research-article

Geolocation of data in the cloud

Authors:

Zachary N.J. PetersonAuthors Info & Claims

CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacy

Pages 25 - 36

https://doi.org/10.1145/2435349.2435353

Published: 18 February 2013 Publication History

Abstract

We introduce and analyze a general framework for authentically binding data to a location while providing strong assurances against cloud storage providers that (either accidentally or maliciously) attempt to re-locate cloud data. We then evaluate a preliminary solution in this framework that combines constraint-based host geolocation with proofs of data possession, called constraint-based data geolocation (CBDG). We evaluate CBDG using a combination of experiments with PlanetLab and real cloud storage services, demonstrating that we can bind fetched data to the location originally hosting it with high precision. We geolocate data hosted on the majority of our PlanetLab targets to regions no larger than 118,000 km^2, and we geolocate data hosted on Amazon S3 to an area no larger than 12,000 km^2, sufficiently small to identify the state or service region.

References

[1]

Amazon Web Services. Summary of the Amazon EC2 and Amazon RDS service disruption in the US east region. Available at http://aws.amazon.com/message/65648/.

[2]

Amazon Web Services. Overview of security processes, May 2011. Available at http://aws.amazon.com/security.

[3]

G. Ateniese, R. Burns, R. Curtmola, J. H. amd Lea Kissner, Z. Peterson, and D. Song. Provable data possession at untrusted stores. In Proceedings of the ACM Conference on Computer and Communications Security, 2007.

Digital Library

[4]

G. Ateniese, S. Kamara, and J. Katz. Proofs of storage from homomorphic identification protocols. In Proceedings of ASIACRYPT, 2009.

Digital Library

[5]

G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik. Scalable and efficient provable data possession. In Proceedings of the International Conference on Security and Privacy in Communication Networks, 2008.

Digital Library

[6]

K. Benson, R. Dowsley, and H. Shacham. Do you know where your cloud files are? In Proceedings of the ACM Cloud Computing Security Workshop, 2011.

Digital Library

[7]

H. Blodget. Amazon's cloud crash disaster permanently destroyed many customers' data. Business Insider, April 4 2011. http://www.businessinsider.com/amazon-lost-data-2011-4.

[8]

K. D. Bowers, A. Juels, and A. Oprea. Proofs of retrievability: Theory and implementation. In Proceedings of the ACM Workshop on Cloud Computing Security, 2009.

Digital Library

[9]

K. D. Bowers, M. van Dijk, A. Juels, A. Oprea, and R. L. Rivest. How to tell if your cloud files are vulnerable to drive crashes. In Proceedings of the ACM Conference on Computer and Communications Security, 2011.

Digital Library

[10]

N. Chandran, V. Goyal, and R. M. R. Ostrovsky. Position based cryptography. In Proceedings of the International Cryptology Conference, 2009.

Digital Library

[11]

CIO Council. Proposed security assessment & authorization for US government cloud computing, November 2010.

[12]

R. Curtmola, O. Khan, and R. Burns. Robust remtoe data checking. In Proceedings of the ACM International Workshop on Storage Security and Survivability, 2008.

Digital Library

[13]

R. Curtmola, O. Khan, R. Burns, and G. Ateniese. MR-PDP: Multiple-replica provable data possession. In Proceedings of the International Conference on Distributed Computing Systems, 2008.

Digital Library

[14]

Y. Deswarte, J.-J. Quisquater, and A. Sa1dane. Remote integrity checking: How to trust files stored on untrusted servers. In Proceedings of the Conference on Integrity and Internal Control in Information Systems, 2003.

[15]

C. C. Erway, A. Küpcü, C. Papamanthou, and R. Tamassia. Dynamic provable data possession. In Proceedings of the ACM Conference on Computer and Communication Security, 2009.

Digital Library

[16]

European Commission. Regulation of the european parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (general data protection regulation). Directive 95/46/EC, 2012.

[17]

D. L. G. Filho and P. S. L. M. Barreto. Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150, 2006.

[18]

P. Gill, Y. Ganjali, B. Wong, and D. Lie. Dude, where's that IP? Circumventing measurement-based IP geolocation. In Proceedings of the USENIX Security Symposium, 2010.

Digital Library

[19]

N. Gohring. Amazon's S3 down for several hours. PC World, Feb 15 2008. http://www.pcworld.com/businesscenter/article/142549/amazons_s3_down_for_several_hours.html.

[20]

B. Gueye, A. Ziviani, M. Crovella, and S. Fdida. Constraint-based geolocation of Internet hosts. Transactions on Networking, 14(6), December 2006.

Digital Library

[21]

S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg. Proofs of ownership in remote storage systems. In Proceedings of the ACM Conference on Computer and Communications Security, 2011.

Digital Library

[22]

D. Harris. Amazon targets US government with GovCloud. The New York Times, August 2011. http://nyti.ms/y6A0ZH.

[23]

B. Huffaker, M. Fomenkov, and kc claffy. Geocompare: a comparison of public and commercial geolocation databases. In Proceedings of the Network Mapping and Measurement Conference (NMC), 2011.

