A privacy preserving repository for securing data across the cloud (original) (raw)

Achieving Secure cloud Data Sharing

Eighth Sense Research Group

Abstract—Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that users’ data are usually processed remotely in unknown machines that users do not own or operate. While enjoying the convenience brought by this new emerging technology, users’ fears of losing control of their own data (particularly, financial and health data) can become a significant barrier to the wide adoption of cloud services. To address this problem, in this paper, we propose a novel highly decentralized information accountability framework to keep track of the actual usage of the users’ data in the cloud. In particular, we propose an object-centered approach that enables enclosing our logging mechanism together with users’ data and policies. We leverage the JAR programmable capabilities to both create a dynamic and traveling object, and to ensure that any access to users’ data will trigger authentication and automated logging local to the JARs. To strengthen user’s control, we also provide distributed auditing mechanisms. We provide extensive experimental studies that demonstrate the efficiency and effectiveness of the proposed approaches. Keywords – Cloud computing, accountability, data sharing.

Secure Scheme of Data Protection in Cloud Computing

paradigm also brings forth many new challenges for data security and access control mechanisms, when users outsource sensitive data for sharing on Cloud systems, which are not within the same trusted domain as data owners. Storing data on untrusted storage makes secure data sharing a challenge issue. To keep sensitive user data confidential against untrusted Cloud systems, on one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. The existing solutions usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce a heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired, and thus do not scale well. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key or user management, user accountability, data security, computational overhead and etc. To address these challenge issues, in this paper we defined and enforcing access policies based on data attributes and enabling the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. We achieve this goal by exploiting and uniquely combining techniques of Ciphertext policy attribute based encryption system and proxy re-encryption and re-encryption. Our proposed scheme also has salient features of user access privilege confidentiality and user secret key accountability.

" Data confidentiality for data access control on cloud "

To keep sensitive user data confidential against untrusted servers, existing solutions usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce a heavy computation overhead on the data owner for key distribution and data management when fine grained data access control is desired, and thus do not scale well. The problem of simultaneously achieving fine-graininess scalability and data confidentiality of access control actually still remains unresolved. This paper proposed some services for data safekeeping and access control when users outsource sensitive data for sharing on cloud servers. This paper addresses this challenging open issue by, on one hand, defining and enforcing access policies based on data attributes, and, on the other hand, allowing the data owner to delegate most of the computation tasks involved in fine grained data access control to unfrosted cloud servers without disclosing the underlying data contents. Scheme proposed enables the data owner to delegate tasks of data file re-encryption and user secret key update to cloud servers without disclosing data contents or user access privilege information. This goal is achieved by exploiting and uniquely combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy re-encryption that has salient properties of user access privilege confidentiality and user secret key accountability and achieves fine-graininess, scalability and data confidentiality for data access control in cloud computing. Extensive analysis shows that too much work is done on working and improving existing schemas where confidentiality of data access is consider as key points on future works

Secure and Effective Data Storage in Cloud Computing

2019

Customers store huge proportions of tricky data on a cloud. Sharing fragile data will empower endeavors to decrease the expense of giving customer’s tweaked advantages and offer some effective force included data administrations. Nevertheless, secure data sharing is dangerous. Security plays a vital role among the most troublesome errand to realize in cloud computing. Unambiguous kinds of assaults in the application side and in the hardware sections. This paper implements a framework for secure sensitive data sharing in cloud, including secure data transport, amassing, use, and obliteration on a semi-trusted in cloud condition. We show Kerberos tradition over the framework and a customer method protection system in perspective of a virtual machine screen, which offers assistance for the affirmation of structure limits.

Privacy Preserving Data Access To Cloud

International Journal of Innovative Technology and Exploring Engineering, 2019

The current systems stress on protection of data stored in the cloud servers without giving much thought and consideration to the protection of data during user access. Encryption of data is a technique that is popularly used to protect stored data. Encryption essentially scrambles the data and stores it in a form which makes no sense unless decrypted with the suitable key. Every cloud service provider ensures data is stored in an encrypted form in its servers. Encryption of data is not sufficient to protect user data as acquiring the appropriate key can result in decrypting of the data. Encrypting the data before uploading the data to the cloud can help to an extent to preserve data. To access the data it would need to be encrypted twice- once by the cloud service provider and then by the user. Cloud service provider is prevented from accessing user data and also other third-party individuals. However, this approach too is not efficient and sufficient to protect user data. ORAM alg...

