Towards a compliance audit of SLAs for data replication in Cloud storage

Similar documents
A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

Verifying Correctness of Trusted data in Clouds

SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD

Identifying Data Integrity in the Cloud Storage

CONSIDERATION OF DYNAMIC STORAGE ATTRIBUTES IN CLOUD

Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

Index Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.

A Survey on Data Integrity of Cloud Storage in Cloud Computing

Improving data integrity on cloud storage services

A Novel Re-Authentication Scheme on Cloud Based Storage Services T.G.V.V.Srinivas 1, P.Suresh Babu 2 1 Final M.Tech Student, 2 Associate professor

Ensuring Data Storage Security in Cloud Computing By IP Address Restriction & Key Authentication

Energy Efficiency in Secure and Dynamic Cloud Storage

Erasure correcting to enhance data security in cloud data storage

February. ISSN:

PRIVACY PRESERVING PUBLIC AUDITING FOR SECURED DATA STORAGE IN CLOUD USING BLOCK AUTHENTICATION CODE

Data Grid Privacy and Secure Storage Service in Cloud Computing

Development of enhanced Third party Auditing Scheme for Secure Cloud Storage

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

SHARED DATA & INDENTITY PRIVACY PRESERVING IN CLOUD AND PUBLIC AUDITING

Secrecy Maintaining Public Inspecting For Secure Cloud Storage

OVERVIEW OF SECURITY ISSUES IN CLOUD COMPUTING

A Secure and Dependable Cloud Storage Service in Cloud Computing

Enable Public Audit ability for Secure Cloud Storage

RSA BASED CPDP WITH ENCHANCED CLUSTER FOR DISTRUBED CLOUD STORAGE SERVICES

ISSN Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability

Cloud Data Storage Services Considering Public Audit for Security

RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

TITLE: Secure Auditing and Deduplicating Data in Cloud(Survey Paper)

DESIGN AND IMPLEMENTATION OF A SECURE MULTI-CLOUD DATA STORAGE USING ENCRYPTION

Comments on "public integrity auditing for dynamic data sharing with multi-user modification"

Data storage security in Cloud

A Survey on Secure Storage Services in Cloud Computing

How To Check If A Data File Is Safe In A Cloud Archive

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

Trusted Public Auditing Process for Secure Cloud Storage

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

Enhance Data Security in Cloud Computing using Layered Interleaving Approach

International Journal of Advance Research in Computer Science and Management Studies

An Efficient Data Correctness Approach over Cloud Architectures

Replicated Data Integrity Verification in Cloud

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

Analysis of Secure Cloud Data Sharing Within a Group

International Journal of Infinite Innovations in Engineering and Technology. ISSN (Online): , ISSN (Print):

Enhancing Data Security in Cloud Storage Auditing With Key Abstraction

Third Party Auditing For Secure Data Storage in Cloud through Trusted Third Party Auditor Using RC5

Keywords: Cloud Computing, Data Dynamics, Data Integrity, Error Localization, Third Party Auditor.

Secure Distribution of File on Cloud

PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING

Data Storage Security in Cloud Computing

Survey Paper on Integrity Auditing of Storage

IMPLEMENTATION CONCEPT FOR ADVANCED CLIENT REPUDIATION DIVERGE AUDITOR IN PUBLIC CLOUD

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE

Performance Evaluation Panda for Data Storage and Sharing Services in Cloud Computing

Enabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage

How To Ensure Data Integrity In Clouds

Index Terms : cloud computing, Distributed Storage, error detection, data recovery, SHA, dynamic block operations

Efficient Remote Data Possession Checking In Critical Information Infrastructures Ensuring Data Storage Security In Cloud Computing

ENABLING PUBLIC AUDITABILITY AND DATA DYNAMICS FOR STORAGE SECURITY IN CLOUD COMPUTING

M. Nathiya 2 B.Tech. (IT), M.E. (CSE), Assistant Professor, Shivani Engineering College, Trichy, Tamilnadu, India.

How To Ensure Data Integrity In Cloud Computing

AN EXPOSURE TO RELIABLE STORAGE SERVICES IN CLOUD COMPUTING

Index Terms: Cloud Computing, Third Party Auditor, Threats In Cloud Computing, Dynamic Encryption.

