Agregação de Dados na Nuvem com Garantias de Segurança e Privacidade

  • Leandro Silva UFCG
  • Rodolfo Silva UFCG
  • Andrey Brito UFCG
  • Pedro Barbosa UFCG

Resumo


O uso da computação na nuvem tem se tornado comum por vantagens como baixo custo e contratação de recursos de acordo com a demanda. Todavia, surgem preocupações com segurança e privacidade, pois dados críticos – especialmente em aplicações de IoT – são armazenados e processados na nuvem. Este artigo propõe uma arquitetura de software com suporte a múltiplas abordagens para a agregação segura de dados. O uso dessa arquitetura se mostrou viável em experimentos realizados com a utilização de técnicas de criptografia homomórfica e de extensões de segurança em hardware (Intel SGX), que, segundo nossas pesquisas, ainda não havia sido aplicado em um ambiente de nuvem.

Referências

Anati, I., Gueron, S., Johnson, S., and Scarlata, V. (2013). Innovative technology for cpu based attestation and sealing. In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy, volume 13.

Anderson, R. and Fuloria, S. (2010). On the security economics of electricity metering. In WEIS. Citeseer.

Barbosa, M., Portela, B., Scerri, G., and Warinschi, B. (2016). Foundations of hardware-based attested computation and application to sgx. In 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pages 245–260. IEEE.

Bohli, J.-M., Gruschka, N., Jensen, M., Iacono, L. L., and Marnau, N. (2013). Security and privacy-enhancing multicloud architectures. IEEE Transactions on dependable and secure computing, 10(4):212–224.

Busom, N., Petrlic, R., Sebé, F., Sorge, C., and Valls, M. (2016). Efficient smart metering based on homomorphic encryption. Computer Communications, 82:95–101.

CIF (2015). Uk cloud adoption snapshot & trends for 2016: The business case for cloud.

Cramer, R., Damgard, I., and Maurer, U. (2000). General secure multi-party computation from any linear secret-sharing scheme. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 316–334. Springer.

Cramer, R., Gennaro, R., and Schoenmakers, B. (1997). A secure and optimally efficient multi-authority election scheme. European transactions on Telecommunications, 8(5):481–490.

Dworkin, M. J. (2007). Sp 800-38d. recommendation for block cipher modes of operation: Galois/counter mode (gcm) and gmac. Technical report, Gaithersburg, MD, United States.

ElGamal, T. (1984). A public key cryptosystem and a signature scheme based on discrete logarithms. In Workshop on the Theory and Application of Cryptographic Techniques, pages 10–18. Springer.

Erkin, Z. and Tsudik, G. (2012). Private computation of spatial and temporal power consumption with smart meters. Proceedings of the 10th international conference on Applied Cryptography and Network Security, pages 561–577.

Gentry, C. (2009). A fully homomorphic encryption scheme. PhD thesis, Stanford University.

Greveler, U., Glösekötterz, P., Justusy, B., and Loehr, D. (2012). Multimedia content identification through smart meter power usage profiles. In Proceedings of the International Conference on Information and Knowledge Engineering (IKE), page 1. The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).

Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., and Del Cuvillo, J. (2013). Using innovative instructions to create trustworthy software solutions. In HASP@ ISCA, page 11.

Kolesnikov, V. and Schneider, T. (2008). Improved garbled circuit: Free xor gates and applications. In International Colloquium on Automata, Languages, and Programming, pages 486–498. Springer.

Markovic, D. S., Zivkovic, D., Branovic, I., Popovic, R., and Cvetkovic, D. (2013). Smart power grid and cloud computing. Renewable and Sustainable Energy Reviews, 24:566–577.

McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C. V., Shafi, H., Shanbhogue, V., and Savagaonkar, U. R. (2013). Innovative instructions and software model for isolated execution. In HASP@ ISCA, page 10.

Naehrig, M., Lauter, K., and Vaikuntanathan, V. (2011). Can homomorphic encryption be practical? In Proceedings of the 3rd ACM workshop on Cloud computing security workshop, pages 113–124. ACM.

Pasupuleti, S. K., Ramalingam, S., and Buyya, R. (2016). An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing. Journal of Network and Computer Applications, 64:12–22.

Reinhold, P., Benn, W., Krause, B., Goetz, F., and Labudde, D. (2014). Hybrid cloud architecture for software-as-a-service provider to achieve higher privacy and decrease security concerns about cloud computing. In Conf. Cloud Computing, GRIDs, and Virtualization (IEEE, 2014), pages 94–99. Citeseer.

Rivest, R. L., Adleman, L., and Dertouzos, M. L. (1978a). On data banks and privacy homomorphisms. Foundations of secure computation, 4(11):169–180.

Rivest, R. L., Shamir, A., and Adleman, L. (1978b). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126.

Saroj, S. K., Chauhan, S. K., Sharma, A. K., and Vats, S. (2015). Threshold cryptography based data security in cloud computing. In Computational Intelligence & Communication Technology (CICT), 2015 IEEE International Conference on, pages 202–207. IEEE.

Younis, Y. A., Merabti, M., and Kifayat, K. (2013). Secure Cloud Computing for Critical Infrastructure: A Survey.
Publicado
07/11/2016
SILVA, Leandro; SILVA, Rodolfo; BRITO, Andrey; BARBOSA, Pedro. Agregação de Dados na Nuvem com Garantias de Segurança e Privacidade. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 16. , 2016, Niterói. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2016 . p. 240-253. DOI: https://doi.org/10.5753/sbseg.2016.19311.

Artigos mais lidos do(s) mesmo(s) autor(es)