Protocols for Secure Cloud Computing
|
|
- Loren Fowler
- 8 years ago
- Views:
Transcription
1 IBM Research Zurich Christian Cachin 28 September 2010 Protocols for Secure Cloud Computing 2009 IBM Corporation
2 Where is my data?
3 Who runs my computation?
4 IBM Research - Zurich Overview 1.Protecting untrusted storage for a single client 2.Consistency and integrity of storage for multiple clients 3.Proofs of storage 4.Intrusion-tolerance via replication Source If Applicable 4
5 1 Protecting untrusted storage for a single client 5
6 Integrity Protection for Remote Storage App A Trusted Storage consists of n data items x 1,..., x n (entries in list, blocks of file...) Applications access storage via integrity checker Checker uses small trusted memory to store short reference value v (i.e., together with encryption key in meta-data) Integrity checker operations Read item and verify w.r.t. v Write item and update v accordingly
7 Implementing an Integrity Checker Use hash function H to compute v? v = H(x 1... x n ) Infeasible for long files No random access to item Use a secret key with a MAC? Suffers from replay attacks Well-known solution: Hash tree [Merkle 79] Overhead of read/verify and write/update is logarithmic (in n) Recent alternatives Dynamic accumulators [CL02] Overhead of read/verify is constant Incremental hashing [BM97,CDDGS03] Overhead of write/update is constant
8 Hash trees for Integrity Checking [Merkle 79] root H 0 H 1 H 00 H 01 H 10 H 11 Parent node is hash of its children Root hash value commits all data blocks Root hash in trusted memory Tree is on extra untrusted storage x 1 x 2 x 3 x 4 To verify x i, recompute path from x i to root with sibling nodes and compare to trusted root hash Read & write operations need work O(log n) Hash operations Extra storage accesses To update x i, recompute new root hash and nodes along path from x i to root
9 Dynamic Accumulator for Integrity Checking An accumulator is a cryptographic abstraction for collecting data values and checking their presence: Init() (a, k) -- generates authenticator/accumulator value a and key k Add(a, i, x i, k) a' -- adds x i to accumulator at position i Update(a, i, x i, k) a' -- updates accumulator at position i to x i Witness(a, i, x i, k) w -- produces a witness w for presence of x i Verify(a, i, x i, w) yes / no -- checks if witness w is valid and proves that entry x i was added to accumulator at position i Without k, it must be infeasible to forge i', x', w' that verify for given a Impl. with public-key crypto under strong RSA assumption [CL02]: Given an RSA modulus N = P Q (with P, Q safe primes), and r Z N, it is infeasible to find a, b s.t. ab = r mod N Accumulator a containing x 1,..., x n is a = r H(1 x1) H(n xn) mod N Witness for x i in a is w = a 1/H(i xi) mod N Verify that x i is contained in a by checking w H(i xi) = a mod N?
10 Incremental Hashing for Integrity Checking Hash function IH(x 1,..., x n ) on n entries x 1,..., x n that allows updates: Given h = IH(x 1,..., x i,..., x n ) and values x i and x' i, one can compute h' = IH(x 1,..., x' i,..., x n ) in time independent of n. Implementation based on number theory [BM97]: IH(x 1,..., x n ) = H(1 x n ) H(n x n ) mod p for large prime p and ordinary hash function H( )
11 2 Consistency and integrity of storage for multiple clients 11
12 Model Client Client Client Clients: C 1... C n Correct, but may crash Invoke operations on server Do not talk to each other Small trusted memory Server S Normally correct Sometimes faulty (untrusted, Byzantine)
13 Using an [untrusted] service Clients interact with service through operations (request/reply) Clients may digitally sign their requests Server cannot forge reply values But answer with outdated values ("replay attack") But send different values to different clients
14 The problem C 1 C 3 C 1 write(1,x) write(1,u) write(1,t) C 2 write(2,v) read(1) x write(2,w) C 3 read(1) u read(2) w
15 Goals No forged replies But server may cause inconsistency Clients should see only consistent history No inconsistent operation visible Out-of-band communication for detecting server misbehavior When server correct (normal case), clients want strong consistency and strong liveness Linearizability Wait-freedom (cannot always be achieved)
16 Fork-linearizability [MS02, LKMS04, CSS07] C 1 write(1,x) write(1,u) write(1,t) C 2 write(2,v) read(1) x write(2,w) C 3 read(1) u read(2) w w(1,x) w(2,v) w(1,u) r(1) u r(1) xw(2,w) w(1,t) View of C 1 r(2) w View of C 3 View of C 2
17 Fork-linearizability formally A history is fork-linearizable i exists subset i and permutation i of i s.t. All operations of C i are in i ; i is sequential and follows specification; If o i j, then i = j up to o; i preserves real-time order of i.
