21 February 2017
San Francesco - Via della Quarquonia 1 (Classroom 2 )
Cloud-based storage services such as Dropbox, Google Drive and OneDrive are increasingly popular for storing enterprise data, and they have already become the de facto choice for cloud-based backup of hundreds of millions of regular users. Drawn by the wide range of services they provide, no upfront costs and 24/7 availability across all personal devices, customers are well-aware of the benefits that these solutions can bring. However, most users tend to forget -or worse ignore - some of the main drawbacks of such cloud-based services, namely in terms of privacy. Data entrusted to these providers can be leaked by hackers, disclosed upon request from a governmental agency's subpoena, or even accessed directly by the storage providers (e.g., for commercial benefits). While there exist solutions to prevent or alleviate these problems, they typically require direct intervention from the clients, like encrypting their data before storing it, and reduce the benefits provided such as easily sharing data between users. The first part of this seminar reports our evaluation over a wide range of security mechanisms that can be used atop standard cloud-based storage services. We present the details of our evaluation testbed and discuss the design choices that have driven its implementation. We evaluate several state-of-the-art techniques with varying security guarantees responding to user-assigned security and privacy criteria. Our results reveal the various trade-offs of different techniques by means of representative workloads on top of industry-grade storage services. The second part will present ErasureBench, an experimental testbed implemented and deployed at the University of Neuchatel to evaluate the cost/performance tradeoffs of erasure coding techniques in the context of large-scale distributed storage systems. These contributions have been recently presented at the IEEE SRDS 2016 held last year in Budapest, Hungary.