Title :
Security in Outsourced Storage: Efficiently Checking Integrity and Service Level Agreement Compliance
Author :
Bragantini, Roberto ; Conti, Mauro ; Di Pietro, Roberto
Author_Institution :
Dipt. di Inf., Univ. degli Studi di Verona, Verona, Italy
fDate :
June 29 2010-July 1 2010
Abstract :
The storage as a service paradigma has recently raised interest in the security community, where a few works have been proposed to check whether an outsourcer has tampered with the integrity of the outsourced data. In this paper, we assume that storage is outsourced in accordance to some integrity enforcing protocol. Under this assumption, we focus on a specific issue; that is, when the outsourcer is requested to provide access to the outsourced data within a given time-bound - for instance, set in a Service Level Agreement (SLA). This paper provides several contributions: first, we identify and motivate the above requirement in the outsourced storage context; second, we show that current integrity enforcing protocols fail in detecting the violation of the time-bound limit against a rationale malicious outsourcer; third, we show how the outsourcer can actively perform such an attack. Results are supported by thorough analysis and extensive simulations.
Keywords :
formal verification; security of data; storage management; integrity checking; integrity enforcing protocol; outsourced data integrity; outsourced storage context; rationale malicious outsourcer; security community; service level agreement; service paradigm; time-bound limit; Equations; Libraries; Optimized production technology; Protocols; Random access memory; Servers; Time factors; Compliance; Outsourced Storage; Provable Data Possession; Service Level Agreement;
Conference_Titel :
Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on
Conference_Location :
Bradford
Print_ISBN :
978-1-4244-7547-6
DOI :
10.1109/CIT.2010.200
