People/Web Search Calendar Emergency Info A-Z Index UVA Email University of Virginia

Computer Science Colloquia

Tuesday, March 17, 2015
Simon Sibomana
Advisor: David Evans
Attending Faculty: Marty Humphrey (Chair), Alfred Weaver and John Knight

1:00 PM, Rice Hall, Rm. 242

PhD Qualifying Exam Presentation
Modularizing Trust: A Framework for Cloud Storage Security

ABSTRACT

Currently, customers of cloud storage providers (CSPs), such as Dropbox and Copy, have to trust the CSP with access to their data. We propose a framework that enables the distribution of trust over the components of the system used to sync the user's data to the CSP's infrastructure. Our approach consists of dividing the system into isolated components, with limited capabilities. We rely on core operating system mechanisms to correctly limit the components' capabilities, and provide the user with configuration scripts that are easily auditable. Assuming non collusion among the components, we argue that our framework provides strong security guarantees. We have implemented two configurations of our framework, each addressing different security objectives.