18 Inefficient protocols Trivial method: Sign the complete history Server sends history with all signatures Client verifies all operations and signatures Client adds its operation and signs new history Message size proportional to system age Use n version vectors [MS02] Communication complexity O(n2) Message size 400MB for 10'000 users
19 More efficient protocol (linear complexity) [CSS07] Client C i stores a version v i Increment at every operation Vector of versions orders operations After every operation, client signs new value and new vector V = v1 v2 v3 Client stores version vector T of last operation Version V of next operation must be V T Signatures must verify
20 Illustration C 2 T = σ t1 t2 t3 [SUBMIT, read, 1] V = v1 v2 v3 X = x1 x2 x3 V T? v2 = t2? verify σ? If not abort. T := V σ' := sign(t) [REPLY, V, σ, x1] [COMMIT, read, T, σ'] V := T σ := σ'
21 Discussion If clients are forked, their versions become incomparable u v w+1? u v+1 w Signatures prevent server from other manipulations O(n)-protocol for emulating fork-linearizable shared memory on Byzantine server Message size 40KB for 10'000 users Increasing concurrency? Here, clients proceed in lock-step mode Extensions of this protocol let all clients operate concurrently
22 Properties of fork-linearizable storage protocol If server correct, then linearizable Correct server schedules ops. in order of arrival If server Byzantine, then admits only fork-linearizable client views From properties of versions Requires waiting Improved versions of this protocol do not require waiting Complexity Three messages Message size O(n), with n clients
23 3 Proofs of storage 23
24 4 Intrusion-tolerance via replication 24
25 Further reading Introduction to Reliable and Secure Distributed Programming C. Cachin, R. Guerraoui, L. Rodrigues 2nd ed. of Introduction to Reliable Distributed Programming To be published by Springer, 2010 More info on 25
26 References (1) [BM97] M. Bellare and D. Micciancio. A new paradigm for collision-free hashing: Incrementality at reduced cost. In Advances in Cryptology: EUROCRYPT '97, vol of Lecture Notes in Computer Science, Springer, [CDDGS03] D. Clarke, S. Devadas, M. van Dijk, B. Gassend, and G. E. Suh. Incremental multiset hash functions and their application to memory integrity checking. In Advances in Cryptology: ASIACRYPT 2003, vol of Lecture Notes in Computer Science, Springer, [CL02] J. Camenisch and A. Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Advances in Cryptology: CRYPTO 2002, vol of Lecture Notes in Computer Science, Springer, [CSS07] C. Cachin, A. Shelat, and A. Shraer. Efficient fork-linearizable access to untrusted shared memory. In Proc. 26th ACM Symp. Principles of Distributed Computing (PODC), [KRS+03] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu. Plutus: Scalable secure file sharing on untrusted storage. In Proc. 2nd USENIX Conference on File and Storage Technologies (FAST 2003), 2003.
