Skip to content

Data Security and Privacy in the Cloud

Three PhD Computer Science graduate students at UTDallas, Harichandan Roy, Erman Pattuk, and Fahad Shaon, pictured above, have been working under the direction of Dr. Murat Kantarcioglu to improve data security and privacy in the cloud.   At the weekly Computer Science Mixer on 9/19/2014, they talked about their research.  Their work is summarized, in their own words, below.

Recent advances in cloud computing enable customers to outsource various IT related tasks to third-party cloud service providers. In particular, institutions or small companies can now migrate to cloud, mitigate the burden of IT or data management, and focus on their core business tasks. For instance, a popular web application, FourSquare, runs on Amazon EC2, which handles all IT related tasks (e.g., storing data, load balancing, elastic scale).

Despite its numerous advantages, cloud computing also introduces new challenges and concerns, primarily the security and privacy risks. The concerns simply stem from outsourcing possibly sensitive data (e.g., member data in FourSquare, health records of a patient) to a distant computing environment, which may attract third-party adversaries. Recent events (e.g., breach to Target’s customer database, NSA collecting data from multiple major internet companies) suggest that when your data is in cloud or somewhere public, there is a major risk of data theft and privacy loss.

In our research, we address such concerns by proposing secure solutions to be used in public cloud service providers, while preserving the performance and monetary advantages of the service itself. In particular, in our recent work titled “Preventing Cryptographic Key Leakage in Cloud Virtual Machines”, we built a system called Hermes that protects the most vital piece information to be stored in public cloud environment, that is a cryptographic key. It is extremely important to keep those keys secret from any adversary, since it allows authentication of your true identity to any other entity that you are communicating with. Once a malicious party learns this secret key, it can impersonate you, which introduces huge amount of problems.

The  Department of Computer Science at UT Dallas  is one of the largest CS departments in the United States with more than 750 undergraduate, 500 master, and 125 PhD students.  They are committed to exceptional teaching and research in a culture that is as daring as it is supportive.

Binary Code Reuse: A Dynamic Binary Analysis Approach
Graduate Research - Distributed Systems