TY - GEN
T1 - Cloud Shredder
T2 - 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011
AU - Zhang, Nan
AU - Jing, Jiwu
AU - Liu, Peng
PY - 2011
Y1 - 2011
N2 - Data Disclosure due to laptop loss, especially in travel, is a top threat to businesses, governments, and non-profit organizations. An effective protection against this threat should guarantee the data confidentiality, even if the adversary has physically possessed the laptop. Current technology does not satisfy this requirement. This paper proposes a novel approach to remove the threat under the emerging condition of ubiquitous internet access and cloud computing. We name this approach "Cloud Shredder", implying that the confidential files are shredded and hidden in the semi-trusted cloud storage service. Cloud Shredder is a generic and transparent security service that allows legitimate user access the files in exactly the same way as with commodity file systems, whereas the attackers only get meaningless junk even if they have obtained every byte on the hard drive. Rather than the traditional encryption-based protection, Cloud Shredder limits the attacker's opportunity in a short time window. We implemented a prototype that is compatible with the typical cloud storage service, Amazon S3, and supports two popular document applications, Acrobat Reader and Open Office. Our experiments show that the influence on file access performance is reasonable and should not ruin the user experience. Cloud Shredder is also applicable to smart phone, net book and other computing devices with internet connection.
AB - Data Disclosure due to laptop loss, especially in travel, is a top threat to businesses, governments, and non-profit organizations. An effective protection against this threat should guarantee the data confidentiality, even if the adversary has physically possessed the laptop. Current technology does not satisfy this requirement. This paper proposes a novel approach to remove the threat under the emerging condition of ubiquitous internet access and cloud computing. We name this approach "Cloud Shredder", implying that the confidential files are shredded and hidden in the semi-trusted cloud storage service. Cloud Shredder is a generic and transparent security service that allows legitimate user access the files in exactly the same way as with commodity file systems, whereas the attackers only get meaningless junk even if they have obtained every byte on the hard drive. Rather than the traditional encryption-based protection, Cloud Shredder limits the attacker's opportunity in a short time window. We implemented a prototype that is compatible with the typical cloud storage service, Amazon S3, and supports two popular document applications, Acrobat Reader and Open Office. Our experiments show that the influence on file access performance is reasonable and should not ruin the user experience. Cloud Shredder is also applicable to smart phone, net book and other computing devices with internet connection.
UR - http://www.scopus.com/inward/record.url?scp=84856171379&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84856171379&partnerID=8YFLogxK
U2 - 10.1109/TrustCom.2011.221
DO - 10.1109/TrustCom.2011.221
M3 - Conference contribution
AN - SCOPUS:84856171379
SN - 9780769546001
T3 - Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on FCST 2011
SP - 1592
EP - 1599
BT - Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. FCST 2011
Y2 - 16 November 2011 through 18 November 2011
ER -