State of The Art and Hot Aspects in Cloud Data Storage Security

Along with the evolution of cloud computing and cloud storage towards matu- rity, researchers have analyzed an increasing range of cloud computing security aspects, data security being an important topic in this area. In this paper, we examine the state of the art in cloud storage security through an overview of selected peer reviewed publications. We address the question of defining cloud storage security and its different aspects, as well as enumerate the main vec- tors of attack on cloud storage. The reviewed papers present techniques for key management and controlled disclosure of encrypted data in cloud storage, while novel ideas regarding secure operations on encrypted data and methods for pro- tection of data in fully virtualized environments provide a glimpse of the toolbox available for securing cloud storage. Finally, new challenges such as emergent government regulation call for solutions to problems that did not receive enough attention in earlier stages of cloud computing, such as for example geographical location of data. The methods presented in the papers selected for this review represent only a small fraction of the wide research effort within cloud storage security. Nevertheless, they serve as an indication of the diversity of problems that are being addressed

Blockchain & Multi-Agent System: A New Promising Approach for Cloud Data Integrity Auditing with Deduplication

Recently, data storage represents one of the most important services in Cloud Computing. The cloud provider should ensure two major requirements which are data integrity and storage efficiency. Blockchain data structure and the efficient data deduplication represent possible solutions to address these exigencies. Several approaches have been proposed, some of them implement deduplication in Cloud server side, which involves a lot of computation to eliminate the redundant data and it becomes more and more complex. Therefore, this paper proposed an efficient, reliable and secure approach, in which the authors propose a Multi-Agent System in order to manipulate deduplication technique that permits to reduce data volumes thereby reduce storage overhead. On the other side, the loss of physical control over data introduces security challenges such as data loss, data tampering and data modification. To solve similar problems, the authors also propose Blockchain as a database for storing metadata of client files. This database serves as logging database that ensures data integrity auditing function

Co-Check: Collaborative Outsourced Data Auditing in Multicloud Environment

With the increasing demand for ubiquitous connectivity, wireless technology has significantly improved our daily lives. Meanwhile, together with cloud-computing technology (e.g., cloud storage services and big data processing), new wireless networking technology becomes the foundation infrastructure of emerging communication networks. Particularly, cloud storage has been widely used in services, such as data outsourcing and resource sharing, among the heterogeneous wireless environments because of its convenience, low cost, and flexibility. However, users/clients lose the physical control of their data after outsourcing. Consequently, ensuring the integrity of the outsourced data becomes an important security requirement of cloud storage applications. In this paper, we present Co-Check, a collaborative multicloud data integrity audition scheme, which is based on BLS (Boneh-Lynn-Shacham) signature and homomorphic tags. According to the proposed scheme, clients can audit their outsourced data in a one-round challenge-response interaction with low performance overhead. Our scheme also supports dynamic data maintenance. The theoretical analysis and experiment results illustrate that our scheme is provably secure and efficient

SoK: A Practical Cost Comparison Among Provable Data Possession Schemes

Provable Data Possession (PDP) schemes provide users with the ability to efficiently audit and verify the integrity of data stored with potentially unreliable third-parties, such as cloud storage service providers. While dozens of PDP schemes have been developed, no PDP schemes have been practically implemented with an existing cloud service. This work attempts to provide a starting point for the integration of PDP schemes with cloud storage service providers by providing a cost analysis of PDP schemes. This cost analysis is performed by implementing and analyzing five PDP schemes representative of the dozens of various PDP approaches. This paper provides analysis of the overhead and performance of each of these schemes to generate a comparable cost for each scheme using real-world cloud pricing models. Results show that the total cost of each scheme is comparable for smaller file sizes, but for larger files this cost can vary across schemes by an order of magnitude. Ultimately, the difference in cost between the simple MAC-based PDP scheme and the most efficient PDP scheme is negligible. While the MAC-PDP scheme may not be the most efficient, no other scheme improving upon it\u27s complexity can be implemented without the use of additional services or APIs leading to the conclusion that the simplest, storage only PDP scheme is the most practical to implement. Furthermore, the findings in this paper suggest that, in general, PDP schemes optimize on an inaccurate cost model and that future schemes should consider the existing economic realities of cloud services

Data Auditing and Security in Cloud Computing: Issues, Challenges and Future Directions

Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discussed

Data auditing and security in cloud computing: issues, challenges and future directions

Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discusse

A Study on “Security of Cyber-Physical Systems in the Cloud”

The existing security models are built with certain assumptions. The solutions like distributed accountability, provable data possession (PDP), Third Party Auditing (TPA) and so on are secure as long as the assumptions hold true. To ensure fool proof security for cloud storage security little research has been made on quantum key cryptography. Since the quantum key distribution is unconditionally secure, we propose a new scheme known as Cloud QKDP (Quantum Key Distribution Protocol for Cloud Computing) which exploits the benefits of quantum mechanisms to secure cloud storage and data dynamics. We consider a case study in which three parties such as cloud server, data owner and trusted client have provably secure communications with our proposed scheme which uses random oracle model. Our empirical study revealed mixture of success and failure rates with private and public clouds respectively