Privacy Preserving Data Access to Cloud

The current systems stress on protection of data stored in the cloud servers without giving much thought and consideration to the protection of data during user access. Encryption of data is a technique that is popularly used to protect stored data. Encryption essentially scrambles the data and stores it in a form which makes no sense unless decrypted with the suitable key. Every cloud service provider ensures data is stored in an encrypted form in its servers. Encryption of data is not sufficient to protect user data as acquiring the appropriate key can result in decrypting of the data. Encrypting the data before uploading the data to the cloud can help to an extent to preserve data. To access the data it would need to be encrypted twice- once by the cloud service provider and then by the user. Cloud service provider is prevented from accessing user data and also other third-party individuals. However, this approach too is not efficient and sufficient to protect user data. ORAM algorithm is used to enable access to user data stored on distributed file systems that comprises of multiple servers stored either at a single location or multiple locations across the globe in a manner which ensures the user privacy is protected when accessing the data. Reshuffle of data blocks stored in third party servers ensures the access pattern of the user remains hidden. ORAM algorithm does not cause any hindrance to the data access and does not lead to any major drop in data access rate. To ensure security, we propose a load balancing technique to guarantee smooth and safe approach for data access.

Download Full-text

A TPA Based Efficient Non-Repudiation Scheme for Cloud Storage

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.765-767.1630 ◽

2013 ◽

Vol 765-767 ◽

pp. 1630-1635

Author(s):

Wen Qi Ma ◽

Qing Bo Wu ◽

Yu Song Tan

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Cloud Service ◽

Cloud Security ◽

Third Party ◽

Cloud Service Provider ◽

Critical Data ◽

Security Environment ◽

Financial Contract ◽

Update Process

One of differences between cloud storage and previous storage is that there is a financial contract between user and the cloud service provider (CSP). User pay for service in exchange for certain guarantees and the cloud is a liable entity. But some mechanisms need to ensure the liability of CSP. Some work use non-repudiation to realize it. Compared with these non-repudiation schemes, we use third party auditor not client to manage proofs and some metadata, which are security critical data in cloud security. It can provide a more security environment for these data. Against the big overhead in update process of current non-repudiation scheme, we propose three schemes to improve it.

Download Full-text

Measuring security for cloud service provider: A Third Party approach

2013 International Conference on Electrical Information and Communication Technology (EICT) ◽

10.1109/eict.2014.6777855 ◽

2014 ◽

Cited By ~ 8

Author(s):

Md Whaiduzzaman ◽

Abdullah Gani

Keyword(s):

Service Provider ◽

Cloud Service ◽

Third Party ◽

Cloud Service Provider

Download Full-text

Authenticated Location-Aware Publish/Subscribe Services in Untrusted Outsourced Environments

Security and Communication Networks ◽

10.1155/2017/4215425 ◽

2017 ◽

Vol 2017 ◽

pp. 1-15

Author(s):

Han Yan ◽

Xiang Cheng ◽

Sen Su ◽

Siyao Zhang

Keyword(s):

Real World ◽

Service Provider ◽

Low Cost ◽

Cloud Service ◽

Third Party ◽

Location Based Service ◽

Cloud Service Provider ◽

For Profit ◽

Location Aware ◽

Effectiveness And Efficiency

Location-aware publish/subscribe is an important location-based service based on server-initiated model. Often times, the owner of massive spatio-textual messages and subscriptions outsources its location-aware publish/subscribe services to a third-party service provider, for example, cloud service provider, who is responsible for delivering messages to their relevant subscribers. The issue arising here is that the messages delivered by the service provider might be tailored for profit purposes, intentionally or not. Therefore, it is essential to develop mechanisms which allow subscribers to verify the correctness of the messages delivered by the service provider. In this paper, we study the problem of authenticating messages in outsourced location-aware publish/subscribe services. We propose an authenticated framework which not only can deliver the messages efficiently but also can make the subscribers’ authentication available with low cost. Extensive experiments on a real-world dataset demonstrate the effectiveness and efficiency of our proposed authenticated framework.

Download Full-text

Why aren't we eating our own dog food?

Journal of Information Technology Teaching Cases ◽

10.1057/s41266-017-0022-6 ◽

2018 ◽

Vol 8 (1) ◽

pp. 45-52

Author(s):

Sanjiv Chourasia ◽

Linying Dong

Keyword(s):

Service Provider ◽

It Governance ◽

Cloud Service ◽

Cloud Services ◽

Third Party ◽

Cloud Service Provider ◽

It Alignment ◽

Dog Food ◽

Business Units ◽

Telecommunications Companies

CanTel was one of the fastest growing Canadian telecommunications companies that provided telephone, cable, Internet, and cloud services. In 2015, the company employed over 40,000 employees and boasted of achieving over Cdn$10 billion of annual revenue and serving over 10 million customers. As a cloud service provider, the company faced a dilemma of not being able to fulfill the IT needs of its internal business units. As a result, one of the business units, Digital Channel, resorted to a third-party cloud service, and this set an example for other business units to follow suit. Jeff Smith, the CEO of the company CanTel, and the CIO Jane Lockhart had to find a solution to the issue that had significant implications to its business-IT alignment and IT governance.

