A Privacy Preserving Three-Layer Cloud Storage Scheme Based On Computational ...
Access Control & Encryption In Cloud Environments
1. Access Control and Encryption in Cloud Environments James Wernicke New Mexico Tech Department of Computer Science & Engineering A Designated Center of Academic Excellence in Information Assurance by the National Security Agency
2. Terminology Access control: A system which enables an authority to control access to areas and resources in a given physical facility or computer-based information system Encryption: The process of transforming information (“plaintext”) using an algorithm (“cipher”) to make it unreadable to anyone except those possessing special knowledge (“key”). Cloud: Computing system where shared resources, software, and information are provided to computers and other devices on demand like the electricity grid. A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 2 -
3. Motivation Organizations no longer need to control the computing infrastructure that supports them. They just need a place to store, access, and manipulate their data. The usual cryptographic methods are limiting, inflexible, and don’t scale well. Access management has always been done internally. Research related to this semester’s projects A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 3 -
4. Scenarios Outsourcing computations on sensitive data Querying large sets of encrypted data Electronic voting Search engine privacy Trend analysis on personal information A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 4 -
5.
6.
7. DES/AES Encryption Not homomorphic at all Encrypt P to get C, multiply C by 2, decrypt 2C, get some gibberish A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 7 -
8.
9. Gentry’s Homomorphic Encryption Fully homomorphic Encrypt P to get C, do an arbitrary number of additions and multiplications on C to get C′, decrypt C′, get P′ Awesome… in theory A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 9 -
10.
11.
12. More chance of compromiseA Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 11 -
13.
14. Data can be decrypted by more than one userCollusion resistance A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 12 -
15. Conclusions More research into fully homomorphic encryption could revolutionize the way cloud services are utilized for sensitive data. CP-ABE can provide a new approach to managing access control on untrusted servers. A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 13 -
16. References Hakala, David (2009-04-29). “The Top 10 Cloud Computing Trends”. Focus.com. Retrieved 2010-09-08. Danielson, Krissi (2008-03-26). “Distinguishing Cloud Computing from Utility Computing”. Ebizq.net. Retrieved 2010-09-08. Gentry, Craig (2009-05-31). “Fully Homomorphic Encryption Using Ideal Lattices”. STOC ‘09. Retrieved 2010-09-08. Prince, Brian (2009-06-25). “IBM Discovers Encryption Scheme That Could Improve Cloud Security, Spam Filtering”. eWeek.com. Retrieved 2010-09-08. “Practical Applications of Homomorphic Encryption Algorithms”. Stack Overflow. Retrieved 2010-09-08. Micciancio, Daniele (2010). “A First Glimpse At Cryptography’s Holy Grail”. Communications of the ACM. Retrieved 2010-09-08. Schneier, Bruce (2009-07-09). “Homomorphic Encryption Breakthrough”. Schneier on Security. Retrieved 2010-09-08. Cooney, Michael (2009-06-25). “IBM Touts Encryption Innovation”. Computerworld. Retrieved 2010-09-08. Martin, Luther (2009-07-24). “Gentry’s Homomorphic Encryption”. Voltage Security. Retrieved 2010-09-08. Ghalimi, Ismael (2009-10-11). “I Think There Is A World Market for Maybe Five Clouds”. IT Redux. Retrieved 2010-09-09. Bethencourt, John et al. “Ciphertext-Policy Attribute-Based Encryption”. Retrieved 2010-09-09. A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 14 -
17. Questions? A Designated Center of Academic Excellence in Information Assurance by the National Security Agency - 15 -
Notes de l'éditeur
Good morning, everyone. Thanks for coming. My name is James Wernicke, and as part of my application for SFS, I’ll be giving a presentation today on access control and encryption in cloud environments.
There are a few terms that we should be familiar with. When I talk about access control, I’m speaking about systems that control access specifically to data, networked resources, and physical locations. Encryption refers to the process of making information private between the sender and those authorized to view it. A cloud is a network of computers which, to the user, appear as one functional unit which is highly scalable for providing a number of services to many users simultaneously.
