A novel cloud storage system with support of sensitive data application

ijmnct
ijmnct
TecnologiaNegócios

Most users are willing to store their data in the c loud storage system and use many facilities of clou d. But their sensitive data applications faces with potent ial serious security threats. In this paper, securi ty requirements of sensitive data application in the c loud are analyzed and improved structure for the ty pical cloud storage system architecture is proposed. The hardware USB-Key is used in the proposed architectu re for purpose of enhancing security of user identity and interaction security between the users and the cloud storage system. Moreover, drawn from the idea of da ta active protection, a data security container is introduced in the system to enhance the security of the data transmission process; by encapsulating th e encrypted data, increasing appropriate access contr ol and data management functions. The static data blocks are replaced with a dynamic executable data security container. Then, an enhanced security architecture for software of cloud storage terminal is proposed for more adaptation with the user's sp ecific requirements, and its functions and components can be customizable. Moreover, the proposed architectur e have capability of detecting whether the execution environment is according with the pre-defined environment requirements.

A novel cloud storage system with support of sensitive data application

ijmnct
ijmnct
TecnologiaNegócios

Most users are willing to store their data in the c loud storage system and use many facilities of clou d. But their sensitive data applications faces with potent ial serious security threats. In this paper, securi ty requirements of sensitive data application in the c loud are analyzed and improved structure for the ty pical cloud storage system architecture is proposed. The hardware USB-Key is used in the proposed architectu re for purpose of enhancing security of user identity and interaction security between the users and the cloud storage system. Moreover, drawn from the idea of da ta active protection, a data security container is introduced in the system to enhance the security of the data transmission process; by encapsulating th e encrypted data, increasing appropriate access contr ol and data management functions. The static data blocks are replaced with a dynamic executable data security container. Then, an enhanced security architecture for software of cloud storage terminal is proposed for more adaptation with the user's sp ecific requirements, and its functions and components can be customizable. Moreover, the proposed architectur e have capability of detecting whether the execution environment is according with the pre-defined environment requirements.

