AI帮你理解科学

AI 生成解读视频

AI抽取解析论文重点内容自动生成视频


pub
生成解读视频

AI 溯源

AI解析本论文相关学术脉络


Master Reading Tree
生成 溯源树

AI 精读

AI抽取本论文的概要总结


微博一下
This paper presented PasS, a set of security protocols for ensuring the privacy of customer data in cloud computing infrastructures

Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures

Chengdu, pp.711-716E, (2009)

引用339|浏览45
EI WOS
下载 PDF 全文
引用
微博一下

摘要

In this paper we present PasS (Privacy as a Service); a set of security protocols for ensuring the privacy and legal compliance of customer data in cloud computing architectures. PasS allows for the secure storage and processing of users’ confidential data by leveraging the tamper-proof capabilities of cryptographic coprocessors. Using ta...更多

代码

数据

0
简介
  • Cloud computing has brought up major advancements to the IT industry. Building on its predecessors, namely, grid and utility computing, this new evolutionary model is witnessing a rapid expansion and proliferation.
  • Clients are capable of running their software applications in remote computing clouds where data storage and processing resources could be acquired and released, almost, instantaneously.
  • On top of the list is the security and privacy concerns arising from the storage and processing of sensitive data on remote machines that are not owned, or even managed by the customers themselves.
  • All the customer can see is a virtual infrastructure built on top of possibly non-trusted physical hardware or operating environments.
  • Customers should be aware through a secure privacy auditing process of all the operations carried out to secure the storage and processing of their sensitive information
重点内容
  • Cloud computing has brought up major advancements to the IT industry
  • In this paper we present PasS; a set of security protocols for ensuring the privacy and legal compliance of customer data in cloud computing architectures
  • To the best of our knowledge, PasS is the first practical cloud computing privacy solution that utilizes previous research on cryptographic coprocessors to solve the problem of securely processing sensitive data in cloud computing infrastructures
  • This paper presented PasS, a set of security protocols for ensuring the privacy of customer data in cloud computing infrastructures
  • The security solution relies on secure cryptographic coprocessors for providing a trusted and isolated execution environment in the computing cloud
  • Future extensions will: (1) consider a variety of design choices including those that do not rely on the presence of a trusted third-party, (2) investigate alternative key management and distribution mechanisms, (3) research the development of standard patterns to systematically support the software division process, and (4) provide detailed analysis and evaluation of the system implementation
结论
  • This paper presented PasS, a set of security protocols for ensuring the privacy of customer data in cloud computing infrastructures.
  • The paper discussed the PasS protocols and described the privacy enforcement mechanisms supported by them.
  • Future extensions will: (1) consider a variety of design choices including those that do not rely on the presence of a trusted third-party, (2) investigate alternative key management and distribution mechanisms, (3) research the development of standard patterns to systematically support the software division process, and (4) provide detailed analysis and evaluation of the system implementation
相关工作
  • A large amount of research work has dealt with the design and implementation of secure cryptographic coprocessors. The secure cryptographic processor concept was firstly introduced in [1]. In this paper, Best presents how crypto coprocessors can be utilized to enforce software copyright protection and prevent software piracy. Popular crypto coprocessor designs included Citadel [5], μABYSS [6], Luna-340 [7], and CCProc [8]. The considerable advancement in physical security mechanisms and packaging technology [9] and the assortment of secure applications that can be implemented on top of physically secure coprocessors was a major driving force to a prosperous commercial market. IBM was the leader on this front by providing a set of successful implementations meeting the strictest FIPS 140 security standards [10, 11]. Moreover [12] presented a general-purpose open-source cryptographic coprocessor that provides competitive performance and higher functionality compared to commercial products at one to two orders of magnitude lower cost.
基金
  • The authors would like to thank and acknowledge the support of the Lebanese National Council for Scientific Research and the AUB University Research Board
引用论文
  • RM Best, “Preventing Software Piracy with Crypto-Microprocessors”, in Proceedings of IEEE Spring COMPCON 80, pp 466-469.
    Google ScholarLocate open access versionFindings
