Cloud Shredder: Removing the laptop on-road data disclosure threat in the cloud computing era

Nan Zhang, Jiwu Jing, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations

Abstract

Data Disclosure due to laptop loss, especially in travel, is a top threat to businesses, governments, and non-profit organizations. An effective protection against this threat should guarantee the data confidentiality, even if the adversary has physically possessed the laptop. Current technology does not satisfy this requirement. This paper proposes a novel approach to remove the threat under the emerging condition of ubiquitous internet access and cloud computing. We name this approach "Cloud Shredder", implying that the confidential files are shredded and hidden in the semi-trusted cloud storage service. Cloud Shredder is a generic and transparent security service that allows legitimate user access the files in exactly the same way as with commodity file systems, whereas the attackers only get meaningless junk even if they have obtained every byte on the hard drive. Rather than the traditional encryption-based protection, Cloud Shredder limits the attacker's opportunity in a short time window. We implemented a prototype that is compatible with the typical cloud storage service, Amazon S3, and supports two popular document applications, Acrobat Reader and Open Office. Our experiments show that the influence on file access performance is reasonable and should not ruin the user experience. Cloud Shredder is also applicable to smart phone, net book and other computing devices with internet connection.

Original languageEnglish (US)
Title of host publicationProc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. FCST 2011
Pages1592-1599
Number of pages8
DOIs
StatePublished - Dec 1 2011
Event10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011 - Changsha, China
Duration: Nov 16 2011Nov 18 2011

Publication series

NameProc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on FCST 2011

Other

Other10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011
CountryChina
CityChangsha
Period11/16/1111/18/11

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture
  • Software

Cite this

Zhang, N., Jing, J., & Liu, P. (2011). Cloud Shredder: Removing the laptop on-road data disclosure threat in the cloud computing era. In Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. FCST 2011 (pp. 1592-1599). [6121017] (Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on FCST 2011). https://doi.org/10.1109/TrustCom.2011.221