Preserving Data in Cloud Computing

Abstract Cloud computing is basically virtual pool of resources and it provides these resources to its users via internet as services who use them as when needed basis. On demands of user's data confidentiality and privacy the data is stored in cloud server as encrypted. Ideally, to maintain the security of user's data queries should be processing over encrypted data. There are different schemes recommended to support this issue. One of them is Ordered Preserving encryption (OPE) which allows comparison operations to be directly executed over encrypted data. This paper surveys various encryption functions provided to support querying over encrypted data, especially Order Preserving Encryption

Extending Order Preserving Encryption for Multi-User Systems

Several order preserving encryption (OPE) algorithms have been developed in the literature to support search on encrypted data. However, existing OPE schemes only consider a single encryption key, which is infeasible for a practical system with multiple users (implying that all users should have the single encryption key in order to encrypt or decrypt confidential data). In this paper, we develop the first protocols, DOPE and OE-DOPE, to support the use of OPE in multi-user systems. First, we introduce a group of key agents into the system and invent the DOPE protocol to enable “distributed encryption” to assure that the OPE encryption key is not known by any entity in the system. However, in DOPE, if a key agent is compromised, the share of the secret data that is sent to this key agent is compromised. To solve the problem, we developed a novel oblivious encryption (OE) protocol based on the oblivious transfer concept to deliver and encrypt the shares obliviously. Then, we integrate it with DOPE to obtain the OE-DOPE protocol. Security of OE-DOPE is further enhanced with additional techniques. Both DOPE and OE-DOPE can be used with any existing OPE algorithms while retaining all the advantages of OPE without requiring the users to share the single encryption key, making the OPE approach feasible in practical systems

On the security of NoSQL cloud database services

Processing a vast volume of data generated by web, mobile and Internet-enabled devices, necessitates a scalable and flexible data management system. Database-as-a-Service (DBaaS) is a new cloud computing paradigm, promising a cost-effective and scalable, fully-managed database functionality meeting the requirements of online data processing. Although DBaaS offers many benefits it also introduces new threats and vulnerabilities. While many traditional data processing threats remain, DBaaS introduces new challenges such as confidentiality violation and information leakage in the presence of privileged malicious insiders and adds new dimension to the data security. We address the problem of building a secure DBaaS for a public cloud infrastructure where, the Cloud Service Provider (CSP) is not completely trusted by the data owner. We present a high level description of several architectures combining modern cryptographic primitives for achieving this goal. A novel searchable security scheme is proposed to leverage secure query processing in presence of a malicious cloud insider without disclosing sensitive information. A holistic database security scheme comprised of data confidentiality and information leakage prevention is proposed in this dissertation. The main contributions of our work are: (i) A searchable security scheme for non-relational databases of the cloud DBaaS; (ii) Leakage minimization in the untrusted cloud. The analysis of experiments that employ a set of established cryptographic techniques to protect databases and minimize information leakage, proves that the performance of the proposed solution is bounded by communication cost rather than by the cryptographic computational effort

Order-Preserving Encryption Secure Beyond One-Wayness

Semantic-security of individual bits under a ciphertext are fundamental notion in modern cryptography. In this work we present the first results about this fundamental problem for Order-Preserving Encryption (OPE): ``what plaintext information can be semantically hidden by OPE encryptions?\u27\u27 While OPE has gained much attention in recent years due to its usefulness in secure databases, any partial-plaintext indistinguishability (semantic security) result for it was open. Here, we propose a new indistinguishability-based security notion for OPE, which can ensure \emph{secrecy of lower bits of a plaintext} (under essentially a random ciphertext probing setting). We then propose a new scheme satisfying this security notion (while earlier schemes do not satisfy it!). We note that the known security notions tell us nothing about the above partial- plaintext indistinguishability because they are limited to being one-way-based. In addition, we show that our security notion with specific parameters implies the known security notion called WOW, and further, our scheme achieves WOW with better parameters than earlier schemes

