Protection of Identity Information in Cloud Computing without Trusted Third Party 作者 :Rohit Ranchal, Bharat Bhargave, Lotfi Ben Othmane, Leszek Lilien,

Slides:

Advertisements

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Advertisements

AUTHENTICATION AND KEY DISTRIBUTION

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Akshat Sharma Samarth Shah

Operating System Security

Secure Evaluation of Multivariate Polynomials

Secure Multiparty Computations on Bitcoin

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, © Ravi Sandhu World-Leading Research.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.

Public Key Management and X.509 Certificates

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer.

A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Using Digital Credentials On The World-Wide Web M. Winslett.

On The Cryptographic Applications of Random Functions Oded Goldreich Shafi Goldwasser Silvio Micali Advances in Cryptology-CRYPTO ‘ 84 報告人 : 陳昱升.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

PRIAM: PRivate Information Access Management on Outsourced Storage Service Providers Mark Shaneck Karthikeyan Mahadevan Jeff Yongdae Kim.

Understanding Security Lesson 6. Objective Domain Matrix Skills/ConceptsMTA Exam Objectives Understanding the System.Security Namespace Understand the.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

Bob can sign a message using a digital signature generation algorithm

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2

Privacy Preserving Query Processing in Cloud Computing Wen Jie

An Efficient Identity-based Cryptosystem for

Selective and Authentic Third-Party distribution of XML Documents - Yashaswini Harsha Kumar - Netaji Mandava (Oct 16 th 2006)

1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!

Privacy and Identity Management in Cloud

10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.

General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.

Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer.

Shib-Grid Integrated Authorization (Shintau) George Inman (University of Kent) TF-EMC2 Meeting Prague, 5 th September 2007.

Cryptography, Authentication and Digital Signatures

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

Identity-Based Secure Distributed Data Storage Schemes.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.

Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Collusion-Resistant Group Key Management Using Attribute-

Slide 1 © 2004 Reactivity The Gap Between Reliability and Security Eric Gravengaard Reactivity.

Public Key Encryption with keyword Search Author: Dan Boneh Rafail Ostroversity Giovanni Di Crescenzo Giuseppe Persiano Presenter: 陳昱圻.

1 Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM LNCS, vol.

Digital Signatures, Message Digest and Authentication Week-9.

CS555Topic 251 Cryptography CS 555 Topic 25: Quantum Crpytography.

Identity based signature schemes by using pairings Parshuram Budhathoki Department of Mathematical Science FAU 02/21/2013 Cyber Security Seminar, FAU.

A new provably secure certificateless short signature scheme Authors: K.Y. Choi, J.H. Park, D.H. Lee Source: Comput. Math. Appl. (IF:1.472) Vol. 61, 2011,

Software Security Seminar - 1 Chapter 4. Intermediate Protocols 발표자 : 이장원 Applied Cryptography.

Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.

Understanding Security

SDSM IN MOBILE CLOUD COMPUTING By- ID NO-1069 K.C. SHARMILAADEVI Sethu Institute Of Tech IV year-ECE Department CEC Batch: AUG 2012.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

Application of Active Bundles Bharat Bhargava. A. Identity Management (IDM) Service-Oriented Architecture (SOA) IDM in traditional application-centric.

Multi-Party Computation r n parties: P 1,…,P n  P i has input s i  Parties want to compute f(s 1,…,s n ) together  P i doesn’t want any information.

Shucheng Yu, Cong Wang, Kui Ren,

Privacy and Identity Management in Cloud

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Kriti shreshtha.

