Secure Storage and Processing of Confidential Data on Public Clouds | SpringerLink
Skip to main content
Springer Nature Link
Log in

Secure Storage and Processing of Confidential Data on Public Clouds

  • Conference paper
  • First Online:
Parallel Processing and Applied Mathematics (PPAM 2013)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 8384))

  • 1674 Accesses

Abstract

The goal of this paper is to describe problems associated with storage and processing of confidential data in public clouds, and to propose relevant mitigation strategies. In our opinion many types of data in the commercial and scientific worlds require special attention to protect them against possible mishandling. This issue affects highly valuable data, such as trade secrets and financial information, as well as personal data including medical records used in scientific research. We analyse situations which require special care and next we propose a set of solutions for ensuring data security and describe feasibility studies based on tests performed using popular cryptographic software (OpenSSL). Those solutions would allow to fullfil objectives of the paper which are to analyze the requirements of scientific software regarding protection of confidential data, the nature of the data itself and threats against those assets.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 5719
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 7149
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. VPH-Share. http://vph-share.org/

  2. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on Computer and Communications Security (CCS ’09), pp. 199–212. ACM, New York (2009)

    Google Scholar 

  3. Vulnerability Summary for CVE-2012-0217, National Vulnerability Database, NIST. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0217 (2012)

  4. Vulnerability Summary for CVE-2012-6030, National Vulnerability Database, NIST. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6030 (2012)

  5. AWS Security and Compliance Center. https://aws.amazon.com/security/

  6. Penetration Testing. https://aws.amazon.com/security/penetration-testing/

  7. Vulnerability Reporting. https://aws.amazon.com/security/vulnerability-reporting/

  8. Security in Rackspace. http://www.rackspace.com/security/

  9. Amazon VPC. http://aws.amazon.com/vpc/

  10. Using Data Encryption. http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html

  11. Client-Side Data Encryption with the AWS SDK for Java and Amazon S3. http://aws.amazon.com/articles/2850096021478074

  12. Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm

  13. LUKS: Linux Unified Key Setup. http://code.google.com/p/cryptsetup/

  14. dm-crypt: Linux kernel device-mapper crypto target. http://code.google.com/p/cryptsetup/wiki/DMCrypt

  15. Canetti, R., Riva, B., Rothblum, G.N.: Refereed delegation of computation. Inf. Comput. 226, 16–36 (2013). ISSN: 0890-5401

    Article  MATH  MathSciNet  Google Scholar 

  16. FUSE: Filesystem in Userspace. http://fuse.sourceforge.net/

  17. Alex Halderman, J., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold boot attacks on encryption keys. In: Proceedings of the 2008 USENIX Security Symposium, 21 February 2008

    Google Scholar 

Download references

Acknowledgments

This research was partially funded by EC ICT VPH-Share Project (contract no. 269978) and the corresponding KI AGH grant. The authors wish to thank Dario Ruiz Lopez and Dmitry A. Vasunin for their helpful advice.

Author information

Authors and Affiliations

  1. ACC Cyfronet AGH, AGH University of Science and Technology, Krakow, Poland

    Jan Meizner & Piotr Nowakowski

  2. Department of Computer Science, AGH University of Science and Technology, Krakow, Poland

    Marian Bubak & Maciej Malawski

  3. Informatics Institute, University of Amsterdam, Amsterdam, The Netherlands

    Marian Bubak

Authors
  1. Jan Meizner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marian Bubak
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maciej Malawski
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Piotr Nowakowski
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jan Meizner .

Editor information

Editors and Affiliations

  1. Institute of Computer and Information Science, Czestochowa University of Technology, Czestochowa, Poland

    Roman Wyrzykowski

  2. University of Tennessee, Department of Computer Science, Knoxville, Tennessee, USA

    Jack Dongarra

  3. Institute of Computer and Information Science, Czestochowa University of Technology, Czestochowa, Poland

    Konrad Karczewski

  4. Technical University of Denmark Informatics and Mathematical Modelling, Kongens Lyngby, Denmark

    Jerzy Waśniewski

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Meizner, J., Bubak, M., Malawski, M., Nowakowski, P. (2014). Secure Storage and Processing of Confidential Data on Public Clouds. In: Wyrzykowski, R., Dongarra, J., Karczewski, K., Waśniewski, J. (eds) Parallel Processing and Applied Mathematics. PPAM 2013. Lecture Notes in Computer Science(), vol 8384. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55224-3_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-55224-3_26

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-55223-6

  • Online ISBN: 978-3-642-55224-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation