‏An Enhanced Approach to Improve the Security and Performance for Deduplication

Cloud service providers providing users with efficient and effective storage and transmission of data. To reduce storage costs and save bandwidth, cloud service providers are attracted to use data de-duplication feature. Cloud users are interested in using the cloud safely and privately to protect the data they share on the cloud. Therefore, they encrypt the data before uploading it to the cloud. Since the intent of encryption conflicts with the de-duplication function, the data de-duplication feature becomes a hard problem. Existing de-duplication methods are ineffective in terms of both security and efficiency. They are either vulnerable to brute force attacks that enable the attacker to retrieve files, or they are computationally expensive. That is what drives us to suggest a method for removing duplicate data that is both performance and security effective. We'll start with a description of the implementations and functionality of de-duplication strategies, then move on to the literature that proposes various approaches to de-duplication and the security and efficiency problems that existing approaches face. Via the use of the AES-CBC algorithm and hashing functions, we have proposed an enhancement to improves the performance and protection of data de-duplication for users. Without the involvement of a third party, users' keys are created in a consistent and safe manner. We prove the efficacy of the recommended solution by putting it into practice and comparison with the existing techniques.

Download Full-text

A Practical Conflicting Role-based Cloud Security Risk Evaluation Method

Recent Advances in Computer Science and Communications ◽

10.2174/2666255813666191204145140 ◽

2019 ◽

Vol 13 ◽

Author(s):

Jin Han ◽

Jing Zhan ◽

Xiaoqing Xia ◽

Xue Fan

Keyword(s):

Risk Evaluation ◽

Evaluation Method ◽

Service Providers ◽

Risk Preferences ◽

Cloud Service ◽

Cloud Security ◽

Third Party ◽

Security Evaluation ◽

Security Risk ◽

Cloud Users

Background: Currently, Cloud Service Provider (CSP) or third party usually proposes principles and methods for cloud security risk evaluation, while cloud users have no choice but accept them. However, since cloud users and cloud service providers have conflicts of interests, cloud users may not trust the results of security evaluation performed by the CSP. Also, different cloud users may have different security risk preferences, which makes it difficult for third party to consider all users' needs during evaluation. In addition, current security evaluation indexes for cloud are too impractical to test (e.g., indexes like interoperability, transparency, portability are not easy to be evaluated). Methods: To solve the above problems, this paper proposes a practical cloud security risk evaluation method of decision-making based on conflicting roles by using the Analytic Hierarchy Process (AHP) with Aggregation of Individual priorities (AIP). Results: Not only can our method bring forward a new index system based on risk source for cloud security and corresponding practical testing methods, but also can obtain the evaluation result with the risk preferences of conflicting roles, namely CSP and cloud users, which can lay a foundation for improving mutual trusts between the CSP and cloud users. The experiments show that the method can effectively assess the security risk of cloud platforms and in the case where the number of clouds increased by 100% and 200%, the evaluation time using our methodology increased by only by 12% and 30%. Conclusion: Our method can achieve consistent decision based on conflicting roles, high scalability and practicability for cloud security risk evaluation.

Download Full-text

A Safe and Resilient Cryptographic System for Dynamic Cloud Groups with Secure Data Sharing and Efficient User Revocation

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i3.2144 ◽

2021 ◽

Vol 12 (3) ◽

pp. 5164-5175

Author(s):

Prerna Agarwal Et. al.

