Information Technology Reference
In-Depth Information
4. Threats in virtualization: There are many inherent security issues
in virtualization. Since clouds make extensive use of virtualization
techniques, they are prone to vulnerabilities in virtualization.
5. Cross-VM (virtual machine) attack via side channels: A cross-VM
attack exploits the multitenancy of the VM that enables VMs belong-
ing to different customers to coreside on the same physical device.
Thus, the cloud should provide:
1. Availability: User data should be accessible from anywhere at any time.
2. Reliability: User data should be backed up so that even in case of
failure, the data are available.
3. Integrity: Data should be available to the user as is, without any
modification by the CSP or a malicious user.
4. Confidentiality: The cloud provider should not be able to read or
modify data stored by the user.
5. Privacy: A user's data can be stored without knowing the actual
identity of the data.
6. Accountability: The cloud should be accountable for any operation
(alteration or deletion) made on the data and should not be able to
refute the action.
3.1.1 Organization of the Chapter
In this chapter, we do not discuss virtualization security. We focus on
secure computing using homomorphic encryption, access control using
attribute-based encryption (ABE), and data auditing using provable data
possession (PDP) and proofs of retrievability (PoR). For each of these secu-
rity aspects, we first discuss the underlying cryptographic technique and
then present how it is used to ensure cloud data security. We then present
the state of the art. Section 3.2 presents homomorphic encryption for secure
computation; Section 3.3 presents access control techniques using ABE.
Data auditing is presented in Section 3.4. We conclude with some open prob-
lems in Section 3.5.
3.2 Homomorphic Encryption
for Secure Computation in the Cloud
The cloud is being increasingly used in scientific computation. In many
situations, the computation can be on sensitive data. For example, two com-
peting companies, X and Y, have outsourced computation to the cloud.
Search WWH ::




Custom Search