Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
practical protection for personal storage in the cloud

Practical Protection for Personal Storage in the Cloud Neal H. - PowerPoint PPT Presentation

Jun 12, 2023 •367 likes •686 views

Practical Protection for Personal Storage in the Cloud Neal H. Walfield , Paul T. Stanton, John Linwood Griffin and Randal Burns Johns Hopkins University EuroSec 10 April 13th, 2010 Outline Personal Storage Today Practial Protection

  1. Practical Protection for Personal Storage in the Cloud Neal H. Walfield , Paul T. Stanton, John Linwood Griffin and Randal Burns Johns Hopkins University EuroSec ’10 April 13th, 2010

  2. Outline ◮ Personal Storage Today ◮ Practial Protection Mechanisms

  3. Web 2.0: Today ◮ Each service provides the user with storage ◮ Limited support for sharing between services

  4. An Emerging Issue ◮ Data Management is Hard! ◮ Data Lock-In ◮ No standardized access interface (à la POSIX) ◮ Must use service’s interface; point solutions ◮ Data Spew ◮ Data is hard to find ◮ Version Drift ◮ Sharing across services = ⇒ divergent copies

  5. An Emerging Issue ◮ Data Management is Hard! ◮ Data Lock-In ◮ No standardized access interface (à la POSIX) ◮ Must use service’s interface; point solutions ◮ Data Spew ◮ Data is hard to find ◮ Version Drift ◮ Sharing across services = ⇒ divergent copies ◮ Underlying Architectural Problem: ◮ Many storage providers ⇒ No unified view of data ◮ =

  6. A Simple Solution: One Storage Provider ◮ User has direct access to data ◮ Single, authoritative copy ◮ Cross-service sharing

  7. A Simple Difficulty ◮ Access Control ◮ Facebook should not be able to access EMail

  8. A Simple Difficulty ◮ Access Control ◮ Facebook should not be able to access EMail ◮ Reputation!

  9. A Simple Difficulty ◮ Access Control ◮ Facebook should not be able to access EMail ◮ Reputation is not enough! ◮ Users less likely to experiment ◮ Raises barrier to entry

  10. Outline ◮ Personal Storage Today ◮ Practial Protection Mechanisms

  11. Per-User Storage: Major Design Goals ◮ Protection ◮ Least Privilege ◮ Not Unix ◮ Fine-grained, dynamic delegation and revocation ◮ Usability ◮ Minimal user interactions with security manager ◮ Opening, saving files ◮ Delegate access to not-yet-existing objects ◮ Flickr can access all JPEG files ◮ Consistent naming of objects ◮ /photos/paris/dsc_1076.jpg always has same name

  12. S4: Simple, Secure Storage Service ◮ Hierarchical Principals ◮ Filtered Views ◮ Powerbox ◮ Security manager implements open, save-as dialogs

  13. Principals Alice Alice.Hotmail Alice.Facebook ◮ Hierarchical ◮ Alice dominates Alice.Hotmail ◮ Principals identified using public key cryptography

  14. Creating a new Principal ◮ Credentials communicated using a Webkey ◮ Includes service’s public, private keys ◮ Includes storage server’s public key

  15. Filtered Views /addressbook /Maildir/. . . /photos/. . . /calendar/. . . . . . rw, /addressbook rw, /addressbook rw, /Maildir Alice Alice.Hotmail Alice.Facebook ◮ Filter parent’s name space ◮ Principal can access that which it can name ◮ e.g., Regular expressions ◮ Enables consitent naming, future delegations

  16. Filtered Views /addressbook /Maildir/. . . /photos/. . . /calendar/. . . . . . rw, /addressbook rw, /addressbook rw, /Maildir Alice Alice.Hotmail Alice.Facebook ◮ Filter parent’s name space ◮ Principal can access that which it can name ◮ e.g., Regular expressions ◮ Enables consitent naming, future delegations

  17. Powerbox Least Privilege View Powerbox View

  18. Powerbox ◮ Concept ◮ Replaces application’s open, save-as dialog box ◮ Service sends an RPC to security manager ◮ Security manager displays dialog box ◮ Essential for usable least privilege ◮ Dynamic delegation ◮ No (explicit) user interactions with security manager

  19. Integrating the Powerbox into Flickr ◮ Alice creates a Flickr account at flickr.com ◮ Alice creates a principal using security manager ◮ Alice gives credentials to Flickr ◮ Flickr starts an import photos wizard ◮ Invokes Powerbox ◮ What files would you like to import to Flickr? ◮ Alice selects one or more directories

