2 Papers from SECRETLab Accepted in BDCloud 2016

Title: Verifiable Data Redundancy in the Cloud

Authors: Mohammad Kamrul Islam and Ragib Hasan

Abstract: Data redundancy is critical for the assurance of service continuity in fault tolerant systems. Researchers have proposed several efficient data replication strategies to secure users’ sensitive information from a single point of failure. Although the cloud service providers (CSP) assure users regarding data safety by following some of those replication strategies, the opaque operational model of the cloud does not allow the users to verify the replications. This, in turn, introduces lack of trust in clouds. The challenge of verifiable data redundancy is two-fold: to verify that the server indeed possesses multiple copies, and to verify that those copies are not located in the same physical system. Current research mainly focuses on verification by access time of multiple requests which is highly system dependent. Hence, we propose a novel storage-as-a-service protocol that provides verifiable data redundancy in the semi or untrusted server. Our proposed model is completely oblivious of the physical system and the allocation protocol of the cloud. It does not include the server in the verification process which eliminates the risk of manipulation by a dishonest service provider. Our model uses distinct copies to store in the server as replicas, and provides deterministic verification of having data redundancies in the server. For generating unique copies of data, we use different random numbers in ElGamal encryption system. After proposing the storage, access, and verification processes, we implemented a prototype system to analyze the performance of our proposed model. Our experimental results show that our system can successfully verify the redundancy of the data in the remote server and detect any service level agreement anomalies.



Title:  SASCloud: Ad hoc Cloud as Secure Storage

Authors:  Shahid Al Noor, Md. Mahmud Hossain and Ragib Hasan

Abstract: With the emergence of high-speed 4G networks along with reachable Wifi system, cloud computing frameworks can greatly leverage in mobile domain. However, receiving a temporary storage service in a communication challenged area is challenging due to the unavailability of any secure third party cloud system. Although the existing ad hoc cloud architectures facilitate distributed computation and sensing operations, such systems fail to deliver secure ad hoc storage as a service when client requests for secure storage as a service. The absence of a proper centralized monitoring system in the existing ad hoc cloud is a major obstacle for convincing a client to trust the neighboring mobile nodes for content offloading. In case a client and an outsourced node gets disconnected, retrieving the offloaded contents along with ensuring their confidentiality and integrity becomes non-trivial. Additionally, providing a feasible and justified monetary incentive is a complex process for such ad hoc mobile frameworks. In this paper, we propose SASCloud, a centrally controlled ad hoc cloud system that provides a secure and reliable storage service for mobile clients. Our proposed system uses the contextual information of mobile users along with partial environmental knowledge and forms a temporal cloud using the resources of neighboring mobile devices. Along with the detailed reasoning of possible threats in our model, we provide a secure framework for content distribution and retrieval. We provide extensive analysis of our model using simulated experimental modules.