skip to main content
10.1145/2664168acmconferencesBook PagePublication PagesccsConference Proceedingsconference-collections
CCSW '14: Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security
ACM2014 Proceeding
Publisher:
  • Association for Computing Machinery
  • New York
  • NY
  • United States
Conference:
CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security Scottsdale Arizona USA 7 November 2014
ISBN:
978-1-4503-3239-2
Published:
07 November 2014
Sponsors:
Recommend ACM DL
ALREADY A SUBSCRIBER?SIGN IN
Next Conference
October 13 - 17, 2025
Taipei , Taiwan
Skip Abstract Section
Abstract

It is our great pleasure to present to you the proceedings of the 6th edition of the ACM Cloud Computing Security Workshop (CCSW) held in conjunction with the 2014 ACM Computer and Communication Security (CCS) conference in Scottsdale, Arizona, USA, November 3-7, 2014.

The paradigm of cloud computing has been revolutionizing todays' information communication technologies, impacting and redefining how data is stored, retrieved, processed and shared. Cloud services provide an elastic, scalable, large-scale environment typically marked by a high degree of resource virtualization and sharing among tenants. While the economic benefits of cloud computing are widely recognized, this new computing model creates security and privacy requirements different from traditional environments. With the wide adoption of cloud computing paradigm, security, privacy, and availability of the involved operations, components, and systems are becoming of increasing importance.

The CCSW workshop focuses on the security challenges and research opportunities raised by the recent developments in cloud computing. The goal of the workshop is to explore the security and privacy challenges that are raised by cloud computing, and foster development of new ideas and solutions that can be transitioned into practice.

The 2014 CSW workshop received a total of thirty-six high quality submissions, out of which twelve were selected by the program committee through a rigorous reviewing process. The workshop includes four invited sessions, three invited talks and one memorial session.

We are delighted to have three keynote talks that bring new perspectives and practical problems from industry to the research community related to issues like security and privacy of data stored in the cloud, economic impact of security, and risk management in cloud settings. The three invited talks are:

  • Joanne Martin, CISO and VP for IT Risk, IBM, "Securing Cloud Environments for Enterprise Computing"

  • David McGrew, Fellow, Cisco, "Privacy vs. Efficacy in Cloud-based Threat Detection"

  • Bryan D. Payne, Director of Security Research, Nebula, "Reducing the Cost of Security in the Cloud"

The memorial session, organized by Elaine Shi, celebrates the life of Emil Stefanov and his research contributions to cloud computing security. The contributors to this session (Ari Juels, Srini Devadas, and Zygmunt Pizlo) discuss Emil's most impactful contributions to cloud security and beyond.

Skip Table Of Content Section
SESSION: Invited Talks
invited-talk
Securing Cloud Environments for Enterprise Computing

In this presentation at ACM Cloud Computing Security 2014, we will discuss how IBM transforms its approach to IT Security, as it moves its own enterprise computing into the cloud.

invited-talk
Privacy vs. Efficacy in Cloud-based Threat Detection

Advanced threats can be detected by monitoring information systems and networks, then applying advanced analytic techniques to the data thus gathered. It is natural to gather, store, and analyze this data in the Cloud, but doing so introduces ...

invited-talk
Reducing the Cost of Security in the Cloud

When considering the economics of information security, people often use the information's value as input into an equation to determine how much to spend securing the corresponding system. Here, we explore how to improve the amount of security ...

SESSION: Memorial
SESSION: Technical Presentations
research-article
Co-Location-Resistant Clouds

We consider the problem of designing multi-tenant public infrastructure clouds resistant to cross-VM attacks without relying on single-tenancy or on assumptions about the cloud's servers. In a cross-VM attack (which have been demonstrated recently in ...

research-article
Reconciling End-to-End Confidentiality and Data Reduction In Cloud Storage

An increasingly common practice for users of storage systems is to perform end-to-end encryption to ensure the confidentiality of data stored on external storage systems or in the cloud. This practice, however, inhibits the benefits of deduplication and ...

research-article
Swap and Play: Live Updating Hypervisors and Its Application to Xen

Hypervisors provide the means to run multiple isolated virtual machines on the same physical host. Typically, updating hypervisors requires a reboot of the host leading to disruption of services that is highly undesirable, particularly in cloud ...

research-article
RAID-PIR: Practical Multi-Server PIR

Private Information Retrieval (PIR) allows to privately request a block of data from a database such that no information about the queried block is revealed to the database owner. With the rapid rise of cloud computing, data is often shared across ...

research-article
Distributed Key Generation for Encrypted Deduplication: Achieving the Strongest Privacy

Large-scale cloud storage systems often attempt to achieve two seemingly conflicting goals: (1) the systems need to reduce the copies of redundant data to save space, a process called deduplication; and (2) users demand encryption of their data to ...

research-article
Open Access
Efficient Certification and Zero-Knowledge Proofs of Knowledge on Infrastructure Topology Graphs

Digital signature schemes are a foundational cryptographic building block in certification and the projection of trust. Based on a signature scheme on committed graphs, we propose a framework of certification and proof methods to sign topology graphs ...

research-article
A Framework for Outsourcing of Secure Computation

We study the problem of how to efficiently outsource a sensitive computation on secret inputs to a number of untrusted workers, under the assumption that at least one worker is honest.

In our setting there is a number of clients C_1,…,Cn with inputs x1,…...

research-article
Your Software at my Service: Security Analysis of SaaS Single Sign-On Solutions in the Cloud

Software-as-a-Service (SaaS) is typically defined as a rental model for using a complex software product, running on a centralized computing platform, using a thin client (most frequently a web browser). As such, it is one of the major categories of ...

research-article
Guardians of the Clouds: When Identity Providers Fail

Many cloud-based services offer interfaces to Single Sign-On (SSO) systems. This helps companies and Internet users to keep control over their data: By using an Identity Provider (IdP), they are able to enforce various access control strategies (e.g., ...

research-article
Open Access
CloudSafetyNet: Detecting Data Leakage between Cloud Tenants

When tenants deploy applications under the control of third-party cloud providers, they must trust the provider's security mechanisms for inter-tenant isolation, resource sharing and access control. Despite a provider's best efforts, accidental data ...

research-article
Streaming Authenticated Data Structures: Abstraction and Implementation

In the setting of streaming verifiable computation, a verifier and a prover observe a stream of n elements x1; x2; : : : ; xn and later, the verifier can delegate a computation (e.g., a range search query) to the untrusted prover over the stream. The ...

research-article
Inevitable Failure: The Flawed Trust Assumption in the Cloud

IaaS clouds offer customers on-demand computing resources such as virtual machine, network and storage. To provision and manage these resources, cloud users must rely on a variety of cloud services. However, a wide range of vulnerabilities have been ...

Contributors
  • Arizona State University
  • Northeastern University
  • University of Calgary
Index terms have been assigned to the content through auto-classification.

Recommendations

Acceptance Rates

CCSW '14 Paper Acceptance Rate 12 of 36 submissions, 33%;
Overall Acceptance Rate 37 of 108 submissions, 34%
YearSubmittedAcceptedRate
CCSW '1623835%
CCSW '1521629%
CCSW '14361233%
CCSW '13281139%
Overall1083734%