Advertisement

Supporting Users in Data Outsourcing and Protection in the Cloud

  • S. De Capitani di VimercatiEmail author
  • S. Foresti
  • G. Livraga
  • P. Samarati
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 740)

Abstract

Moving data and applications to the cloud allows users and companies to enjoy considerable benefits. However, these benefits are also accompanied by a number of security issues that should be addressed. Among these, the need to ensure that possible requirements on security, costs, and quality of services are satisfied by the cloud providers, and the need to adopt techniques ensuring the proper protection of their data and applications. In this paper, we present different strategies and solutions that can be applied to address these issues.

Notes

Acknowledgments

This work was supported in part by the EC within the FP7 under grant agreement 312797 (ABC4EU), and within the H2020 under grant agreement 644579 (ESCUDO-CLOUD).

References

  1. 1.
    Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: Proceedings of CIDR 2005, Asilomar, CA, USA, January 2005Google Scholar
  2. 2.
    Agrawal, R., Kierman, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of ACM SIGMOD, Paris, France, June 2004Google Scholar
  3. 3.
    Anagnostopoulos, A., Goodrich, M.T., Tamassia, R.: Persistent authenticated dictionaries and their applications. In: Proceedings of ISC 2001, Malaga, Spain, October 2001Google Scholar
  4. 4.
    Anglano, C., Canonico, M., Guazzone, M.: FC2Q: exploiting fuzzy control in server consolidation for cloud applications with SLA constraints. Concurrency Comput. Pract. Experience 22(6), 4491–4514 (2014)Google Scholar
  5. 5.
    Arasu, A., Blanas, S., Eguro, K., Kaushik, R., Kossmann, D., Ramamurthy, R., Venkatesan, R.: Orthogonal security with cipherbase. In: Proceedigs of CIDR 2013, Asilomar, CA, USA, January 2013Google Scholar
  6. 6.
    Arman, A., Foresti, S., Livraga, G., Samarati, P.: A consensus-based approach for selecting cloud plans. In: Proceedings of IEEE RTSI 2016, Bologna, Italy, September 2016Google Scholar
  7. 7.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of ACM CCS 2007, Alexandria, VA, USA, October/November 2007Google Scholar
  8. 8.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Proceedings of EUROCRYPT 2003, Warsaw, Poland, May 2003Google Scholar
  9. 9.
    Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM TISSEC 8(1), 119–152 (2005)CrossRefGoogle Scholar
  10. 10.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM TISSEC 13(3), 22:1–22:33 (2010)CrossRefGoogle Scholar
  11. 11.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data outsourcing for enforcing privacy. JCS 19(3), 531–566 (2011)CrossRefGoogle Scholar
  12. 12.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Livraga, G., Samarati, P.: An OBDD approach to enforce confidentiality and visibility constraints in data publishing. JCS 20(5), 463–508 (2012)CrossRefGoogle Scholar
  13. 13.
    Cloud Security Alliance: Cloud Control Matrix v3.0.1. https://cloudsecurityalliance.org/research/ccm/
  14. 14.
    Damiani, E., Capitani, D., di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proceedings of CCS 2003, Washington, DC, USA, October 2003Google Scholar
  15. 15.
    Dastjerdi, A.V., Buyya, R.: Compatibility-aware cloud service composition under fuzzy preferences of users. IEEE TCC 2(1), 1–13 (2014)Google Scholar
  16. 16.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Enforcing dynamic write privileges in data outsourcing. Comput. Secur. 39, 47–63 (2013)CrossRefGoogle Scholar
  17. 17.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Fragmentation in presence of data dependencies. IEEE TDSC 11(6), 510–523 (2014)zbMATHGoogle Scholar
  18. 18.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Integrity for distributed queries. In: Proceedings of IEEE CNS 2014, San Francisco, CA, USA, October 2014Google Scholar
