METHOD TO ACHIEVE SECURITY AND STORAGE SERVICES IN CLOUD COMPUTING

Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud applications without the burden of local hardware and software management. Though the benefits are clear, such a service is also relinquishing users ‘physical possession of their outsourced data, which inevitably poses new security risks toward the correctness of the data in cloud. In order to address this new problem and further achieve a secure and dependable cloud storage service, we propose in this paper a flexible distributed storage integrity auditing mechanism, utilizing the homomorphism token and distributed erasure-coded data. The proposed design allows users to audit the cloud storage with very lightweight communication and computation cost. The auditing result not only ensures strong cloud storage correctness guarantee, but also simultaneously achieves fast data error localization, i.e., the identification of misbehaving server. Considering the cloud data are dynamic in nature, the proposed design further supports secure and efficient dynamic operations on outsourced data, including block modification, deletion, and append. Analysis shows the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks)

Download Full-text

Cloud Data Storage using Attribute based Encryption with Verifiable Outsourcing Auditor Security Schemes

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1022.0982s1119 ◽

2019 ◽

Vol 8 (2S11) ◽

pp. 133-138

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Service Providers ◽

Government Control ◽

Cloud Data ◽

Attribute Based Encryption ◽

Cloud Storage Service ◽

Confidential Data ◽

Cloud Data Storage ◽

And Storage

Cloud storage services turned out to be continuously elegant. Owing to the implication of security, a few cloud storage secret composing schemes are anticipated to monitor data from those that don't approach. Every single such plan accepted that cloud storage providers region unit safe and can't be hacked; at the same time, in pursue, a few experts may drive cloud storage providers to uncover client insider facts or confidential data on the cloud, hence by and large going around storage mystery composing schemes. Amid this paper, we tend to bless our style for a pristine cloud storage mystery composing subject that permits cloud storage providers to make persuading false client privileged insights to protect client security. Since coercers can't reveal whenever acquired insider facts zone unit genuine or not, the cloud storage providers ensure that client security keeps on being immovably secured. The vast majority of the anticipated schemes expect cloud storage service providers or dependable outsiders taking care of key administration square measure solid and can't be hacked; nonetheless, in pursue, a few substances would conceivably capture interchanges among clients and cloud storage providers at that point urge storage providers to unfasten client privileged insights by misuse government control or diverse proposes that. All through this case, scrambled information square measure thought to be known and storage provider's square measure asked for to unfasten client insider facts

Download Full-text

What If Keys Are Leaked? towards Practical and Secure Re-Encryption in Deduplication-Based Cloud Storage

Information ◽

10.3390/info12040142 ◽

2021 ◽

Vol 12 (4) ◽

pp. 142

Author(s):

Weijing You ◽

Lei Lei ◽

Bo Chen ◽

Limin Liu

Keyword(s):

Experimental Evaluation ◽

Cloud Storage ◽

Security Analysis ◽

Encrypted Data ◽

Cloud Data ◽

Storage Cost ◽

Outsourced Data ◽

Proof Of Ownership ◽

Client Side ◽

Over Time

By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively.

Download Full-text

Hierarchical remote data possession checking method based on massive cloud files

Journal of Algorithms & Computational Technology ◽

10.1177/1748301816682243 ◽

2016 ◽

Vol 11 (2) ◽

pp. 126-134

Author(s):

Ma Haifeng ◽

Gao Zhenguo ◽

Yao Nianmin

Keyword(s):

Cloud Storage ◽

False Negative ◽

False Negative Rate ◽

Data Integrity ◽

Communication Overhead ◽

Local Data ◽

Cloud Data ◽

Cloud Storage Service ◽

Integrity Protection ◽

Remote Data

Cloud storage service enables users to migrate their data and applications to the cloud, which saves the local data maintenance and brings great convenience to the users. But in cloud storage, the storage servers may not be fully trustworthy. How to verify the integrity of cloud data with lower overhead for users has become an increasingly concerned problem. Many remote data integrity protection methods have been proposed, but these methods authenticated cloud files one by one when verifying multiple files. Therefore, the computation and communication overhead are still high. Aiming at this problem, a hierarchical remote data possession checking (hierarchical-remote data possession checking (H-RDPC)) method is proposed, which can provide efficient and secure remote data integrity protection and can support dynamic data operations. This paper gives the algorithm descriptions, security, and false negative rate analysis of H-RDPC. The security analysis and experimental performance evaluation results show that the proposed H-RDPC is efficient and reliable in verifying massive cloud files, and it has 32–81% improvement in performance compared with RDPC.

