Agregação de Dados na Nuvem com Garantias de Segurança e Privacidade
Abstract
The use of cloud computing has become common due to advantages such as low cost and sizing of computing resources according to demand. However, there are concerns about security and privacy, because critical data – especially in IoT applications – are stored and processed in the cloud. This paper proposes a software architecture that supports multiple approaches to secure data aggregation. The use of this architecture proved to be viable from experiments with the use of homomorphic encryption techniques and security extensions in hardware (Intel SGX), which, to our best knowledge, had never been used in a cloud environment.
References
Anati, I., Gueron, S., Johnson, S., and Scarlata, V. (2013). Innovative technology for cpu based attestation and sealing. In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy, volume 13.
Anderson, R. and Fuloria, S. (2010). On the security economics of electricity metering. In WEIS. Citeseer.
Barbosa, M., Portela, B., Scerri, G., and Warinschi, B. (2016). Foundations of hardware-based attested computation and application to sgx. In 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pages 245–260. IEEE.
Bohli, J.-M., Gruschka, N., Jensen, M., Iacono, L. L., and Marnau, N. (2013). Security and privacy-enhancing multicloud architectures. IEEE Transactions on dependable and secure computing, 10(4):212–224.
Busom, N., Petrlic, R., Sebé, F., Sorge, C., and Valls, M. (2016). Efficient smart metering based on homomorphic encryption. Computer Communications, 82:95–101.
CIF (2015). Uk cloud adoption snapshot & trends for 2016: The business case for cloud.
Cramer, R., Damgard, I., and Maurer, U. (2000). General secure multi-party computation from any linear secret-sharing scheme. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 316–334. Springer.
Cramer, R., Gennaro, R., and Schoenmakers, B. (1997). A secure and optimally efficient multi-authority election scheme. European transactions on Telecommunications, 8(5):481–490.
Dworkin, M. J. (2007). Sp 800-38d. recommendation for block cipher modes of operation: Galois/counter mode (gcm) and gmac. Technical report, Gaithersburg, MD, United States.
ElGamal, T. (1984). A public key cryptosystem and a signature scheme based on discrete logarithms. In Workshop on the Theory and Application of Cryptographic Techniques, pages 10–18. Springer.
Erkin, Z. and Tsudik, G. (2012). Private computation of spatial and temporal power consumption with smart meters. Proceedings of the 10th international conference on Applied Cryptography and Network Security, pages 561–577.
Gentry, C. (2009). A fully homomorphic encryption scheme. PhD thesis, Stanford University.
Greveler, U., Glösekötterz, P., Justusy, B., and Loehr, D. (2012). Multimedia content identification through smart meter power usage profiles. In Proceedings of the International Conference on Information and Knowledge Engineering (IKE), page 1. The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).
Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., and Del Cuvillo, J. (2013). Using innovative instructions to create trustworthy software solutions. In HASP@ ISCA, page 11.
Kolesnikov, V. and Schneider, T. (2008). Improved garbled circuit: Free xor gates and applications. In International Colloquium on Automata, Languages, and Programming, pages 486–498. Springer.
Markovic, D. S., Zivkovic, D., Branovic, I., Popovic, R., and Cvetkovic, D. (2013). Smart power grid and cloud computing. Renewable and Sustainable Energy Reviews, 24:566–577.
McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C. V., Shafi, H., Shanbhogue, V., and Savagaonkar, U. R. (2013). Innovative instructions and software model for isolated execution. In HASP@ ISCA, page 10.
Naehrig, M., Lauter, K., and Vaikuntanathan, V. (2011). Can homomorphic encryption be practical? In Proceedings of the 3rd ACM workshop on Cloud computing security workshop, pages 113–124. ACM.
Pasupuleti, S. K., Ramalingam, S., and Buyya, R. (2016). An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing. Journal of Network and Computer Applications, 64:12–22.
Reinhold, P., Benn, W., Krause, B., Goetz, F., and Labudde, D. (2014). Hybrid cloud architecture for software-as-a-service provider to achieve higher privacy and decrease security concerns about cloud computing. In Conf. Cloud Computing, GRIDs, and Virtualization (IEEE, 2014), pages 94–99. Citeseer.
Rivest, R. L., Adleman, L., and Dertouzos, M. L. (1978a). On data banks and privacy homomorphisms. Foundations of secure computation, 4(11):169–180.
Rivest, R. L., Shamir, A., and Adleman, L. (1978b). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126.
Saroj, S. K., Chauhan, S. K., Sharma, A. K., and Vats, S. (2015). Threshold cryptography based data security in cloud computing. In Computational Intelligence & Communication Technology (CICT), 2015 IEEE International Conference on, pages 202–207. IEEE.
Younis, Y. A., Merabti, M., and Kifayat, K. (2013). Secure Cloud Computing for Critical Infrastructure: A Survey.
Anderson, R. and Fuloria, S. (2010). On the security economics of electricity metering. In WEIS. Citeseer.
Barbosa, M., Portela, B., Scerri, G., and Warinschi, B. (2016). Foundations of hardware-based attested computation and application to sgx. In 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pages 245–260. IEEE.
Bohli, J.-M., Gruschka, N., Jensen, M., Iacono, L. L., and Marnau, N. (2013). Security and privacy-enhancing multicloud architectures. IEEE Transactions on dependable and secure computing, 10(4):212–224.
Busom, N., Petrlic, R., Sebé, F., Sorge, C., and Valls, M. (2016). Efficient smart metering based on homomorphic encryption. Computer Communications, 82:95–101.
CIF (2015). Uk cloud adoption snapshot & trends for 2016: The business case for cloud.
Cramer, R., Damgard, I., and Maurer, U. (2000). General secure multi-party computation from any linear secret-sharing scheme. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 316–334. Springer.
Cramer, R., Gennaro, R., and Schoenmakers, B. (1997). A secure and optimally efficient multi-authority election scheme. European transactions on Telecommunications, 8(5):481–490.
Dworkin, M. J. (2007). Sp 800-38d. recommendation for block cipher modes of operation: Galois/counter mode (gcm) and gmac. Technical report, Gaithersburg, MD, United States.
ElGamal, T. (1984). A public key cryptosystem and a signature scheme based on discrete logarithms. In Workshop on the Theory and Application of Cryptographic Techniques, pages 10–18. Springer.
Erkin, Z. and Tsudik, G. (2012). Private computation of spatial and temporal power consumption with smart meters. Proceedings of the 10th international conference on Applied Cryptography and Network Security, pages 561–577.
Gentry, C. (2009). A fully homomorphic encryption scheme. PhD thesis, Stanford University.
Greveler, U., Glösekötterz, P., Justusy, B., and Loehr, D. (2012). Multimedia content identification through smart meter power usage profiles. In Proceedings of the International Conference on Information and Knowledge Engineering (IKE), page 1. The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).
Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., and Del Cuvillo, J. (2013). Using innovative instructions to create trustworthy software solutions. In HASP@ ISCA, page 11.
Kolesnikov, V. and Schneider, T. (2008). Improved garbled circuit: Free xor gates and applications. In International Colloquium on Automata, Languages, and Programming, pages 486–498. Springer.
Markovic, D. S., Zivkovic, D., Branovic, I., Popovic, R., and Cvetkovic, D. (2013). Smart power grid and cloud computing. Renewable and Sustainable Energy Reviews, 24:566–577.
McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C. V., Shafi, H., Shanbhogue, V., and Savagaonkar, U. R. (2013). Innovative instructions and software model for isolated execution. In HASP@ ISCA, page 10.
Naehrig, M., Lauter, K., and Vaikuntanathan, V. (2011). Can homomorphic encryption be practical? In Proceedings of the 3rd ACM workshop on Cloud computing security workshop, pages 113–124. ACM.
Pasupuleti, S. K., Ramalingam, S., and Buyya, R. (2016). An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing. Journal of Network and Computer Applications, 64:12–22.
Reinhold, P., Benn, W., Krause, B., Goetz, F., and Labudde, D. (2014). Hybrid cloud architecture for software-as-a-service provider to achieve higher privacy and decrease security concerns about cloud computing. In Conf. Cloud Computing, GRIDs, and Virtualization (IEEE, 2014), pages 94–99. Citeseer.
Rivest, R. L., Adleman, L., and Dertouzos, M. L. (1978a). On data banks and privacy homomorphisms. Foundations of secure computation, 4(11):169–180.
Rivest, R. L., Shamir, A., and Adleman, L. (1978b). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126.
Saroj, S. K., Chauhan, S. K., Sharma, A. K., and Vats, S. (2015). Threshold cryptography based data security in cloud computing. In Computational Intelligence & Communication Technology (CICT), 2015 IEEE International Conference on, pages 202–207. IEEE.
Younis, Y. A., Merabti, M., and Kifayat, K. (2013). Secure Cloud Computing for Critical Infrastructure: A Survey.
Published
2016-11-07
How to Cite
SILVA, Leandro; SILVA, Rodolfo; BRITO, Andrey; BARBOSA, Pedro.
Agregação de Dados na Nuvem com Garantias de Segurança e Privacidade. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 16. , 2016, Niterói.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2016
.
p. 240-253.
DOI: https://doi.org/10.5753/sbseg.2016.19311.