  19. 19.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM TODS 35(2), 12:1–12:46 (2010)Google Scholar
  20. 20.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Integrity for join queries in the cloud. IEEE TCC 1(2), 187–200 (2013)Google Scholar
  21. 21.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Efficient integrity checks for join queries in the cloud. JCS 24(3), 347–378 (2016)CrossRefGoogle Scholar
  22. 22.
    De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Efficient and private access to outsourced data. In: Proceedings of ICDCS 2011, Minneapolis, Minnesota, USA, June 2011Google Scholar
  23. 23.
    De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Shuffle index: efficient and private access to outsourced data. ACM TOS 11(4), 1–55 (2015). Article 19CrossRefGoogle Scholar
  24. 24.
    De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Managing and accessing data in the cloud: Privacy risks and approaches. In: Proceedings of CRiSIS 2012, Cork, Ireland, October 2012Google Scholar
  25. 25.
    De Capitani di Vimercati, S., Livraga, G., Piuri, V.: Application requirements with preferences in cloud-based information processing. In: Proceedings of IEEE RTSI 2016, Bologna, Italy, September 2016Google Scholar
  26. 26.
    De Capitani di Vimercati, S., Livraga, G., Piuri, V., Samarati, P., Soares, G.: Supporting application requirements in cloud-based IoT information processing. In: Procedings of IoTBD 2016, Rome, Italy, April 2016Google Scholar
  27. 27.
    Di Battista, G., Palazzi, B.: Authenticated relational tables and authenticated skip lists. In: Proceedings of DBSec 2007, Redondo Beach, CA, USA, July 2007Google Scholar
  28. 28.
    Foresti, S., Piuri, V., Soares, G.: On the use of fuzzy logic in dependable cloud management. In: Proceedings of IEEE CNS 2015, Florence, Italy, September 2015Google Scholar
  29. 29.
    Frey, S., Claudia, L., Reich, C., Clarke, N.: Cloud QoS scaling by fuzzy logic. In: IEEE IC2E 2014, Boston, MA, USA, March 2014Google Scholar
  30. 30.
    Garg, S.K., Versteeg, S., Buyya, R.: SMICloud: A framework for comparing and ranking cloud services. In: Proc. of IEEE UCC 2011, Melbourne, Australia, December 2011Google Scholar
  31. 31.
    Garg, S.K., Versteeg, S., Buyya, R.: A framework for ranking of cloud computing services. Future Gener. Comput. Syst. 29(4), 1012–1023 (2013)CrossRefGoogle Scholar
  32. 32.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of STOC 2009, Bethesda, MA, USA, May 2009Google Scholar
  33. 33.
    Goscinski, A., Brock, M.: Toward dynamic and attribute based publication, discovery and selection for cloud computing. Future Gener. Comput. Syst. 26(7), 947–970 (2010)CrossRefGoogle Scholar
  34. 34.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of ACM CCS 2006, Alexandria, VA, USA, October/November 2006Google Scholar
  35. 35.
    Hacigümüs, H., Iyer, B., Mehrotra, S.: Ensuring integrity of encrypted databases in database as a service model. In: Proceedings of DBSec 2003, Estes Park, CO, USA, August 2003Google Scholar
  36. 36.
    Hacigümüs, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational database. In: Proceedings of DASFAA 2004, Jeju Island, Korea, March 2004Google Scholar
  37. 37.
    Hacigümüs, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of SIGMOD 2002, Madison, WI, USA, June 2002Google Scholar
  38. 38.
    Jhawar, R., Piuri, V.: Fault tolerance management in IaaS clouds. In: Proceedings of IEEE-AESS ESTEL 2012, Rome, Italy, October 2012Google Scholar
  39. 39.
    Jhawar, R., Piuri, V., Samarati, P.: Supporting security requirements for resource management in cloud computing. In: Proceedings of IEEE CSE 2012, Paphos, Cyprus, December 2012Google Scholar
  40. 40.
    Jhawar, R., Piuri, V., Santambrogio, M.: Fault tolerance management in cloud computing: a system-level perspective. IEEE Syst. J. 7(2), 288–297 (2013)CrossRefGoogle Scholar
  41. 41.
    Juels, A., Kaliski Jr., B.S.: PORs: Proofs of retrievability for large files. In: Proceedings of ACM CCS 2007, Alexandria, VA, USA, October/November 2007Google Scholar
