Presentation is loading. Please wait.

Presentation is loading. Please wait.

Xiaohua Jia Shen Zhen Graduate School Harbin Institute of Technology Data Security for Cloud Storage Systems 1.

Published byMaud Jordan Modified over 8 years ago

Similar presentations

Presentation on theme: "Xiaohua Jia Shen Zhen Graduate School Harbin Institute of Technology Data Security for Cloud Storage Systems 1."— Presentation transcript:

1 Xiaohua Jia Shen Zhen Graduate School Harbin Institute of Technology Data Security for Cloud Storage Systems 1

2 Outline Dept. of Computer Science City University of Hong Kong 2  Cloud Storage Systems  Auditing as a Service  Access Control as a Service

3 Cloud Storage Systems Dept. of Computer Science City University of Hong Kong 3

4 Cloud Storage Systems – data owners  A model of online storage Dept. of Computer Science City University of Hong Kong 4 Cloud Service Providers Operate large data centers Virtualize storage pools Data Owners Buy or rent storage in a pay-as-you-go model Data stored in virtual storage

5 Cloud Storage Systems - users Dept. of Computer Science City University of Hong Kong 5 Owners Users  Separation of data ownership and service provider Users can access data from anywhere and at anytime

6 Security Challenges Cloud Servers are not fully trustable:  Data Integrity Data could be corrupted or even deleted in the cloud.  Data Access control Data may be given access to unauthorized users. Dept. of Computer Science City University of Hong Kong 6

7 Data Integrity Auditing as a Service Dept. of Computer Science City University of Hong Kong 7

8 Auditing as a Service Checking On Retrieval is not adequate:  Not sufficient: random sampling cannot cover large size of data  Not convenient: overhead is too high Dept. of Computer Science City University of Hong Kong 8 Auditing as a Service  A service to check the cloud data integrity  Conducted by a Third Party Auditor

9 Why Third Party Auditing? Dept. of Computer Science City University of Hong Kong 9 A third party auditor can  Provide unbiased auditing results  Benefit for both data owners and service providers  Data Owners – be ensured data integrity  Service Providers – Build good reputation  Able to do a good job efficiently  Professional Expertise  Computing Capabilities

10 Research Issues  Privacy Preservation  Keep the data confidential against the auditor  Dynamic Auditing  Allow dynamic updates of data in the cloud  Batch Auditing  Combine multiple auditing tasks together to improve efficiency Dept. of Computer Science City University of Hong Kong 10

11 Architecture of 3 rd Party Auditing Initialization: Data owner sends 1) encrypted data & verification tags to server, and 2) data index to auditor  Challenge: Auditor sends Challenge to cloud server  Proof: Server responses with Proof  Verification: Auditor verifies correctness of the Proof Dept. of Computer Science City University of Hong Kong 11 Auditor Owners Cloud Servers

12 An Auditing Algorithm  Initialization  Data Segmentation – Improve Efficiency  Homomorphic Tag – Batch Auditing Dept. of Computer Science City University of Hong Kong 12 m m1m1 mimi mnmn mimi m i1 m ij …… m il …… Divide m into n blocks Split m i into l sectors System Parameters: G 1, G 2, G T : multiplicative groups with the same prime order p e: pairing operation maps a pair of points from G 1 and G 2 to a point in G T g 1 : generator of G 1 ; g 2 : generator of G 2

13 Initialization (cont’d) Dept. of Computer Science City University of Hong Kong 13 m m1m1 mimi mnmn mimi m i1 m ij …… m il …… abstract information of m: FID, # of blocks, index table, etc. Cloud Servers Auditor t i = (h(sk h, FID||i)Π j=1->l g 1 x j m ij ) sk t sk t : secret tag key kept by owner sk h : secret hash key shared with auditor g 2 skt : public tag key shared with auditor g 1 xj : random key shared with the cloud

14 Sampling Auditing  Challenge from auditor: C = ({i, v i } i  Q, R = (g 2 sk t ) r )  Proof by Cloud: P = (DP, TP)  Data Proof: DP = Π j=1->l e(g 1 x j, R) MP j where MP j = Σ i  Q v i m ij  Tag Proof: TP = Π i  Q t i v i Dept. of Computer Science City University of Hong Kong 14 m1m1 m 11 m 1j m1lm1l …… mimi m i1 m ij m il …… mqmq m q1 m qj m ql …… MP 1 MP j MP l

15 Sampling Auditing  Challenge from auditor : C = ({i, v i } i  Q, R = (g 2 sk t ) r )  Proof by Cloud: P = (DP, TP)  Data Proof: DP = Π j=1->l e(g 1 x j, R) MP j where MP j = Σ i  Q v i m ij  Tag Proof: TP = Π i  Q t i v i  Verification by auditor: H chal = Σ i  Q h(sk h, FID||i) rv i DP·e(H chal, g 2 sk t ) = e(TP, g 2 r ) Dept. of Computer Science City University of Hong Kong 15 ?

