TY - GEN
T1 - Protecting private cloud located within public cloud
AU - Zhang, Hongli
AU - Ye, Lin
AU - Du, Xiaojiang
AU - Guizani, Mohsen
PY - 2013
Y1 - 2013
N2 - Many studies use cryptographic technologies to protect sensitive data in public cloud. However, these approaches may introduce large overheads. Recently, hybrid cloud started to gain a lot of attentions. A hybrid cloud consists of a private cloud and a public cloud. Hybrid cloud allows users to store sensitive data in their private cloud and hence enables efficient and secure data outsourcing. In this paper, we consider a new hybrid cloud model 'Cloud-in-Cloud' (CIC). Our CIC model uses a new architecture to form a hybrid cloud: placing a small number of private computers (i.e., a small private cloud) within a public cloud. The private cloud can be used to store sensitive user data. Furthermore, it is within the public cloud, so the communications between private and public clouds have small overhead. And then we study how to protect a private cloud that locates within a semi-trusted environment. We present two methods that can detect attacks that try to obtain data and information in the private cloud. Our methods are able to efficiently detect physical attacks, such as the cold boot attack and the USB autorun attack. Experimental results show that our methods have small overhead.
AB - Many studies use cryptographic technologies to protect sensitive data in public cloud. However, these approaches may introduce large overheads. Recently, hybrid cloud started to gain a lot of attentions. A hybrid cloud consists of a private cloud and a public cloud. Hybrid cloud allows users to store sensitive data in their private cloud and hence enables efficient and secure data outsourcing. In this paper, we consider a new hybrid cloud model 'Cloud-in-Cloud' (CIC). Our CIC model uses a new architecture to form a hybrid cloud: placing a small number of private computers (i.e., a small private cloud) within a public cloud. The private cloud can be used to store sensitive user data. Furthermore, it is within the public cloud, so the communications between private and public clouds have small overhead. And then we study how to protect a private cloud that locates within a semi-trusted environment. We present two methods that can detect attacks that try to obtain data and information in the private cloud. Our methods are able to efficiently detect physical attacks, such as the cold boot attack and the USB autorun attack. Experimental results show that our methods have small overhead.
KW - attack
KW - heartbeat
KW - hook
KW - hybrid cloud
UR - http://www.scopus.com/inward/record.url?scp=84904090930&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84904090930&partnerID=8YFLogxK
U2 - 10.1109/GLOCOM.2013.6831150
DO - 10.1109/GLOCOM.2013.6831150
M3 - Conference contribution
AN - SCOPUS:84904090930
SN - 9781479913534
SN - 9781479913534
T3 - Proceedings - IEEE Global Communications Conference, GLOBECOM
SP - 677
EP - 681
BT - 2013 IEEE Global Communications Conference, GLOBECOM 2013
T2 - 2013 IEEE Global Communications Conference, GLOBECOM 2013
Y2 - 9 December 2013 through 13 December 2013
ER -