research-article

On Information Leakage in Deduplicated Storage Systems

Authors:
Hubert Ritzdorf

ETH, Zurich, Switzerland

ETH, Zurich, Switzerland
View Profile

,
Ghassan Karame

NEC Laboratories Europe, Heidelberg, Germany

NEC Laboratories Europe, Heidelberg, Germany
View Profile

,
Claudio Soriente

Telefónica Research, Barcelona, Spain

Telefónica Research, Barcelona, Spain
View Profile

,
Srdjan Čapkun

ETH, Zurich, Switzerland

ETH, Zurich, Switzerland
View Profile

CCSW '16: Proceedings of the 2016 ACM on Cloud Computing Security WorkshopOctober 2016Pages 61–72https://doi.org/10.1145/2996429.2996432

Published:28 October 2016Publication History

CCSW '16: Proceedings of the 2016 ACM on Cloud Computing Security Workshop

Pages 61–72

ABSTRACT

Most existing cloud storage providers rely on data deduplication in order to significantly save storage costs by storing duplicate data only once. While the literature has thoroughly analyzed client-side information leakage associated with the use of data deduplication techniques in the cloud, no previous work has analyzed the information leakage associated with access trace information information (e.g., object size and timing) that are available whenever a client uploads a file to a curious cloud provider.

In this paper, we address this problem and analyze information leakage associated with data deduplication on a curious storage server. We show that even if the data is encrypted using a key not known by the storage server, the latter can still acquire considerable information about the stored files and even determine which files are stored. We validate our results both analytically and experimentally using a number of real storage datasets.

References

Frederik Armknecht, Jens-Matthias Bohli, Ghassan O. Karame, and Franck Youssef. Transparent data deduplication in the cloud. CCS '15, pages 886--900, New York, NY, USA, 2015. ACM. Google ScholarDigital Library
Storage Networking Industry Association. SNIA IOTTA Repository. http://iotta.snia.org/traces/3382.Google Scholar
Mihir Bellare, Sriram Keelveedhi, and Thomas Ristenpart. Dupless: Server-aided encryption for deduplicated storage. In Proceedings of the 22Nd USENIX Conference on Security, SEC'13, pages 179--194. USENIX Association, 2013. Google ScholarDigital Library
Mihir Bellare, Sriram Keelveedhi, and Thomas Ristenpart. Message-locked encryption and secure deduplication. EUROCRYPT '13. Springer, 2013.Google ScholarCross Ref
Roberto Di Pietro and Alessandro Sorniotti. Boosting efficiency and security in proof of ownership for deduplication. ASIACCS '12, pages 81--82, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
John R. Douceur, Atul Adya, William J. Bolosky, Dan Simon, and Marvin Theimer. Reclaiming space from duplicate files in a serverless distributed file system. In ICDCS, pages 617--624, 2002. Google ScholarDigital Library
Kave Eshghi and Hsiu K. Tang. A framework for analyzing and improving content-based chunking algorithms. Technical report, 2005. http://www.hpl.hp.com/techreports/2005/HPL-2005--30R1.html.Google Scholar
William Feller. An Introduction to Probability Theory and Its Applications. Wiley, 2nd edition, 1971.Google Scholar
Shai Halevi, Danny Harnik, Benny Pinkas, and Alexandra Shulman-Peleg. Proofs of ownership in remote storage systems. CCS '11, pages 491--500, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
Danny Harnik, Benny Pinkas, and Alexandra Shulman-Peleg. Side channels in cloud services: Deduplication in cloud storage. IEEE Security & Privacy, 8(6):40--47, 2010. Google ScholarDigital Library
Adobe Systems Incorporated. Document management - Portable document format - Part 1: PDF 1.7, 2008. https://wwwimages2.adobe.com/content/dam/Adobe/en/devnet/pdf/pdfs/PDF32000_2008.pdf.Google Scholar
Kevin B. Korb and Ann E. Nicholson. Bayesian Artificial Intelligence. CRC Press, second edition, 2010. Google ScholarDigital Library
Sven Laur, Riivo Talviste, and Jan Willemson. From oblivious aes to efficient and secure database join in the multiparty setting. ACNS'13. Springer-Verlag, 2013. Google ScholarDigital Library
Dirk Meister and André Brinkmann. Multi-level comparison of data deduplication in a backup scenario. In Proceedings of SYSTOR 2009: The Israeli Experimental Systems Conference. ACM, 2009. Google ScholarDigital Library
Dutch T. Meyer and William J. Bolosky. A study of practical deduplication. Trans. Storage, 7(4):14:1--14:20, February 2012. Google ScholarDigital Library
João Paulo and José Pereira. A survey and classification of storage deduplication systems. ACM Comput. Surv., 47(1):11:1--11:30, June 2014. Google ScholarDigital Library
Pasquale Puzio, Refik Molva, Melek Önen, and Sergio Loureiro. Block-level de-duplication with encrypted data. Open Journal of Cloud Computing (OJCC), 1(1):10--18, 2014.Google Scholar
Pasquale Puzio, Refik Molva, Melek Önen, and Sergio Loureiro. PerfectDedup: Secure Data Deduplication, pages 150--166. Springer International Publishing, Cham, 2016. Google ScholarDigital Library
Michael O. Rabin. Fingerprinting by random polynomials. Harvard Aiken Computation Laboratory, pages 1--12, 1981.Google Scholar
Jan Stanek, Alessandro Sorniotti, Elli Androulaki, and Lukas Kencl. A Secure Data Deduplication Scheme for Cloud Storage. In 18th International Conference on Financial Cryptography and Data Security (FC), 2014.Google Scholar
Mark W. Storer, Kevin Greenan, Darrell D.E. Long, and Ethan L. Miller. Secure data deduplication. StorageSS '08, 2008. Google ScholarDigital Library
Marc van Leeuwen. Extended stars-and-bars problem, 2013. http://math.stackexchange.com/a/554237.Google Scholar

