CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks

Similar documents
SDD: A Novel Technique for Enhancing Cloud Security with Self Destructing Data

OBJECT BASED DATA STORAGE SYSTEM FOR CLOUD USING DHT AND TPDSS WITH A SELF-DESTRUCTING DATA

Collusion-Resistant Group Key Management Using Attributebased

Efficient Auditable Access Control Systems for Public Shared Cloud Storage

FADE: A Secure Overlay Cloud Storage System with Access Control and Assured Deletion. Patrick P. C. Lee

P2P Social Networks With Broadcast Encryption Protected Privacy

EFFICIENT DATA SHARING WITH ATTRIBUTE REVOCATION FOR CLOUD STORAGE

Secure Role-Based Access Control on Encrypted Data in Cloud Storage using ARM

AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle

A LTERATURE SURVEY ON REVOCABLE MULTIAUTHORITY CIPHER TEXT-POLICY ATTRIBUTE-BASED ENCRYPTION (CP-ABE) SCHEME FOR CLOUD STORAGE

Clock-Based Proxy Re-encryption Scheme in Unreliable Clouds

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Lecture Embedded System Security Trusted Platform Module

HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES

Distributed Key Management and Cryptographic Agility. Tolga Acar 24 Feb. 2011

SecureDoc Disk Encryption Cryptographic Engine

Session Based Ciphertext Policy Attribute Based Encryption Method for Access Control in Cloud Storage

Attribute-based encryption with encryption and decryption outsourcing

Time-Based Proxy Re-encryption Review

Attribute Based Encryption with Privacy Protection in Clouds

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

A compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems.

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

Privacy Protection on Data Self- Destruction System for Cloud Storage Networks

EgoSecure GmbH. EgoSecure Full Disk Encryption (FDE) Cryptographic Module. FIPS Security Policy

10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms

Time Constrained Datadestruction Using Blowfish Algorithm In Cloud

Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas

Crypto meets Web Security: Certificates and SSL/TLS

Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds

6.857 L17. Secure Processors. Srini Devadas

SECURE DATA ACCESS USING BIOMETRIC RECOGNITION IN CLOUD COMPUTING

Operating Systems. Week 13 Recitation: Exam 3 Preview Review of Exam 3, Spring Paul Krzyzanowski. Rutgers University.

CS 416: Operating Systems Design April 22, 2015

WHITE PAPER. Authentication and Encryption Design

CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure

IMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING

PKI Credentialing Handbook

Firmware Updates for Internet of Things Devices

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Attribute Based Encryption with Privacy Preserving In Clouds

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Session key establishment protocols

Session key establishment protocols

An Efficient Verifiable Multi-Authority Secret Access control scheme in Cloud Storage M.Sreelakshmi & P.Gangadhara

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Security in NVMe Enterprise SSDs

Fortified and Revocable Access Control for Multi- Authority Cloud Storage using CPABE

DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE

Software Security Design Principles + Intro to Crypto

Role-Based Cryptography

Capability based Command Security

ISSN Vol.08,Issue.16, October-2016, Pages:

Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage

Trojan-tolerant Hardware & Supply Chain Security in Practice

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Encrypted Data Deduplication in Cloud Storage

Software Security and Intro to Cryptography

Overview. SSL Cryptography Overview CHAPTER 1

Dolphin Board. FIPS Level 3 Validation. Security Policy. Version a - Dolphin_SecPolicy_000193_v1_3.doc Page 1 of 19 Version 1.

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

Assistant Professor, Dept of CSE, Vasireddy Venkatadri Institute of Technology (VVIT), Nambur (v), Guntur, Andhra Pradesh, India

This Security Policy describes how this module complies with the eleven sections of the Standard:

Architectural Support for Copy and Tamper Resistant Software

Mike Reiter. University of North Carolina at Chapel Hill. Proliferation of mobile devices. Proliferation of security-relevant apps using these

Three Levels of Access Control to Personal Health Records in a Healthcare Cloud

Overview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation

A Cryptographic Analysis of Google s Cloud Service. Cody Jenkins Krystal Carlton ECE 646 Fall 2013

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Introduction and Overview. Why CSCI 454/554?

