Divya Gupta
UCLA. Hosting Services on an Untrusted Cloud
divyag@cs.ucla.edu
Bio
Divya Gupta is a doctoral candidate in the Department
of Computer Science at University of California at Los Angeles, where she started in the Fall of 2011 under the supervision of Prof. Amit Sahai. Her research interests include cryptography, security, and theoretical computer science. Before coming to UCLA, she graduated with a B.Tech. and M.Tech from IIT Delhi.
Hosting Services on an Untrusted Cloud
Hosting Services on an Untrusted Cloud
Outsourcing computation from a weak client to a more powerful server has received a lot of attention in recent years. This is partly due to the increasing interest in cloud computing, where the goal is to outsource all the computations to a (possibly untrusted) “cloud”. Though this is quickly becoming the predominant mode of day-to-day computation, it brings with it many security challenges, and there has been large numbers papers which address them. In our work, we expand the realm of outsourcing computation to more challenging security and privacy settings.
We consider a scenario where a service provider has created a software service
and desires to outsource the execution of this service to an untrusted cloud.
The software service contains secrets that the provider would like to keep
hidden from the cloud. For example, the software might contain a secret database, and the service could allow users to make queries to different slices of this database depending on the user’s identity.
This setting presents significant challenges not present in previous works on outsourcing or secure computation because secrets in the software itself must be protected against an adversary that has full control over the cloud that is executing this software. Furthermore, we seek to protect knowledge of the software to the maximum extent possible even if the cloud can collude with several corrupted users of this service.
In this work, we provide the first formalizations of security for this setting, yielding our definition of a secure cloud service scheme. We also provide constructions of secure cloud service schemes using cryptographic tools.