Cloud Security Mechanisms

About this seminar

Cloud computing and highly distributed systems pose new challenges for designing secure software because they differ from traditional systems in several aspects:

Limited Trust in Infrastructure
In a traditional approach to engineering secure systems, security-sensitive software components (e.g. authentication) would only be deployed on infrastructure which is assumed to be completely trustworthy. Cloud resources do not fit in that category: Business contracts and service level agreements build confidence, however, cloud resources are outside of the users' immediate domain of control and may even be under foreign legislation.

Unknown Users
Services that are exposed to the public have to deal with users that are unknown to the operator of the service: This is beyond traditional means of access control, where an operator is assumed to have knowledge about the users of the system.

Scale
A prime virtue of cloud infrastructures is scalability, which enables a service to handle a large number of users. This requires self-managing access control mechanisms without the need for manual administration.

In the face of these challenges new security mechanisms and cryptographic protocols have been developed in recent years which are not usually covered in basic CS lectures. This seminar aims at broadening the perspective to the recent developments in this field.

How to pass this seminar

This seminar focuses on work with scientific publications. For the given topic, you should identify the state of the art from related work, and identify the main contribution(s) of the given publications. We expect participants to give a 40-45 min presentation on the topic and write a report.

In you presentation, you should describe:

• The purpose of the mechanism and its field of application
• The state of the art in research (and application, if it exists)
• The "mathematical trick" that the mechanism is based on (a simplified version may be okay in some cases)
• An understandable example (again, simplified mathematics are okay here)

We would like to discuss the contents of the presentation with each presenter or group about 2 weeks before the actual presentation date. The purpose of this is to discuss CONTENT, you do now have to have a presentation ready then, but a clear picture of what you want to talk about (presentation outline) so we still have chance to point out gaps and figure out what is important for the topic. Please send us your presentation slides two days before the presentation so we can make some last-minute comments.

You report should:

• Be turned in until Friday, 22.9.2013 (extended)
• Use this template and adhere to the structure in it.
• Consist of roughly 10-15 pages
• Describe the purpose of the mechanism and its field of application
• Provide a good overview of related work and include comprehensive bibliography
• Also contain the mathematical foundation and example from the presentation

Before you actually start writing the report, we'd like to discuss an outline with you.

Schedule

Unless stated otherwise, meetings take place in A.1-2, Thursdays, 13.30.

• April 11th 2013, 13.30: First meeting
• April 4th 2013, 13.30: Assignment of topics
• May 2nd 2013: Research Methodology
• May 9th 2013: -- no meeting --
• May 16th 2013: Differential Privacy (Toni Mattis)
• May 23rd 2013: -- no meeting --
• May 30th 2013: Private Information Retrieval (Max Schneider)
• June 6th 2013: -- no meeting
• June 13th 2013: Bitcoin (Johannes / Robin)
• June 20th 2013: Trust-based Access Control (Vincent)
• June 27th 2013: Threshold Cryptography (Björn)
• July 4th 2013: --- cancelled ---
• July 11th 2013: Homomorphic Encryption (Christoph / Hubert) / Searchable Encryption (Stange)

List of Topics

Homomorphic Encryption

• Fully homomorphic encryption using ideal lattices, Gentry, C., 2009
• Secret program execution in the cloud applying homomorphic encryption, Brenner, M. et al., 2011
• Introduction: video lecture by Shai Halevi, IBM

Secure Multiparty Computation

• Introduction: Yao's Millionaire Problem, Protocols for Secure Computations (extended abstract), Andrew C. Yao, 1982
• How to generate and exchange secrets, Andrew C. Yao, 1986
• Is multiparty computation any good in practice?, C. Orlandi, 2011

Threshold Cryptography

• How to share a secret, Shamir, A. 1979
• Some recent research aspects of threshold cryptography, Desmedt, Yvo, 1998
• Practical threshold signatures, Shoup, V., 2000

Searchable Encryption

• Public key encryption with keyword search, Boneh, D. et al., 2004
• Conjunctive, subset, and range queries on encrypted data, Boneh, D. et al, 2007

Differential Privacy

• Calibrating Noise to Sensitivity in Private Data Analysis, Cynthia Dwork, 2006
• A Practical Beginners' Guide to Differential Privacy, Christine Task, (video)
• Differentially Private Publishing of Geospatial Data, Wahbeh Qardaji, (video)

Information Flow Security

• Language-based information-flow security, Sabelfeld, A. and Myers, A.C., 2003
• Verification of Information Flow Properties of Java Programs without Approximations, C. Scheben and P. Schmitt. Springer, 2012.
• Security policies and security models, JA Goguen, J Meseguer, IEEE Symposium on Security and privacy, 1982 (keyword to look for: Noninterference)
• Noninterference for concurrent programs and thread systems, G Boudol, I Castellani, Theoretical Computer Science, 2002, Elsevier

Trust-based access control

• Using trust and risk in role-based access control policies, N. Dimmock et al., 2004
• Access control meets public key infrastructure, or: Assigning roles to strangers, Herzberg et al., 2000

Private Information Retrieval

• Private Information Retrieval, Benny Chor et al., 1998
• Introductory video to PIR (amongst other things) by Prof. Christoph Freytag, HU Berlin (video)

Bitcoin

• Bitcoin: A peer-to-peer electronic cash system, S Nakamoto, 2008