27 References (2) [LKMS04] J. Li, M. Krohn, D. Mazières, and D. Shasha. Secure untrusted data repository (SUNDR). In Proc. Symp. Operating Systems Design and Implementation (OSDI), [MS02] D. Mazières and D. Shasha. Building secure file systems out of Byzantine storage. In Proc. 21st ACM Symp. Principles of Distributed Computing (PODC), [PC07] R. Pletka and C. Cachin. Cryptographic security for a high-performance distributed file system. In Proc. 24th Mass Storage Systems and Technologies (MSST), Sept
Protocols for Secure Cloud Computing
IBM Research Zurich Christian Cachin April 2011 Protocols for Secure Cloud Computing 2009 IBM Corporation Where is my data? 1986 2011 Who runs my computation? 1986 2011 Overview 1.Cloud computing and its
More informationCloud Storage Security
IBM Research Zurich Christian Cachin Nov. 2012 Cloud Storage Security 2009 IBM Corporation Overview Cloud computing security Storage security concepts Data encryption Key management Key-management standard
More informationOn Consistency of Encrypted Files
On Consistency of Encrypted Files Alina Oprea Michael K. Reiter March 2005 CMU-CS-06-113 School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 Computer Science Department, Carnegie
More informationIntegrity Protection for Revision Control
Integrity Protection for Revision Control Christian Cachin 1 and Martin Geisler 2 1 IBM Research, Zurich Research Laboratory, Switzerland, cca@zurich.ibm.com 2 Department of Computer Science, University
More informationSheltered Multi-Owner Data distribution For vibrant Groups in the Cloud
Sheltered Multi-Owner Data distribution For vibrant Groups in the Cloud I.sriram murthy 1 N.Jagajeevan 2 II M-Tech student Assistant.Professor Department of computer science & Engineering Department of
More informationProtocols for Secure Cloud Computing (Parts 3 and 4)
School on Applied Cryptographic Protocols 2010 Christian Cachin, IBM Research - Zurich CASED & ECRYPT II www.zurich.ibm.com/ cca/ Protocols for Secure Cloud Computing (Parts 3 and 4) 3 Proofs of storage
More informationAn Efficient Security Based Multi Owner Data Sharing for Un-Trusted Groups Using Broadcast Encryption Techniques in Cloud
An Efficient Security Based Multi Owner Data Sharing for Un-Trusted Groups Using Broadcast Encryption Techniques in Cloud T.Vijayalakshmi 1, Balika J Chelliah 2,S.Alagumani 3 and Dr.J.Jagadeesan 4 1 PG
More informationSecurity in Storage Networks A Current Perspective
Security in Storage Networks A Current Perspective Christian Cachin ZISC Colloquium www.zurich.ibm.com Overview Networked storage systems NAS, SAN, OBS Design options for security
More informationSECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD
Volume 1, Issue 7, PP:, JAN JUL 2015. SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD B ANNAPURNA 1*, G RAVI 2*, 1. II-M.Tech Student, MRCET 2. Assoc. Prof, Dept.
More informationBuilding Secure File Systems out of Byzantine Storage
Building Secure File Systems out of Byzantine Storage David Mazières joint work with Jinyuan Li (implementation) and Dennis Shasha NYU Department of Computer Science Motivation Many people have access
More informationAnalysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud
Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud M.Jayanthi, Assistant Professor, Hod of MCA.E mail: badini_jayanthi@yahoo.co.in MahatmaGandhi University,Nalgonda, INDIA. B.Ranganatha
More informationCryptographic Security Mechanisms for Cloud Computing
IBM Research Zurich Christian Cachin June 2014 Cryptographic Security Mechanisms for Cloud Computing 2009 IBM Corporation Cloud computing Compute Network Storage 2 Cloud computing 3 Cloud computing = IT
More informationPlutus: scalable secure file sharing on untrusted storage
Plutus: scalable secure file sharing on untrusted storage Mahesh Kallahalla HP Labs Joint work with Erik Riedel (Seagate Research), Ram Swaminathan (HP Labs), Qian Wang (Penn State), Kevin Fu (MIT) March
More informationDevelopment of enhanced Third party Auditing Scheme for Secure Cloud Storage
Development of enhanced Third party Auditing Scheme for Secure Cloud Storage Bhanu Prakash Chamakuri*1, D. Srikar*2, Dr. M.Suresh Babu*3 M.Tech Scholar, Dept of CSE, Grandhi Varalakshmi Institute Of Technology,
More informationMANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS
INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS Kanchupati Kondaiah 1, B.Sudhakar 2 1 M.Tech Student, Dept of CSE,
More informationStrong Accumulators from Collision-Resistant Hashing
Strong Accumulators from Collision-Resistant Hashing ISC 2008 Taipei - Taiwan Philippe Camacho (University of Chile Alejandro Hevia (University of Chile Marcos Kiwi (University of Chile Roberto Opazo (CEO
More informationSHARED DATA & INDENTITY PRIVACY PRESERVING IN CLOUD AND PUBLIC AUDITING
SHARED DATA & INDENTITY PRIVACY PRESERVING IN CLOUD AND PUBLIC AUDITING Er. Kavin M 1, Mr.J.Jayavel 2 1 PG Scholar, 2 Teaching Assistant, Department of Information Technology, Anna University Regional
More informationG.J. E.D.T.,Vol.3(1):43-47 (January-February, 2014) ISSN: 2319 7293 SUODY-Preserving Privacy in Sharing Data with Multi-Vendor for Dynamic Groups
SUODY-Preserving Privacy in Sharing Data with Multi-Vendor for Dynamic s T.Vijayalakshmi 1, Balika J Chelliah 2 & R. Jegadeesan 3 1 M.Tech Student, Department of Computer Science and Engineering, S.R.M.
