Today's computing and storage services mandates security and correctness assurances to detect and deter malicious attacks or faulty behavior. This is particularly relevant for network storage services such as networked file systems.
In this project we will build robust, efficient, and scalable content-search mechanisms for networked data storage using three strong security assurances: (1) data confidentiality, (2) search pattern privacy, and (3) data retrieval correctness.
Today's networked storage services are fundamentally insecure and vulnerable to faulty behavior by even weak attackers, because they do not handle all three dimensions consistently. There exists a strong relationship between such assurances. The lack of access pattern privacy usually allows for statistical attacks compromising data confidentiality. Even if privacy and confidentiality assurances are in place, to be practical, networked storage should allow remote searching within the outsourced data without compromising its confidentiality. Moreover, if the remote store cannot be fully trusted, search query completeness and data retrieval integrity (i.e., correctness) become essential. Therefore, solutions which address these dimensions separately are incomplete and insecure. We will handle them jointly.
The total cost of ownership of storage is 5-10 times greater than the hardware costs, and more information is produced and lives digitally every day. In the coming years, secure, robust, and efficient storage management will be demanded by users. This project will greatly advance this field, creating a framework for remote-storage businesses to flourish, and for users in all fields flocking to use these new services.
