State of The Art and Hot Aspects in Cloud Data Storage Security SICS technical report T 2013 : 01

Along with the evolution of cloud computing and cloud storage towards maturity, researchers have analyzed an increasing range of cloud computing security aspects, data security being an important topic in this area. In this paper, we examine the state of the art in cloud storage security through an overview of selected peer reviewed publications. We address the question of defining cloud storage security and its different aspects, as well as enumerate the main vectors of attack on cloud storage. The reviewed papers present techniques for key management and controlled disclosure of encrypted data in cloud storage, while novel ideas regarding secure operations on encrypted data and methods for protection of data in fully virtualized environments provide a glimpse of the toolbox available for securing cloud storage. Finally, new challenges such as emergent government regulation call for solutions to problems that did not receive enough attention in earlier stages of cloud computing, such as for example geographical location of data. The methods presented in the papers selected for this review represent only a small fraction of the wide research effort within cloud storage security. Nevertheless, they serve as an indication of the diversity of problems that are being addressed.

[1]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[2]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[3]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[4]  Dirk Fox,et al.  Advanced Encryption Standard (AES) , 1999, Datenschutz und Datensicherheit.

[5]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[6]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[7]  Men Long,et al.  A hypervisor-based system for protecting software runtime memory and persistent storage , 2008, SpringSim '08.

[8]  Shigeru Chiba,et al.  BitVisor: a thin hypervisor for enforcing i/o device security , 2009, VEE '09.

[9]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[10]  Bharat K. Bhargava,et al.  Secure and efficient access to outsourced data , 2009, CCSW '09.

[11]  Shoichi Hasegawa,et al.  A Two-Step Execution Mechanism for Thin Secure Hypervisors , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[12]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[13]  Cong Wang,et al.  Secure Ranked Keyword Search over Encrypted Cloud Data , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[14]  Cong Wang,et al.  Toward publicly auditable secure cloud data storage services , 2010, IEEE Network.

[15]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[16]  Yang Tang,et al.  FADE: Secure Overlay Cloud Storage with File Assured Deletion , 2010, SecureComm.

[17]  Craig Gentry,et al.  Computing arbitrary functions of encrypted data , 2010, CACM.

[18]  Yanpei Chen,et al.  What's New About Cloud Computing Security? , 2010 .

[19]  Reza Azmi,et al.  TCvisor: A hypervisor level secure storage , 2010, 2010 International Conference for Internet Technology and Secured Transactions.

[20]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[21]  Andreas Dewald,et al.  TRESOR Runs Encryption Securely Outside RAM , 2011, USENIX Security Symposium.

[22]  Edgar R. Weippl,et al.  Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space , 2011, USENIX Security Symposium.

[23]  Hovav Shacham,et al.  Do you know where your cloud files are? , 2011, CCSW '11.

[24]  Srinivas Devadas,et al.  Security challenges and opportunities in adaptive and reconfigurable hardware , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[25]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[26]  Vinod Ganapathy,et al.  K2C: Cryptographic Cloud Storage with Lazy Revocation and Anonymous Access , 2011, SecureComm.

[27]  Tobias Pulls (More) Side Channels in Cloud Storage - Linking Data to Users , 2011, PrimeLife.

[28]  Haibo Chen,et al.  CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization , 2011, SOSP.

[29]  Ronald L. Rivest,et al.  How to tell if your cloud files are vulnerable to drive crashes , 2011, CCS '11.

[30]  Helen J. Wang,et al.  Enabling Security in Cloud Storage SLAs with CloudProof , 2011, USENIX ATC.

[31]  Charalampos Papamanthou,et al.  CS2: A Searchable Cryptographic Cloud Storage System , 2011 .

[32]  Bruno Crispo,et al.  Privacy and Identity Management for Life , 2011, IFIP Advances in Information and Communication Technology.

[33]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[34]  Indranil Sengupta,et al.  Secured Cloud Storage Scheme Using ECC Based Key Management in User Hierarchy , 2011, ICISS.

[35]  Krishna P. Gummadi,et al.  Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services , 2012, USENIX Security Symposium.

[36]  Yushi Omote,et al.  Hypervisor-based background encryption , 2012, SAC '12.

[37]  Saeed Sedghi,et al.  Towards Provably Secure Efficiently Searchable Encryption , 2012 .

[38]  Simone Brunozzi Big Data and NoSQL with Amazon DynamoDB , 2012 .

[39]  Hsin-Jung Yang Efficient trusted cloud storage using parallel, pipelined hardware , 2012 .

[40]  Patrick Lang,et al.  Versatile Key Management for Secure Cloud Storage , 2012, 2012 IEEE 31st Symposium on Reliable Distributed Systems.

[41]  Zachary N. J. Peterson,et al.  Geolocation of data in the cloud , 2013, CODASPY.

[42]  Karen A. Scarfone,et al.  Trusted Geolocation in the Cloud: Proof of Concept Implementation , 2015 .