffie Hellman algorithm before it is launched in the cloud, thus ensuring data confidentiality and security.

show abstract

“…In the world of computing, security and privacy issues are a major concern and cloud computing is no exception to these issues. A study ascertains that securing outsourced data and computation against mistrusted clouds is indeed costlier than the associated savings, with outsourcing mechanisms up to several orders of magnitudes costlier than their nonoutsourced locally run alternatives [3]. From the view of a broad class of potential users, using cloud is much like trusting the telephone company-or Gmail, or even the post office-to keep communications private.…”

Section: Proposed Workmentioning

confidence: 99%

Enhancing Cloud Computing Security using AES Algorithm

Sachdev¹,

Bhansali²

2013

IJCA

View full text Add to dashboard Cite

With the tremendous growth of sensitive information on cloud, cloud security is getting more important than even before. The cloud data and services reside in massively scalable data centers and can be accessed everywhere. The growth of the cloud users has unfortunately been accompanied with a growth in malicious activity in the cloud. More and more vulnerabilities are discovered, and nearly every day, new security advisories are published. Millions of users are surfing the Cloud for various purposes, therefore they need highly safe and persistent services. The future of cloud, especially in expanding the range of applications, involves a much deeper degree of privacy, and authentication. We propose a simple data protection model where data is encrypted using Advanced Encryption Standard (AES) before it is launched in the cloud, thus ensuring data confidentiality and security. General TermsCloud Service Provider (CSP)

show abstract

On securing untrusted clouds with cryptography

Cited by 60 publications

References 26 publications

TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality

TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality

Cloud Computing Security Improvement using Diffie Hellman and AES

Enhancing Cloud Computing Security using AES Algorithm

Contact Info

Product

Resources

About