Wednesday, 3 April 2013

Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Osama Khan, Lea Kissner, Zachary Peterson, and Dawn Song. 2011. Remote data checking using provable data possession.ACM Trans. Inf. Syst. Secur. 14, 1, Article 12 (June 2011), 34 pages. DOI=10.1145/1952982.1952994

Key contributions:
  • Using Provable Data Possession (PDP) protocol, it challenges the storage server (SSP) to check whether the data still exists.
  • Allows an auditor to check for proof of data possession in order to validate whether the server possesses the data that was originally stored by the client using Remote Data Checking (RDC)
  • Tags are generated by the DO for each block of the file and stored along with the file in the SSP
  • DO issues a challenge to SSP for random data blocks and verifies the proof to validate whether data exists in server
  • Lightweight and Robust. Lightweight since spot checking is used to check whether a random portion of the data still exists and robust since it protects against arbitrary data corruptions
  • Fixes small data corruptions
  • Like the use of providing a high-level overview of the protocol just before explaining the technical details.
  • Doesn't protect against data stealing
  • Doesn't handle dynamic operations
  • Doesn't handle the case of illegal transfer of files. It just checks for data existence

Bo Chen and Reza Curtmola. 2012. Robust dynamic remote data checking for public clouds. InProceedings of the 2012 ACM conference on Computer and communications security (CCS '12). ACM, New York, NY, USA, 1043-1045. DOI=10.1145/2382196.2382319

Key contributions:
  • Continues on the work of RDC but instead handles dynamic operations (insertions, updates, deletes) on data.
  • Uses Reed Solomon codes based on Cauchy matrices which provide communication-efficient code updates
  • Handles robustness for dynamic operations
  • Paper too technical

Lingfang Zeng; Zhan Shi; Shengjie Xu; Dan Feng, "SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy," Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International Conference on , vol., no., pp.521,528, Nov. 30 2010-Dec. 3 2010
doi: 10.1109/CloudCom.2010.21

Key Contributions:
  • Data self-destroys after a period of time by destroying the encryption key rendering the data useless
  • Handles sniffing and hopping attacks which may read and store decryption keys before it is destroyed.
  • The ciphertext still remains even if decryption key destroyed making it vulnerable to traditional attacks (cryptanalysis/brute force) to reveal plaintext

Fengshun Yue; Guojun Wang; Qin Liu, "A Secure Self-Destructing Scheme for Electronic Data," Embedded and Ubiquitous Computing (EUC), 2010 IEEE/IFIP 8th International Conference on , vol., no., pp.651,658, 11-13 Dec. 2010
doi: 10.1109/EUC.2010.104

Key contributions:
  • Electronic data automatically destroyed after a certain period of time without any user intervention
  • Does not rely on third parties
  • Resists against traditional attacks (cryptanalysis/brute force) and also attacks to the Distributed Hash Table (DHT) network which destroys the decryption key and a part of the ciphertext.
  • Encapsulates data into Vanishing Data Objects (VDOs) and later Decapsulates VDOs into data providing they are withing time constraints.

No comments:

Post a Comment