SCUOLA DI DOTTORATO IN INFORMATICA Tesi di Dottorato XXIV Ciclo A Distributed Approach to Privacy on the Cloud Francesco Pagano Relatore: Prof. Ernesto Damiani Correlatore: Prof. Stelvio Cimato Direttore della Scuola di Dottorato in Informatica: Prof. Ernesto Damiani Anno Accademico 2010/2011 Abstract The increasing adoption of Cloud-based data processing and storage poses a number of privacy issues. Users wish to preserve full control over their sensitive data and cannot accept it to be fully accessible to an external storage provider. Previous research in this area was mostly addressed at techniques to protect data stored on untrusted database servers; however, I argue that the Cloud architecture presents a number of specific problems and issues. This dissertation contains a detailed analysis of open issues. To handle them, I present a novel approach where confidential data is stored in a highly distributed partitioned database, partly located on the Cloud and partly on the clients. In my approach, data can be either private or shared; the latter is shared in a secure manner by means of simple grant-and-revoke permissions. I have developed a proof-of-concept implementation using an in-memory RDBMS with row-level data encryption in order to achieve fine-grained data access control. This type of approach is rarely adopted in conventional outsourced RDBMSs because it requires several complex steps. Benchmarks of my proof- of-concept implementation show that my approach overcomes most of the problems. 2 Acknowledgements I want to thank many people who contributed to the final result of this work: My family: Antonella, Davide, and Riccardo, who has endured my long absences for the PhD; My uncle Augusto Pagano, who has corrected lots of English errors; My tutors, the professors Ernesto Damiani, Alessandro Provetti, and Stelvio Cimato, for their continuous support; The professors Giacomo Fiumara and Luigia Puccio, who helped me in numerical analysis; The professors Elisa Bertino, Sabrina De Capitani di Vimercati, and Pierangela Samarati, who gave me their seminal papers on privacy in outsourced servers and in the Cloud. 3 Table of contents ABSTRACT .............................................................................................................. 2 ACKNOWLEDGEMENTS................................................................................... 3 TABLE OF CONTENTS ....................................................................................... 4 LIST OF FIGURES ................................................................................................ 9 LIST OF TABLES................................................................................................. 12 1 INTRODUCTION .......................................................................................... 13 1.1 STRUCTURE OF THIS DISSERTATION ............................................................... 17 PART I - BACKGROUND AND STATE OF THE ART............................ 19 2 BACKGROUND ON DATA PROTECTION .......................................... 20 2.1 OUTSOURCED STORAGE ON UNTRUSTED SERVERS ......................................... 20 2.2 DATA PROTECTION TECHNIQUES .................................................................... 22 2.2.1 Data encryption .................................................................................... 24 2.2.1.1 Data Model ................................................................................................................................ 24 2.2.1.2 Query execution........................................................................................................................ 25 2.2.1.3 Indexing techniques................................................................................................................. 25 1 .1.1.1.1 Index by encryption ........................................................................................................... 26 1 .1.1.1.2 Bucket-Based Index ........................................................................................................... 26 1 .1.1.1.3 Index by hashing ................................................................................................................ 26 1 .1.1.1.1. Auxiliary B+-tree ................................................................................................................ 27 1 .1.1.1.1 Other Approaches............................................................................................................... 29 2.2.2 Data fragmentation ............................................................................. 29 2.2.2.1 Non-communicating servers .................................................................................................. 30 1 .1.1.1.4 Query execution.................................................................................................................. 31 2.2.2.2 Unlinkable fragments .............................................................................................................. 31 1 .1.1.1.5 Choice of fragments ........................................................................................................... 32 1 .1.1.1.6 Query execution.................................................................................................................. 33 2.2.3 Data fragmentation with owner involvement................................. 34 1 .1.1.1.7 Query execution.................................................................................................................. 35 4 2.3 SELECTIVE ACCESS .......................................................................................... 36 2.4 DY NAMIC RIGHTS MANAGEMENT.................................................................... 39 2.5 REFERENCES ................................................................................................... 40 3 CRYPTOGRAPHY IN DATABASES ....................................................... 43 3.1 STORAGE-LEVEL ENCRYPTION ........................................................................ 44 3.2 DATABASE-LEVEL ENCRYPTION ...................................................................... 45 3.3 APPLICATION-LEVEL ENCRYPTION.................................................................. 46 3.4 GRANULARITY IN DATABASE-LEVEL ENCRYPTION .......................................... 46 3.4.1 Database................................................................................................. 46 3.4.2 Tables ...................................................................................................... 47 3.4.3 Columns .................................................................................................. 47 3.4.4 Rows........................................................................................................ 48 3.5 ATTACKS TO DATABASE SECURITY................................................................... 49 3.6 REFERENCES ................................................................................................... 51 4 IN-MEMORY DATABASES ...................................................................... 53 4.1 THE IMPACT OF IN-MEMORY STRUCTURE ....................................................... 56 4.1.1 Data representation ............................................................................. 56 4.1.2 Access methods ...................................................................................... 56 4.1.3 Query processing .................................................................................. 60 4.1.4 Concurrency control............................................................................. 61 4.1.4.1 Granularity of locks in a database with pessimistic approach........................................... 61 4.1.5 Logging and Recovery ......................................................................... 62 4.1.5.1 Transaction logging and commit processing........................................................................ 63 4.1.6 Performance .......................................................................................... 63 4.2 CACHE VS. IMDB............................................................................................ 64 4.3 REFERENCES ................................................................................................... 65 5 BROADCAST ENCRYPTION.................................................................... 67 5.1 BROADCAST ENCRYPTION SCHEMAS ............................................................... 69 5.2 THRESHOLD CRY PTOSYSTEM .......................................................................... 70 5.3 DISTRIBUTED KEY GENERATION ..................................................................... 70 5.3.1 El Gamal ................................................................................................. 71 5.3.2 Identity Based Encryption (IBE)........................................................ 71 5 5.4 ATTRIBUTE BASED ENCRY PTION (ABE) ........................................................ 73 5.5 ENCRY PTION IN ONLINE SOCIAL NETWORK................................................... 74 5.5.1 Persona ................................................................................................... 75 5.5.2 Group-oriented Convergence Cryptosystem (GCC) ....................... 76 5.6 SIMILARITIES BETWEEN DISTRIBUTED DATABASES AND ONLINE SOCIAL NETWORK ................................................................................................................