How to construct random functions
Journal of the ACM (JACM)
A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Cryptographic support for secure logs on untrusted machines
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Design and implementation of verifiable audit trails for a versioning file system
FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies
Antiquity: exploiting a secure log for wide-area distributed storage
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Attested append-only memory: making adversaries stick to their word
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Pors: proofs of retrievability for large files
Proceedings of the 14th ACM conference on Computer and communications security
Provable data possession at untrusted stores
Proceedings of the 14th ACM conference on Computer and communications security
Tahoe: the least-authority filesystem
Proceedings of the 4th ACM international workshop on Storage security and survivability
Compact Proofs of Retrievability
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proofs of Retrievability via Hardness Amplification
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
HAIL: a high-availability and integrity layer for cloud storage
Proceedings of the 16th ACM conference on Computer and communications security
Enabling public verifiability and data dynamics for storage security in cloud computing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
CryptDB: protecting confidentiality with encrypted query processing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Verifiable resource accounting for cloud computing services
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Depot: Cloud Storage with Minimal Trust
ACM Transactions on Computer Systems (TOCS)
City on the Sky: Extending XACML for Flexible, Secure Data Sharing on the Cloud
Journal of Grid Computing
Privacy-Friendly cloud storage for the data track: an educational transparency tool
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Iris: a scalable cloud file system with efficient integrity checks
Proceedings of the 28th Annual Computer Security Applications Conference
Proceedings of the third ACM conference on Data and application security and privacy
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
Towards verifiable resource accounting for outsourced computation
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Efficient dynamic provable possession of remote data via balanced update trees
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Bolt: data management for connected homes
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
Several cloud storage systems exist today, but none of them provide security guarantees in their Service Level Agreements (SLAs). This lack of security support has been a major hurdle for the adoption of cloud services, especially for enterprises and cautious consumers. To fix this issue, we present CloudProof, a secure storage system specifically designed for the cloud. In CloudProof, customers can not only detect violations of integrity, write-serializability, and freshness, they can also prove the occurrence of these violations to a third party. This proof-based system is critical to enabling security guarantees in SLAs, wherein clients pay for a desired level of security and are assured they will receive a certain compensation in the event of cloud misbehavior. Furthermore, since CloudProof aims to scale to the size of large enterprises, we delegate as much work as possible to the cloud and use cryptographic tools to allow customers to detect and prove cloud misbehavior. Our evaluation of CloudProof indicates that its security mechanisms have a reasonable cost: they incur a latency overhead of only ∼15% on reads and writes, and reduce throughput by around 10%. We also achieve highly scalable access control, with membership management (addition and removal of members' permissions) for a large proprietary software with more than 5000 developers taking only a few seconds per month.