Index Terms

On Information Leakage in Deduplicated Storage Systems
1. Information systems
  1. Data management systems
    1. Information integration
      1. Deduplication
  2. Information storage systems
    1. Storage architectures
      1. Cloud based storage
2. Security and privacy
  1. Database and storage security
    1. Management and querying of encrypted data
  2. Human and societal aspects of security and privacy
    1. Privacy protections

Recommendations

Secure and efficient proof of ownership for deduplicated cloud storage
SIN '17: Proceedings of the 10th International Conference on Security of Information and Networks

The rapid increment in volume of outsourced data has raised an issue of data management for Cloud Storage Server. To solve this issue, Deduplication, a data compression technique was introduced which avoids duplicate data storage. However, Deduplication ...
Read More
Proofs of ownership in remote storage systems
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

Cloud storage systems are becoming increasingly popular. A promising technology that keeps their cost down is deduplication, which stores only a single copy of repeating data. Client-side deduplication attempts to identify deduplication opportunities ...
Read More
Whole-File Chunk-Based Deduplication Using Reinforcement Learning for Cloud Storage
ASONAM '22: Proceedings of the 2022 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining

Deduplication is the process of removing replicated data content from storage facilities like online databases, cloud datastore, local file systems, etc. It is commonly performed as part of data preprocessing to eliminate redundant data that requires ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CCSW '16: Proceedings of the 2016 ACM on Cloud Computing Security Workshop
October 2016
116 pages
ISBN:9781450345729
DOI:10.1145/2996429
Conference Chairs:
Mathias Payer
Purdue University, USA
,
Stefan Mangard
IAIK TU Graz, Austria
,
General Chairs:
Edgar Weippl
SBA Research, Austria
,
Stefan Katzenbeisser
Technische Universität Darmstadt, Germany
,
Program Chairs:
Elli Androulaki
IBM Research-Zurich, Switzerland
,
Michael K. Reiter
University of North Carolina at Chapel Hill, USA
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 28 October 2016
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
cloud storage
deduplication
information leakage
privacy
storage inference
Qualifiers
- research-article
Conference

Acceptance Rates
CCSW '16 Paper Acceptance Rate8of23submissions,35%Overall Acceptance Rate37of108submissions,34%
More
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 10
  Total Citations
  View Citations
- 243
  Total Downloads
- Downloads (Last 12 months)9
- Downloads (Last 6 weeks)5
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

On Information Leakage in Deduplicated Storage Systems

CCSW '16: Proceedings of the 2016 ACM on Cloud Computing Security Workshop

ABSTRACT

References

Cited By

Index Terms

Recommendations

Secure and efficient proof of ownership for deduplicated cloud storage

Proofs of ownership in remote storage systems

Whole-File Chunk-Based Deduplication Using Reinforcement Learning for Cloud Storage