scholarly journals Privacy Preservation Models for Third-Party Auditor over Cloud Computing: A Survey

Electronics ◽  
2021 ◽  
Vol 10 (21) ◽  
pp. 2721
Author(s):  
Abdul Razaque ◽  
Mohamed Ben Haj Frej ◽  
Bandar Alotaibi ◽  
Munif Alotaibi
Keyword(s):  
Cloud Computing ◽  
Privacy Preservation ◽  
Service Providers ◽  
State Of The Art ◽  
Personal Information ◽  
Cloud Service ◽  
Privacy Preserving ◽  
Third Party ◽  
Security Requirements ◽  
Security Threats

Cloud computing has become a prominent technology due to its important utility service; this service concentrates on outsourcing data to organizations and individual consumers. Cloud computing has considerably changed the manner in which individuals or organizations store, retrieve, and organize their personal information. Despite the manifest development in cloud computing, there are still some concerns regarding the level of security and issues related to adopting cloud computing that prevent users from fully trusting this useful technology. Hence, for the sake of reinforcing the trust between cloud clients (CC) and cloud service providers (CSP), as well as safeguarding the CC’s data in the cloud, several security paradigms of cloud computing based on a third-party auditor (TPA) have been introduced. The TPA, as a trusted party, is responsible for checking the integrity of the CC’s data and all the critical information associated with it. However, the TPA could become an adversary and could aim to deteriorate the privacy of the CC’s data by playing a malicious role. In this paper, we present the state of the art of cloud computing’s privacy-preserving models (PPM) based on a TPA. Three TPA factors of paramount significance are discussed: TPA involvement, security requirements, and security threats caused by vulnerabilities. Moreover, TPA’s privacy preserving models are comprehensively analyzed and categorized into different classes with an emphasis on their dynamicity. Finally, we discuss the limitations of the models and present our recommendations for their improvement.

scholarly journals Privacy preservation Models for Third-Party Auditor over Cloud Computing: a Survey

2021 ◽  
Author(s):  
Abdul Razaque ◽  
Mohamed Frej ◽  
Bandar Alotaibi ◽  
Munif Alotaibi
Keyword(s):  
Cloud Computing ◽  
Privacy Preservation ◽  
Service Providers ◽  
Personal Information ◽  
Cloud Service ◽  
Privacy Preserving ◽  
Third Party ◽  
Security Requirements ◽  
Security Threats ◽  
State Of Art

Cloud computing has become a prominent technology due to its important utility service; this service concentrates on outsourcing data to organizations and individual consumers. Cloud computing has considerably changed the manner in which individuals or organizations store, retrieve, and organize their personal information. Despite the manifest development in cloud computing, there are still some concerns regarding the level of security and issues related to adopting cloud computing that prevent users from fully trusting this useful technology. Hence, for the sake of reinforcing the trust between Cloud Clients (CC) and Cloud Service Providers (CSP), as well as safeguarding the CC’s data in the cloud, several security paradigms of cloud computing based on a Third-Party Auditor (TPA) have been introduced. The TPA, as a trusted party, is responsible for checking the integrity of the CC’s data and all the critical information associated with it. However, the TPA could become an adversary and could aim to deteriorate the privacy of the CC’s data by playing a malicious role. In this paper, we present the state-of-art of cloud computing’s privacy-preserving models (PPM) based on a TPA. Three TPA factors of paramount significance have been discussed: TPA involvement, security requirements, and security threats caused by vulnerabilities. Moreover, TPA’s privacy preserving models have been comprehensively analyzed and categorized into different classes with an emphasis on their dynamicity. Finally, we discuss the limitations of the models and present our recommendations for their improvement.

A Survey on Privacy Preservation in Location-Based Mobile Business

2021 ◽  
Vol 13 (1) ◽  
pp. 20-39
Author(s):  
Ahmed Aloui ◽  
Okba Kazar
Keyword(s):  
Privacy Protection ◽  
Privacy Preservation ◽  
Service Providers ◽  
Personal Information ◽  
Third Party ◽  
Mobile Business ◽  
Protection Measures ◽  
System Architectures ◽  
Protection Goals ◽  
Privacy Issues

In mobile business (m-business), a client sends its exact locations to service providers. This data may involve sensitive and private personal information. As a result, misuse of location information by the third party location servers creating privacy issues for clients. This paper provides an overview of the privacy protection techniques currently applied by location-based mobile business. The authors first identify different system architectures and different protection goals. Second, this article provides an overview of the basic principles and mechanisms that exist to protect these privacy goals. In a third step, the authors provide existing privacy protection measures.

scholarly journals Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

2019 ◽  
pp. 57-61
Author(s):  
Kayalvili S ◽  
Sowmitha V
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Data Storage ◽  
Service Providers ◽  
Cloud Service ◽  
Security Requirements ◽  
Security And Privacy ◽  
Data Outsourcing ◽  
Privacy And Security ◽  
Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

