TerraCheck: verification of dedicated cloud storage

Authors:
Zhan Wang;Kun Sun;Sushil Jajodia;Jiwu Jing
Affiliations:
State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China,Center for Secure Information Systems, George Mason University, Fair ...;Center for Secure Information Systems, George Mason University, Fairfax, VA;Center for Secure Information Systems, George Mason University, Fairfax, VA;State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China
Venue:
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Year:
2013

Citing 14
Cited 0

Space/time trade-offs in hash coding with allowable errors

Communications of the ACM
Terra: a virtual machine-based platform for trusted computing

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Proofs of Retrievability via Hardness Amplification

TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds

Proceedings of the 16th ACM conference on Computer and communications security
HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis

SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
An exploration of L2 cache covert channels in virtualized environments

Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Do you know where your cloud files are?

Proceedings of the 3rd ACM workshop on Cloud computing security workshop
How to tell if your cloud files are vulnerable to drive crashes

Proceedings of the 18th ACM conference on Computer and communications security
The cramer-shoup encryption scheme is plaintext aware in the standard model

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
A comparison of secure multi-tenancy architectures for filesystem storage clouds

Middleware'11 Proceedings of the 12th ACM/IFIP/USENIX international conference on Middleware
Whispers in the hyper-space: high-speed covert channel attacks in the cloud

Security'12 Proceedings of the 21st USENIX conference on Security symposium
Hourglass schemes: how to prove that cloud files are encrypted

Proceedings of the 2012 ACM conference on Computer and communications security
Resource-freeing attacks: improve your cloud performance (at your neighbor's expense)

Proceedings of the 2012 ACM conference on Computer and communications security
Cross-VM side channels and their use to extract private keys

Proceedings of the 2012 ACM conference on Computer and communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

When hardware resources are shared between mutually distrustful tenants in the cloud, it may cause information leakage and bring difficulties to regulatory control. To address these concerns, cloud providers are starting to offer hardware resources dedicated to a single user. Cloud users have to pay more for such dedicated tenancy; however, they may not be able to detect the unexpected misuse of their dedicated storage due to the abstraction layer of the cloud. In this paper, we propose TerraCheck to help cloud users verify if their dedicated storage devices have been misused to store other users' data. TerraCheck detects the malicious occupation of the dedicated device by monitoring the change of the shadow data that are residual bits intentionally left on the disk and are invisible by the file system. When the cloud providers share the dedicated disk with other users, such misuses can be detected since the shadow data will be overwritten and become irretrievable. We describe the theoretical framework of TerraCheck and show experimentally that TerraCheck works well in practice.