Cross-group secret sharing scheme for secure usage of cloud storage over different providers and regions

Hiroaki Anada, Junpei Kawamoto, Chenyutao Ke, Kirill Morozov, Kouichi Sakurai

研究成果: Contribution to journalArticle査読

抄録

With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups—that is, different providers and regions. By combining an ℓ-out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from ℓ groups. Compared with the previous works, our scheme attains the functionality with reasonable computation. We also formalize the problem of allocating shares over different providers and regions as an optimization problem and show the design principles, which one must follow, when applying our proposal in practical settings. An experiment on real IaaS systems shows effectiveness of our proposed scheme, CGSS.

本文言語英語
ページ(範囲)4275-4301
ページ数27
ジャーナルJournal of Supercomputing
73
10
DOI
出版ステータス出版済み - 10 1 2017

All Science Journal Classification (ASJC) codes

  • ソフトウェア
  • 理論的コンピュータサイエンス
  • 情報システム
  • ハードウェアとアーキテクチャ

フィンガープリント

「Cross-group secret sharing scheme for secure usage of cloud storage over different providers and regions」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル