Cloud computing has emerged as today's most exciting computing paradigm shift in information technology. With the efficient sharing of abundant computing resources in the cloud, users can economically enjoy the on-demand high quality cloud applications and services without committing large capital outlays locally. While the cloud benefits are compelling, its unique attributes also raise many security and privacy challenges in areas such as data security, recovery, privacy, access control, trusted computing, as well as legal issues in areas such as regulatory compliance, auditing, and many others. To implement secure and privacy-aware environments which can provide on-demand computing and high-quality service for cloud users is extremely urgent. Blockchain is another paradigm shift and drew a lot of recent attentions from both academia and industry. Moreover, blockchain and cloud have many interplays.
Building on the success of 7 versions of the International Workshop on Security in Cloud Computing (SCC), held often with ACM AsiaCCS, we plan this year to rebrand it to include blockchain as well and organize this workshop again for the eighth edition. This workshop is intended to bring together researchers, developers, and practitioners in security, privacy and mobile computing communities. We will encourage submissions on all theoretical and practical aspects, as well as experimental studies of deployed systems.
Topics of interests include (but are not limited to) the following subject categories:
Submissions must be written in English with at most 6 pages plus up to 2 pages of appendices. Submissions must be in double-column ACM format with a font no smaller than 9 point. Please use the ACM SIG Proceedings Templates (download here). Only PDF files will be accepted. Accepted papers will be published by ACM Press as conference proceedings in USB thumb drives and in the ACM DigitalLibrary.
Electronic submission site: https://easychair.org/conferences/?conf=sbc2021
|10:00 - 11:00||
Blockchains + Network Privacy = A Nightmare
The hope that cryptography and decentralization together might ensure robust user privacy was among the strongest drivers of the early success of blockchains like Bitcoin. A desire for privacy still permeates the growing blockchain user base today. Nevertheless, due to the inherently public nature of most blockchain ledgers, users’ privacy is severely restricted, and de-deanonymization attacks are prevalent. Several privacy solutions have been proposed to solve these issues, and a few have been implemented. Nevertheless, some key challenges remain unresolved and a few among those seem to be unsolvable in the information-theoretic and cryptographic sense. In this talk, we discuss privacy challenges, promising solutions, and unresolved privacy issues with blockchains. In particular, we study prominent privacy attacks, analyze the existing privacy solutions, and finally describe interesting unresolved challenges towards publishing and retrieving transactions privately.
Prof. Aniket Kate is an Associate Professor in the computer science department at Purdue university. He is an applied cryptographer and a privacy researcher. His research builds on and expands applied cryptography, distributed computing, and data-driven analysis to solve security/privacy problems in decentralized environments. His current projects focus on communication freedom and distributed ledgers (or blockchains). He is a recipient of the NSF CAREER Award for 2019.
Before joining Purdue in 2015, he was a junior faculty member at Saarland University, Germany. He completed his postdoctoral fellowship at Max Planck Institute for Software Systems (MPISWS), Germany. He has received his PhD from the University of Waterloo, Canada, and his masters from IIT-Bombay, India.
|11:00 - 11:30||
Audita: A Blockchain-based Auditing Framework for Off-chain Storage
Danilo Francati, Giuseppe Ateniese, Abdoulaye Faye, Andrea Maria Milazzo, Angelo Massimo Perillo, Luca Schiatti and Giuseppe Giordano
|11:30 - 12:00||
Dagger: Optimistic Byzantine Fault-Tolerance without Rollback
Hao Lu, Jian Liu, Peilun Li, Guozheng Yang, Cheng Zang, Jiajun Chen and Kui Ren
|12:00 - 12:30||
AlphaBlock: An Evaluation Framework for Blockchain Consensus Algorithms
Zhijie Ren, Haitao Xiang, Ziheng Zhou, Ning Wang and Hanqing Jin
|12:30 - 13:00||
Towards A First Step to Understand Flash Loan and Its Applications in DeFi Ecosystem
Dabao Wang, Siwei Wu, Ziling Lin, Lei Wu, Xingliang Yuan, Yajin Zhou, Haoyu Wang and Kui Ren
|13:00 - 13:30||
Proof of Comprehensive Performance
Chenhe Zhang, Xinle Cao, Jian Liu and Kui Ren
|13:30 - 14:30||
Towards Secure and Scalable Blockchain Technologies
The blockchain technology is rapidly gaining grounds as a key technology, especially in the financial and supply chain management sectors. This is largely due to the ability of the technology to (i) efficiently manage the sharing of digital resources between a large number of stakeholders and (ii) to efficiently manage disputes arising in the process.
In spite of its many advantages, experience with existing blockchain proposals reveals that there are still many challenges that need to be overcome prior to any large scale industrial adoption, namely:
Scalability. Existing permissionless blockchains (e.g., Bitcoin) are able to scale to a considerable number of nodes at the expense of attained throughput (e.g., Bitcoin can only achieve few transactions per second). On the other hand, permissionbased blockchains can achieve relatively higher throughput, but can only scale to few hundred nodes. However, one needs to cater for both performance and scalability to meet industrial standards.
Privacy of lightweight clients. Most open blockchain platforms support lightweight clients, targeted for devices like smartphones, that only download and verify a small part of the chain. Here, clients connect to a full node that has access to the complete blockchain and can assist the client in transaction confirmation. As the full node has to learn all transactions issued and received by the requesting client to verify their correctness, such action obviously violates user privacy.
In this talk, we plan to overview a number of security challenges pertaining to existing blockchains - effectively capturing almost 8 years of research in this area of work. Moreover, we plan to discuss the performance limitations of existing blockchain - based consensus algorithms and explore different concepts leveraging trusted execution environments (TEEs) to enhance the scalability and security of existing consensus algorithms.
Finally, we will discuss the privacy provisions of existing lightweight client implementations and explore the solution space to enhance user privacy by leveraging functionality from TEEs.
Ghassan leads the Security research group of NEC Labs in Germany. He joined NEC Labs in April 2012 as a research staff member. He holds a PhD degree in Computer Science from ETH Zurich. Before joining NEC Labs, he was working as a postdoctoral researcher in the Institute of Information Security of ETH Zurich, Switzerland.
Ghassan is interested in all aspects of security and privacy with a focus on cloud security, IoT security, network security, and Blockchain security. He is the author of the “Bitcoin and Blockchain security” book, and an inventor of many patents in the blockchain and security areas. He is also a member of the IEEE and the ACM.