Download Full-text

DDEAS: Distributed Deduplication System with Efficient Access in Cloud Data Storage

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.b2900.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 1943-1949

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Service Providers ◽

Similar Data ◽

Data Set ◽

Cloud Data ◽

Network Bandwidth ◽

File Access ◽

Cloud Storage Service ◽

Cloud Data Storage

Cloud storage service is one of the vital function of cloud computing that helps cloud users to outsource a massive volume of data without upgrading their devices. However, cloud data storage offered by Cloud Service Providers (CSPs) faces data redundancy problems. The data de-duplication technique aims to eliminate redundant data segments and keeps a single instance of the data set, even if similar data set is owned by any number of users. Since data blocks are distributed among the multiple individual servers, the user needs to download each block of the file before reconstructing the file, which reduces the system efficiency. We propose a server level data recover module in the cloud storage system to improve file access efficiency and reduce network bandwidth utilization time. In the proposed method, erasure coding is used to store blocks in distributed cloud storage and The MD5 (Message Digest 5) is used for data integrity. Executing recover algorithm helps user to directly fetch the file without downloading each block from the cloud servers. The proposed scheme improves the time efficiency of the system and quick access ability to the stored data. Thus consumes less network bandwidth and reduces user processing overhead while data file is downloading.

Download Full-text

Assure deletion supporting dynamic insertion for outsourced data in cloud computing

International Journal of Distributed Sensor Networks ◽

10.1177/1550147720958294 ◽

2020 ◽

Vol 16 (9) ◽

pp. 155014772095829

Author(s):

Changsong Yang ◽

Yueling Liu ◽

Xiaoling Tao

Keyword(s):

Cloud Computing ◽

Cloud Storage ◽

Large Scale ◽

High Efficiency ◽

Rapid Development ◽

Data Set ◽

Outsourced Data ◽

Data Owner ◽

Cloud Storage Service ◽

Cloud Server

With the rapid development of cloud computing, an increasing number of data owners are willing to employ cloud storage service. In cloud storage, the resource-constraint data owners can outsource their large-scale data to the remote cloud server, by which they can greatly reduce local storage overhead and computation cost. Despite plenty of attractive advantages, cloud storage inevitably suffers from some new security challenges due to the separation of outsourced data ownership and its management, such as secure data insertion and deletion. The cloud server may maliciously reserve some data copies and return a wrong deletion result to cheat the data owner. Moreover, it is very difficult for the data owner to securely insert some new data blocks into the outsourced data set. To solve the above two problems, we adopt the primitive of Merkle sum hash tree to design a novel publicly verifiable cloud data deletion scheme, which can also simultaneously achieve provable data storage and dynamic data insertion. Moreover, an interesting property of our proposed scheme is that it can satisfy private and public verifiability without requiring any trusted third party. Furthermore, we formally prove that our proposed scheme not only can achieve the desired security properties, but also can realize the high efficiency and practicality.

Download Full-text

A Symmetric Key Based Deduplicatable Proof of Storage for Encrypted Data in Cloud Storage Environments

Security and Communication Networks ◽

10.1155/2018/2193897 ◽

2018 ◽

Vol 2018 ◽

pp. 1-16 ◽

Cited By ~ 1

Author(s):

Cheolhee Park ◽

Hyunil Kim ◽

Dowon Hong ◽

Changho Seo

Keyword(s):

Cloud Storage ◽

Service Providers ◽

Random Oracle Model ◽

Data Access ◽

Random Oracle ◽

Dictionary Attack ◽

Outsourced Data ◽

Cloud Storage Service ◽

Storage Service ◽

Symmetric Key

Over the recent years, cloud storage services have become increasingly popular, where users can outsource data and access the outsourced data anywhere, anytime. Accordingly, the data in the cloud is growing explosively. Among the outsourced data, most of them are duplicated. Cloud storage service providers can save huge amounts of resources via client-side deduplication. On the other hand, for safe outsourcing, clients who use the cloud storage service desire data integrity and confidentiality of the outsourced data. However, ensuring confidentiality and integrity in the cloud storage environment can be difficult. Recently, in order to achieve integrity with deduplication, the notion of deduplicatable proof of storage has emerged, and various schemes have been proposed. However, previous schemes are still inefficient and insecure. In this paper, we propose a symmetric key based deduplicatable proof of storage scheme, which ensures confidentiality with dictionary attack resilience and supports integrity auditing based on symmetric key cryptography. In our proposal, we introduce a bit-level challenge in a deduplicatable proof of storage protocol to minimize data access. In addition, we prove the security of our proposal in the random oracle model with information theory. Implementation results show that our scheme has the best performance.

Download Full-text

An Attribute-Based Assured Deletion Scheme in Cloud Computing

International Journal of Information Technology and Web Engineering ◽

10.4018/ijitwe.2019040105 ◽

2019 ◽

Vol 14 (2) ◽

pp. 74-91 ◽

Cited By ~ 1

Author(s):

Fangfang Shan ◽

Hui Li ◽

Fenghua Li ◽

Yunchuan Guo ◽

Jinbo Xiong

Keyword(s):

Cloud Computing ◽

Cloud Storage ◽

Service Providers ◽

Rapid Development ◽

Data Encryption ◽

Third Party ◽

Fine Grained ◽

Outsourced Data ◽

Cloud Storage Service ◽

Share Data

With the rapid development of cloud computing, it has been increasingly attractive for individuals and groups to store and share data via cloud storage. Once stored in the third-party cloud storage service providers, the privacy and integrity of outsourced data should be attached with more attention as a challenging task. This article presents the attribute-based assured deletion scheme (AADS) which aims to protect and assuredly delete outsourced data in cloud computing. It encrypts outsourced data files with standard cryptographic techniques to guarantee the privacy and integrity, and assuredly deletes data upon revocations of attributes. AADS could be applied to solve important security problems by supporting fine-grained attribute-based policies and their combinations. According to the comparison and analysis, AADS provides efficient data encryption and flexible attribute-based assured deletion for cloud-stored data with an acceptable concession in performance cost.

