Computer scientists feted for ways to store data with untrusted cloud providers

Mar 04, 2013
NJIT computer scientists feted for ways to store data with untrusted cloud providers
NJIT researchers received a top honor for their ideas on better ways to ensure the integrity and long-term reliability of data stored at potentially untrusted cloud storage providers. "Towards Self-Repairing Replication-Based Storage Systems Using Untrusted Clouds," was written by Bo Chen, a doctoral candidate, and his advisor, Assistant Professor Reza Curtmola, New Jersey Institute of Technology. Credit: NJIT

NJIT researchers received a top honor for their ideas on better ways to ensure the integrity and long-term reliability of data stored at potentially untrusted cloud storage providers. "Towards Self-Repairing Replication-Based Storage Systems Using Untrusted Clouds," was written by Bo Chen, a doctoral candidate, and his advisor, NJIT Assistant Professor Reza Curtmola, both in NJIT's College of Computing Sciences (CCS).

The work recently received the "Outstanding Paper Award" from the prestigious 3rd ACM Conference on Data and Application and Privacy (CODASPY 2013) and was published in February of 2013 in the Proceedings of the Third ACM Conference on Data and Application Security and Privacy.

"We are very happy to see that this important work has received such a high level of peer recognition," said CCS Interim Dean James Geller and chair of the department of computer science. "Computer security today is on everyone's mind and we take our mission seriously at NJIT to get the word out so that computing can be safer and easier for everyone—whether people are trying to protect banking accounts or . This is an enormous growth area in research and education."

"We wanted to take an in depth look at cloud ," said Curtmola. "This is an especially important issue for anyone dealing with large amounts of data that are supposed to be stored for a long period, such as archival and backup data. Using our techniques data owners can audit the service provided by the cloud and assess the risk of outsourcing their data to the cloud. We think the information will be of great help to anyone dealing with data storage."

Unlike previous work in this area, the NJIT paper proposed a new paradigm, in which the data owner is able to outsource not only the storage but also the management of her data. Whenever is detected, the storage servers collaborate among themselves to repair the corruption, and the data owner acts only as a coordinator. This minimizes the load on the data owner during repair and represents a departure from previous work, which imposes a heavy burden on the data owner during data repair.

The proposed paradigm has the advantage of minimizing the workload for data owners, but it also introduces a new type of attack: A set of malicious storage servers could collude to generate on the fly data that should be stored at all times. Thus, the main technical challenge in the paper was how to enforce that the untrusted servers manage the data properly over time. The main insights behind the solution were: (a) replicas of the data are differentiated based on a controllable amount of masking, which offers flexibility in handling different adversarial strengths, and (b) replica generation is time consuming. The NJIT researchers validated the practicality of their solution through a software prototype built on Amazon's cloud platform.

This work is part of a series of articles supported by a National Science Foundation CAREER grant awarded to Curtmola in 2011.

Curtmola is an expert in information security and applied cryptography. His research interests include security of cloud services, security of wireless networks and security of mobile computing.

Explore further: Powerful new software plug-in detects bugs in spreadsheets

Related Stories

Head for the clouds, feet firmly on the ground

Mar 05, 2012

Computer engineers in the US writing in the International Journal of Communication Networks and Distributed Systems have reviewed the research literature to get a clear picture of cloud computing, its adoption, use and th ...

The trustworthy cloud

Mar 07, 2012

Not a week goes by without reports on security gaps, data theft or hacker attacks. Both businesses and private users are becoming increasingly uneasy. However, when it comes to technologies like cloud computing, trust and ...

Researchers work to take the errors out of the cloud

Oct 14, 2011

Cloud computing, which taps the resources of a network of remote computers, offers tremendous potential for storing and processing vast amounts of data quickly and cheaply. The catch: As cloud computing applications become ...

Study on the Security of Cloud Computing

Feb 26, 2010

Not only does cloud computing help to save money, it also helps to increase IT security: Small and medium sized companies especially can profit from special cloud security solutions and the knowledge advantage of experienced ...

Cloud computing: Gaps in the 'cloud'

Oct 24, 2011

Researchers from Ruhr-University Bochum have found a massive security gap at Amazon Cloud Services. Using different methods of attack (signature wrapping and cross site scripting) they tested the system which was deemed "safe". ...

Recommended for you

Researchers developing algorithms to detect fake reviews

Oct 21, 2014

Anyone who has conducted business online—from booking a hotel to buying a book to finding a new dentist or selling their wares—has come across reviews of said products and services. Chances are they've also encountered ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

baudrunner
1 / 5 (2) Mar 04, 2013
The solution is to install the cloud-dedicated operating systems in unwritable ROM chips that load into and operate from a virtual drive in the servers' RAM after boot. Thereafter, intelligently managed periodic rewrites of the OS in volatile RAM from the nonvolatile ROM chip can restore the IO and Data Management functions to their unadulterated state. The result is a clean cloud.
Shootist
1 / 5 (2) Mar 04, 2013
The cloud is the past dressed up in pixie dust. Big Iron is unnecessary, unwanted and insecure by design. Want to store large amounts of data for your namby-pamby portable device? Get a cheap HDD and publish it (on the internet), using security (vpn) only you control. Yes, you have to have a computer to do it; but some boffin could create an appliance that would do the same as all those messy boxes.

Don't step back in the box IBM created, and civilization left behind 20 years ago. Be self-reliant, not reliant on big blue, apple or oracle.
sennekuyl
not rated yet Mar 05, 2013
:scratch: The only way to be secure on the Internet and participate is to assume it is insecure, and anything left outside your direct control will be tampered with. You then take measures to ensure that: 1) You only put out data you are comfortable with being scrutinised by unknown parties,
2) you attempt to limit the data propagated or mined by third parties,
3) you use security methods such as slow file encryption, volume encryption, Public Key Infrastructure as well as VPNs.

#2 is a bitch if you have unwitting colleagues.

The final problem is convenience to do all the above and setting up the #3. Few people take the time, so virtually nobody does it. Yet it should be default on all systems.

@baudrunner: That still requires you capitulate some trust to the constructors of your system, hardware or software; essentially no different to what we have now.

I'd posit it can't be securely done the way you suggest, thus paranoia rules.