Prova de Doutoramento do aluno Cláudio José Pereira Correia
Área: Engenharia Informática e de Computadores
Título da Tese: Low-Latency Privacy-Preserving Access to Edge Storage
Local da Prova: https://videoconf-colibri.zoom.us/j/91406970909
Data: 28/06/2024
Hora: 13h00
Abstract: Edge computing is a paradigm that extends cloud computing with storage and processing capacity close to the user, providing bandwidth savings and lower latencies. This paradigm assumes the availability of microdatacenters, also known as fog nodes, that are located close to the edge. These nodes are installed and managed by various local providers, whose privileged access to the infrastructure represents a significant security risk for applications and clients. Unethical edge providers may engage in malicious behaviors for financial gains, particularly if their actions remain undetected. Given the high risk associated with dishonest providers, it is crucial to secure the functions fog nodes provide. This thesis is devoted to the design of security mechanisms for data storage in edge computing environments. Given that accessing data with low latency is a primary motivation for adopting edge computing, it is crucial to ensure that data is effectively replicated at the edge and can be accessed in a timely and privacy preserving manner. This thesis addresses these two relevant problems that emerge in edge computing, namely how to ensure that edge providers use local storage as specified in their service level agreements and how to preserve the privacy of edge clients. In this context, the thesis: • Proposes an audit technique that verifies whether a storage node at the edge can retrieve a data object within a specified latency threshold. The technique is based on a cryptographic time-bounded challenge that needs to be executed by the audited node. Leveraging the capabilities of secure hardware, we ensure that the proof of data retrieval is generated by the audited fog node itself. • Proposes a novel authentication technique for access control at the edge to protect stored data from unauthorized entities. This technique aims to preserve client anonymity during authentication processes, despite their physical proximity to fog nodes. The proposed scheme preserves the privacy of clients even after they have been revoked from the system, achieving this more efficiently than all the related work. A promising approach to enhance security in edge storage systems is to resort to the usage of secure hardware, such as Intel SGX enclaves. This thesis explores the use of hardware enclaves to design these two mechanisms, that together, will help edge clients in accessing data with low latency while respecting their privacy.
