Attributes Based Storage System for Secure De-Duplication of Encrypt Data in Cloud

2020 ◽  
Vol 17 (4) ◽  
pp. 1937-1942
Author(s):  
S. Sivasankari ◽  
V. Lavanya ◽  
G. Saranya ◽  
S. Lavanya
Keyword(s):  
Cloud Storage ◽  
Storage System ◽  
Third Party ◽  
Encrypted Data ◽  
Storage Cost ◽  
Multiple Data ◽  
Outsourced Data ◽  
Data Owner ◽  
Encrypt Data ◽  
Cloud Server

These days, Cloud storage is gaining importance among individual and institutional users. Individual and foundations looks for cloud server as a capacity medium to diminish their capacity load under nearby devices. In such storage services, it is necessary to avoid duplicate content/repetitive storage of same data to be avoided. By reducing the duplicate content in cloud storage reduces storage cost. De-duplication is necessary when multiple data owner outsource the same data, issues related to security and ownership to be considered. As the cloud server is always considered to be non trusted, as it is maintained by third party, thus the data stored in cloud is always encrypted and uploaded, thus randomization property of encryption affects de-duplication. It is necessary to propose a serverside de-duplication scheme for handling encrypted data. The proposed scheme allows the cloud server to control access to outsourced data even when the ownership changes dynamically.

scholarly journals What If Keys Are Leaked? towards Practical and Secure Re-Encryption in Deduplication-Based Cloud Storage

Information ◽  
2021 ◽  
Vol 12 (4) ◽  
pp. 142
Author(s):  
Weijing You ◽  
Lei Lei ◽  
Bo Chen ◽  
Limin Liu
Keyword(s):  
Experimental Evaluation ◽  
Cloud Storage ◽  
Security Analysis ◽  
Encrypted Data ◽  
Cloud Data ◽  
Storage Cost ◽  
Outsourced Data ◽  
Proof Of Ownership ◽  
Client Side ◽  
Over Time

By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively.

scholarly journals Assure deletion supporting dynamic insertion for outsourced data in cloud computing

2020 ◽  
Vol 16 (9) ◽  
pp. 155014772095829
Author(s):  
Changsong Yang ◽  
Yueling Liu ◽  
Xiaoling Tao
Keyword(s):  
Cloud Computing ◽  
Cloud Storage ◽  
Large Scale ◽  
High Efficiency ◽  
Rapid Development ◽  
Data Set ◽  
Outsourced Data ◽  
Data Owner ◽  
Cloud Storage Service ◽  
Cloud Server

With the rapid development of cloud computing, an increasing number of data owners are willing to employ cloud storage service. In cloud storage, the resource-constraint data owners can outsource their large-scale data to the remote cloud server, by which they can greatly reduce local storage overhead and computation cost. Despite plenty of attractive advantages, cloud storage inevitably suffers from some new security challenges due to the separation of outsourced data ownership and its management, such as secure data insertion and deletion. The cloud server may maliciously reserve some data copies and return a wrong deletion result to cheat the data owner. Moreover, it is very difficult for the data owner to securely insert some new data blocks into the outsourced data set. To solve the above two problems, we adopt the primitive of Merkle sum hash tree to design a novel publicly verifiable cloud data deletion scheme, which can also simultaneously achieve provable data storage and dynamic data insertion. Moreover, an interesting property of our proposed scheme is that it can satisfy private and public verifiability without requiring any trusted third party. Furthermore, we formally prove that our proposed scheme not only can achieve the desired security properties, but also can realize the high efficiency and practicality.

