{"title":"Session details: Paper Session 3: Applications","authors":"Yuan Zhang","doi":"10.1145/3247611","DOIUrl":"https://doi.org/10.1145/3247611","url":null,"abstract":"","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126798344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the increasing popularity of cloud storage services, many individuals and enterprises start to move their local data to the clouds. To ensure their privacy and data security, some cloud service users may want to encrypt their data before outsourcing them. However, this impedes efficient data utilities based on the plain text search. In this paper, we study how to construct a secure index that supports both efficient index updating and similarity search. Using the secure index, users are able to efficiently perform similarity searches tolerating input mistakes and update the index when new data are available. We formally prove the security of our proposal and also perform experiments on real world data to show its efficiency.
{"title":"A New Secure Index Supporting Efficient Index Updating and Similarity Search on Clouds","authors":"Baojia Zhang, He Zhang, Boqun Yan, Yuan Zhang","doi":"10.1145/2898445.2898451","DOIUrl":"https://doi.org/10.1145/2898445.2898451","url":null,"abstract":"With the increasing popularity of cloud storage services, many individuals and enterprises start to move their local data to the clouds. To ensure their privacy and data security, some cloud service users may want to encrypt their data before outsourcing them. However, this impedes efficient data utilities based on the plain text search. In this paper, we study how to construct a secure index that supports both efficient index updating and similarity search. Using the secure index, users are able to efficiently perform similarity searches tolerating input mistakes and update the index when new data are available. We formally prove the security of our proposal and also perform experiments on real world data to show its efficiency.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122241413","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We are very delighted to welcome everybody to the 2016 International Workshop on Security in Cloud Computing (SCC). � �There is no doubt that cloud computing has changed the paradigm of computing greatly. Hence, the security and privacy problems in cloud computing are of high importance. A lot of research and development efforts have been invested on related topics. The objective of this workshop is thus to bring together researchers and developers in this field, to enable them to share information about their recent progresses. � �The year of 2016 is the fourth for the SCC workshop. In total, 31 submissions were made from fifteen countries and regions, including Australia, Austria, Canada, China, Colombia, France, Germany, Hong Kong, India, Italy, Japan, Luxembourg, Singapore, United Kingdom, and United States. After a careful review by the program committee, 12 papers were selected for presentation at the workshop. We thank the Program Committee members as well as the external reviewers for their hard work. � �This year's SCC workshop also features a keynote speech "Giano - toward Large Scale Access Security Management in Private Cloud", by Dr. Ye Wu from Baidu, Inc. Given the leadership of Baidu in the Internet industry and Dr. Wu's splendid record of success in building cloud security systems, we believe this keynote speech will be very beneficial to all participants.
{"title":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","authors":"Sheng Zhong, A. Squicciarini","doi":"10.1145/2898445","DOIUrl":"https://doi.org/10.1145/2898445","url":null,"abstract":"We are very delighted to welcome everybody to the 2016 International Workshop on Security in Cloud Computing (SCC). \u0000 \u0000There is no doubt that cloud computing has changed the paradigm of computing greatly. Hence, the security and privacy problems in cloud computing are of high importance. A lot of research and development efforts have been invested on related topics. The objective of this workshop is thus to bring together researchers and developers in this field, to enable them to share information about their recent progresses. \u0000 \u0000The year of 2016 is the fourth for the SCC workshop. In total, 31 submissions were made from fifteen countries and regions, including Australia, Austria, Canada, China, Colombia, France, Germany, Hong Kong, India, Italy, Japan, Luxembourg, Singapore, United Kingdom, and United States. After a careful review by the program committee, 12 papers were selected for presentation at the workshop. We thank the Program Committee members as well as the external reviewers for their hard work. \u0000 \u0000This year's SCC workshop also features a keynote speech \"Giano - toward Large Scale Access Security Management in Private Cloud\", by Dr. Ye Wu from Baidu, Inc. Given the leadership of Baidu in the Internet industry and Dr. Wu's splendid record of success in building cloud security systems, we believe this keynote speech will be very beneficial to all participants.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133455188","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the cloud storage, users lose direct control over their data. How to surely delete data in the cloud becomes a crucial problem for a secure cloud storage system. The existing way to this problem is to encrypt the data before outsourcing and destroy the encryption key when deleting. However, this solution may cause heavy computation overhead for the user-side and the encrypted data remains intact in the cloud after the deletion operation. To solve this challenge problem, we propose a novel method to surely delete data in the cloud storage by overwriting. Different from existing works, our scheme is efficient in the user-side and is able to wipe out the deleted data from the drives of the cloud servers.
