cloud computing ; data; trust; security; robustness; verifiability; prototype; cloud storage
Galinanes Veronica Estrada, Felber Pascal (2015), Ensuring Data Durability with Increasingly Interdependent Content, in
Proceedings of the IEEE International Conference on Cluster Computing (CLUSTER), -, -.
Karpathiotakis Manos, Alagiannis Ioannis, Heinis Thomas, Branco Miguel, Ailamaki Anastasia (2015), Just-In-Time Data Virtualization: Lightweight Data Management with ViDa, in
Proceedings of the 7th Biennial Conference on Innovative Data Systems Research (CIDR) , 7th Biennial Conference on Innovative Data Systems Research (CIDR), Asilomar, California, USA, JanuaNA, NA.
Mercier Hugues, Augier Maxime, Lenstra Arjen K (2015), STeP-archival: Storage Integrity and Anti-Tampering using Data Entanglement, in
Proceedings of ISIT 2015, Hong-Kong-, -.
Karpathiotakis Manos, Branco Miguel, Alagiannis Ioannis, Ailamaki Anastasia (2014), Adaptive query processing on RAW data, in
Proceedings of the VLDB Endowment, 40th International Conference on Very Large Databases, Hangzhou, China, September 1-5, 2014NA, NA.
Banabic Radu, Candea George, Guerraoui Rachid (2014), Finding Trojan Message Vulnerabilities in Distributed Systems, in
ASPLOS '14 Proceedings of the 19th international conference on Architectural support for programming, Salt Lake City Utah USA-, -.
Pacheco Leandro, Sciascia Daniele, Pedone Fernando (2014), Parallel Deferred Update Replication, in
13th IEEE International Symposium on Network Computing and Applications, BostonNA, NA.
Halalai Raluca, Sutra Pierre, Riviere Etienne, Felber Pascal (2014), ZooFence: Principled Service Partitioning and Application to the ZooKeeper Coordination Service, in
2014 IEEE 33rd International Symposium on Reliable Distributed Systems, -, -.
Estrada Galinanes Veronica, Felber Pascal (2013), Helical Entanglement Codes: An Efficient Approach for Designing Robust Distributed Storage Systems, in
Stabilization, Safety, and Security of Distributed Systems, -, -.
Reardon Joel, Ritzdorf Hubert, Basin David A., Capkun Srdjan (2013), Secure data deletion from persistent media, in
ACM Conference on Computer and Communication Security , -, -.
Marforio Claudio, Karapanos Nikolaos, Soriente Claudio, Kostiainen Kari, Capkun Srdjan (2013), Secure Enrollment and Practical Migration for Mobile Trusted Execution Environments, in
ACM workshop on Security and privacy in smartphones and mobile devices , -, -.
Banabic Radu, Candea George (2012), Fast Black-Box Testing of System Recovery Code, in
ACM EuroSys Conference on Computer Systems (EuroSys), -, -.
Alagiannis Ioannis, Borovica Renata, Branco Miguel, Idreos Stratos, Ailamaki Anastasia (2012), NoDB in Action: Adaptive Query Processing on Raw Data, in
VLDB 2012, NA, NA.
Androulaki Elli, Soriente Claudio, Malisa Luka, Capkun Srdjan, Enforcing Location and Time-based Access Control on Cloud-stored Data, in
IEEE International Conference on Distributed Computing Systems, -, -.
Valerio Jose, Sutra Pierre, Rivière Etienne, Felber Pascal, Evaluating the Price of Consistency in Distributed File Storage Services, in
13th International IFIP Conference on Distributed Applications and Interoperable Systems, Florence, Italy-, -.
Reardon Joel, Basin David, Capkun Srdjan, On Secure Data Deletion, in
IEEE Security and Privacy , 1.
Marforio Claudio, Karapanos Nikolaos, Soriente Claudio, Kostiainen Kari, Capkun Srdjan, Smartphones as Practical and Secure Location Verification Tokens for Payments, in
Network and Distributed System Security Symposium , -, -.
Atta Islam, Pinar Tozun, Xin Tong, Ailamaki Anastasia, Moshovos Andreas, STREX: Boosting Instruction Cache Reuse in OLTP Workloads Through Stratified Transaction Execution, in
ISCA 2013, -, -.
Cloud Computing offers its users centralized and inexpensive computing services through the integration of hardware and middleware into a complete computing stack, thereby facilitating the development of large and scalable applications. Clouds also run applications efficiently and inexpensively, by leveraging the technical expertise of cloud computing providers and by enabling a significant reduction in energy consumption, since computing resources can be better utilized across users. This reduction of IT costs is motivating Swiss companies to invest considerably in cloud computing [11].Despite the advent of cloud computing, many users are reluctant to entrust the cloud with their data. We briefly describe three “nightmare” scenarios that illustrate typical user concerns and which discourage wider adoption of cloud computing services:- Malicious users. An employee of a cloud provider secretly installs software in the cloud storage servers to mine the data from commercial users. This software is carefully disguised as part of a set of complex monitoring scripts. He then silently sells the stolen information to competitors for profit.- Software bugs. After accidentally uploading incriminating data to the cloud, a user quickly submits a deletion request, which completes successfully. Unfortunately, an unknown bug in the cloud software stack causes data deletion actions to fail silently in rare occasions. The incriminating data is left on the cloud and is later found by a cloud provider system administrator.- Low performance. Following a positive media report, a cloud provider increases computing resources to accommodate a growing number of users. A decision is made to expand the nearly bottlenecked storage system with front-end Flash-based storage, which was recommended after in-house testing. However, when the new design is put in production it proves inadequate for the read/write profiles of the cloud applications. The provider struggles with a publicity nightmare, with users quickly moving to other providers.The “nightmare” scenarios above demonstrate the need for secure, verifiable and robust cloud storage; to our knowledge, no existing system fulfills all three requirements simultaneously. Our goal in this proposal is to make cloud storage trustworthy by inventing broadly applicable concepts or primitives, which address similar scenarios to those described above. In particular, we propose to (a) design a secure cloud storage system, which supports both anonymity and confidentiality, ensures long-term cryptographic safety, provides secure and verifiable data deletions and is able to geographically restrict data storage and access; (b) develop unique performance profiling tools that advance the state-of-the-art for cloud profiling, and apply symbolic execution techniques to compare and validate individual components of the cloud storage stack; (c) efficiently integrate emerging storage technologies, such as Flash and PCM, and develop new algorithms to improve data processing on the cloud; (d) devise techniques to predict the performance of queries on the cloud, leading to a predictable, robust system; and (e) create high-level facilities for implementing decentralized and scalable services, and propose novel mechanisms for high availability.We will implement all novel primitives as part of a prototype, hence creating an open trustworthy cloud storage system that simultaneously addresses security, verifiability and robustness. Our prototype will demonstrate the practical feasibility of this work, hopefully encouraging cloud providers to adopt similar concepts in their commercial offerings. This adoption will in turn allow reluctant communities to take advantage of the opportunities created by cloud computing. We expect our work to become influential both in academia and industry, particularly within sectors such as finance and banking, which are an important part of the Swiss industrial sector. More importantly, we expect this project’s results to increase the willingness of the Swiss taxpayer to exploit the growing country’s investment in cloud infrastructures.