Securing Data in Compromised Clouds

Abstract

Clouds store a lot of sensitive data. Traditional cloud security relies on building software walls around sensitive data to prevent attackers from breaking in. Nevertheless, attackers always manage to break in because software is complex and thus cannot be exploit-free. A line of cryptographic systems, however, departs from this approach, and provides security guarantees even when attackers have compromised the cloud. In this talk, I will survey a decade of such cryptographic systems, highlighting the main design principles and lessons learned, and pointing to the state-of-the-art systems that one can use today.