More informationTrusted Public Auditing Process for Secure Cloud Storage
Trusted Public Auditing Process for Secure Cloud Storage K.Adhiyaman 1, A. Jesudoss 2, D.Saravanan 3 1 Final Year MCA, Faculty of Computing, Department of MCA Sathyabama University, Chennai,Tamil Nadu,
More informationA Secure Decentralized Access Control Scheme for Data stored in Clouds
A Secure Decentralized Access Control Scheme for Data stored in Clouds Priyanka Palekar 1, Abhijeet Bharate 2, Nisar Anjum 3 1 SKNSITS, University of Pune 2 SKNSITS, University of Pune 3 SKNSITS, University
More informationAn Efficient Secure Multi Owner Data Sharing for Dynamic Groups in Cloud Computing
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 6, June 2014, pg.730
More informationSecure Cloud Transactions by Performance, Accuracy, and Precision
Secure Cloud Transactions by Performance, Accuracy, and Precision Patil Vaibhav Nivrutti M.Tech Student, ABSTRACT: In distributed transactional database systems deployed over cloud servers, entities cooperate
More informationProof of Freshness: How to efficiently use an online single secure clock to secure shared untrusted memory.
Proof of Freshness: How to efficiently use an online single secure clock to secure shared untrusted memory. Marten van Dijk, Luis F. G. Sarmenta, Charles W. O Donnell, and Srinivas Devadas MIT Computer
More informationSecure Way of Storing Data in Cloud Using Third Party Auditor
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 12, Issue 4 (Jul. - Aug. 2013), PP 69-74 Secure Way of Storing Data in Cloud Using Third Party Auditor 1 Miss.
More informationCapture Resilient ElGamal Signature Protocols
Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department
More informationEnergy Efficiency in Secure and Dynamic Cloud Storage
Energy Efficiency in Secure and Dynamic Cloud Storage Adilet Kachkeev Ertem Esiner Alptekin Küpçü Öznur Özkasap Koç University Department of Computer Science and Engineering, İstanbul, Turkey {akachkeev,eesiner,akupcu,oozkasap}@ku.edu.tr
More information15-2394-3696 RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM
RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM Dhanashri Bamane Vinayak Pottigar Subhash Pingale Department of Computer Science and Engineering SKN
More informationUnity: Secure and Durable Personal Cloud Storage
Unity: Secure and Durable Personal Cloud Storage Beom Heyn Kim Computer Science University of Toronto Toronto, Canada bhkim@toronto.edu Wei Huang Electrical and Computer Engineering University of Toronto
More informationSharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment
Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment Deepa Noorandevarmath 1, Rameshkumar H.K 2, C M Parameshwarappa 3 1 PG Student, Dept of CS&E, STJIT, Ranebennur. Karnataka, India
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationEFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE
EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE Reshma Mary Abraham and P. Sriramya Computer Science Engineering, Saveetha University, Chennai, India E-Mail: reshmamaryabraham@gmail.com
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationIJCSIET-ISSUE5-VOLUME1-SERIES1 Page 1
ENHANCED DATA SECURITY IN CLOUD COMPUTING TO PRESERVING DATA IN CLOUD STOREHOUSE USING THIRD PARTY AUDITOR Dr.M.V. BRAHMANANDA REDDY, PRINCIPAL, MEKAPATI RAJA REDDY INSTITUTE OF TECHNOLOGY & SCIENCE UDAYAGIRI,SPS
More informationISSN 2278-3091. Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability
Outsourcing and Discovering Storage Inconsistencies in Cloud Through TPA Sumathi Karanam 1, GL Varaprasad 2 Student, Department of CSE, QIS College of Engineering and Technology, Ongole, AndhraPradesh,India
More informationEnabling Public Auditing for Secured Data Storage in Cloud Computing
IOSR Journal of Engineering (IOSRJEN) e-issn: 2250-3021, p-issn: 2278-8719 Vol. 3, Issue 5 (May. 2013), V3 PP 01-05 Enabling Public Auditing for Secured Data Storage in Cloud Computing 1 Er.Amandeep Kaur,
