Abstract
This paper explores the issue of “loss of control” that results when users outsource data and computation to the clouds. While loss of control has multiple manifestations, we focus on the data privacy and confidentiality implications when cloud providers are untrusted. Instead of following the well studied (but still unsolved) path of encrypting data when outsourcing and computing on the encrypted domain, the paper advocates a risk-based approach over a hybrid cloud architecture as a possible solution. Hybrid clouds are a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability. Hybrid clouds offer an opportunity to selectively outsource data and computation based on the level of sensitivity involved. The paper postulates a risk-aware approach to partitioning computation over hybrid clouds that provides an abstraction to address secure cloud data processing in a variety of system and application contexts.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lev-Ram, M.: Why Zynga loves the hybrid cloud (2012), http://tech.fortune.cnn.com/2012/04/09/zynga-2/?iid=HP_LN
Mearian, L.: EMC’s Tucci sees hybrid cloud becoming de facto standard (2011), http://www.computerworld.com/s/article/9216573/EMC_s_Tucci_sees_hybrid_cloud_becoming_de_facto_standard
Zhang, K., Zhou, X.Y., Chen, Y., Wang, X., Ruan, Y.: Sedic: privacy-aware data intensive computing on hybrid clouds. In: ACM Conference on Computer and Communications Security, pp. 515–526 (2011)
Oktay, K.Y., Khadilkar, V., Hore, B., Kantarcioglu, M., Mehrotra, S., Thuraisingham, B.: Risk-Aware Workload Distribution in Hybrid Clouds. In: IEEE CLOUD, pp. 229–236 (2012)
Diallo, M., Hore, B., Chang, E.C., Mehrotra, S., Venkatasubramanian, N.: CloudProtect: Managing Data Privacy in Cloud Applications. In: IEEE CLOUD (2012)
Hybrid Cloud. The NIST Definition of Cloud Computing. National Institute of Science and Technology, Special Publication, 800-145 (2011)
Fouad, M.R., Lebanon, G., Bertino, E.: ARUBA: A Risk-Utility-Based Algorithm for Data Disclosure. In: Jonker, W., Petković, M. (eds.) SDM 2008. LNCS, vol. 5159, pp. 32–49. Springer, Heidelberg (2008)
Trabelsi, S., Salzgeber, V., Bezzi, M., Montagnon, G.: Data disclosure risk evaluation. In: CRiSIS, pp. 35–72 (2009)
Nykiel, T., Potamias, M., Mishra, C., Kollios, G., Koudas, N.: MRShare: sharing across multiple queries in MapReduce. Proc. VLDB Endow. 3, 1–2 (2010)
Dean, J., Ghemawat, S.: MapReduce: simplified data processing on large clusters. Commun. ACM 51(1), 107–113 (2008)
Apache Hadoop, http://hadoop.apache.org/
Hacigümüş, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: SIGMOD, pp. 216–227 (2002)
Zhang, K., Zhou, X., Chen, Y., Wang, X., Ruan, Y.: Sedic: privacy-aware data intensive computing on hybrid clouds. In: CCS 2011. ACM (2011)
Hore, B., Mehrotra, S., Hacigm, H.: Managing and querying encrypted data. In: Gertz, M., Jajodia, S. (eds.) Handbook of Database Security, pp. 163–190. Springer, US (2008)
Bagherzandi, A., Hore, B., Mehrotra, S.: Search over Encrypted Data. In: Encyclopedia of Cryptography and Security. Springer (2011)
Hacigumus, H., Hore, B., Mehrotra, S.: Privacy of Outsourced Dat. In: Encyclopedia of Cryptography and Security. Springer (2011)
Hacigumus, H., Iyer, B., Mehrotra, S.: Providing Database as a Service. In: IEEE International Conference in Data Engineering (2002)
Wu, S., Li, F., Mehrotra, S., Ooi, B.C.: Query Optimization for massively parallel data processing. In: SoCC 2011 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Oktay, K.Y., Khadilkar, V., Kantarcioglu, M., Mehrotra, S. (2013). Risk Aware Approach to Data Confidentiality in Cloud Computing. In: Bagchi, A., Ray, I. (eds) Information Systems Security. ICISS 2013. Lecture Notes in Computer Science, vol 8303. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-45204-8_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-45204-8_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-45203-1
Online ISBN: 978-3-642-45204-8
eBook Packages: Computer ScienceComputer Science (R0)