Achieving Cloud Security Using a Third Party Auditor and Preserving Privacy for Shared Data Over a Public Cloud

Correctness of data and efficient mechanisms for data security, while transferring the file to and from Cloud, are of paramount importance in today's cloud-centric processing. A mechanism for correctness and efficient transfer of data is proposed in this article. While processing users request data, a set of attributes are defined and checked. States with attributes at different levels are defined to prevent unauthorized access. Security is provided while storing the data using a chunk generation algorithm and verification of chunks using lightweight Third-Party Auditor (TPA). TPA uses digital signatures to verify user's data that are generated by RSA with MD5 algorithms. The metadata file of generated chunks is encrypted using a modified AES algorithm. The proposed method prevents unauthorized users from accessing the data in the cloud environment, in addition to maintaining data integrity. Results of the proposed cloud security model implementation are discussed.

Download Full-text

Hybrid Data Security Model for Cloud

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2013070104 ◽

2013 ◽

Vol 3 (3) ◽

pp. 50-59

Author(s):

Sandeep K. Sood

Keyword(s):

Data Storage ◽

User Authentication ◽

Security Analysis ◽

Cost Effective ◽

Cloud Security ◽

Main Concern ◽

Security Model ◽

Public Cloud ◽

Private Cloud ◽

The Public

Security of data is one of the main concern in the implementation of cloud computing. This paper proposes a highly effective and efficient cloud security model. The proposed security model keeps the most critical data on the private cloud and the rest of it on the public cloud. It uses hash codes to check the integrity of the data at the public cloud. The proposed cloud security model provides the provision of defining user roles thereby determining the type of access the user exercises on the data. This model uses dual verification mechanism for user authentication by using username and password on one layer and key authentication on another layer. A cryptographic process is used to make the overall security of the data on the cloud highly robust. A comprehensive security analysis of the model is done against various types of attacks and the results are very promising. This model is compared to various existing cloud security models and the results shows that our technique is faster, much more robust and efficient as compared to other existing models. This model is cost effective because it uses private cloud only for highly sensitive data. Rest of data is stored on the public cloud, where data storage cost is comparatively very less.

Download Full-text

Public key based third party auditing system using random masking and bilinear total signature for privacy in public cloud environment

2017 International Conference on Intelligent Computing and Control Systems (ICICCS) ◽

10.1109/iccons.2017.8250658 ◽

2017 ◽

Author(s):

J. Raja ◽

M. Ramakrishnan

Keyword(s):

Third Party ◽

Public Key ◽

Cloud Environment ◽

Public Cloud ◽

Third Party Auditing

Download Full-text

Challenges and Issues in Cloud Security for WBAN applications - A Systematic Survey

10.46532/978-81-950008-1-4_008 ◽

2020 ◽

pp. 34-47

Author(s):

Gomathy B ◽

Ramesh SM ◽

Shanmugavadivel G

Keyword(s):

Cloud Security ◽

Privacy Preserving ◽

Security And Privacy ◽

Security Model ◽

Cloud Environment ◽

Body Area ◽

Evaluation Strategies ◽

Security Challenges ◽

Privacy Issues ◽

Comprehensive Study

A systematic and comprehensive review of privacy preserving and security challenges in cloud environment is presented in this literature. Since, cloud supports various applications, it requires immediate attention for serious security and privacy issues. Research must focus on efficient security mechanism for cloud-based networks, also it is essential to explore the techniques to maintain the integrity and confidentiality of the data. This paper highlights research challenges and directions concerning the security as a comprehensive study through intensive analysis of various literatures in the last decade, and it is summarized in terms of architecture types, evaluation strategies and security model. We surveyed, investigated and reviewed the articles in every aspect related to security and privacy preserving concepts and identified the following tasks: 1) architecture of wireless body area networks in cloud, 2) security and privacy in cloud based WBAN, 3), Cloud security and privacy issues in cloud 4) diverse authentication and cryptographic approaches, 4) optimization strategies to improve the security performance.

Download Full-text

ECS: An Enhanced Cloud Security Algorithm

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b2314.078219 ◽

2019 ◽

Vol 8 (2) ◽

pp. 6408-6412

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

Third Party ◽

Cloud Environment ◽

Security Issues ◽

Security Algorithm ◽

Cryptographic Techniques ◽

Cloud Users

Cloud computing is a technology where it provides software, platform, infrastructure, security and everything as a service. But this technology faces many security issues because all the data or information are stored in the hands of the third party. The cloud users unable to know where the data are store in the cloud environment and also it is very difficult to analyze the trustworthiness of the cloud service providers. In this technology providing security is a very big challenging task. This challenge was overcome by developing different cloud security algorithms using cryptographic techniques. Recently many researchers identified that if the cryptographic algorithms are combined in a hybrid manner it will increase the security in the cloud environment. Even though, many research works are still carried out to improve security in the cloud computing environment. In this research article, a new step was taken to develop a new cloud security algorithm

Download Full-text

A Tpa-Authentication Scheme for Public Cloud Using Kerberos Protocol

Oriental journal of computer science and technology ◽

10.13005/ojcst/10.02.29 ◽

2017 ◽

Vol 10 (2) ◽

pp. 460-466

Author(s):

Arpit Agrawal ◽

Shubhangi Verma

Keyword(s):

Internet Security ◽

Authentication Scheme ◽

Third Party ◽

Security Model ◽

Public Cloud ◽

Service Architecture ◽

Trust Establishment ◽

Complete Work ◽

New Generation ◽

Generation Technology

Cloud computing is the new generation technology provides the way of sharing of resources, memory, software anything in the form of service using internet. Security is an important and unique phenomenon gives safe and isolated environment. Security model and principles are defined to implement security features with any applications. Confidentiality, authentication and integrity are primary principles for trust establishment. Existing work only concentrates on integrity concept and does not imposes for authentication or access control. A Kerberos based strong authentication scheme has been generated using third party auditing concept to improve the strength of authentication as well as trust on CSP. This work will implement security service architecture to create Kerberos environment and establish communication between Kerberos and CSP. The complete work will be implemented using Java technology and Open Stack serve for public cloud environment.

