SlideShare uma empresa Scribd logo

600.412.Lecture08

R
ragibhasan

CS 600.412 Security and Privacy in Cloud Computing

1 de 18
Security and Privacy in Cloud Computing Ragib HasanJohns Hopkins Universityen.600.412 Spring 2010 Lecture 8 04/05/2010
The Data Outsourcing Problem Clients store data on untrusted remote servers Clients need guarantees about their data integrity Clients may not have computational resources or time to verify integrity 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 2
Different approaches PDP Proof of data possession PoR Proof of data possession + retrievability 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 3
Limitations of PDF/PoR models Lack of dynamic update Using the index of blocks in tag generation 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 4
This paper Goals Public verification Dynamic modification support Blockless verification Stateless verification 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 5 Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing Wang et al., ESORICS 2009
Model Clients: Store data on cloud; don’t have resources to audit Cloud service provider: Untrusted data store Third Party auditor: Can audit data without any knowledge of data 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 6
Discussion Looking at the big picture: Is third party auditability / pubic auditability a practical idea? Should cloud data be publicly verifiable? Can we use a delegation scheme for non-public but third party verification? 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 7
Key idea Client and cloud provider use a Merkle Hash Tree for the file blocks, the root is signed by client A challenge is given to the cloud provider To compute a response, cloud provider needs to have the original blocks 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 8
Merkle hash tree Client signs only top hash To prove the server holds a data block 000, server needs to provide Hash 0-1, Hash 1, and hash of datablock 000 to client. 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 9
Client/provider interaction Setup: Client precomputes the homomorphic tags for file F KeyGen: Client prepares the keypairs SigGen: Client prepares signatures for each block, Then creates a Merkle hash tree Finally signs root hash 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 10
Auditor/ Cloud Provider interaction 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 11
Dynamic updates Modification/insertion/deletions supported by update of the Merkle tree Idea: Client sends update to server, server returns sibling hashes of the updated node, also new root hash 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 12
Update 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 13
Deletion 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 14 Modification
Experiments 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 15
Discussion Threat model Is it realistic to trust the third party auditor? Efficiency How efficient/practical is this scheme? 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 16
Discussion Experiments Were the experiments well designed / comprehensive? Should they have used multiple file sizes What is missing from the experiments? 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 17
4/05/2010 18 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan Further Reading PoR paper from RSA Labs http://www.rsa.com/rsalabs/hail/POR.pdf

Recomendados

Why-what-how of linked open government data
Why-what-how of linked open government dataWhy-what-how of linked open government data
Why-what-how of linked open government dataNikos Loutas
 
CLARIN Component Metadata Infrastructure
CLARIN Component Metadata Infrastructure CLARIN Component Metadata Infrastructure
CLARIN Component Metadata Infrastructure EOSC-hub project
 
Putting the eGov Core Vocabularies in practice
Putting the eGov Core Vocabularies in practicePutting the eGov Core Vocabularies in practice
Putting the eGov Core Vocabularies in practiceNikos Loutas
 
Data validation services
Data validation servicesData validation services
Data validation services2and7Limited
 
Research Data Shared Services
Research Data Shared ServicesResearch Data Shared Services
Research Data Shared ServicesJisc RDM
 
The ETH Zurich DOI Desk
The ETH Zurich DOI DeskThe ETH Zurich DOI Desk
The ETH Zurich DOI DeskBarbara Hirschmann
 
ENES Climate Analytics Service (ECAS)
ENES Climate Analytics Service (ECAS)ENES Climate Analytics Service (ECAS)
ENES Climate Analytics Service (ECAS)EOSC-hub project
 
Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...
Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...
Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...EUDAT
 

Recomendados

Why-what-how of linked open government data
Why-what-how of linked open government dataWhy-what-how of linked open government data
Why-what-how of linked open government dataNikos Loutas
 
CLARIN Component Metadata Infrastructure
CLARIN Component Metadata Infrastructure CLARIN Component Metadata Infrastructure
CLARIN Component Metadata Infrastructure EOSC-hub project
 
Putting the eGov Core Vocabularies in practice
Putting the eGov Core Vocabularies in practicePutting the eGov Core Vocabularies in practice
Putting the eGov Core Vocabularies in practiceNikos Loutas
 
Data validation services
Data validation servicesData validation services
Data validation services2and7Limited
 
Research Data Shared Services
Research Data Shared ServicesResearch Data Shared Services
Research Data Shared ServicesJisc RDM
 
The ETH Zurich DOI Desk
The ETH Zurich DOI DeskThe ETH Zurich DOI Desk
The ETH Zurich DOI DeskBarbara Hirschmann
 
ENES Climate Analytics Service (ECAS)
ENES Climate Analytics Service (ECAS)ENES Climate Analytics Service (ECAS)
ENES Climate Analytics Service (ECAS)EOSC-hub project
 
Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...
Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...
Persistent Identifiers in EUDAT Services. B2HANDLE Python library | www.eudat...EUDAT
 
Privacy preserving repositoy
Privacy preserving repositoyPrivacy preserving repositoy
Privacy preserving repositoymanishajadhav13j
 
Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...
Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...
Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...FAST-Lab. Factory Automation Systems and Technologies Laboratory, Tampere University of Technology
 
Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...
Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...
Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...FAST-Lab. Factory Automation Systems and Technologies Laboratory, Tampere University of Technology
 
Managing Biomedical Data and Metadata in Large Scale Collaborations
Managing Biomedical Data and Metadata in Large Scale CollaborationsManaging Biomedical Data and Metadata in Large Scale Collaborations
Managing Biomedical Data and Metadata in Large Scale CollaborationsGeorges Heiter
 
EOSC-hub & EUDAT B2FIND service
EOSC-hub & EUDAT B2FIND serviceEOSC-hub & EUDAT B2FIND service
EOSC-hub & EUDAT B2FIND serviceEOSC-hub project
 
Eight styles of data integration
Eight styles of data integrationEight styles of data integration
Eight styles of data integrationSteve Sobotincic
 
ICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheDr. Haxel Consult
 
Open Data Analysis with EOSC-hub services
Open Data Analysis with EOSC-hub servicesOpen Data Analysis with EOSC-hub services
Open Data Analysis with EOSC-hub servicesEOSC-hub project
 
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...EUDAT
 
Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...eSAT Journals
 
Do d cloud computing security requirements guide (srg) version 1
Do d cloud computing security requirements guide (srg) version 1Do d cloud computing security requirements guide (srg) version 1
Do d cloud computing security requirements guide (srg) version 1BaddddBoyyyy
 
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsSimultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsTyrone Grandison
 
Java Crypto
Java CryptoJava Crypto
Java Cryptophanleson
 
Modified MD5 Algorithm for Password Encryption
Modified MD5 Algorithm for Password EncryptionModified MD5 Algorithm for Password Encryption
Modified MD5 Algorithm for Password EncryptionInternational Journal of Computer and Communication System Engineering
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaWise Pacific Venture
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptGirish Chandra
 
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTINGPRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTINGKayalvizhi Selvaraj
 
The Science Cloud Users: Challenges and Needs
The Science Cloud Users: Challenges and NeedsThe Science Cloud Users: Challenges and Needs
The Science Cloud Users: Challenges and NeedsHelix Nebula The Science Cloud
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05ragibhasan
 
The ETH Zurich Doi Desk
The ETH Zurich Doi DeskThe ETH Zurich Doi Desk
The ETH Zurich Doi DeskETH-Bibliothek
 
Summary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsSummary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsArchiver
 
Project Scope Statement
Project Scope StatementProject Scope Statement
Project Scope Statementbrittanyjespersen
 

Mais conteúdo relacionado

Mais procurados

Privacy preserving repositoy
Privacy preserving repositoyPrivacy preserving repositoy
Privacy preserving repositoymanishajadhav13j
 
Managing Biomedical Data and Metadata in Large Scale Collaborations
Managing Biomedical Data and Metadata in Large Scale CollaborationsManaging Biomedical Data and Metadata in Large Scale Collaborations
Managing Biomedical Data and Metadata in Large Scale CollaborationsGeorges Heiter
 
EOSC-hub & EUDAT B2FIND service
EOSC-hub & EUDAT B2FIND serviceEOSC-hub & EUDAT B2FIND service
EOSC-hub & EUDAT B2FIND serviceEOSC-hub project
 
Eight styles of data integration
Eight styles of data integrationEight styles of data integration
Eight styles of data integrationSteve Sobotincic
 
ICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheDr. Haxel Consult
 
Open Data Analysis with EOSC-hub services
Open Data Analysis with EOSC-hub servicesOpen Data Analysis with EOSC-hub services
Open Data Analysis with EOSC-hub servicesEOSC-hub project
 
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...EUDAT
 

Mais procurados (9)

Privacy preserving repositoy
Privacy preserving repositoyPrivacy preserving repositoy
Privacy preserving repositoy
 
Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...
Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...
Development of a Mobile Application for the C2NET Supply Chain Cloud–based P...
 
Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...
Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...
Configuring and Visualizing The Data Resources in a Cloud-based Data Collect...
 