There is a clear trend that organizations are shifting their IT resources to the cloud. We trust banks to keep our money secure while their customers come and go through their doors all day long. When we want our money, it’s available 24/7 through an ATM, debit card, or banking website. Likewise, datacenters are equipped to keep our data secure and make it available to us when we need it. However, there is still some room for improvement.Traditional cryptography doesn’t work that well in clouds. Sure, we can encrypt our data and store it on a public server, but as soon as we want to compute on that data, we have to download it to our local machine and decrypt it before we can do anything with it. This doesn’t work so well for large amounts of data.Traditional access management relies on firewalls, homogenous network environments, and system administrators to manage access control policies. In a cloud, firewalls are turned into swisscheese as users access their enterprise applications through the Internet from anywhere in the world on any device on any platform. Cloud users need a way to control access to their data that doesn’t require an in-house system administrator.
Let’s say you have a bunch of classified data that needs to be processed. You want to use an unclassified compute cloud to do that processing without giving away the information within the encrypted data.You could also have a large encrypted database stored on a public server. Normally, you’d have to download the entire database and decrypt it to do any type of query on it. Instead, what if there was a way to do the query on the database server without revealing the information?It could also be used to collect and tally votes using encrypted data without knowing which votes are for who. Or imagine being able to do a search engine query without the search engine even knowing what you were searching for?
All computing is based on boolean circuits. These are basically the mathematical building blocks for programs. So when we want to computer or manipulate data, we are basically just performing some set of additive and multiplicative operations, or boolean circuits.
Homorphisms are a special type of function that has some interesting applications in cryptography. The unique property of homomorphisms is that the function can be applied before or after the additive or multiplicative operations are performed on the algebraic structures. What this means is that we can take ciphertext, perform some arbitrary number of operations on it, then decrypt the ciphertext and it would be the same as if we operated on the plaintext.
With symmetric key encryption, there are no homomorphisms. If you could get 2P from 2C, there would certainly be some questions about the randomness, and the security, of your symmetric key encryption.
RSA encryption is a partially homomorphic scheme, but only multiplicatively. Too bad we can’t really do anything interesting with this, though.
In 2009, Craig Gentry announced a fully homomorphic encryption scheme using ideal lattices. This breakthrough allows complexcomputations to finally be performed on encrypted data and have the resulting ciphertext decrypted into something useful. But…
Gentry’s scheme is not quite ready for primetime, though. For one, a program becomes exponentially more complex when converted into a series of additions and subtractions. Gentry himself said that the time to do a simple Google search is increased by a factor of one trillion. Another major issue is that his scheme requires that operations that will be done have to be known before encrypting the data. But still, his approach is still certainly an important breakthrough in cryptography.
The other part of cloud security I want to talk about is access control. Encryption is great for keeping our data confidential, but we certainly don’t want anyone to get their hands on our data to decrypt at their leisure. We don’t always know the exact identities of everyone who should access data so it is desirable to be able to describe them in terms of descriptive attributes or credentials. This type of access control is typically enforced by a server that checks that a user present proper credentials before accessing data. The problem now is that our data is on the cloud, and we don’t necessarily have that much trust in the servers where our data is being stored. We would definitely sleep easier if we didn’t have to worry about them being compromised.
CP-ABE addresses these issues. When a party encrypts a message, they specify an associated access structure. Each user’s private key is associated with a set of attributes. So what makes this so great? A message will only be able to be decrypted if the decryptor’s attributes satisfy the ciphertext’s access structure. This allows a user to not only maintain an access policy on an untrusted server, but also allow groups of users to access the data. Another important feature of this scheme is that two parties can’t combine their attributes, or collude, to access data that one couldn’t access on their own.
So to recap, fully homomorphic encryption has the potential to change how cloud services are used. It just needs some more research. CP-ABE also can also improve cloud security by providing a more flexible way to manage access control in clouds.