Cloud computing security: The scientific challenge, and a survey of solutions

Highlights? We survey approaches to protecting data from a cloud infrastructure provider. ? We explain some difficulties with using fully homomorphic encryption for cloud computing applications. ? We describe a method in which in-browser key translation allows a software-as-a-service application to run with confidentiality from the service provider. ? We explore how trusted hardware can be used to protect cloud-based data. We briefly survey issues in cloud computing security. The fact that data are shared with the cloud service provider is identified as the core scientific problem that separates cloud computing security from other topics in computing security. We survey three current research directions, and evaluate them in terms of a running software-as-a-service example.

[1]  Ahmad-Reza Sadeghi,et al.  A protocol for property-based attestation , 2006, STC '06.

[2]  Daniele Sgandurra,et al.  Cloud security is not (just) virtualization security: a short paper , 2009, CCSW '09.

[3]  Mark Ryan,et al.  Privacy-supporting cloud computing by in-browser key translation , 2013, J. Comput. Secur..

[4]  Scott A. Rotondo Trusted Computing Group , 2011, Encyclopedia of Cryptography and Security.

[5]  Hari Balakrishnan,et al.  CryptDB: processing queries on an encrypted database , 2012, CACM.

[6]  Mark Ryan,et al.  Privacy Supporting Cloud Computing: ConfiChair, a Case Study , 2012, POST.

[7]  Krishna P. Gummadi,et al.  Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services , 2012, USENIX Security Symposium.

[8]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.

[9]  Mark Ryan,et al.  Cloud computing privacy concerns on our doorstep , 2011, Commun. ACM.

[10]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[11]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[12]  Dmitrii Zagorodnov,et al.  Eucalyptus : A Technical Report on an Elastic Utility Computing Archietcture Linking Your Programs to Useful Systems , 2008 .

[13]  Yanpei Chen,et al.  What's New About Cloud Computing Security? , 2010 .

[14]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[15]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.