Businesses that provide data storage facilities on the internet (IDP) have exploded recently. Such businesses provide the following benefits to end users: a) anytime, anywhere access to data; b) low cost; and c) good quality of service. Examples of data storage providers include Amazon S3 service, Windows SkyDrive, Nirvarnix, etc.

Users face two challenges in utilizing the storage infrastructures of the IDPs: a) Heterogeneity: Different IDPs provide different interfaces to application developers to store and fetch data with them due to lack of accepted standards; and b) Security: Data outsourced to IDPs is vulnerable to attacks from internet thieves and from malicious employees of IDPs.

In this paper, we present the design of iDataGuard, a client side interoperable security middleware that adapts to the heterogeneity of interfaces of IDPs and enforces security constraints on outsourced data. This significantly simplifies the effort for application development. To combat heterogeneity, iDataGuard incorporates an abstract service model that can be easily customized to individual IDPs. To address the security challenges, iDataGuard supports a security model that protects the confidentiality and integrity of outsourced data. We propose a novel indexing technique that allows search on the encrypted data stored at the IDPs. We illustrate the feasibility/efficacy of iDataGuard by implementing the middleware and executing it on two popular IDPs, Amazon S3 service and Gmail.com.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	G. Aggarwal, M. Bawa, P. Ganesan, H. Garcia-Molina, K. Kenthapadi, R. Motwani, U. Srivastava. D. Thomas, Y. Xu. Two Can Keep a Secret: A Distributed Architecture for Secure Database Services. 2nd Biennial Conference on Innovative Data Systems Research, CIDR 2005.
	2	Matt Blaze, A cryptographic file system for UNIX, Proceedings of the 1st ACM conference on Computer and communications security, p.9-16, November 03-05, 1993, Fairfax, Virginia, United States  [doi>10.1145/168588.168590]
	3	A. Briney. The 2001 Information Security Industry Survey. http://www.infosecuritymag.com/archives2001.shtml
	4	Ernesto Damiani , S. De Capitani Vimercati , Sushil Jajodia , Stefano Paraboschi , Pierangela Samarati, Balancing confidentiality and efficiency in untrusted relational DBMSs, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA  [doi>10.1145/948109.948124]
	5	G. Dhillon, and S. Moores. Computer crimes: theorizing about the enemy within. Computers & Security 20 (8):715--723.
	6	E. Goh, H. Shacham, N. Modadugu, and D. Boneh, "SiRiUS: Securing remote untrusted storage," in Proc. Network and Distributed Systems Security (NDSS) Symposium 2003.
	7	E. J. Goh. Secure Indexes. In submission
	8	Hakan Hacigümüş , Bala Iyer , Chen Li , Sharad Mehrotra, Executing SQL over encrypted data in the database-service-provider model, Proceedings of the 2002 ACM SIGMOD international conference on Management of data, June 03-06, 2002, Madison, Wisconsin  [doi>10.1145/564691.564717]
	9	iDataGuard Project page. http://DataGuard.ics.uci.edu. (A full version of the paper is available here).
	10	Ravi Chandra Jammalamadaka , Timothy W. van der Horst , Sharad Mehrotra , Kent E. Seamons , Nalini Venkasubramanian, Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine, Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference, p.57-66, December 11-15, 2006  [doi>10.1109/ACSAC.2006.23]
	11	R. C. Jammalamadaka, R. Gamboni, S. Mehrotra, K. Seamons, N. Venkatasubramanian. gVault: A Gmail Based Cryptographic Network File System. In the proceedings of 21st Annual IFIP WG 11.3 Working Conference on Data and Applications.
	12	Ravi Chandra Jammalamadaka , Roberto Gamboni , Sharad Mehrotra , Kent E. Seamons , Nalini Venkatasubramanian, iDataGuard: middleware providing a secure network drive interface to untrusted internet data storage, Proceedings of the 11th international conference on Extending database technology: Advances in database technology, March 25-29, 2008, Nantes, France  [doi>10.1145/1353343.1353432]
	13	Mahesh Kallahalla , Erik Riedel , Ram Swaminathan , Qian Wang , Kevin Fu, Plutus: Scalable Secure File Sharing on Untrusted Storage, Proceedings of the 2nd USENIX Conference on File and Storage Technologies, March 31-31, 2003, San Francisco, CA
	14	D. Micciancio, An Oblivious Data Structure and its Applications to Cryptography, Massachusetts Institute of Technology, Cambridge, MA, 1996
	15	Gerome Miklau , Dan Suciu, Controlling access to published data using cryptography, Proceedings of the 29th international conference on Very large data bases, p.898-909, September 09-12, 2003, Berlin, Germany
	16	RSA Laboraties. PKCS #5 V2.1: Password Based Cryptography Standard. ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-5v2/pkcs5v2_1.pdf
	17	Dawn Xiaodong Song , David Wagner , Adrian Perrig, Practical Techniques for Searches on Encrypted Data, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.44, May 14-17, 2000
	18	http://www.aws.amazon.com/s3
	19	http://www.http://skydrive.live.com/
	20	http://www.nirvanix.com/
	21	http://www.jungledisk.com