Security and Privacy in Cloud Computing: Vision ... - IEEE Xplore

3 downloads 0 Views 722KB Size Report
ple storage or analytics (see Figure 1). Because the reliability of cloud computing operations depends on the enforcement of security policies (access control,.
CLOUD SECURITY AND PRIVACY

Security and Privacy in Cloud Computing: Vision, Trends, and Challenges Zahir Tari, Xun Yi, Uthpala S. Premarathne, Peter Bertok, and Ibrahim Khalil, RMIT University

This article explores the challenges, solutions, and limitations of cloud security, with a focus on data utilization management aspects, including data storage, data analytics, and access control.

30

loud computing provides organizations and individuals with a cost-effective utility, empowering businesses by delivering software and services over the Internet to a large user base. According to an IHS report, worldwide spending for cloud infrastructure and services reached an estimated $174.2 billion in 2014, up 20 percent from $145.2 billion in 2013.1 However, because the cloud is an open platform, it’s susceptible to malicious attacks of continuously evolving natures. Security of stored data, access management, data utilization management, and trust are among the primary security aspects in cloud computing. A particularly promising approach to improving security in cloud computing is the use of cryptographic methods. Because of limitations in computational efficiencies and associated constraints, traditional cryptographic techniques aren’t yet widely used in cloud-based environments.2 Pro-

posed homomorphic encryption schemes have proven to offer a high level of security, but they require lengthy computations; more efficient and scalable security solutions are thus needed. Trustworthy cloud computing relies on two parties performing certain tasks in a dependable manner. Traditional distributed architectures uphold trust by enforcing security policies. However, in cloud deployment models, data and application control is delegated, hence traditional policy-based enforcement presents a number of challenges. Reliable enforcement is a critical aspect of cloud service dependability. A trusted third party within a cloud environment is often used together with cryptographic methods to ensure the integrity, authenticity, and confidentiality of both data and communication. In cloud computing, data confidentiality and user authentication are correlated. Protecting a user’s account from misuse is an important part of the larger problem of controlling access to cloud-based resources (such as objects, memory, devices, and soft-

I EEE CLO U D CO M P U T I N G P U B L I S H ED BY T H E I EEE CO M P U T ER S O CI E T Y

2325-6095/15/$31 .00 © 2015 IEEE

Cloud applications: Variety of data Security requirements

Cloud computing: Operations on data

Smart transportation

Surveillance

Personal well-being monitoring

Social interactions

Storage Analytics Sharing Visualization Online/offline computations

IaaS PaaS SaaS

Policy management

Enterprise E t i data sharing

Authentication

Access control Process validations

Query validation

Encryption

Decryption

FIGURE 1. Securing the cloud for data utilization management.

Challenges and Issues

Security Alliance (https://cloudsecurityalliance.org), have been looking at it from different perspectives. Cloud services have three basic models: software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Although these models have major differences, they share many security- and privacy-related issues.

Applications store and process data in the cloud, and users access data for diverse purposes, such as simple storage or analytics (see Figure 1). Because the reliability of cloud computing operations depends on the enforcement of security policies (access control, data encryption, and so on), security weaknesses and deficiencies must be addressed. Secure and privacy-preserving cloud computing presents technical, legal, and administrative challenges. Our focus here is on the technical issues. The main aspects of security, confidentiality, integrity, and availability must be addressed at the client side, the connection, and the server side. The major issue is that all three operate in and are part of shared environments, hence their security and privacy requirements must be combined. The importance of cloud security has been widely acknowledged, and several organizations, such as the Cloud

Public and Private Clouds Cloud computing is based on accessing resources over the Internet. Public clouds are operated by a dedicated service provider, and in most cases implement a multitenant environment. Private clouds are operated by an organization, the service isn’t shared, and they operate as single-tenant environments. In some cases, private clouds are augmented by public cloud services, creating hybrid clouds. Remote access to resources is a fundamental part of cloud computing, and the connection can be entirely over public networks or through (possibly virtual) private networks. Because remote access technology has been around for some time, there are a number of solutions to protect data in transit. Current security protocols, which protect the communication, have few design flaws. Transport layer

ware). Cryptographic authentication solutions can help facilitate secure resource utilization. However, depending on the cloud deployment model, key management (assignment, distribution, and revocation) must be efficient and manageable at a large scale.

