Skip to main content
SpringerLink
Log in

FADE: Secure Overlay Cloud Storage with File Assured Deletion

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2010)

Abstract

While we can now outsource data backup to third-party cloud storage services so as to reduce data management costs, security concerns arise in terms of ensuring the privacy and integrity of outsourced data. We design FADE, a practical, implementable, and readily deployable cloud storage system that focuses on protecting deleted data with policy-based file assured deletion. FADE is built upon standard cryptographic techniques, such that it encrypts outsourced data files to guarantee their privacy and integrity, and most importantly, assuredly deletes files to make them unrecoverable to anyone (including those who manage the cloud storage) upon revocations of file access policies. In particular, the design of FADE is geared toward the objective that it acts as an overlay system that works seamlessly atop today’s cloud storage services. To demonstrate this objective, we implement a working prototype of FADE atop Amazon S3, one of today’s cloud storage services, and empirically show that FADE provides policy-based file assured deletion with a minimal trade-off of performance overhead. Our work provides insights of how to incorporate value-added security features into current data outsourcing applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Amazon. SmugMug Case Study: Amazon Web Services (2006), http://aws.amazon.com/solutions/case-studies/smugmug/

  2. Amazon Simple Storage Service (Amazon S3), http://aws.amazon.com/s3/

  3. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Patterson, D.A., Rabkin, A., Stoica, I., Zaharia, M.: Above the Clouds: A Berkeley View of Cloud Computing. Technical Report UCB/EECS-2009-28, EECS Department, University of California, Berkeley (February 2009)

    Google Scholar 

  4. Ateniese, G., Pietro, R.D., Mancini, L.V., Tsudik, G.: Scalable and Efficient Provable Data Possession. In: Proc. of SecureComm. (2008)

    Google Scholar 

  5. Geambasu, R., Kohno, T., Levy, A., Levy, H.M.: Vanish: Increasing Data Privacy with Self-Destructing Data. In: Proc. of USENIX Security Symposium (August 2009)

    Google Scholar 

  6. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. In: Proc. of ACM CCS (2006)

    Google Scholar 

  7. JungleDisk, http://www.jungledisk.com/

  8. Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Proc. of Financial Cryptography: Workshop on Real-Life Cryptographic Protocols and Standardization (2010)

    Google Scholar 

  9. LibAWS++, http://aws.28msec.com/

  10. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (October 1996)

    Google Scholar 

  11. MyAsiaCloud, http://www.myasiacloud.com/

  12. Nair, S., Dashti, M.T., Crispo, B., Tanenbaum, A.S.: A Hybrid PKI-IBC Based Ephemerizer System. In: IFIP International Federation for Information Processing, vol. 232, pp. 241–252 (2007)

    Google Scholar 

  13. OpenSSL, http://www.openssl.org/

  14. Perlman, R.: File System Design with Assured Delete. In: ISOC NDSS (2007)

    Google Scholar 

  15. Perlman, R., Kaufman, C., Perlner, R.: Privacy-Preserving DRM. In: IDtrust (2010)

    Google Scholar 

  16. Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure Attribute-Based Systems. In: ACM CCS (2006)

    Google Scholar 

  17. Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  18. Shamir, A.: How to Share a Secret. CACM 22(11), 612–613 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  19. SmugMug, http://www.smugmug.com/

  20. Stallings, W.: Cryptography and Network Security. Prentice-Hall, Englewood Cliffs (2006)

    Google Scholar 

  21. Vrable, M., Savage, S., Voelker, G.M.: Cumulus: Filesystem backup to the cloud. ACM Trans. on Storage (ToS) 5(4) (December 2009)

    Google Scholar 

  22. Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for storage security in cloud computing. In: Proc. of IEEE INFOCOM (March 2010)

    Google Scholar 

  23. Wang, W., Li, Z., Owens, R., Bhargava, B.: Secure and Efficient Access to Outsourced Data. In: ACM Cloud Computing Security Workshop (CCSW) (November 2009)

    Google Scholar 

  24. Yun, A., Shi, C., Kim, Y.: On Protecting Integrity and Confidentiality of Cryptographic File System for Outsourced Storage. In: ACM Cloud Computing Security Workshop (CCSW) (November 2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The Chinese University of Hong Kong, Hong Kong

    Yang Tang, Patrick P. C. Lee & John C. S. Lui

  2. Intel Labs, USA

    Radia Perlman

Authors
  1. Yang Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patrick P. C. Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. John C. S. Lui
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Radia Perlman
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, 4400 University Drive, 22030-4422, Fairfax, VA, USA

    Sushil Jajodia

  2. Institute for Infocomm Research, 1 Fusionopolis Way, 21-01 Connexis, 138632, South Tower, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Tang, Y., Lee, P.P.C., Lui, J.C.S., Perlman, R. (2010). FADE: Secure Overlay Cloud Storage with File Assured Deletion. In: Jajodia, S., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 50. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16161-2_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16161-2_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16160-5

  • Online ISBN: 978-3-642-16161-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation