Parametric and Probabilistic Model Checking of Confidentiality in Data Dispersal Algorithms (Extended Version)
This work addresses confidentiality verification for data dispersal in distributed cloud storage systems, which is crucial for organizations using cooperative or interconnected cloud models, though it appears incremental as it applies existing probabilistic model checking methods to this specific domain.
The authors tackled the problem of verifying confidentiality in data dispersal algorithms for distributed cloud storage by developing a unified framework using probabilistic model checking to measure confidentiality against two intruder models. Their experiments showed high confidentiality against slice intruders regardless of provider count, but low confidentiality against provider intruders in networks with few storage providers.
Recent developments in cloud storage architectures have originated new models of online storage as cooperative storage systems and interconnected clouds. Such distributed environments involve many organizations, thus ensuring confidentiality becomes crucial: only legitimate clients should recover the information they distribute among storage nodes. In this work we present a unified framework for verifying confidentiality of dispersal algorithms against probabilistic models of intruders. Two models of intruders are given, corresponding to different types of attackers: one aiming at intercepting as many slices of information as possible, and the other aiming at attacking the storage providers in the network. Both try to recover the original information, given the intercepted slices. By using probabilistic model checking, we can measure the degree of confidentiality of the system exploring exhaustively all possible behaviors. Our experiments suggest that dispersal algorithms ensure a high degree of confidentiality against the slice intruder, no matter the number of storage providers in the system. On the contrary, they show a low level of confidentiality against the provider intruder in networks with few storage providers (e.g. interconnected cloud storage solutions).