M A R CH/A P R I L 201 5

I EEE CLO U D CO M P U T I N G

31

CLOUD SECURITY AND PRIVACY

security (TLS), arguably the most popular protocol, protects data confidentiality via encryption, providing server- and client-side authentication via certificates. TLS was developed from the Secure Socket Layer (SSL) protocol and still provides backward compatibility. However, SSL versions are no longer considered secure because of several published attacks, including POODLE (Padding Oracle on Downgraded Legacy Encryption), BEAST (Browser Exploit against SSL/TLS), and Lucky-13. Hence, the TLS feature of fallback on SSL in certain cases is a vulnerability in the TLS design. Bugs also exist in popular software. Examples include the Heartbleed vulnerability in the OpenSSL software package. Server Availability As a result of technology development, hosts already offer high availability, and the network has become the bottleneck. Data exchange in a busy network can be slow, and an attack on a network, such as a denial-of-service (DoS) attack, can block access to important resources. When using the Web, the stateless nature of protocols requires new solutions to maintain the required availability levels. Multitenant Services As with any shared service, tenants aren’t totally isolated from each other. Many cloud service providers offer different levels of services and use virtualization to separate clients, which includes sharing virtual machines or allocating a virtual machine to a single user. Still, the work pattern of one user can affect other users of the same service. For example, excessive use or locking of resources is a common problem that impacts service availability and can lead to DoS attacks. End users of cloud services work in heterogeneous environments, and the cloud service provider has little influence on their setup. Users can utilize the service from Internet cafes with little protection or from desktop computers in a well-protected environment behind a firewall. However, one user’s environment can affect the server and other users. Malware can spread via the server, infect applications, and move on to other clients. Virtual environments offer more protection between virtual machines than within a machine, but they still don’t provide complete isolation. Data Storage One of users’ major concerns is that they have no control over the location of data or how it’s stored. Users rely on services that are opaque to them, and no information about the server’s operation is di32

vulged. Although this can improve security by obscurity, it also undermines user trust. How the data is protected on the server side might not be clear to clients. Data retention is also a concern for users. The cloud service provider might keep deleted data in backups or for some unpublished reason. For example, Facebook kept deleted data but removed it from view. The same concerns also apply when a service is terminated. Access Control Most cloud systems include basic access control. Almost every system has privileged users, such as system administrators who have unrestricted access to user data. When data or processes are outsourced via the cloud, possibly sensitive data or processes are handed over for safekeeping. In a local setting, users know whom they trust with their data, but in a cloud setting users rarely know the location of the cloud server, the people managing it at the server side, and who has access to it in general. Insider threats are particularly concerning, because such attacks can lead to enormous damage. Malicious employees can cause major harm, but even negligence can inflict damage by allowing outside attackers to obtain insider privileges. Cloud services are attractive targets for criminals, because a successful attack can yield a large amount of information. Attacks can vary from inappropriately accessing information to divulging or altering personal data. A privacy leak can be damaging by itself, but publishing or forging personal information can cause even more serious harm. In some cases, data or processes are provided for a particular purpose, or stored with a particular aim in mind. A common concern is usage creep, when data stored in the cloud is accessed and used by the cloud service provider for a purpose other than the one the client intended. Cryptographic access control models address some of these issues.3,4 Identity Protection Data traveling over the Internet provides valuable information about people. Search keywords, credit card usage, and mobility patterns are just a few examples of information that can be used to identify and track individuals from supposedly anonymized data; attackers can also exploit this information. This same data is available practically without restrictions to cloud service providers. For example, some cloud service providers’ business models include targeted advertising that is based on monitoring account traffic or data stored on user accounts.