Managing Biomedical Data and Metadata in Large Scale Collaborations
Managing Biomedical Data and Metadata in Large Scale CollaborationsManaging Biomedical Data and Metadata in Large Scale Collaborations
Managing Biomedical Data and Metadata in Large Scale Collaborations
 
EOSC-hub & EUDAT B2FIND service
EOSC-hub & EUDAT B2FIND serviceEOSC-hub & EUDAT B2FIND service
EOSC-hub & EUDAT B2FIND service
 
Eight styles of data integration
Eight styles of data integrationEight styles of data integration
Eight styles of data integration
 
ICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ Karlsruhe
 
Open Data Analysis with EOSC-hub services
Open Data Analysis with EOSC-hub servicesOpen Data Analysis with EOSC-hub services
Open Data Analysis with EOSC-hub services
 
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...
B2 access new ppt available https://www.slideshare.net/EUDAT/eudat-b2access-p...
 

Destaque

Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...eSAT Journals
 
Do d cloud computing security requirements guide (srg) version 1
Do d cloud computing security requirements guide (srg) version 1Do d cloud computing security requirements guide (srg) version 1
Do d cloud computing security requirements guide (srg) version 1BaddddBoyyyy
 
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsSimultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsTyrone Grandison
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaWise Pacific Venture
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptGirish Chandra
 
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTINGPRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTINGKayalvizhi Selvaraj
 

Destaque (8)

Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...
 
Do d cloud computing security requirements guide (srg) version 1
Do d cloud computing security requirements guide (srg) version 1Do d cloud computing security requirements guide (srg) version 1
Do d cloud computing security requirements guide (srg) version 1
 
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsSimultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
 
Java Crypto
Java CryptoJava Crypto
Java Crypto
 
Modified MD5 Algorithm for Password Encryption
Modified MD5 Algorithm for Password EncryptionModified MD5 Algorithm for Password Encryption
Modified MD5 Algorithm for Password Encryption
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, Indonesia
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
 
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTINGPRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
 

Semelhante a 600.412.Lecture08

600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05ragibhasan
 
The ETH Zurich Doi Desk
The ETH Zurich Doi DeskThe ETH Zurich Doi Desk
The ETH Zurich Doi DeskETH-Bibliothek
 
Summary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsSummary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsArchiver
 
How do the 802.11u and HotSpot 2.0 work?
How do the 802.11u and HotSpot 2.0 work?How do the 802.11u and HotSpot 2.0 work?
How do the 802.11u and HotSpot 2.0 work?Michal Jarski
 
Nhin Participant Tasks Slides 042106 V04
Nhin Participant Tasks Slides 042106 V04Nhin Participant Tasks Slides 042106 V04
Nhin Participant Tasks Slides 042106 V04Gene Anderson
 
Microsoft Transcript Report - C. Augusto Proiete
Microsoft Transcript Report - C. Augusto ProieteMicrosoft Transcript Report - C. Augusto Proiete
Microsoft Transcript Report - C. Augusto ProieteC. Augusto Proiete
 
Simple Web service Offering Repository Deposit (SWORD)‏
Simple Web service Offering Repository Deposit (SWORD)‏Simple Web service Offering Repository Deposit (SWORD)‏
Simple Web service Offering Repository Deposit (SWORD)‏Julie Allinson
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloudsdevillers
 
Updated SAKET MRINAL Resume
Updated SAKET MRINAL ResumeUpdated SAKET MRINAL Resume
Updated SAKET MRINAL ResumeSaket Mrinal
 
OHUG 2015 Updated
OHUG 2015 UpdatedOHUG 2015 Updated
OHUG 2015 UpdatedKiran Mundy
 
CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015Misagh Moayyed
 
Project Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docxProject Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docxbriancrawford30935
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overviewArchiver
 
Real World API Design Using The Entity Framework Services
Real World API Design Using The Entity Framework ServicesReal World API Design Using The Entity Framework Services
Real World API Design Using The Entity Framework ServicesDavid McCarter
 

Semelhante a 600.412.Lecture08 (20)

The Science Cloud Users: Challenges and Needs
The Science Cloud Users: Challenges and NeedsThe Science Cloud Users: Challenges and Needs
The Science Cloud Users: Challenges and Needs
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05
 
The ETH Zurich Doi Desk
The ETH Zurich Doi DeskThe ETH Zurich Doi Desk
The ETH Zurich Doi Desk
 
Summary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsSummary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional Requirements
 
Project Scope Statement
Project Scope StatementProject Scope Statement
Project Scope Statement
 
HNSciCloud Overview
HNSciCloud Overview HNSciCloud Overview
HNSciCloud Overview
 
How do the 802.11u and HotSpot 2.0 work?
How do the 802.11u and HotSpot 2.0 work?How do the 802.11u and HotSpot 2.0 work?
How do the 802.11u and HotSpot 2.0 work?
 
