CLOUD SHREDDER: Removing the Laptop On-road Data Disclosure Threat in the Cloud Computing Era

Data Disclosure due to laptop loss, especially in travel, is a top threat to businesses, governments, and non- profit organizations. An effective protection against this threat should guarantee the data confidentiality, even if the adversary has physically possessed the laptop. Current technology does not satisfy this requirement. This paper proposes a novel approach to remove the threat under the emerging condition of ubiquitous internet access and cloud computing. We name this approach "Cloud Shredder", implying that the confidential files are shredded and hidden in the semi-trusted cloud storage service. Cloud Shredder is a generic and transparent security service that allows legitimate user access the files in exactly the same way as with commodity file systems, whereas the attackers only get meaningless junk even if they have obtained every byte on the hard drive. Rather than the traditional encryption-based protection, Cloud Shredder limits the attacker\´s opportunity in a short time window. We implemented a prototype that is compatible with the typical cloud storage service, Amazon S3, and supports two popular document applications, Acrobat Reader and Open Office. Our experiments show that the influence on file access performance is reasonable and should not ruin the user experience. Cloud Shredder is also applicable to smart phone, netbook and other computing devices with internet connection.