A novel cloud storage system with support of sensitive data application

1 de 9
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 A NOVEL CLOUD STORAGE SYSTEM WITH SUPPORT OF SENSITIVE DATA APPLICATION Alireza Souri1, Arash Salehpour2, Saeid Pashazadeh3 1, 2 Department of Computer Engineering, East Azarbaijan Science and Research Branch, Islamic Azad University, Tabriz, Iran 3 Faculty of Electrical and Computer Engineering, University of Tabriz, Tabriz, Iran ABSTRACT Most users are willing to store their data in the cloud storage system and use many facilities of cloud. But their sensitive data applications faces with potential serious security threats. In this paper, security requirements of sensitive data application in the cloud are analyzed and improved structure for the typical cloud storage system architecture is proposed. The hardware USB-Key is used in the proposed architecture for purpose of enhancing security of user identity and interaction security between the users and the cloud storage system. Moreover, drawn from the idea of data active protection, a data security container is introduced in the system to enhance the security of the data transmission process; by encapsulating the encrypted data, increasing appropriate access control and data management functions. The static data blocks are replaced with a dynamic executable data security container. Then, an enhanced security architecture for software of cloud storage terminal is proposed for more adaptation with the user's specific requirements, and its functions and components can be customizable. Moreover, the proposed architecture have capability of detecting whether the execution environment is according with the pre-defined environment requirements. KEYWORDS Sensitive data application, Hardware USB-Key; Data security, Active protection; terminal software customizable. 1. INTRODUCTION The cloud era is coming with increasing network bandwidth and reliable and flexible network connections that allow users to access software and data resources that are distributed in the remote data centers. The Cloud Service Provider (CSP) provides us with an almost unlimited infrastructures, software services and storage space. As customers, we do not need maintain the complicated infrastructure and software services, and we just use hardware resources, software resources and application services. Moreover, we can access and process the shared or exclusive data resources. While the users get many benefits from the cloud storage, they are also worried about the security of their data, especially for security of sensitive data storage and process applications. Although the cryptographic technologies provides some security for sensitive data storages and process applications, however, there are still many security threats and challenges in the face of cloud storage security environment, which is very different with the traditional security environment for the terminal node data. Specifically, these security challenges [1, 2, 3] mainly, include: DOI : 10.5121/ijmnct.2013.3503 19
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 1.1. Security threats arose from un-trusted cloud storage service provider Existing cloud storage architecture and security mechanism cannot guarantee that the service provider cannot access and change user's data illegally. 1.2. Users lose control over data In the existing cloud storage architecture, once the users outsource their data into the cloud, they lose control of the data. Consequently, anyone that who can access the data can spread and modify the data illegally. 1.3. Risk of data interception Although there are related cryptographic communication mechanisms to guarantee the security of the data transmission process, while the encrypted data is decrypted for using, the plaintext may be intercepted by attackers. 1.4. The cloud terminals lack necessary requirements for ensure the data security during the data processing procedure Although there are considerable traditional terminal security technologies, however, these technologies tend to focus on preventing malicious attacks to the entire terminal's system. As a result, they scarcely consider the security of the data usage process. Our goal in this paper is to study a case for the cloud storage system that supports the sensitive data application. Our approaches mainly include ensuring the user identity and behavior is trustworthy by enhanced trusted mechanism guaranteeing the sensitive data transmission security by data security container and ensuring the security of data accessing process through security enhanced cloud storage terminal software. The key contributions of this paper are: • • • Improved cloud storage system architecture: compared to the typical cloud storage systems, the improved structure increases hardware USB-Key to enhance the security of user identity and interaction between the users and the cloud storage system. Data security container for Transmission Process: we improve the traditional process of transmitting the encrypted data by encapsulating the encrypted data, increasing appropriate access control and data management functions, by this way, we turn the static data blocks into a dynamic executable data security container. Security Enhanced Cloud Storage Terminal Software: we distinguish the cloud storage terminal software into several security levels according to the different security requirements of users, in other words, the terminal software functions and components are customizable. The rest of this paper is organized as follows. Section 2 presents related works. Section 3 presents system requirements and architectural design. Section 4 presents the key technologies for the system and finally section 5 presents our conclusion. 20
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 2. RELATED WORKS • Cloud storage model: wang et al [2] describes typical cloud storage architecture. And in the architecture, there are mainly three types of cloud storage entities: Users, who store their data in the cloud and operate the data depending on service provided by the cloud storage service provider, while the users include businesses, institutions and individuals; cloud storage service provider (CSP), who is responsible for building the cloud storage infrastructure, maintaining the running of services and ensuring the availability, integrity and security of the data stored on its data centers; third-party auditor (TFA), which is an optional entity, and the TPA can assess security threats of the cloud storage services. Kamara et al [4] presents a user data storage and sharing model on the public cloud infrastructure, in the model, the data requester and the data owner communicate with the token in the cryptographic manner. • Cloud storage data integrity: juels et al [5] describes a proof of retrieve ability (POR) model to ensure the integrity of remote data. This model incorporates spot-checking error correction codes to ensure the property and recoverability of the files in the service system. Shacham et al [6] enhance the POR model, based on the POR model. They construct a random linear function on account of the homomorphism authentication code to provide unlimited queries and lower communication overhead. Bowers et al [7] summarizes the work of Juels and shacham and presents an improved framework for POR protocol, moreover, Bowers et al also extends the POR model into the distributed systems [8]. These technologies are all needed to be preprocessed before distributed deployment, and once any changes has been made to the file, the system must broadcast the changes by the error correction code, which brings significant computation and communication complexity for the system. Schwarz et al [9] uses erasure-coding and block-level file integrity detecting methods to ensure the integrity of files across multiple distributed servers, while this method only consider the integrity of static file. Lillibridge et al [10] proposes a backup mechanism for the P2P system, and the mechanism partition the files into several blocks and store them in m+k nodes through (m+k, m) erasure-coding; meanwhile, each node randomly request data blocks toward its backup nodes set, the integrity of data block is ensured by the separate keyed cryptographic hashes attached on the data block, however the mechanism does not guarantee that none of the data has not been tampered. Filho et al [11] proposes a data integrity checking method using the RSA hash function for ens1rtirrg data property in the P2P file-sharing networks, and this method needs doing exponentiation operation on the entire data file, consequently, it is hard to put the method into practice when the file is large enough. • Data property assurance in cloud storage: Ateniese et al [12] builds a Provable Data Property model (PDP) to ensure the rights of data owners in incredible environment, while the model audits the data files by the public-key mechanism based on the homomorphous tags. In a subsequent study, Ateniese et al [13] improve the PDP model using the symmetric-key mechanism to reduce computational overhead and support dynamic operations on data files. In a distributed storage system, Curtmola et al [14] extends the PDP mechanism for data property with multiple data duplicates, and this method does not require a separate coding for each copy. 21
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 3. REQUIREMENT ANALYSES AND ARCHITECTURE DESIGN 3.1. The Specific Requirements for sensitive Data Applications There are some specific requirements for the sensitive data applications in the cloud storage system as follows: 3.1.1. The user identity is not trusted Although this is common issue in the cloud storage system, however, for sensitive data applications, it brings even more serious security threat. Therefore, it is necessary to design a more reliable mechanism to ensure the user identity is credible. 3.1.2. The security of data transmission process Sensitive data applications require more reliable measures to ensure data transmission security. 3.1.3. The security of data usage process Most of the traditional methods are mainly used to ensure security while the data is encrypted, however, once the data is been decrypted and used, it will face even more serious security threat. Meanwhile, the traditional cloud storage terminal software often lacks consideration on the user's individual needs and appropriate detecting their execution environment. 3.2. Basic ideas The main idea of the proposed architecture is: 3.2.1. A trusted hardware module Such module is introduced to the system; by introducing a hardware trusted. Module, the system can enhance the interaction security between users and the cloud storage system. The main functions of trusted hardware module include: enhancing the security of user identity; enhancing the interaction security between users and the cloud storage system. 3.2.2. A data security container It is introduced to the system; drawing on the idea of data active protection, we improve the traditional process of transmitting the encrypted data by encapsulating the encrypted data, increasing appropriate access control and data management functions by this way, we turn the static data blocks into a dynamic executable data security container. 3.2.3. Security enhanced cloud storage terminal software In this paper, we design security enhanced cloud storage terminal software architecture. The software can be customized according to the user's requirements, and its functions and components can be changeable. Moreover, the architecture can check the execution environment; compared to the pre-defined environment requirements, ' it can determine the legitimacy of the current running environment to meet the specific security requirements for sensitive data applications. 22
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 3.3. Architecture Design We improve the typical cloud storage architecture [2] to support the sensitive data applications. The improved cloud storage architecture supporting sensitive data applications is shown in Figure 1. Figure 1. Improved cloud storage architecture supporting sensitive data application In this architecture, the user interacts with the cloud storage terminal through security .enhanced software USB-Key. Furthermore, the hardware USB-Key also enhances the interaction security between cloud storage terminal and the Cloud Storage Provider. 4. KEY TECHNOLOGIES 4.1. Data Security Container for Transmission process Through analyzing the data security threats in the sharing and transmission process, we have found some principles to guarantee the security of data transmission: • • The visitors of the data (data owners, or the users) must be legally authorized; The communication between the data transmitter and the data receiver is secure. In this paper, we get some inspiration from the delivery procedure of the postman delivered the letters, while we design a trusted data transmission process. Firstly, considering a simple scenario of postman delivers the letters between the post office and the users, the basic process is shown in Figure 2. 23
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 Figure 2. A simple scenario of postman delivers the letters Drawing an inspiration from this scenario, we analogize the elements of the data transmission process and the elements of the delivery process as follows: The data is corresponding to the letters, the post office is corresponding to the data center and the users are corresponding to the data requesters. Thus, we design a data security container to guarantee the data security during the data transmission procedure. The security container is similar to postman. The data security container structure and interfaces are shown in Figure 3. Figure 3. Architecture of the security data container The encrypted data, essential user information and data accessing authorities are encapsulated in the data security container. Meanwhile, a security detector is designed to identify the user's identification, access control for the data and manage the data yet the user information. 4.2. Security Enhanced cloud storage Terminal software In this paper, we distinguish the cloud storage terminal software into several security levels according to the different security requirements of users, in other words, the terminal software functions and components are customizable. According to the user types and the different execution environment, the cloud storage terminal software can distinguish that whether the user's identification is legal and whether the execution environment is accord with the predefined requirements. Specifically, there are two kinds of users who can use the terminal software: 24
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 • • Anyone can use this terminal software; Only specific users or group of users with common features can use the terminal software. Similarly, in order to adapt the specific requirements for sensitive data application, it is also need to distinguish the software execution environment as follows: • • The terminal software can run on any computer terminal; The terminal software can only run on a specific computer terminal; The components and cooperating progress between the users and the terminal software are shown in Figure 4. The user holds his proprietary hardware USB-Key, and only a legitimate user to holding his legal USB-Key can use the cloud storage terminal software. The communication process between users and terminal software is shown as follows: • • • • • Identification authentication between users and the terminal software; Customizing the terminal software depending on the identity of the user and configure the corresponding components. The terminal software detects its execution environment to determine whether the current environment is accord with the Pre-configured requirements; Security communication between users and the terminal software; Data requesting and data Processing operations between users and the terminal software. Figure. 4 The components of cloud Storage Terminal Software 5. CONCLUSIONS In this paper, improved architecture for the typical cloud storage architecture to support sensitive data application is proposed. We have argued that multiple security enhanced metrics must be introduced to the system to accommodate the specific security requirements and user's personal demands. Therefore, related trust enhancement technologies are designed to meet the system requirements. Clearly, much work remains to be done to realize the entire system. We believe that, sensitive data application is important fields in the future cloud storage systems. Meanwhile, the users are willing to regard their personal privacy information as sensitive data. 25
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 REFERENCES [1] J. Heiser, M. Nicolett, "Assessing the Security Risks of Cloud Computing," Gartner Inc, 2008. [2] C. Wang, Q. Wang, K. Ren, et al., "Ensuring Data Storage Security in Cloud Computing," Charleston, SC, United states, 2009. [3] R. Geambasu S. D. Gribble, H. M. Levy, "Cloud Views: Communal Data Sharing in Public Clouds," in HotCloud'09 Workshop on Hot Topics in Cloud Computing, 2009. [4] S. Kamara, k. Lauter, "Cryptographic Cloud Storage," in Proceedings of Financial Cryptographic: Workshop on Real-Life Cryptographic Protocols and Standardization 2010, pp. 1-14. [5] Juels, B. S. Kaliski Jr, "Pors: Proofs of Retrievability for Large Files," Alexandria, VA, United states, pp. 584-597, 2007. [6] H. Shacham, B. Waters, "Compact Proofs of Petrievability," in Advances in Cryptology - Asiacrypt 2008. vol. 5350, 2008, pp. 90-107. [7] K. D. Bowers, A. Juels, A. Oprea, "Proofs of Retrievabilify: Theory and Implementation," 2008. [8] K. D. Bowers, A. Juels, A. Oprea, "HAIL: A High-Availability and Integrity Layer for Cloud Storage," Chicago, IL, United states, pp. 187-198, 2009. [9] S. J. Thomas Schwarz, E.L. Miller, "Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage," Lisboa, Portugal, 2006. [10] M. Lillibridge, S, Elnikety, A.Birrell, et al., "A Cooperative Internet Backup Scheme," in Usenix Association Proceedings of the General Track, ed, 2003, PP. 29-41. [11] D. L. G. Filho, P. S. L. M. Barreto, "Demonstrating Data Possession and Un-Cheatable Data Transfer," 2006. [12] G. Ateniese, R. Bums, R. curtmola, et al., "Provable Data Possession at Untrusted Stores," in Ccs'07: Proceedings of the 14th ACM Conference on Computer and Communications Security, 2007, pp. 598609. [13] G. Ateniese, R. D. Pietro, L. V Maacini, et Bl., "Scalable and Efficient Provable Data Possession," Istanbul; Turkey, 2008. [14] R. Curtmola, O. Khan, R. Burns, et al., "MR-PDP: Multiple-Replica Provable Data Possession," Beijing, China, pp. 411-420, 2008. Authors Alireza Souri received his B.Sc. in Computer Engineering University College of Nabi Akram, Ira n in 2011. Currently, he is receiving M.Sc. in Software Engineering from East Azarbaijan Science and Research Branch, Islamic Azad University in Iran. His main interest is in the formal verification, modeling and analyzing Network systems, Multilayer systems, Antivirus systems, Grid computing, and Real-time systems. He is member of The Society of Digital Information and Wireless Communications. Arash Salehpour, He is M.Sc. (computer engineering -software - He has worked as Progra m Committees, reviewer at numerous international conferences such as : The International Conference on Informatics Engineering & Information Science (ICIEIS2011), University Technology Malaysia, Malaysia, The World Congress on E-Commerce and Business on the Web (WCEBW2012), United Kingdom and …,The areas of his Research and Interests include: Examines both automatic systems and collaborative systems as well as computational models of human software Engineering activities, Presents knowledge representations and artificial intelligence techniques as well as, he is already acts as member in numerous international organizations such as: The Society of Digital Information and Wireless Communications (SDIWC). 26
International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 Saeid Pashazadeh is Assistant Professor of Software Engineering and chair of Info rmation Technology Department at Faculty of Electrical and Computer Engineering in University of Tabriz in Iran. He received his B.Sc. in Computer Engineering from Sharif Technical University of Iran in 1995. He obtained M.Sc. and Ph.D. in Computer Engineering from Iran University of Science and Technology in 1998 and 2010 respectively. He was Lecturer in Faculty of Electrical Engineering in Sahand University of Technology in Iran from 1999 until 2004. His main interests are modelling and formal verification of distributed systems, computer security, and wireless sensor/actor networks. He is member of IEEE and senior member of IACSIT and member of editorial board of journal of electrical engineering at University of Tabriz in Iran. 27

Recomendados

Securely Data Forwarding and Maintaining Reliability of Data in Cloud Computing por
Securely Data Forwarding and Maintaining Reliability of Data in Cloud ComputingSecurely Data Forwarding and Maintaining Reliability of Data in Cloud Computing
Securely Data Forwarding and Maintaining Reliability of Data in Cloud ComputingIJERA Editor
359 visualizações7 slides
Ijarcet vol-2-issue-3-951-956 por
Ijarcet vol-2-issue-3-951-956Ijarcet vol-2-issue-3-951-956
Ijarcet vol-2-issue-3-951-956Editor IJARCET
327 visualizações6 slides
Iaetsd secured and efficient data scheduling of intermediate data sets por
Iaetsd secured and efficient data scheduling of intermediate data setsIaetsd secured and efficient data scheduling of intermediate data sets
Iaetsd secured and efficient data scheduling of intermediate data setsIaetsd Iaetsd
166 visualizações5 slides
126689454 jv6 por
126689454 jv6126689454 jv6
126689454 jv6homeworkping8
58 visualizações18 slides
International Journal of Computational Engineering Research(IJCER) por
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
327 visualizações6 slides
Efficient technique for privacy preserving publishing of set valued data on c... por
Efficient technique for privacy preserving publishing of set valued data on c...Efficient technique for privacy preserving publishing of set valued data on c...
Efficient technique for privacy preserving publishing of set valued data on c...ElavarasaN GanesaN
37 visualizações9 slides

Mais conteúdo relacionado

Mais procurados

Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona... por
Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona...Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona...
Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona...1crore projects
112 visualizações14 slides
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke... por
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...IJERA Editor
44 visualizações6 slides
Paper id 712019116 por
Paper id 712019116Paper id 712019116
Paper id 712019116IJRAT
26 visualizações4 slides
Ijariie1196 por
Ijariie1196Ijariie1196
Ijariie1196IJARIIE JOURNAL
254 visualizações4 slides
S.A.kalaiselvan toward secure and dependable storage services por
S.A.kalaiselvan toward secure and dependable storage servicesS.A.kalaiselvan toward secure and dependable storage services
S.A.kalaiselvan toward secure and dependable storage serviceskalaiselvanresearch
339 visualizações16 slides
Accessing secured data in cloud computing environment por
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentIJNSA Journal
348 visualizações10 slides

Mais procurados(20)

Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona... por 1crore projects
Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona...Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona...
Enabling Fine-grained Multi-keyword Search Supporting Classified Sub-dictiona...
1crore projects112 visualizações
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke... por IJERA Editor
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...
IJERA Editor44 visualizações
Paper id 712019116 por IJRAT
Paper id 712019116Paper id 712019116
Paper id 712019116
IJRAT26 visualizações
Ijariie1196 por IJARIIE JOURNAL
Ijariie1196Ijariie1196
Ijariie1196
IJARIIE JOURNAL254 visualizações
S.A.kalaiselvan toward secure and dependable storage services por kalaiselvanresearch
S.A.kalaiselvan toward secure and dependable storage servicesS.A.kalaiselvan toward secure and dependable storage services
S.A.kalaiselvan toward secure and dependable storage services
kalaiselvanresearch339 visualizações
Accessing secured data in cloud computing environment por IJNSA Journal
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environment
IJNSA Journal348 visualizações
Secure distributed deduplication systems with improved reliability por Pvrtechnologies Nellore
Secure distributed deduplication systems with improved reliabilitySecure distributed deduplication systems with improved reliability
Secure distributed deduplication systems with improved reliability
Pvrtechnologies Nellore131 visualizações
R180203114117 por IOSR Journals
R180203114117R180203114117
R180203114117
IOSR Journals224 visualizações
50620130101004 por IAEME Publication
5062013010100450620130101004
50620130101004
IAEME Publication425 visualizações
International Journal of Computational Engineering Research(IJCER) por ijceronline
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)
ijceronline275 visualizações
Ijetcas14 583 por Iasir Journals
Ijetcas14 583Ijetcas14 583
Ijetcas14 583
Iasir Journals186 visualizações
Secure sensitive data sharing on a big data platform por redpel dot com
Secure sensitive data sharing on a big data platformSecure sensitive data sharing on a big data platform
Secure sensitive data sharing on a big data platform
redpel dot com1.2K visualizações
Privacy Preserving in Cloud Using Distinctive Elliptic Curve Cryptosystem (DECC) por ElavarasaN GanesaN
Privacy Preserving in Cloud Using Distinctive Elliptic Curve Cryptosystem (DECC)Privacy Preserving in Cloud Using Distinctive Elliptic Curve Cryptosystem (DECC)
Privacy Preserving in Cloud Using Distinctive Elliptic Curve Cryptosystem (DECC)
ElavarasaN GanesaN53 visualizações
C017421624 por IOSR Journals
C017421624C017421624
C017421624
IOSR Journals137 visualizações
Secure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using Cloud por paperpublications3
Secure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using CloudSecure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using Cloud
Secure Data Sharing For Dynamic Groups in Multi-Attorney Manner Using Cloud
paperpublications344 visualizações
IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr... por IRJET Journal
IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr...IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr...
IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr...
IRJET Journal11 visualizações
J018145862 por IOSR Journals
J018145862J018145862
J018145862
IOSR Journals145 visualizações
Secure Distributed Deduplication Systems with Improved Reliability por 1crore projects
Secure Distributed Deduplication Systems with Improved ReliabilitySecure Distributed Deduplication Systems with Improved Reliability
Secure Distributed Deduplication Systems with Improved Reliability
1crore projects84 visualizações
Iaetsd storage privacy protection against data por Iaetsd Iaetsd
Iaetsd storage privacy protection against dataIaetsd storage privacy protection against data
Iaetsd storage privacy protection against data
Iaetsd Iaetsd168 visualizações
IRJET- Secure Data Deduplication and Auditing for Cloud Data Storage por IRJET Journal
IRJET- Secure Data Deduplication and Auditing for Cloud Data StorageIRJET- Secure Data Deduplication and Auditing for Cloud Data Storage
IRJET- Secure Data Deduplication and Auditing for Cloud Data Storage
IRJET Journal21 visualizações

Destaque

Comparative study of various voip applications in 802.11 a wireless network s... por
Comparative study of various voip applications in 802.11 a wireless network s...Comparative study of various voip applications in 802.11 a wireless network s...
Comparative study of various voip applications in 802.11 a wireless network s...ijmnct
306 visualizações11 slides
Development of a mobile learning application to support e learning and analys... por
Development of a mobile learning application to support e learning and analys...Development of a mobile learning application to support e learning and analys...
Development of a mobile learning application to support e learning and analys...ijmnct
1.1K visualizações11 slides
Chaotic ANT System Optimization for Path Planning of the Mobile Robots por
Chaotic ANT System Optimization for Path Planning of the Mobile RobotsChaotic ANT System Optimization for Path Planning of the Mobile Robots
Chaotic ANT System Optimization for Path Planning of the Mobile Robotscseij
95 visualizações8 slides
Performance of spatial multiplexing, por
Performance of spatial multiplexing,Performance of spatial multiplexing,
Performance of spatial multiplexing,ijmnct
344 visualizações8 slides
Network simulators for next generation networks an overview por
Network simulators for next generation networks an overviewNetwork simulators for next generation networks an overview
Network simulators for next generation networks an overviewijmnct
734 visualizações13 slides
An alarming signal in mobile telecommunication industry a study in malaysia por
An alarming signal in mobile telecommunication industry a study in malaysiaAn alarming signal in mobile telecommunication industry a study in malaysia
An alarming signal in mobile telecommunication industry a study in malaysiaijmnct
769 visualizações10 slides

Destaque(20)

Comparative study of various voip applications in 802.11 a wireless network s... por ijmnct
Comparative study of various voip applications in 802.11 a wireless network s...Comparative study of various voip applications in 802.11 a wireless network s...
Comparative study of various voip applications in 802.11 a wireless network s...
ijmnct306 visualizações
Development of a mobile learning application to support e learning and analys... por ijmnct
Development of a mobile learning application to support e learning and analys...Development of a mobile learning application to support e learning and analys...
Development of a mobile learning application to support e learning and analys...
ijmnct1.1K visualizações
Chaotic ANT System Optimization for Path Planning of the Mobile Robots por cseij
Chaotic ANT System Optimization for Path Planning of the Mobile RobotsChaotic ANT System Optimization for Path Planning of the Mobile Robots
Chaotic ANT System Optimization for Path Planning of the Mobile Robots
cseij95 visualizações
Performance of spatial multiplexing, por ijmnct
Performance of spatial multiplexing,Performance of spatial multiplexing,
Performance of spatial multiplexing,
ijmnct344 visualizações
Network simulators for next generation networks an overview por ijmnct
Network simulators for next generation networks an overviewNetwork simulators for next generation networks an overview
Network simulators for next generation networks an overview
ijmnct734 visualizações
An alarming signal in mobile telecommunication industry a study in malaysia por ijmnct
An alarming signal in mobile telecommunication industry a study in malaysiaAn alarming signal in mobile telecommunication industry a study in malaysia
An alarming signal in mobile telecommunication industry a study in malaysia
ijmnct769 visualizações
Comparative evaluation of bit error rate for different ofdm subcarriers in ra... por ijmnct
Comparative evaluation of bit error rate for different ofdm subcarriers in ra...Comparative evaluation of bit error rate for different ofdm subcarriers in ra...
Comparative evaluation of bit error rate for different ofdm subcarriers in ra...
ijmnct405 visualizações
Ergodic capacity analysis for underlay cognitive radio system por ijmnct
Ergodic capacity analysis for underlay cognitive radio systemErgodic capacity analysis for underlay cognitive radio system
Ergodic capacity analysis for underlay cognitive radio system
ijmnct356 visualizações
Effective load balancing method in ad hoc por ijmnct
Effective load balancing method in ad hocEffective load balancing method in ad hoc
Effective load balancing method in ad hoc
ijmnct293 visualizações
Performance comparison of two clipping based filtering methods for papr reduc... por ijmnct
Performance comparison of two clipping based filtering methods for papr reduc...Performance comparison of two clipping based filtering methods for papr reduc...
Performance comparison of two clipping based filtering methods for papr reduc...
ijmnct479 visualizações
Performance analysis on the basis of a comparative study between multipath ra... por ijmnct
Performance analysis on the basis of a comparative study between multipath ra...Performance analysis on the basis of a comparative study between multipath ra...
Performance analysis on the basis of a comparative study between multipath ra...
ijmnct429 visualizações
VEHICLE RECOGNITION USING VIBE AND SVM por cseij
VEHICLE RECOGNITION USING VIBE AND SVM VEHICLE RECOGNITION USING VIBE AND SVM
VEHICLE RECOGNITION USING VIBE AND SVM
cseij50 visualizações
Roteiro manaus por Vivi Araújo
Roteiro manausRoteiro manaus
Roteiro manaus
Vivi Araújo196 visualizações
Mantenimiento de computo por sebassevitas
Mantenimiento de computoMantenimiento de computo
Mantenimiento de computo
sebassevitas99 visualizações
Biografia de anyeli mejia por Tatiana Peralta
Biografia de anyeli mejiaBiografia de anyeli mejia
Biografia de anyeli mejia
Tatiana Peralta209 visualizações
Familia por jhonyatu
FamiliaFamilia
Familia
jhonyatu196 visualizações
Delors jaquesloscuatropilares por Alexander Rodriguez
Delors jaquesloscuatropilaresDelors jaquesloscuatropilares
Delors jaquesloscuatropilares
Alexander Rodriguez124 visualizações
Xabi powerpoint por Xabi Zabaleta
Xabi powerpointXabi powerpoint
Xabi powerpoint
Xabi Zabaleta483 visualizações
segunda clase por Diego Lellenquien
segunda clasesegunda clase
segunda clase
Diego Lellenquien158 visualizações
Idea de constructivismo.doc - amorales por Javier SaaDapart
Idea de constructivismo.doc - amorales Idea de constructivismo.doc - amorales
Idea de constructivismo.doc - amorales
Javier SaaDapart710 visualizações

Similar a A novel cloud storage system with support of sensitive data application

Dynamic Resource Allocation and Data Security for Cloud por
Dynamic Resource Allocation and Data Security for CloudDynamic Resource Allocation and Data Security for Cloud
Dynamic Resource Allocation and Data Security for CloudAM Publications
272 visualizações5 slides
Preserving Privacy Policy- Preserving public auditing for data in the cloud por
Preserving Privacy Policy- Preserving public auditing for data in the cloud Preserving Privacy Policy- Preserving public auditing for data in the cloud
Preserving Privacy Policy- Preserving public auditing for data in the cloudinventionjournals
266 visualizações4 slides
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING por
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGDISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGijcsit
42 visualizações8 slides
Distributed Scheme to Authenticate Data Storage Security in Cloud Computing por
Distributed Scheme to Authenticate Data Storage Security in Cloud ComputingDistributed Scheme to Authenticate Data Storage Security in Cloud Computing
Distributed Scheme to Authenticate Data Storage Security in Cloud ComputingAIRCC Publishing Corporation
28 visualizações8 slides
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING por
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGDISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGAIRCC Publishing Corporation
42 visualizações8 slides
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur... por
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...ijsrd.com
162 visualizações2 slides

Similar a A novel cloud storage system with support of sensitive data application(20)

Dynamic Resource Allocation and Data Security for Cloud por AM Publications
Dynamic Resource Allocation and Data Security for CloudDynamic Resource Allocation and Data Security for Cloud
Dynamic Resource Allocation and Data Security for Cloud
AM Publications272 visualizações
Preserving Privacy Policy- Preserving public auditing for data in the cloud por inventionjournals
Preserving Privacy Policy- Preserving public auditing for data in the cloud Preserving Privacy Policy- Preserving public auditing for data in the cloud
Preserving Privacy Policy- Preserving public auditing for data in the cloud
inventionjournals266 visualizações
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING por ijcsit
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGDISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING
ijcsit42 visualizações
Distributed Scheme to Authenticate Data Storage Security in Cloud Computing por AIRCC Publishing Corporation
Distributed Scheme to Authenticate Data Storage Security in Cloud ComputingDistributed Scheme to Authenticate Data Storage Security in Cloud Computing
Distributed Scheme to Authenticate Data Storage Security in Cloud Computing
AIRCC Publishing Corporation28 visualizações
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING por AIRCC Publishing Corporation
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGDISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTING
AIRCC Publishing Corporation42 visualizações
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur... por ijsrd.com
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...
ijsrd.com162 visualizações
An4201262267 por IJERA Editor
An4201262267An4201262267
An4201262267
IJERA Editor386 visualizações
Fragmentation of Data in Large-Scale System For Ideal Performance and Security por Editor IJCATR
Fragmentation of Data in Large-Scale System For Ideal Performance and SecurityFragmentation of Data in Large-Scale System For Ideal Performance and Security
Fragmentation of Data in Large-Scale System For Ideal Performance and Security
Editor IJCATR257 visualizações
Data Security Model Enhancement in Cloud Environment por ijsrd.com
Data Security Model Enhancement in Cloud EnvironmentData Security Model Enhancement in Cloud Environment
Data Security Model Enhancement in Cloud Environment
ijsrd.com154 visualizações
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT por IJNSA Journal
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
IJNSA Journal3 visualizações
Evaluation Of The Data Security Methods In Cloud Computing Environments por ijfcstjournal
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environments
ijfcstjournal3.2K visualizações
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms por IRJET Journal
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET Journal15 visualizações
Paper id 212014106 por IJRAT
Paper id 212014106Paper id 212014106
Paper id 212014106
IJRAT269 visualizações
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag... por IRJET Journal
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET Journal9 visualizações
thilaganga journal 1 por thilaganga
thilaganga journal 1thilaganga journal 1
thilaganga journal 1
thilaganga160 visualizações
Secure_Data_Distribution_Algorithm_for_Fog_Computing.pdf por HimaBinduKrovvidi
Secure_Data_Distribution_Algorithm_for_Fog_Computing.pdfSecure_Data_Distribution_Algorithm_for_Fog_Computing.pdf
Secure_Data_Distribution_Algorithm_for_Fog_Computing.pdf
HimaBinduKrovvidi12 visualizações
Paper id 27201448 por IJRAT
Paper id 27201448Paper id 27201448
Paper id 27201448
IJRAT251 visualizações
IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co... por IRJET Journal
IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co...IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co...
IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co...
IRJET Journal28 visualizações
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING por IJNSA Journal
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTINGSECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
IJNSA Journal33 visualizações
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING por IJNSA Journal
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTINGSECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
IJNSA Journal13 visualizações