Download Full-text

CSPM- Cloud Security Posture Management (Comprehensive Security for Cloud Environment)

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit206268 ◽

2020 ◽

pp. 251-257

Author(s):

Jyoti Bolannavar

Keyword(s):

Significant Risk ◽

Cloud Security ◽

Cloud Services ◽

Cloud Environment ◽

Public Cloud ◽

The Public ◽

Security Problem ◽

Cloud Environments ◽

Authorization Policies ◽

Excessive Risk

As enterprises place more services in public cloud and as the public cloud providers introduce more infrastructure and platform services directly into the hands of developers, it is becoming increasingly complex and time-consuming to answer the seemingly straightforward question “Are we using these services securely?” and “Does the configuration of my cloud services represent excessive risk?” For example, manually assessing the secure setup and configuration in cloud environments across different services, each with varying granularities of authorization policies, is extremely difficult, if not impossible. Simple misconfiguration issues (such as open storage buckets) represent significant risk (see “Open File Shares Are Your Biggest Cloud Security Problem”) and occur often, as evidenced by continuing publicized data disclosures from publicly exposed storage buckets.

Download Full-text

A Review on Load Balancing Model Using Best Partition Technique

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v7i8.69 ◽

2017 ◽

Vol 7 (8) ◽

pp. 284

Author(s):

M. Chaitanya ◽

K. Durga Charan

Keyword(s):

Cloud Computing ◽

Fault Tolerance ◽

Load Balancing ◽

Load Balance ◽

Large Impact ◽

Cloud Environment ◽

Public Cloud ◽

The Public ◽

Partition Technique ◽

Textual Content

Load balancing makes cloud computing greater knowledgeable and could increase client pleasure. At reward cloud computing is among the all most systems which offer garage of expertise in very lowers charge and available all the time over the net. However, it has extra vital hassle like security, load administration and fault tolerance. Load balancing inside the cloud computing surroundings has a large impact at the presentation. The set of regulations relates the sport idea to the load balancing manner to amplify the abilties in the public cloud environment. This textual content pronounces an extended load balance mannequin for the majority cloud concentrated on the cloud segregating proposal with a swap mechanism to select specific strategies for great occasions.

Download Full-text

Multi Security Algorithm Based Security Model to Achieve Confidentiality and Apply Authentication in Cloud Environment A Survey

International Journal of Computer Sciences and Engineering ◽

10.26438/ijcse/v7i6.10511054 ◽

2019 ◽

Vol 7 (6) ◽

pp. 1051-1054

Author(s):

Arpit Agrawal ◽

Ankit Singh Yadav

Keyword(s):

Security Model ◽

Cloud Environment ◽

Security Algorithm

Download Full-text

A Practical Conflicting Role-based Cloud Security Risk Evaluation Method

Recent Advances in Computer Science and Communications ◽

10.2174/2666255813666191204145140 ◽

2019 ◽

Vol 13 ◽

Author(s):

Jin Han ◽

Jing Zhan ◽

Xiaoqing Xia ◽

Xue Fan

Keyword(s):

Risk Evaluation ◽

Evaluation Method ◽

Service Providers ◽

Risk Preferences ◽

Cloud Service ◽

Cloud Security ◽

Third Party ◽

Security Evaluation ◽

Security Risk ◽

Cloud Users

Background: Currently, Cloud Service Provider (CSP) or third party usually proposes principles and methods for cloud security risk evaluation, while cloud users have no choice but accept them. However, since cloud users and cloud service providers have conflicts of interests, cloud users may not trust the results of security evaluation performed by the CSP. Also, different cloud users may have different security risk preferences, which makes it difficult for third party to consider all users' needs during evaluation. In addition, current security evaluation indexes for cloud are too impractical to test (e.g., indexes like interoperability, transparency, portability are not easy to be evaluated). Methods: To solve the above problems, this paper proposes a practical cloud security risk evaluation method of decision-making based on conflicting roles by using the Analytic Hierarchy Process (AHP) with Aggregation of Individual priorities (AIP). Results: Not only can our method bring forward a new index system based on risk source for cloud security and corresponding practical testing methods, but also can obtain the evaluation result with the risk preferences of conflicting roles, namely CSP and cloud users, which can lay a foundation for improving mutual trusts between the CSP and cloud users. The experiments show that the method can effectively assess the security risk of cloud platforms and in the case where the number of clouds increased by 100% and 200%, the evaluation time using our methodology increased by only by 12% and 30%. Conclusion: Our method can achieve consistent decision based on conflicting roles, high scalability and practicability for cloud security risk evaluation.

Download Full-text