{"title":"Enabling Assured Deletion in the Cloud Storage by Overwriting","authors":"Yuchuan Luo, Ming Xu, Shaojing Fu, Dongsheng Wang","doi":"10.1145/2898445.2898447","DOIUrl":"https://doi.org/10.1145/2898445.2898447","url":null,"abstract":"In the cloud storage, users lose direct control over their data. How to surely delete data in the cloud becomes a crucial problem for a secure cloud storage system. The existing way to this problem is to encrypt the data before outsourcing and destroy the encryption key when deleting. However, this solution may cause heavy computation overhead for the user-side and the encrypted data remains intact in the cloud after the deletion operation. To solve this challenge problem, we propose a novel method to surely delete data in the cloud storage by overwriting. Different from existing works, our scheme is efficient in the user-side and is able to wipe out the deleted data from the drives of the cloud servers.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128857312","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Secure Data Sharing (SDS) enables users to share data in the cloud in a confidential and integrity-preserving manner. Many recent SDS approaches are based on Attribute-Based Encryption (ABE), leveraging the advantage that ABE allows to address a multitude of users with only one ciphertext. However, ABE approaches often come with the downside that they require a central fully-trusted entity that is able to decrypt any ciphertext in the system. In this paper, we investigate on whether ABE could be used to efficiently implement Decentralized Secure Data Sharing (D-SDS), which explicitly demands that the authorization and access control enforcement is carried out solely by the owner of the data, without the help of a fully-trusted third party. For this purpose, we did a comprehensive analysis of recent ABE approaches with regard to D-SDS requirements. We found one ABE approach to be suitable, and we show different alternatives to employ this ABE approach in a group-based D-SDS scenario. For a realistic estimation of the resource consumption, we give concrete resource consumption values for workloads taken from real-world system traces and exemplary up-to-date mobile devices. Our results indicate that for the most D-SDS operations, the resulting computation times and outgoing network traffic will be acceptable in many use cases. However, the computation times and outgoing traffic for the management of large groups might prevent using mobile devices.
{"title":"Decentralized Secure Data Sharing with Attribute-Based Encryption: A Resource Consumption Analysis","authors":"H. Kühner, H. Hartenstein","doi":"10.1145/2898445.2898449","DOIUrl":"https://doi.org/10.1145/2898445.2898449","url":null,"abstract":"Secure Data Sharing (SDS) enables users to share data in the cloud in a confidential and integrity-preserving manner. Many recent SDS approaches are based on Attribute-Based Encryption (ABE), leveraging the advantage that ABE allows to address a multitude of users with only one ciphertext. However, ABE approaches often come with the downside that they require a central fully-trusted entity that is able to decrypt any ciphertext in the system. In this paper, we investigate on whether ABE could be used to efficiently implement Decentralized Secure Data Sharing (D-SDS), which explicitly demands that the authorization and access control enforcement is carried out solely by the owner of the data, without the help of a fully-trusted third party. For this purpose, we did a comprehensive analysis of recent ABE approaches with regard to D-SDS requirements. We found one ABE approach to be suitable, and we show different alternatives to employ this ABE approach in a group-based D-SDS scenario. For a realistic estimation of the resource consumption, we give concrete resource consumption values for workloads taken from real-world system traces and exemplary up-to-date mobile devices. Our results indicate that for the most D-SDS operations, the resulting computation times and outgoing network traffic will be acceptable in many use cases. However, the computation times and outgoing traffic for the management of large groups might prevent using mobile devices.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122011112","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To efficiently collaborate in cyber security defense and response, organizations must be able to securely share information and resources. A community in a cloud IaaS, which refers to a group of organizations with common business interests, will utilize cloud IaaS to realize their infrastructure deployments. Communities establish a mechanism to prevent, detect and respond to cyber attacks, and help member organizations in the community recover expeditiously. In this paper, we present an access control model for secure information and resource sharing between organizations in a community-based isolated environment in Microsoft Azure IaaS cloud platform, one of dominant commercial cloud platforms. The model facilitates organizations to share their IT resources with each other in a controlled and secure manner. We formally specify the administrative model and discuss enforcement techniques in the Azure cloud platform.
{"title":"Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS","authors":"Yun Zhang, Farhan Patwa, R. Sandhu","doi":"10.1145/2898445.2898455","DOIUrl":"https://doi.org/10.1145/2898445.2898455","url":null,"abstract":"To efficiently collaborate in cyber security defense and response, organizations must be able to securely share information and resources. A community in a cloud IaaS, which refers to a group of organizations with common business interests, will utilize cloud IaaS to realize their infrastructure deployments. Communities establish a mechanism to prevent, detect and respond to cyber attacks, and help member organizations in the community recover expeditiously. In this paper, we present an access control model for secure information and resource sharing between organizations in a community-based isolated environment in Microsoft Azure IaaS cloud platform, one of dominant commercial cloud platforms. The model facilitates organizations to share their IT resources with each other in a controlled and secure manner. We formally specify the administrative model and discuss enforcement techniques in the Azure cloud platform.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131492589","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper, we propose a privacy-preserving algorithm for two-party distributed permutation test for the difference of means. Our algorithm allows two parties to jointly perform a permutation test on the union of their data without revealing their data to each other. Our algorithm is useful especially in areas where the testing data often contains private information e.g. clinic trial and biomedical research. We have proved the security of our algorithm and used experiment to show its efficiency. To the best of our knowledge, we are the first to address the privacy issues in permutation tests.
{"title":"Privacy Preserving Distributed Permutation Test","authors":"Yunlong Mao, Yuan Zhang","doi":"10.1145/2898445.2898450","DOIUrl":"https://doi.org/10.1145/2898445.2898450","url":null,"abstract":"In this paper, we propose a privacy-preserving algorithm for two-party distributed permutation test for the difference of means. Our algorithm allows two parties to jointly perform a permutation test on the union of their data without revealing their data to each other. Our algorithm is useful especially in areas where the testing data often contains private information e.g. clinic trial and biomedical research. We have proved the security of our algorithm and used experiment to show its efficiency. To the best of our knowledge, we are the first to address the privacy issues in permutation tests.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129666609","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Paper Session 2: Data Processing","authors":"Sheng Zhong","doi":"10.1145/3247610","DOIUrl":"https://doi.org/10.1145/3247610","url":null,"abstract":"","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116336094","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the past decade, researchers have proposed various cloud storage integrity checking protocols to enable a cloud storage user to validate the integrity of the user's outsourced data. While the proposed solutions can in principle solve the cloud storage integrity checking problem, they are not sufficient for current cloud storage practices. In this position paper, we show the gaps between theoretical and practical cloud storage integrity checking solutions, through a categorization of existing solutions and an analysis of their underlying assumptions. To bridge the gap, we also call for practical cloud storage integrity checking solutions for three scenarios.
{"title":"Cloud Storage Integrity Checking: Going from Theory to Practice","authors":"Fei Chen, Taoyi Zhang, Jianyong Chen, Tao Xiang","doi":"10.1145/2898445.2898457","DOIUrl":"https://doi.org/10.1145/2898445.2898457","url":null,"abstract":"In the past decade, researchers have proposed various cloud storage integrity checking protocols to enable a cloud storage user to validate the integrity of the user's outsourced data. While the proposed solutions can in principle solve the cloud storage integrity checking problem, they are not sufficient for current cloud storage practices. In this position paper, we show the gaps between theoretical and practical cloud storage integrity checking solutions, through a categorization of existing solutions and an analysis of their underlying assumptions. To bridge the gap, we also call for practical cloud storage integrity checking solutions for three scenarios.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122308095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The rapid advances in genomic technologies have led to the exponential growth of genomic data. On one hand, clinics and research institutions need to consider the security issue since the data privacy needs to be protected. On the other hand, they look for the means to improve the scalability and performance of genomic applications to be able to handle large amount of data as well as heavy computations. While existing approaches have to sacrifice one for the other, we aim at achieving all the three goals above. In this paper, we design an entire secure framework for genomic data processing on public clouds. Based on this framework, we propose a 3-encryption-scheme model for genomic sequence mapping (3EGSM), an important phase of genomic computation. The model protects not only genomic sequences but also the intermediate and final computation results when processing on public clouds. We evaluate the proposed framework through intensive experiments using real genomic data. The experimental results show that the proposed framework reduces the sequential mapping time by up to 75% compared to a baseline approach that considers only the security issue. The experimental results also show that the framework achieves high speedup when performing parallel processing.
{"title":"Towards Secure and Fast Mapping of Genomic Sequences on Public Clouds","authors":"Seungmin Kang, Khin Mi Mi Aung, B. Veeravalli","doi":"10.1145/2898445.2898448","DOIUrl":"https://doi.org/10.1145/2898445.2898448","url":null,"abstract":"The rapid advances in genomic technologies have led to the exponential growth of genomic data. On one hand, clinics and research institutions need to consider the security issue since the data privacy needs to be protected. On the other hand, they look for the means to improve the scalability and performance of genomic applications to be able to handle large amount of data as well as heavy computations. While existing approaches have to sacrifice one for the other, we aim at achieving all the three goals above. In this paper, we design an entire secure framework for genomic data processing on public clouds. Based on this framework, we propose a 3-encryption-scheme model for genomic sequence mapping (3EGSM), an important phase of genomic computation. The model protects not only genomic sequences but also the intermediate and final computation results when processing on public clouds. We evaluate the proposed framework through intensive experiments using real genomic data. The experimental results show that the proposed framework reduces the sequential mapping time by up to 75% compared to a baseline approach that considers only the security issue. The experimental results also show that the framework achieves high speedup when performing parallel processing.","PeriodicalId":187535,"journal":{"name":"Proceedings of the 4th ACM International Workshop on Security in Cloud Computing","volume":"622 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127528206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: