cloud integrity monitoring
Skip this Video
Download Presentation
Cloud Integrity Monitoring

Loading in 2 Seconds...

play fullscreen
1 / 16

Cloud Integrity Monitoring - PowerPoint PPT Presentation

  • Uploaded on

Cloud Integrity Monitoring. Mike Smorul ADAPT Group University of Maryland, College Par. Cloud Computing. A new paradigm for offering a wide variety of cost effective services – storage, compute, software, application, infrastructure – over the internet.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Cloud Integrity Monitoring' - Renfred

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
cloud integrity monitoring

Cloud Integrity Monitoring

Mike Smorul


University of Maryland, College Par

cloud computing
Cloud Computing
  • A new paradigm for offering a wide variety of cost effective services – storage, compute, software, application, infrastructure – over the internet.
  • A major issue – confidentiality and integrity of data stored in a cloud.
  • This presentation: a new light weight scheme for clients to monitor the integrity of their holdings in the cloud.
monitoring concerns
Monitoring Concerns
  • Transfer to validate incurs a fee.
  • Last mile may be too slow.
    • Remote monitoring not feasible
  • How can third parties validate their data?
background ace integrity token
Background: ACE Integrity Token
  • Small proof that resides alongside a file.
    • Proof links digest of file to external number (CSI)
  • May be transferred over insecure channels and still validated
    • Does not rely on secret data (private key, etc)
  • Linked to a single (nightly) published witness.
    • Witness is tiny (32 bytes)
    • Widely published
    • Witness provides 24h time window for token
    • Independent of size or type of data
token construction
Token Construction
  • Construction Steps
    • Aggregate all digests for a round (seconds)
    • Create small summary value for the round
    • At the end of each day, publish witness = aggregate data for all intermediate values
  • Value
    • Small amount of data after each aggregation
    • Alteration of the content of any object will cause the value of the witness to be different
    • Two levels allow for quick client response and tiny daily data
types of audit
Types of Audit
  • Audit Local Files: Periodically scans files and compares stored digests with computed digests.
    • Assume valid hashes in local storage
  • Audit Local Digests: Recompute the round summary for each digest using that digest and its token. This is compared to value stored on the IMS.
    • Assume IMS returns valid summary information, do not trust hashes stored locally
  • External IMS Audit: Round summaries are used to compute witness values. These are compared with offsite witness values.
    • Do not trust IMS, force IMS to prove its CSIs link to a witness
storing token in a cloud
Storing token in a cloud
  • Two possibilities
    • Whole token may be stored as separate file.
    • Validation components of token may be stored in attribute/value pairs
  • Tokens are small (1-2k)
  • Validation information is even smaller (<1k)
validation by 3 rd party
Validation by 3rd party
  • 3rd party downloads object and token.
  • Runs validation processes using external information
  • No interaction with original depositor required.
  • Validation information may be supplied as http headers from cloud service.
    • Validation information adds at most 10 digests to the header.
    • Uses metadata stored in cloud (no extra objects)
data flow
Data Flow

Cloud Storage

2. Token + data


3. Token + data

1. Token Request/Response



4. CSI Request/Response

how 3 rd party validation works
How 3rd party validation works
  • Acquire token and original file
    • Use http headers, or separate token request
  • Compute digest for file
  • Compute CSI value using token + digest
  • Compare computed CSI to remote CSI on IMS
    • IMS is public, generally not tied to depositor.
  • (Optionally) Challenge IMS to prove CSI
  • Compare challenge result to external Witness
validation during processing
Validation during processing
  • Upload validation routines along with application
  • Application computes digest during access
    • Most languages allows you to chain or wrap data reads.
  • After read finished, validate digest using token
  • Inexpensive
    • Most computation likely to be service
    • External data required (CSI, Witness) is very small
ex image conversion service
Ex: Image Conversion Service
  • Request file from cloud storage
    • Compute digest during read
    • Perform transformation
  • When read finishes
    • Validate integrity using digest + token
    • Roll back transformation, log error if validation fails
  • No extra reads required for validation
  • Transformation likely to be more expensive than digest calculation
remote validation
Remote Validation
  • Most clouds do not charge for intra-cloud transfer.
  • Create an EC2 instance or other service that reads all data and validates
  • May be expensive depending on CPU fees
  • Sampling may be adequate
  • Requires you to trust EC2 to run your service and not return false results
    • False/forged results unlikely.
    • You are supplying image/software
additional information
Additional Information
  • Cloud extensions still in development
  • ACE Audit Manager is available for download
    • Now BSD licensed!