The perils of cross-silo deduplication: Trading user security for provider storage efficiency

Eric Rozier

doi:10.1109/WIFS.2013.6707799

The perils of cross-silo deduplication: Trading user security for provider storage efficiency

Eric Rozier

Electrical & Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

With the increasing interest in public cloud infrastructures, a crucial need has evolved for trustworthy remote data storage and processing. At the same time the increased demand for storage, from backup services, to cloud infrastructures has driven the use of deduplication to eliminate redundant data in the cloud as a means to improve storage efficiency, and save bandwidth, reducing the cost of deploying and maintaining cloud infrastructures. It is assumed that it is in the best interest of both the cloud provider, and the customer to perform cross-silo deduplication, i.e. deduplicating across user-silos within the cloud. In this paper we challenge this assumption, providing experimental data which examines the benefits of cross-silo deduplication using real data for varying silo sizes, and data similarity. We also present an in-depth analysis of the issues inherent to cross-silo deduplication, detailing the attack vectors it enables through inadvertent data leakage, including a novel pair of attacks ignored by previous works. We then discuss solutions presented in the literature, the problems inherent in these solutions, and challenge the notion that cross-silo deduplication is worth the cost in lost security.

Original language	English (US)
Title of host publication	Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013
Pages	85-90
Number of pages	6
DOIs	https://doi.org/10.1109/WIFS.2013.6707799
State	Published - Dec 1 2013
Event	2013 5th IEEE International Workshop on Information Forensics and Security, WIFS 2013 - Guangzhou, China Duration: Nov 18 2013 → Nov 21 2013

Publication series

Name	Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013

Other

Other	2013 5th IEEE International Workshop on Information Forensics and Security, WIFS 2013
Country	China
City	Guangzhou
Period	11/18/13 → 11/21/13

ASJC Scopus subject areas

Information Systems

Access to Document

10.1109/WIFS.2013.6707799

Fingerprint Dive into the research topics of 'The perils of cross-silo deduplication: Trading user security for provider storage efficiency'. Together they form a unique fingerprint.

Cite this

Rozier, E. (2013). The perils of cross-silo deduplication: Trading user security for provider storage efficiency. In Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013 (pp. 85-90). [6707799] (Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013). https://doi.org/10.1109/WIFS.2013.6707799

The perils of cross-silo deduplication : Trading user security for provider storage efficiency. / Rozier, Eric.

Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013. 2013. p. 85-90 6707799 (Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Rozier, E 2013, The perils of cross-silo deduplication: Trading user security for provider storage efficiency. in Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013., 6707799, Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013, pp. 85-90, 2013 5th IEEE International Workshop on Information Forensics and Security, WIFS 2013, Guangzhou, China, 11/18/13. https://doi.org/10.1109/WIFS.2013.6707799

Rozier E. The perils of cross-silo deduplication: Trading user security for provider storage efficiency. In Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013. 2013. p. 85-90. 6707799. (Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013). https://doi.org/10.1109/WIFS.2013.6707799

@inproceedings{563dddda4d8d403ea0ebac49a30db798,

title = "The perils of cross-silo deduplication: Trading user security for provider storage efficiency",

abstract = "With the increasing interest in public cloud infrastructures, a crucial need has evolved for trustworthy remote data storage and processing. At the same time the increased demand for storage, from backup services, to cloud infrastructures has driven the use of deduplication to eliminate redundant data in the cloud as a means to improve storage efficiency, and save bandwidth, reducing the cost of deploying and maintaining cloud infrastructures. It is assumed that it is in the best interest of both the cloud provider, and the customer to perform cross-silo deduplication, i.e. deduplicating across user-silos within the cloud. In this paper we challenge this assumption, providing experimental data which examines the benefits of cross-silo deduplication using real data for varying silo sizes, and data similarity. We also present an in-depth analysis of the issues inherent to cross-silo deduplication, detailing the attack vectors it enables through inadvertent data leakage, including a novel pair of attacks ignored by previous works. We then discuss solutions presented in the literature, the problems inherent in these solutions, and challenge the notion that cross-silo deduplication is worth the cost in lost security.",

author = "Eric Rozier",

year = "2013",

month = dec,

day = "1",

doi = "10.1109/WIFS.2013.6707799",

language = "English (US)",

isbn = "9781467355933",

series = "Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013",

pages = "85--90",

booktitle = "Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013",

note = "2013 5th IEEE International Workshop on Information Forensics and Security, WIFS 2013 ; Conference date: 18-11-2013 Through 21-11-2013",

}

TY - GEN

T1 - The perils of cross-silo deduplication

T2 - 2013 5th IEEE International Workshop on Information Forensics and Security, WIFS 2013

AU - Rozier, Eric

PY - 2013/12/1

Y1 - 2013/12/1

N2 - With the increasing interest in public cloud infrastructures, a crucial need has evolved for trustworthy remote data storage and processing. At the same time the increased demand for storage, from backup services, to cloud infrastructures has driven the use of deduplication to eliminate redundant data in the cloud as a means to improve storage efficiency, and save bandwidth, reducing the cost of deploying and maintaining cloud infrastructures. It is assumed that it is in the best interest of both the cloud provider, and the customer to perform cross-silo deduplication, i.e. deduplicating across user-silos within the cloud. In this paper we challenge this assumption, providing experimental data which examines the benefits of cross-silo deduplication using real data for varying silo sizes, and data similarity. We also present an in-depth analysis of the issues inherent to cross-silo deduplication, detailing the attack vectors it enables through inadvertent data leakage, including a novel pair of attacks ignored by previous works. We then discuss solutions presented in the literature, the problems inherent in these solutions, and challenge the notion that cross-silo deduplication is worth the cost in lost security.

AB - With the increasing interest in public cloud infrastructures, a crucial need has evolved for trustworthy remote data storage and processing. At the same time the increased demand for storage, from backup services, to cloud infrastructures has driven the use of deduplication to eliminate redundant data in the cloud as a means to improve storage efficiency, and save bandwidth, reducing the cost of deploying and maintaining cloud infrastructures. It is assumed that it is in the best interest of both the cloud provider, and the customer to perform cross-silo deduplication, i.e. deduplicating across user-silos within the cloud. In this paper we challenge this assumption, providing experimental data which examines the benefits of cross-silo deduplication using real data for varying silo sizes, and data similarity. We also present an in-depth analysis of the issues inherent to cross-silo deduplication, detailing the attack vectors it enables through inadvertent data leakage, including a novel pair of attacks ignored by previous works. We then discuss solutions presented in the literature, the problems inherent in these solutions, and challenge the notion that cross-silo deduplication is worth the cost in lost security.

UR - http://www.scopus.com/inward/record.url?scp=84894190680&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84894190680&partnerID=8YFLogxK

U2 - 10.1109/WIFS.2013.6707799

DO - 10.1109/WIFS.2013.6707799

M3 - Conference contribution

AN - SCOPUS:84894190680

SN - 9781467355933

T3 - Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013

SP - 85

EP - 90

BT - Proceedings of the 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013

Y2 - 18 November 2013 through 21 November 2013

ER -