A Solution for Privacy-Preserving and Security in Cloud for Document Oriented Data (By Using NoSQL Database)

Cloud computing delivers massively scalable computing resources as a service with Internet based technologies those can share resources within the cloud users. The cloud offers various types of services that majorly include infrastructure as services, platform as a service, and software as a service and security as a services and deployment model as well. The foremost issues in cloud data security include data security and user privacy, data protection, data availability, data location, and secure transmission. In now day, preserving-privacy of data and user, and manipulating query from big-data is the most challenging problem in the cloud. So many researches were conducted on privacy preserving techniques for sharing data and access control; secure searching on encrypted data and verification of data integrity. This work  included preserving-privacy of document oriented data security, user privacy in the three phases those are data security at rest, at process and at transit by using Full Homomorphic encryption and decryption scheme to achieve afore most mentioned goal. This work implemented on document oriented data only by using NoSQL database and  the encryption/decryption algorithm such as RSA and Paillier’s cryptosystem in Java package with MongoDB, Apache Tomcat Server 9.1, Python, Amazon Web Service mLab for MongoDB as remote server.  Keywords: Privacy-Preserving, NoSQL, MongoDB, Cloud computing, Homomorphic encryption/decryption, public key, private key, RSA Algorithm, Paillier’s cryptosystem DOI: 10.7176/CEIS/11-3-02 Publication date:May 31st 202

A Shared-Disk Database Approach towards Securing Data in the Cloud

The increasing popularity of cloud computing in distributed computing environment may have positive as well as negative effects on the data security of service consumers. This paper highlights some major security issues existing in current cloud computing environments. The primary issue to be dealt with when talking about security in a cloud is protection of the data. The idea is to construct a privacy preserving repository where data sharing services can update and control the access and limit the usage of their shared data, instead of submitting data to central authorities, and, hence, the shared-disk database architecture will promote data sharing and privacy of data. This paper aims at simultaneously achieving data confidentiality while still keeping the harmonizing relations intact in the cloud. Our proposed scheme enables the data owner to delegate most of computation intensive tasks to cloud servers without disclosing data contents or user access privilege information

Privacy-preserving key-value store

Cloud computing is arguably the foremost delivery platform for data storage and data processing. It turned computing into a utility based service that provides consumers and enterprises with on-demand access to computing resources. Although advantageous, there is an inherent lack of control over the hardware in the cloud computing model, this may constitute an increased privacy and security risk. Multiple encrypted database systems have emerged in recent years, they provide the functionality of regular databases but without compromising data confidentiality. These systems leverage novel encryption schemes such as homomorphic and searchable encryp tion. However, many of these proposals focus on extending existing centralized systems that are very difficult to scale, and offer poor performance in geo-replicated scenarios. We propose a scalable, highly available, and geo-replicated privacy-preserving key value store. A system that provides its users with secure data types meant to be replicated, along with a rich query interface with configurable privacy that enables one to issue secure and somewhat complex queries. We accompany our proposal with an implementation of a privacy-preserving client library for AntidoteDB, a geo-replicated key-value store. We also extend the AntidoteDB’s query language interface by adding support for secure SQL-like queries with configurable privacy. Experimental evaluations show that our proposals offer a feasible solution to practical applications that wish to improve their privacy and confidentiality

Paillier based Privacy-Preserving Mining of Association Rules from Outsourced Transaction Databases

The Cloud computing is computing in which massive assembling of remote servers are managed to authorized centralized data storage and online access to computer resources , while Privacy-preserving data mining (PPDM) is one of the latest inclination in privacy and security studies. It is determined by one of the important positioning issues of the information era - the right to privacy. With the use of cloud computing services, an organization lack in computational resources can deploy its mining requires to an outsider service provider. However, both the elements and the association rules of the deployed database are observed as private property of the organization. The data owner converts its data and sends it to the server, ships mining queries to the server, and recoup the actual design from the extricate designs received from the outsider server for corporate privacy prevention. In this theory, we study the problems of outsourcing the association rule mining mechanisms within a corporate privacy-preserving framework. The Rob Frugal method is founded with defeat the security obligations of outsourced data. This method is an encryption plan which is based on one to one substitution ciphers for items and fake pattern from the database. In this system attacker discovers data by guessing attack, also man in the middle attack which is possible on Rob Frugal encryption to conquer this problem, the proposed technique encompasses Paillier encryption for enhancing the security level for outsourced data with the less complexity and to protect against the forging the contents of the correspondence. FP-growth algorithm is used for generating association rules for improving the performance and for preserving a homomorphic encryption algorithm Paillier cryptosystem is being used

