A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
An Oblivious Data Structure and its Applications to Cryptography
An Oblivious Data Structure and its Applications to Cryptography
Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
iDataGuard: middleware providing a secure network drive interface to untrusted internet data storage
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
gVault: a gmail based cryptographic network file system
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Content cloaking: preserving privacy with Google Docs and other web applications
Proceedings of the 2010 ACM Symposium on Applied Computing
| Hi-index | 0.00 |
Businesses that provide data storage facilities on the internet (IDP) have exploded recently. Such businesses provide the following benefits to end users: a) anytime, anywhere access to data; b) low cost; and c) good quality of service. Examples of data storage providers include Amazon S3 service, Windows SkyDrive, Nirvarnix, etc. Users face two challenges in utilizing the storage infrastructures of the IDPs: a) Heterogeneity: Different IDPs provide different interfaces to application developers to store and fetch data with them due to lack of accepted standards; and b) Security: Data outsourced to IDPs is vulnerable to attacks from internet thieves and from malicious employees of IDPs. In this paper, we present the design of iDataGuard, a client side interoperable security middleware that adapts to the heterogeneity of interfaces of IDPs and enforces security constraints on outsourced data. This significantly simplifies the effort for application development. To combat heterogeneity, iDataGuard incorporates an abstract service model that can be easily customized to individual IDPs. To address the security challenges, iDataGuard supports a security model that protects the confidentiality and integrity of outsourced data. We propose a novel indexing technique that allows search on the encrypted data stored at the IDPs. We illustrate the feasibility/efficacy of iDataGuard by implementing the middleware and executing it on two popular IDPs, Amazon S3 service and Gmail.com.