Lightweight Accountable Privacy-Preserving Protocol Allowing the Cloud Client to Audit the Third-Party Auditor for Malicious Activities

Cloud computing is reserving its position in the market as the next disruptive utility paradigm. It is found on the pay-as-you-use model. Cloud computing is changing the way information technology (IT) operates for individuals as well as for companies. Cloud computing comes with different offerings to accommodate diverse applications. It comes with many successful adoption stories and a few unfortunate ones that are related to security breaches. Security concerns are what is making many companies reluctant to fully embrace the cloud realm. To enhance trust and entice adoption between cloud clients (CC) and cloud service providers (CSP), a new paradigm of depending on involving a third-party auditor (TPA) has been introduced. Hence, implementing a solution with a TPA comes with its toll in terms of trust and processing overhead. A lightweight security protocol to give the CC extra control with tools to audit the TPA and the CSP is paramount to the solution. In this paper, we are introducing a novel protocol: the lightweight accountable privacy-preserving (LAPP) protocol. Our proposed protocol is lightweight in terms of processing and communication costs. It is based on a newly introduced mathematical model along with two algorithms. We have conducted simulation experiments to measure the impact of our method. We have compared LAPP to the most eminent privacy-preserving methods in the cloud research field, using the open source cloud computing simulator GreenCloud. Our simulation results showed superiority in performance for LAPP in regard to time complexity, accuracy, and computation time on auditing. The aim of the time complexity and computation time on auditing simulations is to measure the lightweight aspect of our proposed protocol as well as to improve the quality of service.

Download Full-text

Privacy preservation Models for Third-Party Auditor over Cloud Computing: a Survey

10.20944/preprints202109.0413.v1 ◽

2021 ◽

Author(s):

Abdul Razaque ◽

Mohamed Frej ◽

Bandar Alotaibi ◽

Munif Alotaibi

Keyword(s):

Cloud Computing ◽

Privacy Preservation ◽

Service Providers ◽

Personal Information ◽

Cloud Service ◽

Privacy Preserving ◽

Third Party ◽

Security Requirements ◽

Security Threats ◽

State Of Art

Cloud computing has become a prominent technology due to its important utility service; this service concentrates on outsourcing data to organizations and individual consumers. Cloud computing has considerably changed the manner in which individuals or organizations store, retrieve, and organize their personal information. Despite the manifest development in cloud computing, there are still some concerns regarding the level of security and issues related to adopting cloud computing that prevent users from fully trusting this useful technology. Hence, for the sake of reinforcing the trust between Cloud Clients (CC) and Cloud Service Providers (CSP), as well as safeguarding the CC’s data in the cloud, several security paradigms of cloud computing based on a Third-Party Auditor (TPA) have been introduced. The TPA, as a trusted party, is responsible for checking the integrity of the CC’s data and all the critical information associated with it. However, the TPA could become an adversary and could aim to deteriorate the privacy of the CC’s data by playing a malicious role. In this paper, we present the state-of-art of cloud computing’s privacy-preserving models (PPM) based on a TPA. Three TPA factors of paramount significance have been discussed: TPA involvement, security requirements, and security threats caused by vulnerabilities. Moreover, TPA’s privacy preserving models have been comprehensively analyzed and categorized into different classes with an emphasis on their dynamicity. Finally, we discuss the limitations of the models and present our recommendations for their improvement.

Download Full-text

Privacy Preservation Models for Third-Party Auditor over Cloud Computing: A Survey

Electronics ◽

10.3390/electronics10212721 ◽

2021 ◽

Vol 10 (21) ◽

pp. 2721

Author(s):

Abdul Razaque ◽

Mohamed Ben Haj Frej ◽

Bandar Alotaibi ◽

Munif Alotaibi

Keyword(s):

