PREVENTING INSIDER ATTACKS IN UNTRUSTED INFRASTRUCTURE AS A SERVICE CLOUDS
Abstract
Recent technical advances in utility computing have allowed small and medium sized businesses to move their applications to the cloud, to benefit from features such as auto-scaling and pay-as-you-go facilities. Before clouds ar wide adopted, there is a need to address privacy concerns of customer data outsourced to these platforms. In a practical approach for protecting the confidentiality and integrity of client data and computation from insider attacks such as cloud clients as well as from the Infrastructure-as-a-Service (IaaS) based cloud system administrator himself. We demonstrate a scenario of how the origin integrity and authenticity of health-care multimedia content processed on the cloud can be verified using digital watermarking in an isolated environment without revealing the watermark details to the cloud administrator. Finally to verify that our protocol does not compromise confidentiality and integrity of the client data and computation or degrade performance, we have tested a prototype system using two different approaches. Performance analysis of our implementation demonstrates that it adds negligible overhead.