Secure Storing and Sharing of Cloud Data under Key Exposure: A Survey

international journal for research in applied science and engineering technology ijraset, 2020

In the era of digitization and technological advancement, cloud computing is that the trending domain in several regards. Cloud computing permits us to form and customize business applications on-line. It allows the cost-efficient, easy approach by configuring the parts and also the applications on information centers. Whereas security remains a serious concern in cloud. Once the cryptography secret is exposed, the sole possible way to preserve information confidentiality is to limit the adversary's access to the cipher text. However, if information is encrypted, using the existing cryptography schemes and spreading the cipher text on multiple servers hasn't entirely solved the matter since somebody who may acquire the cryptography key, will still compromise single server and rewrite the cipher text keep therein. We in this paper tend to address confidentiality, user authentication and information integrity under key exposure. I. INTRODUCTION Computing is being fully changed to a model consisting of services that are commoditized and delivered using a fashion quite like many utilities which is usually available like water electricity, etc. In such models, users able to access services supported their requirements without relevancy where the services are hosted. Different computing paradigms deliver this utility computing which include Grid computing, Peer to Peer computing, and more recently cloud computing. [1]. Cloud Computing is a trending and emerging computing technology that uses the online and thus the remote servers to need care of data and applications. Cloud Computing refers to applications and services offered over the web. These services are offered from data centers everywhere the world, which collectively are mentioned because the "cloud. "Cloud computing is Pay Per-Use-On-Demand model which may conveniently access shared IT resources through the web Where the IT resources include social networking sites, web mail, online business applications and network Services. Cloud computing divulge infrastructure, platform, and software (application) as services, which are made available as subscription-based services to consumers. These services in industry are respectively mentioned as Infrastructure as a Service (Iaas) ,Software as a Service (SaaS) and Platform as a Service (PaaS).To realize cloud computing potential, vendors like Amazon, Google, Microsoft and IBM are started to make and deploy Clouds in various locations across the planet. Additionally, companies working across the planet require the faster response time and thus save time by distributing workload requests to multiple Clouds in various locations at the same time. This creates the necessity for flourishing a computing world for dynamically interconnecting and provisioning Clouds from multiple domains within and across enterprises. There are many difficulties involved in creating such Clouds and Cloud interconnections. Cloud computing companies' states that data is secure, but it isn't completely true. Only time will tell if your data is secure within the cloud. Since customer data and program are residing in provider premises cloud security concerns are arising tons. While cost and easiness to use are two major benefits of cloud computing, there are significant security concerns that require to be addressed while moving critical applications and crucial data to public and shared cloud environments. With social networking services gaining popularity it has to concentrate on sharing data. Google Docs is one such cloud platform which provides data sharing capabilities as groups of scholars, or teams performing on a project can share documents and should collaborate with one another effectively. There's an assumption that data servers will be trusted to stay the info secure. However, this assumption isn't any longer valid today since services are increasingly storing data across many servers that are shared with other data owners. The Cloud is prone to many privacy and security attacks. The largest obstacle hindering the development and also the wide adoption of the Cloud is that the privacy and security issues related to it. An example of this can be cloud data storage where cloud service providers aren't within the identical trusted domains as end users, and hardware platforms aren't under the direct control of information owners. To mitigate user's privacy concerns about their data, a typical solution is to store data in encrypted form so as that it will remain private, whether or not data servers or storage devices aren't trusted or compromised.

Enhancing Data Privacy and Access Anonymity in Cloud Computing

There is a growing interest in cloud computing due to its various benefits such as the efficient utilization of computing resources. However, privacy and security concerns are among the main obstacles facing the widespread adoption of this new technology. For instance, it is more desirable for many potential organizations and users that privacy protections and access authorizations on their data stored in the cloud remain under their control and only authorized entities can have access to the data even for the cloud server. In this paper, we propose a method that enables cloud clients more control of data security requirements on their data stored in the cloud. The data is protected by a client before it is sent to the cloud in a secure manner that only authorized users can access it. To provide a complete protection from unauthorized access, even the cloud provider is prevented from revealing the data content and access control policies. The client or data owner has complete control on what methods to use to protect the data and on who can have access on the data. The proposed method is based on a combination of cryptography techniques, including the Chines Remainder Theorem, symmetric and asymmetric encryptions. The proposed method combines access control and key sharing in one mechanism. In addition, the proposed method allows a client to use a unique key to encrypt the data and attaches it securely to its encrypted data. Only authorized users can have access to the key in order to decrypt the encrypted data. The data has all the security requirements independently attached to it including the integrity proof. The proposed method is efficient and has its computational overheard minimized. With all the security requirements and metadata stored with the data itself, the proposed method is also flexible and suitable for protecting clients' data in the cloud computing environment.

