CloudSweeper: enabling data-centric document management for secure cloud archives

Cloud based storage accounts like web email are compromised on a daily basis. At the same time, billions of Internet users store private information in these accounts. As the Internet matures and these accounts accrue more information, these accounts become a single point of failure for both users' online identities and large amounts of their private information. This paper presents two contributions: the first, the heterogeneous documents abstraction, is a data-centric strategy for protecting high value information stored in globally accessible storage. Secondly, we present drano, an implementation of the heterogeneous documents strategy as a cloud-based email protection system. drano gives users the opportunity to remove or "lock up" sensitive, unexpected, and rarely used information to mitigate the risks of cloud storage accounts without sacrificing the benefits of cloud storage or computation. We show that drano can efficiently assist users in pinpointing and protecting passwords emailed to them in cleartext. We present performance measurements showing that the system can rewrite past emails stored at cloud providers quickly, along with initial results regarding user preferences for redacted cloud storage.

[1]  Mike Just,et al.  Personal choice and challenge questions: a security and usability assessment , 2009, SOUPS.

[2]  Amit A. Levy,et al.  Vanish: Increasing Data Privacy with Self-Destructing Data , 2009, USENIX Security Symposium.

[3]  Yang Tang,et al.  CleanOS: Limiting Mobile Data Exposure with Idle Eviction , 2012, OSDI.

[4]  He Liu,et al.  Click Trajectories: End-to-End Analysis of the Spam Value Chain , 2011, 2011 IEEE Symposium on Security and Privacy.

[5]  Serge Egelman,et al.  It's No Secret. Measuring the Security and Reliability of Authentication via “Secret” Questions , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[6]  Landon P. Cox,et al.  TightLip: Keeping Applications from Spilling the Beans , 2007, NSDI.

[7]  Peter W. Resnick,et al.  Internet Message Format , 2001, RFC.

[8]  Jacek Gwizdka,et al.  Email in personal information management , 2006, CACM.

[9]  Yang Wang,et al.  "I regretted the minute I pressed share": a qualitative study of regrets on Facebook , 2011, SOUPS.

[10]  Guilherme Ottoni,et al.  RIFLE: An Architectural Framework for User-Centric Information-Flow Security , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[11]  Roxana Geambasu,et al.  Keypad: an auditing file system for theft-prone devices , 2011, EuroSys '11.

[12]  Srdjan Capkun,et al.  Home is safer than the cloud!: privacy concerns for consumer cloud storage , 2011, SOUPS.

[13]  Chris Kanich,et al.  Spamalytics: an empirical analysis of spam marketing conversion , 2009, CACM.

[14]  Chris Kanich,et al.  Botnet Judo: Fighting Spam with Itself , 2010, NDSS.

[15]  Ariel Rabkin,et al.  Personal knowledge questions for fallback authentication: security questions in the era of Facebook , 2008, SOUPS '08.

[16]  Adrian Perrig,et al.  CLAMP: Practical Prevention of Large-Scale Data Leaks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[17]  Robert W. Reeder,et al.  1 + 1 = you: measuring the comprehensibility of metaphors for configuring backup authentication , 2009, SOUPS.

[18]  Joseph Bonneau,et al.  What ’ s in a Name ? Evaluating Statistical Attacks on Personal Knowledge Questions , 2010 .

[19]  Tiziana Catarci,et al.  Digital memories in an era of ubiquitous computing and abundant storage , 2006, CACM.

[20]  A. Prasad Sistla,et al.  SWIPE: eager erasure of sensitive data in large scale systems software , 2012, CODASPY '12.

[21]  William Jones,et al.  Keeping Found Things Found: The Study and Practice of Personal Information Management: The Study and Practice of Personal Information Management , 2007 .