A Legal and Technical Perspective on Secure Cloud Storage

Similar documents
Secure Framework for Data Storage from Single to Multi clouds in Cloud Networking

MIGRATION FROM SINGLE TO MULTI-CLOUDS TO SHRIVEL SECURITY RISKS IN CLOUD COMPUTING. K.Sireesha 1 and S. Suresh 2

DepSky Dependable and Secure Storage in a Cloud-of-Clouds Alysson Bessani, Miguel Correia, Bruno Quaresma, Fernando André, Paulo Sousa

Secure Store of User Authentication Tokens in Multi-cloud Storage System

An Approach Secret Sharing Algorithm in Cloud Computing Security over Single to Multi Clouds

A Multi-Cloud based Approach to Enhance Data Security and Availability in Cloud Storage

Cloud Computing Security: From Single to Multi-Clouds

Cloudy with Showers of Business Opportunities and a Good Chance of. Security. Transforming the government IT landscape through cloud technology

Cloud Computing Benefits for Educational Institutions

What Is It? Business Architecture Research Challenges Bibliography. Cloud Computing. Research Challenges Overview. Carlos Eduardo Moreira dos Santos

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2

Cloud Computing Technology

What is Cloud Computing? Tackling the Challenges of Big Data. Tackling The Challenges of Big Data. Matei Zaharia. Matei Zaharia. Big Data Collection

Web Services & Database Services Availability through Multi-Cloud Environment

Cloud Battlefield Support and Security Assessment

Ensuring Data Storage Security in Cloud Crop

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011

DEFINING CLOUD COMPUTING: AN ATTEMPT AT GIVING THE CLOUD AN IDENTITY.

Cloud Computing: The Wave of the Future

The Hidden Extras. The Pricing Scheme of Cloud Computing. Stephane Rufer

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System

Cloud Computing. IST 501 Fall Dongwon Lee, Ph.D.

Study on Redundant Strategies in Peer to Peer Cloud Storage Systems

SECURING CLOUD DATA COMMUNICATION USING AUTHENTICATION TECHNIQUE

DESIGN AND IMPLEMENTATION OF A SECURE MULTI-CLOUD DATA STORAGE USING ENCRYPTION

Security Framework for Cloud Computing Environment: A Review Ayesha Malik, Muhammad Mohsin Nazir

Verifying Correctness of Trusted data in Clouds

FlexCloud: Reliable and Secure Cloud Overlay Infrastructures

Cloud Computing and Attacks

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

Mutual Authentication Cloud Computing Platform based on TPM

Compliance in Clouds A cloud computing security perspective

RSA BASED CPDP WITH ENCHANCED CLUSTER FOR DISTRUBED CLOUD STORAGE SERVICES

Enhancing Security of Cloud Computing using Elliptic Curve Cryptography

A Novel Cloud Hybrid Access Mechanism for Highly Sensitive Data Exchange

How To Understand And Understand The Issues Of Cloud Computing

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Enhancing Data Securing In Cloud Using Scalable Transactions

How To Understand Cloud Computing

Data Storage and Synchronization in Private Cloud

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Trust Your Cloud Service Provider: User Based Crypto Model.

CHAPTER 8 CLOUD COMPUTING

Li Sheng. Nowadays, with the booming development of network-based computing, more and more

Security and Privacy in Cloud Computing

A Survey on Cloud Security Issues and Techniques

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011

Security Model for VM in Cloud

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

Cloud Based E-Government: Benefits and Challenges

Cloud Compu)ng. [Stephan Bergemann, Björn Bi2ns] IP 2011, Virrat

Security & Trust in the Cloud

Secrecy Maintaining Public Inspecting For Secure Cloud Storage

Privacy Patterns in Public Clouds

THE CLOUD AND ITS EFFECTS ON WEB DEVELOPMENT

ISSN Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability

Cloud computing in a nutshell

Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD

Ensuring Data Storage Security in Cloud Computing By IP Address Restriction & Key Authentication

Security Issues In Cloud Computing and Countermeasures

Data Integrity Check using Hash Functions in Cloud environment

Research on Storage Techniques in Cloud Computing

Secure Storage Services and Erasure Code Implementation in Cloud Servers

NCTA Cloud Architecture

Sharing Files Using Cloud Storage Services

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Analysis of Privacy Challenges and Security Concerns in Cloud Computing Varun Shukla Department of EC, PSIT

CLOUD SECURITY SECURITY ASPECTS IN GEOSPATIAL CLOUD. Guided by Prof. S. K. Ghosh Presented by - Soumadip Biswas

A Secure System Development Framework for SaaS Applications in Cloud Computing

Introduction to Cloud Computing

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

Private vs. Public Cloud Solutions

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

Service and Data Security for Multi Cloud Environment

International Journal of Advance Research in Computer Science and Management Studies

Transcription:

A Legal and Technical Perspective on Secure Cloud Storage Sebastian Graf, Jörg Eisele and Marcel Waldvogel University of Konstanz Marc Strittmatter HTWG Konstanz

Cloud Services from a customers point of view

Cloud services from a technical point of view

Security Goals to achieve Confidentiality Accountability Integrity Availability Assurance

Responsibility in the cloud?

