Department of Computer Science | Institute of Systems Architecture | Chair of Computer Networks
FlexCloud: Reliable and Secure
Cloud Overlay Infrastructures
2013
Who we are
Dr.-Ing. Josef Spillner
Dipl.-Medieninf. Marc Mosch
Dr.-Ing. Stephan Groß
Dipl.-Medieninf. Yvonne Thoß
Dr.-Ing. Anja Strunk
(from left to right)
EU-funded research group
Network
Planning and
Security
Internet
Information
Retrieval
Mobile &
Ubiquitous
Computing
Real-Time
Collaboration
Energy
Lab
Service &
Cloud
Computing
# 3
Cloud Computing …
•
What is it all about?
•
Problems
•
π
-Box: Building your personal secure cloud
•
π
-Data Controller: Secure Cloud Storage
•
Conclusion & Future Work
The shape of a cloud …
… is in the eye of the beholder.
IaaS/PaaS* Cloud Operating System,
part of Azure Platform
PaaS*
Development and hosting of web applications
SaaS/PaaS*
IaaS* Migration of virtual machines between private
SaaS*
Customized applications for business and home user, based on Google App
Engine, e.g. collaboration tools
# 5
Cloud Computing Characteristics
Cloud Computing is …
… the
on-demand
and
pay-per-use
application of
virtualised
IT services
over the
Internet
.
On-demand self service Broadband network access Resource pooling Measured and optimized service Rapid elasticityService & Deployment Models
Software Services (SaaS)
Platform Services (PaaS)
Infrastructure Services (IaaS)
User Interface Machine Interface
Components Services
Compute Network Storage
User/Clients pte d fr om [ M eG r2 0 1 1 ] an d [B K NT 2 0 1 0 ]
Cloud Architecture Stack
Public
Hy
brid
Private
Community
C
on
ve
n
ie
n
ce
User Control
Cloud Organization
Virtual Resource Set (VRS) Programming Environment
Execution Environment Applications Services
# 7
Cloud Computing …
•
What is it all about?
•
Problems
•
π
-Box: Building your personal secure cloud
•
π
-Data Controller:
Secure Cloud Storage
Reliability and security when giving up physical possession
>
Failure of monocultures
>
Cloud providers‘ trustworthiness
>
Staying in control
# 9
FlexCloud Objectives
π-Cloud: Establishing a secure cloud computing life cycle
Hybrid cloud platform to integrate a user’s (cloud) resources,
services and data.
> Unified Cloud
Prevent Vendor-Lock-in + Integration of existing IT
> Secure Cloud
Ensure data privacy and security
> Managed Cloud
Keep the user in command
> Efficient Cloud
Cloud Computing …
•
What is it all about?
•
Problems
•
π
-Box: Building your personal secure cloud
•
π
-Data Controller: Secure Cloud Storage
# 11
Subsume all end devices within a Personal Secure Cloud
(
π
-Cloud) controlled by the
π
-Box.
π
-Cloud
π-Box
π
-Box distinguishes between
public
and
sensitive
data
and enforces security mechanisms for the latter.
π
-Cloud
π-Box
# 13
Analysis of structured,
unstructured data and
context information
PKI
π
-Cloud
?
Document classification concerning
security requirements.
Addressee identification and
derivation of respective keys.
Conceptual design of a user-centric cloud management solution
•
Categorization of user groups concerning technical skills and organizational interests
•
Guidelines for constructing adaptable graphical user interfaces
•
Refinement of user profiles according to individual preferences
Organization of a user’s cloud resources
•
Description of cloud resources and their (non-)functional properties
•
System architecture for a reliable and scalable cloud resource directory
•
Protocols for automatic (de-)registration of cloud resources within the π-Cloud
π
-B
o
x
π
-Service
Controller
Controller
π
-Data
π
-Resource Manager
π
-Cockpit
Peer-to-Peer Network
public resources
(not necessarily
User Interface / GUI
User-controlled reliable data storage in the cloud
•
Automatic assurance of availability, integrity and confidentiality
•
Easy integration of existing IT environments
•
Adaptable and optimizable storage with respect to user preferences
Service
execution with
respect to
security and
other
non-functional
requirements.
Data storage &
distribution with
respect to security
and other
non-functional
requirements.
Infrastructure
management
π
-Box Architecture
User-controlled reliable service execution in the cloud
•
Automatic composition and deployment of services with respect to security and other
non-functional properties
# 15
Cloud Computing …
•
What is it all about?
•
Problems?
