Secure Cloud Storage using Secret Key Sharing and Proxy Re-Encryption Based Third Party Auditing Service

Cloud is considered as future of Information Technology. User can utilized the cloud on pay-as-you use basis. But many organizations are stringent about the adoption of cloud computing due to their concern regarding the security of the stored data. Therefore, issues related to security of data in the cloud have become very vital. Data security involves encrypting the data and ensuring that suitable policies are imposed for sharing those data. There are several data security issues which need to be addressed. These issues are: data integrity, data intrusion, service availability, confidentiality and non-repudiation. Many schemes have been proposed for ensuring data security in cloud environment. But the existing schemes lag in fulfilling all these data security issues. In this chapter, a new Third Party Auditor based scheme has been proposed for secured storage and retrieval of client's data to and from the cloud service provider. The scheme has been analysed and compared with some of the existing schemes with respect to the security issues. From the analysis and comparison it can be observed that the proposed scheme performs better than the existing schemes.

Download Full-text

Data Security Issues and Solutions in Cloud Computing

Handbook of Research on Security Considerations in Cloud Computing - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-8387-7.ch010 ◽

2015 ◽

pp. 212-231

Author(s):

Abhishek Majumder ◽

Sudipta Roy ◽

Satarupa Biswas

Keyword(s):

Information Technology ◽

Cloud Computing ◽

Data Security ◽

Cloud Service ◽

Third Party ◽

Service Availability ◽

Cloud Environment ◽

Cloud Service Provider ◽

Storage And Retrieval ◽

Security Issues

Cloud is considered as future of Information Technology. User can utilized the cloud on pay-as-you use basis. But many organizations are stringent about the adoption of cloud computing due to their concern regarding the security of the stored data. Therefore, issues related to security of data in the cloud have become very vital. Data security involves encrypting the data and ensuring that suitable policies are imposed for sharing those data. There are several data security issues which need to be addressed. These issues are: data integrity, data intrusion, service availability, confidentiality and non-repudiation. Many schemes have been proposed for ensuring data security in cloud environment. But the existing schemes lag in fulfilling all these data security issues. In this chapter, a new Third Party Auditor based scheme has been proposed for secured storage and retrieval of client's data to and from the cloud service provider. The scheme has been analysed and compared with some of the existing schemes with respect to the security issues. From the analysis and comparison it can be observed that the proposed scheme performs better than the existing schemes.

Download Full-text

A Comprehensive Survey on Trust Issue and Its Deployed Models in Computing Environment

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch005 ◽

2019 ◽

pp. 127-139

Author(s):

Shivani Jaswal ◽

Gurpreet Singh

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Data Transfer ◽

Cloud Service ◽

Third Party ◽

Cloud Environment ◽

Cloud Service Provider ◽

Security Issues ◽

Comprehensive Survey ◽

Trust Models

Cloud computing is growing with a giant pace in today's world. The speed with which it is growing, the same speed is taken over by the insecure data transfer over the cloud. There are many security issues that are underlying in cloud computing. This chapter presents how a trust is built between any user and a cloud service provider. Various techniques have been adopted to calculate the value of trust and further how it can be strength. This chapter has also explained various trust models based on the necessities of a user. This chapter has also thrown some light over the concept of TTP, i.e., Trusted Third Party which further helps in maintaining trust over the cloud environment.

Download Full-text

A Comprehensive Survey on Trust Issue and Its Deployed Models in Computing Environment

Critical Research on Scalability and Security Issues in Virtual Cloud Environments - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-3029-9.ch007 ◽

2018 ◽

pp. 150-166

Author(s):

Shivani Jaswal ◽

Gurpreet Singh

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Data Transfer ◽

Cloud Service ◽

Third Party ◽

Cloud Environment ◽

Cloud Service Provider ◽

Security Issues ◽

Comprehensive Survey ◽

Trust Models

Cloud computing is growing with a giant pace in today's world. The speed with which it is growing, the same speed is taken over by the insecure data transfer over the cloud. There are many security issues that are underlying in cloud computing. This chapter presents how a trust is built between any user and a cloud service provider. Various techniques have been adopted to calculate the value of trust and further how it can be strength. This chapter has also explained various trust models based on the necessities of a user. This chapter has also thrown some light over the concept of TTP, i.e., Trusted Third Party which further helps in maintaining trust over the cloud environment.

Download Full-text

Security Aspects in Cloud Computing

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch004 ◽

2018 ◽

pp. 54-76

Author(s):

Tabassum N. Mujawar ◽

Ashok V. Sutagundar ◽

Lata L. Ragha

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Third Party ◽

Storage Security ◽

Security Issues ◽

Access Control Mechanism ◽

And Storage ◽

Privacy Issues ◽

Different Levels

Cloud computing is recently emerging technology, which provides a way to access computing resources over Internet on demand and pay per use basis. Cloud computing is a paradigm that enable access to shared pool of resources efficiently, which are managed by third party cloud service providers. Despite of various advantages of cloud computing security is the biggest threat. This chapter describes various security concerns in cloud computing. The clouds are subject to traditional data confidentiality, integrity, availability and various privacy issues. This chapter comprises various security issues at different levels in environment that includes infrastructure level security, data level and storage security. It also deals with the concept of Identity and Access Control mechanism.

