Security and privacy-enhancing multicloud architectures

IEEE Transactions on Dependable and Secure Computing

Volumn 10, Issue 4, 2013, Pages 212-224

  Bohli, Jens Matthias ^a   Gruschka, Nils ^b   Jensen, Meiko ^c   Lo Iacono, Luigi ^d   Marnau, Ninja ^c  

^a NEC LABORATORIES EUROPE   (Germany)

^b UNIVERSITY OF APPLIED SCIENCES   (Germany)

^c UNIVERSITY HOSPITAL SCHLESWIG HOLSTEIN   (Germany)

^d TH Köln University of Applied Sciences   (Germany)

Author keywords

Application partitioning; Cloud; Data partitioning; Multicloud; Multiparty computation; Privacy; Security; Tier partitioning

Indexed keywords

ARCHITECTURE; CLOUDS; DATA PRIVACY;

APPLICATION PARTITIONING; DATA PARTITIONING; MULTICLOUD; MULTIPARTY COMPUTATION; SECURITY; TIER PARTITIONING;

DATA HANDLING;

EID: 84897586246     PISSN: 15455971     EISSN: None     Source Type: Journal    
DOI: 10.1109/TDSC.2013.6     Document Type: Article

References (57)

1. P. Mell and T. Grance, "The NIST Definition of Cloud Computing, Version 15," Nat'l Inst. of Standards and Technology, Information Technology Laboratory, vol. 53, p. 50, http://csrc.nist.gov/groups/ SNS/cloud-computing/, 2010.
2. F. Gens, "IT Cloud Services User Survey, pt.2: Top Benefits & Challenges," blog, http://blogs.idc.com/ie/?p=210, 2008.
3. Gartner, "Gartner Says Cloud Adoption in Europe Will Trail U.S. by at Least Two Years," http://www.gartner.com/it/page. jsp?id=2032215, May 2012.
4. J.-M. Bohli, M. Jensen, N. Gruschka, J. Schwenk, and L.L.L. Iacono, "Security Prospects through Cloud Computing by Adopting Multiple Clouds," Proc. IEEE Fourth Int'l Conf. Cloud Computing (CLOUD), 2011.
5. D. Hubbard and M. Sutton, "Top Threats to Cloud Computing V1.0," Cloud Security Alliance, http://www. cloudsecurityalliance.org/ topthreats, 2010.
6. M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, "On Technical Security Issues in Cloud Computing," Proc. IEEE Int'l Conf. Cloud Computing (CLOUD-II), 2009.
7. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds," Proc. 16th ACM Conf. Computer and Comm. Security (CCS '09), pp. 199-212, 2009.
8. Y. Zhang, A. Juels, M.K.M. Reiter, and T. Ristenpart, "Cross-VM Side Channels and Their Use to Extract Private Keys," Proc. ACM Conf. Computer and Comm. Security (CCS '12), pp. 305-316, 2012.
9. N. Gruschka and L. Lo Iacono, "Vulnerable Cloud: SOAP Message Security Validation Revisited," Proc. IEEE Int'l Conf. Web Services (ICWS '09), 2009.
10. M. McIntosh and P. Austel, "XML Signature Element Wrapping Attacks and Countermeasures," Proc. Workshop Secure Web Services, pp. 20-27, 2005.
11. J. Kincaid, "Google Privacy Blunder Shares Your Docs without Permission," TechCrunch, http://techcrunch.com/2009/03/07/ huge-google-privacy-blunder-shares-your-docs-withoutpermission/, 2009.
12. J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, "All Your Clouds Are Belong to Us: Security Analysis of Cloud Management Interfaces," Proc. Third ACM Workshop Cloud Computing Security Workshop (CCSW '11), pp. 3-14, 2011.
13. S. Bugiel, S. Nürnberger, T. Pöppelmann, A.-R. Sadeghi, and T. Schneider, "AmazonIA: When Elasticity Snaps Back," Proc. 18th ACM Conf. Computer and Comm. Security (CCS '11), pp. 389-400, 2011.
14. D. Bernstein, E. Ludvigson, K. Sankar, S. Diamond, and M. Morrow, "Blueprint for the Intercloud-Protocols and Formats for Cloud Computing Interoperability," Proc. Int'l Conf. Internet and Web Applications and Services, pp. 328-336, 2009.
15. A. Celesti, F. Tusa, M. Villari, and A. Puliafito, "How to Enhance Cloud Architectures to Enable Cross-Federation," Proc. IEEE Third Int'l Conf. Cloud Computing (CLOUD), pp. 337-345, 2010.
16. R. Turpin and B.A. Coan, "Extending Binary Byzantine Agreement to Multivalued Byzantine Agreement," Information Processing Letters, vol. 18, no. 2, pp. 73-76, 1984. (Pubitemid 14570886)
17. I. Koren and C.M.C. Krishna, Fault-Tolerant Systems. Morgan Kaufmann, 2007.