Cloud Computing ◽

Privacy Preservation ◽

Service Providers ◽

State Of The Art ◽

Personal Information ◽

Cloud Service ◽

Privacy Preserving ◽

Third Party ◽

Security Requirements ◽

Security Threats

Cloud computing has become a prominent technology due to its important utility service; this service concentrates on outsourcing data to organizations and individual consumers. Cloud computing has considerably changed the manner in which individuals or organizations store, retrieve, and organize their personal information. Despite the manifest development in cloud computing, there are still some concerns regarding the level of security and issues related to adopting cloud computing that prevent users from fully trusting this useful technology. Hence, for the sake of reinforcing the trust between cloud clients (CC) and cloud service providers (CSP), as well as safeguarding the CC’s data in the cloud, several security paradigms of cloud computing based on a third-party auditor (TPA) have been introduced. The TPA, as a trusted party, is responsible for checking the integrity of the CC’s data and all the critical information associated with it. However, the TPA could become an adversary and could aim to deteriorate the privacy of the CC’s data by playing a malicious role. In this paper, we present the state of the art of cloud computing’s privacy-preserving models (PPM) based on a TPA. Three TPA factors of paramount significance are discussed: TPA involvement, security requirements, and security threats caused by vulnerabilities. Moreover, TPA’s privacy preserving models are comprehensively analyzed and categorized into different classes with an emphasis on their dynamicity. Finally, we discuss the limitations of the models and present our recommendations for their improvement.

Download Full-text

ILSSPP: Intelligent location sharing system with privacy preserving features for smart cities

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-219102 ◽

2021 ◽

pp. 1-12

Author(s):

Gokay Saldamli ◽

Richard Chow ◽

Hongxia Jin

Keyword(s):

Service Providers ◽

Smart Cities ◽

User Interaction ◽

Privacy Preserving ◽

Location Based Services ◽

Third Party ◽

Location Information ◽

Fine Grained ◽

Location Sharing ◽

Social Network Structure

Social networking services are increasingly accessed through mobile devices. This trend has prompted services such as Facebook and Google+to incorporate location as a de facto feature of user interaction. At the same time, services based on location such as Foursquare and Shopkick are also growing as smartphone market penetration increases. In fact, this growth is happening despite concerns (growing at a similar pace) about security and third-party use of private location information (e.g., for advertising). Nevertheless, service providers have been unwilling to build truly private systems in which they do not have access to location information. In this paper, we describe an architecture and a trial implementation of a privacy-preserving location sharing system called ILSSPP. The system protects location information from the service provider and yet enables fine grained location-sharing. One main feature of the system is to protect an individual’s social network structure. The pattern of location sharing preferences towards contacts can reveal this structure without any knowledge of the locations themselves. ILSSPP protects locations sharing preferences through protocol unification and masking. ILSSPP has been implemented as a standalone solution, but the technology can also be integrated into location-based services to enhance privacy.

Download Full-text

Broker-based optimization of SLA negotiations in cloud computing

Multiagent and Grid Systems ◽

10.3233/mgs-210349 ◽

2021 ◽

Vol 17 (2) ◽

pp. 179-195

Author(s):

Priyanka Bharti ◽

Rajeev Ranjan ◽

Bhanu Prasad

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Service Level Agreement ◽

Cloud Service ◽

Service Level ◽

Cloud Environment ◽

Negotiation Strategies ◽

Sla Negotiation ◽

Conflicting Interests ◽

The Impact

Cloud computing provisions and allocates resources, in advance or real-time, to dynamic applications planned for execution. This is a challenging task as the Cloud-Service-Providers (CSPs) may not have sufficient resources at all times to satisfy the resource requests of the Cloud-Service-Users (CSUs). Further, the CSPs and CSUs have conflicting interests and may have different utilities. Service-Level-Agreement (SLA) negotiations among CSPs and CSUs can address these limitations. User Agents (UAs) negotiate for resources on behalf of the CSUs and help reduce the overall costs for the CSUs and enhance the resource utilization for the CSPs. This research proposes a broker-based mediation framework to optimize the SLA negotiation strategies between UAs and CSPs in Cloud environment. The impact of the proposed framework on utility, negotiation time, and request satisfaction are evaluated. The empirical results show that these strategies favor cooperative negotiation and achieve significantly higher utilities, higher satisfaction, and faster negotiation speed for all the entities involved in the negotiation.

Download Full-text

Security Aspects in Cloud Computing

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch004 ◽

2018 ◽

pp. 54-76

Author(s):

Tabassum N. Mujawar ◽

Ashok V. Sutagundar ◽

Lata L. Ragha

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Storage Security ◽

Security Issues ◽

Access Control Mechanism ◽

And Storage ◽

Privacy Issues ◽

Different Levels

Cloud computing is recently emerging technology, which provides a way to access computing resources over Internet on demand and pay per use basis. Cloud computing is a paradigm that enable access to shared pool of resources efficiently, which are managed by third party cloud service providers. Despite of various advantages of cloud computing security is the biggest threat. This chapter describes various security concerns in cloud computing. The clouds are subject to traditional data confidentiality, integrity, availability and various privacy issues. This chapter comprises various security issues at different levels in environment that includes infrastructure level security, data level and storage security. It also deals with the concept of Identity and Access Control mechanism.

Download Full-text

Optimal Resource Usage in Multi-Cloud Computing Environment

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2013010105 ◽

2013 ◽

Vol 3 (1) ◽

pp. 44-57 ◽

Cited By ~ 1

Author(s):

Veena Goswami ◽

Choudhury Nishkanta Sahoo

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Queueing Network ◽

Computing Environment ◽

New Paradigm ◽

Cloud Computing Environment ◽

Optimal Resource ◽

Optimal Resource Management ◽

And Performance ◽

Multi Cloud

Cloud computing has emerged as a new paradigm for accessing distributed computing resources such as infrastructure, hardware platform, and software applications on-demand over the internet as services. This paper presents an optimal resource management framework for multi-cloud computing environment. The authors model the behavior and performance of applications to integrate different service-providers for end-to-end-requirements. Each service model caters to specific type of requirements and there are already number of players with own customized products/services offered. Intercloud Federation and Service delegation models are part of Multi-Cloud environment where the broader target is to achieve infinite pool of resources. They propose an analytical queueing network model to improve the efficiency of the system. Numerical results indicate that the proposed provisioning technique detects changes in arrival pattern, resource demands that occur over time and allocates multiple virtualized IT resources accordingly to achieve application Quality of Service targets.

Download Full-text

Exploiting Coarse-Grained Parallelism Using Cloud Computing in Massive Power Flow Computation

Energies ◽

10.3390/en11092268 ◽

2018 ◽

Vol 11 (9) ◽

pp. 2268 ◽

Cited By ~ 3

Author(s):

Dong-Hee Yoon ◽

Sang-Kyun Kang ◽

Minseong Kim ◽

Youngsun Han

Keyword(s):

Cloud Computing ◽

Power Systems ◽

Power System ◽

Power Flow ◽

Computation Time ◽

Coarse Grained ◽

Contingency Analysis ◽

Flow Computation ◽

Cloud Computing System ◽

The Impact

We present a novel architecture of parallel contingency analysis that accelerates massive power flow computation using cloud computing. It leverages cloud computing to investigate huge power systems of various and potential contingencies. Contingency analysis is undertaken to assess the impact of failure of power system components; thus, extensive contingency analysis is required to ensure that power systems operate safely and reliably. Since many calculations are required to analyze possible contingencies under various conditions, the computation time of contingency analysis increases tremendously if either the power system is large or cascading outage analysis is needed. We also introduce a task management optimization to minimize load imbalances between computing resources while reducing communication and synchronization overheads. Our experiment shows that the proposed architecture exhibits a performance improvement of up to 35.32× on 256 cores in the contingency analysis of a real power system, i.e., KEPCO2015 (the Korean power system), by using a cloud computing system. According to our analysis of the task execution behaviors, we confirmed that the performance can be enhanced further by employing additional computing resources.

Download Full-text

The Impact of Cloud-Based Digital Transformation on IT Service Providers

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2017100101 ◽

2017 ◽

Vol 7 (4) ◽

pp. 1-19 ◽

Cited By ~ 7

Author(s):

Trevor Clohessy ◽

Thomas Acton ◽

Lorraine Morgan

Keyword(s):

Cloud Computing ◽

Business Model ◽

Business Models ◽

Service Providers ◽

Digital Transformation ◽

Focus Group Study ◽

Model Framework ◽

It Service ◽

Technology Service ◽

The Impact

Cloud-based digital transformation is having a profound impact on new and incumbent information technology service providers. In transitioning from traditional to cloud-based service provision, some IT service providers are experiencing substantial difficulties in realizing effective business models. Taking the perspective of 20 large business model mature and small and medium enterprise born-on-the-cloud multinational IT service providers, this focus group study contributes to the dearth of research examining the broader impact of cloud computing on IT service providers' business model. The study provides two core insights. First, using the STOF business model framework, the paper provides a vivid contextual understanding of the nuanced impact of cloud computing along four core business model domains: service, technological, organisational and financial. Second, the study identifies a number of salient challenges which are impacting IT service providers' efforts to effectively leverage the benefits of cloud-based digital transformation.

Download Full-text

A Cloud-User Protocol Based on Ciphertext Watermarking Technology

Security and Communication Networks ◽

10.1155/2017/4376282 ◽

2017 ◽

Vol 2017 ◽

pp. 1-14 ◽

Cited By ~ 1

Author(s):

Keyang Liu ◽

Weiming Zhang ◽

Xiaojuan Dong

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Hamming Distance ◽

Cloud Service ◽

Third Party ◽

Plain Text ◽

Privacy Leakage ◽

Cloud Computing Service ◽

The Right ◽

Cloud User

With the growth of cloud computing technology, more and more Cloud Service Providers (CSPs) begin to provide cloud computing service to users and ask for users’ permission of using their data to improve the quality of service (QoS). Since these data are stored in the form of plain text, they bring about users’ worry for the risk of privacy leakage. However, the existing watermark embedding and encryption technology is not suitable for protecting the Right to Be Forgotten. Hence, we propose a new Cloud-User protocol as a solution for plain text outsourcing problem. We only allow users and CSPs to embed the ciphertext watermark, which is generated and embedded by Trusted Third Party (TTP), into the ciphertext data for transferring. Then, the receiver decrypts it and obtains the watermarked data in plain text. In the arbitration stage, feature extraction and the identity of user will be used to identify the data. The fixed Hamming distance code can help raise the system’s capability for watermarks as much as possible. Extracted watermark can locate the unauthorized distributor and protect the right of honest CSP. The results of experiments demonstrate the security and validity of our protocol.

Download Full-text

The Importance of Business Model Factors for Cloud Computing Adoption: Role of Previous Experiences

Organizacija ◽

10.1515/orga-2017-0013 ◽

2017 ◽

Vol 50 (3) ◽

pp. 255-272 ◽

Cited By ~ 3

Author(s):

Kristina Bogataj Habjan ◽

Andreja Pucihar

Keyword(s):

Cloud Computing ◽

Business Model ◽

Business Models ◽

Service Providers ◽

Organizational Factors ◽

Research Results ◽

Computing Services ◽

Cloud Computing Adoption ◽

Cloud Computing Services ◽

The Impact

Abstract Background and Purpose: Bringing several opportunities for more effective and efficient IT governance and service exploitation, cloud computing is expected to impact the European and global economies significantly. Market data show that despite many advantages and promised benefits the adoption of cloud computing is not as fast and widespread as foreseen. This situation shows the need for further exploration of the potentials of cloud computing and its implementation on the market. The purpose of this research was to identify individual business model factors with the highest impact on cloud computing adoption. In addition, the aim was to identify the differences in opinion regarding the importance of business model factors on cloud computing adoption according to companies’ previous experiences with cloud computing services. Methodology: Based on literature review, prior research results, and interviews with cloud computing providers and users, a research model was developed. Statistical analysis focused on identification of factors’ importance on cloud computing adoption and differences in opinions according to respondents’ previous experiences with cloud computing services. The study was done among 80 companies and five major cloud computing providers in Slovenia. Results: The research results reveal statistically significant differences in opinions on the importance of cloud computing business model factors according to respondents’ previous experiences with cloud computing services. The results can provide orientation for redesign or innovation of existing business models towards the creation of a customer-oriented business model for the more successful exploitation of cloud computing services and business opportunities. For potential users, the findings represent guidelines for the successful adoption of cloud computing services. Conclusions: In our research, the investigated business model factors could be classified into so-called “business model organizational factors”, as they primarily need to be considered by cloud service providers when defining or innovating their business models. For future research, the model should also include the impact of environmental factors, such as Competition, Business Partners, Legislation, Economic Situation, in order to investigate their impact on cloud adoption.

Download Full-text