Presentation is loading. Please wait.

Presentation is loading. Please wait.

S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.

Published byDylan Higgins Modified over 9 years ago

Similar presentations

Presentation on theme: "S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI."— Presentation transcript:

1 S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI

2 I NTRODUCTION Cloud computing is a way of computing via the internet that shares computer resources instead of using software or storage on a local computer. Cloud services are becoming more and more important for people’s life People are more or less requested to submit or post some personal private information to the cloud by the internet

3 As people rely more and more on the internet and cloud technology, security of their privacy takes more and more risks. System or network must cache,copy or archive it. People have no knowledge about these copies and can not control them, so these copies may leak their privacy. Data privacy also can be leaked via cloud service provider, hackers intrusion or some legal action

4 V ANISH SYSTEM Sharing and protecting privacy. Secret key is divided and stored in a P2P system with distributed hash table(DHTs). System can maintain secret key. After 8 hours the DHT will refresh every node. Shamir secret sharing algorithm. How long the key can survive is also one of the disadvantages for vanish.

5 SEDAS Based on active storage framework Defines two new modules Self destruct method object that is associated with each secret key part. Survival time parameter for each secret key part User can use this system as a general object storage Focuses on related key distribution algorithm, Shamir’s algorithm

6 To implement a safety destruct with equal divided key. We use an object based storage interface to store and manage the equally divided key. Functionality and security properties.The result demonstrate that SEDAS is practical to use and meets all the privacy preserving goals SEDAS supports security erasing files and random encryption keys stored in a hard disk drive. K EY POINT ON SEDAS

7 D ATA S ELF DESTRUCT The self destructing data system in the cloud environment should meet some requirements How to destruct all the copies of the data simultaneously No explicit delete actions by the user or any third party storing that data. No need to modify any of the stored or archived copies of that data No use of secure hardware but support to complete erase data in HDD

8 S EDAS ARCHITECTURE

9 A CTIVE STORAGE OBJECT An active storage object derives from a user object and has a time-to-live (ttl) value property. The ttl value is used to trigger the self destruct operation. The ttl value of an active storage object is limited Active storage object class are used to manage ttl value

10 S ELF DESTRUCT METHOD OBJECT A self destruct method object is a service method It needs three arguments The lun arguments specifies the device. The pid arguments specifies the partition Object id arguments specifies the object to be destructed

11 D ATA PROCESS To use the SEDAS system user’s application should implement logic of data process and act as a client node. Two different logics Uploading Downloading

12 U PLOADING FILE PROCESS User upload file in storage system and store key in SEDAS system. Specify the file, the key and ttl as arguments for the uploading procedure. Assume data and key read from the file. Key shares generated by Shamir secret sharing algorithm will be used to create active storage object in storage node in the SEDAS system.

13 D OWNLOADING FILE PROCESS Any user can download data stored in the data storage system Data must be decrypted before use The whole logic is implemented in code of user’s application

14 D ATA SECURITY ERASING IN DISK The system pre-specifies a directory in a special area to store sensitive files. Monitor the file allocation table and acquire and maintain a list of all sensitive documents, the logical block address LBA list of sensitive documents appear to increase or decrease the update is sent to the OSD OSD internal synchronization maintains the list of LBA, the LBA data in the list updates.

15 CONCLUSION This introduced a new approach for protecting data privacy from attackers who retroactively obtain through legal or other means. SEDAS causes sensitive information. A proof of concept prototype based on object based storage techniques.

16 R EFRENCES R. Geambasu, T. Kohno, A. Levy and H. M. Levy "Vanish: Increasing data privacy with self-destructing data", Proc. USENIX Security Symp., pp.299 -315 2009 A. Shamir "How to share a secret", Commun. ACM, vol. 22, no. 11, pp.612 -613 1979 S. Wolchok, O. S. Hofmann, N. Heninger, E. W. Felten, J. A. Halderman, C. J. Rossbach, B. Waters and E. Witchel "Defeating vanish with low-cost sybil attacks against large DHEs", Proc. Network and Distributed System Security Symp., 2010 L. Zeng, Z. Shi, S. Xu and D. Feng "Safevanish: An improved data self- destruction for protecting data privacy", Proc. Second Int. Conf. Cloud Computing Technology and Science (CloudCom), pp.521 -528 2010 L. Qin and D. Feng "Active storage framework for object-based storage device", Proc. IEEE 20th Int. Conf. Advanced Information Networking and Applications (AINA), 2006 Y. Zhang and D. Feng "An active storage system for high performance computing", Proc. 22nd Int. Conf. Advanced Information Networking and Applications (AINA), pp.644 -651 2008

17 T HANK Y OU

Download ppt "S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI."

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Cloud Computing EDT 7860. Cloud Computing Overview Cloud Computing can be defined as a network of applications, services, and infrastructure that are.

Cloud Computing EDT Cloud Computing Overview Cloud Computing can be defined as a network of applications, services, and infrastructure that are.
Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar(96608205043) C.Karthik(96608205022) H.Sheik mohideen(96608205046) S.Lakshmi rajan(96608205023)

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )
Full-Datapath Secure Deletion Sarah Diesburg 1. Overview Problem  Current secure deletion methods do not work State of the art  Optimistic system-wide.

Full-Datapath Secure Deletion Sarah Diesburg 1. Overview Problem  Current secure deletion methods do not work State of the art  Optimistic system-wide.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.

Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.
Superdistribution --- The Concept and the Architecture Ryoichi Mori and Masaji Kawahara presented by Ping Xu 1. Introduction to Superdistribution 2. Protect.

Superdistribution --- The Concept and the Architecture Ryoichi Mori and Masaji Kawahara presented by Ping Xu 1. Introduction to Superdistribution 2. Protect.
Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.

Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
OS2-1 Chapter 2 Computer System Structures. OS2-2 Outlines Computer System Operation I/O Structure Storage Structure Storage Hierarchy Hardware Protection.

OS2-1 Chapter 2 Computer System Structures. OS2-2 Outlines Computer System Operation I/O Structure Storage Structure Storage Hierarchy Hardware Protection.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.

Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.

Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
Efficient Proactive Security for Sensitive Data Storage Arun Subbiah Douglas M. Blough School of ECE, Georgia Tech {arun,

Efficient Proactive Security for Sensitive Data Storage Arun Subbiah Douglas M. Blough School of ECE, Georgia Tech {arun,
Secure storage for your data in the Internet! If you have any question, you can contact us on: om.

Secure storage for your data in the Internet! If you have any question, you can contact us on: om.

Similar presentations

Ads by Google