A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A large-scale study of file-system contents
SIGMETRICS '99 Proceedings of the 1999 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
The Design and Implementation of a Transparent Cryptographic File System for UNIX
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Authentic Third-party Data Publication
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Authenticating Query Results in Edge Computing
ICDE '04 Proceedings of the 20th International Conference on Data Engineering
A General Model for Authenticated Data Structures
Algorithmica
FS: An In-Kernel Integrity Checker and Intrusion Detection File System
LISA '04 Proceedings of the 18th USENIX conference on System administration
Verifying completeness of relational query results in data publishing
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Searchable symmetric encryption: improved definitions and efficient constructions
Proceedings of the 13th ACM conference on Computer and communications security
A five-year study of file-system metadata
FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies
Answering aggregation queries in a secure system model
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Efficient Data Authentication in an Environment of Untrusted Third-Party Distributors
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Provably-secure schemes for basic query support in outsourced databases
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Deterministic and efficiently searchable encryption
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Authentication of outsourced databases using signature aggregation and chaining
DASFAA'06 Proceedings of the 11th international conference on Database Systems for Advanced Applications
TrustedDB: a trusted hardware based database with privacy and data confidentiality
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Towards ensuring client-side computational integrity
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Review: A survey of intrusion detection techniques in Cloud
Journal of Network and Computer Applications
Privacy-preserving logistic regression outsourcing in cloud computing
International Journal of Grid and Utility Computing
CorrectDB: SQL engine with practical query authentication
Proceedings of the VLDB Endowment
| Hi-index | 0.00 |
In a recent interview, Whitfield Diffie argued that "the whole point of cloud computing is economy" and while it is possible in principle for "computation to be done on encrypted data, [...] current techniques would more than undo the economy gained by the outsourcing and show little sign of becoming practical". Here we explore whether this is truly the case and quantify just how expensive it is to secure computing in untrusted, potentially curious clouds. We start by looking at the economics of computing in general and clouds in particular. Specifically, we derive the end-to-end cost of a CPU cycle in various environments and show that its cost lies between 0.5 picocents in efficient clouds and nearly 27 picocents for small enterprises (1 picocent = $1 x 10-14), values validated against current pricing. We then explore the cost of common cryptography primitives as well as the viability of their deployment for cloud security purposes. We conclude that Diffie was correct. Securing outsourced data and computation against untrusted clouds is indeed costlier than the associated savings, with outsourcing mechanisms up to several orders of magnitudes costlier than their non-outsourced locally run alternatives.