  • L C. Guillou, M. Ugon, and JJ. Quisquater, “The smart card: A standardized security device dedicated to public cryptology”, In Gustavus J Simmons, editor, Contemporary cryptology: The science of information integrity, IEEE Press, Piscataway, NJ, 1992.
    Google ScholarLocate open access versionFindings
  • J. D. Tygar and B. Yee, “Dyad: A system for using physically secure coprocessors”, In Proc. of IP Workshop, 1994.
    Google ScholarLocate open access versionFindings
  • S.R. White and L. Comerford, “ABYSS: An Architecture for Software Protection”, IEEE Transactions on Software Engineering, vol. 16, No. 6, June 1990, pp. 619-629.
    Google ScholarLocate open access versionFindings
  • S.R. White, S.H. Weingart, W.C. Arnold, E.R. Palmer, Introduction to the Citadel architecture: security in physically exposed environments, Technical Report RC 16672, Distributed Systems Security Group, IBM T.J. Watson Research Center, March 1991.
    Google ScholarLocate open access versionFindings
  • S.H. Weingart, Physical security for the mABYSS system, IEEE Computer Society Conf. on Security and Privacy, 1987.
    Google ScholarLocate open access versionFindings
  • CHRYSALIS-ITS HOME PAGE: HTTP://WWW.CHRYSALIS-ITS.COM [8] Theodoropoulos, D., et al., “Cproc: An efficient Cryptographic Coprocessor”, in Proceedings of the 16th IFIP/IEEE International Conference on Very Large Scale Integration, 2008.
    Google ScholarFindings
  • [9] S. Weingart, “Physical security for the mABYSS system”, in Proc. of the IEEE Computer Society Conference on Security and Privacy, pp. 52-58, 1987.
    Google ScholarLocate open access versionFindings
  • [10] J. Dyer, M. Lindemann, R. Perez, R. Sailer, S. Smith, L. van Doorn, and S. Weingart, “Building the IBM 4758 secure coprocessor”, IEEE Computer, 34:57–66, October 2001.
    Google ScholarLocate open access versionFindings
  • [11] T.W. Arnold, L.P. Van Doorn,”The IBM PCIXCC: A new cryptographic coprocessor for the IBM eServer”, IBM Journal of Research and Development, Vol 48, May 2004.
    Google ScholarLocate open access versionFindings
  • [12] P. Gutmann, “An Open-source Cryptographic Coprocessor”, in Proceedings of the 9th USENIX Security Symposium, pages 97–112, 2000.
    Google ScholarLocate open access versionFindings
  • [13] B.S. Yee, J.D. Tygar, “Secure coprocessors in electronic commerce applications”, in Proceedings of the 1st USENIX Workshop on Electronic Commerce, July 1995.
    Google ScholarLocate open access versionFindings
  • [14] B. Schneier and J. Kelsey, “Remote Auditing of Software Outputs Using a Trusted Coprocessor”, Journal of Future Generation Computer Systems, v.13, n.1, 1997, pp. 9-18.
    Google ScholarLocate open access versionFindings
  • [15] B. Bhattacharjee, N. Abe, K. Goldman, B. Zadrozny, V. R. Chillakuru, M. del Carpio, and C. Apte, “Using secure coprocessors for privacy preserving collaborative data mining and analysis”, in DaMoN ’06, 2006.
    Google ScholarFindings
  • [16] Robert Gellman, “WPF REPORT: Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing”, February 23, 2009.
    Google ScholarFindings
  • [17] A. Cavoukian, “Privacy in the clouds”, in Springer Identity in the Information Society, Published online: 18 December 2008.
    Google ScholarLocate open access versionFindings
  • [18] Pearson, “Taking Account of Privacy when Designing Cloud Computing Services”, in Proceedings of ICSE-Cloud’09, Vancouver, 2009.
    Google ScholarLocate open access versionFindings
  • [19] S. Pearson and A. Charlesworth, “Accountability as a Way Forward for Privacy Protection in the Cloud”, HP Labs Technical Report, HPL-2009-178, http://www.hpl.hp.com/techreports/2009/HPL-2009-178.pdf (2009)
    Locate open access versionFindings
  • [20] C. Gentry, “Fully homomorphic encryption using ideal lattices”, in Symposium on Theory of computing, ACM, 2009, pp. 169–178. [21] http://www.schneier.com/blog/archives/2009/07/homomorphic_enc.html
    Findings
  • [22] B. Schneier and J. Kelsey, “Secure Audit Logs to Support Computer Forensics”, ACM Transactions on Information and System Security 2(2):159196, May 1999.
    Google ScholarLocate open access versionFindings
  • [23] W. Itani, A. Kayssi, and A. Chehab, “PATRIOT – a Policy-Based, Multilevel Security Protocol for Safekeeping Audit Logs on Wireless Devices,” in Proc. of IEEE SecureComm’05), September 2005, Athens, Greece.
    Google ScholarLocate open access versionFindings
  • [24] T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: a virtual machine-based platform for trusted computing. In Proc. 19th ACM Symposium on Operating Systems Principles, Bolton Landing, NY, 2003.
    Google ScholarLocate open access versionFindings
  • [25] W. Diffie, P.C. van Oorschot, and M.J. Wiener, “Authentication and authenticated key exchanges”, Designs, Codes and Cryptography 2 (1992), 107-125.
    Google ScholarLocate open access versionFindings
0
您的评分 :

暂无评分

标签
评论
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn