CAOS: Concurrent-Access Obfuscated Store

Mihai Ordean, Mark Ryan, David Galindo Chacon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

214 Downloads (Pure)

Abstract

This paper proposes Concurrent-Access Obfuscated Store (CAOS), a construction for remote data storage that provides access-pattern obfuscation in a honest-but-curious adversarial model, while allowing for low bandwidth overhead and client storage. Compared to other approaches, the main advantage of CAOS is that it supports concurrent access without a proxy, for multiple read-only clients and a single read-write client. Concurrent access is achieved by letting clients maintain independent maps that describe how the data is stored. Even though the maps might diverge from client to client, the protocol guarantees that clients will always have access to the data. Efficiency and concurrency are achieved at the expense of perfect obfuscation: in CAOS the extent to which access patterns are hidden is determined by the resources allocated to its built-in obfuscation mechanism. To assess this trade-off we provide both a security and a performance analysis of CAOS. We additionally provide a proof-of-concept implementation 1.

Original languageEnglish
Title of host publicationProceedings of the 24th ACM Symposium on Access Control Models and Technologies (SACMAT 2019)
PublisherAssociation for Computing Machinery (ACM)
Pages13-24
Number of pages12
ISBN (Electronic)978-1-4503-6753-0
ISBN (Print)978-1-4503-6753-0
DOIs
Publication statusPublished - 28 May 2019
Event24th ACM Symposium on Access Control Models and Technologies - Ryerson University, Toronto, Canada
Duration: 4 Jun 20196 Jun 2019

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference24th ACM Symposium on Access Control Models and Technologies
Abbreviated titleSACMAT '19
Country/TerritoryCanada
CityToronto
Period4/06/196/06/19

Keywords

  • Access pattern
  • Concurrent-access obfuscated store
  • Data obfuscation

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Fingerprint

Dive into the research topics of 'CAOS: Concurrent-Access Obfuscated Store'. Together they form a unique fingerprint.

Cite this