Secure Diffie-Hellman Algorithm

Presentation transcript:

Protection of Identity Information in Cloud Computing without Trusted Third Party 作者 :Rohit Ranchal, Bharat Bhargave, Lotfi Ben Othmane, Leszek Lilien, Anya Kim, Myong Kang, Mark Linderman IEEE International Symposium on Reliable Distributed System 報告日期 :12.13 報告者 : 許睿中

Outline Introduction Relate works Select research problems Proposed schemes ◦ Multi-party computing ◦ Predicate encryption scheme ◦ Active Bundle Scheme Conclusions

Introductions In cloud computing, entities may have multi accounts associate with a single or multi service provider(SP). Share sensitive identity information(Personal identifiable information or PII) along with associated attributes of the same entity across services can be lead to mapping of the identity to the entity, tantamount to privacy loss.

Introductions Identity management(IDM) is one of the core components in cloud privacy and security and can help alleviate some of the problems associated with cloud computing. To used a cloud service, a user need to authenticate herself to it. The user has to give away some private information, which uniquely identifies the user to SP. That is user’s PII(Personal identifiable information).

Introductions Obtaining the user’s PII gives some assurance to SPs about the user’s identity, which helps SP to decide whether to permit to its service or not. The propose of an IDM system is to decide upon the disclosure of this information in a secure manner. The main problem for Bob is to decide which portion of his PII should he disclose, and how do disclose it in a secure way.

Relate works Different solutions use different ways of sending user’s PII for negotiation with the SPs. The common ways are: ◦ Use of a Trusted Third Party(TTP). The major issue with such approach in cloud computing are:  (a) TTP could be a cloud service, so SP could be TTP ; therefore, TTP may not be an independent trusted entity anymore.  (b) Using a single TTP.

Relate works Different solutions use different ways of sending user’s PII for negotiation with the SPs. The common ways are: ◦ Prohibiting untrusted host. A client application holding PII must be executed on trusted host to prevent malicious host from accessing PII.

Select Research Problems Authenticating without disclosing PII ◦ When a user sends PII to authenticate for a service, the user may encrypt it. However, PII is decrypted before an SP uses it. As soon as PII is decrypted, it becomes prone to attacks. Using services on untrusted host ◦ The available IDM solutions require user to execute IDM from a trusted host. They do not recommend using IDM on untrusted hosts, such as public host

Proposed scheme The goal in the paper is to assure that IDM does not use TTP for verifying credentials. This implies that IDM could use TTPs for other purpose, such as the use of a TTP by IDM for management of decryption key.

Proposed scheme Proposed an approach for IDM in cloud computing that: ◦ Does not require TTPS  This is achieved through the use of multi-party computing, in which secret are split into shares distributed to different hosts.

Proposed scheme Proposed an approach for IDM in cloud computing that: ◦ Can be used for an untrusted or unknown hosts  This is achieved though the use of the active bundle scheme. An active bundle has a self-integrity check mechanism, which triggers apoptosis(a complete self- destruction) or evaporation(a partial self-destruction) when the check fails.

Proposed scheme Proposed an approach for IDM in cloud computing that: ◦ Uses encrypted data when negotiating the use of PII for authentication to services in cloud computing  This is achieved by using predicate over encrypted data.

Multi-party computing Threshold secret sharing ◦ First, a secret data item D is divided into n shares D 1, D 2, …, D n, then a threshold k is chosen, so that:  To recover D, k or more of arbitrary D i ’s are required.  Using any k-1 or fewer D i ’s leaves D completely undetermined.

A function f using secret input from all the party. Involves n party, which calculate only partial function output. One of the player is selected as the dealer(DLR), and is provide the partial function outputs to find out the full results of function computation. Let f be a linear function of degree n known to each of the n party, and t be an arbitrary threshold value, and P i denote Party i, and x i denote the secret input of P i for f. Multi-party computing

Let a 1, a 2, …,a n be distinct non-zero elements in the domain of f. Player P i is assigned the point a i. DLR will receive from the n parties the partial outputs of f calculated by the n parties using their respective secret inputs x 1, x 2,…, x n. Each party P i generates a polynomial h i of degree t such that h i (0)=x i Multi-party computing

Each party P i send to each P j one s i,j =h i (a j ) of P j ’s input. Then, each P i computes a portion of function f using share s i,j of the input that it has or received from n-1 other parties.

