ON SECURITY AND PRIVACY IN CLOUD COMPUTING

Daniel Slamanig, Stefan Rass

Abstract

Cloud computing is an evolving paradigm that is believed to play a key-role in future information processing. It is reasonable to expect a cloud computing environment equipped with security systems, but anything not covered by standard measures such as firewalls or encrypted channels is subject to mere trust in the cloud provider. The acceptance of cloud computing might be higher if less trust in the infrastructure is demanded, thanks to a more comprehensive employment of cryptography for security and privacy. Despite a vast amount of cryptographic primitives available today, their full power still remains to be exploited for numerous aspects in cloud computing. The goal of this paper is drawing attention to various primitives in cryptography that might become or actually are already considered to be useful in a cloud computing environment, but have not received as much attention as they deserve from experts in this area.

References

  1. Akinyele, J. A., Lehmann, C. U., Green, M. D., Pagano, M. W., Peterson, Z. N. J., and Rubin, A. D. (2010). Self-Protecting Electronic Medical Records Using Attribute-Based Encryption. Cryptology ePrint Archive, Report 2010/565. http://eprint.iacr.org/.
  2. Ateniese, G., Burns, R. C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z. N. J., and Song, D. X. (2007). Provable Data Possession at Untrusted Stores. In CCS 2007, pages 598-609. ACM.
  3. Ateniese, G., Camenisch, J., Joye, M., and Tsudik, G. (2000). A Practical and Provably Secure CoalitionResistant Group Signature Scheme. In CRYPTO 7800, volume 1880 of LNCS, pages 255-270. Springer.
  4. Backes, M., Camenisch, J., and Sommer, D. (2005). Anonymous Yet Accountable Access Control. In WPES 7805, pages 40-46. ACM.
  5. Bellare, M., Boldyreva, A., and O'Neill, A. (2007). Deterministic and Efficiently Searchable Encryption. In CRYPTO 2007, volume 4622 of LNCS, pages 535- 552. Springer.
  6. Bethencourt, J., Sahai, A., and Waters, B. (2007). Ciphertext-Policy Attribute-Based Encryption. In 28th IEEE Symposium on Security and Privacy, pages 321-334. IEEE.
  7. Boneh, D., Crescenzo, G. D., Ostrovsky, R., and Persiano, G. (2004). Public Key Encryption with Keyword Search. In EUROCRYPT 2004, volume 3027 of LNCS, pages 506-522. Springer.
  8. Boneh, D. and Naor, M. (2008). Traitor Tracing with Constant Size Ciphertext. In CCS 2008, pages 501-510. ACM.
  9. Bowers, K. D., Juels, A., and Oprea, A. (2008). Proofs of Retrievability: Theory and Implementation. Cryptology ePrint Archive, Report 2008/175. http://eprint.iacr.org/.
  10. Bowers, K. D., Juels, A., and Oprea, A. (2009). HAIL: A High-Availability and Integrity Layer for Cloud Storage. In CCS 7809, pages 187-198. ACM.
  11. Brands, S. (2000). Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press.
  12. Camenisch, J., Dubovitskaya, M., and Neven, G. (2009). Oblivious Transfer with Access Control. In CCS 7809, pages 131-140. ACM.
  13. Camenisch, J. and Lysyanskaya, A. (2001). An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In EUROCRYPT 7801, volume 2045 of LNCS, pages 93-118. Springer.
  14. Chor, B., Goldreich, O., Kushilevitz, E., and Sudan, M. (1995). Private Information Retrieval. In FOCS 7895, pages 41-50. IEEE.
  15. Curtmola, R., Garay, J. A., Kamara, S., and Ostrovsky, R. (2006). Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions. In CCS 2006, pages 79-88. ACM.
  16. Dingledine, R., Mathewson, N., and Syverson, P. (2004). Tor: The Second-Generation Onion Router. In 13th USENIX Security Symposium, pages 21-21.
  17. Gennaro, R., Gentry, C., and Parno, B. (2010). Noninteractive Verifiable Computing: Outsourcing Computation to Untrusted Workers. In CRYPTO 2010, volume 6223 of LNCS, pages 465-482. Springer.
  18. Gentry, C. (2009). Fully Homomorphic Encryption using Ideal Lattices. In STOC 2009, pages 169-178. ACM.
  19. Gentry, C. and Halevi, S. (2010). Implementing Gentry's Fully-Homomorphic Encryption Scheme. Cryptology ePrint Archive, Report 2010/520. http://eprint.iacr.org/.
  20. Jensen, M., Schwenk, J., Gruschka, N., and Iacono, L. L. (2009). On Technical Security Issues in Cloud Computing. In IEEE International Conference on Cloud Computing, pages 109-116. IEEE.
  21. Jin, H. and Lotspiech, J. (2009). Unifying broadcast encryption and traitor tracing for content protection. In Annual Computer Security Applications Conference, ACSAC, pages 139 -148.
  22. Juels, A. and Jr., B. S. K. (2007). PORs: Proofs of Retrievability for Large Files. In CCS 2007, pages 584-597. ACM.
Download


Paper Citation


in Harvard Style

Slamanig D. and Rass S. (2011). ON SECURITY AND PRIVACY IN CLOUD COMPUTING . In Proceedings of the 1st International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-8425-52-2, pages 604-609. DOI: 10.5220/0003382106040609


in Bibtex Style

@conference{closer11,
author={Daniel Slamanig and Stefan Rass},
title={ON SECURITY AND PRIVACY IN CLOUD COMPUTING},
booktitle={Proceedings of the 1st International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2011},
pages={604-609},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003382106040609},
isbn={978-989-8425-52-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 1st International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - ON SECURITY AND PRIVACY IN CLOUD COMPUTING
SN - 978-989-8425-52-2
AU - Slamanig D.
AU - Rass S.
PY - 2011
SP - 604
EP - 609
DO - 10.5220/0003382106040609