I EEE CLO U D CO M P U T I N G W W W.CO M P U T ER .O RG /CLO U D CO M P U T I N G

By profiling users, it becomes easier to identify client interests, which facilitates targeted advertising and marketing. Data mining is often performed on data stored in the cloud, with or without the client’s explicit consent. Although this might not breach the client’s privacy if performed properly, it’s certainly an aspect that clients need to be aware of.

Trends in Solutions A number of solutions to the problem of data security and privacy in the cloud have been proposed. Securing the Cloud with Homomorphic Encryption A major concern of cloud users is the potential for losing data privacy once the data has moved to the cloud. Customers need assurance that their data is well protected by cloud service providers. Encryption can alleviate this fear, but it also has drawbacks. To avoid time-consuming downloading and uploading of data for customers, the cloud provider can perform operations in the cloud. However, to manipulate encrypted data in the cloud, users must share their encryption/decryption keys with the cloud provider, effectively allowing them access to the data. One of the top threats to cloud computing is malicious insiders. An insider can be a rogue administrator employed by a cloud service provider, an employee of the victim organization who exploits vulnerabilities to gain unauthorized access, or an attacker who uses cloud resources to launch attacks. The multitenant nature of the cloud computing environment makes it difficult to detect and prevent insider attacks. Homomorphic encryption allows computations to be carried out on encrypted data (also known as ciphertext), thus generating an encrypted result, which, when decrypted, matches the result of the same operations performed on the original data (plaintext). This can be a major advantage for applications that outsource encrypted data to the cloud. Homomorphic encryption is attractive for many applications, but it has a serious limitation: the homomorphic property is typically restricted to one operation only, usually addition or multiplication. Methods having the homomorphic property for both addition and multiplication simultaneously bring us a step closer to real-life applications. Ronald Rivest and his colleagues introduced the concept of fully homomorphic encryption under the name privacy homomorphisms in 1978,5 but it was only in 2009 M A R CH/A P R I L 201 5

that Craig Gentry proposed a fully homomorphic encryption (FHE) scheme.6 Gentry’s scheme allowed an arbitrary number of additions and multiplications on encrypted data while guaranteeing that the results were correctly reflected in the decrypted data. FHE can be briefly described as follows. Let (P, C, K, E, D) be an encryption scheme, where P and C are the plaintext and ciphertext spaces, K is the key space, and E and D are the encryption and decryption algorithms. Assume that the plaintexts form a ring (P, ⊕p, ⊗p) and the ciphertexts form a ring (C, ⊕c, ⊗c); then, the encryption algorithm E is a map from the ring P to the ring C, that is, Ek: P → C,

Customers need assurance that their data is well protected by cloud service providers.

where k is either a secret key (in the secret-key cryptosystem) or a public key (in the public-key cryptosystem). For all a and b in P and k in K, if Ek(a) ⊕c Ek(b) = Ek(a ⊕p b) and

(1)

Ek(a) ⊗c Ek(b) = Ek(a ⊕p b),(2) then the encryption scheme is fully homomorphic. A direct application of FHE can be a keywordbased search over encrypted data in the cloud. Assume that a user has a database to upload to a cloud, as shown in Table 1. To keep the information in the table confidential, the user encrypts the table with FHE E and a key k, and uploads the encrypted table, as shown in Table 2. To search records that satisfy a specific condition, such as Name = Clark, the user encrypts the sensitive information—Ek (Clark)—before sending the full query—Name, Ek (Clark)—to the cloud provider. Note that this encryption scheme is probabilistic; that is, the encrypted text looks different if the operation is repeated. The cloud provider runs the algorithm with the inputs Name, Ek (Clark) and each encrypted name in Table 2. If the encrypted name matches Ek (Clark), the algorithm outputs  Ek (1), if matches xi =  (3)  Ek (0), if not matches  I EEE CLO U D CO M P U T I N G

33

CLOUD SECURITY AND PRIVACY

Table 1. Example of unencrypted data to be uploaded to the cloud. No.

