|Implementation||Security Primitive||Security Requirements Addressed||Cloud||Description||Links|
|Verifiable Document Redacting||Verifiable Computation||Computation Efficiency||A verifiable document redacting primitive that empowers cloud users to easily remove some part of their already signed document without having an impact on the validity of the signature. Thanks to this new primitive, users will not disclose private information of the document that does not need to be shared with the destined party.||D3.3 - Complete Design and Evaluation of Verifiability mechanisms|
|Attack Surface Reduction (KTRIM)||Attack Surface Reduction||Resource Isolation||Multi-Tenancy||D4.2 - A Proposal for Resource Isolation in Multi-Tenant Storage Systems|
|Authenticated Encryption||Processing on Encrypted Data||Privacy-Preserving Processing||Data Processing||
Authenticated encryption with new security model and construction. StoA authenticated encryption with variable stretch is vulnerable to some attacks that misuse the variable stretch. A new security definition is proposed and followed by a new construction.
|D5.3 - Implementation of Provisioning, Outsourcing and Processing Frameworks, ASIACRYPT’16|
|Shared Ownership||Secure Enforcement of Policies||Access Control & Policy Enforcement||Data Access||
Shared Ownership allows joint access control decisions on collaboratively created cloud data. In our work we present an instantiation of shared ownership that is more efficient than previous work and allows fair accounting through block-chains.
|D4.4. A proposal for secure enforcement of policies in the Cloud|
|MIRROR||PoR and replication||Verifiable Storage||Storage Efficiency||
Proofs of retrievability for data replications. It allows the data replication be handled by the cloud provider, who will then generate proofs of retrievability of these replicas upon user attestation.
|D3.3 - Complete Design and Evaluation of Verifiability mechanisms, USENIX Security’16|
|SPORT||Deduplication and PoR||Verifiable Storage||Storage Efficiency||
De-duplication on the authenticators used for Proofs of Retrievability across multiple users. Relying on key-message homomorphic encryption, the cloud providers are able to merge the PoR authenticators generated by different users using different credentials and the merged authenticators is verifiable by all users.
|D3.3 - Complete Design and Evaluation of Verifiability mechanisms, ACM ASIACCS’17|
|ML-POR with MLKeygen||PoR and Key Management||Verifiable Storage||Storage Efficiency||
Message Locked PoR and Message locked key generation. This primitive enables clients to verify the retrievability of their files while also allowing file-based deduplication based on a dedicated message-locked key generation. Since all keying material are depending on the file itself the encryption and encoding of the files remain the same if the file is the same.
|D3.3 - Complete Design and Evaluation of Verifiability mechanisms, CCSW’16, D4.3 - A Proposal for Data Confidentiality and Deduplication|
|Secure Deletion||Secure Enforcement of Policies||Access Control & Policy Enforcement||Multi-Tenancy, Storage Efficiency||
The primitive provides secure deletion on an honest-but-curious cloud storage. Therefore, clients can store all the files on the cloud as usual, but still achieve secure deletion, which cannot be guaranteed otherwise. The solution is based on encryption.
|D4.4. A proposal for secure enforcement of policies in the Cloud, Secure Deletion Primitive Blog Post|
|Logical Partitioning Hypervisor||Resource Isolation||Resource Isolation||
Provides light-weight isolation on many-core platforms. Allows management of encrypted and integrity-protected virtual machine images.
|Multi-tenancy Access Control (EPICA)||Secure Enforcement of Policies||Access Control & Policy Enforcement||Multi-Tenancy||
The aim of the primitive is to provide an enforcement component for distributed attribute-based access control (ABAC) policies that ensures that authorized users always get access to the selected cloud resource (either data or service) whilst the access is refused to malicious parties, in the context of a multi-tenant cloud infrastructure.
|D4.4 (due in M24)|
|TPM-based Remote Attestation (TRAVIS)||Remote Attestation||System Integrity||Computation Efficiency||
Remote Attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser over a network. The Remote Attestation generates the evidence of whether or not the untrusted cloud platform is running in the expected state, and therefore, the result of the service, application or VM image outsourced to the cloud is trustworthy.
|D3.2 Specification and Preliminary Design of Verifiability mechanisms, D3.3 - Complete Design and Evaluation of Verifiability mechanisms|
|Container Isolation component||Container privacy and Isolation||Resource Isolation||Storage Efficiency||
The Container Isolation module provides two functionalities: First, it implements a tool used to extract and encrypt a Docker container image layer in order to safely transfer it into a target Docker host. Second, it enables a container to store its data over encrypted storage mediums, in order to ensure that the confidential data cannot be retrieved by an adversary with access in the host’s storage backend
|D4.2 (due M30)|
|Key Management for Secure Deduplication (OOPRF)||Key Management||Data Privacy||Storage Efficiency||
This scheme is intended to be used in a scenario where multiple users are using a storage system to store data.
|D4.3 - A Proposal for Data Confidentiality and Deduplication|
|IBM's PoW||Proof of Ownership||Verifiable Ownership||Availability, Storage Efficiency||
A cryptographic protocol that regulates the interactions between a prover and a verifier. The protocol is usually executed in the context of a storage outsourcing scenario, where the prover is the client and the verifier is the (storage) service provider. The correctness property of PoW schemes require that the owner of a file will succeed in convincing the verifier of this fact.
|http://www.tredisec.eu/content/d33-complete-design-and-evaluation-verifiability-mechanisms, PoW primitive on GitHub|
|Vulnerability Discovery||Fuzz Testing||Resource Isolation||
This tool behaves like a classic fuzz tester, by supplying mutated input to a program and observing its behaviour. Often, mutated input leads to crashes, and the crashes reveal ways of exploiting the program. Standard fuzzers however do not take into account the distributed nature of some of the software that powers the cloud. The distributed fuzzer will be optimized for distributed programs and components. The output is a series of crash reports including back-traces and the developer/tester can manually intervene to fix the bug and harden the code.
|Software Hardening (MEMCAT)||Attack Surface Reduction||Resource Isolation||Multi-Tenancy||
This mechanism includes a wide set of tools that ensures that an attacker has the smallest amount of resources at its disposal to attack a system. This is valuable because several zero-day exploits target unused features of the kernel.
|D4.2 (due M30)|
|Secure De-duplications||Data confidentiality & Dedup||Data Privacy||Storage Efficiency||
Files are encrypted on the client side before being uploaded to the cloud, and will be decrypted on the client side after being downloaded to local. The encryption key is kept by the clients. The encryption keys are acquired by the clients from some remote entity, in a privacy-preserving way that the remote entity is not able to infer or distinguish the file content from the requests from all clients, but this remote entity will ensure that the same file content will derive the same encryption key. Thanks to this feature, files across multiple clients can be de-duplicated. Only one copy of a file with unique content (in its encrypted form) will be stored in the cloud server. When duplicated files are deleted, only the links of the ownership will be removed. The file copy in the cloud will be removed only when the file is unique across all clients.
|D4.3 (due in M30), D3.3 (due in M30), ACM’2015|
|Advanced Encryption Resilient to Key-Leakage||Data confidentiality & Dedup||Data Privacy||Storage Efficiency||
The encryption primitive encrypts and partitions the file, in a way that the file can be decrypted only when all the partitions of the encrypted data as well as the decryption key are available.
|D4.3 (due in M30), IEEE Transactions on Cloud Computing’17|
|PoR||Storage Integrity with Proofs of Retrievability (PoR)||Verifiable Storage||Availability, Storage Efficiency||
Proofs of Retrievability (PoR) are cryptographic proofs that enable a cloud provider to prove that the tenant can retrieve his file in its entirety. A tenant can ask the cloud provider to provide such proofs of a requested file without the need to download the file The aim of providing the PoR primitive is to provide strong assurance of storage integrity to the tenants.
|D3.3 (due in M30)|
|Multi-Tenancy Enabled Encrypted Database||Data Confidentiality||Data Privacy||Multi-Tenancy||
If data is deployed on a server in an untrusted environment (e.g. the cloud), the data owner might be afraid of honest-but-curious database administrators or other personnel or external attackers who have access to the server. Our processing mechanism uses adjustable query-based encryption: The data is encrypted in so called onion encryption layers where the weakest encryption schemes are the innermost layers, which are then encrypted with other encryption schemes.
|D4.2 (due in M30)|
|Secure Data Migration Service||Data provisioning & Optimized Encryption||Privacy-Preserving Data Outsourcing||Storage Efficiency||
This tool allows cloud customers to migrate relational SQL databases into the cloud such that confidentiality is provided against the service provider but the database can still be queried.
|D5.1, D5.2 , D5.3 (due in M30), Blog Post|
|MUSE||Privacy preserving word search||Privacy-Preserving Processing||Data Processing||
A multi-user searchable encryption solution that allows users (called writers) to outsource their encrypted documents. Afterwards, other users (called readers) can perform some word search operations without the need of re-downloading the entire document and only if they are authorized to do so.
|D5.3 (due in M30), ISC’2015|
|Biometric Features Extraction in the Encrypted Domain||Privacy-preserving Data processing||Privacy-Preserving Processing||Data Processing||
This primitive could be used to prove the user/citizen/customer that some processing (like the liveness detection) has indeed been computed on the authentication data, thus enabling to check the conformance to (e.g. governmental) rules/standards.
|D5.3 (due in M30) , RWC 2017|
|Verifiable Matching of Biometric Templates||Processing verifiability||Verifiable Computation||Computation Efficiency||
This primitive could be offered as a service to perform biometric authentication on trusted servers while preserving the privacy of the data. It could also be simply adapted to validate ID doc against trusted data sources
|D5.2 , WIFS 2015|
|Verifiable Matrix Multiplication||Processing verifiability||Verifiable Computation||Computation Efficiency||
It is a cryptographic scheme that enables a cloud provider to compute the multiplication of a given vector with the matrix and to prove to a user that the output is actually correct. The goal of the solution is to render the verification of the proof as efficient as possible.
|D3.3 (due in M30) , ASIACCS’16|