404 research outputs found

    ase-PoW: a proof of ownership mechanism for cloud deduplication in hierarchical environments

    Get PDF
    Proof-of-Ownership (PoW) can be an efective deduplication technique to reduce storage requirements, by providing cloud storage servers the capability to guarantee that clients only upload and download files that they are in possession of. In this paper, we propose an attribute symmetric encryption PoW scheme (ase-PoW) for hierarchical environments such as corporations, in which (1) the external cloud service provider is honest-but-curious and (2) there is a exible access control in place to ensure only users with the right privilege can access sensitive files. This is, to the best of our knowledge, the first such scheme and it is built upon the ce-PoW scheme of Gonzalez-Manzano and Orfila (2015). Ase-PoW outperforms ce-PoW in that it does not suffer from content-guessing attacks, it reduces client storage needs and computational workload.This work was partially supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You) and the CAM grant S2013/ICE-3095 CIBERDINE-CM (CIBERDINE: Cybersecurity, Data, and Risks) funded by Madrid Autonomous Community and co-funded by European funds. L. Gonzalez and J. M. de Fuentes were also supported by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid, Spain

    What if keys are leaked? Towards practical and secure re-encryption in deduplication-based cloud storage

    Get PDF
    By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively

    Review Paper on Privacy Preservation Techniques in Cloud

    Get PDF
    In this information world, large amounts of data are collected and analyzed every day. Cloud computing is the most known model for supporting large and complex data. Organizations are moving toward cloud computing for getting benefit of its cost reduction and elasticity features but cloud computing has potential risk and vulnerabilities. One of major problem in moving to cloud computing is its security and privacy concerns.Encryption is standalone problem for the security of data stored on the cloud. So we proposed method which combines the concept of encryption along with data deduplication methodology to enhance the privacy of data over cloud. Data deduplication is a specialized data compression technique for eliminating duplicate copies of repeating data in storage. In turns this technique saves the cost and time associated with redundant accessing and processing of data overhead involve as compared to normal operations.

    Fast and secure laptop backups with encrypted de-duplication

    Get PDF
    Many people now store large quantities of personal and corporate data on laptops or home computers. These often have poor or intermittent connectivity, and are vulnerable to theft or hardware failure. Conventional backup solutions are not well suited to this environment, and backup regimes are frequently inadequate. This paper describes an algorithm which takes advantage of the data which is common between users to increase the speed of backups, and reduce the storage requirements. This algorithm supports client-end per-user encryption which is necessary for confidential personal data. It also supports a unique feature which allows immediate detection of common subtrees, avoiding the need to query the backup system for every file. We describe a prototype implementation of this algorithm for Apple OS X, and present an analysis of the potential effectiveness, using real data obtained from a set of typical users. Finally, we discuss the use of this prototype in conjunction with remote cloud storage, and present an analysis of the typical cost savings.

    An extensive research survey on data integrity and deduplication towards privacy in cloud storage

    Get PDF
    Owing to the highly distributed nature of the cloud storage system, it is one of the challenging tasks to incorporate a higher degree of security towards the vulnerable data. Apart from various security concerns, data privacy is still one of the unsolved problems in this regards. The prime reason is that existing approaches of data privacy doesn't offer data integrity and secure data deduplication process at the same time, which is highly essential to ensure a higher degree of resistance against all form of dynamic threats over cloud and internet systems. Therefore, data integrity, as well as data deduplication is such associated phenomena which influence data privacy. Therefore, this manuscript discusses the explicit research contribution toward data integrity, data privacy, and data deduplication. The manuscript also contributes towards highlighting the potential open research issues followed by a discussion of the possible future direction of work towards addressing the existing problems

    Sigmoid(x): secure distributed network storage

    Get PDF
    Secure data storage is a serious problem for computer users today, particularly in enterprise environments. As data requirements grow, traditional approaches of secured silos are showing their limitations. They represent a single – or at least, limited – point of failure, and require significant, and increasing, maintenance and overhead. Such solutions are totally unsuitable for consumers, who want a ‘plug and play’ secure solution for their increasing datasets – something with the ubiquity of access of Facebook or webmail. Network providers can provide centralised solutions, but that returns us to the first problem. Sigmoid(x) takes a completely different approach – a scalable, distributed, secure storage mechanism which shares data storage between the users themselves
    • …
    corecore