6.9.1. Network Delay-based Model

Network Delay-based Model 1/1

(from   : 1  reviewed in   : 2 )

Benson, Dowsley and Shacham   : 1  proposed a model for checking if distinct copies of data are kept at different geographic locations (BDS model"). The idea behind, is that a verifier must receive an answer within a certain time.

The server which does not posses its own copy and has to retrieve it first from other servers at different locations - which takes additional time.

Assumption 1
The locations of all data centers of the cloud provider are known.

Assumption 2
The cloud provider does not have any exclusive Internet connection between the data centers.

Assumption 3
For each datacenter \(s\), it is possible to have access to a machine that is located very close to \(s\) (i.e. the network latency is small).

Client checks if server \(s_i\) has a copy of the file

Let:
  • \(s_i\), \(s_j\) be colluding malicious servers who only store one copy of the file at \(s_j\).
  • \(T_i\) be the upper bound on the execution time an auditing protocol run at \(s_i\),
  • \(t_i\) be the network delay between the client and \(s_i\),
  • \(t_{i,j}\) be the network delay between data centers \(s_i\) and \(s_j\).
  • \(max(t)\) to denote the upper bound on \(t\)
  • \(min(t)\) to denote the lower bound on \(t\).
Attack:
if \(s_i\) is queried, it redirects the challenge to \(s_j\) , which answers directly to the client.
Discovery:
if (answer received in: \(T_i + 2\cdot max(t_i)\)) then \(s_i\) is honest else if (answer received in: \(min(t_i)+min(t_{i,j})+min(t_j)\) ) then attack is probable.

Bibliography 1/1

1

Benson, K., Dowsley, R., Shacham, H.: Do you know where your cloud files are?

In Cachin, C., Ristenpart, T., eds.: Proceedings of the 3rd ACM Cloud Computing Security Workshop, CCSW 2011, Chicago, IL, USA, October 21, 2011, ACM (2011) 73{82. http://doi.acm.org/10.1145/2046660.2046677

2

Chen, B., Curtmola, R: Towards self-repairing replication-based stor-age systems using untrusted clouds.

In Bertino, E., Sandhu, R.S., Bauer, L., Park, J., eds.: Third ACM Conference on Data and Ap-plication Security and Privacy, CODASPY'13, San Antonio, TX, USA, February 18-20, 2013, ACM (2013) 377-388. http://doi.acm.org/10.1145/2435349.2435402



PREV
NEXT

Projekt Cloud Computing – nowe technologie w ofercie dydaktycznej Politechniki Wrocławskiej (UDA.POKL.04.03.00-00-135/12)jest realizowany w ramach Programu Operacyjnego Kapitał Ludzki, Priorytet IV. Szkolnictwo wyższe i nauka, Działanie 4.3. Wzmocnienie potencjału dydaktycznego uczelni w obszarach kluczowych w kontekście celów Strategii Europa 2020, współfinansowanego ze środków Europejskiego Funduszu Społecznego i budżetu Państwa