Keyword(s):

Data Sharing ◽

Service Providers ◽

Cloud Service ◽

Data File ◽

Third Party ◽

Outsourced Data ◽

User Revocation ◽

Cryptographic System ◽

Daunting Challenge ◽

Cloud Users

A comprehensive and functional approach is built in cloud computing, which can be used by cloud users to exchange information. Cloud service providers (CSPs) can transfer through server services through powerful data centres to cloud users. Data is protected through authentication of cloud users and CSPs can have outsourced data file sharing security assurance. The continuing change in cloud users, especially unauthenticated users or third parties poses a critical problem in ensuring privacy in data sharing. The multifunctional exchange of information while protecting information and personal protection from unauthorized or other third-party users remains a daunting challenge

Download Full-text

Secure and Selective Cloud Data Auditing using Deep Machine Learning

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.b2361.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 5471-5479

Keyword(s):

Machine Learning ◽

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Cloud Data ◽

Data Centre ◽

Cloud Service Providers ◽

Characteristics Analysis ◽

Data Centres

The tradition of moving applications, data to be consumed by the applications and the data generated by the applications is increasing and the increase is due to the advantages of cloud computing. The advantages of cloud computing are catered to the application owners, application consumers and at the same time to the cloud datacentre owners or the cloud service providers also. Since IT tasks are vital for business progression, it for the most part incorporates repetitive or reinforcement segments and framework for power supply, data correspondences associations, natural controls and different security gadgets. An extensive data centre is a mechanical scale task utilizing as much power as a community. The primary advantage of pushing the applications on the cloud-based data centres are low infrastructure maintenance with significant cost reduction for the application owners and the high profitability for the data centre cloud service providers. During the application migration to the cloud data centres, the data and few components of the application become exposed to certain users. Also, the applications, which are hosted on the cloud data centres must comply with the certain standards for being accepted by various application consumers. In order to achieve the standard certifications, the applications and the data must be audited by various auditing companies. Few of the cases, the auditors are hired by the data centre owners and few of times, the auditors are engaged by application consumers. Nonetheless, in both situations, the auditors are third party and the risk of exposing business logics in the applications and the data always persists. Nevertheless, the auditor being a third-party user, the data exposure is a high risk. Also, in a data centre environment, it is highly difficult to ensure isolation of the data from different auditors, who may not be have the right to audit the data. Significant number of researches have attempted to provide a generic solution to this problem. However, the solutions are highly criticized by the research community for making generic assumptions during the permission verification process. Henceforth, this work produces a novel machine learning based algorithm to assign or grant audit access permissions to specific auditors in a random situation without other approvals based on the characteristics of the virtual machine, in which the application and the data is deployed, and the auditing user entity. The results of the proposed algorithm are highly satisfactory and demonstrates nearly 99% accuracy on data characteristics analysis, nearly 98% accuracy on user characteristics analysis and 100% accuracy on secure auditor selection process

Download Full-text

An Inimitable Mechanism and Architecture for Security in Cloud using Multi Cloud

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.e6109.018520 ◽

2020 ◽

Vol 8 (5) ◽

pp. 1627-1631

Keyword(s):

Data Security ◽

Service Providers ◽

Cloud Service ◽

Cloud Environment ◽

Private Cloud ◽

Cloud Architecture ◽

Cloud Service Providers ◽

Lock In ◽

Cloud Users ◽

Multi Cloud

Confidentiality, Privacy and Protection of data (CPPD) are the major challenges in the cloud environment for cloud users such as industrials and organizations. Hence major companies are loath to migrate to cloud and also still using the private cloud because of lock in CPPD of cloud. Cloud Service Providers (CSP) are unable to elucidate strength of the storage and services due to lack of data security. To solve the above issue, we trust, algorithms are not the only solution for data security. In this regards, we suggest to change the architecture and develop a new mechanisms. In this paper, we are proposed two thinks. First is move to single cloud architecture to multiple cloud architecture and second is develop an innovative algorithm. And one more think also considered and proposed an inimitable mechanism to use an innovative algorithm in the multi cloud architecture for improving CPPD.

Download Full-text

Cloud Security - A Semantic Approach in End to End Security Compliance

Engineering International ◽

10.18034/ei.v5i2.586 ◽

2017 ◽

Vol 5 (2) ◽

pp. 97-106

Author(s):

VNS Surendra Chimakurthi

Keyword(s):

Security Policy ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

Cloud Services ◽

Security Requirements ◽

Security And Privacy ◽

Cloud Service Providers ◽

Compliance Requirements ◽

Cloud Users

Many firms are seeing the benefits of moving to the cloud. For the sake of their customers' data, cloud service providers are required by law to maintain the highest levels of data security and privacy. Most cloud service providers employ a patchwork of security and privacy safeguards while industry standards are being created. The upshot is that customers of cloud services are unsure whether or not the security protections supplied by these services are enough to meet their specific security and compliance requirements. In this article, we have discussed the many threats cloud users face and emphasized the compliance frameworks and security processes that should be in place to minimize the risk. To categorize cloud security measures, risks, and compliance requirements, we developed an ontology. We needed to design software to identify the high-level policy rules that must be applied in response to each danger as part of this initiative. Additionally, the program provides a list of cloud service providers that now satisfy specific security requirements. Even if they aren't familiar with the underlying technology, cloud users may utilize our system to build up their security policy and identify compatible providers.

Download Full-text

An Efficient Resource Scheduling Framework for Infrastructure Performance Enhancement in Cloud Environment

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d5286.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 7283-7287

Keyword(s):

Performance Enhancement ◽

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

Cloud Infrastructure ◽

Cloud Service Providers ◽

Efficient Resource ◽

Infrastructure Performance ◽

Cloud Users ◽

Level Performance

On-demand cloud services must be provided to customers at any time by ways of cloud service providers due to cloud demand. It is obligatory for cloud service providers to lessen large volumes of data, thereby it can reduce costs for maintaining large storage systems.Infrastructure level performance is an important problem which directly affects the overall working of cloud computing environment. The objective of our framework is enhancing the performance of cloud infrastructure. Proposed approach demonstrates high effective in cloud performance enhancement, as it displays enhancement in both the service providers as well as for cloud users.

Download Full-text

Review on dynamic group data sharing in cloud environment

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.9770 ◽

2018 ◽

Vol 7 (2) ◽

pp. 646

Author(s):

Sathishkumar Easwaramoorthy ◽

Anilkumar Chunduru ◽

Usha Moorthy ◽

Sravankumar B

Keyword(s):

Cloud Computing ◽

Data Sharing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Continuous Change ◽

Frequent Change ◽

Dynamic Group ◽

Group Data ◽

Cloud Users

Information sharing or exchange of data within entities plays a significant role in cloud storage. In cloud computing, a robust and practical methodology is developed which can be utilized by cloud users for sharing information among multiple group members in the cloud with lowered maintenance and management costs. Furthermore, a service provider in the cloud does not share data with anyone other than the Trusted Third Party (TTP) sources due to the semi-trusted characteristics of the cloud. In this way, there is no global security mechanism for dynamic group data sharing over the cloud. Subsequently, the Cloud Service Providers (CSPs) can convey different services to cloud users through powerful data centres. Hence, data is secured through the validation of users in the cloud. Meanwhile, CSPs should offer outsourced security assurance for data file sharing. Assuring privacy in data sharing is still a critical issue due to continuous change in cloud users, particularly, for unauthenticated or third party users because of the risk of collusion attacks. However, security concerns turn into a major restraint as outsourcing storage data is perhaps a delicate concern for cloud providers. Additionally, sharing information in a multi-proprietary approach while protecting information and individual security to the data from unauthorized or third party users is still a challenging task as there is a frequent change in cloud members. In this regard, previous studies are reviewed and discussed which are related to dynamic group data sharing using cloud computing.

