Secure storage as a service
Access status:
Open Access
Type
ThesisThesis type
Doctor of PhilosophyAuthor/s
Li, YananAbstract
Cloud storage, as a storage infrastructure, offers many advantages over on-premises storage and even enhances other services, such as streaming services and gaming platforms,
making them more efficient, scalable, and accessible. This aligns with the concept of storage as a ...
See moreCloud storage, as a storage infrastructure, offers many advantages over on-premises storage and even enhances other services, such as streaming services and gaming platforms, making them more efficient, scalable, and accessible. This aligns with the concept of storage as a service. However, it also raises significant security concerns on data privacy, as most stored data is accessible to the service provider, who could exploit it for profit, and is vulnerable to data breaches. In this dissertation, we systematically study secure storage as a service, including secure cloud storage services and secure cloud storage for other applications. 1. We first studied a secure cloud storage solution for other applications. Many applications provide services for users and rent cloud storage to store user’s data. We modularly designed a secure storage solution for those applications, so that the user’s data is only visible to user-self. Furthermore, the solution is fully compatible with existing cloud storage services such as AWS S3, and transparent to users who can still use the application via one password without concerns of offline attacks. 2. We studied how to enable the version control functionality and corresponding securities for secure storage. Most cloud storage services offer limited versions and access controls relying on the trust of storage providers. we got rid of the trust on server, designed end-to-end secure Git services. Moreover, the design is compatible with existing Git servers. 3. We studied secure storage with stronger security in terms of key compromise. Key rotation is an effective way to improve key compromise resilience via updating encrypted data under new key periodically, and updatable encryption enables data encryption with key rotation. We first studied updatable encryption with stronger security that is needed for secure storage. Then we further formalized secure storage system with key compromise resilience.
See less
See moreCloud storage, as a storage infrastructure, offers many advantages over on-premises storage and even enhances other services, such as streaming services and gaming platforms, making them more efficient, scalable, and accessible. This aligns with the concept of storage as a service. However, it also raises significant security concerns on data privacy, as most stored data is accessible to the service provider, who could exploit it for profit, and is vulnerable to data breaches. In this dissertation, we systematically study secure storage as a service, including secure cloud storage services and secure cloud storage for other applications. 1. We first studied a secure cloud storage solution for other applications. Many applications provide services for users and rent cloud storage to store user’s data. We modularly designed a secure storage solution for those applications, so that the user’s data is only visible to user-self. Furthermore, the solution is fully compatible with existing cloud storage services such as AWS S3, and transparent to users who can still use the application via one password without concerns of offline attacks. 2. We studied how to enable the version control functionality and corresponding securities for secure storage. Most cloud storage services offer limited versions and access controls relying on the trust of storage providers. we got rid of the trust on server, designed end-to-end secure Git services. Moreover, the design is compatible with existing Git servers. 3. We studied secure storage with stronger security in terms of key compromise. Key rotation is an effective way to improve key compromise resilience via updating encrypted data under new key periodically, and updatable encryption enables data encryption with key rotation. We first studied updatable encryption with stronger security that is needed for secure storage. Then we further formalized secure storage system with key compromise resilience.
See less
Date
2025Rights statement
The author retains copyright of this thesis. It may only be used for the purposes of research and study. It must not be used for any other purposes and may not be transmitted or shared with others without prior permission.Faculty/School
Faculty of Engineering, School of Computer ScienceAwarding institution
The University of SydneyShare