Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine.
-
Upload
robert-phelps -
Category
Documents
-
view
212 -
download
0
Transcript of Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine.
Data Confidentiality on Clouds
Sharad MehrotraSharad MehrotraUniversity of California, IrvineUniversity of California, Irvine
Cloud ComputingCloud Computing
• X as a serviceX as a service, where , where X X is:is:– Infrastructure, platforms, Software,– Storage, Application, test environments…
• CharacteristicsCharacteristics::– Elastic-- Use as much as your needs – Pay for only what you use– Don’t worry about:
– system management headaches– Failures– loss of data due to failures – ..
– Cheaper due to economy of scale– Better control over IT investments
• ChallengesChallenges– scalability, elasticity, consistency, big data management,
interoperability, migration, multi-tenancy, pricing …
2
Utility model
Cloud ComputingCloud Computing
• X as a service, where X is:X as a service, where X is:– Infrastructure, platforms, Software,– Storage, Application, test environments…
• Characteristics:Characteristics:– Elastic -- Use as much as your needs – Pay for only what you use– Don’t worry about
– No system management headaches– , loss of data due to failures
– Cheaper due to economy of scale– Better control over IT investment
• Infrastructure Challenges:Infrastructure Challenges:– Scale, multi-tenancy, elasticity, consistency, big data management,
interoperability, migration, pricing …
3
Utility model
Implications of Loss of Control
4
End Users
Cloud
• IntegrityIntegrity
• Will the CSP serve my data correctly?Will the CSP serve my data correctly?
• Can my data get corrupted?Can my data get corrupted?
• AvailabilityAvailability
• Will I have access to my data and Will I have access to my data and services at all times?services at all times?
• SecuritySecurity• Will the CSP implement its own security Will the CSP implement its own security policies appropriately?policies appropriately?
•Privacy & confidentialityPrivacy & confidentiality
• Will sensitive data remain confidential?Will sensitive data remain confidential?
• Will my data be vulnerable to misuse? By Will my data be vulnerable to misuse? By other tenants? By the service provider?other tenants? By the service provider?
So will Crypto Researchers Solve the Problem?
5
• Large body of research in applied crypto over 2 decades
• Generality, Efficiency, Security
• Binary notion of security• Semantic security, Perfect
Secrecy• Great for some user-
communities (military, government, trade-secrets)
• Overprotection if user-community is common users of the cloud.
- How much are we willing to pay to prevent leakage of “Mom’s secret recipe”.
- .
Classification of Research on Encrypted Search [Hacigumus, et. al. Survey, 2007, Bagherzandi et al., Encyclopedia entry 2011]
Risk Based Data Processing in CloudsRisk Based Data Processing in Clouds
Risk Based
Approach
Data (R)
Workload (Q)
Sensitivity
Disclosure
Perfo
rman
ce
Cost
Usability
Each point represents a different representation of data
User Specific constraints on
disclosure, costs, etc.
Multi Criteria Optimization
Data, Workload Partitions (RCli, RServ, QCli, QServ) and
Workload Execution PlanChallenges: Challenges: •Modeling risks – Modeling risks – function of trust, security, data representation, sensitivity, function of trust, security, data representation, sensitivity, exposure duration, usefulness to adversaryexposure duration, usefulness to adversary, …, …
•Mechanism to trace Mechanism to trace “sensitivity/risk provenance”“sensitivity/risk provenance”
• Mechanisms to Partition Computation & data Mechanisms to Partition Computation & data -- -- Robust, adaptive, Robust, adaptive, efficient, generalefficient, general, .., ..
Systems we are building (RADICLE Project at UCI)Systems we are building (RADICLE Project at UCI)• CloudProtect – (usability versus confidentiality tradeoff)CloudProtect – (usability versus confidentiality tradeoff)– empowers end-users to control loss of data in using web applications such as Box, empowers end-users to control loss of data in using web applications such as Box,
Google Drive, picasa, shutterfly, etc.Google Drive, picasa, shutterfly, etc.
•Hybridizer – (Cost, performance, confidentiality tradeoffs)Hybridizer – (Cost, performance, confidentiality tradeoffs)– partitioning Hive & map reduce jobs across hybrid clouds to control information partitioning Hive & map reduce jobs across hybrid clouds to control information
leakageleakage
Empower owners to strike a balance between risk, performance, and costs by steering data & computation appropriately in mixed trust environments