More informationData Storage Security in Cloud Computing
Data Storage Security in Cloud Computing Manoj Kokane 1, Premkumar Jain 2, Poonam Sarangdhar 3 1, 2, 3 Government College of Engineering and Research, Awasari, Pune, India Abstract: Cloud computing is
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More informationPlutus Security Paper - A Brief Overview
USENIX Association Proceedings of FAST 03: 2nd USENIX Conference on File and Storage Technologies San Francisco, CA, USA March 31 April 2, 2003 2003 by The USENIX Association All Rights Reserved For more
More informationA Survey on Optimistic Fair Digital Signature Exchange Protocols
A Survey on Optimistic Fair Digital Signature Exchange s Alfin Abraham Vinodh Ewards Harlay Maria Mathew Abstract Security services become crucial to many applications such as e-commerce payment protocols,
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationRemote Data Integrity Checking for Public Clouds
IBM Student Workshop for Frontiers of Cloud Computing 01 Remote Data Integrity Checking for Public Clouds Bo (Irvine) Chen Department of Computer Science New Jersey Institute of Technology joint work with
More informationZQL. a cryptographic compiler for processing private data. George Danezis. Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo
ZQL Work in progress a cryptographic compiler for processing private data George Danezis Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo Microsoft Research and Joint INRIA-MSR Centre Data
More informationStrong Security for Distributed File Systems
Strong Security for Distributed File Systems Ethan Miller Darrell Long William Freeman Benjamin Reed University of California, Santa CruzTRW IBM Research Abstract We have developed a scheme to secure networkattached
More informationA Practical Authentication Scheme for In-Network Programming in Wireless Sensor Networks
A Practical Authentication Scheme for In-Network Programming in Wireless Sensor Networks Ioannis Krontiris Athens Information Technology P.O.Box 68, 19.5 km Markopoulo Ave. GR- 19002, Peania, Athens, Greece
More informationMona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud
Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud Arpitha.K 1,Aawini.T 2,Divya J. 3, Kalyani P 4, Prof. Sudhakar Avareddy 5 1,2,3,4 Department of CSE, BITM Bellary, Karnataka. 5 Department
More informationElectronic Contract Signing without Using Trusted Third Party
Electronic Contract Signing without Using Trusted Third Party Zhiguo Wan 1, Robert H. Deng 2 and David Lee 1 Sim Kim Boon Institute for Financial Economics 1, School of Information Science 2, Singapore
More informationEnhancing Data Security in Cloud Storage Auditing With Key Abstraction
Enhancing Data Security in Cloud Storage Auditing With Key Abstraction 1 Priyadharshni.A, 2 Geo Jenefer.G 1 Master of engineering in computer science, Ponjesly College of Engineering 2 Assistant Professor,
More informationDeveloping and Investigation of a New Technique Combining Message Authentication and Encryption
Developing and Investigation of a New Technique Combining Message Authentication and Encryption Eyas El-Qawasmeh and Saleem Masadeh Computer Science Dept. Jordan University for Science and Technology P.O.
More informationSecret Sharing based on XOR for Efficient Data Recovery in Cloud
Secret Sharing based on XOR for Efficient Data Recovery in Cloud Computing Environment Su-Hyun Kim, Im-Yeong Lee, First Author Division of Computer Software Engineering, Soonchunhyang University, kimsh@sch.ac.kr
More informationHow To Ensure Correctness Of Data In The Cloud
A MECHANICS FOR ASSURING DATA STORAGE SECURITY IN CLOUD COMPUTING 1, 2 Pratibha Gangwar, 3 Mamta Gadoria 1 M. Tech. Scholar, Jayoti Vidyapeeth Women s University, Jaipur, priya25mehta@gmail.com 2 M. Tech.
More informationSECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD
SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD S.REVATHI B.HASEENA M.NOORUL IZZATH PG Student PG Student PG Student II- ME CSE II- ME CSE II- ME CSE Al-Ameen Engineering
More informationThe Reduced Address Space (RAS) for Application Memory Authentication
The Reduced Address Space (RAS) for Application Memory Authentication David Champagne, Reouven Elbaz and Ruby B. Lee Princeton University, USA Introduction Background: TPM, XOM, AEGIS, SP, SecureBlue want
More informationEfficient and Secure Dynamic Auditing Protocol for Integrity Verification In Cloud Storage
Efficient and Secure Dynamic Auditing Protocol for Integrity Verification In Cloud Storage Priyanga.R 1, Maheswari.B 2, Karthik.S 3 PG Scholar, Department of CSE, SNS College of technology, Coimbatore-35,
More informationETH Zurich. Email: stadler@inf.ethz.ch. participants such that only certain groups of them can recover it.
Publicly Veriable Secret Sharing Markus Stadler? Institute for Theoretical Computer Science ETH Zurich CH-8092 Zurich, Switzerland Email: stadler@inf.ethz.ch Abstract. A secret sharing scheme allows to
More informationPlutus: Scalable secure file sharing on untrusted storage
Plutus: Scalable secure file sharing on untrusted storage Mahesh Kallahalla Erik Riedel Ram Swaminathan Qian Wang Kevin Fu Hewlett Packard Labs Palo Alto, CA 94304 Abstract Plutus is a cryptographic storage
More informationImproving data integrity on cloud storage services
International Journal of Engineering Science Invention ISSN (Online): 2319 6734, ISSN (Print): 2319 6726 Volume 2 Issue 2 ǁ February. 2013 ǁ PP.49-55 Improving data integrity on cloud storage services
More informationSecurity in Electronic Payment Systems
Security in Electronic Payment Systems Jan L. Camenisch, Jean-Marc Piveteau, Markus A. Stadler Institute for Theoretical Computer Science, ETH Zurich, CH-8092 Zurich e-mail: {camenisch, stadler}@inf.ethz.ch
More informationData Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System
Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System 1 K.Valli Madhavi A.P vallimb@yahoo.com Mobile: 9866034900 2 R.Tamilkodi A.P tamil_kodiin@yahoo.co.in Mobile:
More informationApplied Cryptography Public Key Algorithms
Applied Cryptography Public Key Algorithms Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1 Public Key Cryptography Independently invented by Whitfield Diffie & Martin
More informationSurveying Cloud Storage Correctness using TPA with BLS
Surveying Cloud Storage Correctness using TPA with BLS Priyanka Dehariya 1, Prof. Shweta Shrivastava 2, Dr. Vineet Richaraya 3 1 M.Tech Scholar (CSE), LNCT, Bhopal 2 Asst.Professors, (CSE Department),
More informationHey! Cross Check on Computation in Cloud
Hey! Cross Check on Computation in Cloud Ajeet Singh Rajput Computer Science and Engineering Department S.D.B.C.T, Mhow Road,Indore,(M.P), India ajeetsinghrajput@gmail.com M.E.(CSE), S.D.B.C.T, Indore
More informationEnabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage
Enabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage Pranita Bakka 1, Dr. Jayashree Agarkhed 2 1 P.G.Student, Department of Computer Science & Engineering,
More informationApplying Cryptography as a Service to Mobile Applications
Applying Cryptography as a Service to Mobile Applications SESSION ID: CSV-F02 Peter Robinson Senior Engineering Manager RSA, The Security Division of EMC Introduction This presentation proposes a Cryptography
More informationCategorical Heuristic for Attribute Based Encryption in the Cloud Server
Categorical Heuristic for Attribute Based Encryption in the Cloud Server R. Brindha 1, R. Rajagopal 2 1( M.E, Dept of CSE, Vivekanandha Institutes of Engineering and Technology for Women, Tiruchengode,
More informationSecure Cloud StorageForPrivacy-Preserving Public Audit
RESEARCH ARTICLE OPEN ACCESS Secure Cloud StorageForPrivacy-Preserving Public Audit ShekhAhamadhusen D., Prof. Rahul Deshmukh Abstract- In Cloud Environment, using cloud storage service, users can remotely
More informationAuthentication Applications
Authentication Applications will consider authentication functions developed to support application-level authentication & digital signatures will consider Kerberos a private-key authentication service