International Journal of Advance Research in Engineering, Science & Technology

HDD Based Full Disc Encryption

Cloud FastPath: Highly Secure Data Transfer

ARM Security Solutions and Numonyx Authenticated Flash

Key establishment in sensor networks

ROBUST AND ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS WITH DECENTRALIZED ACCESS CONTROL

Certificateless Public Key Cryptography

Security. Alessandro Margara Slides based on previous work by Matteo Migliavacca and Alessandro Sivieri

Plutus: Scalable secure file sharing on untrusted storage

Encryption and Key Management. Arshad Noor, CTO StrongAuth, Inc. Copyright StrongAuth, Inc Version 1.1

A Secure and Dynamic Multi-keyword Ranked Search Scheme over Encrypted Cloud Data

SecurityFirst DataKeep

FIPS Non-Proprietary Security Policy

CS 161 Computer Security

DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems

SECURE CLOUD BACKUP AND RECOVERY

Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing

Qualifying exam: operating systems, 1/6/2014

19.1. Security must consider external environment of the system, and protect it from:

Dyadic Enterprise. Unbound Key Control For Azure Marketplace. The Secure-As-Hardware Software With a Mathematical Proof

Framework Research on Privacy Protection of PHR Owners in Medical Cloud System Based on Aggregation Key Encryption Algorithm

CS 425 / ECE 428 Distributed Systems Fall 2017

Dolphin DCI 1.2. FIPS Level 3 Validation. Non-Proprietary Security Policy. Version 1.0. DOL.TD DRM Page 1 Version 1.0 Doremi Cinema LLC

Oasis: An Active Storage Framework for Object Storage Platform

Research and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen SUN

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library

Encryption. INST 346, Section 0201 April 3, 2018

PROTECTING CONVERSATIONS

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

Transcription:

CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks The material in these slides mainly comes from the paper CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks, Lingfang Zeng; Yang Wang; Dan Feng, 2015 15th IEEE/ACM Intl. Symp. Cluster, Cloud and Grid Computing (CCGrid). Summarized by Adnan Alawneh 1

Outline Introduction Related Work CloudSky System Assumptions CloudSky Threat (Attack) Model Object-Based Storage Device (OSD) CloudSky Architecture Data self-destruction scheme overview Data sharing scheme Implementation Results Conclusion 2

Introduction Don t ever say anything on e-mail or text messaging that you don t want to come back and bite you [1] [1] News 24. Think before you SMS. http://www.news24.com/news24/technology/news/0,,2-13-1443 1541201,00.html, 2004. [2] http://vanish.cs.washington.edu/pubs/usenixsec09-geambasu.pdf [3] https://vanish.cs.washington.edu/ 3

Solution This paper proposes a self-destruction system, named CloudSky, which is able to enforce the security of user privacy over the untrusted cloud in a controllable way. CloudSky exploits a key control mechanism based on the attributebased encryption (ABE) and takes advantage of active storage networks to allow the user to control the subjective life-cycle and the access control polices of the private data whose integrity is ensured by using HMAC to cope with untrusted environments 4

Related Work Vanish Sharing and protecting privacy. Secret key is divided and stored in a P2P system with distributed hash table(dhts). Leverages Shamir s secret sharing algorithm to restore the key. - How long the key can survive! Every 8 hours the DHT will refresh the nodes. [1] https://vanish.cs.washington.edu 5

Related Work Vanish [1] https://vanish.cs.washington.edu 6

Related Work SafeVanish SeDas Plutus Similar to Vanish, prevents hopping attack Adopts active storage object (ASO) to control the deletion of the keys. - ASO has a time-to-live (ttl) value property. - The ttl value is used to trigger the self destruct operation. - A cryptographic file system to enable secure file sharing without placing much trust on the file servers 7

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) [1] http://www.ijser.org/researchpaper%5ccp-abe-based-encryption-for-secured-cloud-storage-access.pdf 8

CloudSky System Assumptions: 1. Time-limited value The encrypted data is only valuable to the user for a limited period of time. 2. Known timeout When a data owner encrypts the data, he/she knows the approximate lifetime that the data could be used. 3. Internet connectivity Users are connected to the cloud by interacting with OSDs. Both users and OSDs have their own unique IDs. 4. Dispensability under attack Rather than risk exposure to an adversary, the data owner prefers the data to be destroyed, even if it is prematurely [1] https://vanish.cs.washington.edu 9

