Cloud Security without Trust

Abstract

The usage of cloud services is increasing for each day. This applies to private persons which store pictures and documents, as well as bigger corporations whom outsource parts of, or all, handling of their ICT infrastructure to cloud providers. Despite the continuous increase in application, there are still substantial security concerns among current and potential cloud users. Much of the concerns are due to lack of transparency to how the cloud providers maintain and process the user data. Motivated by this, multiple cryptographic schemes has been proposed to provide users with confidence that their data are maintained as agreed upon, without the necessity of changing the architecture of the cloud provider. In this master thesis we have studied some of these cryptographic schemes, and performed a practical and economical analysis on one of them, the hourglass scheme. The hourglass scheme utilizes economical incentives to provide the cloud provider with reasons to act as agreed upon. Through implementation of hourglass functionality we identified that the validity of the scheme is dependent on resource pricing by the cloud provider, together with the actual implementation. Based on the hourglass scheme and observations while studying the different schemes, we propose a new cryptographic scheme applying to deletion of data in the cloud. Remote deletion is a challenging task to prove, but we argue that our approach will deliver the user of a cloud service comfort that the actual data in the cloud has been deleted by the cloud provider.