More informationCertifying Program Execution with Secure Processors
Certifying Program Execution with Secure Processors Benjie Chen Robert Morris MIT Laboratory for Computer Science {benjie,rtm}@lcs.mit.edu Abstract Cerium is a trusted computing architecture that protects
More informationIntroduction. Digital Signature
Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology
More informationInternational Journal of Infinite Innovations in Engineering and Technology. ISSN (Online): 2349-2287, ISSN (Print): 2349-2279 2015
SECURED AUDITING SYSTEM FOR CLOUD DATA STORAGE WITH ERROR CORRECTION GUARANTEES 1 S.Sathya, 2 S.Sivakumar 1 Research Scholar, Department of Computer Science & Applications, PGP College of Arts & Science,
More informationEnsuring Data Storage Security in Cloud Computing By IP Address Restriction & Key Authentication
Ensuring Data Storage Security in Cloud Computing By IP Address Restriction & Key Authentication Sanjay Kumar Baghel Mtech Scholar, CSE, CSIT DURG Sanju5878@gmail.com Bhupesh Kumar Dewangan Assistant Professor,CSE,
More informationAttribute-proving for Smart Cards
Attribute-proving for Smart Cards progress made over the past two years ir. Pim Vullers p.vullers@cs.ru.nl Institute for Computing and Information Sciences Digital Security 5th October 2011 Pim Vullers
More informationA New Forward-Secure Digital Signature Scheme
The extended abstract of this work appears Advances in Cryptology Asiacrypt 2000, Tatsuaki Okamoto, editor, Lecture Notes in Computer Science vol. 1976, Springer-Verlag, 2000. c IACR A New Forward-Secure
More informationMerkle Hash Trees for Distributed Audit Logs
Merkle Hash Trees for Distributed Audit Logs Subject proposed by Karthikeyan Bhargavan Karthikeyan.Bhargavan@inria.fr April 7, 2015 Modern distributed systems spread their databases across a large number
More informationBreaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring
Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Eli Biham Dan Boneh Omer Reingold Abstract The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationCryptography and Network Security Chapter 14
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture
More informationRobust and Simple N-Party Entangled Authentication Cloud Storage Protocol Based on Secret Sharing Scheme
Journal of Information Hiding and Multimedia Signal Processing 2013 ISSN 2073-4212 Ubiquitous International Volume 4, Number 2, April 2013 Robust and Simple N-Party Entangled Authentication Cloud Storage
More informationSecure and Efficient Data Retrieval Process based on Hilbert Space Filling Curve
Secure and Efficient Data Retrieval Process based on Hilbert Space Filling Curve N.S. Jeya karthikka PG Scholar Sri Ramakrishna Engg Collg S.Bhaggiaraj Assistant Professor Sri Ramakrishna Engg Collg V.Sumathy
More informationSelective dependable storage services for providing security in cloud computing
Selective dependable storage services for providing security in cloud computing Gade Lakshmi Thirupatamma*1, M.Jayaram*2, R.Pitchaiah*3 M.Tech Scholar, Dept of CSE, UCET, Medikondur, Dist: Guntur, AP,
More informationData storage auditing service in cloud computing: challenges, methods and opportunities
World Wide Web (2012) 15:409 428 DOI 10.1007/s11280-011-0138-0 Data storage auditing service in cloud computing: challenges, methods and opportunities Kan Yang Xiaohua Jia Received: 9 March 2011 / Revised:
More informationA Novel Framework for Cloud Environment Using CPDP for Data Integrity and Security
A Novel Framework for Cloud Environment Using CPDP for Data Integrity and Security V. Narasimha Swamy 1, K. Raja Shekar Reddy 2 1.M. Tech (CSE)., Srinivasa Institute of Technology & Science, Kadapa, Andhra
More informationDYNAMIC SECURE SYSTEM FOR DETECTING AND ELIMINATING FRAUDULENCE IN CLOUD STORAGE
DYNAMIC SECURE SYSTEM FOR DETECTING AND ELIMINATING FRAUDULENCE IN CLOUD STORAGE Kalaivani A 1, Ranjith Kumar M 2, Sabarish M 3, Sai Kishore R 4 Assistant Professor, Dept. of CSE, R.M.K College of Engineering
More informationCloud Data Storage Services Considering Public Audit for Security
Global Journal of Computer Science and Technology Cloud and Distributed Volume 13 Issue 1 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationSecure Cloud Storage and Computing Using Reconfigurable Hardware