Security Aspects in Cloud Computing

2018 ◽  
pp. 54-76
Author(s):  
Tabassum N. Mujawar ◽  
Ashok V. Sutagundar ◽  
Lata L. Ragha
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Third Party ◽  
Storage Security ◽  
Security Issues ◽  
Access Control Mechanism ◽  
And Storage ◽  
Privacy Issues ◽  
Different Levels

Cloud computing is recently emerging technology, which provides a way to access computing resources over Internet on demand and pay per use basis. Cloud computing is a paradigm that enable access to shared pool of resources efficiently, which are managed by third party cloud service providers. Despite of various advantages of cloud computing security is the biggest threat. This chapter describes various security concerns in cloud computing. The clouds are subject to traditional data confidentiality, integrity, availability and various privacy issues. This chapter comprises various security issues at different levels in environment that includes infrastructure level security, data level and storage security. It also deals with the concept of Identity and Access Control mechanism.

scholarly journals A Cloud-User Protocol Based on Ciphertext Watermarking Technology

2017 ◽  
Vol 2017 ◽  
pp. 1-14 ◽  
Author(s):  
Keyang Liu ◽  
Weiming Zhang ◽  
Xiaojuan Dong
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Hamming Distance ◽  
Cloud Service ◽  
Third Party ◽  
Plain Text ◽  
Privacy Leakage ◽  
Cloud Computing Service ◽  
The Right ◽  
Cloud User

With the growth of cloud computing technology, more and more Cloud Service Providers (CSPs) begin to provide cloud computing service to users and ask for users’ permission of using their data to improve the quality of service (QoS). Since these data are stored in the form of plain text, they bring about users’ worry for the risk of privacy leakage. However, the existing watermark embedding and encryption technology is not suitable for protecting the Right to Be Forgotten. Hence, we propose a new Cloud-User protocol as a solution for plain text outsourcing problem. We only allow users and CSPs to embed the ciphertext watermark, which is generated and embedded by Trusted Third Party (TTP), into the ciphertext data for transferring. Then, the receiver decrypts it and obtains the watermarked data in plain text. In the arbitration stage, feature extraction and the identity of user will be used to identify the data. The fixed Hamming distance code can help raise the system’s capability for watermarks as much as possible. Extracted watermark can locate the unauthorized distributor and protect the right of honest CSP. The results of experiments demonstrate the security and validity of our protocol.

scholarly journals Secure and Selective Cloud Data Auditing using Deep Machine Learning

2019 ◽  
Vol 9 (2) ◽  
pp. 5471-5479
Keyword(s):  
Machine Learning ◽  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Third Party ◽  
Cloud Data ◽  
Data Centre ◽  
Cloud Service Providers ◽  
Characteristics Analysis ◽  
Data Centres

The tradition of moving applications, data to be consumed by the applications and the data generated by the applications is increasing and the increase is due to the advantages of cloud computing. The advantages of cloud computing are catered to the application owners, application consumers and at the same time to the cloud datacentre owners or the cloud service providers also. Since IT tasks are vital for business progression, it for the most part incorporates repetitive or reinforcement segments and framework for power supply, data correspondences associations, natural controls and different security gadgets. An extensive data centre is a mechanical scale task utilizing as much power as a community. The primary advantage of pushing the applications on the cloud-based data centres are low infrastructure maintenance with significant cost reduction for the application owners and the high profitability for the data centre cloud service providers. During the application migration to the cloud data centres, the data and few components of the application become exposed to certain users. Also, the applications, which are hosted on the cloud data centres must comply with the certain standards for being accepted by various application consumers. In order to achieve the standard certifications, the applications and the data must be audited by various auditing companies. Few of the cases, the auditors are hired by the data centre owners and few of times, the auditors are engaged by application consumers. Nonetheless, in both situations, the auditors are third party and the risk of exposing business logics in the applications and the data always persists. Nevertheless, the auditor being a third-party user, the data exposure is a high risk. Also, in a data centre environment, it is highly difficult to ensure isolation of the data from different auditors, who may not be have the right to audit the data. Significant number of researches have attempted to provide a generic solution to this problem. However, the solutions are highly criticized by the research community for making generic assumptions during the permission verification process. Henceforth, this work produces a novel machine learning based algorithm to assign or grant audit access permissions to specific auditors in a random situation without other approvals based on the characteristics of the virtual machine, in which the application and the data is deployed, and the auditing user entity. The results of the proposed algorithm are highly satisfactory and demonstrates nearly 99% accuracy on data characteristics analysis, nearly 98% accuracy on user characteristics analysis and 100% accuracy on secure auditor selection process

Dynamic Public Data Auditing Schemes on Cloud: A Survey

2018 ◽  
Vol 8 (1) ◽  
pp. 76 ◽  
Author(s):  
R.Santha Maria Rani ◽  
Dr.Lata Ragha
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Service Providers ◽  
Hash Table ◽  
Cloud Service ◽  
Third Party ◽  
Cloud Data ◽  
Merkle Hash Tree ◽  
Public Data ◽  
Data Auditing

