Database Laboratory Regular Seminar 2013-07-22 TaeHoon Kim New Approaches to Security and Availability for Cloud Data Ari Juels, Alina Oprea Communications of ACM Feb. 2013 Article
Feb 24, 2016
Database LaboratoryRegular Seminar
2013-07-22TaeHoon Kim
New Approaches to Security and Availability for Cloud Data
Ari Juels, Alina OpreaCommunications of ACM Feb. 2013
Article
Contents
1. Introduction2. Solution Overview3. Iris
- Iris Authenticated file system - Iris Structure
4. Auditing Framework
5. Conclusion
/15
1. Introduction Cloud Computing Service Model offers users(called tenants)
on-demand network access A large shared pool of computing resources(cloud)
Many of company adopted private cloud IBM, HP, VMware, EMC2
Public cloud are not adopted Security and operational risk
Including hardware failure, software bugs, power outages, server misconfiguration, malware, and inside threats
Lack of availability and reliability Striking loss of personal customer data
3• http://blog.naver.com/PostView.nhn?blogId=lugenzhe&logNo=90100646811&redirect=Dlog&widgetTypeCall=true
/15
1. Introduction Potentially malicious tenants
Ristenpart et al,[18], such an attacker an exploit side channels in shared hardware to exfiltrate sensitive data
Our research addresses The challenge of migrating enterprise data into the public
cloud Devised Cryptographic protocol
Propose auditing framework to verify properties of the internal operation of the cloud and assure enterprise
4
/15
2. Solution Overview Our vision of more-trustworthy cloud-computing model
Manages cryptographic keys Maintains trusted storage for integrity Freshness enforcement Redundancy to data for enhanced availability
5
/15
3. Iris Authenticated file sys-tem An authenticated file system
Allows migration of existing internal enterprise systems into cloud
Offer strong integrity and freshness guarantees
Minimizes the effects of network latency on file-system op-erations
Is designed to use any existing back-end cloud storage sys-tem transparently without modification
6
/15
3. Iris Structure(2 layers) The gateway-side
Caches data and meta-data blocks from the file system recently accessed by enter-prise users.
Computes integrity checks Namely MACs on data block
MACs Fixed-size file segments of
typical size 4KB Enables random access Verification of individual file-
block integrity
7
/15
3. Iris Structure(2 layers) Merkle-tree-based structure
Internal nodes of the tree contain hashes of their chil-dren
Tenant can efficiently verify the integrity and freshness data MAC and freshness of the block-version number
Support for existing file-sys-tem operations
Support for concurrent oper-ations
8• http://en.wikipedia.org/wiki/Merkle_tree#How_hash_trees_work
/15
4. Auditing Framework When Alice(client) stores data with Bob, she wants to know
that Bob(service provider) has not let her data succumb to bit rot, storage-device failure, corruption by buggy software, … etc
Using strong cryptographic approach to assurance : PoR(Proofs of Retrievability)
Bob proves to Alice that a given piece of Data D stored in the cloud is not damaged and retrievable
Cryptographically verify the correctness of all cloud-stored data
9
/15
4. Auditing Framework Notation
D is some piece of data D* is constructed by append-
ing what are called “parity blocks”
ri denote the ith data block(fixed-size 4KB)
Using secret key k, Alice can compute MACs, secret-key digital signatures over data blocks r1, r2, r3 … rn
To verify the correctness of a block r1, Alice uses k and ci
Alice needs to store only the key k
10• http://en.wikipedia.org/wiki/Merkle_tree#How_hash_trees_work
/15
4. Auditing Framework PoR(Proofs of Retrievability)
efficient only for checks on static data(such as archived data)
PDP(Proof of Data Possession) Enables public verification of data integrity
Dynamic PoR Conceals individual parity-block updates from Bob, as well as
the code structure
PoS(Proofs of Storage) Detecting data loss
E.g)drive crash, a large data center is likely to experience thou-sands of drive failures each year[19]
11
/15
4. Auditing Framework Auditing of drive-failure Solution : RAFT(Remote Assessment
of Fault Tolerance Makes use of bounds on the seek time of a rotational drive
RAFT operates specifically on data stored in rotational drives, exploiting their performance limitations as a bound-ing parameter
12
/15
4. Auditing Framework If the cloud provider fails to respond correctly to an audit
due to data loss? HAIL(High availability and integrity layer) is the solution Works by promptly detecting and recovering from data corrup-
tion(is similar to RAID)
HAIL An extension of RAID into the cloud distributing data across multiple cloud providers to achieve
continuous availability
13• http://blog.naver.com/capemay?Redirect=Log&logNo=40192616466• http://jaesoo.com/study_board/23324
/15
4. Auditing Framework To provide recovery(resilience)cloud-provider failure, the
gateway splits the data into fixed-size blocks and encodes it with a new erasure code ; dispersal code
Distributes her data with embedded redundancy a set of n cloud providers:S1 … Sn
14
/15
Conclusion Described new techniques
a range of protections, integrity and freshness verification to high data availability
Proposed an auditing framework
These technique enable an extension from enterprise inter-nal data centers into public clouds
Our hope alleviate some of the concern over security in the cloud facilitate migration of enterprise resources into public clouds
15
/15
Q/A Thank you for listening my presentation
16