Clo ud C ov er
Enhancing Data Integrity and Privacy in the Cloud: An Agenda David S.L. Wei,
Fordham University
San Murugesan, Sy-Yen Kuo,
BRITE Professional Services, Australia
National Taiwan University
Kshirasagar Naik, Danny Krizanc,
University of Waterloo, Canada
Wesleyan University
To address users’ security concerns, cloud service providers must implement strategies that enhance data integrity and privacy. New data auditing and encryption methods open a path toward these goals.
C
loud computing offers many clear benefits for users including elasticity, scalability, reduced up-front commitment and longterm cost, and green friendliness. However, doubts about data security, whether real or imagined, still pose a primary stumbling block to user adoption (http://tinyurl.com/ ohz2pp9), particularly in terms of data integrity and data privacy. Before they fully embrace cloud services, clients must feel assured that providers are addressing these legitimate concerns. Here, we highlight some recent advances that can enhance data integrity and privacy and outline a number of critical issues researchers and practitioners should consider as they develop future solutions for data security in the cloud.
0018-9162/13/$31.00 © 2013 IEEE
SECURITY CONCERNS Although the actual chances of privacy breaches remain relatively low, conditions inevitably exist that can result in the security of data stored in public and community clouds being compromised: • Shared cloud environment. Data stored in public and community clouds share a common user infrastructure. While data owners in theory control who has access to and uses their stored data, a malicious party could find ways to view and even tamper with stored data in cases of system vulnerability or failure. • Internal service-provider problems. Even if a cloud service provider (CSP) adheres to strict policies limiting access to data
Published by the IEEE Computer Society
by internal personnel, any CSP insider with access privileges can view, compromise, and even leak sensitive client information. Data owners could be unaware of such breaches of confidentiality, and even when the CSP detects them, it might hide that fact to maintain its reputation. This can be true even if the service-level agreement (SLA) requires client notification in the event of any data privacy infringement. • Lack of immediate client control. Unless the SLA specifically dictates otherwise, cloud users might have no authority to determine where and how their data are stored. • Potential system failure. Cloud clients need assurances that stored data are protected and
NOVEMBER 2013
87
CLOUD C OVER
Column Contributions
W
e welcome short articles (1,200 to 1,500 words) for publication in the Cloud Cover column that address the questions outlined in Computer’s January 2013 issue (S. Murugesan, “Cloud Computing: The New Normal?,” pp. 77-79) or that discuss topics such as cloud insurance, cloud forensics, and cloud aggregation. Submit your ideas for advancing cloud computing or share your experiences in harnessing the cloud at
[email protected].
available even in cases of temporary system shutdowns or other unforeseen system problems. Such general security concerns lead many potential users to hesitate before migrating data and applications to a public cloud. To address these concerns and to enhance overall data integrity and privacy, CSPs increasingly are adopting new data auditing and encryption techniques.
DATA AUDITING Data auditing techniques should allow both the CSP and cloud users to verify the continued accuracy and security of remotely stored information.
Protocol requirements To insure effectiveness and efficiency, we propose the following requirements for any cloud data auditing protocol. Low overhead cost. Data auditing overhead—in terms of both communication and computation costs—should be well below the financial benefit users achieve by storing data in a public cloud. Privacy preservation. For obvious reasons, cloud data must be stored in encrypted format. Any data auditing protocol should therefore be capable of verifying the integrity of encrypted files while
88
computer
still maintaining data privacy. This might require using computation primitives offered by the appropriate encryption protocols. Timely data anomaly detection. Effective data auditing protocols should detect any corruption or destruction of user data, whether the result of system failure or tampering, as soon as possible to assure clients the CSP is working to solve the problem immediately. Third-party verification processes. To avoid any suggestion of audit bias and to resolve potential disputes between the CSP and cloud users, any data auditing protocol should allow for third-party verification of data accuracy and integrity. At the same time, systems must be in place to guarantee that the data remain confidential and won’t be leaked to the third party in a compromising manner. Limited data intrusion during the auditing process. Whether handled internally or by an outside party, data auditing shouldn’t use a copy of the entire data file, so as to avoid introducing excessive and unnecessary overhead. Whatever the file size, checking its integrity should involve as little metadata as possible. Support for data structure operations. Data auditing protocols should support client data structure operations such as insertion, deletion, and updating. Doing so might require the protocol to use logs and other statistical information along with metadata for integrity verification. Batch auditing support. Multiple client representatives occasionally might need to verify data at the same time. Therefore, the auditing protocol should support batch auditing. Adaptability. To maintain overall system consistency in terms of security, the auditing protocol should be able to adapt to virtual machines’ dynamic fluidity.
