Addressing Security Issues in Cloud Computing
Addressing Security Issues in Cloud Computing
Rituik Dubey, Muhammad Asim Jamshed, Xiaohui Wang, Rama Krishna Batalla
Carnegie Mellon University Pittsburgh, PA 15213 Email: {rdubey, mjamshed, xiaohuiw, rbatalla}@andrew.cmu.edu
Abstract—This paper discusses the security issues that arise in a cloud computing framework. We concentrate on what is typically called the metering problem or “proof of work” where the client can ascertain that the amount it is being billed for by the cloud service is in accordance with the amount of work done by it. We define many different attack scenarios and propose counter schemes for each. Our simulation and theoretical analysis show that the schemes require a reasonably low verification effort at the client side, and provide non-repudiation property.
reservations whether the server performed a complete search, scanning the table(s) in entirety before returning the results to the client. A. Proposed solution Fig.1 illustrates our proposed solution. Our architecture requires that our entire database also be stored in a trusted backup storage facility. Therefore, any updates to the data stored in the cloud service also have to be propagated to the backup trusted store. The entire data stored by the service can hypothetically be divided into n data slices. The first slice, M1 is stored both at the client and the server end. M1 has an extraneous x bytes of region known as the nonce (small region in M1 in Fig. 4). Whenever a client sends a new search request to the cloud, it also sends an updated randomly generated nonce to M1. This prompts the cloud service to calculate the intermediate iterative hashes of each data slice as it completes the search through the entire database. Once the search is complete the search results along with the set of digests are sent back to the client for processing/verification of its authenticity. In order to verify that the server scanned the entire table, the client can authenticate each slice’s digest
Rituik Dubey, Muhammad Asim Jamshed, Xiaohui Wang, Rama Krishna Batalla
Carnegie Mellon University Pittsburgh, PA 15213 Email: {rdubey, mjamshed, xiaohuiw, rbatalla}@andrew.cmu.edu
Abstract—This paper discusses the security issues that arise in a cloud computing framework. We concentrate on what is typically called the metering problem or “proof of work” where the client can ascertain that the amount it is being billed for by the cloud service is in accordance with the amount of work done by it. We define many different attack scenarios and propose counter schemes for each. Our simulation and theoretical analysis show that the schemes require a reasonably low verification effort at the client side, and provide non-repudiation property.
reservations whether the server performed a complete search, scanning the table(s) in entirety before returning the results to the client. A. Proposed solution Fig.1 illustrates our proposed solution. Our architecture requires that our entire database also be stored in a trusted backup storage facility. Therefore, any updates to the data stored in the cloud service also have to be propagated to the backup trusted store. The entire data stored by the service can hypothetically be divided into n data slices. The first slice, M1 is stored both at the client and the server end. M1 has an extraneous x bytes of region known as the nonce (small region in M1 in Fig. 4). Whenever a client sends a new search request to the cloud, it also sends an updated randomly generated nonce to M1. This prompts the cloud service to calculate the intermediate iterative hashes of each data slice as it completes the search through the entire database. Once the search is complete the search results along with the set of digests are sent back to the client for processing/verification of its authenticity. In order to verify that the server scanned the entire table, the client can authenticate each slice’s digest