Último

Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... por
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...ShapeBlue
93 visualizações13 slides
Microsoft Power Platform.pptx por
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptxUni Systems S.M.S.A.
74 visualizações38 slides
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... por
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...ShapeBlue
121 visualizações15 slides
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... por
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...ShapeBlue
114 visualizações12 slides
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P... por
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...ShapeBlue
120 visualizações62 slides
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online por
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineShapeBlue
154 visualizações19 slides

Último(20)

Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... por ShapeBlue
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
ShapeBlue93 visualizações
Microsoft Power Platform.pptx por Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.74 visualizações
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... por ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue121 visualizações
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... por ShapeBlue
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
ShapeBlue114 visualizações
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P... por ShapeBlue
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
ShapeBlue120 visualizações
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online por ShapeBlue
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online
ShapeBlue154 visualizações
MVP and prioritization.pdf por rahuldharwal141
MVP and prioritization.pdfMVP and prioritization.pdf
MVP and prioritization.pdf
rahuldharwal14139 visualizações
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT por ShapeBlue
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITUpdates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
ShapeBlue138 visualizações
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T por ShapeBlue
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TCloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
ShapeBlue81 visualizações
Why and How CloudStack at weSystems - Stephan Bienek - weSystems por ShapeBlue
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsWhy and How CloudStack at weSystems - Stephan Bienek - weSystems
Why and How CloudStack at weSystems - Stephan Bienek - weSystems
ShapeBlue172 visualizações
Igniting Next Level Productivity with AI-Infused Data Integration Workflows por Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software373 visualizações
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ... por ShapeBlue
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
ShapeBlue48 visualizações
20231123_Camunda Meetup Vienna.pdf por Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH49 visualizações
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O... por ShapeBlue
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue59 visualizações
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue por ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlueElevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
ShapeBlue149 visualizações
Network Source of Truth and Infrastructure as Code revisited por Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum49 visualizações
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates por ShapeBlue
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesKeynote Talk: Open Source is Not Dead - Charles Schulz - Vates
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates
ShapeBlue178 visualizações
The Power of Heat Decarbonisation Plans in the Built Environment por IES VE
The Power of Heat Decarbonisation Plans in the Built EnvironmentThe Power of Heat Decarbonisation Plans in the Built Environment
The Power of Heat Decarbonisation Plans in the Built Environment
IES VE67 visualizações
"Surviving highload with Node.js", Andrii Shumada por Fwdays
"Surviving highload with Node.js", Andrii Shumada "Surviving highload with Node.js", Andrii Shumada
"Surviving highload with Node.js", Andrii Shumada
Fwdays49 visualizações
DRBD Deep Dive - Philipp Reisner - LINBIT por ShapeBlue
DRBD Deep Dive - Philipp Reisner - LINBITDRBD Deep Dive - Philipp Reisner - LINBIT
DRBD Deep Dive - Philipp Reisner - LINBIT
ShapeBlue110 visualizações