Name

Surname

Day

Year

Mobile

1

John

Doe

1

April

1968

1234567890

2

Sarah

Doe

17

March

1975

2345678901

3

Peter

Parker

4

August

1998

3456789012

4

Clark

Kent

8

May

1985

4567890123

5

George

Dodson

25

August

1948

5678901234

6

David

Jones

6

May

1972

6789012345

Let Ri denote the ith encrypted record in Table 2. The cloud provider computes and returns 6 y= x i Ri to the user. When i ≠ 4, we have xi = i=1 Ek(0) and xiRi is an encryption of 0. In this case, we have y = x4R4, which is an encryption of the fourth record. After the user receives y, he or she decrypts it with the secret key and obtains the matching record, that is, the fourth record. Obviously, this is a simple example and any type of searching criteria could be implemented with FHE. The downside of Gentry’s FHE technique is its high computational time. For example, if Google was to use the process to search the Web homomorphically, the required computational time would be multiplied by about a trillion, according to Gentry. This extra computational time is one of the reasons that a practical FHE solution isn’t currently available. Although some progress has been made to overcome the amount of processing in recent years, the newer schemes tend to be complex and hard to implement.



Privacy-Preserving Data Mining as a Service in the Cloud The discovery of frequent patterns, association rules, and correlation relationships among huge amounts of data is useful to business intelligence. A typical example of frequent itemset mining is market basket analysis. This process analyzes customer buying habits by finding associations between the different items that customers place in their shopping baskets. The discovery of such associations can help retailers develop marketing strategies by gaining insight into which items customers frequently purchase together. For a decade, there has been a growing interest in data mining as a service.7,8 In this paradigm, a company (data owner) that lacks data storage, computational resources, and expertise, stores its data in the cloud and outsources the mining tasks to the cloud service provider (server). Without doubt, data mining as a service offers valuable benefits to business intelligence. However, it also presents a serious privacy 34

Month

problem; that is, the server has access to company data and could learn business secrets from it. To protect a company’s data privacy and yet enable the server to perform association rule mining on the data in the cloud, a naïve solution is for the data owner to hide the meanings of items in its transaction database by substituting items with unique numbers (where the same item is substituted by the same number and different items are substituted by different numbers). This one-to-one substitution approach doesn’t hide the frequencies of items. If the server has some background knowledge (for example, information on the frequencies of some items), it can reidentify them, particularly the most frequent items. For example, if bread is the most frequent item in retail transaction databases, the server can conclude that the most frequently occurring number refers to bread in the transformed database. To prevent background-knowledge-based attacks, Wai Kit Wong and his colleagues proposed a one-to-n item mapping that transforms transactions nondeterministically.9 The basic idea is to add fake items to the transaction database. However, fabrication of false data degrades the accuracy of data analytics, and the proposed method has two weaknesses that can be exploited. First, each fake item has the same probability of being added to each transaction, and thus appears with similar frequency when the number of transactions is large. Second, fake items are added to transactions independently of the items already present. As a result, each fake item is independent of all other items. This second observation holds even if the frequency of each fake item is different. Ian Molloy and his colleagues presented a frequency-analysis-based attack to Wong and colleagues’ algorithm.10 The attack could remove the independently added fake items by detecting the low correlations between items, and some of the top frequent items were reidentified successfully. In 2010, Chih-Hua Tai and his colleagues proposed k-support anonymity to protect sensitive items with k – 1 other items of similar support.7 For exam-

I EEE CLO U D CO M P U T I N G W W W.CO M P U T ER .O RG /CLO U D CO M P U T I N G

Table 2. The encrypted form of Table 1’s example data. No.

Name

Surname

Day

Month

Year

Mobile

1

Ek (John)

Ek (Doe)

Ek (1)

Ek (April)

Ek (1968)

Ek (1234567890)

2

Ek (Sarah)

Ek (Doe)

Ek (17)

Ek (March)

Ek (1975)

Ek (2345678901)

3

Ek (Peter)

Ek (Parker)

Ek (4)

Ek (August)

Ek (1998)

Ek (3456789012)

4

Ek (Clark)

Ek (Kent)

Ek (8)

Ek (May)

Ek (1985)

Ek (4567890123)

5

Ek (George)

Ek (Dodson)

Ek (25)

Ek (August)

Ek (1948)

Ek (5678901234)

6

Ek (David)

Ek (Jones)

Ek (6)

Ek (May)

Ek (1972)

Ek (6789012345)

ple, let’s say a retail transaction database contains five transactions: t1 = wine; t2 = cigar; t3 = cigar, tea; t4 = beer, cigar, wine; and t5 = beer, tea, wine. Suppose that beer, cigar, wine, tea are replaced with a, b, c, h, respectively. A transformed transaction database with three-support anonymity is: t1 = c, d, g; t2 = b, d, g; t3 = b, h; t4 = a, b, c; and t5 = a, c, d, h, where d and g are two fake items. We can see that each of the three items a, g, h has two supports and each of the three items b, c, s has three supports. Tai and his colleagues transform the frequent itemset mining to the generalized/multilevel frequent itemset mining, and limit the additional item occurrences with the help of a pseudo taxonomy tree.7 Their approach can protect the sensitive information with k-support anonymity. In 2013, Fosca Giannotti and her colleagues extended the concept of k-support anonymity to k-privacy.8 Although k-support anonymity requires that each transformed item is indistinguishable from at least k – 1 other items, k-privacy requires that each transformed itemset is indistinguishable from at least k – 1 other itemsets of the same size. They proposed an approach to transform a database to achieve k-privacy. Their approach consists of three main steps: • using 1-to-1 mapping to substitute each plain item; • grouping items for k-privacy; and • adding fake transactions to achieve k-privacy. The constructed fake transactions are added to database D to form a database D*, which is submitted with a minimum support threshold to the server. After the server returns the computed frequent patterns from D*, the data owner removes the effect of the fake transactions. For example, if the support of an itemset E in D* is x and the support of E in D*/D is y, then the real support of E in D is x – y. The difference between the privacy-preserving approaches proposed by Tai and his colleagues7 and M A R CH/A P R I L 201 5

Giannotti and her colleagues8 is that the former adds fake items to the data to achieve k-support anonymity whereas the latter adds fake transactions to the data to achieve k-privacy. In the paradigm of outsourcing data-mining tasks to cloud, the company (data owner) is assumed to lack data storage, computational resources, and expertise. However, transforming a database to ksupport anonymity or k-privacy is as complicated as association rule mining algorithms. If the company can perform such transformations, it can often run the Apriori algorithm to find association rules from its data locally. Recently, Xun Yi and his colleagues considered a cloud computing environment where the data owner, not having large local data storage, chooses to store all its transaction data in the cloud, and might need to continuously add new transactions to its cloud database.11 The data owner doesn’t have sufficient computation resources to run data-mining algorithms locally either, and has no knowledge of k-anonymity and data-mining algorithms. To protect data privacy, the data owner employs the ElGamal public key cryptosystem to encrypt all items in a transaction— that is, the data owner generates its public/private key pair and then encrypts all items with the public key before uploading the transaction to the cloud.12 When outsourcing data-mining tasks to the cloud, the data owner chooses n (n > 2) servers belonging to the different clouds. It splits its private key into n pieces and distributes them to the n servers, respectively. The private key is secure as long as not all the n servers collude. We assume that at least one out of n servers is honest. In addition, the data owner sends an encryption of the minimum support threshold to the servers. We assume that each server is semihonest; that is, it honestly follows the datamining algorithm but might be curious about the privacy of the data (for example, the frequencies of items or association rules). In this setting, Yi and his colleagues propose three solutions at different security levels for the I EEE CLO U D CO M P U T I N G

