A Study on Cloud Storage Security Method Using Data Classification

2021 ◽  
Vol 23 (09) ◽  
pp. 1105-1121
Author(s):  
Dr. Ashish Kumar Tamrakar ◽  
◽  
Dr. Abhishek Verma ◽  
Dr. Vishnu Kumar Mishra ◽  
Dr. Megha Mishra ◽  
...  

Cloud computing is a new model for providing diverse services of software and hardware. This paradigm refers to a model for enabling on-demand network access to a shared pool of configurable computing resources, that can be rapidly provisioned and released with minimal service provider interaction .It helps the organizations and individuals deploy IT resources at a reduced total cost. However, the new approaches introduced by the clouds, related to computation outsourcing, distributed resources and multi-tenancy concept, increase the security and privacy concerns and challenges. It allows users to store their data remotely and then access to them at any time from any place .Cloud storage services are used to store data in ways that are considered cost saving and easy to use. In cloud storage, data are stored on remote servers that are not physically known by the consumer. Thus, users fear from uploading their private and confidential files to cloud storage due to security concerns. The usual solution to secure data is data encryption, which makes cloud users more satisfied when using cloud storage to store their data. Motivated by the above facts; we have proposed a solution to undertake the problem of cloud storage security. In cloud storage, there are public data that do not need any security measures, and there are sensitive data that need applying security mechanisms to keep them safe. In that context, data classification appears as the solution to this problem. The classification of data into classes, with different security requirements for each class is the best way to avoid under security and over security situation. The existing cloud storage systems use the same Journal of University of Shanghai for Science and Technology ISSN: 1007-6735 Volume 23, Issue 9, September – 2021 Page-1105 key size to encrypt all data without taking into consideration its confidentiality level. Treating the low and high confidential data with the same way and at the same security level will add unnecessary overhead and increase the processing time. In our proposal, we have combined the K-NN (K Nearest Neighbors) machine learning method and the goal programming decision-making method, to provide an efficient method for data classification. This method allows data classification according to the data owner security needs. Then, we introduce the user data to the suitable security mechanisms for each class. The use of our solution in cloud storage systems makes the data security process more flexible, besides; it increases the cloud storage system performance and decreases the needed resources, which are used to store the data.

2016 ◽  
Vol 3 (2) ◽  
pp. 61-78 ◽  
Author(s):  
Munwar Ali Zardari ◽  
Low Tang Jung

Cloud computing is a new paradigm model that offers different services to its customers. The increasing number of users for cloud services i.e. software, platform or infrastructure is one of the major reasons for security threats for customers' data. Some major security issues are highlighted in data storage service in the literature. Data of thousands of users are stored on a single centralized place where the possibility of data threat is high. There are many techniques discussed in the literature to keep data secure in the cloud, such as data encryption, private cloud and multiple clouds concepts. Data encryption is used to encrypt the data or change the format of the data into the unreadable format that unauthorized users could not understand even if they succeed to get access of the data. Data encryption is very expensive technique, it takes time to encrypt and decrypt the data. Deciding the security approach for data security without understanding the security needs of the data is a technically not a valid approach. It is a basic requirement that one should understand the security level of data before applying data encryption security approach. To discover the data security level of the data, the authors used machine learning approach in the cloud. In this paper, a data classification approach is proposed for the cloud and is implemented in a virtual machine named as Master Virtual Machine (Vmm). Other Vms are the slave virtual machines which will receive from Vmm the classified information for further processing in cloud. In this study the authors used three (3) virtual machines, one master Vmm and two slaves Vms. The master Vmm is responsible for finding the classes of the data based on its confidentiality level. The data is classified into two classes, confidential (sensitive) and non-confidential (non-sensitive/public) data using K-NN algorithm. After classification phase, the security phase (encryption phase) shall encrypt only the confidential (sensitive) data. The confidentiality based data classification is using K-NN in cloud virtual environment as the method to encrypt efficiently the only confidential data. The proposed approach is efficient and memory space friendly and these are the major findings of this work.