A novel cloud storage system with support of sensitive data application

  • 1. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 A NOVEL CLOUD STORAGE SYSTEM WITH SUPPORT OF SENSITIVE DATA APPLICATION Alireza Souri1, Arash Salehpour2, Saeid Pashazadeh3 1, 2 Department of Computer Engineering, East Azarbaijan Science and Research Branch, Islamic Azad University, Tabriz, Iran 3 Faculty of Electrical and Computer Engineering, University of Tabriz, Tabriz, Iran ABSTRACT Most users are willing to store their data in the cloud storage system and use many facilities of cloud. But their sensitive data applications faces with potential serious security threats. In this paper, security requirements of sensitive data application in the cloud are analyzed and improved structure for the typical cloud storage system architecture is proposed. The hardware USB-Key is used in the proposed architecture for purpose of enhancing security of user identity and interaction security between the users and the cloud storage system. Moreover, drawn from the idea of data active protection, a data security container is introduced in the system to enhance the security of the data transmission process; by encapsulating the encrypted data, increasing appropriate access control and data management functions. The static data blocks are replaced with a dynamic executable data security container. Then, an enhanced security architecture for software of cloud storage terminal is proposed for more adaptation with the user's specific requirements, and its functions and components can be customizable. Moreover, the proposed architecture have capability of detecting whether the execution environment is according with the pre-defined environment requirements. KEYWORDS Sensitive data application, Hardware USB-Key; Data security, Active protection; terminal software customizable. 1. INTRODUCTION The cloud era is coming with increasing network bandwidth and reliable and flexible network connections that allow users to access software and data resources that are distributed in the remote data centers. The Cloud Service Provider (CSP) provides us with an almost unlimited infrastructures, software services and storage space. As customers, we do not need maintain the complicated infrastructure and software services, and we just use hardware resources, software resources and application services. Moreover, we can access and process the shared or exclusive data resources. While the users get many benefits from the cloud storage, they are also worried about the security of their data, especially for security of sensitive data storage and process applications. Although the cryptographic technologies provides some security for sensitive data storages and process applications, however, there are still many security threats and challenges in the face of cloud storage security environment, which is very different with the traditional security environment for the terminal node data. Specifically, these security challenges [1, 2, 3] mainly, include: DOI : 10.5121/ijmnct.2013.3503 19
  • 2. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 1.1. Security threats arose from un-trusted cloud storage service provider Existing cloud storage architecture and security mechanism cannot guarantee that the service provider cannot access and change user's data illegally. 1.2. Users lose control over data In the existing cloud storage architecture, once the users outsource their data into the cloud, they lose control of the data. Consequently, anyone that who can access the data can spread and modify the data illegally. 1.3. Risk of data interception Although there are related cryptographic communication mechanisms to guarantee the security of the data transmission process, while the encrypted data is decrypted for using, the plaintext may be intercepted by attackers. 1.4. The cloud terminals lack necessary requirements for ensure the data security during the data processing procedure Although there are considerable traditional terminal security technologies, however, these technologies tend to focus on preventing malicious attacks to the entire terminal's system. As a result, they scarcely consider the security of the data usage process. Our goal in this paper is to study a case for the cloud storage system that supports the sensitive data application. Our approaches mainly include ensuring the user identity and behavior is trustworthy by enhanced trusted mechanism guaranteeing the sensitive data transmission security by data security container and ensuring the security of data accessing process through security enhanced cloud storage terminal software. The key contributions of this paper are: • • • Improved cloud storage system architecture: compared to the typical cloud storage systems, the improved structure increases hardware USB-Key to enhance the security of user identity and interaction between the users and the cloud storage system. Data security container for Transmission Process: we improve the traditional process of transmitting the encrypted data by encapsulating the encrypted data, increasing appropriate access control and data management functions, by this way, we turn the static data blocks into a dynamic executable data security container. Security Enhanced Cloud Storage Terminal Software: we distinguish the cloud storage terminal software into several security levels according to the different security requirements of users, in other words, the terminal software functions and components are customizable. The rest of this paper is organized as follows. Section 2 presents related works. Section 3 presents system requirements and architectural design. Section 4 presents the key technologies for the system and finally section 5 presents our conclusion. 20
  • 3. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 2. RELATED WORKS • Cloud storage model: wang et al [2] describes typical cloud storage architecture. And in the architecture, there are mainly three types of cloud storage entities: Users, who store their data in the cloud and operate the data depending on service provided by the cloud storage service provider, while the users include businesses, institutions and individuals; cloud storage service provider (CSP), who is responsible for building the cloud storage infrastructure, maintaining the running of services and ensuring the availability, integrity and security of the data stored on its data centers; third-party auditor (TFA), which is an optional entity, and the TPA can assess security threats of the cloud storage services. Kamara et al [4] presents a user data storage and sharing model on the public cloud infrastructure, in the model, the data requester and the data owner communicate with the token in the cryptographic manner. • Cloud storage data integrity: juels et al [5] describes a proof of retrieve ability (POR) model to ensure the integrity of remote data. This model incorporates spot-checking error correction codes to ensure the property and recoverability of the files in the service system. Shacham et al [6] enhance the POR model, based on the POR model. They construct a random linear function on account of the homomorphism authentication code to provide unlimited queries and lower communication overhead. Bowers et al [7] summarizes the work of Juels and shacham and presents an improved framework for POR protocol, moreover, Bowers et al also extends the POR model into the distributed systems [8]. These technologies are all needed to be preprocessed before distributed deployment, and once any changes has been made to the file, the system must broadcast the changes by the error correction code, which brings significant computation and communication complexity for the system. Schwarz et al [9] uses erasure-coding and block-level file integrity detecting methods to ensure the integrity of files across multiple distributed servers, while this method only consider the integrity of static file. Lillibridge et al [10] proposes a backup mechanism for the P2P system, and the mechanism partition the files into several blocks and store them in m+k nodes through (m+k, m) erasure-coding; meanwhile, each node randomly request data blocks toward its backup nodes set, the integrity of data block is ensured by the separate keyed cryptographic hashes attached on the data block, however the mechanism does not guarantee that none of the data has not been tampered. Filho et al [11] proposes a data integrity checking method using the RSA hash function for ens1rtirrg data property in the P2P file-sharing networks, and this method needs doing exponentiation operation on the entire data file, consequently, it is hard to put the method into practice when the file is large enough. • Data property assurance in cloud storage: Ateniese et al [12] builds a Provable Data Property model (PDP) to ensure the rights of data owners in incredible environment, while the model audits the data files by the public-key mechanism based on the homomorphous tags. In a subsequent study, Ateniese et al [13] improve the PDP model using the symmetric-key mechanism to reduce computational overhead and support dynamic operations on data files. In a distributed storage system, Curtmola et al [14] extends the PDP mechanism for data property with multiple data duplicates, and this method does not require a separate coding for each copy. 21
