6,138 research outputs found

    A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

    Get PDF
    The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

    Light-Weight Accountable Privacy Preserving Protocol in Cloud Computing Based on a Third-Party Auditor

    Get PDF
    Cloud computing is emerging as the next disruptive utility paradigm [1]. It provides extensive storage capabilities and an environment for application developers through virtual machines. It is also the home of software and databases that are accessible, on-demand. Cloud computing has drastically transformed the way organizations, and individual consumers access and interact with Information Technology. Despite significant advancements in this technology, concerns about security are holding back businesses from fully adopting this promising information technology trend. Third-party auditors (TPAs) are becoming more common in cloud computing implementations. Hence, involving auditors comes with its issues such as trust and processing overhead. To achieve productive auditing, we need to (1) accomplish efficient auditing without requesting the data location or introducing processing overhead to the cloud client; (2) avoid introducing new security vulnerabilities during the auditing process. There are various security models for safeguarding the CCs (Cloud Client) data in the cloud. The TPA systematically examines the evidence of compliance with established security criteria in the connection between the CC and the Cloud Service Provider (CSP). The CSP provides the clients with cloud storage, access to a database coupled with services. Many security models have been elaborated to make the TPA more reliable so that the clients can trust the third-party auditor with their data. Our study shows that involving a TPA might come with its shortcomings, such as trust concerns, extra overhead, security, and data manipulation breaches; as well as additional processing, which leads to the conclusion that a lightweight and secure protocol is paramount to the solution. As defined in [2] privacy-preserving is making sure that the three cloud stakeholders are not involved in any malicious activities coming from insiders at the CSP level, making sure to remediate to TPA vulnerabilities and that the CC is not deceitfully affecting other clients. In our survey phase, we have put into perspective the privacy-preserving solutions as they fit the lightweight requirements in terms of processing and communication costs, ending up by choosing the most prominent ones to compare with them our simulation results. In this dissertation, we introduce a novel method that can detect a dishonest TPA: The Light-weight Accountable Privacy-Preserving (LAPP) Protocol. The lightweight characteristic has been proven simulations as the minor impact of our protocol in terms of processing and communication costs. This protocol determines the malicious behavior of the TPA. To validate our proposed protocol’s effectiveness, we have conducted simulation experiments by using the GreenCloud simulator. Based on our simulation results, we confirm that our proposed model provides better outcomes as compared to the other known contending methods

    Public Integrity Auditing for Dynamic Data Sharing With Multiuser Modification

    Get PDF
    In cloud storage systems, information proprietors have their information on cloud servers furthermore, clients (information customers) can get to the information from cloud servers. Because of the information outsourcing, be that as it may, this new worldview of information facilitating administration additionally presents new security challenges, which requires an autonomous evaluating administration to check the information honesty in the cloud. In huge scale distributed storage frameworks, the information might be refreshed powerfully, so existing remote uprightness checking strategies served for static chronicle information are no longer appropriate to check the information uprightness. Accordingly, a proficient and secure dynamic inspecting convention is wanted to persuade information proprietors that the information is accurately put away in the cloud. In this section, we initially present an evaluating structure for cloud capacity frameworks. At that point, we depict Third-party Auditing Scheme a proficient and security saving evaluating convention for distributed storage, which can likewise bolster information dynamic operations and cluster reviewing for both various proprietors what's more

    Multitenancy - Security Risks and Countermeasures

    Get PDF
    Security within the cloud is of paramount importance as the interest and indeed utilization of cloud computing increase. Multitenancy in particular introduces unique security risks to cloud computing as a result of more than one tenant utilizing the same physical computer hardware and sharing the same software and data. The purpose of this paper is to explore the specific risks in cloud computing due to Multitenancy and the measures that can be taken to mitigate those risks.Security within the cloud is of paramount importance as the interest and indeed utilization of cloud computing increase. Multitenancy in particular introduces unique security risks to cloud computing as a result of more than one tenant utilizing the same physical computer hardware and sharing the same software and data. The purpose of this paper is to explore the specific risks in cloud computing due to Multitenancy and the measures that can be taken to mitigate those risks

    A Survey of Security and Privacy Challenges in Cloud Computing: Solutions and Future Directions

    Get PDF
    While cloud computing is gaining popularity, diverse security and privacy issues are emerging that hinder the rapid adoption of this new computing paradigm. And the development of defensive solutions is lagging behind. To ensure a secure and trustworthy cloud environment it is essential to identify the limitations of existing solutions and envision directions for future research. In this paper, we have surveyed critical security and privacy challenges in cloud computing, categorized diverse existing solutions, compared their strengths and limitations, and envisioned future research directions