A New Secure Model for Data Protection over Cloud Computing

Computational Intelligence and Neuroscience

The main goal of any data storage model on the cloud is accessing data in an easy way without risking its security. A security consideration is a major aspect in any cloud data storage model to provide safety and efficiency. In this paper, we propose a secure data protection model over the cloud. The proposed model presents a solution to some security issues of cloud such as data protection from any violations and protection from a fake authorized identity user, which adversely affects the security of the cloud. This paper includes multiple issues and challenges with cloud computing that impairs security and privacy of data. It presents the threats and attacks that affect data residing in the cloud. Our proposed model provides the benefits and effectiveness of security in cloud computing such as enhancement of the encryption of data in the cloud. It provides security and scalability of data sharing for users on the cloud computing. Our model achieves the security functions over clou...

Security Techniques for Protecting Data in Cloud Computing

Late mechanical advances have offered ascend to the notoriety and accomplishment of cloud. This new worldview is picking up a growing enthusiasm, since it gives cost effective models that help the transmission, stockpiling, and concentrated processing of information. In any case, these promising stockpiling administrations bring many testing configuration issues, impressively because of the loss of information control. These difficulties, to be specific information classification and information respectability, have noteworthy effect on the security and exhibitions of the cloud framework. Some danger models accept that the cloud specialist organization can't be trusted, and in this manner security creators propose an abnormal state security confirmation, for example, putting away scrambled information in cloud servers. Others assume that cloud suppliers can be trusted, and that potential dangers come essentially from outside aggressors and different vindictive cloud clients. Furthur more, a cloud client can never deny a potential server breakdown. Thus, there are a few difficulties that should be tended to as for security and protection in a cloud setting. This proposition goes for defeating this exchange off, while considering two information security concerns. On one hand, we concentrate on information secrecy safeguarding which turns out to be more complex with adaptable information sharing among a dynamic gathering of clients. It requires the mystery of outsourced information and an efficient sharing of unscrambling keys between different approved clients. For this reason, we, in the first place, proposed another technique depending on the utilization of ID-Based Cryptography (IBC), where every customer goes about as a Private Key Generator (PKG). That is, he creates his own open components and infers his comparing private key utilizing a mystery. Because of IBC properties, this commitment is appeared to help information security and confidentiality, and to be impervious to unapproved access to information amid the sharing procedure, while considering two sensible risk models, to be specific a genuine however inquisitive server and a malignant client foe. Second, we characterize CloudaSec, an open key based arrangement, which proposes the partition of membership based key administration and privacy situated deviated encryption strategies. That is, CloudaSec empowers adaptable and versatile sending of the arrangement and also solid security ensures for outsourced information in cloud servers. Trial comes about, under Open Stack Swift, have demonstrated the efficiency of CloudaSec in versatile information sharing while at the same time considering the effect of the cryptographic operations at the customer side. Then again, we address the Proof of Data Possession (PDP) concern. Actually, the cloud client ought to have an efficient approach to perform periodical remote respectability confirmations, without keeping the information locally, following three considerable angles : security level, open certainty, and execution. This worry is amplified by the customer's compelled stockpiling and calculation capacities and the expansive size of outsourced information. Keeping in mind the end goal to satisfy this security prerequisite, we initially characterize another zero-learning PDP protocol that gives deterministic honesty check ensures, depending on the uniqueness of the Euclidean Division. These assurances are considered as fascinating, contrasted with a few proposed plans, showing probabilistic methodologies. At that point, we propose SHOPS, a Set-Homomorphism Proof of Data Possession plot, supporting the 3 levels of information confirmation. SHOPS empowers the cloud customer not exclusively to acquire a proof of ownership from the remote server, yet in addition to check that a given information document is dispersed over numerous capacity gadgets to accomplish a specific wanted level of blame tolerance. Without a doubt, we display the set homomorphism property, which stretches out pliability to set operations properties, for example, union, convergence and incorporation. SHOPS display high security level and low preparing many-sided quality. For example, SHOPS spares vitality inside the cloud supplier by appropriating the calculation over numerous hubs. Every hub gives confirmations of neighbourhood information square sets. This is to make appropriate, subsequent evidence over arrangements of information squares, fulfilling a few needs, for example, proofs accumulation.

A Dual Security Protection Mechanism for Cloud-Based Data Storage and Sharing

International Journal for Research in Applied Science & Engineering Technology (IJRASET), 2023

Cloud-based data storage service has drawn increasing interest from both academic and industry in recent years due to their efficient and low-cost management. Since it provides services in an open network, it is urgent for service providers to make use of secure data storage and sharing mechanism to ensure data confidentiality and service user privacy.