index.html

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta name="description" content="Archistar project site.">
    <meta name="author" content="Thomas Loruenser">

    <title>Archistar - Secure distributed storage</title>

    <!-- Bootstrap core CSS -->
    <link href="css/bootstrap.css" rel="stylesheet">

    <!-- Add custom CSS here -->
    <link href="css/stylish-portfolio.css" rel="stylesheet">
    <link href="font-awesome/css/font-awesome.min.css" rel="stylesheet">
  </head>

  <body>

    <!-- Side Menu -->
    <a id="menu-toggle" href="#" class="btn btn-primary btn-lg toggle"><i class="fa fa-reorder"></i></a>
    <div id="sidebar-wrapper">
      <ul class="sidebar-nav">
        <a id="menu-close" href="#" class="btn btn-default btn-lg pull-right toggle"><i class="fa fa-times"></i></a>
        <li class="sidebar-brand">
          <a href="http://archistar.github.io/archistar.at">Archistar</a>
        </li>
        <li><a href="#top">Home</a></li>
        <li><a href="#intro">Intro</a></li>
        <li><a href="#goals">Goals</a></li>
        <li><a href="#usecases">Use Cases</a></li>
        <li><a href="#methods">Methods</a></li>
        <li><a href="#architecture">Architecture</a></li>
        <li><a href="#results">Results</a></li>
        <li><a href="#partners">Partners</a></li>
      </ul>
    </div>
    <!-- /Side Menu -->
  
    <!-- Full Page Image Header Area -->
    <div id="top" class="header">
      <div class="top-text">
        <h1>Archistar</h1>
        <h3>A framework for building secure distributed storage systems.</h3>
	<br>
        <p><a href="#intro" class="btn btn-default btn-lg">Find Out More</a></p>
	<br><br><br><br><br><br>
	<p><a target="_blank" href="https://prismacloud.eu"><img width="30%" src="img/pclogo.png"></a></p>
      </div>
    </div>
    <!-- /Full Page Image Header Area -->
  
    <!-- Intro -->
    <div id="intro" class="intro">
      <div class="container">
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <h2>
                What is Archistar?
            </h2>
            <p class="lead">
                Archistar is a research project funded by the Austrian Federal Ministry for Transport, Innovation and Technology and the <a target="blank" href="https://prismacloud.eu">European Comission under the H2020 framework programme.</a>
		It is currently part of the <a target="blank" href="https://prismacloud.eu">PRISMACLOUD</a> effort to develop secure and privacy preserving services for the cloud.
		It is dedicated to the development of a secure distributed storage architecture for trustworthy cloud usage.

                The Archistar framework combines <i>Byzantine fault tolerance</i>
                with <i>secure multi-party computation</i> and
                tools from <i>cloud cryptography</i> into a novel system architecture to better protect the data in the cloud. At its core it applies secret sharing, i.e. secure data fragmentation, in a multi-cloud environment to protect from provider related threats.

                <p><img class="img-portfolio img-responsive" width="70%" src="img/as-techniques.png"></p>
                
                An open-source <a href="https://github.com/archistar/archistar-core">software prototype</a>
                is provided, which is capable of connecting multiple cloud resources. 
                This type of configuration is often called multi-cloud paradigm or cloud-of-clouds.
              </p>
          </div>
        </div>
      </div>
    </div>
    <!-- /Intro -->
  