  • 4. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 3. REQUIREMENT ANALYSES AND ARCHITECTURE DESIGN 3.1. The Specific Requirements for sensitive Data Applications There are some specific requirements for the sensitive data applications in the cloud storage system as follows: 3.1.1. The user identity is not trusted Although this is common issue in the cloud storage system, however, for sensitive data applications, it brings even more serious security threat. Therefore, it is necessary to design a more reliable mechanism to ensure the user identity is credible. 3.1.2. The security of data transmission process Sensitive data applications require more reliable measures to ensure data transmission security. 3.1.3. The security of data usage process Most of the traditional methods are mainly used to ensure security while the data is encrypted, however, once the data is been decrypted and used, it will face even more serious security threat. Meanwhile, the traditional cloud storage terminal software often lacks consideration on the user's individual needs and appropriate detecting their execution environment. 3.2. Basic ideas The main idea of the proposed architecture is: 3.2.1. A trusted hardware module Such module is introduced to the system; by introducing a hardware trusted. Module, the system can enhance the interaction security between users and the cloud storage system. The main functions of trusted hardware module include: enhancing the security of user identity; enhancing the interaction security between users and the cloud storage system. 3.2.2. A data security container It is introduced to the system; drawing on the idea of data active protection, we improve the traditional process of transmitting the encrypted data by encapsulating the encrypted data, increasing appropriate access control and data management functions by this way, we turn the static data blocks into a dynamic executable data security container. 3.2.3. Security enhanced cloud storage terminal software In this paper, we design security enhanced cloud storage terminal software architecture. The software can be customized according to the user's requirements, and its functions and components can be changeable. Moreover, the architecture can check the execution environment; compared to the pre-defined environment requirements, ' it can determine the legitimacy of the current running environment to meet the specific security requirements for sensitive data applications. 22
  • 5. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 3.3. Architecture Design We improve the typical cloud storage architecture [2] to support the sensitive data applications. The improved cloud storage architecture supporting sensitive data applications is shown in Figure 1. Figure 1. Improved cloud storage architecture supporting sensitive data application In this architecture, the user interacts with the cloud storage terminal through security .enhanced software USB-Key. Furthermore, the hardware USB-Key also enhances the interaction security between cloud storage terminal and the Cloud Storage Provider. 4. KEY TECHNOLOGIES 4.1. Data Security Container for Transmission process Through analyzing the data security threats in the sharing and transmission process, we have found some principles to guarantee the security of data transmission: • • The visitors of the data (data owners, or the users) must be legally authorized; The communication between the data transmitter and the data receiver is secure. In this paper, we get some inspiration from the delivery procedure of the postman delivered the letters, while we design a trusted data transmission process. Firstly, considering a simple scenario of postman delivers the letters between the post office and the users, the basic process is shown in Figure 2. 23
  • 6. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 Figure 2. A simple scenario of postman delivers the letters Drawing an inspiration from this scenario, we analogize the elements of the data transmission process and the elements of the delivery process as follows: The data is corresponding to the letters, the post office is corresponding to the data center and the users are corresponding to the data requesters. Thus, we design a data security container to guarantee the data security during the data transmission procedure. The security container is similar to postman. The data security container structure and interfaces are shown in Figure 3. Figure 3. Architecture of the security data container The encrypted data, essential user information and data accessing authorities are encapsulated in the data security container. Meanwhile, a security detector is designed to identify the user's identification, access control for the data and manage the data yet the user information. 4.2. Security Enhanced cloud storage Terminal software In this paper, we distinguish the cloud storage terminal software into several security levels according to the different security requirements of users, in other words, the terminal software functions and components are customizable. According to the user types and the different execution environment, the cloud storage terminal software can distinguish that whether the user's identification is legal and whether the execution environment is accord with the predefined requirements. Specifically, there are two kinds of users who can use the terminal software: 24
  • 7. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 • • Anyone can use this terminal software; Only specific users or group of users with common features can use the terminal software. Similarly, in order to adapt the specific requirements for sensitive data application, it is also need to distinguish the software execution environment as follows: • • The terminal software can run on any computer terminal; The terminal software can only run on a specific computer terminal; The components and cooperating progress between the users and the terminal software are shown in Figure 4. The user holds his proprietary hardware USB-Key, and only a legitimate user to holding his legal USB-Key can use the cloud storage terminal software. The communication process between users and terminal software is shown as follows: • • • • • Identification authentication between users and the terminal software; Customizing the terminal software depending on the identity of the user and configure the corresponding components. The terminal software detects its execution environment to determine whether the current environment is accord with the Pre-configured requirements; Security communication between users and the terminal software; Data requesting and data Processing operations between users and the terminal software. Figure. 4 The components of cloud Storage Terminal Software 5. CONCLUSIONS In this paper, improved architecture for the typical cloud storage architecture to support sensitive data application is proposed. We have argued that multiple security enhanced metrics must be introduced to the system to accommodate the specific security requirements and user's personal demands. Therefore, related trust enhancement technologies are designed to meet the system requirements. Clearly, much work remains to be done to realize the entire system. We believe that, sensitive data application is important fields in the future cloud storage systems. Meanwhile, the users are willing to regard their personal privacy information as sensitive data. 25
  • 8. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 REFERENCES [1] J. Heiser, M. Nicolett, "Assessing the Security Risks of Cloud Computing," Gartner Inc, 2008. [2] C. Wang, Q. Wang, K. Ren, et al., "Ensuring Data Storage Security in Cloud Computing," Charleston, SC, United states, 2009. [3] R. Geambasu S. D. Gribble, H. M. Levy, "Cloud Views: Communal Data Sharing in Public Clouds," in HotCloud'09 Workshop on Hot Topics in Cloud Computing, 2009. [4] S. Kamara, k. Lauter, "Cryptographic Cloud Storage," in Proceedings of Financial Cryptographic: Workshop on Real-Life Cryptographic Protocols and Standardization 2010, pp. 1-14. [5] Juels, B. S. Kaliski Jr, "Pors: Proofs of Retrievability for Large Files," Alexandria, VA, United states, pp. 584-597, 2007. [6] H. Shacham, B. Waters, "Compact Proofs of Petrievability," in Advances in Cryptology - Asiacrypt 2008. vol. 5350, 2008, pp. 90-107. [7] K. D. Bowers, A. Juels, A. Oprea, "Proofs of Retrievabilify: Theory and Implementation," 2008. [8] K. D. Bowers, A. Juels, A. Oprea, "HAIL: A High-Availability and Integrity Layer for Cloud Storage," Chicago, IL, United states, pp. 187-198, 2009. [9] S. J. Thomas Schwarz, E.L. Miller, "Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage," Lisboa, Portugal, 2006. [10] M. Lillibridge, S, Elnikety, A.Birrell, et al., "A Cooperative Internet Backup Scheme," in Usenix Association Proceedings of the General Track, ed, 2003, PP. 29-41. [11] D. L. G. Filho, P. S. L. M. Barreto, "Demonstrating Data Possession and Un-Cheatable Data Transfer," 2006. [12] G. Ateniese, R. Bums, R. curtmola, et al., "Provable Data Possession at Untrusted Stores," in Ccs'07: Proceedings of the 14th ACM Conference on Computer and Communications Security, 2007, pp. 598609. [13] G. Ateniese, R. D. Pietro, L. V Maacini, et Bl., "Scalable and Efficient Provable Data Possession," Istanbul; Turkey, 2008. [14] R. Curtmola, O. Khan, R. Burns, et al., "MR-PDP: Multiple-Replica Provable Data Possession," Beijing, China, pp. 411-420, 2008. Authors Alireza Souri received his B.Sc. in Computer Engineering University College of Nabi Akram, Ira n in 2011. Currently, he is receiving M.Sc. in Software Engineering from East Azarbaijan Science and Research Branch, Islamic Azad University in Iran. His main interest is in the formal verification, modeling and analyzing Network systems, Multilayer systems, Antivirus systems, Grid computing, and Real-time systems. He is member of The Society of Digital Information and Wireless Communications. Arash Salehpour, He is M.Sc. (computer engineering -software - He has worked as Progra m Committees, reviewer at numerous international conferences such as : The International Conference on Informatics Engineering & Information Science (ICIEIS2011), University Technology Malaysia, Malaysia, The World Congress on E-Commerce and Business on the Web (WCEBW2012), United Kingdom and …,The areas of his Research and Interests include: Examines both automatic systems and collaborative systems as well as computational models of human software Engineering activities, Presents knowledge representations and artificial intelligence techniques as well as, he is already acts as member in numerous international organizations such as: The Society of Digital Information and Wireless Communications (SDIWC). 26
  • 9. International Journal of Mobile Network Communications & Telematics ( IJMNCT) Vol. 3, No.5, October 2013 Saeid Pashazadeh is Assistant Professor of Software Engineering and chair of Info rmation Technology Department at Faculty of Electrical and Computer Engineering in University of Tabriz in Iran. He received his B.Sc. in Computer Engineering from Sharif Technical University of Iran in 1995. He obtained M.Sc. and Ph.D. in Computer Engineering from Iran University of Science and Technology in 1998 and 2010 respectively. He was Lecturer in Faculty of Electrical Engineering in Sahand University of Technology in Iran from 1999 until 2004. His main interests are modelling and formal verification of distributed systems, computer security, and wireless sensor/actor networks. He is member of IEEE and senior member of IACSIT and member of editorial board of journal of electrical engineering at University of Tabriz in Iran. 27