[24]

K. Irion. Government cloud computing and the policies of data sovereignty, 2011. Available at http://ssrn.com/abstract=1935859.

[25]

A. Juels and B. S. Kaliski Jr. PORs: Proofs of retrievability for large files. In Proceedings of the ACM Conference on Computer and Communications Security, 2007.

Digital Library

[26]

E. Katz-Bassett, J. P. John, A. Krishnamurthy, D. Wetherall, T. Anderson, and Y. Chawathe. Towards IP geolocation using delay and topology measurements. In Proceedings of the Conference on Internet Measurement, 2006.

Digital Library

[27]

V. Kundra. Federal cloud computing strategy, February 2011. Available at http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf.

[28]

K. E. Kushida, J. Murray, and J. Zysman. Diffusing the cloud: Cloud computing and implications for public policy. Journal of Industry, Competition and Trade, 11(3), 2011.

[29]

S. Laki, P. Matray, P. Haga, I. Csabai, and G. Vattay. A detailed path-latency model for router geolocation. In Proceedings of the International Conference on Testbeds and Research Infrastructures for the Development of Networks Communities and Workshops, 2009.

[30]

A. Li, X. Yang, S. Kandula, and M. Zhang. CloudCmp: Comparing public cloud providers. In Proceedings of the Internet Modeling Conference, 2010.

Digital Library

[31]

Microsoft Corporation. Building confidence in the cloud: A proposal for industry and government action to advance cloud computing. Technical report, Microsoft Corporation, January 2010.

[32]

M. Naor and G. N. Rothblum. The complexity of online memory checking. Journal of the ACM, 56(1), 2009.

Digital Library

[33]

V. N. Padmanabhan and L. Subramanian. An investigation of geographic mapping techniques for Internet hosts. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, 2001.

Digital Library

[34]

R. Percacci and A. Vespignani. Scale-free behavior of the internet global performance. European Physical Journal B, 32(4), 2003.

[35]

Z. N. J. Peterson, M. Gondree, and R. Beverly. A position paper on data sovereignty: The importance of geolocating data in the cloud. In Proceedings of the USENIX Workshop on Hot Topics in Cloud Computing, 2010.

Digital Library

[36]

I. Poese, S. Uhlig, M. A. Kaafar, B. Donnet, and B. Gueye. Ip geolocation databases: unreliable? Computer Communication Review, 41(2), 2011.

Digital Library

[37]

T. Schwarz, S.J. and E. L. Miller. Store, forget, and check: Using algebraic signatures to check remotely administered storage. In Proceedings of the IEEE International Conference on Distributed Computing Systems, 2006.

Digital Library

[38]

H. Shacham and B. Waters. Compact proofs of retrievability. In Proceedings of ASIACRYPT, 2008.

Digital Library

[39]

M. A. Shah, M. Baker, J. C. Mogul, and R. Swaminathan. Auditing to keep online storage services honest. In Proceedings of the USENIX workshop on Hot Topics in Operating Systems, 2007.

Digital Library

[40]

S. Siwpersad, B. Gueye, and S. Uhlig. Assessing the geographic resolution of exhaustive tabulation for geolocating internet hosts. In Passive and Active Network Measurement, 2008.

Digital Library

[41]

J. Sommers, P. Barford, N. Duffield, and A. Ron. Multiobjective monitoring for SLA compliance. Transaction on Networking, 18(2), 2010.

Digital Library

[42]

S. Capkun, M. Cagalj, and M. Srivastava. Secure localization with hidden and mobile base stations. In Proceedings of the IEEE International Conference on Computer Communications, 2006.

[43]

Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou. Enabling public verifiability and data dynamics for storage security in cloud computing. In Proceedings of the European Symposium on Research in Computer Security, 2009.

Digital Library

[44]

B. Wong, I. Stoyanov, and E. G. Sirer. Octant: A comprehensive framework for the geolocalization of internet hosts. In Proceedings of the USENIX Networked Systems Design and Implementation, 2007.

Digital Library

Cited By

Correia CPrates RFonseca LCorreia MRodrigues L(2024)PoTR: Accurate and Efficient Proof of Timely-Retrievability for Storage SystemsFormal Aspects of Computing10.1145/368593536:4(1-26)Online publication date: 2-Aug-2024
https://dl.acm.org/doi/10.1145/3685935
Offer AZilberman AShabtai AElovici YPuzis RRegazzoni FFournaris A(2023)CDGeB: Cloud Data Geolocation BenchmarkProceedings of the 2023 on Cloud Computing Security Workshop10.1145/3605763.3625273(69-74)Online publication date: 26-Nov-2023
https://dl.acm.org/doi/10.1145/3605763.3625273
Correia CPrates RCorreia MRodrigues L(2023)PoTR: Accurate and Efficient Proof of Timely-Retrievability for Storage Systems2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing (PRDC)10.1109/PRDC59308.2023.00023(111-122)Online publication date: 24-Oct-2023
https://doi.org/10.1109/PRDC59308.2023.00023
Show More Cited By

