A Trusted Third-party (TTP) based Encryption Scheme for Ensuring Data Confidentiality in Cloud Environment

Purpose This paper aims to present a case wherein a public archive intervenes in maintaining and preserving digital records (including underlying technological infrastructure) created by a private company to protect the trustworthiness of records, thereby helping the company to discharge their accountability. Design/methodology/approach This paper details the intervention of Tianjin Municipal Archives in the management of the records of Tianjin Otis Elevator Co., Ltd, the technical infrastructure that enables and supports such configuration, the issues encountered and the theoretical implications of this case. Findings This case suggests that not only does the concept of archives as a trusted third party remain relevant in the changing technological environment but also, in certain cases (e.g. wherein the supplier of evidentiary documents holds a monopoly over an industry), archives are becoming increasingly critical in maintaining the reliability and authenticity of digital records in the cloud environment. Research limitations/implications Given the challenges raised by the emerging cloud environment, it is vital to develop a renewed understanding of the concept of archives as a trusted third party, the relationship between archives and commercial third party services and the relationship between public archives and private records. Furthermore, this case identifies the need to re-examine archival methodologies to protect the authenticity of structured data. Originality/value This case exemplifies how archives can help private organizations address issues related to guaranteeing and demonstrating the evidential nature of digital records and provides empirical evidence for archives being conceptualized as a trusted third party in maintaining and preserving digital records.

Download Full-text

Data Security Protocol with Blind Factor in Cloud Environment

Information ◽

10.3390/info12090340 ◽

2021 ◽

Vol 12 (9) ◽

pp. 340

Author(s):

Ping Zhang ◽

Huanhuan Chi ◽

Jiechang Wang ◽

Youlin Shang

Keyword(s):

Data Security ◽

Security Protocol ◽

Third Party ◽

Cloud Environment ◽

Security Threat ◽

Trusted Third Party ◽

Traditional System ◽

User Data ◽

Chosen Ciphertext Attack ◽

Positive Results

Compared with the traditional system, cloud storage users have no direct control over their data, so users are most concerned about security for their data stored in the cloud. One security requirement is to resolve any threats from semi-trusted key third party managers. The proposed data security for cloud environment with semi-trusted third party (DaSCE) protocol has solved the security threat of key managers to some extent but has not achieved positive results. Based on this, this paper proposes a semi-trusted third-party data security protocol (ADSS), which can effectively remove this security threat by adding time stamp and blind factor to prevent key managers and intermediaries from intercepting and decrypting user data. Moreover, the ADSS protocol is proved to provide indistinguishable security under a chosen ciphertext attack. Finally, the performance evaluation and simulation of the protocol show that the ADSS security is greater than DaSCE, and the amount of time needed is lower than DaSCE.

Download Full-text