Cloud computing provides elastic computing and storage resource to users. Because of the characteristic the data is not under user’s control, data security in cloud computing is becoming one of the most concerns in using cloud computing resources. To improve data reliability and availability, Public data auditing schemes is used to verify the outsourced data storage without retrieving the whole data. However, users may not fully trust the cloud service providers (CSPs) because sometimes they might be dishonest. Therefore, to maintain the integrity of cloud data, many auditing schemes have been proposed. In this paper, analysis of various existing auditing schemes with their consequences is discussed.  Keywords: — Third Party Auditor (TPA), Cloud Service Provider (CSP), Merkle-Hash Tree (MHT), Provable data Possession (PDP), Dynamic Hash Table (DHT).

Security in Cloud Computing

2012 ◽  
pp. 208-221
Author(s):  
Alpana M. Desai ◽  
Kenrick Mock
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Security Threats ◽  
Security Risks ◽  
Cloud Service Providers ◽  
International Data ◽  
It Executives ◽  
Privacy Issues

Cloud computing has recently emerged in prominence and is being rapidly adopted by organizations because of its potential and perceived benefits of flexibility and affordability. According to surveys conducted in 2008 and 2009 by International Data Corporation (IDC) of IT executives and CIOs, security was cited as the top concern for the adoption of cloud computing. Enterprises that plan to utilize cloud services for their infrastructure, platform, and/or software needs must understand the security risks and privacy issues related to cloud computing. This chapter discusses the technical, legal, and policy/organizational security risks of cloud computing, and reviews recommendations/strategies for managing and mitigating security threats in cloud computing. It also presents vendor-specific solutions and strategies that cloud service providers are implementing for mitigating security risks in cloud computing.

scholarly journals Threats and Vulnerabilities Affecting the Adoption of Cloud Computing in Iraq

2018 ◽  
pp. 599-606
Author(s):  
Omar Adil Dheyab ◽  
Ahmed Ibrahim Turki ◽  
B. Rahmatullah B. Rahmatullah
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Capital Expenditures ◽  
Security Threats ◽  
Descriptive Research ◽  
Cloud Computing Adoption ◽  
Cloud Service Providers ◽  
Software Updates ◽  
Automatic Software

Cloud computing offers many benefits including enhanced flexibility, disaster recovery, free capital expenditures, automatic software updates, sustainability, and work anytime, anywhere. In addition, many other features and services can be offered to customers. However, cloud computing still suffers many threats which may cause vulnerabilities. Therefore, today many organizations are still hesitant to adopt cloud computing because of fear for privacy of their data and confidentiality. Understanding and addressing security threats are a prerequisite for unleashing the huge potential of cloud computing. In this study, a survey is conducted on some cloud service providers and users to explore security threats and vulnerabilities in cloud computing experienced by many organizations in Iraq. Consequently, many countermeasures are proposed. Descriptive research methodology is adopted in this research. The results of the study showed that privacy, confidentiality, control of data are the main obstacle to cloud computing adoption.

scholarly journals Review on dynamic group data sharing in cloud environment

2018 ◽  
Vol 7 (2) ◽  
pp. 646
Author(s):  
Sathishkumar Easwaramoorthy ◽  
Anilkumar Chunduru ◽  
Usha Moorthy ◽  
Sravankumar B
Keyword(s):  
Cloud Computing ◽  
Data Sharing ◽  
Service Providers ◽  
Cloud Service ◽  
Third Party ◽  
Continuous Change ◽  
Frequent Change ◽  
Dynamic Group ◽  
Group Data ◽  
Cloud Users

Information sharing or exchange of data within entities plays a significant role in cloud storage. In cloud computing, a robust and practical methodology is developed which can be utilized by cloud users for sharing information among multiple group members in the cloud with lowered maintenance and management costs. Furthermore, a service provider in the cloud does not share data with anyone other than the Trusted Third Party (TTP) sources due to the semi-trusted characteristics of the cloud. In this way, there is no global security mechanism for dynamic group data sharing over the cloud. Subsequently, the Cloud Service Providers (CSPs) can convey different services to cloud users through powerful data centres. Hence, data is secured through the validation of users in the cloud. Meanwhile, CSPs should offer outsourced security assurance for data file sharing. Assuring privacy in data sharing is still a critical issue due to continuous change in cloud users, particularly, for unauthenticated or third party users because of the risk of collusion attacks. However, security concerns turn into a major restraint as outsourcing storage data is perhaps a delicate concern for cloud providers. Additionally, sharing information in a multi-proprietary approach while protecting information and individual security to the data from unauthorized or third party users is still a challenging task as there is a frequent change in cloud members. In this regard, previous studies are reviewed and discussed which are related to dynamic group data sharing using cloud computing.

Sign in / Sign up

Export Citation Format

Share Document