Emerging techniques While traditional auditing protocols fail to meet these requirements, new techniques are evolving to meet the needs of CSPs and their clients. These include • privacy-preserving public auditing (http://tinyurl.com/nu47c2a), • proofs of retrievability (http://tinyurl.com/kq9f6xc; http:// tinyurl.com/l8gyslp), • static provable data possession (http://tinyurl.com/n7dt5kn), • dynamic provable data possession (http://tinyurl.com/ mgukrne), and • secure dynamic auditing (http:// tinyurl.com/l4ofu3n). Table 1 summarizes the strengths and weaknesses of these techniques, all of which adopt a cryptographic or coding approach and are generally quite complex. As this overview indicates, no single proposed protocol meets all of our requirements and is capable of verifying encrypted files’ accuracy. A full auditing protocol that maintains cloud data integrity and privacy, whether metadata- or data replication-based, remains a challenge for future research.
DATA ENCRYPTION As indicated earlier, to ensure privacy and confidentiality, cloud users should store data only in encrypted rather than plain form. Data encrypted using traditional encryption algorithms, however, require decryption and thus incur greater data processing overhead. Several new cryptographic schemes allow various computing operations—keyword searching, basic arithmetic operations, and data structure operations like insertion, deletion, insertion, and sorting—to be performed directly on the encrypted data. These include • searchable encryption (http:// tinyurl.com/oa3rgx8; http://
Table 1. Emerging data auditing techniques for the cloud. Data auditing technique
Strengths
Weaknesses
Privacy-preserving public auditing
Preserves privacy Supports outside verifiability
Doesn’t support data structure operations
Proofs of retrievablity
Preserves privacy Low overhead cost
Doesn’t support data structure operations Depends on redundant copies for recovery in case of file corruption
Static provable data possession
Supports outside verifiability
Doesn’t support data structure operations Doesn’t preserve privacy Doesn’t support batch auditing
Dynamic provable data possession
Supports data structure operations
Doesn’t support outside verifiability Doesn’t preserve privacy Doesn’t support batch auditing
Secure dynamic auditing
Preserves privacy Supports data structure operations Enables batch auditing
Doesn’t allow verification of encrypted files
Table 2. Emerging data encryption techniques for the cloud. Data encryption technique
Strengths
Weaknesses
Searchable encryption
Enables searches by keyword, index, and even fuzzy word on encrypted data
Doesn’t support other data structure operations on encrypted data
Structured encryption
Enables encryption of some specific types of structured data (for example, Web graphs) for private and efficient enquiry
Doesn’t support encryption of popular treestructured data (for example, B-tree) to allow data structure operations
Homomorphic encryption
Enables some arithmetic computations over encrypted data
Requires prohibitively high overheads May not support data structure operations over encrypted data
Order-preserving encryption
Preserves plaintext sort order in corresponding ciphertext to allow some order operations (indexing, range query, sorting) Leaks only the order of plaintexts
Doesn’t support arithmetic operations and other computation primitives for integrity verification
tinyurl.com/omquuwk; http:// tinyurl.com/l67ye8v; http://tinyurl.com/lk4k8ye; http:// tinyurl.com/6dagjsj; http:// tinyurl.com/ocbrbx3), • structured encryption (http:// tinyurl.com/k29slqe), • homomorphic encryption (http://tinyurl.com/nlzer3e; http://tinyurl.com/mbac88h), and • order-preserving encryption (http://tinyurl.com/m3j2yoh). Table 2 summarizes the strengths and weaknesses of these techniques. Unfortunately, none of these on its own supports a full range of computing operations with an acceptable level of complexity.
