Storage privacy

Access control and policy enforcement

Access control is essential in protecting storage privacy. Customers must be able to trust the cloud service that only authorized parties can access their data. More complicated access control mechanisms provide extra or improved use cases for cloud storage. Additional policy enforcement solutions such as secure deletion give customers tighter control over their data, enhance their storage privacy and can be essential in order to comply with business regulations.

  • WP41-R1: Semantic and contextually constrained policy enforcement
  • WP41-R2: Privacy-respectful policy enforcement
  • WP44-R1: Secure deletion
  • WP44-R2: Shared ownership
  • WP44-R3: Assisted deletion

Resource isolation

To enforce resource isolation, systems may make use of access control and security policies. The entities enforcing these policies, such as hypervisors, operating system kernels, middleware or applications, are themselves vulnerable to attacks. Therefore, improving the security of such policy-enforcing-entities (monitors) improves the security guarantees provided by the policies. The main objective of the project is to design mechanisms that improve the security of monitors either through: (a) removing vulnerabilities present in the code base, (b) preventing such vulnerabilities from being reachable by attackers, or (c) in the presence of attacker-reachable vulnerabilities, preventing their exploitation.

  • WP42-R1: Improved resource isolation
  • WP42-R2: Secure storage per tenant

Data Privacy

Cloud services introduce new security threats with respect to the confidentiality of the outsourced data. While the cloud providers are motivated to provide data confidentiality for their data storage services given the increasing security assurance demands from the cloud customers, they will also lose the advantage of optimizing their storage costs by de-duplicating the data once traditional encryption is applied to the data. TREDISEC aims to provide strong data confidentiality guarantees while benefiting from the various advantages of data deduplication in the cloud. On the one hand, we aim to devise novel schemes which ensure data confidentiality despite a powerful adversary that has access to the user's secret material: such schemes are defined as key-exposure resistant schemes. We also plan to propose techniques which support deduplication of data encrypted by different mistrusting principals (tenants, users).

  • WP43-R1: Data confidentiality
  • WP43-R2: Resistance to key leakage

Content extracted from deliverable document D2.2 Requirements Analysis and Consolidation