Secure and Verifiable Cloud Storage

Team Members

  • Prof. Marwan Krunz

  • Prof. Loukas Lazos

  • Prof. Bane Vasic

  • Dr. Mingjie Feng

  • Wenhan Zhang


Overview: Cloud computing promises ubiquitous, on-demand access to an expandable pool of computing resources, including storage, computation, and software services. However, the risk of losing outsourced data due to failures or security breaches exposes cloud users to grave legal, financial, and business liabilities. In this project, we aim at developing provably secure, privacy-preserving methods for verifying the fault-tolerant storage of voluminous data at remote repositories. We focus on the Infrastructure-as-a-Service (IaaS) model, and in particular, a typical remote storage scenario in which the cloud storage provider (CSP) contractually agrees to maintain a large repository with a certain degree of reliability, outlined in a Service Level Agreement (SLA). This project focuses on a comprehensive research agenda at the cross-paths of security, error-correction coding, and networking that aims at achieving verifiability, privacy, and resource efficiency of remote reliable storage at both the logical level (storage of data and redundancy) and physical level (distribution across physical devices and locations).







The main objectives of this project are as follows. First, we aim to develop novel accountability methods that not only prove the existence of the outsourced data at the CSP but also verify the storage of redundant information for recovering from attacks and failures. Achieving high levels of assurance is challenging because redundant information can be easily regenerated on-the-fly. Second, we investigate the integration of storage verification with practical operational aspects of cloud systems, including data maintenance, dynamic data update, and privacy preservation. We jointly design the verification, error-correction coding, and data recovery processes to optimize the security-reliability- resource-efficiency tradeoffs, while preserving data privacy. The challenge here is to establish the theoretical underpinnings of secure and reliable storage methods that achieve near-optimal performance. Third, we enable the verification of the physical storage at multiple storage nodes within a data center and/or between data centers. The state-of-the-art relies on deterministic physical resource models (disc access delay, network delay, network topology, etc.), leading to methods that can be easily defeated by resourceful adversaries. We approach the physical storage and geodiversity verification problems from the realistic standpoint of utilizing bounds on the physical resources, thus allowing a technology-agnostic application of storage verification.