Data Integrity and Availability in Cloud Computing Based on Megastore

2013 ◽  
Vol 411-414 ◽  
pp. 1062-1066
Author(s):  
Yue Yue Yu ◽  
Su Quan Qin ◽  
Qiao Yan Wen
Keyword(s):  
Cloud Computing ◽  
Digital Signature ◽  
Original Data ◽  
Third Party ◽  
Encrypted Data ◽  
Cipher Text ◽  
Data Owner ◽  
Data User ◽  
Encrypt Data ◽  
Search Data

Cloud computing provides means of increasing the capacity or adding the capabilities which releases the heavy data user. It provides gigantic storage for data and faster computing to the customers on the internet. It transfers database and application software from the data owner to the cloud where management and maintenance of data take place. Security of data in cloud is one of the major issues which acts as an obstacle in the development of cloud computing. In this paper, an efficient model is proposed to protect the data in the process of transferring data to the cloud and get the data from the cloud. We take many precautions and measures to guarantee the security of data. To shield owners data from the malicious third party, RSA is used to encrypt data to cipher text. Because it is difficult to search data from the encrypted data, we take the technique of index the document by the keyword and then encrypt the index and send index with encrypted original data. To check the integrity of data, digital signature is taken to identify modifications of data. This article also introduces the concrete the underlying datacenter structure named Megastore and how Megastore functions seamlessly width owners while owners store data and retrieve data from the underlying datacenter. Megastore stores fine-gained partitions of data into different datacenters and the partitioning allows us to synchronously replicate each write to across wide area with reasonable latency and support seamless failover between different datacenters.

Design and Implementation of Hybrid EC-RSA Security Algorithm Based on TPA for Cloud Storage

2017 ◽  
Vol 3 (11) ◽  
pp. 6 ◽  
Author(s):  
Arshi Jabbar ◽  
Prof. Umesh Lilhore
Keyword(s):  
Data Storage ◽  
Cloud Storage ◽  
Third Party ◽  
Main Role ◽  
New Thought ◽  
Cloud Data ◽  
Data Owner ◽  
Cloud Server ◽  
Cloud Data Storage ◽  
Encryption Decryption

Cloud storage is one among the service provided by Cloud computing within which information is maintained, managed, secured remotely and created available to users over a network. The user concerning about the integrity of data hold on within the cloud because the user’s data will be attacked or changed by outside attacker. Therefore, a new thought referred to as information auditing is introduced that check the integrity of knowledge with the assistance of an entity referred to as Third Party Auditor (TPA). The aim of this work is to develop an auditing scheme that is secure, economical to use and possess the capabilities like privacy conserving, public auditing, maintaining the information integrity together with confidentiality. It comprises 3 entities: data owner, TPA and cloud server. The data owner performs numerous operations like splitting the file to blocks, encrypting them, generating a hash value for every, concatenating it and generating a signature on that. The TPA performs the main role of knowledge integrity check. It performs activities like generating hash value for encrypted blocks received from cloud server, concatenating them and generates signature on that. It later compares each the signatures to verify whether or not the information stored on cloud is tampered or not. It verifies the integrity of data on demand of the users. To make sure data protection or security of cloud data storage at cloud end, security architecture is designed that secures the data using encryption/decryption algorithm where the proposed algorithm is a hybrid encryption algorithm that uses the concept of EC-RSA, AES algorithm and Blowfish algorithm along with SHA-256 for auditing purpose. Presented experiment results show that the proposed concept is reasonable, it enhancing efficiency about 40% in terms of execution time i.e. encryption as well as decryption time and security and providing confidentiality of cloud data at could end.

scholarly journals Publicly verifiable data transfer and deletion scheme for cloud storage

2019 ◽  
Vol 15 (10) ◽  
pp. 155014771987899 ◽  
Author(s):  
Changsong Yang ◽  
Xiaoling Tao ◽  
Feng Zhao
Keyword(s):  
Cloud Storage ◽  
Data Transfer ◽  
Rapid Development ◽  
Economic Benefits ◽  
Third Party ◽  
Local Data ◽  
Security Issues ◽  
Data Owner ◽  
Cloud Server ◽  
Local Storage

With the rapid development of cloud storage, more and more resource-constraint data owners can employ cloud storage services to reduce the heavy local storage overhead. However, the local data owners lose the direct control over their data, and all the operations over the outsourced data, such as data transfer and deletion, will be executed by the remote cloud server. As a result, the data transfer and deletion have become two security issues because the selfish remote cloud server might not honestly execute these operations for economic benefits. In this article, we design a scheme that aims to make the data transfer and the transferred data deletion operations more transparent and publicly verifiable. Our proposed scheme is based on vector commitment (VC), which is used to deal with the problem of public verification during the data transfer and deletion. More specifically, our new scheme can provide the data owner with the ability to verify the data transfer and deletion results. In addition, by using the advantages of VC, our proposed scheme does not require any trusted third party. Finally, we prove that the proposed scheme not only can reach the expected security goals but also can satisfy the efficiency and practicality.