16 References  Kan Yang and Xiaohua Jia. “Security for Cloud Storage Systems”, Springer 2014, ISBN 978-1-4614-7872-0.  Kan Yang and Xiaohua Jia. “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing”. IEEE Trans. on Parallel and Distributed Systems (TPDS), Vol 24, Issue 9, September 2013.  Kan Yang and Xiaohua Jia. “Data Storage Auditing Service in Cloud Computing: Challenges, Methods and Opportunities”. World Wide Web, Vol 15, Issue 4, July 2012. Dept. of Computer Science City University of Hong Kong 16

17 Data Access Control Access Control as a Service Dept. of Computer Science City University of Hong Kong 17

18 Dept. of Computer Science City University of Hong Kong 18 Access Control as a Service Data stored in server is encrypted.  Encryption-based Access Control  Each authorized user receives a secret key  Users can decrypt ciphertext by their secret keys SK User Owner

19 Dept. of Computer Science City University of Hong Kong 19 Difficulties in Key Distribution  Asymmetric Key Encryption (users pub-key for encryption)  Multi-copies of encrypted data for difference users  Symmetric Key Encryption  Difficulties in key distribution

20 A Wish-list for Encryption-based Access Control  Key management is scalable  No need of online trusted server for access control  Expressive access control polices Dept. of Computer Science City University of Hong Kong 20 Attribute-Based Encryption (ABE) is a promising direction to go!

21 Ciphertext-Policy Attribute-Based Encryption (CP-ABE)  Data are encrypted by the access policy  Secret keys are associated with attributes  Attributes are mathematically incorporated into the key Dept. of Computer Science City University of Hong Kong 21 (CS AND PhD) OR Prof OR AND CS PhD Prof {EE, Prof} Alice SK Bob {CS, PhD}

22  Ciphertext can be decrypted iff attributes in the key satisfy the access policy Dept. of Computer Science City University of Hong Kong 22 Ciphertext-Policy Attribute-Based Encryption (CP-ABE) No 3 rd party evaluates the policy and makes access decision (server is excluded) Policy checking is embedded in cryptography {EE, Prof} (CS AND PhD) OR Prof Satisfies Alice

23 Attribute-Based Access Control (ABAC) Dept. of Computer Science City University of Hong Kong 23 PK MSK SK Bob : “CS Dept.” “Professor” SK Kevin : “CS Dept.” “Master” OR Professor AND CS Dept.PhD     Authority Owner

24 Advantages of ABAC  Access policy is defined by owners  Access policy is enforced by the cryptography  nobody explicitly evaluates the policies and makes an access decision  Only one copy of ciphertext is generated for each file Dept. of Computer Science City University of Hong Kong 24

25 Basic Construction  G: multiplicative group of prime order p.  Intuitive Hardness Discrete Log: Given: g, g a Hard to find: a  Bilinear map e: G  G  G T Def: An admissible bilinear map e: G  G  G T is: – Non-degenerate: g generates G  e(g, g) generates G T. – Bilinear: e(g a, g b ) = (e(g,g)) ab  a,b  Z p, g  G – Efficiently computable Dept. of Computer Science City University of Hong Kong 25

26 CP-ABE Algorithms Dept. of Computer Science City University of Hong Kong 26 Setup(λ) -> MSK, PK PK MSK Encrypt(PK,M, Access policy) -> CT KeyGen(MSK, Attrs.) -> SK “CS Dept.” “PhD” SK Decrypt(SK, CT) -> M “CS Dept.” “PhD” SK OR Professor AND CS Dept. PhD OR Professor AND CS Dept. PhD

27 System Setup Dept. of Computer Science City University of Hong Kong 27 PK = ( g, g b, e(g, g) a, H: {0,1} *  G ) MSK = a MSK Public Key Authority a, b  R Z P

28 Secret Key Generation Dept. of Computer Science City University of Hong Kong 28 Authority Authority issues secret keys for users who have attributes Bob Alice Charlie “CS Dept.” “Professor” “CS Dept.” “Master” “EE Dept.” “PhD”

29 Collusion Attack Dept. of Computer Science City University of Hong Kong 29  Users may collude to decrypt data by combining their attributes “EE Dept.” “PhD” Charlie Bob “CS Dept.” “Master” OR AND CS Dept. PhD Prof 

