Security and Privacy-Enhancing Multicloud Architectures

Security challenges are still among the biggest obstacles when considering the adoption of cloud services. This triggered a lot of research activities, resulting in a quantity of proposals targeting the various cloud security threats. Alongside with these security issues, the cloud paradigm comes with a new set of unique features, which open the path toward novel security approaches, techniques, and architectures. This paper provides a survey on the achievable security merits by making use of multiple distinct clouds simultaneously. Various distinct architectures are introduced and discussed according to their security and privacy capabilities and prospects.

[1]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[2]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[3]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[4]  A. Singh,et al.  Fault-tolerant systems , 1990, Computer.

[5]  Brian Hayes,et al.  What Is Cloud Computing? , 2019, Cloud Technologies.

[6]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[7]  Alexander Schill,et al.  Towards User Centric Data Governance and Control in the Cloud , 2011, iNetSeC.

[8]  Antonio Puliafito,et al.  How to Enhance Cloud Architectures to Enable Cross-Federation , 2010, IEEE CLOUD.

[9]  Francesco Pagano,et al.  Using in-memory encrypted databases on the cloud , 2011, 2011 1st International Workshop on Securing Services on the Cloud (IWSSC).

[10]  Ahmad-Reza Sadeghi,et al.  Twin Clouds: Secure Cloud Computing with Low Latency - (Full Version) , 2011, Communications and Multimedia Security.

[11]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[12]  Xenofontas A. Dimitropoulos,et al.  SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics , 2010, USENIX Security Symposium.

[13]  A. Meyer The Health Insurance Portability and Accountability Act. , 1997, Tennessee medicine : journal of the Tennessee Medical Association.

[14]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[15]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[16]  Jörg Schwenk,et al.  All your clouds are belong to us: security analysis of cloud management interfaces , 2011, CCSW '11.

[17]  Ivan Damgård,et al.  Asynchronous Multiparty Computation: Theory and Implementation , 2008, IACR Cryptol. ePrint Arch..

[18]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[19]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[20]  Octavian Catrina,et al.  Fostering the Uptake of Secure Multiparty Computation in E-Commerce , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[21]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[22]  Ahmad-Reza Sadeghi,et al.  AmazonIA: when elasticity snaps back , 2011, CCS '11.

[23]  George Danezis,et al.  Towards ensuring client-side computational integrity , 2011, CCSW '11.

[24]  Steven Diamond,et al.  Blueprint for the Intercloud - Protocols and Formats for Cloud Computing Interoperability , 2009, 2009 Fourth International Conference on Internet and Web Applications and Services.

[25]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[26]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[27]  Jörg Schwenk,et al.  Security Prospects through Cloud Computing by Adopting Multiple Clouds , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[28]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[29]  Michael McIntosh,et al.  XML signature element wrapping attacks and countermeasures , 2005, SWS '05.

[30]  Yvo Desmedt,et al.  Some Recent Research Aspects of Threshold Cryptography , 1997, ISW.

[31]  G Danezis,et al.  Towards ensuring client-side computational integrity (A position paper) , 2011, CCS 2011.

[32]  Brian A. Coan,et al.  Extending Binary Byzantine Agreement to Multivalued Byzantine Agreement , 1984, Inf. Process. Lett..

[33]  Peter Mell,et al.  "The NIST Definition of Cloud Computing," Version 15 , 2009 .

[34]  Christian Wietfeld,et al.  SeC2: Secure Mobile Solution for Distributed Public Cloud Storages , 2012, CLOSER.

[35]  Nils Gruschka,et al.  Vulnerable Cloud: SOAP Message Security Validation Revisited , 2009, 2009 IEEE International Conference on Web Services.

[36]  Alejandro F. Frangi,et al.  @neurIST - Towards a System Architecture for Advanced Disease Management through Integration of Heterogeneous Data, Computing, and Complex Processing Services , 2008, 2008 21st IEEE International Symposium on Computer-Based Medical Systems.

[37]  Lena Wiese Horizontal Fragmentation for Data Outsourcing with Formula-Based Confidentiality Constraints , 2010, IWSEC.

[38]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[39]  Wenting Li,et al.  Assisting Server for Secure Multi-Party Computation , 2012, WISTP.

[40]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[41]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[42]  Vinod Vaikuntanathan,et al.  Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE , 2012, EUROCRYPT.

[43]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[44]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.