35

CLOUD SECURITY AND PRIVACY

servers from different clouds to cooperate to mine association rules from the encrypted data and return to the data owner encrypted association rules with encrypted support and confidence.11 Compared to the work on outsourcing of association rule mining, the main advantage of their work is that it relaxes the data owner’s requirements for data storage, computation resources, and expertise. What the data owner is required to do is encrypt its data before uploading it to the cloud and decrypt the mined association rules received from the cloud.

Cloud computing offers cost-effective scalable platforms to provide various services to consumers.

These works focus on privacy protection for outsourcing association rule mining in the cloud. Protecting data privacy for other data-mining tasks, such as classification and clustering, in the cloud is still a challenge. Access Control in Cloud Systems Cloud computing offers cost-effective scalable platforms to provide various services to consumers, such as data analytics and data storage. The security of hosted or outsourced data is essential to ensure reliable service delivery in cloud systems. Data utilization management requires sufficient user authentications, authorizations, and scalable access control models. The access control models should essentially be secure and offer the required finegrained authorizations along with efficiency to cater to a large user base. Efficiency, Scalability, and Fine-Grained Solutions Robust access control is an essential security requirement to host sensitive data with confidentiality preserved. Cryptographic access control models are attractive secure solutions for cloud-based systems. Combinations of cryptographic techniques, such as attribute-based encryption, proxy re-encryption, lazy re-encryption hierarchical identity-based encryption, ciphertext policy attribute-based encryption, and attribute-based encryption, are used to develop fine-grained access control models for cloud systems.3,13 36

The use of cryptographic techniques incurs heavy computational overheads on the data owner for both key distribution and data management tasks. For example, when adding or deleting users from the system, tasks include revoking keys, updating keys of other users, and re-encrypting data. Further improving scalability and efficiency while providing fine-grained authorizations requires advanced cryptographic access control models. Advanced models have been developed using a combination of cryptographic techniques with efficiency and security guarantees. Distributed Access Control Decentralized administration is a salient feature in cloud deployment models. Decentralization of access control enforcement is desirable. In centralized solutions, access control for a large number of users over multiple cloud domains must cope with the complexities of maintaining a large number of authorization rules. Existing solutions describe multiauthority cryptographic access control models.14 However, it’s important to consider the application-specific requirements along with multitenancy and the distributed nature of cloud-based deployments in developing more scalable access control models. Access Control as a Value-Added-Service The lack of robust access control hinders the deployment of secure data-sharing applications as cloudbased collaborative services. For cloud-based utility service models, offering access control as a valueadded service is more pragmatic.15 Achieving this requires devising sufficiently secure utility models. Solutions that perceive the concept of security as a value-added service typically consider an overlay service. For example, some researchers have proposed a self-maintained quorum of key managers to handle the cryptographic key operations for fine-grained policy-based access control.4 To ensure sufficient security in access control, it’s important to select trusted key managers. Reliable Credential Management Robust authentication is vital in access control: authorizations are granted to authenticated users. An important aspect of this is the management of identity credentials. Federated identity management is deemed an efficient solution for open systems such as cloud-based collaborative systems. Trustworthy identity management is essential to ensure reliable data utilization management. Useful trust evalua-

I EEE CLO U D CO M P U T I N G W W W.CO M P U T ER .O RG /CLO U D CO M P U T I N G

tion metrics are proposed to estimate the reliability of security, and to be offered as a cloud utility service.16 The significance of trust evaluation is vital to ensure secure collaborative data sharing, data analytics, and data outsourcing.

