CS573 Data privacy and security in the cloud Slide credits: Ragib Hasan, Johns Hopkins University
What is Cloud Computing? Let s hear from the experts 2
What is Cloud Computing? The infinite wisdom of the crowds (via Google Suggest) 3
What is Cloud Computing? We ve redefined Cloud Computing to include everything that we already do.... I don t understand what we would do differently in the light of Cloud Computing other than change the wording of some of our ads. Larry Ellison, founder of Oracle 4
What is Cloud Computing? It s stupidity. It s worse than stupidity: it s a marketing hype campaign Richard Stallman GNU 5
What is Cloud Computing? Cloud Computing will become a focal point of our work in security. I m optimistic Ron Rivest The Rof RSA 6
So, What really is Cloud Computing? Cloud computing is a new computing paradigm, involving data and/or computation outsourcing, with Infinite and elastic resource scalability On demand just-in-time provisioning No upfront cost pay-as-you-go That is, use as much or as less you need, use only when you want, and pay only what you use, 7
The realstory Computing Utility holy grail of computer science in the 1960s. Code name: MULTICS Why it failed? Ahead of time lack of communication tech. (In other words, there was NO (public) Internet) And personal computer became cheaper and stronger 8
The realstory Mid to late 90s, Grid computing was proposed to link and share computing resources 9
The realstory continued Post-dot-com bust, big companies ended up with large data centers, with low utilization Solution:Throw in virtualization technology, and sell the excess computing power And thus, Cloud Computingwas born 10
Cloud computing means selling X as a service IaaS:Infrastructure as a Service Selling virtualized hardware PaaS: Platform as a service Access to a configurable platform/api SaaS: Software as a service Software that runs on top of a cloud 11
Cloud computing architecture e.g., Web browser SaaS, e.g., Google Docs PaaS, e.g., Google AppEngine IaaS, e.g., Amazon EC2 12
So, if cloud computing is so great, why aren t everyone doing it? Clouds are stillsubject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks 13
Companies are still afraidto use clouds [Chow09ccsw] 14
Anatomy of fear Confidentiality Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control over data) Will the cloud provider itself be honest and won t peek into the data? 15
Anatomy of fear Integrity How do I know that the cloud provider is doing the computations correctly? How do I ensure that the cloud provider really stored my data without tampering with it? 16
Anatomy of fear Availability Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? What happens if cloud provider goes out of business? 17
Anatomy of fear Privacy issuesraised via massive data mining Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients 18
Anatomy of fear Increased attack surface Entity outside the organization now stores and computes data, and so Attackers can now target the communication link between cloud provider and client Cloud provider employees can be phished 19
Anatomy of fear Legalquagmire and transitive trustissues Who is responsible for complying with regulations (e.g., SOX, HIPAA, GLBA)? If cloud provider subcontracts to third party clouds, will the data still be secure? 1/31/2011 en.600.412 Spring 2011 20
What we need is to Adapt well known techniques for resolving some cloud security issues Perform new research and innovate to make clouds secure 1/31/2011 en.600.412 Spring 2011 21
Traditional systems security vs Cloud Computing Security Securing a traditional system Securing a cloud 22
Traditional systems security vs Cloud Computing Security Analogy Securing a house Securing a motel Owner and user are often the same entity Owner and users are almost invariably distinct entities 23
Traditional systems security vs Cloud Computing Security Securing a house Securing a motel Biggest user concerns Securing perimeter Checking for intruders Securing assets Biggest user concern Securing room against (the bad guy in next room hotel owner) 24
Data Privacy and Security in Cloud: Overview Novel attacks Trustworthy cloud architectures Data integrity and availability Computation integrity Data and computation privacy Data forensics Misbehavior detection Malicious use of clouds 25
Co-tenancy in clouds creates new attack vectors A cloud is shared by multiple users Malicious users can now legallybe in the same infrastructure Misusing co-tenancy, attackers can launch side channel attacks on victims Research question:how to prevent attackers from exploiting co-tenancy in attacking the infrastructure and/or other clients? Example: the Topology attack on Amazon EC2 ( Hey You! Get off of my Cloud CCS 2009) 26
Today s cloud architectures act like big black boxes Clients have no idea of or control over what is happening inside the cloud Clients are forced to trust cloud providers completely Research Question:How do we design cloud computing architectures that are semi-transparent and provide clients with control over security? Existing Approaches: TCCP (uses TPM), CloudProof 27
Today s clouds provide no guarantee about outsourced data Amazon s Terms of services 28
Today s clouds provide no guarantee about outsourced data Problem: Dishonest cloud providers can throw data away or lose data. Malicious intruders can delete or tamper with data. Clients need reassurance that the outsourced data is available, has not been tampered with, and remains confidential. Research Question: How can clients get assurance/proofs that the cloud provider is actually storing data, is not tampering with data, and can make the data available on-demand? Example Approaches: Provable Data Possession (PDP), Proof of Retrievability(PoR), HAIL 29
Ensuring confidentialityof data in outsourced computation is difficult Most type of computations require decrypting data before any computations If the cloud provider is not trusted, this may result in breach of confidentiality Research Question: How can we ensure confidentiality of data and computations in a cloud? Existing Approaches: Homomorphic encryption, TCCP 30
Clients have no way of verifying computations outsourced to a Cloud Scenario User sends her data processing job to the cloud. Clouds provide dataflow operation as a service (e.g., MapReduce, Hadoop etc.) Problem: Users have no way of evaluating the correctness of results Research question: How can we verify the accuracy of outsourced computation? Existing Approaches: Runtime Attestation, Majority voting, Redundant operations 31
Clouds can be used for malicious purposes Adversaries can rent clouds temporarily to create a large scale botnet very quickly Clouds can be used for spamming, Denial of service, brute force password breaking, and other attacks Example:WPACracker.com a password cracking service that claims to test 300,000,000 words in 20 minutes for $17, using a cloud Research question:how can we rapidly detect misbehavior of clients in a cloud? 32
Final quote [Cloud Computing] is a security nightmare and it can't be handled in traditional ways. John Chambers CISCO CEO 33
Secure Data Outsourcing 34
Homomorphicencryption The ability to perform computations on the ciphertextwithout decrypting it first A specific algebraic operation performed on the plaintext is equivalent to another (possibly different) algebraic operation performed on the ciphertext 35
A Simple Example Rot-13 is homomorphicwith respect to concatenation 36
Homomorphicencryption schemes Multiplicative homomorphic e.g. RSA Additive homomorphic, e.g. Paillier Fully homomorphicencryption (FHE) (Gentry, 2010) 37
Alternative techniques Search encrypted data Fragmentation Aggregation 38