1 / 6

Data Confidentiality on Clouds

Data Confidentiality on Clouds. Sharad Mehrotra University of California, Irvine. Cloud Computing. Utility model. X as a service , where X is: Infrastructure, platforms, Software, Storage, Application, test environments… Characteristics : Elastic -- Use as much as your needs

chidi
Download Presentation

Data Confidentiality on Clouds

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine

  2. Cloud Computing Utility model • X as a service, where X is: • Infrastructure, platforms, Software, • Storage, Application, test environments… • Characteristics: • Elastic-- Use as much as your needs • Pay for onlywhat you use • Don’t worry about: • system management headaches • Failures • loss of data due to failures • .. • Cheaper due to economy of scale • Better controlover IT investments • Challenges • scalability, elasticity, consistency, big data management, interoperability, migration, multi-tenancy, pricing …

  3. Cloud Computing Utility model • X as a service, where X is: • Infrastructure, platforms, Software, • Storage, Application, test environments… • Characteristics: • Elastic -- Use as much as your needs • Pay foronly what you use • Don’t worryabout • No system management headaches • , loss of data due to failures • Cheaper due to economy of scale • Bettercontrol over IT investment • Infrastructure Challenges: • Scale, multi-tenancy, elasticity, consistency, big data management, interoperability, migration, pricing …

  4. Implications of Loss of Control • Integrity • Will the CSP serve my data correctly? • Can my data get corrupted? • Availability • Will I have access to my data and services at all times? • Security • Will the CSP implement its own security policies appropriately? • Privacy & confidentiality • Will sensitive data remain confidential? • Will my data be vulnerable to misuse? By other tenants? By the service provider? Cloud End Users

  5. So will Crypto Researchers Solve the Problem? • Large body of research in applied crypto over 2 decades • Generality, Efficiency, Security • Binary notion of security • Semantic security, Perfect Secrecy • Great for some user-communities (military, government, trade-secrets) • Overprotection if user-community is common users of the cloud. • How much are we willing to pay to prevent leakage of “Mom’s secret recipe”. • . Classification of Research on Encrypted Search [Hacigumus, et. al. Survey, 2007, Bagherzandi et al., Encyclopedia entry 2011]

  6. Risk Based Data Processing in Clouds User Specific constraints on disclosure, costs, etc. Each point represents a different representation of data Empower owners to strike a balance between risk, performance, and costs by steering data & computation appropriately in mixed trust environments Workload (Q) Risk Based Approach Multi Criteria Optimization Data (R) Disclosure Data, Workload Partitions (RCli, RServ, QCli, QServ) and Workload Execution Plan Sensitivity Cost Usability Performance Challenges: • Modeling risks – function of trust, security, data representation, sensitivity, exposure duration, usefulness to adversary, … • Mechanism to trace “sensitivity/risk provenance” • Mechanisms to Partition Computation & data -- Robust, adaptive, efficient, general, .. Systems we are building (RADICLE Project at UCI) • CloudProtect – (usability versus confidentiality tradeoff) • empowers end-users to control loss of data in using web applications such as Box, Google Drive, picasa, shutterfly, etc. • Hybridizer – (Cost, performance, confidentiality tradeoffs) • partitioning Hive & map reduce jobs across hybrid clouds to control information leakage

More Related