Download Full-text

An Efficient Framework for a Third Party Auditor in Cloud Computing Environments

The Computer Journal ◽

10.1093/comjnl/bxz045 ◽

2019 ◽

Vol 63 (9) ◽

pp. 1285-1297 ◽

Cited By ~ 2

Author(s):

S Mahdavi-Hezavehi ◽

Y Alimardani ◽

R Rahmani

Keyword(s):

Service Providers ◽

Cloud Service ◽

Service Level ◽

Cloud Services ◽

Third Party ◽

Cloud Environment ◽

Cloud Service Providers ◽

Cloud Environments ◽

Cost Efficient ◽

Monitoring Service

Abstract Cloud Service Providers supply services to clients in terms of their demands. They need to be constantly under monitoring for their services with respect to consensus agreements between clients and service providers. A Third Party Auditor or TPA as a trusted organization appears to be necessary to monitor executing agreements of cloud services. Using a third party as an extra component creates cost overheads for clients in a cloud environment. Thus, introducing a cost efficient framework for a cloud environment which includes a third party is an eminent achievement to make a TPA feasible and practical in cloud environments. In this paper, we propose a TPA framework for monitoring service level agreements between cloud service providers and cloud clients using several cloud resources. This framework employs different types of service deployments from various cloud service providers excluding the cloud service provider which is being monitored. Then, we demonstrate that the framework can mitigate costs of a third party auditor in a cloud environment. Simulations of trends for costs exhibits cost efficiency of at least forty percent over ten years when a TPA follows our proposed framework in comparison to other frameworks. Finally, we provide an analysis to compare characteristics of our framework with other frameworks and discuss the advantages of our proposed framework. Our results indicate that TPA as a component of the framework not only reduces overall costs of its presentation in a cloud environment but additionally improves management efficiency and security.

Download Full-text

TPA Auditing to Enhance the Privacy and Security in Cloud Systems

Journal of Cyber Security and Mobility ◽

10.13052/jcsm2245-1439.1033 ◽

2021 ◽

Author(s):

Sunil Kumar ◽

Dilip Kumar ◽

Hemraj Shobharam Lamkuche

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Capital Expenditure ◽

Cloud Service ◽

Error Recovery ◽

Third Party ◽

Privacy And Security ◽

Compression Technique ◽

Cloud Service Providers ◽

Using Data

Over the last decade, many enterprises around the world migrating from traditional infrastructure to cloud resources in order to cut down operational and capital expenditure. With cloud computing, huge amount of data transactions is communicated between cloud consumers and cloud service providers. However, this cloud computing enables surplus security challenges associated to unauthorized access and data breaches. We proposed in this paper a trusted third-party auditor (TPA) model which uses lightweight cryptographic system and lightweight hashing technique to ensure data security and data integrity to audit the cloud users outsourced data from cloud service providers. With our proposed system, we solve the concern of data reliability using data correctness and verification analysis and error recovery analysis. The time complexity of our proposed system is less as compared with other TPA model. Our proposed system also shows resistance against various known cryptanalytic attacks, the performance and extensive compression technique of our proposed system are probably secure and highly proficient.

Download Full-text

Federated Cloud Storage Management Through Provable Data Possession using Dynamic Audit Protocol

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1122.0782s319 ◽

2019 ◽

Vol 8 (2S3) ◽

pp. 662-665

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Service Providers ◽

Cloud Service ◽

Application Programming Interface ◽

Third Party ◽

Web Browser ◽

Free Data ◽

Cloud Service Providers ◽

Storage Area

Cloud computing is a technology for sharing the resources for on demand request and for processing the data. It facilitates cloud storage for adopting cloud users with the help of cloud service providers. It enhances need of enterprises by adhering large volume of data to store and owned privately through third party auditors via data centres. The proposed system analyse cloud storage and provide free data storage for computing the data and maintain variety of cloud storage in one place. This scenario promotes storage of files in one system, so the user doesn’t require various accounts like GoogleDrive, Microsoft Onedrive and Dropbox. This application enhances multiple cloud storage for accessing all files in one particular storage area. The proposed system eradicates visiting of multiple sites for downloading the apps and reduces installing of multiple apps for downloading all the files. The work mainly focuses on the SaaS that permits users to upload data and share the resources from the cloud to post in the Web browser. Our work designed for creating single level of Application programming interface which is for all the cloud service providers. This adopts external applications that leverage the service of platform which is easier to build scalable, and automated cloud based applications. The final API promotes multiple cloud storage in one place and leads to provision Federated Cloud

Download Full-text