Privacy-preserving spatiotemporal multicast for mobile information services

Mobile devices have become essential for accessing information services anywhere at any time. While the so-called geographic multicast (geocast) has been considered in detail in existing research, it only focuses on delivering messages to all mobile devices that are currently residing within a certain geographic area. This thesis extends this notion by introducing a Spatiotemporal Multicast (STM), which can informally be described as a "geocast into the past". Instead of addressing users based on their current locations, this concept relates to the challenge of sending a message to all devices that have resided within a geographic area at a certain time in the past. While a wide variety of applications can be envisioned for this concept, it presents several challenges to be solved. In order to deliver messages to all past visitors of a certain location, an STM service would have to fully track all user movements at all times. However, collecting this kind of information is not desirable considering the underlying privacy implications, i.e., users may not wish to be identified by the sender of a message as this can disclose sensitive personal information. Consequently, this thesis aims to provide a privacy-preserving notion of STM. In order to realize such a service, this work first presents a detailed overview of possible applications. Based on those, functional, non-functional, as well as security and privacy objectives are proposed. These objectives provide the foundation for an in-depth literature review of potential mechanisms for realizing an STM service. Among the suggested options, the most promising relies on Rendezvous Points (RPs) for datagram delivery. In simple terms, RPs represent "anonymous mailboxes" that are responsible for certain spatiotemporal regions. Messages are deposited at RPs so that users can retrieve them later on. Protecting the privacy of users then translates to obfuscating the responsibilities of RPs for specific spatiotemporal regions. This work proposes two realizations: CSTM, which relies on cryptographic hashing, and OSTM, which considers the use of order-preserving encryption in a CAN overlay. Both approaches are evaluated and compared in detail with respect to the given objectives. While OSTM yields superior performance-related properties, CSTM provides an increased ability of protecting the privacy of users.Mobilgeräte bilden heute die Grundlage allgegenwärtiger Informationsdienste. Während der sogenannte geografische Multicast (Geocast) hier bereits ausführlich erforscht worden ist, so bezieht sich dieser nur auf Geräte, welche sich aktuell innerhalb einer geografischen Zielregion befinden. Diese Arbeit erweitert dieses Konzept durch einen räumlich-zeitlichen Multicast, welcher sich informell als "Geocast in die Vergangenheit" beschreiben lässt. Dabei wird die Zustellung einer Nachricht an alle Nutzer betrachtet, die sich in der Vergangenheit an einem bestimmten Ort aufgehalten haben. Während eine Vielzahl von Anwendungen für dieses Konzept denkbar ist, so ergeben sich hier mehrere Herausforderungen. Um Nachrichten an ehemalige Besucher eines Ortes senden zu können, müsste ein räumlich-zeitlicher Multicast-Dienst die Bewegungen aller Nutzer vollständig erfassen. Aus Gründen des Datenschutzes ist das zentralisierte Sammeln solch sensibler personenbezogener Daten jedoch nicht wünschenswert. Diese Arbeit befasst sich daher insbesondere mit dem Schutz der Privatsphäre von Nutzern eines solchen Dienstes. Zur Entwicklung eines räumlich-zeitlichen Multicast-Dienstes erörtert diese Arbeit zunächst mögliche Anwendungen. Darauf aufbauend werden funktionale, nicht-funktionale, sowie Sicherheits- und Privatsphäre-relevante Anforderungen definiert. Diese bilden die Grundlage einer umfangreichen Literaturrecherche relevanter Realisierungstechniken. Der vielversprechendste Ansatz basiert hierbei auf der Hinterlegung von Nachrichten in sogenannten Rendezvous Points. Vereinfacht betrachtet stellen diese "anonyme Briefkästen" für bestimmte räumlich-zeitliche Regionen dar. Nachrichten werden in diesen so hinterlegt, dass legitime Empfänger sie dort später abholen können. Der Schutz der Nutzer-Privatsphäre entspricht dann der Verschleierung der Zuständigkeiten von Rendezvous Points für verschiedene räumlich-zeitliche Regionen. Diese Arbeit schlägt zwei Ansätze vor: CSTM, welches kryptografische Hashfunktionen nutzt, sowie OSTM, welches ordnungserhaltende Verschlüsselung in einem CAN Overlay einsetzt. Beide Optionen werden detailliert analytisch sowie empirisch bezüglich ihrer Diensteigenschaften untersucht und verglichen. Dabei zeigt sich, dass OSTM vorteilhaftere Leistungseigenschaften besitzt, während CSTM einen besseren Schutz der Nutzer-Privatsphäre bietet