A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks Lin Chen, Member, IEEE, and Jean Leneutre

Dependable and Secure Storage Services in Cloud Computing

Currency and Correctness of Content in Object Storage Networks

Remote Data Auditing Scheme in Secured Cloud Storage Environment

Data Security & Availability in Multi-Cloud Storage with Cooperative Provable Data Possession

PRIVACY PRESERVING AND BATCH AUDITING IN SECURE CLOUD DATA STORAGE USING AES

I. Introduction. A. Related Work

Near Sheltered and Loyal storage Space Navigating in Cloud

EFFICIENT DISCOVERY OF INTEGRITY AUTOMATION IN HYBRID CLOUD COMPUTING

A Survey and a Data Integrity Proofs In Cloud Storage

Cloud Data Service for Issues in Scalable Data Integration Using Multi Authority Attribute Based Encryption

SECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE

Privacy-Preserving Public Auditing & Data Intrgrity for Secure Cloud Storage

BILINEAR PAIRING BASED PUBLIC AUDITING FOR SECURE CLOUD STORAGE USING TPA

A Survey on Secure Auditing and Deduplicating Data in Cloud

Surveying Cloud Storage Correctness using TPA with BLS

Secure Way of Storing Data in Cloud Using Third Party Auditor

A Proxy-Based Data Security Solution in Mobile Cloud

Transcription:

Towards a compliance audit of SLAs for data replication in Cloud storage J. Leneutre B. Djebaili, C. Kiennert, J. Leneutre, L. Chen, Data Integrity and Availability Verification Game in Untrusted Cloud Storage, Conference on Decision and Game Theory for Security (GameSec), Los Angeles, CA, USA, November Institut Mines-Télécom 2014, LNCS.

Outline Introduction Background Assumptions Contributions Game Models Conclusion 2

Outline Introduction Background Contributions Game Models Conclusion 3

Introduction n n Cloud features: On-demand services Resource pooling via multi-tenancy Elasticity via dynamic provisioning of resources Device and location independence Source of security problems Reduced control over software and data Potential Interference between security and cloud optimization mechanisms Security of data storage: Privacy / Confidentiality Integrity/availability External (hackers) threats for data integrity or availability Cloud Provider (CP) might behave unfaithfully Users need strong evidence that their data have not been tampered or partially deleted 4

Problem Statement n Case of an Untrusted CP Economically-motivated CP that may be tempted to erase (copies of) data to use less storage space How to check compliance of SLAs with regard to data replication? n Efficient schemes for remote data integrity checking exist New cryptographic protocols: proof of data possession (PDP), proof of retrieval (POR) However verification costs computing resources n How to optimize their use? Frequency of the verification process? Which data to check in priority? Are there data not worth checking at all? Optimal verification policies needed Trade-off between security & cost of verification Obtained by a Game Theoretical analysis modelling interactions between Verifier & CP 5

Underlying assumptions n Data replication rate is specified in SLAs Usually not covered in a cloud storage service provider's SLA Rather provide guarantees in terms of uptime, or allowed number of retries, or how long a read request can take to be serviced Offer some sort of tiered credits the users if the guarantees are not satisfied May be negociated in the case of storage backup or cloud archive services Possible definition of precise retention policies n User is allowed to access to different copies of same data May be necessary to check geographical location of data 6

Outline Introduction Background Contributions Game Models Conclusion 7

Background: Integrity verification of outsourced data n Usual techniques for integrity control Hash functions, error-correcting code, checksum, not suited for intentional modification of data! Audit Hash(D) D Hash(D) User Cloud storage Hash(D) No detection of modification D: Data 8

Background: Integrity verification of outsourced data n Need for a new cryptographic primitive Integrity checking challenge response protocol Metadata may also be outsourced Verification may be delegated to a third party auditor (TPA) 9

Background: Integrity verification of outsourced data n A naive scheme Requires large metadata size Consumes too much bandwidth and computation Verifications limited to the number of precomputed hash values 10

