• 제목/요약/키워드: Cloud Storage Security

Search Result 167, Processing Time 0.028 seconds

An Overview of Data Security Algorithms in Cloud Computing

  • D. I. George Amalarethinam;S. Edel Josephine Rajakumari
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.5
    • /
    • pp.65-72
    • /
    • 2023
  • Cloud Computing is one of the current research areas in computer science. Recently, Cloud is the buzz word used everywhere in IT industries; It introduced the notion of 'pay as you use' and revolutionized developments in IT. The rapid growth of modernized cloud computing leads to 24×7 accessing of e-resources from anywhere at any time. It offers storage as a service where users' data can be stored on a cloud which is managed by a third party who is called Cloud Service Provider (CSP). Since users' data are managed by a third party, it must be encrypted ensuring confidentiality and privacy of the data. There are different types of cryptographic algorithms used for cloud security; in this article, the algorithms and their security measures are discussed.

A Security-Enhanced Identity-Based Batch Provable Data Possession Scheme for Big Data Storage

  • Zhao, Jining;Xu, Chunxiang;Chen, Kefei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.9
    • /
    • pp.4576-4598
    • /
    • 2018
  • In big data age, flexible and affordable cloud storage service greatly enhances productivity for enterprises and individuals, but spontaneously has their outsourced data susceptible to integrity breaches. Provable Data Possession (PDP) as a critical technology, could enable data owners to efficiently verify cloud data integrity, without downloading entire copy. To address challenging integrity problem on multiple clouds for multiple owners, an identity-based batch PDP scheme was presented in ProvSec 2016, which attempted to eliminate public key certificate management issue and reduce computation overheads in a secure and batch method. In this paper, we firstly demonstrate this scheme is insecure so that any clouds who have outsourced data deleted or modified, could efficiently pass integrity verification, simply by utilizing two arbitrary block-tag pairs of one data owner. Specifically, malicious clouds are able to fabricate integrity proofs by 1) universally forging valid tags and 2) recovering data owners' private keys. Secondly, to enhance the security, we propose an improved scheme to withstand these attacks, and prove its security with CDH assumption under random oracle model. Finally, based on simulations and overheads analysis, our batch scheme demonstrates better efficiency compared to an identity based multi-cloud PDP with single owner effort.

Cloud Computing in the Vulnerability Analysis for Personal Information Security (Cloud Computing의 개인 정보 보안을 위한 취약점 분석)

  • Sun, Jae-Hoon;Kim, Kui-Nam J.
    • Convergence Security Journal
    • /
    • v.10 no.4
    • /
    • pp.77-82
    • /
    • 2010
  • Cloud computing is defined as numerous concepts by research institutions and scholars. However, due to the present business trend in the IT sector, emphasizing on cost and efficiency, cloud computing has been defined as a form of computing which can provide extendable mass storage components in the virtual environment. As a result, security issues have been arising due to the variety of cloud computing services provided by the industries. This paper aims to analyze the weaknesses such as security techniques and inquiries, and personal information protection required for various cloud computing services.

The Automatic Collection and Analysis System of Cloud Artifact (클라우드 아티팩트 자동 수집 및 분석 시스템)

  • Kim, Mingyu;Jeong, Doowon;Lee, Sangjin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1377-1383
    • /
    • 2015
  • As the cloud services users' increase, there are important files created by individual in cloud storage. Thus, investigation of cloud artifact should be conducted. There are two methods of analyzing cloud service, one is that investigates cloud server provider (CSP), and another is that investigates client. In this paper, we presents an automated framework to detect the altered artifact and developes a tool that detects the cloud artifact. We also developed Cloud Artifact Tool that can investigate client computer. Cloud Artifact Tool provides feature of collection and analysis for the services such as Google Drive, Dropbox, Evernote, NDrive, DaumCloud, Ucloud, LG Cloud, T Cloud and iCloud.

Cryptography in the Cloud: Advances and Challenges

  • Boyd, Colin
    • Journal of information and communication convergence engineering
    • /
    • v.11 no.1
    • /
    • pp.17-23
    • /
    • 2013
  • Cloud computing is a currently developing revolution in information technology that is disturbing the way that individuals and corporate entities operate while enabling new distributed services that have not existed before. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services. Security is often said to be a major concern of users considering migration to cloud computing. This article examines some of these security concerns and surveys recent research efforts in cryptography to provide new technical mechanisms suitable for the new scenarios of cloud computing. We consider techniques such as homomorphic encryption, searchable encryption, proofs of storage, and proofs of location. These techniques allow cloud computing users to benefit from cloud server processing capabilities while keeping their data encrypted; and to check independently the integrity and location of their data. Overall we are interested in how users may be able to maintain and verify their own security without having to rely on the trust of the cloud provider.

Task Scheduling on Cloudlet in Mobile Cloud Computing with Load Balancing

  • Poonam;Suman Sangwan
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.10
    • /
    • pp.73-80
    • /
    • 2023
  • The recent growth in the use of mobile devices has contributed to increased computing and storage requirements. Cloud computing has been used over the past decade to cater to computational and storage needs over the internet. However, the use of various mobile applications like Augmented Reality (AR), M2M Communications, V2X Communications, and the Internet of Things (IoT) led to the emergence of mobile cloud computing (MCC). All data from mobile devices is offloaded and computed on the cloud, removing all limitations incorporated with mobile devices. However, delays induced by the location of data centers led to the birth of edge computing technologies. In this paper, we discuss one of the edge computing technologies, i.e., cloudlet. Cloudlet brings the cloud close to the end-user leading to reduced delay and response time. An algorithm is proposed for scheduling tasks on cloudlet by considering VM's load. Simulation results indicate that the proposed algorithm provides 12% and 29% improvement over EMACS and QRR while balancing the load.

An Improved Privacy Preserving Construction for Data Integrity Verification in Cloud Storage

  • Xia, Yingjie;Xia, Fubiao;Liu, Xuejiao;Sun, Xin;Liu, Yuncai;Ge, Yi
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.10
    • /
    • pp.3607-3623
    • /
    • 2014
  • The increasing demand in promoting cloud computing in either business or other areas requires more security of a cloud storage system. Traditional cloud storage systems fail to protect data integrity information (DII), when the interactive messages between the client and the data storage server are sniffed. To protect DII and support public verifiability, we propose a data integrity verification scheme by deploying a designated confirmer signature DCS as a building block. The DCS scheme strikes the balance between public verifiable signatures and zero-knowledge proofs which can address disputes between the cloud storage server and any user, whoever acting as a malicious player during the two-round verification. In addition, our verification scheme remains blockless and stateless, which is important in conducting a secure and efficient cryptosystem. We perform security analysis and performance evaluation on our scheme, and compared with the existing schemes, the results show that our scheme is more secure and efficient.

Research on Security Model and Requirements for Fog Computing: Survey (포그 컴퓨팅 보안 모델과 보안 요구사항 연구: 서베이)

  • Hong, Sunghyuck
    • Journal of the Korea Convergence Society
    • /
    • v.9 no.5
    • /
    • pp.27-32
    • /
    • 2018
  • IoT technology is developing with various application areas in $4^{th}$ Industrial revolution. There are many users using the application services. Sensing data from various environment need to be transferred to cloud computing storage and store in the cloud storage. However, physical distance from the end node to cloud computing storage is far away, and it is not efficient to transfer data from sensors and store the sensing data in the cloud storage whenever sensing data happen. Therefore, Fog computing is proposed to solve these problems which can process and store the sensing data. However, Fog computing is new emerging technology, there is no standard security model and requirements. This research proposes to security requirements and security model for Fog computing to establish a secure and efficient cloud computing environment.

Privacy Preserving Source Based Deduplication In Cloud Storage (클라우드 스토리지 상에서의 프라이버시 보존형 소스기반 중복데이터 제거기술)

  • Park, Cheolhee;Hong, Dowon;Seo, Changho;Chang, Ku-Young
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.1
    • /
    • pp.123-132
    • /
    • 2015
  • In cloud storage, processing the duplicated data, namely deduplication, is necessary technology to save storage space. Users who store sensitive data in remote storage want data be encrypted. However Cloud storage server do not detect duplication of conventionally encrypted data. To solve this problem, Convergent Encryption has been proposed. But it inherently have weakness due to brute-force attack. On the other hand, to save storage space as well as save bandwidths, client-side deduplication have been applied. Recently, various client-side deduplication technology has been proposed. However, this propositions still cannot solve the security problem. In this paper, we suggest a secure source-based deduplication technology, which encrypt data to ensure the confidentiality of sensitive data and apply proofs of ownership protocol to control access to the data, from curious cloud server and malicious user.

Privacy-Preserving Cloud Data Security: Integrating the Novel Opacus Encryption and Blockchain Key Management

  • S. Poorani;R. Anitha
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.11
    • /
    • pp.3182-3203
    • /
    • 2023
  • With the growing adoption of cloud-based technologies, maintaining the privacy and security of cloud data has become a pressing issue. Privacy-preserving encryption schemes are a promising approach for achieving cloud data security, but they require careful design and implementation to be effective. The integrated approach to cloud data security that we suggest in this work uses CogniGate: the orchestrated permissions protocol, index trees, blockchain key management, and unique Opacus encryption. Opacus encryption is a novel homomorphic encryption scheme that enables computation on encrypted data, making it a powerful tool for cloud data security. CogniGate Protocol enables more flexibility and control over access to cloud data by allowing for fine-grained limitations on access depending on user parameters. Index trees provide an efficient data structure for storing and retrieving encrypted data, while blockchain key management ensures the secure and decentralized storage of encryption keys. Performance evaluation focuses on key aspects, including computation cost for the data owner, computation cost for data sharers, the average time cost of index construction, query consumption for data providers, and time cost in key generation. The results highlight that the integrated approach safeguards cloud data while preserving privacy, maintaining usability, and demonstrating high performance. In addition, we explore the role of differential privacy in our integrated approach, showing how it can be used to further enhance privacy protection without compromising performance. We also discuss the key management challenges associated with our approach and propose a novel blockchain-based key management system that leverages smart contracts and consensus mechanisms to ensure the secure and decentralized storage of encryption keys.