Abstract
Most existing cloud storage providers rely on data deduplication in order to significantly save storage costs by storing duplicate data only once. While the literature has thoroughly analyzed client-side information leakage associated with the use of data deduplication techniques in the cloud, no previous work has analyzed the information leakage associated with access trace information (e.g., object size and timing) that are available whenever a client uploads a file to a curious cloud provider. In this paper, we address this problem and analyze information leakage associated with data deduplication on a curious storage server. We show that even if the data is encrypted using a key not known by the storage server, the latter can still acquire considerable information about the stored files and even determine which files are stored. We validate our results both analytically and experimentally using a number of real storage datasets.
Original language | English |
---|---|
Title of host publication | CCSW 2016 - Proceedings of the 2016 ACM Cloud Computing Security Workshop, co-located with CCS 2016 |
Publisher | Association for Computing Machinery, Inc |
Pages | 61-72 |
Number of pages | 12 |
ISBN (Electronic) | 9781450345729 |
DOIs | |
Publication status | Published - 28 Oct 2016 |
Event | 8th ACM Cloud Computing Security Workshop, CCSW 2016 - Vienna, Austria Duration: 28 Oct 2016 → … |
Other
Other | 8th ACM Cloud Computing Security Workshop, CCSW 2016 |
---|---|
Country/Territory | Austria |
City | Vienna |
Period | 28/10/16 → … |