18. J.D.J. Wisner, G.K.G. Leong, and K.-C. Tan, Principles of Supply Chain Management: A Balanced Approach. South-Western, 2011.
19. N.A.N. Lynch, Distributed Algorithms. Morgan Kaufmann, 1996.
20. G. Danezis and B. Livshits, "Towards Ensuring Client-Side Computational Integrity (Position Paper)," Proc. ACM Cloud Computing Security Workshop (CCSW '11), pp. 125-130, 2011.
21. S. Groß and A. Schill, "Towards User Centric Data Governance and Control in the Cloud," Proc. IFIP WG 11.4 Int'l Conf. Open Problems in Network Security (iNetSeC), pp. 132-144, 2011.
22. R. Rivest, L. Adleman, and M. Dertouzos, "On Data Banks and Privacy Homomorphisms," Foundations of Secure Computation, vol. 4, no. 11, pp. 169-180, 1978.
23. R. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Comm. ACM, vol. 21, no. 2, pp. 120-126, 1978. (Pubitemid 8591219)
24. P. Paillier, "Public-Key Cryptosystems Based on Composite Degree Residuosity Classes," Proc. 17th Int'l Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT '99), pp. 223-238, 1999.
25. C. Gentry, "A Fully Homomorphic Encryption Scheme," PhD dissertation, Stanford Univ., 2009.
26. G. Asharov, A. Jain, A. López-Alt, E. Tromer, V. Vaikuntanathan, and D. Wichs, "Multiparty Computation with Low Communication, Computation and Interaction via Threshold Fhe," Proc. 31st Ann. Int'l Conf. Theory and Applications of Cryptographic Techniques (EUROCRYPT '12), pp. 483-501, 2012.
27. Y. Desmedt, "Some Recent Research Aspects of Threshold Cryptography," Proc. First Int'l Information Security Workshop, pp. 158-173, 1998. (Pubitemid 128064894)
28. A.C.A. Yao, "Protocols for Secure Computations," Proc. IEEE 23rd Ann. Symp. Foundations of Computer Science (FOCS '82), pp. 160-164, 1982.
29. M. Ben-Or, S. Goldwasser, and A. Wigderson, "Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation," Proc. 20th Ann. ACM Symp. Theory of Computing (STOC '88), pp. 1-10, 1988.
30. O. Goldreich, S.M.S. Micali, and A. Wigderson, "How to Play Any Mental Game," Proc. 19th Ann. ACM Symp. Theory of Computation (STOC '87), pp. 218-229, 1987.
31. I. Damgård, M. Geisler, M. Krøigaard, and J.B.J. Nielsen, "Asynchronous Multiparty Computation: Theory and Implementation," Proc. 12th Int'l Conf. Practice and Theory Public Key Cryptography (PKC '09), pp. 160-179, 2009.
32. M. Burkhart, M. Strasser, D. Many, and X. Dimitropoulos, "SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics," Proc. USENIX Security Symp., pp. 223-240, 2010.
33. S. Bugiel, S. Nürnberger, A.-R. Sadeghi, and T. Schneider, "Twin Clouds: Secure Cloud Computing with Low Latency," Proc. 12th IFIP TC 6/TC 11 Int'l Conf. Comm. and Multimedia Security (CMS '11), pp. 32-44, 2011.
34. P. Bogetoft, D.L.D. Christensen, I. Damgard, M. Geisler, T.P.T. Jakobsen, M. Kroigaard, J.D.J. Nielsen, J.B.J. Nielsen, K. Nielsen, J. Pagter, M.I.M. Schwartzbach, and T. Toft, "Secure Multiparty Computation Goes Live," Financial Cryptography and Data Security, R. Dingledine and P. Golle, eds., pp. 325-343, Springer-Verlag, 2009.
35. "DEMONS Deliverable D2.4: Preliminary Implementation of the Privacy Preservation Techniques," Giuseppe Bianchi, eds., et al., DEMONS Deliverable D2.4, 2011.
36. J.-M. Bohli, W. Li, and J. Seedorf, "Assisting Server for Secure Multi-Party Computation," Proc. Sixth IFIP WG 11.2 Int'l Conf. Information Security Theory and Practice: Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems (WISTP '12), pp. 144-159, 2012.
37. O. Catrina and F. Kerschbaum, "Fostering the Uptake of Secure Multiparty Computation in E-Commerce," Proc. IEEE Third Int'l Conf. Availability, Reliability and Security (ARES '08), pp. 693-700, 2008.
38. F. Pagano and D. Pagano, "Using In-Memory Encrypted Databases on the Cloud," Proc. First Int'l Workshop Securing Services on the Cloud (IWSSC), pp. 30-37, 2011.
39. J. Somorovsky, C. Meyer, T. Tran, M. Sbeiti, J. Schwenk, and C. Wietfeld, "SeC2: Secure Mobile Solution for Distributed Public Cloud Storages," Proc. Second Int'l Conf. Cloud Computing and Services Science (CLOSER), pp. 555-561, 2012.