CloudSky Threat (Attack) Model: How to think like an attacker! How to evaluate their goals, and How they might achieve those goals! Key properties of Threat model: 1. Trusted data owners/users. Users with legitimate access to the same files will trust each other. 2. Collusion resilience. The model s data self-destruction scheme to be resilient to collusion attacks If multiple users colludes, they may be able to decrypt a cipher text by combining their attributes even if each of the users cannot decrypt the cipher text alone. [2] 3. Retroactive attacks on privacy. For example, email or SMS subpoenas typically come long after the user sends a particular sensitive email. Therefore, the system defends the user against future attacks against old copies of private data The classes of adversaries we consider include: the user s employer, the user s ISP, the user s web mail provider, and unrelated malicious nodes on the Internet. 4. Compromise resistance. Compromising the storage device does not disclose the users data generated before the storage device is compromised. [1] Roxana Geambasu, Tadayoshi Kohno, Amit Levy, Henry M. Levy, Vanish: Increasing Data Privacy with Self-Destructing Data, In Proc. of the USENIX Security Symposium, Montreal, Canada, pp. 299 315, August 2009. [2] J. Hur and D. K. Noh, Attribute-based access control with efficient revocation in data outsourcing systems, IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214 1221, July 2011. 10

Object-Based Storage Device (OSD) OSD-3 provides four security methods: NOSEC: no security provided CAPKEY the integrity of the capability (command function that a command can request) included in each (command description block) CDB is validated CMDRSP the integrity of the CDB (including capability), status, and sense data for each command is validated. ALLDATA the integrity of all data between an application client and an OBSD in transit is validated 11

CloudSky Architecture The system has the following components: 1- Data owner/user Owner define (time attribute based) access policy encrypt his own data with the policy before storing it generation of key User must satisfy the access policy to access the file 2- Object-based storage devices set of storage nodes, each can authenticate/authorize requests based on the user s certificate and ACL stored on the node ensure that the capability has not been tampered and the request is permissible shares a secrete key with security manager that is refreshed periodically 3- Metadata Server (MDS) includes two managers Security Manager (SM) authorization, metadata maintenance, key management, as well as other information related to access control policies Policy/Storage Manager (P/SM) prepares policy-coordinated capabilities 4- Trusted authority (TA) supplies and controls the encryption key for the encrypted data. It assembles the divided parts of the key from OSDS 12

Data self-destruction scheme overview Lifetime of user data in the cloud 13

Data sharing scheme The data sharing operation can be obtained by the following ABE-based algorithms: Setup (K): This algorithm takes as input a security parameter K and returns the public key PK as well as a system master secret key MK. PK is used by data owners for data encryption key (DEK) encryption. MK is used to generate user secret keys and is known only to the trusted authority. Each user is assigned a set of attributes, an access structure that contains the authorized set of attributes. The authority runs the Setup and Key Generation algorithms to generate system MK, PK, and user secret keys. [1] Data encryption key generation DEKGen(MK, U): This algorithm takes as input the master key MK, and a set of users and it outputs a data encryption key (DEK) for each user. Attribute key generation SKGen(MK, Λ, U): Takes as input the master key MK, a set of attributes, and a set of users and outputs a set of private attribute keys (SK) for each user that identifies with the attributes set. The secrete key SK enables the user to decrypt a message encrypted under an access structure iff the user s set of attributes matches the access structure. Data owners encrypt sensed data DataEncrypt(DEK, D): Using a symmetric key algorithm, e.g., AES, the data encryption algorithm takes as input the data encryption key DEK, and the data D. It outputs a cipher text CD. Encryption DEKEncrypt(PK, DEK, A): A randomized algorithm that takes as input the public key PK, a data encryption key DEK, and an access structure and outputs a cipher text CM such that only a user who possesses a set of attributes that satisfies the access structure will be able to decrypt the DEK message. Decryption DEKDncrypt(CM, SK, K ): Takes as input the cipher text CM which contains an access structure A, a private key SK, and a set of attribute group keys K for a set of attributes. The decryption can be done iff the user s set of attributes matches the access structure and the user s attribute is not revoked. 14