    <!-- Goals -->
    <div id="goals" class="services">
      <div class="container">
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
              <h2>Security goals</h2>
            <hr>
          </div>
        </div>
        <div class="row">
          <div class="col-md-4 col-md-offset-2 text-center">
            <div class="service-item">
              <i class="service-icon fa fa-key"></i>
              <h4>Privacy and integrity</h4>
              <p>The primary goal of Archistar is to guarantee the privacy and integrity of stored
              data by application of strong cryptography, especially secret sharing. Single storage 
              nodes in the system shall get no information about data they are holding, except some meta 
              information, and must not be able to modify it without being detected. Moreover, even 
              colluding minorities of storage nodes must not be capable to recover or modify the plaintext.
              </p>
            </div>
          </div>
          <div class="col-md-4 text-center">
            <div class="service-item">
              <i class="service-icon fa fa-wrench"></i>
              <h4>Robustness</h4>
              <p>Byzantine robustness is the strongest notion in fault tolerant computing and covers the
              development of systems which can cope with arbitrary failures, whether they are passive
              or active. The Archistar system shall survive arbitrary malicious attacks of a predefined 
              minority of system nodes, hence, it shall be robust against so called active insider attacks
              and not only work in the honest but curious adversary model.
              </p>
            </div>
          </div>
        </div>
        <div class="row">
          <div class="col-md-4 col-md-offset-2 text-center">
            <div class="service-item">
              <i class="service-icon fa fa-shield"></i>
              <h4>Availability</h4>
              <p>The basic idea of a distributed storage system shall also give rise to increased 
              availability. If the system is immune against arbitrary failures in subsets of nodes 
              it is automatically robust against outages of single providers. In fact, availability
              as considered typically in the security context is a subset of Byzantine robustness and
              already contained in the liveness guarantees of Byzantine protocols.
              </p>
            </div>
          </div>
          <div class="col-md-4 text-center">
            <div class="service-item">
              <i class="service-icon fa fa-money"></i>
              <h4>No vendor lock-in</h4>
              <p> The rapid development and spread of cloud computing naturally leads to a lack of
              standardization and homogenization of interfaces. Thus, choosing the right
              provider is currently of major concern when going into the cloud. 
              Because the architecture of Archistar comprises a provider agnostic layer 
              it additionally removes the vendor lock-in and thus tremendously alleviates provider 
              selection and migration. Moreover, the core software and protocols will be 
              open source and shall serve as vendor independent interface.
              </p>
            </div>
          </div>
        </div>
      </div>
    </div>
    <!-- /Goals -->

    <!-- Callout -->
    <div class="callout">
      <div class="vert-text">
        <h1>Data privacy is an issue!</h1>
      </div>
    </div>
    <!-- /Callout -->

    <!-- Use cases -->
    <div id="usecases" class="portfolio">
      <div class="container">
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
            <h2>Use Cases</h2>
            <hr>
          </div>
        </div>
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <p>
              Many different scenarios can be covered by an Archistar like configuration. The
              main idea is to provide a secure and robust storage solution in outsourcing
              scenarios. If private data is put on external infrastructure outside
              of the own security perimeter, extreme care must be taken to keep the required 
              security properties. Although, a special contractual basis can help to force 
              trustworthiness in providers, the client is still ultimately responsible
              for his data.
            </p>
            <p>
              In an Archistar setup security is guaranteed by cryptographic means and the
              client can convincingly prove his effort in data protection. Moreover, also the
              provider has perfect arguments to denial knowledge of the data he is storing
              and can propose relaxed service level agreements with cheaper pay plans.
              One can think of an Archistar configuration like a secure cloud-RAID 
              configuration with more additional features. The system shall support multiple
              users and additionally multimodal encryption, hence, different data is distributed
              with different algorithms dependent on the required properties.
            </p>
            <p>
              Because secure data storage should be of paramount interest even for 
              end users, we selected the use case <i>personal digital safe</i> for demonstration
              of the project prototype. However, the software core will be independent of 
              this special scenario and could be used in many other situation. The overall
              configuration is shown in the following figure.
            </p>
            <p><img class="img-portfolio img-responsive"  src="img/cloud-of-clouds3.png"></p>
            <h4><i>Figure: Use case digital safe</i></h4>
            <p>&nbsp;</p>
            <p>
              Please note, this is a <b>research project</b> and the developed software is 
              currently <b>not ready for poduction usage</b>.
            </p>

          </div>
        </div>
      </div>
    </div>
    <!-- /Use cases -->

    <!-- Methods -->
    <div id="methods" class="portfolio">
      <div class="container">
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
            <h2>Methods used </h2>
            <hr>
          </div>
        </div>
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <h3><i>Byzantine robustness</i></h3>
              Byzantine robustness guarantees survivability even against arbitrary malicious insiders,
              as long as less than one third of all nodes are compromised. A Byzantine layer works as a
              consensus system between all parties, whereby malice players cannot influence the consensus
              of all hones parties. Archistar uses such a BFT layer at its core, to guarantee consistency,
              linearity and liveness for plaintext information and meta data. The BFT layer will also be
              responsible for user authentication and access control in the case of a multi user scenario.
            <hr>
            
            <h3><i>Secure multi-party computation</i></h3>
            <p>
              Privacy and integrity will be guaranteed by the use of secret sharing techniques
              when distributing information. In the Archistar prototype we integrate various 
              secret sharing techniques into the byzantine layer to add privacy and integrity for 
              stored data. The system will support secret sharing and robust secret sharing variants, which
              are giving information theoretical privacy guarantees. For efficiency reasons Archistar
              will also support computational secure secret sharing, which are not information theoretical
              secure, but have less data overhead than perfect secret sharing. They are more like a 
              a secure RAID 6 systems over multiple clouds. However, the use of secret sharing in contrast
              to general symmetric encryption greatly simplifies key management and paves the way
              for multimodal encryption.
            </p>
            <hr>

            <h3><i>Cloud cryptography</i></h3>

            <p>
              Extending the storage backend with active components to run application logic is a major difference
              to currently existing multi-cloud storage solutions. Active cloud elements are required to run
              BFT logic and protocols but can be also used to further enhance system capabilities. In the case
              of Archistar we plan to integrate two methods from the area of cloud cryptography, namely,
              <i>searchable encryption</i> and <i>remote data checking</i>.
            </p>
            <p>
              The use of searchable encryption allows Archistar clients to offload index searches without
              sacrificing privacy. The nodes will run encrypted search queries on encrypted index files for 
              the clients. Thus, ideally they process user queries without learning information about the 
              data they are holding.
            </p>
            <p>
              Built-in remote data checking capabilities will help to run consistency checks on the stored data
              without downloading them to the client. Ideally regular testing is done by an external 
              security monitor process which does not necessarily need access to the data itself and 
              therefore could run in an untrusted environment.
            </p>
            <hr>

            <h3><i>Unique combination</i></h3>

            <p>
              To our best knowledge, the Archistar prototype is the first open source platform 
              which will demonstrate the feasibility and benefits of combining all these techniques.
              Moreover, it should facilitate further research for increased use of cryptography 
              in cloud settings to relax the trust level of providers.
            </p>
          </div>
        </div>
      </div>
    </div>
    <!-- /Methods -->

    <!-- Architecture -->
    <div id="architecture" class="portfolio">
      <div class="container">
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
            <h2>Architecture</h2>
            <hr>
          </div>
        </div>
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <p>
              A rough sketch of the architecture in the figure below shows three main layers.
            </p>
            <p><img class="img-portfolio img-responsive"  src="img/safe-architecture.png"></p>
            <h4><i>Figure: System layers</i></h4>
            <hr>
          </div>
        </div>
      </div>
    </div>
    <!-- /Architecture -->

    <!-- Results -->
    <div id="results" class="call-to-action">
      <div class="container">
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
            <h2>Status and results</h2>
            <hr>
          </div>
        </div>
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <h3>Citing Archistar</h3>

            <p>If you find Archistar useful for your work or if you use Archistar in a project, paper, website, etc., please cite the software as:</p>

            <p>[1] T. Loruenser, A. Happe, D. Slamanig: <i>"ARCHISTAR: Towards Secure and Robust Cloud Based Data Sharing"</i>; Vortrag: Cloud Computing Technology and Science (CloudCom), 2015, Vancouver, Canada; 30.11.2015 - 03.12.2015; in: "CloudCom 2015", IEEE, (2016), S. 371 - 378.</p>


            <h3>More Publications</h3>


	    <p>D. Demirel, S. Krenn, T. Lorünser, G. Traverso: <i>"Efficient and Privacy Preserving Third Party Auditing for a Distributed Storage System"</i>; Vortrag: ARES 2016, Salzburg; 31.08.2016 - 02.09.2016; in: "ARES 2016", IEEE Computer Society, (2016), ISBN: 978-1-5090-0990-9; S. 88 - 97.<p>

            <p>T. Loruenser, A. Happe, D. Slamanig. <i>"ARCHISTAR: Towards Secure and Robust Cloud Based Data Sharing"</i>; Vortrag: Cloud Computing Technology and Science (CloudCom), 2015, Vancouver, Canada; 30.11.2015 - 03.12.2015; in: "CloudCom 2015", IEEE, (2016), S. 371 - 378.</p>

            <p><i>Tobias Pulls, Daniel Slamanig</i>. On the Feasibility of (Practical) Commercial Anonymous Cloud Storage – In submission to Transactions on Data Privacy (TDP), 2013.</p>

            <p><i>C. Hanser and D. Slamanig</i>. Efficient Simultaneous Privately and Publicly Verifiable Robust Provable Data Possession from Elliptic Curves. In 10th International Conference on Security and Cryptography (SECRYPT 2013), Reykjavik, Iceland, 29-31 July 2013. Note: This is the full version which is available as Cryptology ePrint Archive Report 2013/392 (pp. 15–26).</p>

            <p><i>D. Slamanig and C. Hanser</i>. On Cloud Storage and the Cloud of Clouds Approach. In ICITST-2012 (pp. 649–655). IEEE Press, 2012.</p>
          </div>
        </div>
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <h3>Software prototype</h3>
            <p>Preliminary results of Archistar are Open Source and available on GitHub.</p>
            <a href="https://github.com/Archistar" class="btn btn-lg btn-default">Archistar Repository</a>
          </div>
        </div>
      </div>
    </div>
    <!-- /Results -->

    <!-- Funding organizations -->
    <div id="partners" class="intro">
      <div class="container">
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
            <h2>Acknowledgement </h2>
            <hr>
          </div>
        </div>
        <div class="row">
          <div class="col-md-4 col-md-offset-2 text-center">
            <a target="_blank" href="https://prismacloud.eu"><img width="25%" src="img/europe.jpg"></a>
	    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
	    <a target="_blank" href="https://prismacloud.eu"><img width="20%" src="img/pclogo.png"></a>
          </div>
          <div class="col-md-4 text-center">
            <div class="portfolio-item">
              <h4>
                <p><a target="blank" href="https://prismacloud.eu">
			Archistar ist part of the currently ongoing PRISMACLOUD project.
			This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 644962.
		</a></p>
              </h4>
            </div>
          </div>
        </div>
        <div class="row">
          <div class="col-md-4 col-md-offset-2 text-center">
            <a target="_blank" href="http://www.ait.ac.at"><img width="80%" src="img/ait_logo.png"></a>
          </div>
          <div class="col-md-4 text-center">
            <div class="portfolio-item">
              <h4>
                <p><a target="blank" href="http://www.ait.ac.at">ARCHISTAR is mainly developed by a team of security and privacy enthusiast at AIT Austian Institute of Technology GmbH</a></p>
              </h4>
            </div>
          </div>
        </div>
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
            <h2>Contact</h2>
            <hr>
          </div>
        </div>
        <div class="row">
          <div class="col-md-4 col-md-offset-4 text-center">
            <p>&nbsp;</p>
            <p><img width="90%" src="img/archistar_logo.png"></p>
          </div>
        </div>
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <h4>If you are interested in collaborating,<br/> please contact us at 
              <a href="https://github.com/archistar">GitHub</a>!
            </h4> 
          </div>
        </div>
        <div class="row">
          <div class="col-md-8 col-md-offset-2 text-center">
            <h4>
              You can also directly contact us via 
              <a href="mailto:thomas.loruenser@ait.ac.at">Thomas Lorünser.</a>
            </h4> 
          </div>
        </div>

      </div>
    </div>
    <!-- /Partners -->

    <!-- Footer -->
    <footer>
      <div class="container">
        <div class="row">
          <div class="col-md-6 col-md-offset-3 text-center">
            <div class="top-scroll">
              <a href="#top"><i class="fa fa-circle-arrow-up scroll fa-4x"></i></a>
            </div>
            <hr>
            <p>Copyright &copy; <a href="http://www.ait.ac.at">
                AIT-Austrian Institute of Technology GmbH 2017</a>
            </p>
          </div>
        </div>
      </div>
    </footer>
    <!-- /Footer -->

    <!-- Bootstrap core JavaScript -->
    <!-- Placed at the end of the document so the pages load faster -->
    <script src="js/jquery.js"></script>
    <script src="js/bootstrap.js"></script>

    <!-- Custom JavaScript for the Side Menu and Smooth Scrolling - Put in a custom JavaScript file to clean this up -->
    <script>
        $("#menu-close").click(function(e) {
            e.preventDefault();
            $("#sidebar-wrapper").toggleClass("active");
        });
    </script>
    <script>
        $("#menu-toggle").click(function(e) {
            e.preventDefault();
            $("#sidebar-wrapper").toggleClass("active");
        });
    </script>
    <script>
      $(function() {
        $('a[href*=#]:not([href=#])').click(function() {
          if (location.pathname.replace(/^\//,'') == this.pathname.replace(/^\//,'') 
            || location.hostname == this.hostname) {

            var target = $(this.hash);
            target = target.length ? target : $('[name=' + this.hash.slice(1) +']');
            if (target.length) {
              $('html,body').animate({
                scrollTop: target.offset().top
              }, 1000);
              return false;
            }
          }
        });
      });
    </script>

  </body>

</html>