TrustStore: Making Amazon S3 Trustworthy with Services Composition

The enormous amount of data generated in daily operations and the increasing demands for data accessibility across organizations are pushing individuals and organizations to outsource their data storage to cloud storage services. However, the security and the privacy of the outsourced data goes beyond the data owners' control. We propose a service composition approach to preserve privacy for data stored in untrusted storage service. A virtual file system, called Trust Store, is prototyped to demonstrate this concept. It allows users utilize untrusted storage service provider with confidentiality and integrity of the data preserved. We deployed the prototype with Amazon S3 and evaluate its performance.

[1]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[2]  Feiyi Wang,et al.  Analysis of techniques for building intrusion tolerant server systems , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[3]  Nalini Venkatasubramanian,et al.  gVault: A Gmail Based Cryptographic Network File System , 2007, DBSec.

[4]  Kevin Fu,et al.  Group Sharing and Random Access in Cryptographic Storage File Systems , 1999 .

[5]  David Mazières,et al.  Fast and secure distributed read-only file system , 2000, TOCS.

[6]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[7]  Matei Ripeanu,et al.  Amazon S3 for science grids: a viable solution? , 2008, DADC '08.

[8]  Yongdae Kim,et al.  Securing distributed storage: challenges, techniques, and systems , 2005, StorageSS '05.

[9]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[10]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[11]  Gurpreet Dhillon,et al.  Computer crimes: theorizing about the enemy within , 2001, Comput. Secur..

[12]  Yongdae Kim,et al.  Building Trust in Storage Outsourcing: Secure Accounting of Utility Storage , 2007, 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007).

[13]  Ling Liu,et al.  Sharoes: A Data Sharing Platform for Outsourced Enterprise Storage Environments , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[14]  Nalini Venkatasubramanian,et al.  A Middleware Approach for Building Secure Network Drives over Untrusted Internet Data Storage , 2007 .

[15]  Wenbing Zhao Towards practical intrusion tolerant systems: a blueprint , 2008, CSIIRW '08.

[16]  Radia Perlman,et al.  The ephemerizer: making data disappear , 2005 .

[17]  Roberto Tamassia,et al.  Efficient integrity checking of untrusted network storage , 2008, StorageSS '08.

[18]  Nalini Venkatasubramanian,et al.  iDataGuard: middleware providing a secure network drive interface to untrusted internet data storage , 2008, EDBT '08.