•
π
-Box: Building your personal secure cloud
•
π
-Data Controller: Secure Cloud Storage
Unreliable, proprietary and insecure cloud storage Unreliable, low quality hard disk
Increasing Availability: from RAID to RAIC
RAID:
Redundant Array of Independent Disks
Redundant Array of Independent Clouds
RAIC:
Integration Layer
Logical partition
Preprocessing Layer
RAID level redundancy routine (mirror, stripe, …)
Transport Layer Block resources Reliable, universal and secure cloud storage Integration Layer Versioning Distributed file system Web access Preprocessing Layer
Fragment level transformation (e.g. encryption) File level transformation
(e.g. compression) Dispersal routine
Transport Layer
Caching Local persistence Provider Storage API adapter
Reliable disk storage
# 17 π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Secure Cloud Storage Integrator for
Enterprises (
System Architecture)
API FTP CIFS
π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Storing Files (1/5)
# 19
•
Technology: FUSE
(Filesystem in Userspace)
•
CIFS/SMB network share on
proxy file server
•
Unified user interface for
arbitrary cloud storage
services
•
Utilizing CIFS access control
mechanisms
User space
Kernel
VFS
FUSE
NFS
Ext3
…
ls - /tmp/fuse ./xmp /tmp/fuseglibc
glibc
libfuse
CIFS = Common Internet File System NFS = Network File System Ext3 = Third Extended File System SMB = Server Message Block FUSE = Filesystem in Userspace VFS = Virtual File System glibc = GNU C library
π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Storing Files (2/5)
# 21
Ensure availability despite of
unreliable cloud storage providers …
n
total # of shares a file is split intok
threshold, i.e. # of necessary shares to reconstructE.g. k=6, n=8
If k < n, we need
redundant information.
File Dispersion
Objective:
Divide a secret
𝑠∈𝑆in
in
𝑛𝑛shares
shares
shares
𝑠↓𝑠↓𝑠↓111 , …, , …, , …, 𝑠↓𝑛 𝑠↓𝑛 𝑠↓𝑛with
with
with
1.
Knowledge of any
𝑘or more
or more
𝑠↓𝑖 𝑠↓𝑖shares makes
shares makes
𝑠𝑠easily computable.
easily computable.
easily computable.
2.
Knowledge of any
𝑘−1 or fewer 𝑠↓𝑖shares leave
𝑠completely undetermined
completely undetermined
(in the sense that all its possible values are equally likely).
Input:
𝑠𝑠↓1 𝑠↓2 𝑠↓𝑛
…
Dealer
Share holders
store
Sharing
…
Share holders
Reconstructor
Reconstruction
Output:
𝑠↑∗ s↓i↓1 𝑠↓𝑖↓2 s↓i↓k# 23 [S ou rce : h ttp: // go o. gl /w atJ C ]
Secret Sharing:
An informal example with 2 shares
Visual Cryptography
[NaSh1994]Simplification:
n = k = 2
Secret cannot be determined independently!
Shamir's scheme
[Shamir1979]Idea:
It takes
k
points to define a polynomial of degree
k-1
.
Sharing:
Be
a
0:=s
є
S
the secret to be shared where
S
is an
infinite field known to all share holders.
Randomly choose
(k-1)
coefficients
a
1,a
2,…a
k-1є
S
to
build
f(x):=
Σ
a
i·x
i.
s2
Secret Sharing: More formalism
s m W iki pe di a.
Blakley's scheme
[Blakley1979]Idea:
Any
n
nonparallel n-dimensional hyper-planes intersect at a specific point.
Sharing:
Encode the secret as any single coordinate of the point of intersection.
Recovering:
1. Calculating the planes' point of intersection.
2. Take a specified coordinate of that intersection.
Example: n≥3, k=3 1 share available 2 shares available 3 shares available
# 25
Information Dispersal:
Computationally secure secret sharing
Rabin's scheme
[Rabin1989]•
Guarantees only availability but no secrecy.
•
Construction
Be
𝑎↓𝑖
≔
𝑠
∈
𝑆
where
𝑖
=1, …,
𝑘
, i.e.
𝑓(𝑥)
≔
∑𝑖
=1
↑𝑘▒𝑠
∙
𝑥↑𝑖
.
Rest as with Shamir's secret sharing.
•
Properties
•
With a polynomial and shares of the same size as before, we can now
share a value
𝑘
times as long as before.
•
Length of each share is only
1
/𝑘
-th of the length of the secret, and
if
𝑘
shares must be sufficient for reconstruction, one can obviously not
get shorter.
➔
Space optimal
•
However, one might gain some information if he gets access to
several shares.
➔
Computationally secure
More efficient information dispersal schemes
•
Need to be
maximum distance separable
to use
𝑘
arbitrary
arbitrary
shares
shares
for reconstruction.