ith the advent of new utility services, largescale data storage, and utilization applications, along with notorious attacks to disrupt privacy, confidentiality, integrity, and availability, more scalable security solutions are necessary for cloud computing platforms. Researchers have mostly focused on developing privacy-preserving data-mining tools, but many organizations outsourcing IT-related services to the cloud need simple but privacy-preserving transactions. These might involve encrypted search and typical statistical analysis to generate reports, or simple e-commerce transactions in privacy-preserving manners. Not much attention has been paid to securing these kind of transactions. We’ve learned that homomorphic encryption, originally proposed by Gentry, is impractical at the moment because of its computationally heavy processing requirements. Solutions for such transactions must be lightweight, scalable, and capable of providing real-time response. Therefore, we need further research on simple and lightweight homomorphic cryptographic models. Multicloud environments demand trust-based interactions between cloud providers. The main constraint is how trust is computed and what mechanisms can be used to facilitate trust establishment. Little attention has been given to developing trust metrics for quantifying required trust levels in a privacy-preserving perspective. Further research on scalable trust establishment mechanisms that can be used for different cloud deployment models in multicloud environments is necessary. The main objective of middleware solutions in the cloud is to manage applications across clouds. Owing to the advent of various attacks impeding the widespread deployment of cloud applications, secure middleware solutions are vital. There is limited research on scalable middleware solutions for secure application development in the cloud. Depending on the type of computations and cloud deployment models, the middleware solutions should be able to offer persistent security guarantees. Utility service models offer client applications to be run on the cloud and might contain malicious code that can harm or slow down processing considerably. Little research has been done in verifying content-based trustworthiness. These are signifiM A R CH/A P R I L 201 5

cantly different from existing DoS attacks launched by outsiders. For example, to protect IaaS-based customers’ cloud-deployed applications (such as code), the underlying DoS threats must be fully explored to realize comprehensive secure utility services. Large amounts of data are hosted in the cloud, and cloud providers must guarantee its authenticity and integrity to all users. Verifying the point of origin for multisourced data is a challenge. It’s further challenging when data are hosted with high velocity (for example, data from millions of sensors continuously) Preserving integrity over time when there’s a large user base demands more scalable solutions. For this problem, provenance-based solutions and graph-based integrity validation models for big data need to be researched. In the recent past, cryptographic solutions have been increasingly popular as viable solutions to secure data storage and access control. Some of the cryptographic techniques are attractive in terms of security, efficiency, and scalability. Advanced encryption schemes such as homomorphic encryption ensure strong security at the expense of heavy computational overheads. Improving efficiency and scalability with respect to cloud deployment models and application-specific demands requires more research effort. References 1. IHS Technology, “Cloud-Related Spending by Businesses Triple from 2011 to 2017,” http://press .ihs.com/press-release/design-supply-chain/ cloud-related-spending-businesses-triple-2011 -2017. 2. V.D. Marten and A. Juels, “On the Impossibility of Cryptography Alone for Privacy-Preserving Cloud Computing,” Proc. 5th USENIX Conf. Hot Topics in Security (HotSec 10), 2010; http://static .usenix.org/events/hotsec10/tech/full_papers/ vanDijk.pdf. 3. S. Yu et al., “Achieving Secure, Scalable, and Fine-Grained Data Access Control in Cloud Computing,” Proc. IEEE Conf. Computer Comm. (INFOCOM 10), 2010, pp. 1–9; doi:10.1109/ INFCOM.2010.5462174. 4. Y. Tang et al., “Secure Overlay Cloud Storage with Access Control and Assured Deletion,” IEEE Trans. Dependable and Secure Computing, vol. 9, no. 6, 2012, pp. 903–916. 5. R.L. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Comm. ACM, vol. 21, no. 2, 1978, pp. 120–126. 6. C. Gentry, “A Fully Homomorphic Encryption I EEE CLO U D CO M P U T I N G