Elliptic Curve Cryptography Digital Signature Algorithm For Privacy-Preserving Public Auditing For Shared Data In The Cloud

Cloud computing becomes one of the emerging technology on now a days to share and manage their data in organization , because of its forcefulness, small communication cost and everywhere environment. Privacy preservation concern in the cloud computing becomes arise several security challenges since information stored in the cloud data is easily outsourced anywhere at any time. To manage this privacy preservation in cloud computing several number of the mechanism have been proposed in earlier work to permit both data owners and public verifiers toward proficiently audit cloud information integrity without leakage information from cloud server. But major issue of the existing works becomes these methods is that unavoidably disclose secret data to free verifiers. In order to overcome this problem in this paper presents novel privacy-preserving elliptic curve digital signature cryptography methods data integrity with the purpose to maintain public auditing on shared information stored which is stored in the cloud computing database. In the proposed methods digital signature are created to each data owner in the cloud computing environment and attain data integrity confirmation for shared information between one cloud data owner to third party auditor. In our proposed data integrity Elliptic Curve Cryptography Digital Signature Algorithm, the individuality of the signer on every one chunk in shared information is reserved privately secure manner by creation elliptic curve based private key from public verifiers. Further improve accuracy of the privacy preservation for shared information in the cloud computing proposed ECCDSA perform manifold auditing tasks parallel. The experimentation results of the proposed ECCDSA based multiple data auditing task shows that higher efficiency and higher data integrity while performing auditing task, it can be compared with existing public auditing methods. DOI: 10.17762/ijritcc2321-8169.150313

Secure and Reliable Data Outsourcing in Cloud Computing

The many advantages of cloud computing are increasingly attracting individuals and organizations to outsource their data from local to remote cloud servers. In addition to cloud infrastructure and platform providers, such as Amazon, Google, and Microsoft, more and more cloud application providers are emerging which are dedicated to offering more accessible and user friendly data storage services to cloud customers. It is a clear trend that cloud data outsourcing is becoming a pervasive service. Along with the widespread enthusiasm on cloud computing, however, concerns on data security with cloud data storage are arising in terms of reliability and privacy which raise as the primary obstacles to the adoption of the cloud. To address these challenging issues, this dissertation explores the problem of secure and reliable data outsourcing in cloud computing. We focus on deploying the most fundamental data services, e.g., data management and data utilization, while considering reliability and privacy assurance. The first part of this dissertation discusses secure and reliable cloud data management to guarantee the data correctness and availability, given the difficulty that data are no longer locally possessed by data owners. We design a secure cloud storage service which addresses the reliability issue with near-optimal overall performance. By allowing a third party to perform the public integrity verification, data owners are significantly released from the onerous work of periodically checking data integrity. To completely free the data owner from the burden of being online after data outsourcing, we propose an exact repair solution so that no metadata needs to be generated on the fly for the repaired data. The second part presents our privacy-preserving data utilization solutions supporting two categories of semantics - keyword search and graph query. For protecting data privacy, sensitive data has to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. We define and solve the challenging problem of privacy-preserving multi- keyword ranked search over encrypted data in cloud computing. We establish a set of strict privacy requirements for such a secure cloud data utilization system to become a reality. We first propose a basic idea for keyword search based on secure inner product computation, and then give two improved schemes to achieve various stringent privacy requirements in two different threat models. We also investigate some further enhancements of our ranked search mechanism, including supporting more search semantics, i.e., TF × IDF, and dynamic data operations. As a general data structure to describe the relation between entities, the graph has been increasingly used to model complicated structures and schemaless data, such as the personal social network, the relational database, XML documents and chemical compounds. In the case that these data contains sensitive information and need to be encrypted before outsourcing to the cloud, it is a very challenging task to effectively utilize such graph-structured data after encryption. We define and solve the problem of privacy-preserving query over encrypted graph-structured data in cloud computing. By utilizing the principle of filtering-and-verification, we pre-build a feature-based index to provide feature-related information about each encrypted data graph, and then choose the efficient inner product as the pruning tool to carry out the filtering procedure

HEAD: an FHE-based Privacy-preserving Cloud Computing Protocol with Compact Storage and Efficient Computation