π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Storing Files (3/5)
# 27
+
SHA256
+
SHA256
+
SHA256
+
SHA256
AES-CBC
AES-CBC
AES-CBC
AES-CBC
π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Storing Files (4/5)
# 29 π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Storing Files (5/5)
Stored Meta Data per component
•
Shared Folder:
General file system information, e.g. file size, access rights …
•
File Dispersion:
Used dispersion algorithm/parameters (n, k), shares‘ locations
•
Cryptography:
Used cryptographic keys and calculated checksums per share
•
Cloud Storage
π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Retrieving Files (1/3)
Dispersion parameters:
n=6
# 31 π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Retrieving Files (2/3)
Dispersion parameters:
n=6, k=3
π-Data Controller
π
-Cloud =
Company Intranet
Cloud
S
to
ra
ge
Pr
oto
co
l
A
da
pte
r
Shared
F
ol
de
r
Meta Data
Fi
le
D
ispe
rsi
on
C
ry
pto
gr
aph
y
Retrieving Files (3/3)
# 33
[SGS11] web interface for π-Cockpit
[SBM+11]
π-Cockpit desktop application
ResUbic Cloud Storage Allocator for Cyber Physical Systems
Performance Evaluation Upload
Test case π-Box used # local storage # cloud storage # encrypted shares
1 No 0 1 0
2 Yes 0 1 0
3 Yes 8 0 0
4 Yes 4 4 4
# 35
Performance Evaluation Download
Towards User Centric Data Governance and Control in the Cloud
Test case π-Box used # local storage # cloud storage # encrypted shares
1 No 0 1 0
2 Yes 0 1 0
3 Yes 8 0 0
4 Yes 4 4 4
5 Yes 0 8 8
File size: 24 MB; Dispersion parameters: n=8, k=6;
Cryptography parameters: AES (256 bit, 14 iterations), SHA256;
π-Box
SOHO
Enterprise
π
-Box Scalability
Embedded systems
AVM FRITZ!OS plugin
Home Server
Enterprise Server
# 37
Cloud Computing …
•
What is it all about?
•
Problems?
•
π
-Box: Building your personal secure cloud
•
π
-Data Controller:
Secure Cloud Storage
Results so far & future work (
π
-Data Controller)
•
Integration of existing cloud storage services (Cloud-of-Clouds)
•
Proxy server for transparent mediation
➔
easy to use for end-user, common scheme for enterprises
•
Good performance, high security & data control for the user
•
Data store for database system (block-based dispersion)
•
Collaboration scenarios, file sharing, access by external entities
•
Securing the meta data database
•
Automatic classification of data
•
Improving performance, e.g. scheduling algorithms, caching/
prefetching, parallelization
# 39
… by connecting several
π
-Clouds and propagating data and
services within one
π
-Cloud and to others.
Simplified approach:
assuming public, i.e.
insecure
π
-Clouds
Advanced approach:
Trust relationships
between
π
-Clouds
π-Box
π
-Cloud
Towards a secure cloud life cycle
Cloud Adaption and Optimization
Strategies for the compensation of SLA violations
Strategies for minimization of energy consumption
Mechanisms for the visuali- zation of complex Cloud Monitoring data
Fine-grained Service Level Agreements
Methods to determine fine-grained non- functional properties of Cloud Services
Identification of assets and corresponding requirements
Deduction of monitoring targets from SLAs
Cloud Surveillance
and Incident Detection
Specification of monitoring targets and SLA violations
Models for the proactive recognition of SLA violations and the evaluation of a
Dynamic Provider
Selection and Cloud Setup
Flexible distribution mechanisms for Cloud Platforms
Strategies for the performance optimization of Cloud Applications
# 41
Tomorrow's forecast:
still cloudy but sunny spots
Contact:
http://flexcloud.eu/
References
[BKNT2010] C. Baun, M. Kunze, J. Nimis and S. Tai: Cloud Computing. Web-basierte dynamische IT-Services. Springer Verlag, 2010.
[Blakley1979] G. R. Blakley: Safeguarding cryptographic keys; AFIPS Conference
Proceedings Vol. 48, National Computer Conference (NCC) 1979, 313-317. [MeGr2011] P. Mell and T. Grace: The NIST Definition of Cloud Computing. NIST Special
Publication 800-145, September 2011.
[NaSh1994] M. Naor and A. Shamir, Visual Cryptography , Eurocrypt 94.
[PSS2008] J. S. Plank, S. Simmerman, C. D. Schuman: Jerasure: A Library in C/C++ Facilitating Erasure Coding for Storage Applications – Version 1.2. Technical Report CS-08-627, University of Tennessee, 2008.
[Rabin1989] M. O. Rabin: Efficient Dispersal of Information for Security, Load Balancing, and Fault Tolerance; Journal of the ACM 36/2 (1989) 335-348.
[SBM+2011] J. Spillner, G. Bombach, S. Matthischke, R. Tzschicholz, and A. Schill:
Information Dispersion over Redundant Arrays of Optimal Cloud Storage for Desktop Users. In: IEEE International Conference on Utility and Cloud
Computing. Melbourne, Australien, December 2011.
[SGS2011] R. Seiger, S. Groß, and A. Schill: A Secure Cloud Storage Integrator for Enterprises. In: International Workshop on Clouds for Enterprises.
Luxemburg, September 2011.
[Shamir1979] A. Shamir: How to Share a Secret; Communications of the ACM 22/11 (1979) 612- 613.
