Many cloud storage services are fairly blunt regarding the lack of confidentiality they provide.
a solution to provide confidential cloud storage is to use client-side encryption (CSE).
The issue of CSECSE complicates file synchronization techniques, such as deduplication and delta encoding, commonly used to reduce the traffic overheads associated with personal cloud storage systems.
The goal of this paperthis paper presents empirical experiments and analysis of CSE-related overheads.
compare and contrast the security and bandwidth saving features implemented by CSE services and non-CSE services.compression, delta encoding, and deduplication
Data confidentiality overhead
This paper focuses on pure CSEs.
Service
CSEsMega, Sync.com, SpiderOak, Tresorit
Mega: AES-128SpiderOak: AES-256-CFB Password-Based Key Derivation Function 2 (PBKDF2)
non-CSEsDropbox, iCloud, Google Drive, Microsoft OneDrive
Baseline methodologyadding files to the cloud services' sync folders and performing targeted system and network measurements during the sync process.
Network trafficusing Python modules netifaces and pcapy among others.
CPU memory overheadusing Python modules psutil
Bandwidth saving feature
Client-side deduplicationDropbox, iCloud, Mega, SpiderOak, and Sync.com
OtherGoogle drive, One Drive and Tresorit
Implementation and Evaluation
EvaluationSetting: Macbook Air, high-speed university network through 10Gb/s.
2. Strength (Contributions of the paper)
This paper presents a comprehensive analysis of state-of-art cloud storage services
3. Weakness (Limitations of the paper)
4. Future Works
how to combine delta encoding with CSEsthe development of optimized delta encoding policies for CSEs, which minimize the bandwidth and storage overhead associated with CSE.