Abstract
The goal of this paper is to describe problems associated with storage and processing of confidential data in public clouds, and to propose relevant mitigation strategies. In our opinion many types of data in the commercial and scientific worlds require special attention to protect them against possible mishandling. This issue affects highly valuable data, such as trade secrets and financial information, as well as personal data including medical records used in scientific research. We analyse situations which require special care and next we propose a set of solutions for ensuring data security and describe feasibility studies based on tests performed using popular cryptographic software (OpenSSL). Those solutions would allow to fullfil objectives of the paper which are to analyze the requirements of scientific software regarding protection of confidential data, the nature of the data itself and threats against those assets.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
VPH-Share. http://vph-share.org/
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on Computer and Communications Security (CCS ’09), pp. 199–212. ACM, New York (2009)
Vulnerability Summary for CVE-2012-0217, National Vulnerability Database, NIST. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0217 (2012)
Vulnerability Summary for CVE-2012-6030, National Vulnerability Database, NIST. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6030 (2012)
AWS Security and Compliance Center. https://aws.amazon.com/security/
Penetration Testing. https://aws.amazon.com/security/penetration-testing/
Vulnerability Reporting. https://aws.amazon.com/security/vulnerability-reporting/
Security in Rackspace. http://www.rackspace.com/security/
Amazon VPC. http://aws.amazon.com/vpc/
Using Data Encryption. http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html
Client-Side Data Encryption with the AWS SDK for Java and Amazon S3. http://aws.amazon.com/articles/2850096021478074
Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm
LUKS: Linux Unified Key Setup. http://code.google.com/p/cryptsetup/
dm-crypt: Linux kernel device-mapper crypto target. http://code.google.com/p/cryptsetup/wiki/DMCrypt
Canetti, R., Riva, B., Rothblum, G.N.: Refereed delegation of computation. Inf. Comput. 226, 16–36 (2013). ISSN: 0890-5401
FUSE: Filesystem in Userspace. http://fuse.sourceforge.net/
Alex Halderman, J., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold boot attacks on encryption keys. In: Proceedings of the 2008 USENIX Security Symposium, 21 February 2008
Acknowledgments
This research was partially funded by EC ICT VPH-Share Project (contract no. 269978) and the corresponding KI AGH grant. The authors wish to thank Dario Ruiz Lopez and Dmitry A. Vasunin for their helpful advice.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Meizner, J., Bubak, M., Malawski, M., Nowakowski, P. (2014). Secure Storage and Processing of Confidential Data on Public Clouds. In: Wyrzykowski, R., Dongarra, J., Karczewski, K., Waśniewski, J. (eds) Parallel Processing and Applied Mathematics. PPAM 2013. Lecture Notes in Computer Science(), vol 8384. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55224-3_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-55224-3_26
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55223-6
Online ISBN: 978-3-642-55224-3
eBook Packages: Computer ScienceComputer Science (R0)