Transparent Access on Encrypted Data Distributed over Multiple Cloud Infrastructures Luca Ferretti, Michele Colajanni, and Mirco Marchetti University of Modena and Reggio Emilia Modena, Italy {luca.ferretti, michele.colajanni, mirco.marchetti}@unimore.it Adriano Enrico Scaruffi Doxee SpA Modena, Italy ascaruffi@doxee.com Abstract—Using cloud infrastructures to store and backup data is becoming a popular alternative that guarantees perfor- mance and scalability at reasonable prices. However, standard cloud solutions could raise some concerns about data confiden- tiality and dependency on a single provider. We aim to address these issues by using cloud storage of multiple cloud providers. Our solution ciphers, partitions and replicates data among multiple cloud architectures, thus augmenting availability and confidentiality, and avoiding lock-in of one cloud provider. The proposed model is implemented through open source software that leverages data storage offered by multiple providers. This prototype demonstrates the effectiveness of the geographically distributed architecture in several real case scenarios. Keywords- cloud; storage; encryption; file fystem; replication I. I NTRODUCTION Cloud storage is an interesting alternative that allows users to leverage huge size disk spaces characterized by high availability and scalability at pay-per-use cost models. However, when companies outsource their information to the cloud, there are many concerns about data confidentiality and complete dependency on one cloud provider. Issues such as law restrictions [1], vendor lock-in and unavailability cases causing service interruptions and data losses (e.g., [2]) are limiting a widespread adoption of cloud storage solu- tions. This paper proposes a novel architecture that aims to augment data resiliency and confidentiality, and to avoid possible lock-in related to one cloud provider. The idea is to implement a virtual file system where data are encrypted, replicated and disseminated among different cloud providers. In such a way, there is no dependence on one provider, and adopted encryption schemes are robust even against insider attacks and colluding providers. Moreover, we consider it important to provide users with a transparent encrypted access to such virtual file system. Thanks to the proposed standard file system interface, any application operating on files can leverage the proposed architecture without software modifications. In this paper, we demonstrate the efficacy of the proposed architecture by running a relational database on top of it. Existing solutions [3]–[5] concerning data confidentiality, integrity and replication for untrusted storage services do not meet all requirements about encryption, replication and transparency. For example, data replication is not considered in [3]. Unlike our architecture based on the Infrastructure as a Service (IaaS) paradigm, the system described in [4] refers to the more sophisticated and expensive Storage as a Service paradigm. This scheme transparently provides customers with advanced techniques for elasticity, scalability and availability, but it requires the implementation and maintenance of dedicated drivers for each cloud storage API, thus causing additional cloud lock-in problems. The interesting solution proposed in [5] has two drawbacks: it is not quite transparent to the customer because it requires changes at the level of application logic; moreover, it is not resistant against colluding cloud providers. The proposed architecture guarantees data confidentiality and integrity at rest, in motion and in use. To provide users with complete confidentiality of outsourced data we adopt encryption techniques and algorithms of proven security. Data are replicated in a multi-tenant architecture built over multiple cloud storage services. In this paper, we describe the overall model, the details of the architecture components, and the guidelines for its implementation. The remaining part of this paper is structured as following. Section II analyzes other solutions related to our proposal. Section III describes the architectural model and the main requirements. Section IV reports the internal details of the proposed architecture and the main functionalities. Section V presents an example of a relational database that can lever- age the proposed architecture. A summary of the results is reported in Section VI. II. RELATED WORK Data confidentiality on untrusted storage was initially guaranteed by encrypted file systems (e.g., [3], [6]) that allow a customer to encrypt all data stored in a cloud IaaS. However, these solutions do not allow to slice and to replicate data among several cloud providers as provided by previous architectures including that proposed in this paper. Some academic and commercial proposals guaranteeing data confidentiality and integrity by using multi-tenant cloud services are recently appearing. The solutions most related to this paper are iDataGuard [4] and Depsky [5] 201 Copyright (c) IARIA, 2013. ISBN: 978-1-61208-271-4 CLOUD COMPUTING 2013 : The Fourth International Conference on Cloud Computing, GRIDs, and Virtualization