TREDISEC: Trust-Aware REliable and Distributed Information SEcurity in the Cloud

@inproceedings{Bringer2015TREDISECTR,
  title={TREDISEC: Trust-Aware REliable and Distributed Information SEcurity in the Cloud},
  author={Julien Bringer and Beatriz Gallego-Nicasio and Ghassan O. Karame and Mathias Kohler and Panagiotis Louridas and Melek {\"O}nen and Hubert Ritzdorf and Alessandro Sorniotti and David Vallejo-Fernandez},
  booktitle={e-Democracy},
  year={2015}
}
While the revolutionary cloud computing paradigm offers substantial benefits to businesses, recent data breaches and the lack of dedicated end-to-end security solutions refrain the rapid adoption of this technology. The TREDISEC project aims at increasing trust in cloud computing by designing new security primitives ensuring data security and user privacy and supporting the underlying storage and computation technology at the same time. 

Building trust in cloud computing: isolation in container based virtualisation

TLDR
This paper proposes a security system to address the weak isolation in container-based virtualisation that is based on shared kernel OS and system components through the addition of a Role Based Access Control model and the provision of strict data protection and security.

IaaS-cloud security enhancement: An intelligent attribute-based access control framework

TLDR
This paper proposes a practical framework for the ABAC based on artificial intelligence architecture to satisfy the dynamic and scalable nature of IaaS cloud.

IaaS-cloud security enhancement: An intelligent attribute-based access control framework

TLDR
This paper proposes a practical framework for the ABAC based on artificial intelligence architecture to satisfy the dynamic and scalable nature of IaaS cloud.

References

SHOWING 1-10 OF 18 REFERENCES

Side Channels in Cloud Services: Deduplication in Cloud Storage

As the volume of data increases, so does the demand for online storage services, from simple backup services to cloud storage infrastructures. Although deduplication is most effective when applied

Secure Deduplication of Encrypted Data without Additional Independent Servers

TLDR
This work presents the first secure cross-user deduplication scheme that supports client-side encryption without requiring any additional independent servers, and is based on using a PAKE (password authenticated key exchange) protocol.

DupLESS: Server-Aided Encryption for Deduplicated Storage

TLDR
It is shown that encryption for deduplicated storage can achieve performance and space savings close to that of using the storage service with plaintext data.

Proofs of ownership in remote storage systems

TLDR
This work identifies attacks that exploit client-side deduplication, allowing an attacker to gain access to arbitrary-size files of other users based on a very small hash signatures of these files, and introduces the notion of proofs-of-ownership (PoWs), which lets a client efficiently prove to a server that that the client holds a file, rather than just some short information about it.

PRISM - Privacy-Preserving Search in MapReduce

TLDR
This work presents PRISM, a privacy-preserving scheme for word search in cloud computing that meets cloud computing efficiency requirements and is compatible with standard MapReduce, not requiring any change to the interface or infrastructure.

CryptDB: protecting confidentiality with encrypted query processing

TLDR
The evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL.

Secure data deduplication

TLDR
This work has developed a solution that provides both data security and space efficiency in single-server storage and distributed storage systems.

A tunable proof of ownership scheme for deduplication using Bloom filters

TLDR
This paper introduces a novel solution based on Bloom filters that provides a flexible, scalable, and provably secure solution to the weaknesses of deduplication, and that overcomes the deficiencies of existing approaches.

Searchable symmetric encryption: improved definitions and efficient constructions

TLDR
This paper formally defines SSE in the multi-user setting, and presents an efficient construction that achieves better performance than simply using access control mechanisms.

StealthGuard: Proofs of Retrievability with Hidden Watchdogs

TLDR
StealthGuard makes use of a privacy-preserving word search (WS) algorithm to search, as part of a POR query, for randomly-valued blocks called watchdogs that are inserted in the file before outsourcing.