Nhin Participant Tasks Slides 042106 V04
Nhin Participant Tasks Slides 042106 V04Nhin Participant Tasks Slides 042106 V04
Nhin Participant Tasks Slides 042106 V04
 
Web storage
Web storage Web storage
Web storage
 
RESTful APIs and SBCs
RESTful APIs and SBCsRESTful APIs and SBCs
RESTful APIs and SBCs
 
Microsoft Transcript Report - C. Augusto Proiete
Microsoft Transcript Report - C. Augusto ProieteMicrosoft Transcript Report - C. Augusto Proiete
Microsoft Transcript Report - C. Augusto Proiete
 
Simple Web service Offering Repository Deposit (SWORD)‏
Simple Web service Offering Repository Deposit (SWORD)‏Simple Web service Offering Repository Deposit (SWORD)‏
Simple Web service Offering Repository Deposit (SWORD)‏
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
 
Updated SAKET MRINAL Resume
Updated SAKET MRINAL ResumeUpdated SAKET MRINAL Resume
Updated SAKET MRINAL Resume
 
Week9 ppt
Week9 pptWeek9 ppt
Week9 ppt
 
OHUG 2015 Updated
OHUG 2015 UpdatedOHUG 2015 Updated
OHUG 2015 Updated
 
CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015
 
Project Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docxProject Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docx
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overview
 
Real World API Design Using The Entity Framework Services
Real World API Design Using The Entity Framework ServicesReal World API Design Using The Entity Framework Services
Real World API Design Using The Entity Framework Services
 

Mais de ragibhasan

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhokragibhasan
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02ragibhasan
 
600.412.Lecture03
600.412.Lecture03600.412.Lecture03
600.412.Lecture03ragibhasan
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07ragibhasan
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06ragibhasan
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...ragibhasan
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computingragibhasan
 

Mais de ragibhasan (8)

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhok
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
 
600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02
 
600.412.Lecture03
600.412.Lecture03600.412.Lecture03
600.412.Lecture03
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computing
 

600.412.Lecture08

  • 1. Security and Privacy in Cloud Computing Ragib HasanJohns Hopkins Universityen.600.412 Spring 2010 Lecture 8 04/05/2010
  • 2. The Data Outsourcing Problem Clients store data on untrusted remote servers Clients need guarantees about their data integrity Clients may not have computational resources or time to verify integrity 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 2
  • 3. Different approaches PDP Proof of data possession PoR Proof of data possession + retrievability 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 3
  • 4. Limitations of PDF/PoR models Lack of dynamic update Using the index of blocks in tag generation 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 4
  • 5. This paper Goals Public verification Dynamic modification support Blockless verification Stateless verification 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 5 Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing Wang et al., ESORICS 2009
  • 6. Model Clients: Store data on cloud; don’t have resources to audit Cloud service provider: Untrusted data store Third Party auditor: Can audit data without any knowledge of data 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 6
  • 7. Discussion Looking at the big picture: Is third party auditability / pubic auditability a practical idea? Should cloud data be publicly verifiable? Can we use a delegation scheme for non-public but third party verification? 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 7
  • 8. Key idea Client and cloud provider use a Merkle Hash Tree for the file blocks, the root is signed by client A challenge is given to the cloud provider To compute a response, cloud provider needs to have the original blocks 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 8
  • 9. Merkle hash tree Client signs only top hash To prove the server holds a data block 000, server needs to provide Hash 0-1, Hash 1, and hash of datablock 000 to client. 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 9
  • 10. Client/provider interaction Setup: Client precomputes the homomorphic tags for file F KeyGen: Client prepares the keypairs SigGen: Client prepares signatures for each block, Then creates a Merkle hash tree Finally signs root hash 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 10
  • 11. Auditor/ Cloud Provider interaction 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 11
  • 12. Dynamic updates Modification/insertion/deletions supported by update of the Merkle tree Idea: Client sends update to server, server returns sibling hashes of the updated node, also new root hash 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 12
  • 13. Update 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 13
  • 14. Deletion 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 14 Modification
  • 15. Experiments 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 15
  • 16. Discussion Threat model Is it realistic to trust the third party auditor? Efficiency How efficient/practical is this scheme? 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 16
  • 17. Discussion Experiments Were the experiments well designed / comprehensive? Should they have used multiple file sizes What is missing from the experiments? 4/05/2010 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan 17
  • 18. 4/05/2010 18 en.600.412 Spring 2010 Lecture 8 | JHU | Ragib Hasan Further Reading PoR paper from RSA Labs http://www.rsa.com/rsalabs/hail/POR.pdf