Secure Cloud Storage and Computing Using Reconfigurable Hardware Victor Costan, Brandon Cho, Srini Devadas Motivation Computing is more cost-efficient in public clouds but what about security? Cloud Applications
More informationCRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY
SOWMIYA MURTHY: CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE RECOVERY CRYPTOGRAPHIC SECURE CLOUD STORAGE MODEL WITH ANONYMOUS AUTHENTICATION AND AUTOMATIC FILE
More informationCryptanalysis of a Partially Blind Signature Scheme or How to make $100 bills with $1 and $2 ones
Cryptanalysis of a Partially Blind Signature Scheme or How to make $100 bills with $1 and $2 ones Gwenaëlle Martinet 1, Guillaume Poupard 1, and Philippe Sola 2 1 DCSSI Crypto Lab, 51 boulevard de La Tour-Maubourg
More informationCLOUD STORAGE SYSTEM MANAGING SECURE FILE EXCLUSION
INTERNATIONAL JOURNAL OF REVIEWS ON RECENT ELECTRONICS AND COMPUTER SCIENCE CLOUD STORAGE SYSTEM MANAGING SECURE FILE EXCLUSION M.Sreenivasa Reddy 1, B.Sudhakar 2 1 M.Tech Student, Dept of CSE, Mannan
More informationCS252 Project An Encrypted File System using TPM
CS252 Project An Encrypted File System using TPM Steven Houston: shouston@eecs.berkeley.edu Thomas Kho: tkho@eecs.berkeley.edu May 14, 2007 Abstract We implement an encrypted file system that uses a Trusted
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationEnable Public Audit ability for Secure Cloud Storage
Enable Public Audit ability for Secure Cloud Storage Leela Poornima 1, D.Hari Krishna 2 1 Student, Nova College of Engineering and Technology, Ibrahimpatnam,Krishna Dist., Andhra Pradesh, India 2 Assistant
More informationSECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE
International Journal of Computer Network and Security(IJCNS) Vol 7. No.1 2015 Pp. 1-8 gopalax Journals, Singapore available at : www.ijcns.com ISSN: 0975-8283 ----------------------------------------------------------------------------------------------------------------------------------------------------------
More informationUsing Virtualization Technology for Fault- Tolerant Replication in LAN
Using Virtualization Technology for Fault- Tolerant Replication in LAN 1 Fernando Dettoni 1, Lau Cheuk Lung 1, Aldelir Fernando Luiz 2 1 Departamento de Informática e Estatística, Universidade Federal
More informationPublic Key Cryptography in Practice. c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13)
Public Key Cryptography in Practice c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13) How Cryptography is Used in Applications The main drawback of public key cryptography is the inherent
More informationCurrency and Correctness of Content in Object Storage Networks
Currency and Correctness of Content in Object Storage Networks Organization: The Johns Hopkins University 3400 N. Charles St. Baltimore, MD USA 21218 Technical Contacts: Randal Burns 224 New Engineering
More informationErasure correcting to enhance data security in cloud data storage
Erasure correcting to enhance data security in cloud data storage K.Shrividhya Department of computer science- Vels University shrividhya224@gmail.com A.Sajeevram Department of computer science Vels University
More informationSiRiUS: Securing Remote Untrusted Storage
SiRiUS: Securing Remote Untrusted Storage NDSS 2003 Eu-Jin Goh, Hovav Shacham, Nagendra Modadugu, and Dan Boneh Stanford University Introduction Secure network file systems not widespread. Why? 1. Hard
More informationEnabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing
Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing Qian Wang 1, Cong Wang 1, Jin Li 1, Kui Ren 1, and Wenjing Lou 2 1 Illinois Institute of Technology, Chicago IL 60616,
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationAN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS
AN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS Mrs.K.Saranya, M.E.,(CSE), Jay Shriram Group of Institutions, Tirupur. Saranya17113@gmail.com Dr.S.Rajalakshmi, Associate Professor/CSE,
More informationChapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1
Chapter 4 Authentication Applications COSC 490 Network Security Annie Lu 1 OUTLINE Kerberos X.509 Authentication Service COSC 490 Network Security Annie Lu 2 Authentication Applications authentication
More information