Fully homomorphic encryption (FHE) provides a natural solution for privacy-preserving cloud computing, but a straightforward FHE protocol may suffer from high computational overhead and a large ciphertext expansion rate, especially for computation-intensive tasks over large data, which are the main obstacles toward practical privacy-preserving cloud computing. In this paper, we present HEAD, a generic privacy-preserving cloud computing protocol that can be based on most mainstream (typically a BGV or GSW style scheme) FHE schemes with more compact storage and less computational costs than the straightforward FHE counterpart. In particular, our protocol enjoys a ciphertext/plaintext expansion rate of 1 (i.e., no expansion) in a cloud computing server, instead of a factor of hundreds of thousands. This is achieved by means of ``pseudorandomly masked\u27\u27 ciphertexts, and the efficient transformations of them into FHE ciphertexts to facilitate privacy-preserving cloud computing. Depending on the underlying FHE in use, our HEAD protocol can be instantiated with the three masking techniques, namely modulo-subtraction-masking, modulo-division-masking, and XOR-masking, to support the decimal integer, real, or binary messages. Thanks to these masking techniques, various homomorphic computation tasks are made more efficient and less prone to noise accumulation. Furthermore, our multi-input masking and unmasking operations are more flexible than the FHE SIMD-batching, by supporting an on-demand configuration of FHE during each cloud computing request. We evaluate the performance of HEAD protocols on BFV, BGV, CKKS, and FHEW schemes based on the PALISADE and SEAL libraries, which confirms the theoretical analysis of the storage savings, the reduction in terms of computational complexity and noise accumulation. For example, in the BFV computation optimization, the sum or product of eight ciphertexts overhead is reduced from 336.3 ms to 6.3 ms, or from 1219.4 ms to 9.5 ms, respectively. We also embed HEAD into a mainstream database, PostgreSQL, in a client-server cloud storage and computing style. Compared with a straightforward FHE protocol, our experiments show that HEAD does not incur ciphertext expansion, and exhibits at least an order of magnitude saving in computing time at the server side for various tasks (on a hundred ciphertexts), by paying a reasonable price in client pre-processing time and communication. Our storage advantage not only gets around the database storage limitation but also reduces the I/O overhead

Light-Weight Accountable Privacy Preserving Protocol in Cloud Computing Based on a Third-Party Auditor

Cloud computing is emerging as the next disruptive utility paradigm [1]. It provides extensive storage capabilities and an environment for application developers through virtual machines. It is also the home of software and databases that are accessible, on-demand. Cloud computing has drastically transformed the way organizations, and individual consumers access and interact with Information Technology. Despite significant advancements in this technology, concerns about security are holding back businesses from fully adopting this promising information technology trend. Third-party auditors (TPAs) are becoming more common in cloud computing implementations. Hence, involving auditors comes with its issues such as trust and processing overhead. To achieve productive auditing, we need to (1) accomplish efficient auditing without requesting the data location or introducing processing overhead to the cloud client; (2) avoid introducing new security vulnerabilities during the auditing process. There are various security models for safeguarding the CCs (Cloud Client) data in the cloud. The TPA systematically examines the evidence of compliance with established security criteria in the connection between the CC and the Cloud Service Provider (CSP). The CSP provides the clients with cloud storage, access to a database coupled with services. Many security models have been elaborated to make the TPA more reliable so that the clients can trust the third-party auditor with their data. Our study shows that involving a TPA might come with its shortcomings, such as trust concerns, extra overhead, security, and data manipulation breaches; as well as additional processing, which leads to the conclusion that a lightweight and secure protocol is paramount to the solution. As defined in [2] privacy-preserving is making sure that the three cloud stakeholders are not involved in any malicious activities coming from insiders at the CSP level, making sure to remediate to TPA vulnerabilities and that the CC is not deceitfully affecting other clients. In our survey phase, we have put into perspective the privacy-preserving solutions as they fit the lightweight requirements in terms of processing and communication costs, ending up by choosing the most prominent ones to compare with them our simulation results. In this dissertation, we introduce a novel method that can detect a dishonest TPA: The Light-weight Accountable Privacy-Preserving (LAPP) Protocol. The lightweight characteristic has been proven simulations as the minor impact of our protocol in terms of processing and communication costs. This protocol determines the malicious behavior of the TPA. To validate our proposed protocol’s effectiveness, we have conducted simulation experiments by using the GreenCloud simulator. Based on our simulation results, we confirm that our proposed model provides better outcomes as compared to the other known contending methods