Data Protection as a Service
In the article Cloud Data Protection for the Masses, published in Computer.org, Dawn Song, Elaine Shi and Ian Fischer from the University of California, Berkeley and Umesh Shankar from Google explore how DPaaS can be a viable yet flexible model to achieve data protection for data stored on the cloud. Here’s a summary of the paper.
The Need for Data Protection
A recent Microsoft survey found that “58 percent of the public and 86 percent of business leaders are excited about the possibilities of cloud computing. But more than 90 percent of them are worried about security, availability, and privacy of their data as it rests in the cloud.” Protecting user data while enabling rich computation requires both specialized expertise and resources, which might not be readily available to most application developers.
Introducing DPaaS
Building in data-protection solutions at the platform layer is an attractive option. Data Protection as a Service (DPaaS):
- Can achieve economies of scale by amortizing expertise costs and distributing sophisticated security solutions across different applications and their developers.
- Enforces fine-grained access control policies on data units through application confinement and information flow checking.
- Employs cryptographic protections at rest and offers robust logging and auditing to provide accountability.
- Addresses the issues of rapid development and maintenance.
DPaaS, if offered by cloud platform providers in addition to their existing hosting environment, could be especially beneficial for small companies who don’t have much in-house security expertise.
Encryption: How DPaaS Scores Over Other Techniques
In terms of encryption, the two prominent techniques – full-disk encryption (FDE) and fully homomorphic encryption (FHE) – fail to provide a practical solution in a cloud computing setup.
Parameter | FDE | FHE |
Key management | Ideal for physical attacks; does not prevent leakage of data on account of online attacks | Users own the FHE encryption keys; does not address the challenge of storing the keys securely |
Sharing | Key granularity does not line up with access control granularity; sharing is, therefore, not foolproof | With users holding and managing the keys, access control is a challenge |
Aggregation | Users fully trust the cloud; this makes aggregation easier | Does not readily allow computing on data encrypted under different keys; aggregation is, therefore, a challenge |
Performance | When implemented on disk firmware, can avoid slowdown | Not yet efficient enough for deploying on scale |
Ease of development | No impact on application development | Developers cannot look at the data, making debugging, testing and improvements difficult |
The DPaaS approach is better suited for the target cloud applications because it falls between the two. It keeps the “natural” granularity of FHE by keying on units of sharable data and maintains the performance of FDE by using symmetric encryption. It moves key management and access control to a middle tier—the computing platform—to balance rapid development and easy maintenance with user-side verifiability.
Maintaining Data Integrity on the Cloud
Access controls, authorization, and auditing capability are common challenges for application developers. Incorporating these features within the platform is a significant improvement in terms of ease of use. DPaas uses a combination of encryption at rest, application confinement, information flow checking and auditing to ensure the security and privacy of users’ data.
Authentication and Authorization
DPaaS can guarantee the integrity of the data at rest via cryptographic authentication of the data in storage and by auditing the application code at runtime. DPaaS can accomplish user authentication either with a proprietary approach or using open standards such as OpenID and OAuth.
Auditing
The DPaaS approach provides logging and auditing at the platform level, sharing the benefits with all applications running on top. Because the platform mediates all data access, authenticates users and runs binaries, it knows what data is accessed by what user and with which application. It can generate meaningful audit logs containing all these parameters and optionally incorporate additional information from the application layer.
Given its ability to perform different types of audit, DPaaS can also support third-party auditing services, thus helping users understand how their data has been accessed and manipulated, and which services to trust.
The Way Forward
As private data moves online, the need to secure it properly becomes increasingly urgent. The good news is that the same forces concentrating data in enormous datacenters will also aid in using collective security expertise more effectively. Adding protections to a single cloud platform can immediately benefit hundreds of thousands of applications and, by extension, hundreds of millions of users.
You can read the full article here:
http://www.computer.org/cms/Computer.org/ComputingNow/homepage/2012/0312/T_CO_CloudDataProtectionfortheMasses.pdf