scholarly journals Improved Lightweight Cloud Storage Auditing Protocol for Shared Medical Data

2021 ◽  
Vol 2021 ◽  
pp. 1-13
Author(s):  
Haibin Yang ◽  
Zhengge Yi ◽  
Xu An Wang ◽  
Yunxuan Su ◽  
Zheng Tu ◽  
...  
Keyword(s):  
Cloud Storage ◽  
Medical Information ◽  
Storage System ◽  
Shared Data ◽  
Medical Institutions ◽  
Outsourced Data ◽  
Cloud Server ◽  
Cloud Auditing ◽  
Cloud Audit ◽  
Cloud Servers

Now, it is common for patients and medical institutions to outsource their data to cloud storage. This can greatly reduce the burden of medical information management and storage and improve the efficiency of the entire medical industry. In some cases, the group-based cloud storage system is also very common to be used. For example, in an medical enterprise, the employees outsource the working documents to the cloud storage and share them to the colleagues. However, when the working documents are outsourced to the cloud servers, how to ensure their security is a challenge problem for they are not controlled physically by the data owners. In particular, the integrity of the outsourced data should be guaranteed. And the secure cloud auditing protocol is designed to solve this issue. Recently, a lightweight secure auditing scheme for shared data in cloud storage is proposed. Unfortunately, we find this proposal not secure in this paper. It’s easy for the cloud server to forge the authentication label, and thus they can delete all the outsourced data when the cloud server still provide a correct data possession proof, which invalidates the security of the cloud audit protocol. On the basis of the original security auditing protocol, we provide an improved one for the shared data, roughly analysis its security, and the results show our new protocol is secure.

scholarly journals Third Party Public Auditing Scheme for Cloud Storage

2021 ◽  
Vol 9 (11) ◽  
pp. 1087-1093
Author(s):  
Mr. Vaishnav P. Surwase
Keyword(s):  
Data Security ◽  
Cloud Storage ◽  
Research Work ◽  
Data Integrity ◽  
Third Party ◽  
Main Role ◽  
Fine Grained ◽  
Data Owner ◽  
Cloud Server ◽  
Integrity Check

Abstract: Thus the new auditing scheme has been developed by considering all these requirements. It consist of three entities: data owner, TPA and cloud server. The data owner performs various operations such as splitting the file to blocks, encrypting them, generating a hash value for each, concatenating it and generating a signature on it. The TPA performs the main role of data integrity check. It performs activities like generating hash value for encrypted blocks received from cloud server, concatenating them and generates signature on it. It later compares both the signatures to verify whether the data stored on cloud is tampered or not. It verifies the integrity of data on demand of the users. The cloud server is used only to save the encrypted blocks of data. This proposed auditing scheme make use of AES algorithm for encryption, SHA-2 for integrity check and RSA signature for digital signature calculation. In this philosophy, users of cloud storage services no longer physically maintain direct control over their data, which makes data security one of the major concerns of using cloud. Existing research work already allows data integrity to be verified without possession of the actual data file. When the verification is done by a trusted third party, this verification process is also called data auditing, and this third party is called an auditor. As a result, every small update will cause re-computation and updating of the authenticator for an entire file block, which in turn causes higher storage and communication overheads. In this paper, we provide a formal analysis for possible types of fine-grained data updates and propose a scheme that can fully support authorized auditing and fine-grained update requests. Basedon our scheme, we also propose an enhancement that can dramatically reduce communication overheads for verifying small updates Keywords: Cloud computing, big data, data security, authorized auditing, fine-grained dynamic data update

A New User-controlled and Efficient Encrypted Data Sharing Model in Cloud Storage