Download Full-text

A Comprehensive Survey on Trust Issue and Its Deployed Models in Computing Environment

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch005 ◽

2019 ◽

pp. 127-139

Author(s):

Shivani Jaswal ◽

Gurpreet Singh

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Data Transfer ◽

Cloud Service ◽

Third Party ◽

Cloud Environment ◽

Cloud Service Provider ◽

Security Issues ◽

Comprehensive Survey ◽

Trust Models

Cloud computing is growing with a giant pace in today's world. The speed with which it is growing, the same speed is taken over by the insecure data transfer over the cloud. There are many security issues that are underlying in cloud computing. This chapter presents how a trust is built between any user and a cloud service provider. Various techniques have been adopted to calculate the value of trust and further how it can be strength. This chapter has also explained various trust models based on the necessities of a user. This chapter has also thrown some light over the concept of TTP, i.e., Trusted Third Party which further helps in maintaining trust over the cloud environment.

Download Full-text

A Comprehensive Survey on Trust Issue and Its Deployed Models in Computing Environment

Critical Research on Scalability and Security Issues in Virtual Cloud Environments - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-3029-9.ch007 ◽

2018 ◽

pp. 150-166

Author(s):

Shivani Jaswal ◽

Gurpreet Singh

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Data Transfer ◽

Cloud Service ◽

Third Party ◽

Cloud Environment ◽

Cloud Service Provider ◽

Security Issues ◽

Comprehensive Survey ◽

Trust Models

Download Full-text

Augmenting the Operations on Cloud Virtual Forensic Data by employing Probabilistic Data Structures

International Journal of Sensors Wireless Communications and Control ◽

10.2174/2210327909666190710120838 ◽

2019 ◽

Vol 09 ◽

Cited By ~ 1

Author(s):

Gayatri Pandi ◽

Saurabh Shah ◽

K.H Wandra

Keyword(s):

Service Provider ◽

Service Providers ◽

Criminal Activity ◽

Cloud Service ◽

Third Party ◽

Cloud Service Provider ◽

Electronic Evidence ◽

Cloud Service Providers ◽

Cuckoo Filter ◽

Verification Process

Gathering and scrutinizing the different types of logs are the vital steps in the forensic domain. Logs are commonly gathered by the cloud service providers or by some third party layers governed by the cloud service providers. Security of the logs is a crucial issue as the logs can be tampered accidentally or intentionally by an employee in the cloud service provider’s organization or by the forensic investigator, thus maligning the evidence in case a cyber-crime, is committed through the cloud service provider’s infrastructure. The malicious attacker can also conspire with the cloud service provider or the forensic investigator to erase or malign the logs that are generated for one’s own criminal activity. To address such issues, a method is recommended which verifies the tampering of the virtual instance logs, Verification process confirms that the confidentiality and integrity of the logs remains intact. The log integrity is proved by log chains which are created in the implemented system and by the potential electronic evidence of past logs which are posted by the cloud service provider. The proposed system aids in performing the reasonable verifications that the cloud service provider or the forensic investigator is not tampering the logs. The novelty of the research conducted in this paper is a technique which applies the cuckoo filter, to the forensic logs which is supportive in proving the integrity of the evidences at a faster pace in comparison to the other filters.

Download Full-text

PABIRS: A data access middleware for distributed file systems

2015 IEEE 31st International Conference on Data Engineering ◽

10.1109/icde.2015.7113277 ◽

2015 ◽

Cited By ~ 1

Author(s):

Sai Wu ◽

Gang Chen ◽

Xianke Zhou ◽

Zhenjie Zhang ◽

Anthony K. H. Tung ◽

...

Keyword(s):

File Systems ◽

Data Access ◽

Distributed File Systems

Download Full-text

An enhanced security tree to secure cloud data

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.1.8925 ◽

2017 ◽

Vol 7 (1.1) ◽

pp. 64 ◽

Cited By ~ 1

Author(s):

S. Renu ◽

S.H. Krishna Veni

Keyword(s):

Data Storage ◽

Binary Tree ◽

Data Encryption ◽

Third Party ◽

Data Outsourcing ◽

Cloud Data ◽

Security Issues ◽

Security Services ◽

Computing Services ◽

User Data

The Cloud computing services and security issues are growing exponentially with time. All the CSPs provide utmost security but the issues still exist. Number of technologies and methods are emerged and futile day by day. In order to overcome this situation, we have also proposed a data storage security system using a binary tree approach. Entire services of the binary tree are provided by a Trusted Third Party (TTP) .TTP is a government or reputed organization which facilitates to protect user data from unauthorized access and disclosure. The security services are designed and implemented by the TTP and are executed at the user side. Data classification, Data Encryption and Data Storage are the three vital stages of the security services. An automated file classifier classify unorganized files into four different categories such as Sensitive, Private, Protected and Public. Applied cryptographic techniques are used for data encryption. File splitting and multiple cloud storage techniques are used for data outsourcing which reduces security risks considerably. This technique offers file protection even when the CSPs compromise.

Download Full-text

Cloud Service Provider Catastrophe Risks

Risk Thinking for Cloud-Based Application Services ◽

10.1201/9781315268835-26 ◽

2017 ◽

pp. 339-342

Keyword(s):

Service Provider ◽

Cloud Service ◽

Cloud Service Provider

Download Full-text