Security Enhancement for Enabling Dynamic Data and Mutual Trust in Public Cloud
Main Article Content
Abstract
In Cloud Computing, Storage as a Service is one of the most required services, but the security of the data stored in the cloud using these services is the key issue. The outsourced data in the cloud has to be guaranteed with confidentiality, integrity and access control. In this work, we device a mechanism of cloud data storage based on indirect mutual trust between the Cloud Service Provider (CSP) and the cloud users through Trusted Third Party Auditor (TTPA). This work facilitates the user to store their data as blocks and enables them to perform dynamic operations on blocks. The stored data can be accessed by a group of users authorized by the data owner. The owner has the privilege to grant or revoke access of the stored data in the cloud. The present system is providing a good security mechanism for stored data and proper sharing of keys among authorized users, and data owner for the cryptographic mechanism.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
IJCERT Policy:
The published work presented in this paper is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. This means that the content of this paper can be shared, copied, and redistributed in any medium or format, as long as the original author is properly attributed. Additionally, any derivative works based on this paper must also be licensed under the same terms. This licensing agreement allows for broad dissemination and use of the work while maintaining the author's rights and recognition.
By submitting this paper to IJCERT, the author(s) agree to these licensing terms and confirm that the work is original and does not infringe on any third-party copyright or intellectual property rights.
References
G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, ‚Provable data possession at untrusted stores,‛ in Proceedings of the 14th ACM Conference on Computer and Communications Security, ser. CCS ’07, 2007, pp. 598–609.
F. Sebe,´ J. Domingo-Ferrer, A. Martinez-Balleste, Y. Deswarte, and J.-J. Quisquater, ‚Efficient remote data possession checking in critical information infrastructures,‛ IEEE Trans. on Knowl. and Data Eng., vol. 20, no. 8, 2008.
G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, ‚Scalable and efficient provable data possession,‛ in Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, 2008, pp. 1–10.
C. Erway, A. Kupc¸¨u,¨ C. Papamanthou, and R. Tamassia, ‚Dynamic provable data possession,‛ in Proceedings of the 16th ACM Confer-ence on Computer and Communications Security, 2009, pp. 213–222.
Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, ‚Enabling public verifiability and data dynamics for storage security in cloud computing,‛ in Proceedings of the 14th European Conference on Research in Computer Security, 2009, pp. 355–370.
A. F. Barsoum and M. A. Hasan, ‚Provable possession and replication of data over cloud servers,‛ Centre For Applied Cryp-tographic Research, Report 2010/32, 2010, http://www.cacr.math. uwaterloo.ca/techreports/2010/cacr2010-32.pdf.
R. Curtmola, O. Khan, R. Burns, and G. Ateniese, ‚MR-PDP: multiple-replica provable data possession,‛ in 28th IEEE ICDCS, 2008, pp. 411– 420.
A. F. Barsoum and M. A. Hasan, ‚On verifying dynamic multi-ple data copies over cloud servers,‛ Cryptology ePrint Archive, Report 2011/447, 2011, 2011, http://eprint.iacr.org/.
K. D. Bowers, A. Juels, and A. Oprea, ‚HAIL: a high-availability and integrity layer for cloud storage,‛ in CCS ’09: Proceedings of the 16th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2009, pp. 187–198.
Y. Dodis, S. Vadhan, and D. Wichs, ‚Proofs of retrievability via hardness amplification,‛ in Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography, 2009.
A. Juels and B. S. Kaliski, ‚PORs: Proofs of Retrievability for large files,‛ in CCS’07: Proceedings of the 14th ACM conference on Computer and communications security. ACM, 2007, pp. 584–597.
H. Shacham and B. Waters, ‚Compact proofs of retrievability,‛ in ASIACRYPT ’08, 2008, pp. 90– 107.
M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu, ‚Plutus: Scalable secure file sharing on untrusted storage,‛ in Proceedings of the FAST 03: File and Storage Technologies, 2003.