2019 ◽  
Vol 13 (4) ◽  
pp. 356-363
Author(s):  
Yuezhong Wu ◽  
Wei Chen ◽  
Shuhong Chen ◽  
Guojun Wang ◽  
Changyun Li
Keyword(s):  
Data Sharing ◽  
Data Security ◽  
Cloud Storage ◽  
Screening Program ◽  
Original Data ◽  
Third Party ◽  
Active System ◽  
Encrypted Data ◽  
Active User ◽  
User Data

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.

scholarly journals Privacy Preserving Analytics in Outsourced Healthcare System

2020 ◽  
Vol 9 (9) ◽  
pp. 329-333
Keyword(s):  
Healthcare System ◽  
Cloud Storage ◽  
Learning Algorithm ◽  
Homomorphic Encryption ◽  
Digital Health ◽  
Health Data ◽  
Third Party ◽  
Sensitive Data ◽  
Data Intensive ◽  
Cloud Server

The most data intensive industry today is the healthcare system. The advancement in technology has revolutionized the traditional healthcare practices and led to enhanced E-Healthcare System. Modern healthcare systems generate voluminous amount of digital health data. These E-Health data are shared between patients and among groups of physicians and medical technicians for processing. Due to the demand for continuous availability and handling of these massive E-Health data, mostly these data are outsourced to cloud storage. Being cloud-based computing, the sensitive patient data is stored in a third-party server where data analytics are performed, hence more concern about security raises. This paper proposes a secure analytics system which preserves the privacy of patients’ data. In this system, before outsourcing, the data are encrypted using Paillier homomorphic encryption which allows computations to be performed over encrypted dataset. Then Decision Tree Machine Learning algorithm is used over this encrypted dataset to build the classifier model. This encrypted model is outsourced to cloud server and the predictions about patient’s health status is displayed to the user on request. In this system nowhere the data is decrypted throughout the process which ensures the privacy of patients’ sensitive data.

scholarly journals Theory and application of encrypted sequential data processing: search and computation

2021 ◽  
Author(s):  
Hoi Ting Poon
Keyword(s):  
Cloud Storage ◽  
Keyword Search ◽  
Computational Cost ◽  
Bloom Filters ◽  
Sequential Data ◽  
User Privacy ◽  
Three Solutions ◽  
Encrypted Data ◽  
Storage Cost ◽  
Target Values

Cloud Computing has seen a dramatic rise in adoption in the past decade amid se- curity and privacy concerns. One area of consensus is that encryption is necessary, as anonymization techniques have been shown to be unreliable. However, the processing of encrypted data has proven to be difficult. Briefly, the goal is to maintain security over remotely stored and accessed data while achieving reasonable storage cost and perfor- mance. Search is the most basic and central functionality of a privacy-protected cloud storage system actively being investigated. Recent works have looked at enabling more specialized search functions. In this thesis, we explore the problem of searching and pro- cessing of sequential data. We propose three solutions targeting textual data, with em- phasis respectively on security, storage cost and performance. Our first solution achieves a high level of security with reduced communication, storage and computational cost by exploiting properties of natural languages. Our second solution achieves a minimal storage cost by taking advantage of the space efficiency of Bloom filters. Both propos- als were also first to enable non-keyword search in phrases. Using a subsequence-based solution, our final phrase search scheme is currently the fastest phrase search protocol in literature. We also show how sequential data search schemes can be extended to in- clude auditing with minimal additional cost. The solution is capable of achieving proof of retrievability with unbounded number of audits. A sample application which enables searching and computing over target values of encrypted XML files is also demonstrated. In terms of media, we describe an encrypted cloud media storage solution that simultane- ously protects user privacy and enables copyright verification, and is the first to achieve security against dishonest participants. We also describe a framework where practical scalable privacy-protected copyright detection can be performed. Finally, an application of sequence querying over generic data in the form of an Anti-Virus over encrypted cloud storage is demonstrated. A private scanning solution and a public Anti-Virus as a ser- vice solution are described, noting that the technique can be conceptualized as a generic pattern matching solution on encrypted data. We also include some directions on future work and unexplored applications.

Sign in / Sign up

Export Citation Format

Share Document