40. S. Kamara and K. Lauter, "Cryptographic Cloud Storage," Proc. 14th Int'l Conf. Financial Cryptography and Data Security, pp. 136-149, 2010.
41. R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, "Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions," Proc. 13th ACM Conf. Computer and Comm. Security, pp. 79-88, 2006. (Pubitemid 47131358)
42. M. Abdalla, M. Bellare, D. Catalano, E. Kiltz, T. Kohno, T. Lange, J. Malone-Lee, G. Neven, P. Paillier, and H. Shi, "Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions," Proc. 25th Ann. Int'l Conf. Advances in Cryptology (CRYPTO '05), pp. 205-222, 2005. (Pubitemid 43902115)
43. R. Popa, C. Redfield, N. Zeldovich, and H. Balakrishnan, "CryptDB: Protecting Confidentiality with Encrypted Query Processing," Proc. 23rd ACM Symp. Operating Systems Principles, pp. 85-100, 2011.
44. A. Boldyreva, N. Chenette, Y. Lee, and A. Oneill, "Order-Preserving Symmetric Encryption," Proc. 28th Ann. Int'l Conf. Advances in Cryptology: The Theory and Applications of Cryptology (EUROCRYPT '09), pp. 224-241, 2009.
45. J. Vijayan, "Vendors Tap into Cloud Security Concerns with New Encryption Tools," http://www.cio.com.au/article/ 376252/vendors-tap-into- cloud-security-concerns-new- encryption-tools/, 2013.
46. L. Wiese, "Horizontal Fragmentation for Data Outsourcing with Formula-Based Confidentiality Constraints," Proc. Fifth Int'l Workshop Security (IWSEC '10), pp. 101-116, 2010.
47. H. Rajasekaran, L. Lo Iacono, P. Hasselmeyer, J. Fingberg, P. Summers, S. Benkner, G. Engelbrecht, A. Arbona, A. Chiarini, C.M.C. Friedrich, M. Hofmann-Apitius, K. Kumpf, B. Moore, P. Bijlenga, J. Iavindrasana, H. Mueller, R.D.R. Hose, R. Dunlop, and A. Frangi, "@neurist-Towards a System Architecture for Advanced Disease Management through Integration of Heterogeneous Data, Computing, and Complex Processing Services," Proc. IEEE 21st Int'l Symp. Computer-Based Medical Systems (CBMS '08, ) pp. 361-366, 2008.
48. European Commission, "Proposal for a Regulation of the European Parliament and of the Council on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation), "http://ec.europa.eu/justice/data-protection/ document/review2012/com-2012-11-en.pdf, 2012.
49. US Congress, "U.S. Health Insurance Portability and Accountability Act," 1996.
50. PCI Security Standards Council, "Payment Card Industry (PCI) Data Security Standard - Requirements and Security Assessment Procedures," https://www.pcisecuritystandards.org/ documents/pci-dss-v2.pdf, 2010.
51. US Congress, "Federal Information Security Management Act," http://csrc.nist.gov/drivers/documents/FISMA-final.pdf, 2002.
52. US General Services Administration, "Federal Risk and Authorization Management Program," http://www.gsa.gov/portal/ category/102371, 2012.
53. European Union, "Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data," http://eur-lex.europa.eu/ LexUriServ/LexUriServ.do?uri=CELEX: 31995L0046:EN:HTML, 1995.
54. European Commission, "Commission Decision of 5 February 2010 on Standard Contractual Clauses for the Transfer of Personal Data to Processors Established in Third Countries under Directive 95/ 46/EC of the European Parliament and of the Council," Official J. European Union, vol. L39, pp. 5-18, 2010.
55. EU Article 29 Working Party, "Standard Application for Approval of Binding Corporate Rules for the Transfer of Personal Data," Recommendation 1/2007, WP 133, http:// ec.europa.eu/justice/data-protection/article-29/ documentation/ opinion-recommendation/index-en.htm, 2007.
56. Fed. Republic of Germany, "German Federal Data Protection Act (BDSG)," Fed. Law Gazette I, p. 66, 2009.
57. EU Article 29 Working Party, "Cloud Computing," Opinion 05/ 2012, WP 196, http://ec.europa.eu/justice/data-protection/ article-29/ documentation/opinion-recommendation/files/2012/ wp196-en.pdf, 2012.