Upload a file 1. data owner needs to select a unique ID, then 2. encrypt the data before uploading it, and finally 3. the owner has to define a set of attributes for encrypting DKE and also an access structure to control the access to the key. Grant user access For a user to have access, s/he needs a unique identity and a private key. The cipher text is sent to the TA when it is encrypted along with the owner s signature and the access structure. The access structure is stored in the system while the cipher text is forwarded to the user where he can decrypt it with his/her private key to accept the access structure, shared key, and system public key. Revoke a user the data owner will Define a minimal set of attributes so the leaving user access structure will not be satisfied and then update them. Next update the secrete keys for all users except for the one to be revoked. Finally re-encrypt all the DEKs for all affected data files. Download a file Obtain the encrypted DEK for the requested file from TA and then call the decryption algorithm. 15

Integrity Check CloudSky saves the HMAC of the data to provide integrity check. This check can be done at either file open stage or read stage. Open Stage: HMAC of file must be saved in metadata and then compared after the file is fully read. Read Stage: System needs to compute HMAC on per-block basis and save it for subsequent comparison CloudSky supports integrity in both stages. Controllable Data Self-Destruction When an owner calls the file upload operation, s/he include the system public key PK, the access structure, and the time-to-live (TTL) for the encrypted file CloudSky achieves data self-destruction by leveraging the capability of the active storage network where it has a time-to-live value property. Active storage object is constructed in CloudSky by using TTL along with the encrypted key shares generated by Shamir s secrete sharing algorithm when the file is uploaded. TTL value is used to calculate the deadline such that (deadline = current time + ttl) which triggers the erasing of the encryption key on disk. 16

Implementation in the implementation The client node is implemented so that it supports two kernel modules Cryptographic Object File System (COFS): compliant with virtual file system (VFS) ISCSI initiator driver: provides iscsi transport to access remote iscsi targets over IP networks MDS executes as a user level process that implements the functionalities of the SM and P/SM, while OSD implements the SCSI OSD command sets which are compliant to the T10-OSD standard specification. OSD includes two kernel modules The Object-Based File System (OBFS) and the iscsi target driver. The iscsi target driver accepts and decapsulates iscsi PDUs from the iscsi initiator driver and presents the decapsulated SCSI OSD commands to OBFS. OBFS processes the SCSI OSD commands and manages the physical storage media. 17

Implementation continued CloudSky uses the crypto API from Linux kernel. The API provides a variety of encryption algorithm, such as AES, MD-5, SHA-1, SHA-2, etc. CloudSky uses the read and write operations provided by Linux. CloudSky safely deletes sensitive data. The global access list on MDS are stored in the form of LDAP directory. The experiments are conducted on 4 to 18 Linux hosts. Each host is connected to a RAID controller that is attached to 7 SATA disks (one for the OS and the rest for data) The performance overhead of CloudSky compared with OSD-3, which complies with T10 OSD- 3 security protocol. 18

Results Authentication and authorization overhead 512 files are used, each of 4KB size two configurations: one store a file in a single OSD, the other strips the file across 10 OSDs CloudSky write op is 1.031 (1 OSD) and 1.021 (10 OSD) times slower than OSD-3 CloudSky read op is 1.026 (1 OSD) and 1.024 (1 OSD) times slower than OSD-3 19

Results Authentication and authorization overhead continued Average Response Time Intensive metadata request on the metadata server and the client nodes. Each server running 20 processes and each sending 100 file creation, 100 file read, and 100 file write request. Read and write requests are cached thus the average response time is much less than it is for create operation. When the number of requests are up to 4000, the capacity of the metadata server is saturated and therefore the average response time is increasing dramatically. 20

Results Throughput and scalability How would the performance degrade under high-bandwidth workload when CloudSky is added to a secure object-based storage system? - Both OSD-3 and CloudSky bandwidth (throughput) increases with the transfer size. 21

Results Throughput and scalability How would the performance degrade under high-bandwidth workload when CloudSky is added to a secure object-based storage system? The aggregate read throughput of all clients for the OSD-3 and CloudSky setups scales linearly with the number of clients/osds, which indicates that the MDS imposes very low overhead on a high-bandwidth workload and is not a bottleneck in the OSD-3 and CloudSky with 22

Results Idle CPU Time The MDS s idle CPU time decreases as the number of clients/osds increases. However, CloudSky imposes additional overhead 23

Results encryption/decryption latency 24

Summary CloudSky integrate the ABE-based algorithms into a data selfdestruction framework, and leverage active storage techniques to achieve the controllability at various levels in an untrusted cloud storage network The introduced overhead of CloudSky is small. Compared to the same system with OSD-3 security 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback