Challenges in Cloud and Mobile Computing (COMS E6998-7)

None; Roxana will cover tech trends, broad advantages and challenges, class overview, and project ideas.

Slides: [PDF] (accessible from Columbia IPs only).

Above the clouds: A Berkeley view of cloud computing. M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A. Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I. Stoica, M. Zaharia. Technical Report UCB/EECS-2009-28, 2009. [PDF]

Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. In Proceedings of the ACM Conference on Computing Communications Security (CCS), 2009. [PDF]

Optional papers.

Slides: Background (Roxana), Above the Clouds (Avner), Get Off My Cloud (Yang). (Accessible from Columbia IPs only.)

None.

None.

Public key encryption with keyword search. D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano. In Proceedings of the IACR Annual Eurocrypt Conference, 2004. [PDF]

Computing arbitrary functions of encrypted data. C. Gentry. In Communications of the ACM, 2008. [PDF]

Optional papers.

Slides: Searchable encryption, FHE. (Accessible from Columbia IPs only.)

Project description due (1 page).

Presenters

SPORC: Group collaboration using untrusted cloud resources. A. Feldman, W. Zeller, M. Freedman, and E. Felten. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2010. [PDF]

Secure attribute-based systems. M. Pirretti, P. Traynor, P. McDaniel, and B. Waters. In Proceedings of the ACM Conference on Computing Communications Security (CCS), 2006. [PDF]

Optional papers.

Sadly, my drive crashed and I could not recover these slides.

On the impossibility of cryptography alone. M. van Dijk and A. Juels. In Proceedings of the USENIX Workshop on Hot Topics in Security (HotSec), 2010. [PDF]

On the (im)practicality of securing untrusted computing clouds with cryptography. Y. Chen and R. Sion. Technical report, State University of New York, 2010. [PDF]

Slides: Background (Roxana), Cloud Economics Talk by Radu Sion (Roxana), On the Impossibility of Crypography Alone (Rachid). (Accessible from Columbia IPs only.)

None.

Presenters

Bootstrapping trust in commodity computers. B. Parno, J. M. McCune, and A. Perrig. In Proceedings of IEEE Symposium on Security and Privacy (Oakland), 2010. [PDF]

Private virtual infrastructure for cloud computing. F. Krautheim. In Proceedings of the USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), 2009. [PDF]

Optional papers.

Slides: Trusted hardware and TPM background (Roxana), Bootstrapping trust survey (Huayang), Private virtual infrastructure (Wentian). (Accessible from Columbia IPs only.)

None.

Presenters

Terra: a virtual machine-based platform for trusted computing. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. In Proceedings of the ACM Symposium on Operating Systems Principles (SOSP), 2003. [PDF]

Flicker: an execution infrastructure for TCB minimization. J. M. McCune, B. Parno, A. Perrig, M. K. Reiter, H. Isozaki. In Proceedings of the European Conference on Computer Systems (EuroSys), 2008. [PDF]

Optional papers.

Slides: Terra Trusted VMM and Limitations of Trusted Hardware (Roxana) and Flicker (Siddarth). (Accessible from Columbia IPs only.)

Progress report (2 pages).

Presenters

Homework 1 out.

FairplayMP: A system for secure multi-party computation. A. Ben-David, N. Nisan, and B. Pinkas. In Proceedings of the ACM Conference on Computing Communications Security (CCS), 2008. [PDF]

Vanish: Increasing data privacy with self-destructing data. R. Geambasu, T. Kohno, A. Levy, and H. M. Levy. In Proceedings of the USENIX Security Symposium, 2009. [PDF]

Optional papers.

Slides: Background and Vanish (Roxana), FairplayMP (Nisha). (Accessible from Columbia IPs only.)

Presenters

PORs: Proofs of retrievability for large files. A. Juels and B. S. Kaliski Jr. In Proceedings of the ACM Conference on Computing Communications Security (CCS), 2007. [PDF]

How to tell if your cloud files are vulnerable to drive crashes. K. Bowers, M. van Dijk, A. Juels, A. Oprea, and R. Rivest. In Cryptology ePrint Archive (IACR), Report 2010/214, 2010. [PDF]

Optional papers.

Slides: Auditing vision and PORs (Roxana), Measuring data replication (Weikang), HAIL (Rohit). (Accessible from Columbia IPs only.)

Presenters

Homework 1 due at 12pm.

TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2010. [PDF]

"These Aren't the Droids You're Looking For:" Retrofitting Android to Protect Data from Imperious Applications. P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS) , 2011. [PDF]

Optional papers.

None.

Zero-interaction authentication. M. D. Corner and B. D. Noble. Zero-interaction authentication. In Proceedings of the Annual International Conference on Mobile Computing and Networking (MobiCom), 2002. [PDF]

Keypad: An auditing file system for theft-prone devices. R. Geambasu, J. P. John, S. D. Gribble, T. Kohno, and H. M. Levy. In Proceedings of the European Conference on Computer Systems (EuroSys), 2011. [PDF]

Optional papers.

Preliminary project report (4 pages)

Presenters

EnsemBlue: Integrating distributed storage and consumer electronics. D. Peek and J. Flinn. In Proceedings of the Symposium on Operating Systems Design and Implementation, 2006. [PDF]

Break early for Thanksgiving.

None.

Presenters

Homework 2 due.

No papers; free-form discussion and wrap-up.

No papers; students will present/demo their projects.

Project presentations.

Detailed project report outline due.

No class.

Final reports due (10-12 pages).