论文信息 - Protecting private cloud located within public cloud

Protecting private cloud located within public cloud

Many studies use cryptographic technologies to protect sensitive data in public cloud. However, these approaches may introduce large overheads. Recently, hybrid cloud started to gain a lot of attentions. A hybrid cloud consists of a private cloud and a public cloud. Hybrid cloud allows users to store sensitive data in their private cloud and hence enables efficient and secure data outsourcing. In this paper, we consider a new hybrid cloud model “Cloud-in-Cloud” (CIC). Our CIC model uses a new architecture to form a hybrid cloud: placing a small number of private computers (i.e., a small private cloud) within a public cloud. The private cloud can be used to store sensitive user data. Furthermore, it is within the public cloud, so the communications between private and public clouds have small overhead. And then we study how to protect a private cloud that locates within a semi-trusted environment. We present two methods that can detect attacks that try to obtain data and information in the private cloud. Our methods are able to efficiently detect physical attacks, such as the cold boot attack and the USB autorun attack. Experimental results show that our methods have small overhead.

Mohsen Guizani | Xiaojiang Du | Hongli Zhang | Lin Ye

[1] Cong Wang,et al. Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[2] Cong Wang,et al. Privacy-Preserving Query over Encrypted Graph-Structured Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[3] Ariel J. Feldman,et al. Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[4] Kyungho Jeon,et al. The HybrEx Model for Confidentiality and Privacy in Cloud Computing , 2011, HotCloud.

[5] XiaoFeng Wang,et al. Sedic: privacy-aware data intensive computing on hybrid clouds , 2011, CCS '11.

[6] Eugene Ciurana,et al. Google App Engine , 2009 .

[7] Prashant J. Shenoy,et al. The Case for Enterprise-Ready Virtual Private Clouds , 2009, HotCloud.

[8] Craig Gentry,et al. Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[9] Leslie Lamport,et al. Password authentication with insecure communication , 1981, CACM.

[10] P. Mell,et al. The NIST Definition of Cloud Computing , 2011 .