Index Terms

Geolocation of data in the cloud
1. Security and privacy
  1. Cryptography
  2. Systems security
    1. Operating systems security

Recommendations

A hill cipher-based remote data possession checking in cloud storage

Cloud storage enables users to access their data at any time anywhere. It has the advantages of high scalability, ease of use, cost effectiveness, and so on. However, the server that stores users' data may not be fully trustworthy. When users store ...
Identity-based provable data possession revisited

Provable Data Possession (PDP), which enables cloud users to verify the data integrity without retrieving the entire file, is highly essential for cloud storage. Observing all the existing PDP schemes rely on the Public Key Infrastructure (PKI), Wang ...
A Review on Secure Data Deduplication: Cloud Storage Security Issue
Abstract
Cloud storage service providers caters to the need of organizations and individuals by allowing them to store, transfer and backup their ever-increasing amount of data at low cost along with providing access to the other resources of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacy

February 2013

400 pages

ISBN:9781450318907

DOI:10.1145/2435349

General Chairs:
Elisa Bertino
Purdue University, USA
,
Ravi Sandhu
University of Texas at San Antonio, USA
,
Program Chair:
Lujo Bauer
Carnegie Mellon University, USA
,
Publications Chair:
Jaehong Park
University of Texas at San Antonio, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 February 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CODASPY'13

Sponsor:

SIGSAC

CODASPY'13: Third ACM Conference on Data and Application Security and Privacy

February 18 - 20, 2013

Texas, San Antonio, USA

Acceptance Rates

CODASPY '13 Paper Acceptance Rate 24 of 107 submissions, 22%;

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

63
Total Citations
View Citations
974
Total Downloads

Downloads (Last 12 months)29
Downloads (Last 6 weeks)2

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Correia CPrates RFonseca LCorreia MRodrigues L(2024)PoTR: Accurate and Efficient Proof of Timely-Retrievability for Storage SystemsFormal Aspects of Computing10.1145/368593536:4(1-26)Online publication date: 2-Aug-2024
https://dl.acm.org/doi/10.1145/3685935
Offer AZilberman AShabtai AElovici YPuzis RRegazzoni FFournaris A(2023)CDGeB: Cloud Data Geolocation BenchmarkProceedings of the 2023 on Cloud Computing Security Workshop10.1145/3605763.3625273(69-74)Online publication date: 26-Nov-2023
https://dl.acm.org/doi/10.1145/3605763.3625273
Correia CPrates RCorreia MRodrigues L(2023)PoTR: Accurate and Efficient Proof of Timely-Retrievability for Storage Systems2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing (PRDC)10.1109/PRDC59308.2023.00023(111-122)Online publication date: 24-Oct-2023
https://doi.org/10.1109/PRDC59308.2023.00023
Felde HReding JLux M(2023)D-GATE: Decentralized Geolocation and Time Enforcement for Usage Control2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW59978.2023.00049(386-395)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSPW59978.2023.00049
Zhang LXiong HHuang QLi JChoo KLi J(2022)Cryptographic Solutions for Cloud Storage: Challenges and Research OpportunitiesIEEE Transactions on Services Computing10.1109/TSC.2019.293776415:1(567-587)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TSC.2019.2937764
Schmieders EMetzger APohl K(2022)A Runtime Model Approach for Data Geo-location Checks of Cloud ServicesService-Oriented Computing10.1007/978-3-662-45391-9_21(306-320)Online publication date: 11-Mar-2022
https://dl.acm.org/doi/10.1007/978-3-662-45391-9_21
Jiang TMeng WYuan XWang LGe JMa J(2021)ReliableBox: Secure and Verifiable Cloud Storage With Location-Aware BackupIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2021.308059432:12(2996-3010)Online publication date: 1-Dec-2021
https://doi.org/10.1109/TPDS.2021.3080594
Khan ADin SJeon GPiccialli F(2021)Lucy With Agents in the Sky: Trustworthiness of Cloud Storage for Industrial Internet of ThingsIEEE Transactions on Industrial Informatics10.1109/TII.2020.297449317:2(953-960)Online publication date: Feb-2021
https://doi.org/10.1109/TII.2020.2974493
Bowers ALiao CSteiert DLin DSquicciarini AHurson A(2021)Detecting Suspicious File Migration or Replication in the CloudIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2018.288527118:1(296-309)Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1109/TDSC.2018.2885271
Bashir SMisic V(2021)Detecting Fake Points of Interest from Location Data2021 IEEE International Conference on Big Data (Big Data)10.1109/BigData52589.2021.9671411(5347-5356)Online publication date: 15-Dec-2021
https://doi.org/10.1109/BigData52589.2021.9671411
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents