ARCHISTAR: Towards Secure and Robust Cloud Based Data Sharing

Lorünser, Thomas; Happe, Andreas; Slamanig, Daniel

doi:10.1109/cloudcom.2015.71

Cited by 29 publications

(12 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Overview. ARCHISTAR is a framework for secure distributed data storage and sharing in the cloud, it constitutes a system that applies Secret Sharing to a multi-cloud setting, meaning that the user's data is divided into "chunks" which are distributed to separate clouds/storage nodes [14]. This implies that an incident at a single cloud/node will not cause the data to be lost, stolen or tampered with.…”

Section: Hcip3 Secret Sharing Configuration Preferencesmentioning

confidence: 99%

“…The availability of cloud services is commonly expressed in percentage of uptime -or number of "leading nines" [15]. A typical cloud service availability rate is 99.9%, or three nines [14], which constitutes a downtime of 8.76 hours per year. From that point on, three main categories for setting up the configuration preferences are set and are focusing on: "Cost Minimization", "Data Confidentiality Maximization" and "Data Availability Maximization", which constitute the 3 packages/categories of this pattern.…”

Section: Hcip3 Secret Sharing Configuration Preferencesmentioning

confidence: 99%

See 1 more Smart Citation

HCI Patterns for Cryptographically Equipped Cloud Services

Länger

Alaqra

Fischer‐Hübner

et al. 2018

Human-Computer Interaction. Theories, Methods, and Human Issues

View full text Add to dashboard Cite

Recent cryptographic research has devised several new algorithms and protocols with a potential of mitigating several of the most ardent security and privacy threats, existing in currently available public cloud services. Nevertheless, such cryptographic schemes often exhibit counterintuitive functionality to end users, or they work differently to other already established traditional schemes with which users are already familiar. A practical solution to address these problems involves a human centered design approach, deriving Human Computer Interaction (HCI) requirements from consultations and extensive testing with experts, prospective end users, and other stakeholders. The European Horizon 2020 project PRISMACLOUD "Privacy and Security Maintaining Services for the Cloud" uses such an approach and provides HCI patterns as part of its proper cloud service development methodology CryptSDLC to communicate HCI requirements to cloud service designers and user interface implementers. In this article, we present several new cryptographic cloud services, e.g. for redacting digitally signed data, and for redundant storage and sharing of confidential data in a public cloud scenario, together with three example HCI patterns for specific interactions of end users with these services. We show how these patterns were elaborated and validated in practice to prove the suitability for their intended purpose. To summarize, we give an account on our practical experience during the actual prototype development and implementation and show how they constitute an essential element of the CryptSDLC development methodology.

show abstract

Section: Hcip3 Secret Sharing Configuration Preferencesmentioning

confidence: 99%

Section: Hcip3 Secret Sharing Configuration Preferencesmentioning

confidence: 99%

HCI Patterns for Cryptographically Equipped Cloud Services

Länger

Alaqra

Fischer‐Hübner

et al. 2018

Human-Computer Interaction. Theories, Methods, and Human Issues

View full text Add to dashboard Cite

show abstract

“…Loruenser et al [7] presented an architecture for secure cloudbased data sharing known as ARCHISTAR based on secret sharing scheme. The focus of the system is on providing adequate confidentiality to data; make it available against any active attacks as well as robust even in the face of failures.…”

Section: Literature Reviewmentioning

confidence: 99%

Performance evaluation of a fragmented secret share system

Ukwandu

Buchanan

Russell

2017

2017 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA)

View full text Add to dashboard Cite

There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through large scale data infrastructure has remained the bane of using secret sharing scheme in big data storage and retrievals. This work applies secret sharing methods as used in cryptography to create robust and secure data storage and retrievals in conjunction with data fragmentation. It outlines two different methods of distributing data equally to storage locations as well as recovering them in such a manner that ensures consistent data availability irrespective of file size and type. Our experiments consist of two different methodsdata and key shares. Using our experimental results, we were able to validate previous works on the effects of threshold on file recovery. Results obtained also revealed the varying effects of share writing to and retrieval from storage locations other than computer memory. The implication is that increase in fragment size at varying file and threshold sizes rather than add overheads to file recovery, do so on creation instead, underscoring the importance of choosing a varying fragment size as file size increases.

show abstract

“…Here, the information is split into a number of shares [12], of which any subset of a fixed number allows the reconstruction of the original data. This approach is keyless and removes many obstacles in the area of usability and group key management [10]. Additionally it is capable to provide long-term security and everlasting privacy, which is very interesting for archiving of sensitive data.…”

Section: Cryptographic Toolsmentioning

confidence: 99%

Signatures for Privacy, Trust and Accountability in the Cloud: Applications and Requirements

Alaqra

Fischer‐Hübner

Groß

et al. 2016

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

HAL is a multidisciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

show abstract

ARCHISTAR: Towards Secure and Robust Cloud Based Data Sharing

Cited by 29 publications

References 22 publications

HCI Patterns for Cryptographically Equipped Cloud Services

HCI Patterns for Cryptographically Equipped Cloud Services

Performance evaluation of a fragmented secret share system

Signatures for Privacy, Trust and Accountability in the Cloud: Applications and Requirements

Contact Info

Product

Resources

About