2013 ◽  
Vol 834-836 ◽  
pp. 1795-1798
Author(s):  
Jun Qin ◽  
Ya Ping Zhang ◽  
Ping Zong

In cloud computing applications, the data security is a primary concern of user. In this paper, for the problem that data of the HDFS cannot be destroyed completely in open source cloud storage system, which may lead to data leakage, it designs a destruction mechanism of HDFS with multiple security level. This mechanism make data effectively destroyed by the method of data overwrite which makes a balance between security requirements and performance requirements. The Simulation experiments show that the mechanism can override a Block file in HDFS environment effectively to achieve the purpose of data destroying. At the same the overhead of different overwrite algorithm is different also which can ensure the security and efficiency is balanced.


2016 ◽  
Vol 11 (3) ◽  
pp. 201-206
Author(s):  
Rodrigo Roman ◽  
◽  
Miguel Rodel Felipe ◽  
Phua Eu Gene ◽  
Jianying Zhou ◽  
...  

Author(s):  
Ming Yang ◽  
Monica Trifas ◽  
Guillermo Francia ◽  
Lei Chen ◽  
Yongliang Hu

Information security has traditionally been ensured with data encryption techniques. Different generic data encryption standards, such as DES, RSA, AES, have been developed. These encryption standards provide high level of security to the encrypted data. However, they are not very efficient in the encryption of multimedia contents due to the large volume of digital image/video data. In order to address this issue, different image/video encryption methodologies have been developed. These methodologies encrypt only the key parameters of image/video data instead of encrypting it as a bitstream. Joint compression-encryption is a very promising direction for image/video encryption. Nowadays, researchers start to utilize information hiding techniques to enhance the security level of data encryption methodologies. Information hiding conceals not only the content of the secret message, but also its very existence. In terms of the amount of data to be embedded, information hiding methodologies can be classified into low bitrate and high bitrate algorithms. In terms of the domain for embedding, they can be classified into spatial domain and transform domain algorithms. In this chapter, the authors have reviewed various data encryption standards, image/video encryption algorithms, and joint compression-encryption methodologies. Besides, the authors have also presented different categories of information hiding methodologies as well as data embedding strategies for digital image/video contents.


2018 ◽  
pp. 65-83
Author(s):  
Mingzhong Wang ◽  
Don Kerr

With the features of mobility, reality augmentation, and context sensitivity, wearable devices are widely deployed into various domains. However, the sensitivity of collected data makes security and privacy protection one of the first priority in the advancement of wearable technologies. This chapter provides a study on encryption-based confidentiality protection for data storage systems in wearable platforms. The chapter first conducts a review to storage solutions in consumer wearable products and explores a two-tier, local flash memory and remote cloud storage, storage system in wearable platforms. Then encryption-based confidentiality protection and implementation methods for both flash memory and remote cloud storage are summarized. According to the interaction and integration of these two components, a categorization of confidential storage systems in wearable platforms is proposed. In addition, the benefits and selection criteria for each category are also discussed.


Author(s):  
Mingzhong Wang ◽  
Don Kerr

With the features of mobility, reality augmentation, and context sensitivity, wearable devices are widely deployed into various domains. However, the sensitivity of collected data makes security and privacy protection one of the first priority in the advancement of wearable technologies. This chapter provides a study on encryption-based confidentiality protection for data storage systems in wearable platforms. The chapter first conducts a review to storage solutions in consumer wearable products and explores a two-tier, local flash memory and remote cloud storage, storage system in wearable platforms. Then encryption-based confidentiality protection and implementation methods for both flash memory and remote cloud storage are summarized. According to the interaction and integration of these two components, a categorization of confidential storage systems in wearable platforms is proposed. In addition, the benefits and selection criteria for each category are also discussed.


Author(s):  
Jinan Shen ◽  
Xuejian Deng ◽  
Zhenwu Xu

AbstractBased on the characteristics and data security requirements of the cloud environment, we present a scheme for a multi-security-level cloud storage system that is combined with AES symmetric encryption and an improved identity-based proxy re-encryption (PRE) algorithm. Our optimization includes support for fine-grained control and performance optimization. Through a combination of attribute-based encryption methods, we add a fine-grained control factor to our algorithm in which each authorization operation is only valid for a single factor. By reducing the number of bilinear mappings, which are the most time-consuming processes, we achieve our aim of optimizing performance. Last but not least, we implement secure data sharing among heterogeneous cloud systems. As shown in experiment, our proposed multi-security-level cloud storage system implements services such as the direct storage of data, transparent AES encryption, PRE protection that supports fine-grained and ciphertext heterogeneous transformation, and other functions such as authentication and data management. In terms of performance, we achieve time-cost reductions of 29.8% for the entire process, 48.3% for delegation and 47.2% for decryption.


2011 ◽  
Vol 55-57 ◽  
pp. 504-507
Author(s):  
Jian Hua Zhang ◽  
Nan Zhang ◽  
Chun Chang Fu

The storage security technology in cloud storage applications was analyzed, and in order to satisfied the demand for privacy protection, the key technology of data encryption and authentication are described and the methods of privacy protection in data mining under the cloud were discussed. At the same time, a hierarchical mechanism of authentication was proposed. These methods and mechanisms could solve the problem of privacy protection in a certain degree, and ensure the security of cloud storage.


Cyber Crime ◽  
2013 ◽  
pp. 979-997
Author(s):  
Ming Yang ◽  
Monica Trifas ◽  
Guillermo Francia ◽  
Lei Chen

Information security and privacy have traditionally been ensured with data encryption techniques. Generic data encryption standards, such as DES, RSA, AES, are not very efficient in the encryption of multimedia contents due to the large volume. In order to address this issue, different image/video encryption methodologies have been developed. These methodologies encrypt only the key parameters of image/video data instead of encrypting it as a bitstream. Joint compression-encryption is a very promising direction for image/video encryption. Nowadays, researchers start to utilize information hiding techniques to enhance the security level of data encryption methodologies. Information hiding conceals not only the content of the secret message, but also its very existence. In terms of the amount of data to be embedded, information hiding methodologies can be classified into low bitrate and high bitrate algorithms. In terms of the domain for embedding, they can be classified into spatial domain and transform domain algorithms. Different categories of information hiding methodologies, as well as data embedding and watermarking strategies for digital video contents, will be reviewed. A joint cryptograph-steganography methodology, which combines both encryption and information hiding techniques to ensure patient information security and privacy in medical images, is also presented.


2015 ◽  
Vol 2015 ◽  
pp. 1-8 ◽  
Author(s):  
Tonghao Yang ◽  
Junquan Li ◽  
Bin Yu

The secure destruction of expired data is one of the important contents in the research of cloud storage security. Applying the attribute-based encryption (ABE) and the distributed hash table (DHT) technology to the process of data destruction, we propose a secure ciphertext self-destruction scheme with attribute-based encryption called SCSD. In SCSD scheme, the sensitive data is first encrypted under an access key and then the ciphertext shares are stored in the DHT network along with the attribute shares. Meanwhile, the rest of the sensitive data ciphertext and the shares of access key ciphertext constitute the encapsulated self-destruction object (EDO), which is stored in the cloud. When the sensitive data is expired, the nodes in DHT networks can automatically discard the ciphertext shares and the attribute shares, which can make the ciphertext and the access key unrecoverable. Thus, we realize secure ciphertext self-destruction. Compared with the current schemes, our SCSD scheme not only can support efficient data encryption and fine-grained access control in lifetime and secure self-destruction after expiry, but also can resist the traditional cryptanalysis attack as well as the Sybil attack in the DHT network.


Sign in / Sign up

Export Citation Format

Share Document