In our view, an ideal encryption algorithm offering both security and flexibility for cloud data storage should meet the following requirements: • Low overhead cost. As with efficient data auditing protocols, the cost of data encryption should be well below any savings achieved through cloud storage adoption. • Both searchable and computable capabilities. To ably serve cloud storage purposes, an algorithm allowing secure searches should also be computable; that is, users and service providers should be able to perform arithmetic operations (addition,
multiplication) and data structure operations over the encrypted data. • Auditing protocol support. The encryption algorithm should support computation primitives such that a data auditing protocol can perform integrity verification directly on an encrypted file. We believe that some combination of standard encryption techniques along with newer schemes can ultimately help achieve these goals. For example, any future encryption protocol will likely need to be homomorphic to preserve algebraic structure-mapping between functions. It must also consider the
NOVEMBER 2013
89
CLOUD C OVER (http://tinyurl.com/l22uqw7; http:// tinyurl.com/675aruh; http://tinyurl. com/mgwyg7q), and disaster recovery (http://tinyurl.com/ppe2z9r; http://tinyurl.com/ofqcer2). These requirements set a future agenda for cloud researchers and IT professionals alike.
need for integrity verification of encrypted files by data auditing protocols and support various database queries on encrypted data. And, ideally, any new encryption protocol will enhance overall performance and require minimal changes to existing software, making adoption relatively easy.
W
e see suitable data auditing protocols and more versatile data encryption schemes as only the first two steps toward fully protecting cloud users’ outsourced data from cyberattacks while at the same time assuring a high level of data availability. Also required are advances in hypervisor protection (http://tinyurl.com/povyn3d; http:// tinyurl.com/oczzqvn; http://tinyurl. com/na86wgp), cloud forensics
David S.L. Wei is a professor in the Department of Computer and Information Science at Fordham University. Contact him at dsl.wei01@ gmail.com. San Murugesan, Cloud Cover column editor, is the director of BRITE Professional Services, Australia, and an adjunct professor at the University of Western Sydney. Contact him at
[email protected] or follow him on Twitter @santweets.
IEEE_half_horizontal_Q6:Layout 1
4/21/11
4:21 PM
Sy-Yen Kuo is a professor in the Department of Electrical Engineering and dean of the College of Electrical Engineering and Computer Science at National Taiwan University, Taipei. Contact him at
[email protected]. ntu.edu.tw. Kshirasagar Naik is a professor in the Department of Electrical and Computer Engineering at the University of Waterloo, Canada. Contact him at
[email protected]. Danny Krizanc is a professor in the Department of Mathematics at Wesleyan University. Contact him at
[email protected].
Selected CS articles and columns are available for free at http://ComputingNow.computer.org.
Page 1
Experimenting with your hiring process? Finding the best computing job or hire shouldn’t be left to chance. IEEE Computer Society Jobs is your ideal recruitment resource, targeting over 85,000 expert researchers and qualified top-level managers in software engineering, robotics, programming, artificial intelligence, networking and communications, consulting, modeling, data structures, and other computer science-related fields worldwide. Whether you’re looking to hire or be hired, IEEE Computer Society Jobs provides real results by matching hundreds of relevant jobs with this hard-to-reach audience each month, in Computer magazine and/or online-only!
http://www.computer.org/jobs The IEEE Computer Society is a partner in the AIP Career Network, a collection of online job sites for scientists, engineers, and computing professionals. Other partners include Physics Today, the American Association of Physicists in Medicine (AAPM), American Association of Physics Teachers (AAPT), American Physical Society (APS), AVS Science and Technology, and the Society of Physics Students (SPS) and Sigma Pi Sigma.
90
computer
