(More) Side Channels in Cloud Storage - Linking Data to Users
نویسنده
چکیده
Public cloud storage services are gaining in popularity and several commercial actors are offering their services for users, however, not always with the security and privacy of their users as the primary design goal. This paper investigates side channels in public cloud storage services that allow the service provider, and in some cases users of the same service, to learn who has stored a given file and to profile users’ usage of the service. These side channels are present in several public cloud storage services that are marketed as secure and privacy-friendly. Our conclusions are that cross-user deduplication should be disabled by default and that public cloud storage services need to be designed to provide unlinkability of users and data, even if the data is encrypted by users before storing it in the cloud.
منابع مشابه
Fuzzy retrieval of encrypted data by multi-purpose data-structures
The growing amount of information that has arisen from emerging technologies has caused organizations to face challenges in maintaining and managing their information. Expanding hardware, human resources, outsourcing data management, and maintenance an external organization in the form of cloud storage services, are two common approaches to overcome these challenges; The first approach costs of...
متن کاملSide channels in cloud services, the case of deduplication in cloud storage
Cloud storage services commonly use deduplication, which eliminates redundant data by storing only a single copy of each file or block. Deduplication reduces the space and bandwidth requirements of data storage services, and is most effective when applied across multiple users, a common practice by cloud storage offerings. We study the privacy implications of cross-user deduplication. We demons...
متن کاملOmniShare: Securely Accessing Encrypted Cloud Storage from Multiple Authorized Devices
Cloud storage services like Dropbox, Google Drive and OneDrive are becoming increasingly popular. Two major reasons for the success of cloud storage services are 1) their ability to synchronize stored data across multiple client devices and 2) the possibility of sharing a subset of this data with other people. But privacy of cloud data is a growing concern. Encrypting data on the client-side be...
متن کاملPersonal Storage Clouds from Portable Components
A number of applications would seem to benefit from storing data “in the cloud”—that is at application storage providers such as Amazon S3. The cloud model is appealing because it relieves end users from the need to administer storage systems and worry about backups. Furthermore it avoids inconsistencies; for example users who store mail “in the cloud” using services such as Gmail can get an up...
متن کاملDifferentially private client-side data deduplication protocol for cloud storage services
Cloud storage service providers apply data client-side deduplication across multiple users to achieve cost savings of network bandwidth and disk storage. However, deduplication can be used as a side channel by attackers who try to obtain sensitive information of other users’ data. We propose a differentially private client-side deduplication protocol. A storage gateway allows efficient data ded...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011