UWSpace is currently experiencing technical difficulties resulting from its recent migration to a new version of its software. These technical issues are not affecting the submission and browse features of the site. UWaterloo community members may continue submitting items to UWSpace. We apologize for the inconvenience, and are actively working to resolve these technical issues.
 

Highly Scalable and Secure Mobile Applications in Cloud Computing Systems

Thumbnail Image

Files

Tysowski_Piotr.pdf (2.61 MB)

Date

2013-04-25T19:17:33Z

Authors

Tysowski, Piotr

Journal Title

Journal ISSN

Volume Title

Publisher

University of Waterloo

Abstract

Cloud computing provides scalable processing and storage resources that are hosted on a third-party provider to permit clients to economically meet real-time service demands. The confidentiality of client data outsourced to the cloud is a paramount concern since the provider cannot necessarily be trusted with read access to voluminous sensitive client data. A particular challenge of mobile cloud computing is that a cloud application may be accessed by a very large and dynamically changing population of mobile devices requiring access control. The thesis addresses the problems of achieving efficient and highly scalable key management for resource-constrained users of an untrusted cloud, and also of preserving the privacy of users. A model for key distribution is first proposed that is based on dynamic proxy re-encryption of data. Keys are managed inside the client domain for trust reasons, computationally-intensive re-encryption is performed by the cloud provider, and key distribution is minimized to conserve communication. A mechanism manages key evolution for a continuously changing user population. Next, a novel form of attribute-based encryption is proposed that authorizes users based on the satisfaction of required attributes. The greater computational load from cryptographic operations is performed by the cloud provider and a trusted manager rather than the mobile data owner. Furthermore, data re-encryption may be optionally performed by the cloud provider to reduce the expense of user revocation. Another key management scheme based on threshold cryptography is proposed where encrypted key shares are stored in the cloud, taking advantage of the scalability of storage in the cloud. The key share material erodes over time to allow user revocation to occur efficiently without additional coordination by the data owner; multiple classes of user privileges are also supported. Lastly, an alternative exists where cloud data is considered public knowledge, but the specific information queried by a user must be kept private. A technique is presented utilizing private information retrieval, where the query is performed in a computationally efficient manner without requiring a trusted third-party component. A cloaking mechanism increases the privacy of a mobile user while maintaining constant traffic cost.

Description

Keywords

cloud, mobile, security, privacy

LC Keywords

Citation

URI

http://hdl.handle.net/10012/7449

Collections

Theses
Electrical and Computer Engineering