E.-J. Goh, H. Shacham, N. Modadugu, and D. Boneh, ‚Sirius: Securing remote untrusted storage,‛ in Proceedings of the Network and Distributed System Security Symposium, NDSS, 2003.
G. Ateniese, K. Fu, M. Green, and S. Hohenberger, ‚Improved proxy re-encryption schemes with applications to secure distributed storage,‛ in NDSS, 2005.
S. D. C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, ‚Over-encryption: Management of access control evolution on outsourced data,‛ in Proceedings of the 33rd International Conference on Very Large Data Bases. ACM, 2007, pp. 123–134.
V. Goyal, O. Pandey, A. Sahai, and B. Waters, ‚Attribute-based encryption for fine-grained access control of encrypted data,‛ in CCS ’06, 2006, pp. 89–98.
S. Yu, C. Wang, K. Ren, and W. Lou, ‚Achieving secure, scalable, and fine-grained data access control in cloud computing,‛ in INFOCOM’10, 2010, pp. 534–542.
R. A. Popa, J. R. Lorch, D. Molnar, H. J. Wang, and L. Zhuang, ‚Enabling security in cloud storage SLAs with cloud proof,‛ in Proceedings of the 2011 USENIX conference, 2011.
K. E. Fu, ‚Group sharing and random access in cryptographic storage file systems,‛ Master’s thesis, MIT, Tech. Rep., 1999.
W. Wang, Z. Li, R. Owens, and B. Bhargava, ‚Secure and efficient access to outsourced data,‛ in Proceedings of the 2009 ACM workshop on Cloud computing security, 2009, pp. 55–66.
M. Backes, C. Cachin, and A. Oprea, ‚Secure keyupdating for lazy revocation,‛ in 11th European Symposium on Research in Computer Security, 2006, pp. 327–346.
D. Boneh, C. Gentry, and B. Waters, ‚Collusion resistant broadcast encryption with short ciphertexts and private keys,‛ in Advances in Cryptology - CRYPTO, 2005, pp. 258–275.
D. Boneh, B. Lynn, and H. Shacham, ‚Short signatures from the weil pairing,‛ in ASIACRYPT ’01: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security, London, UK, 2001, pp. 514–532.
P. S. L. M. Barrio and M. Naehrig, ‚IEEE P1363.3 submission: Pairing-friendly elliptic curves of prime order with embedding degree 12,‛ New Jersey: IEEE Standards Association, 2006.
Amazon Web Service, http://aws.amazon.com/.
P. S. L. M. Barreto and M. Naehrig, ‚Pairingfriendly elliptic curves of prime order,‛ in Proceedings of SAC 2005, volume 3897 of LNCS. Springer-Verlag, 2005, pp. 319–331.
D. L. G. Filho and P. S. L. M. Barreto, ‚Demonstrating data possession and uncheatable data transfer,‛ Cryptology ePrint Archive, Report 2006/150, 2006.
D. Naor, M. Naor, and J. B. Lotspiech, ‚Revocation and tracing schemes for stateless receivers,‛ in Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, ser. CRYPTO ’01. Springer-Verlag, 2001, pp. 41–62.
M. Blaze, G. Bleumer, and M. Strauss, ‚Divertible protocols and atomic proxy cryptography,‛ in EUROCRYPT, 1998, pp. 127–144.
M. J. Atallah, K. B. Frikken, and M. Blanton, ‚Dynamic and efficient key management for access hierarchies,‛ in Proceedings of the 12th ACM Conference on Computer and Communications Security, ser. CCS ’05. ACM, 2005, pp. 190–202.
J. Fangs, Y. Chen, W.-S. Ku, and P. Liu, ‚Analysis of integrity vulnerabilities and a non-repudiation protocol for cloud data storage platforms,‛ in Proceedings of the 2010 39th International Conference on Parallel Processing, 2010, pp. 251– 258.
J. Fangs, Y. Chen, and D. H. Summerville, ‚A fair multi-party non-repudiation scheme for storage clouds,‛ in 2011 International Conference on Collaboration Technologies and Systems, 2011, pp. 457– 465.