Private Editing Using Untrusted Cloud Services

Author

Huang, Yan ; Evans, David

Author_Institution

Univ. of Virginia, Charlottesville, VA, USA

fYear

2011

fDate

20-24 June 2011

Firstpage

263

Lastpage

272

Abstract

We present a general methodology for protecting the confidentiality and integrity of user data for a class of on-line editing applications. The key insight is that many of these applications are designed to perform most of their data-dependent computation on the client side, so it is possible to maintain their functionality while only exposing an encrypted version of the document to the server. We apply our methodology to Google Documents and describe a prototype extension tool that enables users to use a cloud application to manage their documents without sacrificing confidentiality or integrity. To provide adequate performance, we employ an incremental encryption scheme and extend it to support variable-length blocks. We analyze the security of our scheme and report on experiments that show our extension preserves most of the cloud application´s functionality with less than 10% overhead for typical use.

Keywords

client-server systems; cloud computing; cryptography; data integrity; data privacy; text editing; Google documents; client side; data-dependent computation; encrypted version; on-line editing applications; private editing; security; untrusted cloud services; user data confidentiality; user data integrity; variable-length blocks; Browsers; Encryption; Google; Reactive power; Servers; cloud security; data privacy; incremental cryptography;

fLanguage

English

Publisher

ieee

Conference_Titel

Distributed Computing Systems Workshops (ICDCSW), 2011 31st International Conference on

Conference_Location

Minneapolis, MN

ISSN

1545-0678

Print_ISBN

978-1-4577-0384-3

Electronic_ISBN

1545-0678

Type

conf

DOI

10.1109/ICDCSW.2011.36

Filename

5961499