research-article

TMS: a trusted mail repository service using public storage clouds

Authors:
João Rodrigues

FCT/UNL -- CITI, Caparica

FCT/UNL -- CITI, Caparica
View Profile

,
Bernardo Ferreira

FCT/UNL -- CITI, Caparica

FCT/UNL -- CITI, Caparica
View Profile

,
Henrique Domingos

FCT/UNL -- CITI, Caparica

FCT/UNL -- CITI, Caparica
View Profile
Authors Info & Affiliations

Publication: MW4NextGen '13: Proceedings of the 8th Workshop on Middleware for Next Generation Internet ComputingDecember 2013 Article No.: 2 Pages 1–6https://doi.org/10.1145/2541608.2541610

MW4NextGen '13: Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing

Pages 1–6

ABSTRACT

In this paper we present the Trusted Mail System (TMS), a dependable Email repository service that explores multiple untrusted storage clouds for storing, accessing and searching private email data. The system architecture provides security and reliability services while leveraging the heterogeneity and diversity offered by different untrusted cloud storage solutions from different service providers. To address dependability issues, TMS enforces a security model that protects confidentiality and integrity of mailboxes stored in those clouds, adding availability, reliability and intrusion-tolerance guarantees. The system uses homomorphic encryption mechanisms and indexing techniques allowing ranked multi-keyword searching operations over encrypted email messages and its contents. We illustrate TMS feasibility from an implemented prototype, evaluating its performance, design options, and services. The experimental results show that the solution is viable, offers reliability and privacy control for the users and does not aggravate conditions of data-access latency and availability.

References

Box Sentry. "Email Integrity: An Emerging Business Issue". December 2009. White Paper. http://www.trustsphere.com/wp-content/uploads/2011/10/Gartner-Email-Integrity-Dec09.pdfGoogle Scholar
I. Ion, N. Sachdeva, P. Kumaraguru, S. Capkun, Home is Safer than the Cloud: Privacy Concerns for Consumer Cloud Storage, Proc. of SOUPS 2011, Symposium on Usable Privacy and Security, Pittsburgh, 2011 Google ScholarDigital Library
P. Verissimo, A. Bessani, M. Pasin. The TClouds architecture: Open and resilient cloud-of-clouds computing, IEEE/IFIP 42nd International Conference on Dependable Systems and Networks Workshops (DSN-W), June, 2012Google ScholarCross Ref
A. Bessani, M. Correia, B. Quaresma, F. André, P. Sousa. DEPSKY: Dependable and Secure Storage in a Cloud-of-Clouds. EuroSys'11, April 10--13, 2011, Salzburg, Austria Google ScholarDigital Library
A. J. Menezes, P. C. Oorschot and S. A. Vanstone, "Secret Sharing," in Handbook of Applied Cryptography, 1996, pp. 524--528Google Scholar
A. Shamir, "How to Share a Secret," Communications of ACM, vol. 22, no. 11, 1979. Google ScholarDigital Library
K. Bozkurt and G. Selcuk, "Threshold Cryptography Based on Blakely Secret Sharing," Information Sciences, 2008.Google Scholar
K. Kaya, S. A. Aydin and Z. Tezcan, "Threshold Cryptography Based on Asmuth-Bloom Secret Sharing," 2007.Google Scholar
V. Shoup, "Practical Threshold Signatures", EUROCRYPT'00, pp. 207--220, 2000. Google ScholarDigital Library
R. Popa, C. Redfield, N. Zeldovich, H. Balakrishnan. CryptDB: Protecting Confidentiality with Encrypted Query Processing. SOSP '11, October 23--26, 2011, Portugal. Google ScholarDigital Library
B. Ferreira and H. Domingos. 2013. Searching Private Data in a Cloud Encrypted Domain. In Proceedings of the 10th International Conference in the RIAO series (OAIR 2013). Google ScholarDigital Library
P. Paillier. "Public - key cryptosystems based on composite degree residuosity classes". In Proceedings of EUROCRYPT'99, Prague, Czech Republic, May 1999. Google ScholarDigital Library
Klimt, Bryan, and Yiming Yang. "Introducing the Enron Corpus." In CEAS. 2004.Google Scholar
S. Shepler, B. Callaghan, D. Robinson, R. Thurlow, C. Beame, M. Eisler, and D. Noveck. NFS version 4 protocol. RFC 3530, April 2003.Google Scholar
J. Howard. An Overview of the Andrew File System. Proceedings of ACM Symposium on Parallel Algorithms and Architectures (SPAA), 2002.Google Scholar
C. Wright, J. Dave and E. Zadok. "Cryptographic file systems performance: What you don't know can hurt you." In SISW'03, pp. 47--47. IEEE, 2003. Google ScholarDigital Library
E. Goh, H. Shacham, N. Modadugu, and D. Boneh. SiRiUS: Securing remote untrusted storage. Proceedings of Network and Distributed Systems Security (NDSS) Symposium, 2003.Google Scholar
M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu. Plutus: Scalable secure file sharing on untrusted storage. Proceedings of USENIX FAST'03, 2003. Google ScholarDigital Library
H. Hacigumus, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over Encrypted Data in the Database-Service-Provider Model. ACM SIGMOD Conference on Management of Data, Jun, 2002. Google ScholarDigital Library

Index Terms

TMS
1. Security and privacy
  1. Network security
2. Software and its engineering
  1. Software organization and properties
    1. Extra-functional properties
      1. Software fault tolerance
    2. Software system structures
      1. Distributed systems organizing principles
        Organizing principles for web applications

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
MW4NextGen '13: Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing
December 2013
37 pages
ISBN:9781450325516
DOI:10.1145/2541608

Conference Chairs:

Karl M. Göschka
Vienna Univ. of Technology, Wien, Austria
,

José Orlando Pereira
Universidade do Minho, Braga, Portugal
,

Patrick C. K. Hung
University of Ontario, Ontario, Canada
Copyright © 2013 ACM
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 9 December 2013
Permissions
Request permissions about this article.
Request Permissions
Author Tags
email security and reliability
secret sharing
searchable encryption
threshold signatures
untrusted cloud storage
homomorphic encryption
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate 7 of 13 submissions, 54%
Upcoming Conference
Middleware '20

Sponsor:

Middleware '20: 21st International Middleware Conference

December 7 - 11, 2020

Delft , Netherlands
Funding Sources
Contributor Metrics
Expand All

Joao Rodrigues

Publication Years2013 - 2015
Publication counts2
Available for Download1
Citation count5
Downloads (cumulative)191
Downloads (6 weeks)0
Downloads (12 months)14
Average Citation per Article3
Average Downloads per Article191
View Full Profile

Bernardo Ferreira

Publication Years2012 - 2015
Publication counts5
Available for Download4
Citation count8
Downloads (cumulative)1,217
Downloads (6 weeks)4
Downloads (12 months)50
Average Citation per Article2
Average Downloads per Article304
View Full Profile

H. J. L. Domingos Faculdade de Ciências e Tecnologia, Universidade Nova de Lisboa

Publication Years1997 - 2015
Publication counts15
Available for Download8
Citation count57
Downloads (cumulative)3,474
Downloads (6 weeks)4
Downloads (12 months)125
Average Citation per Article4
Average Downloads per Article434
View Full Profile
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 191
  Total Downloads
- Downloads (Last 12 months)14
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.