Background: Integrity verification of outsourced data n A simple protocol based on DLP [Deswarte & alii, 2004] Metadata: Tag computed using an homomorphic function T=gF(d) d mod n T r = C d? Verifier C=g r mod n R=C d mod n DLP problem à security Storage provider d : data T : tag (metadata) C : challenge R : response n : RSA modulus r : random integer DLP : discrete logarithm problem Deswarte, Y., Quisquater, J.-J., and Saïdane, A.. Remote Integrity Checking. In Proceedings of 6th Working Conference on Integrity and Internal Control in Information Systems (IICIS), 2004. d 11

Background: Integrity verification of outsourced data n Two main approaches for data verification schemes Deterministic protocols: checks entire data Probabilistic protocols: randomly checks blocks of data reduce the computing time of verification n Main efficient verification schemes PDP (Provable Data Possession) [Ateniese & alii 2011] Minimize bandwith POR (Proofs of Retriability) [Juels, Kaliski 2007] Ability to recover corrupted files by using error correcting codes n Other features Public verification Management of dynamic data Verification of multiple copies of a data [Ateniese & alii 2011] Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L.,... & Song, D. (2011). Remote data checking using provable data possession. ACM TISSEC, 14(1), 12. [Juels, Kaliski 2007] Juels, A., & Kaliski Jr, B. S. (2007, October). PORs: Proofs of retrievability for large files. In Proceedings of the 14th ACM conference on Computer and communications security. 12

Background: Game Theory n Game theory: aims at modeling situations in which decision makers have to make specific actions that have mutual, possibly conflicting consequences n Glossary: Players: a strategic decision maker (can be a person, a machine, etc.) Actions: a move that can be carried out by the player at any given time Utility function: assigns a numerical value for every possible outcome of the game for a given player taking into account other players actions Strategy: a plan of actions taken in the game Nash Equilibrium: strategy from which no player has an incentive to deviate unilaterally 13

Background: Game Theory n Example: Forwarder s dilemma Goal: device p 1 (resp. p 2 ) wants to send a packet to his receiver r 1 (resp. r 2 ) using p 2 (resp. p 1 ) as a forwarder, in each time slot Actions: Forward (F) or Drop (D) a packet Utility function: c (0<c<<1): cost representing the energy and computation spent for the forwarding action Reward when forwarding : 1 Nash equilibrium: (D,D) 14 A strategic approach to manage security risks

Outline Introduction Game Theory Contributions Game Models Conclusion 15

Contributions n Define a basic model Static game with deterministic verification protocol CP stores only one copy of the data n Study different extensions of the model Dynamic game with deterministic verification (Stackelberg game) Static game with probabilistic verification protocol Extension where CP stores multiple copies of data Repeated game (multiple consecutive interactions over time) n For each model : Prove the existence of an attractive data set on which both attacker and verifier should focus exclusively Find the Nash Equilibrium Analyze the results in terms of expected behaviours & deduce guidelines for optimal TPA data checking 16

Outline Introduction Game Theory Contributions Game Models Conclusion 17

Generic game Model n Non-cooperative game n Two rational players Attacker (CP) Verifier (TPA) n Two actions per player for each data : Attacker : Not replicating / Do nothing Verifier : Check data integrity / Do nothing n Strategies: distribution of attack/verification resources For each data D i, the attacker decides to not replicate data with probability pi, and the verifier checks data with probability t i Available resources for attacker (resp. verifier) : P (resp. T) Lin Chen and Jean Leneutre. A game theoretical framework on intrusion Detection in heterogeneous networks.ieee TIFS, 4(2):165-178, 2009 18

Generic game Model n Game parameters Amount of data stored at the CP : N Size of data D i : S i Importance (integrity level) of data D i : F i Overall TPA probability of detecting fraud when checking data : a a = 1 for deterministic verification protocols a < 1 for probabilistic verification protocols Computing costs for CP and TPA : C s and C t Hypothesis : Players are perfectly rational Each players aims at maximizing his payoff 19

Generic game model n Utility functions of static game for deterministic verification CP \ TPA Check Not check Correct/Available data 0, -C t S i C s S i 0, 0 Incorrect/unavailable data C s S i S i, Ct S i + F i S i, -F i Verify resource Data D i TPA payoff: CP payoff: Ressource constraints: and Attack resource Size Sensibility & value Cost of verification (TPA) Cost of executing verification (CP) 20

Generic game model n Data distribution Does a rational attacker (CP) attack all data? Existence of an Attractive Dataset Movie S=15 Compressed file S=11 Photo S=3 Actually, a rational attacker will only attack data with large enough sizes S i Compressed file S=5 Text S=1 Text S=2 Audio S=7 Guideline 1: A rational defender has only to verify data in the attractive dataset 21

Generic game model n Nash equilibrium: analytical result when all resources are used by both players ( ) (Attractive dataset) Guideline 2: Verification resources to data should be allocated accordingly to the values of t i * 22

Generic game model : numerical analysis Defender (TPA) Attacker (CP) Number of data n=20 TPA random strategy CP best response Table 1: Payoff at the Nash Equilibrium (NE) -0.13976-0.34721-0.61456 TPA best & maximum gain TPA average gain TPA minimal gain Table 2: Payoff Degradation due to deviation from NE 23

Game with multiple data copies n Multiple copies of the same data on the CP servers Parameters : same than generic game plus Number of copies of data D i : R i Reward the CP gets if he acts honestly: ε (ε>0) CP \ TPA Check Not check Correct/Available copy ε, -C t S i C s S i 0, 0 Incorrect/unavailable copy C s S i S i, Ct S i + F i S i, -F i n Strategies Probability that the CP deletes i copies of data D m (0 i R m ): p i m Probability that the TPA checks i copies of data D m (0 i R m ): q i m 24

Game with multiple data copies n Utility functions of game with multiple copies Notation: denotes the indicator function Verify resource Attack resource Data D i q i CP payoff: Size Sensibility & value Cost of verification (TPA) Cost of executing verification (CP) S i TPA payoff: 25

Game with multiple data copies n Two game settings Player s strategy fo each data does not depend on other data: for each data D m : Player s strategy fo each data depends on strategies for other data: for N data: There exists a unique NE in both settings Characterization of the NE in the corresponding stackelberg game (TPA is the leader) Current study: extension to an infinite repeated game 26

Outline Introduction Game Theory Contributions Game Models Conclusion 27

Conclusion n Remote data integrity verification in the cloud Modeling the interaction between the verifier and the cloud provider as a non cooperative game Verification of a single copy / multiple copies Give some guidelines to define an optimal verification strategy for data replication compliance checking n Perspectives Take into account location requirements for data May be used to define ALAs (Audit Level Agreements) 28

Outline Introduction Game Theory Contributions Game Models Conclusion Appendices 29

Background: Game Theory n Some type of games Deterministic vs. Stochastic games Stochastic game: game involving probabilistic transitions between different states of the system Static vs. Dynamic games Static game (one-shot game): all players choose their strategies simultaneously Dynamic game (Stackelberg game, leader & follower game): players choose their actions in more than one stage Complete information vs. Incomplete information game Complete Information game: players know each others strategies and payoffs Incomplete Information game (Bayesian game): information about the characteristics (strategies, payoffs) of other players are incomplete Pure strategies vs. Mixed strategies 30

Stackelberg game for deterministic verification n Players have sequential interaction: the move of one player is conditioned by the move of the other player n Game principle : The leader moves first The follower observes the leader s choice, then chooses his strategy n Three cases analyzed : Case 1: Leader: CP, Follower: TPA Case 2: Leader: TPA, Follower: CP Case 3: Which strategy will be better for both TPA & CP? Actually, Case 1 corresponds to the best strategy for both Guideline 3: TPA should choose the follower strategy in order to maximize his payoff, while leader is the best strategy for the CP 31

Static game for probabilistic verification CP \ TPA Check Not check Correct/Available copy Incorrect/unavailable copy 0, -C t S i C s S i (1 2a) S i ac s S i, (1 2a) F i (1 a)c s S i C t S i S i, -F i Data D i Verify resource Attack resource Size Sensibility & value Cost of verification (TPA) Cost of executing verification (CP) Detection proba a Storage loss 32

Numerical Analysis Fig 1: Payoff at the Nash Equilibrium (NE) 33 30/06/15 Institut Mines-Télécom 30/06/15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information