6,475 research outputs found
State of The Art and Hot Aspects in Cloud Data Storage Security
Along with the evolution of cloud computing and cloud storage towards matu-
rity, researchers have analyzed an increasing range of cloud computing security
aspects, data security being an important topic in this area. In this paper, we
examine the state of the art in cloud storage security through an overview of
selected peer reviewed publications. We address the question of defining cloud
storage security and its different aspects, as well as enumerate the main vec-
tors of attack on cloud storage. The reviewed papers present techniques for key
management and controlled disclosure of encrypted data in cloud storage, while
novel ideas regarding secure operations on encrypted data and methods for pro-
tection of data in fully virtualized environments provide a glimpse of the toolbox
available for securing cloud storage. Finally, new challenges such as emergent
government regulation call for solutions to problems that did not receive enough
attention in earlier stages of cloud computing, such as for example geographical
location of data. The methods presented in the papers selected for this review
represent only a small fraction of the wide research effort within cloud storage
security. Nevertheless, they serve as an indication of the diversity of problems
that are being addressed
Secure data sharing and processing in heterogeneous clouds
The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors
Chameleon: A Secure Cloud-Enabled and Queryable System with Elastic Properties
There are two dominant themes that have become increasingly more important in our
technological society. First, the recurrent use of cloud-based solutions which provide
infrastructures, computation platforms and storage as services. Secondly, the use of applicational
large logs for analytics and operational monitoring in critical systems. Moreover,
auditing activities, debugging of applications and inspection of events generated by errors
or potential unexpected operations - including those generated as alerts by intrusion
detection systems - are common situations where extensive logs must be analyzed, and
easy access is required. More often than not, a part of the generated logs can be deemed
as sensitive, requiring a privacy-enhancing and queryable solution.
In this dissertation, our main goal is to propose a novel approach of storing encrypted
critical data in an elastic and scalable cloud-based storage, focusing on handling JSONbased
ciphered documents. To this end, we make use of Searchable and Homomorphic
Encryption methods to allow operations on the ciphered documents. Additionally, our
solution allows for the user to be near oblivious to our system’s internals, providing
transparency while in use. The achieved end goal is a unified middleware system capable
of providing improved system usability, privacy, and rich querying over the data. This
previously mentioned objective is addressed while maintaining server-side auditable logs,
allowing for searchable capabilities by the log owner or authorized users, with integrity
and authenticity proofs.
Our proposed solution, named Chameleon, provides rich querying facilities on ciphered
data - including conjunctive keyword, ordering correlation and boolean queries
- while supporting field searching and nested aggregations. The aforementioned operations
allow our solution to provide data analytics upon ciphered JSON documents, using
Elasticsearch as our storage and search engine.O uso recorrente de soluções baseadas em nuvem tornaram-se cada vez mais importantes
na nossa sociedade. Tais soluções fornecem infraestruturas, computação e armazenamento
como serviços, para alem do uso de logs volumosos de sistemas e aplicações para
análise e monitoramento operacional em sistemas crĂticos. Atividades de auditoria, debugging
de aplicações ou inspeção de eventos gerados por erros ou possĂveis operações
inesperadas - incluindo alertas por sistemas de detecção de intrusão - são situações comuns
onde logs extensos devem ser analisados com facilidade. Frequentemente, parte dos
logs gerados podem ser considerados confidenciais, exigindo uma solução que permite
manter a confidencialidades dos dados durante procuras.
Nesta dissertação, o principal objetivo é propor uma nova abordagem de armazenar
logs crĂticos num armazenamento elástico e escalável baseado na cloud. A solução proposta
suporta documentos JSON encriptados, fazendo uso de Searchable Encryption e
métodos de criptografia homomórfica com provas de integridade e autenticação. O objetivo
alcançado é um sistema de middleware unificado capaz de fornecer privacidade,
integridade e autenticidade, mantendo registos auditáveis do lado do servidor e permitindo
pesquisas pelo proprietário dos logs ou usuários autorizados. A solução proposta,
Chameleon, visa fornecer recursos de consulta atuando em cima de dados cifrados - incluindo
queries conjuntivas, de ordenação e booleanas - suportando pesquisas de campo
e agregações aninhadas. As operações suportadas permitem à nossa solução suportar data
analytics sobre documentos JSON cifrados, utilizando o Elasticsearch como armazenamento
e motor de busca
BitTorrent Sync: First Impressions and Digital Forensic Implications
With professional and home Internet users becoming increasingly concerned
with data protection and privacy, the privacy afforded by popular cloud file
synchronisation services, such as Dropbox, OneDrive and Google Drive, is coming
under scrutiny in the press. A number of these services have recently been
reported as sharing information with governmental security agencies without
warrants. BitTorrent Sync is seen as an alternative by many and has gathered
over two million users by December 2013 (doubling since the previous month).
The service is completely decentralised, offers much of the same
synchronisation functionality of cloud powered services and utilises encryption
for data transmission (and optionally for remote storage). The importance of
understanding BitTorrent Sync and its resulting digital investigative
implications for law enforcement and forensic investigators will be paramount
to future investigations. This paper outlines the client application, its
detected network traffic and identifies artefacts that may be of value as
evidence for future digital investigations.Comment: Proc. of Digtial Forensics Research Workshop (DFRWS EU 2014
- …