101. Landmark-based data location verification in the cloud : review of approaches and challenges
- Author
-
Irain, Malik, Jorda, Jacques, Mammeri, Zoubir, Temps Réel dans les Réseaux et Systèmes (IRIT-T2RS), Institut de recherche en informatique de Toulouse (IRIT), Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, Institut National Polytechnique de Toulouse - INPT (FRANCE), Centre National de la Recherche Scientifique - CNRS (FRANCE), Université Toulouse III - Paul Sabatier - UT3 (FRANCE), Université Toulouse - Jean Jaurès - UT2J (FRANCE), Université Toulouse 1 Capitole - UT1 (FRANCE), and Institut National Polytechnique de Toulouse - Toulouse INP (FRANCE)
- Subjects
[INFO.INFO-AR]Computer Science [cs]/Hardware Architecture [cs.AR] ,Cloud storage ,lcsh:Computer engineering. Computer hardware ,Landmark-based approaches ,Système d'exploitation ,Réseaux et télécommunications ,lcsh:TK7885-7895 ,Systèmes embarqués ,lcsh:QA75.5-76.95 ,[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,Security attacks ,Architectures Matérielles ,Cloud computing ,[INFO.INFO-ES]Computer Science [cs]/Embedded Systems ,lcsh:Electronic computers. Computer science ,[INFO.INFO-OS]Computer Science [cs]/Operating Systems [cs.OS] ,Data location verification - Abstract
International audience; Data storage on the cloud is growing every day and many companies, administrations, and individuals are now outsourcing storage of their data to large-scale Cloud Service Providers (CSP). However, because of today’s cloud infrastructure virtualization, data owners cannot easily know the location where their data are stored. Even in case of the establishment of a strong Service-Level Agreement, which includes an initial guarantee regarding data location, the CSP may then move data to another location, like another country, in order to cut storage costs or for any other reasons, including backup mistakes and fraudulent use of data. Data location verification is required due to legal, privacy, and performance constraints. Recently “Where are my data located in the cloud?” has become a challenge and solutions have been proposed to verify data location, under given assumptions regarding CSP behavior. The objective of this paper is twofold: propose a comprehensive classification of the location verification approaches and discuss their vulnerabilities regarding malicious CSP attacks. Location verification solutions may be Framework-based, Hardware-based or Landmark-based. This paper addresses only landmark-based approaches for their deployment flexibility and low cost.
- Published
- 2017