SocialClouds: Concept, Security Architecture and Some Mechanisms

Cloud computing is an emerging paradigm of computing. In the past, two types of cloud computing systems have been discussed, PublicClouds (i.e., vendors making revenue by offering cloud computing services to the public) and PrivateClouds (i.e., enterprises' datacenters serving their own needs but not to the public). In this paper, we envision a third type of cloud computing systems, called SocialClouds. In a SocialCloud, the computing platforms (including hardware, software, and applications) are induced by trust-based social relationships (e.g., the platforms are contributed by a large population of people who are nodes/vertices in a trust- or friendship-based, possibly implicit, social network). We discuss the security challenges posed by SocialClouds, and present a security architecture. We further elaborate on the access control component of the security architecture, and advocate an instantiation through a cryptographic architecture we call CryptoOverlay. To illustrate the utility of this concept, we also propose two CryptoOverlay primitives, called assembly signature and identification schemes.

[1]  Sonja Buchegger,et al.  A case for P2P infrastructure for social networks - opportunities & challenges , 2009, 2009 Sixth International Conference on Wireless On-Demand Network Systems and Services.

[2]  Ramón Cáceres,et al.  Privacy, cost, and availability tradeoffs in decentralized OSNs , 2009, WOSN '09.

[3]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[4]  Stefan Berger,et al.  Security for the cloud infrastructure: Trusted virtual data center implementation , 2009, IBM J. Res. Dev..

[5]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[6]  Daniel Stutzbach,et al.  Understanding churn in peer-to-peer networks , 2006, IMC '06.

[7]  Refik Molva,et al.  Privacy preserving social networking through decentralization , 2009, 2009 Sixth International Conference on Wireless On-Demand Network Systems and Services.

[8]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[9]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[10]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[11]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[12]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[13]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[14]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[15]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[16]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[17]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[18]  Prashant J. Shenoy,et al.  The Case for Enterprise-Ready Virtual Private Clouds , 2009, HotCloud.

[19]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[20]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[21]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[22]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[23]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[24]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[25]  Frank Stajano,et al.  Privacy-enabling social networking over untrusted networks , 2009, WOSN '09.

[26]  Giovanni Di Crescenzo,et al.  On monotone formula closure of SZK , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[27]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[28]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[29]  Abhishek Chandra,et al.  Nebulas: Using Distributed Voluntary Resources to Build Clouds , 2009, HotCloud.

[30]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[31]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[32]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[33]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[34]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[35]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[36]  Andrew Odlyzko,et al.  Advances in Cryptology — CRYPTO’ 86 , 2000, Lecture Notes in Computer Science.

[37]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[38]  Shouhuai Xu,et al.  Exploiting social networks for threshold signing: attack-resilience vs. availability , 2008, ASIACCS '08.

[39]  Oscar H. Ibarra,et al.  Fast Approximation Algorithms for the Knapsack and Sum of Subset Problems , 1975, JACM.

[40]  Ronald Cramer,et al.  Modular Design of Secure yet Practical Cryptographic Protocols , 1997 .

[41]  Sonja Buchegger,et al.  PeerSoN: P2P social networking: early experiences and insights , 2009, SNS '09.