Privacy and Integrity in the Untrusted Cloud

Abstract

Cloud computing has become increasingly popular because it offers users the illusion of having infinite computing resources, of which they can use as much as they need without having to worry about how those resources are provided. It also provides greater scalability, availability, and reliability than users could achieve with their own resources. Unfortunately, adopting cloud computing has required users to cede control of their data to cloud providers, and a malicious provider could compromise the data's confidentiality and integrity. Furthermore, the history of leaks, breaches, and misuse of customer information at providers has highlighted the failure of government regulation and market incentives to fully mitigate this threat. Thus, users have had to choose between trusting providers or forgoing cloud computing's benefits entirely. This dissertation aims to overcome this trade-off. We present two systems, SPORC and Frientegrity, that enable users to benefit from cloud deployment without having to trust the cloud provider. Their security is rooted not in the provider's good behavior but in the users' cryptographic keys. In both systems, the provider only observes encrypted data and cannot deviate from correct execution without detection. Moreover for cases when the provider does misbehave, SPORC introduces a mechanism also applicable to Frientegrity, that enables users to recover. It allows users to switch to a new provider and repair any inconsistencies that the provider's misbehavior may have caused. SPORC is a framework for building a wide variety of user-facing applications from collaborative word processing and calendaring to email and instant messaging with an untrusted provider. It allows concurrent, low-latency editing of shared state, permits disconnected operation, and supports dynamic access control even in the presence of concurrency. Frientegrity extends SPORC's model to online social networking.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2012
Accession Number
ADA571278

Entities

People

  • Ariel J. Feldman

Organizations

  • Princeton University

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Cloud Computing
  • Commerce
  • Computer Access Control
  • Computer Programming
  • Computer Programs
  • Computers
  • Cryptography
  • Detection
  • Electronic Messaging
  • Law
  • Mobile Phones
  • Reliability
  • Social Media
  • Social Networking Services
  • Social Networks
  • Web Browsers
  • Word Processors

Fields of Study

  • Computer science

Readers

  • Applied Combinatorial Optimization and Logic Circuit Design.
  • Computer Networking
  • Cybersecurity.