Security in outsourced storage: Efficiently checking integrity and service level agreement compliance

Roberto Bragantini, Mauro Conti, Roberto Di Pietro

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

The storage as a service paradigma has recently raised interest in the security community, where a few works have been proposed to check whether an outsourcer has tampered with the integrity of the outsourced data. In this paper, we assume that storage is outsourced in accordance to some integrity enforcing protocol. Under this assumption, we focus on a specific issue; that is, when the outsourcer is requested to provide access to the outsourced data within a given time-bound-for instance, set in a Service Level Agreement (SLA). This paper provides several contributions: first, we identify and motivate the above requirement in the outsourced storage context; second, we show that current integrity enforcing protocols fail in detecting the violation of the time-bound limit against a rationale malicious outsourcer; third, we show how the outsourcer can actively perform such an attack. Results are supported by thorough analysis and extensive simulations. © 2010 IEEE.
Original languageEnglish (US)
Title of host publicationProceedings - 10th IEEE International Conference on Computer and Information Technology, CIT-2010, 7th IEEE International Conference on Embedded Software and Systems, ICESS-2010, ScalCom-2010
Pages1096-1101
Number of pages6
DOIs
StatePublished - Nov 23 2010
Externally publishedYes

Fingerprint

Dive into the research topics of 'Security in outsourced storage: Efficiently checking integrity and service level agreement compliance'. Together they form a unique fingerprint.

Cite this