  20. Integrating the Powerbox into Flickr ◮ Alice creates a Flickr account at flickr.com ◮ Alice creates a principal using security manager ◮ Alice gives credentials to Flickr ◮ Flickr starts an import photos wizard ◮ Invokes Powerbox ◮ What files would you like to import to Flickr? ◮ Alice selects one or more directories ◮ Differences: ◮ One additional step ◮ But, Alice can use her own tools to upload photos

  21. Powerbox Protocol in S4 4. delegate, pb_close 2. pb_invoke 5. pb_close 3. Open Dialog 1. File → Open

  22. Performance ◮ User’s storage is authoritative ◮ Services can (should) still cache ◮ Prompt propagation of updates

  23. Adoption ◮ User’s want it ◮ Improved usability, control ⇒ Current services lost control ◮ = ◮ Differentiator for new service providers

  24. Adoption ◮ User’s want it ◮ Improved usability, control ⇒ Current services lost control ◮ = ◮ Differentiator for new service providers ◮ Big services providers want it? ◮ Increase user traffic by becoming a storage provider

  25. Implementation ◮ 4000 lines of Python (SLOCCount) ◮ Single machine, Single threaded ◮ S3 compatible ◮ S3 and SQLite backends ◮ Principal and filter interfaces complete, some Powerbox

  26. Future Work ◮ Filters based on files’ tags ◮ Snapshots for recovery ◮ COW for experimentation ◮ Publish/subscribe for updates ◮ Throttling bandwidth intensive services ◮ Do not disclose content to server

  27. Summary The Bad (the status quo) ◮ Data lock-in ◮ Data spew ◮ Version drift The Good (what S4 tries to achieve) ◮ Single (perceived) file system ◮ Least privilege ◮ Minimal user interaction with security monitor ◮ Powerbox ◮ Protection mechanisms consistent with user’s intuitions ◮ All JPEG files ◮ Delegate access to not-yet-existing objects ◮ Consistent naming of objects

  28. Take Aways ◮ Filtering matches how users think about security policies ◮ Powerbox helps make security invisible

  29. Image Attributions ◮ User Images - User Experience Deliverables by Peter Morville and Jeffery Callender - http://www.flickr. com/photos/morville/3220961846/ - CC Attribution 2.0 ◮ File Images - http: //www.openclipart.org/user-cliparts/sarxos - Public Domain ◮ Key Image - http://www.openclipart.org/people/ johnny_automatic/ - Public Domain

  30. Summary The Bad (the status quo) ◮ Data lock-in ◮ Data spew ◮ Version drift The Good (what S4 tries to achieve) ◮ Single (perceived) file system ◮ Least privilege ◮ Minimal user interaction with security monitor ◮ Powerbox ◮ Protection mechanisms consistent with user’s intuitions ◮ All JPEG files ◮ Delegate access to not-yet-existing objects ◮ Consistent naming of objects

Recommend

For personal use only For personal use only For personal use only For personal use only For

For personal use only For personal use only For personal use only For personal use only For

For personal use only For personal use only For personal use only For personal use only For personal use only For personal use only For personal use only For personal use only For personal use only For personal use only For personal use

327 views • 28 slides
Personal Cloud Storage Services: Measurement, Analysis and Challenges Zeqi Lai Tsinghua

Personal Cloud Storage Services: Measurement, Analysis and Challenges Zeqi Lai Tsinghua

Personal Cloud Storage Services: Measurement, Analysis and Challenges Zeqi Lai Tsinghua University Personal cloud storage: identifying sync inefficiency l Personal cloud storage services are gaining popularity l Sync inefficiency in current

460 views • 4 slides
http://cloud-council.org/resource-hub.htm#practical-guide-to-cloud-service- agreements-version-2

http://cloud-council.org/resource-hub.htm#practical-guide-to-cloud-service- agreements-version-2

Practical Guide to Cloud Service Agreements, Version 2.0 http://cloud-council.org/resource-hub.htm#practical-guide-to-cloud-service- agreements-version-2 June, 2015 The Cloud Standards Customer Council THE Customers Voice for Cloud Standards!

470 views • 20 slides
A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage

A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage

. . A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage with a Distributed Reputation System Anders Skoglund andsk668@student.liu.se November 04, 2013 . Cloud storage P2P storage F2F storage

664 views • 36 slides
Cloud Storage Nabil Abdennadher nabil.abdennadher@hesge.ch 1 Cloud storage Objective

Cloud Storage Nabil Abdennadher nabil.abdennadher@hesge.ch 1 Cloud storage Objective

Cloud Storage Nabil Abdennadher nabil.abdennadher@hesge.ch 1 Cloud storage Objective Provide logical storage pools that abstract a more complex distributed infrastructure made of commodity hardware Separate storage service

627 views • 15 slides
Large objects in the Cloud Thursday, 11 April 13 Riak Cloud Storage Cloud Storage software

Large objects in the Cloud Thursday, 11 April 13 Riak Cloud Storage Cloud Storage software

Large objects in the Cloud Thursday, 11 April 13 Riak Cloud Storage Cloud Storage software backed by Riak Simple API Multi-tenant, Per-tenant Reporting Pluggable Authentication Multi Data Center Replication (Enterprise)

372 views • 18 slides
For personal use only nextdc.com 1 For personal use only nextdc.com 2 For personal use only

For personal use only nextdc.com 1 For personal use only nextdc.com 2 For personal use only

For personal use only nextdc.com 1 For personal use only nextdc.com 2 For personal use only nextdc.com 3 For personal use only nextdc.com 4 For personal use only AUTONOMOUS MACHINES nextdc.com 5 For personal use only nextdc.com 6

676 views • 50 slides
Inside Dropbox: Understanding Personal Cloud Storage Services Idilio Drago Marco Mellia

Inside Dropbox: Understanding Personal Cloud Storage Services Idilio Drago Marco Mellia

Inside Dropbox: Understanding Personal Cloud Storage Services Idilio Drago Marco Mellia Maurizio M. Munaf` o Anna Sperotto Ramin Sadre Aiko Pras IRTF Vancouver Motivation and goals 1 Personal cloud storage

329 views • 31 slides
> SUN STORAGE 7000 UNIFIED STORAGE SYSTEMS ITS TIME TO CHANGE YOUR STORAGE

> SUN STORAGE 7000 UNIFIED STORAGE SYSTEMS ITS TIME TO CHANGE YOUR STORAGE

> SUN STORAGE 7000 UNIFIED STORAGE SYSTEMS ITS TIME TO CHANGE YOUR STORAGE Presenters Name Presenters Title Presenters Company 1 1 Sun Storage 7000 Unified Storage Systems Agenda The Sun Storage 7000 Unified

517 views • 48 slides
Cloud storage state of affairs Storage clusters contain thousands of storage nodes, with e.g. 500

Cloud storage state of affairs Storage clusters contain thousands of storage nodes, with e.g. 500

A mathematical theory of distributed storage Dagstuhl workshop (16321) Coding in the time of Big Data Michael Luby August 8, 2016 Research Cloud storage state of affairs Storage clusters contain thousands of storage nodes, with e.g. 500 TB

797 views • 37 slides
Cloud object storage in Ceph Orit Wasserman owasserm@redhat.com Fosdem 2017 AGENDA What is

Cloud object storage in Ceph Orit Wasserman owasserm@redhat.com Fosdem 2017 AGENDA What is

Cloud object storage in Ceph Orit Wasserman owasserm@redhat.com Fosdem 2017 AGENDA What is cloud object storage? Ceph overview Rados Gateway architecture Questions Cloud object storage Block storage Data stored in

1.02k views • 43 slides
Kurma: Secure Geo-distributed Multi-cloud Storage Gateways Ming Chen and Erez Zadok Stony Brook

Kurma: Secure Geo-distributed Multi-cloud Storage Gateways Ming Chen and Erez Zadok Stony Brook

Kurma: Secure Geo-distributed Multi-cloud Storage Gateways Ming Chen and Erez Zadok Stony Brook University File Systems and Storage Lab (FSL) Cloud Storage Gateways l Benefits of cloud gateways Public NAS u Combine advantages of both Cloud

653 views • 51 slides
Storage Deduplication in Cloud Computing Joo Paulo and Jos Pereira University of Minho July

Storage Deduplication in Cloud Computing Joo Paulo and Jos Pereira University of Minho July

Storage Deduplication in Cloud Computing Joo Paulo and Jos Pereira University of Minho July 2010 Joo Paulo and Jos Pereira Storage Deduplication in Cloud Computing Cloud Computing Overview Cloud Computing Cloud services allow clients

618 views • 41 slides
Cloud Computing and Cloud Storage By: Maurice Kelly History of Internet and Cloud Computing

Cloud Computing and Cloud Storage By: Maurice Kelly History of Internet and Cloud Computing

Cloud Computing and Cloud Storage By: Maurice Kelly History of Internet and Cloud Computing Internet began in the 1950s Internet has been quite revolutoinary due to its lightning fast communication privelages and data sharing. Cloud

379 views • 6 slides
Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON 2010 Building a Private Cloud with Ubuntu Server 10.04 Enterprise Cloud (Eucalyptus) OSCON 2010 (Note: Special thanks to Jim Beasley, my lead Cloud

605 views • 37 slides
KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP

KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP

FROM USE CASE TO PRODUCTION KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP CLOUD MONITORING AWS METRICS NRDB HTTP APP CLOUD MONITORING SCHDLR JOBS AWS NRDB METRICS HTTP WORKER CLOUD

1.44k views • 124 slides
UIL Academics Bulldog Festival Leadership Team O c t o b e r 5 , 2 0 1 8 Be a

UIL Academics Bulldog Festival Leadership Team O c t o b e r 5 , 2 0 1 8 Be a

UIL Academics Bulldog Festival Leadership Team O c t o b e r 5 , 2 0 1 8 Be a leader among the group!!! Cake Walk. Take an application and turn it in by October 2nd to Mr. Wilder!! Things to Consider: 1. Team Bonding 2.

238 views • 9 slides
Mara Beln Power Associate Executive Director GreenRoots Sustainable Quarterly Climate

Mara Beln Power Associate Executive Director GreenRoots Sustainable Quarterly Climate

Energy Democracy and Environmental Justice Mara Beln Power Associate Executive Director GreenRoots Sustainable Quarterly Climate Adaptation Forum | November 30 , 2018 Solutions Lab Maria Belen Power & Sandra Nijar GreenRoots EFSB

217 views • 10 slides
Technology in the Anglophone Section 2015-2016 2nde-Terminale Digital Citizen Agreement t e

Technology in the Anglophone Section 2015-2016 2nde-Terminale Digital Citizen Agreement t e

Technology in the Anglophone Section 2015-2016 2nde-Terminale Digital Citizen Agreement t e c t o P r & c t e p s R e Respect & Protect Others l f s e r u o Y e d s t p o g e s m a d i a n

191 views • 5 slides
IEO & ICO The Exchange was launched on May 25 th ,2018. W H A T I S T H E Decentralized

IEO & ICO The Exchange was launched on May 25 th ,2018. W H A T I S T H E Decentralized

Omnichannel platform for digital crowdfunding IEO & ICO The Exchange was launched on May 25 th ,2018. W H A T I S T H E Decentralized ECOSYSTEM with its own digital token DEEX projects capitalization is more than More than 100 000

390 views • 13 slides
Global Warming in 30 Minutes Gerald R. North Department of Atmospheric Sciences Texas A&M

Global Warming in 30 Minutes Gerald R. North Department of Atmospheric Sciences Texas A&M

Global Warming in 30 Minutes Gerald R. North Department of Atmospheric Sciences Texas A&M University g-north@tamu.edu On the cover The uncertainty surrounding climate change argues for action, not inaction. America should lead

535 views • 25 slides
Young Workforce at Balerno October 2018 Aims: What is DYW and why is it a school priority.

Young Workforce at Balerno October 2018 Aims: What is DYW and why is it a school priority.

Developing the Young Workforce at Balerno October 2018 Aims: What is DYW and why is it a school priority. What does DYW looks like at Balerno. How can parents/carers and the wider Balerno community support the DYW agenda.

412 views • 25 slides
M&A Confidentiality Agreements: Strategies for Buyers and Sellers Negotiating Non-Disclosure

M&A Confidentiality Agreements: Strategies for Buyers and Sellers Negotiating Non-Disclosure

Presenting a live 90-minute webinar with interactive Q&A M&A Confidentiality Agreements: Strategies for Buyers and Sellers Negotiating Non-Disclosure Provisions THURSDAY, JULY 17, 2014 1pm Eastern | 12pm Central | 11am Mountain

597 views • 46 slides
WJC PRESIDENT RONALD S. LAUDER ADDRESS TO THE 15 TH WJC PLENARY ASSEMBLY NEW YORK, APRIL 24 2017

WJC PRESIDENT RONALD S. LAUDER ADDRESS TO THE 15 TH WJC PLENARY ASSEMBLY NEW YORK, APRIL 24 2017

WJC PRESIDENT RONALD S. LAUDER ADDRESS TO THE 15 TH WJC PLENARY ASSEMBLY NEW YORK, APRIL 24 2017 Thank you, and good morning. My friends, colleagues, my fellow Jews. I wish you could see what I see. I look across this room and I see such amazing

251 views • 6 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.