Entangled cloud storage

Entangled cloud storage (Aspnes et al., ESORICS 2004) enables a set of clients to “entangle” their files into a single clew to be stored by a (potentially malicious) cloud provider. The entanglement makes it impossible to modify or delete significant part of the clew without affecting all files encoded in the clew. A clew keeps the files in it private but still lets each client recover his own data by interacting with the cloud provider; no cooperation from other clients is needed. At the same time, the cloud provider is discouraged from altering or overwriting any significant part of the clew as this will imply that none of the clients can recover their files. We put forward the first simulation-based security definition for entangled cloud storage, in the framework of universal composability (Canetti, 2001). We then construct a protocol satisfying our security definition, relying on an entangled encoding scheme based on privacy-preserving polynomial interpolation; entangled encodings were originally proposed by Aspnes et al. as useful tools for the purpose of data entanglement. As a contribution of independent interest we revisit the security notions for entangled encodings, putting forward stronger definitions than previous work (that for instance did not consider collusion between clients and the cloud provider). Protocols for entangled cloud storage find application in the cloud setting, where clients store their files on a remote server and need to be ensured that the cloud provider will not modify or delete their data illegitimately. Current solutions, e.g., based on Provable Data Possession and Proof of Retrievability, require the server to be challenged regularly to provide evidence that the clients’ files are stored at a given time. Entangled cloud storage provides an alternative approach where any single client operates implicitly on behalf of all others, i.e., as long as one client's files are intact, the entire remote database continues to be safe and unblemishe

State of The Art and Hot Aspects in Cloud Data Storage Security

Along with the evolution of cloud computing and cloud storage towards matu- rity, researchers have analyzed an increasing range of cloud computing security aspects, data security being an important topic in this area. In this paper, we examine the state of the art in cloud storage security through an overview of selected peer reviewed publications. We address the question of defining cloud storage security and its different aspects, as well as enumerate the main vec- tors of attack on cloud storage. The reviewed papers present techniques for key management and controlled disclosure of encrypted data in cloud storage, while novel ideas regarding secure operations on encrypted data and methods for pro- tection of data in fully virtualized environments provide a glimpse of the toolbox available for securing cloud storage. Finally, new challenges such as emergent government regulation call for solutions to problems that did not receive enough attention in earlier stages of cloud computing, such as for example geographical location of data. The methods presented in the papers selected for this review represent only a small fraction of the wide research effort within cloud storage security. Nevertheless, they serve as an indication of the diversity of problems that are being addressed

An Efficient Pdp Scheme For Distributed Cloud Storage To Support Dynamic Scalability On Multiple Storage Servers

The confirmation examination without downloading makes it particularly important for large-size files and folders typically including many clients’ files to make sure whether these data have been tampered with or deleted without downloading the latest version of data. Provable data possession is such a probabilistic proof technique for a storage provider to establish the integrity and ownership of clients’ data without downloading data. Consequently it is able to put back traditional hash and signature functions in storage outsourcing. Various PDP schemes have been recently proposed such as Scalable PDP and Dynamic PDP. Though these schemes mainly focus on PDP issues at untrusted servers in a single cloud storage provider and are not appropriate for a multi-cloud environment.  Furthermore clients need to know the exact position of each file block in a multi-cloud environment.  The confirmation process in such a case will lead to high communication overheads and calculation costs at client sides as well. Consequently it is of utmost necessary to design a cooperative PDP model to decrease the storage and network overheads and improve the transparency of verification activities in cluster-based cloud storage systems. A cooperative PDP scheme should give features for timely detecting abnormality and renewing multiple copies of data

Customized Audit Approach to Achieve User Desired Control over Cloud Data

Cloud computing is the mainly used technique in the modern days in order to avoid the problems in the storage of the data in online to access the data from anywhere. In this paper, traditionally we will be utilizing a method based on probabilistic query and periodic verification for improving the performance of audit services. By using these methods, we will be improving the effectiveness of verification of storage data and decrease the storage space for extra data. There will not be any user-desired control in the data retrieval provided by these methods. Therefore, to overcome this problem we will be using object-centered method that enables enclosing our logging mechanism collectively with user’s data and policies. To support user’s control, we also present distributed auditing mechanisms by which we will be observing efficiency and the effectiveness of the proposed approach

Protection of big data privacy

In recent years, big data have become a hot research topic. The increasing amount of big data also increases the chance of breaching the privacy of individuals. Since big data require high computational power and large storage, distributed systems are used. As multiple parties are involved in these systems, the risk of privacy violation is increased. There have been a number of privacy-preserving mechanisms developed for privacy protection at different stages (e.g., data generation, data storage, and data processing) of a big data life cycle. The goal of this paper is to provide a comprehensive overview of the privacy preservation mechanisms in big data and present the challenges for existing mechanisms. In particular, in this paper, we illustrate the infrastructure of big data and the state-of-the-art privacy-preserving mechanisms in each stage of the big data life cycle. Furthermore, we discuss the challenges and future research directions related to privacy preservation in big data

Data Integrity in Multi Cloud Storage

Data integrity in cloud is became an acceptable challenge in the research community because of its vast application and usability in common people. This paper given an idea and ensure the secure and less loss in data during sharing with different user residing worldwide. We have introduced a new scheme called PDP (Provable Data Possession) scheme for distributed cloud storage to support the scalability of service and data migration. Here we have the existence of multiple cloud service providers to cooperatively store and maintain the clients’ data.   We also introduce an another scheme called  (CPDP) i.e. cooperative PDP which is based on homomorphic verifiable response and hash index hierarchy. We prove that the proposed scheme is minimizing the computational error as well as decrease the communication overhead as compare with existing methods

Capacity Allocation for Clouds with Parallel Processing, Batch Arrivals, and Heterogeneous Service Requirements

Problem Definition: Allocating sufficient capacity to cloud services is a challenging task, especially when demand is time-varying, heterogeneous, contains batches, and requires multiple types of resources for processing. In this setting, providers decide whether to reserve portions of their capacity to individual job classes or to offer it in a flexible manner. Methodology/results: In collaboration with Huawei Cloud, a worldwide provider of cloud services, we propose a heuristic policy that allocates multiple types of resources to jobs and also satisfies their pre-specified service level agreements (SLAs). We model the system as a multi-class queueing network with parallel processing and multiple types of resources, where arrivals (i.e., virtual machines and containers) follow time-varying patterns and require at least one unit of each resource for processing. While virtual machines leave if they are not served immediately, containers can join a queue. We introduce a diffusion approximation of the offered load of such system and investigate its fidelity as compared to the observed data. Then, we develop a heuristic approach that leverages this approximation to determine capacity levels that satisfy probabilistic SLAs in the system with fully flexible servers. Managerial Implications: Using a data set of cloud computing requests over a representative 8-day period from Huawei Cloud, we show that our heuristic policy results in a 20% capacity reduction and better service quality as compared to a benchmark that reserves resources. In addition, we show that the system utilization induced by our policy is superior to the benchmark, i.e., it implies less idling of resources in most instances. Thus, our approach enables cloud operators to both reduce costs and achieve better performance