30 Prevent Collusion Attack Dept. of Computer Science City University of Hong Kong 30 SK = ( g a+bt, g t, H(“Master”) t, H(“CS Dept.”) t, H(“TA”) t ) t: random number in Z p. It ties components in SK together Authority MSK = a Bob has attributes: {“Master”, “CS Dept.”, “TA”} Personalization! Collusion Resistance

31 Key Personalization Dept. of Computer Science City University of Hong Kong 31 Bob: “CS Dept.” … Charlie: “PhD” … Random t Random t’ Components are incompatible g a+bt, g t, H(“CS Dept.”) t, g a+bt’, g t’, H(“PhD”) t’ SK

32 Data Encryption Dept. of Computer Science City University of Hong Kong 32 M Given M and policy, owner generates a random secret s OR AND CS Dept. PhD Prof s s s 3 =rs 2 =s-r s 1 =s Data Owner OR Professor AND CS Dept. PhD Ciphertext: CT = ( M e(g,g) as, g s, C 1 = (g bs 1 H(“Prof”) r 1, g r 1 ), C 2 = (g bs 2 H(“PhD”) r 2, C 3 = (g bs 3 H(“CS Dept.”) r 3, g r 3 ) ). PK = ( g, g b, e(g, g) a, H: {0,1} *  G )

33 Data Decryption Dept. of Computer Science City University of Hong Kong 33 Ciphertext CT Secret Key SK CT = ( M  e(g,g) as, g s, C 1 = (g bs 1 H(“Prof”) r 1, g r 1 ), C 2 = (g bs 2 H(“PhD”) r 2, g r 2 ), C 3 = (g bs 3 H(“CS Dept.”) r 3, g r 3 ) ) SK = ( g a+bt, g t, H(“Prof”) t, H(“PhD”) t, H(“CS Dept.”) t ) e(g,g) bts = e(g bs 1 H(“Prof”) r 1, g t ) e(g r 1, H(“Prof”) t ) e(g a+bt, g s ) = e(g,g) as e(g,g) bts “ Prof ” “PhD” AND “CS Dept.” OR = e(g,g) bts 2 e(g,g) bts 3 = e(g,g) bts e(g bs 2 H(“PhD”) r 2, g t ) e(g r 2, H(“PhD”) t ) e(g bs 3 H(“CS Dept.”) r3, g t ) e(g r 3, H(“CS Dept.”) t ).

34 Research Challenges Dept. of Computer Science City University of Hong Kong 34  Multiple Authorities Bob: “CS dept.” Kevin: “manager” AND CS dept. OR managermarketing Authority in CityU Authority in Google

35 Research Challenges Dept. of Computer Science City University of Hong Kong 35  Attribution Revocation  Prevent revoked users from decrypting new ciphertexts  Guarantee new users to decrypt previous ciphertexts  Decryption Efficiency  Mobile Devices  Policy Hidden K Yang, X Jia, K Ren, R Xie and L Huang. “Enabling Efficient Access Control with Dynamic Policy Updating for Big Data in the Cloud”, INFOCOM’14. K Yang, X Jia, K Ren and B Zhang. “DAC-MACS: Effective Data Access Control for Multi- Authority Cloud Storage Systems”, INFOCOM’13, extended version in IEEE Trans on Information Forensics and Security 8(11), 2013. K Yang and X Jia. “Attributed-based Access Control for Multi-authority Systems in Cloud Storage,” ICDCS’12.

36 Summary  Cloud server is not fully trusted by data owners  Data Integrity  Auditing as a Service  Data Access Control  Access Control as a Service Dept. of Computer Science City University of Hong Kong 36

37 Q&A Thank You! Dept. of Computer Science City University of Hong Kong 37

Download ppt "Xiaohua Jia Shen Zhen Graduate School Harbin Institute of Technology Data Security for Cloud Storage Systems 1."

Similar presentations

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar(96608205043) C.Karthik(96608205022) H.Sheik mohideen(96608205046) S.Lakshmi rajan(96608205023)

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Scalable Secure Bidirectional Group Communication Yitao Duan and John Canny Berkeley Institute of Design Computer Science.

Scalable Secure Bidirectional Group Communication Yitao Duan and John Canny Berkeley Institute of Design Computer Science.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
PRIAM: PRivate Information Access Management on Outsourced Storage Service Providers Mark Shaneck Karthikeyan Mahadevan Jeff Yongdae Kim.

PRIAM: PRivate Information Access Management on Outsourced Storage Service Providers Mark Shaneck Karthikeyan Mahadevan Jeff Yongdae Kim.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Cloud Usability Framework

Cloud Usability Framework
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Key Management in Cryptography

Key Management in Cryptography

Similar presentations

Ads by Google