Download Full-text

A systematic review of security threats and countermeasures in SaaS

Journal of Computer Security ◽

10.3233/jcs-200002 ◽

2020 ◽

Vol 28 (6) ◽

pp. 635-653

Author(s):

Miguel Ángel Díaz de León Guillén ◽

Víctor Morales-Rocha ◽

Luis Felipe Fernández Martínez

Keyword(s):

Systematic Review ◽

Cloud Service ◽

Security Threats ◽

Negative Consequences ◽

Shared Resources ◽

Sensitive Data ◽

Cloud Service Provider ◽

Software Designers ◽

Attractive Option

Among the service models provided by the cloud, the software as a service (SaaS) model has had the greatest growth. This service model is an attractive option for organizations, as they can transfer part or all of their IT functions to a cloud service provider. However, there is still some uncertainty about deciding to carry out a migration of all data to the cloud, mainly due to security concerns. The SaaS model not only inherits the security problems of a traditional application, but there are unique attacks and vulnerabilities for a SaaS architecture. Additionally, some of the attacks in this environment are more devastating due to nature of shared resources in the SaaS model. Some of these attacks and vulnerabilities are not yet well known to software designers and developers. This lack of knowledge has negative consequences as it can expose sensitive data of users and organizations. This paper presents a rigorous systematic review using the SALSA framework to know the threats, attacks and countermeasures to mitigate the security problems that occur in a SaaS environment. As part of the results of this review, a classification of threats, attacks and countermeasures in the SaaS environment is presented.

Download Full-text

A TPA Based Efficient Non-Repudiation Scheme for Cloud Storage

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.765-767.1630 ◽

2013 ◽

Vol 765-767 ◽

pp. 1630-1635

Author(s):

Wen Qi Ma ◽

Qing Bo Wu ◽

Yu Song Tan

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Cloud Service ◽

Cloud Security ◽

Third Party ◽

Cloud Service Provider ◽

Critical Data ◽

Security Environment ◽

Financial Contract ◽

Update Process

One of differences between cloud storage and previous storage is that there is a financial contract between user and the cloud service provider (CSP). User pay for service in exchange for certain guarantees and the cloud is a liable entity. But some mechanisms need to ensure the liability of CSP. Some work use non-repudiation to realize it. Compared with these non-repudiation schemes, we use third party auditor not client to manage proofs and some metadata, which are security critical data in cloud security. It can provide a more security environment for these data. Against the big overhead in update process of current non-repudiation scheme, we propose three schemes to improve it.

Download Full-text

A REVIEW ON A SECURITY MECHANISM IN CLOUD ENVIRONMENT

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v16i3.6130 ◽

2017 ◽

Vol 16 (3) ◽

pp. 6219-6224

Author(s):

Jaspreet Kaur ◽

Navdeep Kaler

Keyword(s):

Cloud Computing ◽

Data Security ◽

Information Exchange ◽

Cloud Service ◽

Cloud Environment ◽

Security Issue ◽

Cloud Service Provider ◽

Security Issues ◽

Definition Of ◽

New Infrastructure

Cloud computing is a way to increase the capacity or add capabilities dynamically without investing in new infrastructure, training new personnel, or licensing new software. As information exchange plays an important role in todayâ€™s life, information security becomes more important. This paper is focused on the security issues of cloud computing and techniques to overcome the data security issue. Before analyzing the security issues, the definition of cloud computing and brief discussion to under cloud computing is presented. The various components that affect the security of the cloud and the problems faced by cloud service provider have been discussed in this paper.

Download Full-text

Improved Outsourced Provable Data Possession for Secure Cloud Storage

Security and Communication Networks ◽

10.1155/2021/1805615 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Haibin Yang ◽

Zhengge Yi ◽

Ruifeng Li ◽

Zheng Tu ◽

Xu An Wang ◽

...

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Cloud Service ◽

Significant Problem ◽

Data Outsourcing ◽

Cloud Service Provider ◽

Provable Data Possession ◽

Cloud Server ◽

Secure Cloud Storage ◽

Correct Data

With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. In 2019, Guo et al. proposed an outsourced dynamic provable data possession scheme with batch update for secure cloud storage. Although their scheme is very novel, we find that their proposal is not secure in this paper. The malicious cloud server has ability to forge the authentication labels, and thus it can forge or delete the user’s data but still provide a correct data possession proof. Based on the original protocol, we proposed an improved one for the auditing scheme, and our new protocol is effective yet resistant to attacks.

Download Full-text

Privacy Preserving Third Party Auditing for Secure Cloud Storage

International Journal of Computer Applications ◽

10.5120/ijca2018917877 ◽

2018 ◽

Vol 181 (18) ◽

pp. 49-53

Author(s):

Swati B. ◽

B. M.

Keyword(s):

Cloud Storage ◽

Privacy Preserving ◽

Third Party ◽

Secure Cloud Storage ◽

Third Party Auditing

Download Full-text