    A Novel Technique for Cloud Computing Data Security and Public Auditing

    Get PDF
    In prior years, the fast improvement of cloud storage services makes it simpler than at any other time for cloud clients to disseminate information (data) with everyone. To ensure client's trust in the dependability of their public information on the cloud, various strategies have been proposed for information trustworthiness assessing with spotlights on different viable components, secure data destructing, public integrity auditing and so forth.. Since it is not achievable to execute full lifecycle protection security, access control turns into a testing assignment, particularly when we share delicate information on cloud servers. To handle this issue, proposed framework presents a key strategy trait based encryption with time-determined properties (KP-TSABE), another safe information self-destructing framework in distributed computing. Moreover open respectability inspecting frameworks presented for cloud information sharing administrations that check the uprightness of client's delicate information being put away in the cloud. In the KP-TABE plan, each figure content is marked with a period interim while the private key is connected with a period moment. The figure message just is unscrambled if both the time instant is in the permitted time interim and traits which are connected with the figure content guarantee the key's entrance structure. Also, Third Party Auditing (TPA) is acquainted with help clients to assess the danger of their subscribed cloud data administrations. The review result from TPA would likewise be useful for the cloud administration suppliers to upgrade cloud-based administration stage

    Data trust framework using blockchain and smart contracts

    Get PDF
    Lack of trust is the main barrier preventing more widespread data sharing. The lack of transparent and reliable infrastructure for data sharing prevents many data owners from sharing their data. Data trust is a paradigm that facilitates data sharing by forcing data controllers to be transparent about the process of sharing and reusing data. Blockchain technology has the potential to present the essential properties for creating a practical and secure data trust framework by transforming current auditing practices and automatic enforcement of smart contracts logic without relying on intermediaries to establish trust. Blockchain holds an enormous potential to remove the barriers of traditional centralized applications and propose a distributed and transparent administration by employing the involved parties to maintain consensus on the ledger. Furthermore, smart contracts are a programmable component that provides blockchain with more flexible and powerful capabilities. Recent advances in blockchain platforms toward smart contracts' development have revealed the possibility of implementing blockchain-based applications in various domains, such as health care, supply chain and digital identity. This dissertation investigates the blockchain's potential to present a framework for data trust. It starts with a comprehensive study of smart contracts as the main component of blockchain for developing decentralized data trust. Interrelated, three decentralized applications that address data sharing and access control problems in various fields, including healthcare data sharing, business process, and physical access control system, have been developed and examined. In addition, a general-purpose application based on an attribute-based access control model is proposed that can provide trusted auditability required for data sharing and access control systems and, ultimately, a data trust framework. Besides auditing, the system presents a transparency level that both access requesters (data users) and resource owners (data controllers) can benefit from. The proposed solutions have been validated through a use case of independent digital libraries. It also provides a detailed performance analysis of the system implementation. The performance results have been compared based on different consensus mechanisms and databases, indicating the system's high throughput and low latency. Finally, this dissertation presents an end-to-end data trust framework based on blockchain technology. The proposed framework promotes data trustworthiness by assessing input datasets, effectively managing access control, and presenting data provenance and activity monitoring. A trust assessment model that examines the trustworthiness of input data sets and calculates the trust value is presented. The number of transaction validators is defined adaptively with the trust value. This research provides solutions for both data owners and data users’ by ensuring the trustworthiness and quality of the data at origin and transparent and secure usage of the data at the end. A comprehensive experimental study indicates the presented system effectively handles a large number of transactions with low latency

    My private cloud--granting federated access to cloud resources

    Get PDF
    We describe the research undertaken in the six month JISC/EPSRC funded My Private Cloud project, in which we built a demonstration cloud file storage service that allows users to login to it, by using their existing credentials from a configured trusted identity provider. Once authenticated, users are shown a set of accounts that they are the owners of, based on their identity attributes. Once users open one of their accounts, they can upload and download files to it. Not only that, but they can then grant access to their file resources to anyone else in the federated system, regardless of whether their chosen delegate has used the cloud service before or not. The system uses standard identity management protocols, attribute based access controls, and a delegation service. A set of APIs have been defined for the authentication, authorisation and delegation processes, and the software has been released as open source to the community. A public demonstration of the system is available online
    • …
    corecore