37

CLOUD SECURITY AND PRIVACY

Scheme,” PhD dissertation, Dept. of Computer Science, Stanford Univ., 2009. 7. C.H. Tai, P.S. Yu, and M.S. Chen, “k-Support Anonymity Based on Pseudo Taxonomy for Outsourcing of Frequent Itemset Mining,” Proc. ACM SIGKDD Int’l Conf. Knowledge Discovery and Data Mining (KDD), 2010, pp. 473–482. 8. F. Giannotti et al., “Privacy-Preserving Mining of Association Rules from Outsourced Transaction Databases,” IEEE Systems J., vol. 7, no. 3, 2013, pp. 385–395. 9. W.K. Wong et al., “Security of Outsourcing of Association Rule Mining,” Proc. Int’l Conf. Very Large Databases (VLDB 07), 2007, pp. 111–122. 10. I. Molloy, N. Li, and T. Li, “On the (In)Security and (Im)Practicality of Outsourcing Precise Association Rule Mining,” Proc. IEEE Conf. Data Mining (ICDM 09), 2009, pp. 1–10. 11. X. Yi et al., “Privacy-Preserving Association Rule Mining in Cloud Computing,” Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), 2015, pp. 439-450. 12. T. ElGamal, “A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” IEEE Trans. Information Theory, vol. 31, no. 4, 1985, pp. 469–472. 13. G. Wang, Q. Liu, and J. Wu, “Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Storage Services,” Proc. ACM Conf. Computer and Comm. Security, 2010, pp. 735–737. 14. K. Yang et al., “Dac-Macs: Effective Data Access Control for Multiauthority Cloud Storage Systems,” IEEE Trans. Information Forensics and Security, vol. 8, no. 11, 2013, pp. 1790–1801. 15. P. Jamkhedkar et al., “A Framework for Realizing Security on Demand in Cloud Computing,” Proc. IEEE Int’l Conf. Cloud Computing Technology and Science (CloudCom 13), 2013, pp. 371–378. 16. U. Premarathne et al., “Cloud-Based Utility Service Framework for Trust Negotiations Using Federated Identity Management,” IEEE Trans. Cloud Computing, preprint, 2015, doi:10.1109/ TCC.2015.2404816.

XUN YI is a professor in the School of Computer Science at RMIT University, Australia, where he’s a member of the Cyberspace & Security Group (CSG). His research interests include privacy protection, cloud security, privacy preserving data mining and applied cryptography. Yi has a PhD in electronic engineering from Xidian University, China. Contact him at [email protected]. UTHPALA S. PREMARATHNE is a PhD student in the School of Computer Science at RMIT University, Australia, where he’s a member of the Cyberspace & Security Group (CSG). Her research interests include security, privacy and access control. Premarathne has a master’s degree in engineering from Moratuwa University. Contact her at [email protected] .au.

PETER BERTOK is an associate professor in the School of Computer Science at RMIT University, Australia, where he’s a member of the Cyberspace & Security Group (CSG). His research interests include access control, privacy protection and communication security. Bertok has a PhD in computer engineering from the University of Tokyo, Japan. Contact him at [email protected]. IBRAHIM KHALIL is an associate professor in the School of Computer Science at RMIT University, Australia, where he’s a member of the Cyberspace & Security Group (CSG). His research interests include security, privacy, e-health and applications of data mining. Khalil has a PhD in computer science from the University of Berne, Switzerland. Contact him at [email protected].

ZAHIR TARI is a professor in the School of Computer Science at RMIT University, Australia, where he’s a member of the Cyberspace & Security Group (CSG). His research interests include security in critical systems (such as SCADA) and performance/ reliability in large-scale distributed systems (such as the cloud). Tari has a PhD in computer science from the University of Grenoble. Contact him at zahir.tari @rmit.edu.au. 38

Selected CS articles and columns are also available for free at http://ComputingNow.computer.org.

I EEE CLO U D CO M P U T I N G W W W.CO M P U T ER .O RG /CLO U D CO M P U T I N G