  42. 42.
    Liu, R., Wang, H.: Integrity verification of outsourced XML databases. In: Proceedings of CSE 2009, Vancouver, Canada, August 2009Google Scholar
  43. 43.
    Merkle, R.: A certified digital signature. In: Proceedings of CRYPTO 1989, Santa Barbara, CA, USA, August 1989Google Scholar
  44. 44.
    Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM TOS 2(2), 107–138 (2006)CrossRefGoogle Scholar
  45. 45.
    Naveed, M., Kamara, S., Wrigh, C.: Inference attacks on property-preserving encrypted databases. In: Proceedings of CCS 2015, Denver, CO, USA, October 2015Google Scholar
  46. 46.
    Pang, H., Jain, A., Ramamritham, K., Tan, K.: Verifying completeness of relational query results in data publishing. In: Proceedings of SIGMOD 2005, Baltimore, MA, USA, June 2005Google Scholar
  47. 47.
    Pawluk, P., Simmons, B., Smit, M., Litoiu, M., Mankovski, S.: Introducing STRATOS: A cloud broker service. In: Proceedings of IEEE CLOUD 2012, Honolulu, HI, USA, June 2012Google Scholar
  48. 48.
    Popa, R., Redfield, C., Zeldovich, N., Balakrishnan, H.: Cryptdb: Protecting confidentiality with encrypted query processing. In: Proceedings of SOSP, Cascais, Portugal (2011)Google Scholar
  49. 49.
    Qu, L., Wang, Y., Orgun, M.A.: Cloud service selection based on the aggregation of user feedback and quantitative performance assessment. In: Proceedings of IEEE SCC 2013, Santa Clara, CA, USA, June/July 2013Google Scholar
  50. 50.
    Rao, J., Wei, Y., Gong, J., Xu, C.Z.: DynaQoS: Model-free self-tuning fuzzy control of virtualized resources for QoS provisioning. In: Proceedings of IEEE IWQoS 2011, San Jose, CA, USA, June 2011Google Scholar
  51. 51.
    Rehman, Z., Hussain, O., Hussain, F.: IaaS cloud selection using MCDM methods. In: Proceedings of IEEE ICEBE 2012, Hangzhou, China, September 2012Google Scholar
  52. 52.
    Ruiz-Alvarez, A., Humphrey, M.: An automated approach to cloud storage service selection. In: Proceedings of ACM ScienceCloud 2011, San Jose, CA, USA, June 2011Google Scholar
  53. 53.
    Samarati, P., De Capitani di Vimercati, S.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of ASIACCS 2010, Beijing, China, April 2010Google Scholar
  54. 54.
    Samarati, P., De Capitani di Vimercati, S.: Cloud security: issues and concerns. In: Murugesan, S., Bojanova, I. (eds.) Encyclopedia on Cloud Computing. Wiley, Chichester (2016)Google Scholar
  55. 55.
    Samreen, F., Elkhatib, Y., Rowe, M., Blair, G.S.: Daleel: Simplifying cloud instance selection using machine learning. In: Proceedings of IEEE/IFIP NOMS 2016, Istanbul, Turkey, April 2016Google Scholar
  56. 56.
    van Dijk, M., Juels, A., Oprea, A., Rivest, R., Stefanov, E., Triandopoulos, N.: Hourglass schemes: How to prove that cloud files are encrypted. In: Proceedings of ACM CCS 2012, Raleich, NC, USA, October 2012Google Scholar
  57. 57.
    Wang, H., Lakshmanan, L.: Efficient secure query evaluation over encrypted XML databases. In: Proceedings of VLDB 2006, Seoul, Korea, September 2006Google Scholar
  58. 58.
    Wang, H., Yin, J., Perng, C., Yu, P.: Dual encryption for query integrity assurance. In: Proceedings of CIKM 2008, Napa Valley, CA, USA, October 2008Google Scholar
  59. 59.
    Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of PKC 2011, Taormina, Italy, March 2011Google Scholar
  60. 60.
    Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: Proceedings of VLDB 2007, Vienna, Austria, September 2007Google Scholar
  61. 61.
    Zheng, Z., Wu, X., Zhang, Y., Lyu, M.R., Wang, J.: QoS ranking prediction for cloud services. IEEE TPDS 24(6), 1213–1222 (2013)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • S. De Capitani di Vimercati
    • 1
    Email author
  • S. Foresti
    • 1
  • G. Livraga
    • 1
  • P. Samarati
    • 1
  1. 1.Dipartimento di InformaticaUniversità degli Studi di MilanoCremaItaly

Personalised recommendations