Point of technical interference Application Cloud Service Service Application Platform Operating System Hardware SaaS Threshold of Technical Control PaaS IaaS Customer Cloud Provider

Storage Internal Service Storage User-Centric VS Application-Centric Usage

Techniques to establish security Accountability Confidentiality? Integrity Availability Assurance

How to guarantee security behind the wall?

Legal Aspects Privacy Unauthorized Access Harming Data Author's Rights Contracts

Integrity Accountability Legal Aspects 303a StGB 43,2 BDST Availability 202a StGB 202b StGB 106 UrhG 108 UrhG Confidentiality Integrity Checksumming Signatures Accountability Technical Measures Erasure Codes Policies Versioning Availability Caching Encryption Key Mgmt Confidentiality

What's next?

Thanks for your attention! Questions? Sebastian Graf Distributed Systems Group University of Konstanz sebastian.graf@uni-konstanz.de

Slide 2: Slide 3: Slide 5: Slide 8: Picture from http://www.sxc.hu/photo/447540 under sxu license from Kroma Kromalski, Poland (http://www.sxc.hu/profile/krominator) Picture under morguefile Free License from http://morguefile.com/archive/display/68626 Picture from http://www.flickr.com/photos/65193799@n00/13647107/ under Creative Commons from DB Kind, USA (http://www.flickr.com/people/bootbearwdc/) References to Pictures Slide 9: Picture from http://www.imageafter.com/image.php?image=b4objects010.jpg Picture under Public Domain from https://commons.wikimedia.org Picture from http://www.flickr.com/photos/daveparker/2104384103/ under Creative Commons from Dave Paker, USA (http://www.flickr.com/photos/daveparker/) Picture from http://www.sxc.hu/photo/578263 under sxu license Picture from http://www.sxc.hu/photo/423488 under sxu license Slide 10: Picture under morguefile Free License from http://www.morguefile.com/archive/display/695726 Picture under Public Domain from https://commons.wikimedia.org Picture from http://www.flickr.com/photos/aroberts/3035796/ under Creative Commons from Andy Roberts, UK (http://www.flickr.com/people/aroberts/) Picture under morguefile Free License from http://www.morguefile.com/archive/display/99284 Picture under morguefile Free License from http://www.morguefile.com/archive/display/52246 Slide 11: Picture from http://www.dreamstime.com/royalty-free-stock-imagetwo-faced-head-fire-ice-statue-image22772076 Slide 12: Picture from http://www.flickr.com/photos/30564501@n02/2862358989/ under Creative Commons from Jurgen Dabeedin, UK (http://www.flickr.com/people/30564501@n02/)

References [BCQ + 11] [BJO09] [Fie00] Alysson Bessani, Miguel Correia, Bruno Quaresma, Fernando André, and Paulo Sousa. DepSky: dependable and secure storage in a cloud-of-clouds. In Proceedings of the sixth conference on Computer systems, EuroSys 11, 2011. Kevin D. Bowers, Ari Juels, and Alina Oprea. HAIL: a high-availability and integrity layer for cloud storage. In Proceedings of the 16th ACM conference on Computer and communications security, CCS 09, 2009. Roy Thomas Fielding. Architectural styles and the design of network-based software architectures. PhD thesis, University of California, Irvine, 2000. Chair-Taylor, Richard N. [Gar07] Simson L. Garfinkel. An Evaluation of Amazons Grid Computing Services: EC2, S3, and SQS. Technical report, Center for, 2007. References to Literature [GKW11] Sebastian Graf, Marc Kramis, and Marcel Waldvogel. Treetank: Designing a Versioned XML Storage. In XMLPrague 11, 2011. [GMSW06] Dominik Grolimund, Luzius Meisser, Stefan Schmid, and Roger Wattenhofer. Cryptree: A Folder Tree Structure for Cryptographic File Systems. In 25th IEEE Symposium on Reliable Distributed Systems (SRDS), Leeds, United Kingdom, October 2006. [Gra11] Sebastian Graf. A secure cloud gateway based upon XML and web services. In PhD Symposium, ECOWS 11, 2011. [Lam01] Pradip Lamsal. Understanding Trust and Security, 2001. [MG09] [Sch00] [Sto01] Peter Mell and Tim Grance. The NIST definition of cloud computing. National Institute of Standards and Technology, 53(6), 2009. Bruce Schneier. Secrets and lies: digital security in a networked world. John Wiley, 2000. Gary Stoneburner. Underlaying Technical Models for Information Technology Security. National Institute of Standards and Technology, 2001.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information