Download Full-text

Secure Framework in Data Processing for Mobile Cloud Computing

International Journal of Computer and Communication Technology ◽

10.47893/ijcct.2015.1267 ◽

2015 ◽

pp. 16-19

Author(s):

MR.ANAND SURENDRA SHIMPI ◽

MR.R. P. CHANDER

Keyword(s):

Data Processing ◽

Trust Management ◽

Cloud Storage ◽

Ad Hoc ◽

Driving Safety ◽

Mobile Cloud ◽

Cloud Data ◽

Cloud Storage Service ◽

Health Related ◽

Secure Framework

Generally Mobile Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud applications without the burden of local hardware and software management. Though the benefits are clear, such a service is also relinquishing users ‘physical possession of their outsourced data, which inevitably poses new security risks towards the correctness of the data in cloud. In order to address this new problem and further achieve a secure and dependable cloud storage service, we propose in this paper a new secure framework. In addition to providing traditional computation services, mobile cloud also enhances the operation of traditional ad hoc network by treating mobile devices as service nodes, e.g., sensing services. The mobile services or sensed information, such as location coordinates, health related information, should be processed and stored in a secure fashion to protect user’s privacy in the cloud. In this paper, we present a new mobile cloud data processing framework through trust management and private data isolation. Finally, an implementation pilot for improving teenagers’ driving safety, which is called FocusDrive, is presented to demonstrate the solution.

Download Full-text

«JUDICIAL CLOUD»: LEGAL ISSUES OF DATA STRUCTURING AND PROTECTION

Actual Problems of Russian Law ◽

10.17803/1994-1471.2019.103.6.195-204 ◽

2019 ◽

pp. 195-204

Author(s):

V. A. Laptev ◽

N. I. Solovyanenko

Keyword(s):

Cloud Storage ◽

Digital Data ◽

Digital Information ◽

Digital Form ◽

Cloud Data ◽

Multiple Servers ◽

Processing And Storage ◽

Access To Data ◽

Cloud Technologies ◽

And Storage

Formation technologies and cloud database architecture affect legal approaches to the processing and storage of information in digital form. Providing access to data stored in the «cloud» through the Internet made access to user’s information extraterritorial. Modern digital society uses cloud technologies due to the lack of competitive alternatives for remote and secure data storage.In cloud storage, the owner of digital information is not aware of the specific location of the hard disk with digital data. They are stored on multiple servers distributed across the network. Data is available online anytime, anywhere. In this paper, the authors explore the problem of the formation of cloud data. The «judicial cloud» used in the activities of the Russian courts was chosen as a specific subject. This issue is essential for the digital state and business.The paper discovers the cloud architecture and considers the characteristic of the algorithms of the cloud system. Special attention is given to the description of the principles and methods of information security, including in order to ensure the interests of the state. Some aspects of the possible use of artificial intelligence in the administration of the «judicial cloud» are also considered.

Download Full-text

Certificateless Public Verification for the Outsourced Data Integrity in Cloud Storage

Journal of Circuits System and Computers ◽

10.1142/s0218126618501815 ◽

2018 ◽

Vol 27 (11) ◽

pp. 1850181 ◽

Cited By ~ 4

Author(s):

Longxia Huang ◽

Junlong Zhou ◽

Gongxuan Zhang ◽

Jin Sun ◽

Tian Wang ◽

...

Keyword(s):

Cloud Storage ◽

Public Key Cryptography ◽

Public Key ◽

Security Risks ◽

Certificateless Public Key Cryptography ◽

Outsourced Data ◽

Integrity Checking ◽

Data Owner ◽

Verification Process ◽

Public Verification

By advances in cloud storage systems, users have access to the data saved in the cloud and can manipulate the data without limitation of time and place. As the data owner no longer possesses data physically, he is required to ensure the integrity of the data stored in the cloud with the public key given by public key infrastructure (PKI). Thus the security of PKI and certificates are essential. However, there are numerous security risks in the traditional PKI and it is complex to administer the certificates. Certificateless public key cryptography is used in this paper to solve these problems. We also use elliptic curve group to reduce computation overhead. In this paper, we design a certificateless public verification mechanism to check the integrity of data outsourced in the cloud and we further extend it to support a multiuser group by batch verification. Specifically, a public verifier who replaces the data owner to check the integrity in the proposed scheme does not require to manage any certificates during the verification process. Meanwhile, a verifier is not required to download the entire file for integrity checking. Theoretical analyses verify the security of our scheme and experimental results show its efficiency.

Download Full-text