OmniShare: Encrypted Cloud Storage for the Multi-Device Era

Andrew Paverd; Sandeep Tamrakar; Hoang Long Nguyen; Praveen Pendyala; Thien Duc Nguyen; Elizabeth Stobert; Tommi Gröndahl; N. Asokan; Ahmad-Reza Sadeghi

doi:10.1109/MIC.2018.043051462

OmniShare: Encrypted Cloud Storage for the Multi-Device Era

Andrew Paverd, Sandeep Tamrakar, Hoang Long Nguyen, Praveen Pendyala, Thien Duc Nguyen, Elizabeth Stobert, Tommi Gröndahl, N. Asokan, Ahmad-Reza Sadeghi

Research output: Contribution to journal › Article › Scientific › peer-review

1 Citation (Scopus)

Abstract

Two attractive features of cloud storage services are the automatic synchronization of files between multiple client devices and the possibility to share files with other users. However, many users are concerned about the security and privacy of data stored in the cloud. Client-side encryption is an effective safeguard, but requires all client devices to have the decryption key. Current solutions derive these keys from user-chosen passwords, which are easily guessed. We present OmniShare, the first scheme to combine strong client-side encryption with intuitive key distribution mechanisms to enable access from multiple client devices and sharing between users. OmniShare uses a novel combination of out-of-band channels, including QR codes and ultrasonic communication, as well as the cloud storage service itself, to authenticate new devices. We describe the design and implementation of OmniShare, and explain how we evaluated its security (using formal methods), its performance (benchmarks), and its usability (cognitive walkthrough).

Original language	English
Pages (from-to)	27-36
Journal	IEEE INTERNET COMPUTING
Volume	22
Issue number	4
Early online date	2018
DOIs	https://doi.org/10.1109/MIC.2018.043051462
Publication status	Published - 1 Aug 2018
MoE publication type	A1 Journal article-refereed

Keywords

software
software engineering
operating systems
security and privacy protection
access controls
network-level security and protection
general
communication
networking and information technology
computing milieux
management of computing and information systems
miscellaneous
security

Access to Document

10.1109/MIC.2018.043051462

https://arxiv.org/abs/1511.02119

OpenUrl availability

Full text

CloSer: Cloud-assisted Security Services
Kurnikov, A., Asokan, N., Paverd, A., Liu, J. & Tamrakar, S.
01/09/2016 → 31/08/2018
Project: Business Finland: Other research funding
Cloud Security Services - Pilven tietoturvapalvelut
Tamrakar, S., Paverd, A., Liu, J., Nyman, T., Asokan, N. & Bhattacharya, S.
01/07/2014 → 30/06/2016
Project: Academy of Finland: Other research funding

Cite this

@article{84a1858961a64b1bad186f53f9ee705a,

title = "OmniShare: Encrypted Cloud Storage for the Multi-Device Era",

abstract = "Two attractive features of cloud storage services are the automatic synchronization of files between multiple client devices and the possibility to share files with other users. However, many users are concerned about the security and privacy of data stored in the cloud. Client-side encryption is an effective safeguard, but requires all client devices to have the decryption key. Current solutions derive these keys from user-chosen passwords, which are easily guessed. We present OmniShare, the first scheme to combine strong client-side encryption with intuitive key distribution mechanisms to enable access from multiple client devices and sharing between users. OmniShare uses a novel combination of out-of-band channels, including QR codes and ultrasonic communication, as well as the cloud storage service itself, to authenticate new devices. We describe the design and implementation of OmniShare, and explain how we evaluated its security (using formal methods), its performance (benchmarks), and its usability (cognitive walkthrough).",

keywords = "software, software engineering, operating systems, security and privacy protection, access controls, network-level security and protection, general, communication, networking and information technology, computing milieux, management of computing and information systems, miscellaneous, security ",

author = "Andrew Paverd and Sandeep Tamrakar and Nguyen, {Hoang Long} and Praveen Pendyala and Nguyen, {Thien Duc} and Elizabeth Stobert and Tommi Gr{\"o}ndahl and N. Asokan and Ahmad-Reza Sadeghi",

year = "2018",

month = aug,

day = "1",

doi = "10.1109/MIC.2018.043051462",

language = "English",

volume = "22",

pages = "27--36",

journal = "IEEE INTERNET COMPUTING",

issn = "1089-7801",

publisher = "IEEE",

number = "4",

}

TY - JOUR

T1 - OmniShare: Encrypted Cloud Storage for the Multi-Device Era

AU - Paverd, Andrew

AU - Tamrakar, Sandeep

AU - Nguyen, Hoang Long

AU - Pendyala, Praveen

AU - Nguyen, Thien Duc

AU - Stobert, Elizabeth

AU - Gröndahl, Tommi

AU - Asokan, N.

AU - Sadeghi, Ahmad-Reza

PY - 2018/8/1

Y1 - 2018/8/1

N2 - Two attractive features of cloud storage services are the automatic synchronization of files between multiple client devices and the possibility to share files with other users. However, many users are concerned about the security and privacy of data stored in the cloud. Client-side encryption is an effective safeguard, but requires all client devices to have the decryption key. Current solutions derive these keys from user-chosen passwords, which are easily guessed. We present OmniShare, the first scheme to combine strong client-side encryption with intuitive key distribution mechanisms to enable access from multiple client devices and sharing between users. OmniShare uses a novel combination of out-of-band channels, including QR codes and ultrasonic communication, as well as the cloud storage service itself, to authenticate new devices. We describe the design and implementation of OmniShare, and explain how we evaluated its security (using formal methods), its performance (benchmarks), and its usability (cognitive walkthrough).

AB - Two attractive features of cloud storage services are the automatic synchronization of files between multiple client devices and the possibility to share files with other users. However, many users are concerned about the security and privacy of data stored in the cloud. Client-side encryption is an effective safeguard, but requires all client devices to have the decryption key. Current solutions derive these keys from user-chosen passwords, which are easily guessed. We present OmniShare, the first scheme to combine strong client-side encryption with intuitive key distribution mechanisms to enable access from multiple client devices and sharing between users. OmniShare uses a novel combination of out-of-band channels, including QR codes and ultrasonic communication, as well as the cloud storage service itself, to authenticate new devices. We describe the design and implementation of OmniShare, and explain how we evaluated its security (using formal methods), its performance (benchmarks), and its usability (cognitive walkthrough).

KW - software

KW - software engineering

KW - operating systems

KW - security and privacy protection

KW - access controls

KW - network-level security and protection

KW - general

KW - communication

KW - networking and information technology

KW - computing milieux

KW - management of computing and information systems

KW - miscellaneous

KW - security

U2 - 10.1109/MIC.2018.043051462

DO - 10.1109/MIC.2018.043051462

M3 - Article

VL - 22

SP - 27

EP - 36

JO - IEEE INTERNET COMPUTING

JF - IEEE INTERNET COMPUTING

SN - 1089-7801

IS - 4

ER -

OmniShare: Encrypted Cloud Storage for the Multi-Device Era

Abstract

Keywords

Access to Document

OpenUrl availability

Fingerprint

Projects

CloSer: Cloud-assisted Security Services

Cloud Security Services - Pilven tietoturvapalvelut

Cite this