2014 Proceeding- General Chair:
- Gail-Joon Ahn,
- Program Chairs:
- Alina Oprea,
- Reihaneh Safavi-Naini
- Sponsor:
- sigsac
It is our great pleasure to present to you the proceedings of the 6th edition of the ACM Cloud Computing Security Workshop (CCSW) held in conjunction with the 2014 ACM Computer and Communication Security (CCS) conference in Scottsdale, Arizona, USA, November 3-7, 2014.
The paradigm of cloud computing has been revolutionizing todays' information communication technologies, impacting and redefining how data is stored, retrieved, processed and shared. Cloud services provide an elastic, scalable, large-scale environment typically marked by a high degree of resource virtualization and sharing among tenants. While the economic benefits of cloud computing are widely recognized, this new computing model creates security and privacy requirements different from traditional environments. With the wide adoption of cloud computing paradigm, security, privacy, and availability of the involved operations, components, and systems are becoming of increasing importance.
The CCSW workshop focuses on the security challenges and research opportunities raised by the recent developments in cloud computing. The goal of the workshop is to explore the security and privacy challenges that are raised by cloud computing, and foster development of new ideas and solutions that can be transitioned into practice.
The 2014 CSW workshop received a total of thirty-six high quality submissions, out of which twelve were selected by the program committee through a rigorous reviewing process. The workshop includes four invited sessions, three invited talks and one memorial session.
We are delighted to have three keynote talks that bring new perspectives and practical problems from industry to the research community related to issues like security and privacy of data stored in the cloud, economic impact of security, and risk management in cloud settings. The three invited talks are:
Joanne Martin, CISO and VP for IT Risk, IBM, "Securing Cloud Environments for Enterprise Computing"
David McGrew, Fellow, Cisco, "Privacy vs. Efficacy in Cloud-based Threat Detection"
Bryan D. Payne, Director of Security Research, Nebula, "Reducing the Cost of Security in the Cloud"
The memorial session, organized by Elaine Shi, celebrates the life of Emil Stefanov and his research contributions to cloud computing security. The contributors to this session (Ari Juels, Srini Devadas, and Zygmunt Pizlo) discuss Emil's most impactful contributions to cloud security and beyond.
Proceeding Downloads
Securing Cloud Environments for Enterprise Computing
In this presentation at ACM Cloud Computing Security 2014, we will discuss how IBM transforms its approach to IT Security, as it moves its own enterprise computing into the cloud.
Privacy vs. Efficacy in Cloud-based Threat Detection
Advanced threats can be detected by monitoring information systems and networks, then applying advanced analytic techniques to the data thus gathered. It is natural to gather, store, and analyze this data in the Cloud, but doing so introduces ...
Reducing the Cost of Security in the Cloud
When considering the economics of information security, people often use the information's value as input into an equation to determine how much to spend securing the corresponding system. Here, we explore how to improve the amount of security ...
Co-Location-Resistant Clouds
We consider the problem of designing multi-tenant public infrastructure clouds resistant to cross-VM attacks without relying on single-tenancy or on assumptions about the cloud's servers. In a cross-VM attack (which have been demonstrated recently in ...
Reconciling End-to-End Confidentiality and Data Reduction In Cloud Storage
An increasingly common practice for users of storage systems is to perform end-to-end encryption to ensure the confidentiality of data stored on external storage systems or in the cloud. This practice, however, inhibits the benefits of deduplication and ...
Swap and Play: Live Updating Hypervisors and Its Application to Xen
Hypervisors provide the means to run multiple isolated virtual machines on the same physical host. Typically, updating hypervisors requires a reboot of the host leading to disruption of services that is highly undesirable, particularly in cloud ...
RAID-PIR: Practical Multi-Server PIR
Private Information Retrieval (PIR) allows to privately request a block of data from a database such that no information about the queried block is revealed to the database owner. With the rapid rise of cloud computing, data is often shared across ...
Distributed Key Generation for Encrypted Deduplication: Achieving the Strongest Privacy
Large-scale cloud storage systems often attempt to achieve two seemingly conflicting goals: (1) the systems need to reduce the copies of redundant data to save space, a process called deduplication; and (2) users demand encryption of their data to ...
Efficient Certification and Zero-Knowledge Proofs of Knowledge on Infrastructure Topology Graphs
Digital signature schemes are a foundational cryptographic building block in certification and the projection of trust. Based on a signature scheme on committed graphs, we propose a framework of certification and proof methods to sign topology graphs ...
A Framework for Outsourcing of Secure Computation
We study the problem of how to efficiently outsource a sensitive computation on secret inputs to a number of untrusted workers, under the assumption that at least one worker is honest.
In our setting there is a number of clients C_1,…,Cn with inputs x1,…...
Your Software at my Service: Security Analysis of SaaS Single Sign-On Solutions in the Cloud
Software-as-a-Service (SaaS) is typically defined as a rental model for using a complex software product, running on a centralized computing platform, using a thin client (most frequently a web browser). As such, it is one of the major categories of ...
Guardians of the Clouds: When Identity Providers Fail
Many cloud-based services offer interfaces to Single Sign-On (SSO) systems. This helps companies and Internet users to keep control over their data: By using an Identity Provider (IdP), they are able to enforce various access control strategies (e.g., ...
CloudSafetyNet: Detecting Data Leakage between Cloud Tenants
- Christian Priebe,
- Divya Muthukumaran,
- Dan O' Keeffe,
- David Eyers,
- Brian Shand,
- Ruediger Kapitza,
- Peter Pietzuch
When tenants deploy applications under the control of third-party cloud providers, they must trust the provider's security mechanisms for inter-tenant isolation, resource sharing and access control. Despite a provider's best efforts, accidental data ...
Streaming Authenticated Data Structures: Abstraction and Implementation
In the setting of streaming verifiable computation, a verifier and a prover observe a stream of n elements x1; x2; : : : ; xn and later, the verifier can delegate a computation (e.g., a range search query) to the untrusted prover over the stream. The ...
Inevitable Failure: The Flawed Trust Assumption in the Cloud
IaaS clouds offer customers on-demand computing resources such as virtual machine, network and storage. To provision and manage these resources, cloud users must rely on a variety of cloud services. However, a wide range of vulnerabilities have been ...
Cited By
-
Kumar R (2024). Security Risks and Threats in Cloud Computing: A Comprehensive Analysis, International Journal of Innovative Science and Research Technology (IJISRT), 10.38124/ijisrt/IJISRT24NOV057, (261-266)
- Jannett L, Mladenov V, Mainka C and Schwenk J DISTINCT Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, (1553-1567)
Index Terms
- Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security