Predicate encryption scheme Predicate encryption scheme allows evaluating predicate with encrypted data. ◦ For example, Alice can compute the predicate using encrypted data. ◦ Alice uses a Setup algorithm scheme that generate a public key PK and a secret key MSK. 1.Setup PK,MSK 2.Encrypt(PK,PII) CT 3.KeyGen(PK,MSK,p) TK P 4.Query(PK,CT,TKp) p(PII)

Predicate encryption scheme Predicate encryption scheme allows evaluating predicate with encrypted data. ◦ For example, Alice can compute the predicate using encrypted data. ◦ Alice uses PK to encrypt her PII and gets ciphertext CT. 1.Setup PK,MSK 2.Encrypt(PK,PII) CT 3.KeyGen(PK,MSK,p) TK P 4.Query(PK,CT,TKp) p(PII)

Predicate encryption scheme Predicate encryption scheme allows evaluating predicate with encrypted data. ◦ For example, Alice can compute the predicate using encrypted data. ◦ Alice has the function p representing a predicate that she wishes to evaluate for her CT. ◦ She uses the KeyGen algorithm, PK,MAK and p to output the token TK P. 1.Setup PK,MSK 2.Encrypt(PK,PII) CT 3.KeyGen(PK,MSK,p) TK P 4.Query(PK,CT, TK P ) p(PII)

Predicate encryption scheme Predicate encryption scheme allows evaluating predicate with encrypted data. ◦ For example, Alice can compute the predicate using encrypted data. ◦ She gives TK P to the host that evaluates the token for CT, and returns the result p(PII) to Alice. 1.Setup PK,MSK 2.Encrypt(PK,PII) CT 3.KeyGen(PK,MSK,p) TK P 4.Query(PK,CT, TK P ) p(PII)

Proposed schemes An owner O encrypts PII using algorithm Encrypt and O’s public key PK. Encrypt outputs CT-the encrypted PII. The secret key MSK is spilt between n parties. SP transform his request for PII to a predicate represented by function P. SP send share of p to the n parties who hold the shares of MSK.

Proposed schemes The n parties execute together KeyGen using PK, MSK, and P and return TK P to SP. SP call the algorithm Query that take as input PK, CT, TK P and produces p(PII) which is evaluation of the predicate. The owner O is allow to use the service only when the predicate evaluate to “true”.

Include: ◦ Identity data:  Data used for authentication, getting service, using service  The data are encrypted ◦ Metadata : Describe active bundle and its privacy policy  (a) integrity check metadata  (b) access control metadata  (c) dissemination control metadata Active Bundle Scheme

Includes: ◦ Virtual machine(VM):manages and controls the program code enclosed in a bundle.  Enforcing bundle access control policies through apoptosis, evaporation  Enforcing bundle dissemination policies  Validate bundle integrity ◦ Disclosure policy:  A set of rule for choosing which identity data to disclose

Active Bundle Scheme Active bundle send from a source host to the destination. An active bundle ascertain the host’s trust level through a TTP. Using its disclosure policy, it decides whether the host may be eligible to access all or part of bundle’s data, and which portion of sensitive data can be revealed to it.

Active Bundle Scheme The remaining data may be evaporated as specified in the access control polies, protecting the data. An active bundle may realize its security is about to be compromised. ◦ It may discover that its self-integrity check fail ◦ Or the trust level of its host is to low The active bundle may choose to apoptosize, that is perform atomically a clean self-destruction.

Active Bundle Scheme

Conclusions It is very likely that user end up having multiple identities in multiple service providers security repositories, as well as multiple credential and multiple access permissions for different services provided by different SPs. There is a strong need for an efficient and effective privacy-preserving system that is independent of TTPs, able to unambiguously identify users that can be trusted.