Improving the Resistance to Side-Channel Attacks on Cloud Storage Services

Author

Heen, Olivier ; Neumann, Christoph ; Montalvo, Luis ; Defrance, Serge

Author_Institution

Technicolor, Cesson-Sevigne, France

fYear

2012

fDate

7-10 May 2012

Firstpage

1

Lastpage

5

Abstract

Providers of cloud storage services usually apply deduplication across multiple user accounts in order to optimize savings of both upload bandwidth and storage space. However, deduplication can be used as a side channel by an adversary for obtaining sensitive information about other user´s data. We propose a new gateway-based deduplication model that lets the storage service provider apply efficient deduplication while substantially reducing the risk of information leakage. We suppose that the cloud storage service is provided by a Network Service Provider that also ships advanced gateways to its customers. We discuss why it is much harder for an adversary to infer deduplication from the gateway than from a fully controlled host.

Keywords

cloud computing; computer crime; computer network security; data privacy; information storage; internetworking; network servers; cloud storage services; fully controlled host; gateway-based deduplication model; information leakage; multiple user; network service provider; side-channel attacks; storage service provider; storage space; Bandwidth; Cloud computing; Logic gates; Privacy; Security; Servers;

fLanguage

English

Publisher

ieee

Conference_Titel

New Technologies, Mobility and Security (NTMS), 2012 5th International Conference on

Conference_Location

Istanbul

ISSN

2157-4952

Print_ISBN

978-1-4673-0228-9

Electronic_ISBN

2157-4952

Type

conf

DOI

10.1109/NTMS.2012.6208705

Filename

6208705