IJMTES – DATA SECURITY FOR CLOUD ENVIRONMENT WITH INTERMEDIATE KEY PROVIDERS

Journal Title : International Journal of Modern Trends in Engineering and Science

Author’s Name : P.Sarankumar | B.Aravindan  unnamed

Volume 03 Issue 07 2016

ISSN no:  2348-3121

Page no: 71-75

Abstract – Off-site data storage is an request of cloud that relieves the customers from focusing on data storage system. However, outsourcing data to a third-party directorial control entails serious security concerns. Data leakage may occur due to attacks by other users and equipment in the cloud. Wholesale of data by cloud service provider is yet another difficulty that is face in the cloud setting. Consequently, high-level of security procedures is required. In this paper, we propose Data safety for Cloud Environment with Intermediate Key Providers (DaSCE), a data security system that provides (a) key management (b) access control, and (c) file secure deletion. The DaSCE utilizes Shamir’s (k, n) threshold scheme to manage the keys, where k out of n shares are required to produce the key. We use multiple key managers, each hosting one share of key. Multiple key managers evade single point of failure for the cryptographic keys. We (a) implement a working prototype of DaSCE and evaluate its recital based on the time consumed during various operations, (b) formally model and cram the working of DaSCE using High Level Petri nets (HLPN), and (c) verify the working of DaSCE use Satisfiability Modulo Theories files (SMT-Lib) and Z3 solver. The results reveal that DaSCE can be efficiently used for security of outsourced data by employing key administration, access control, and file assured deletion. 

Keywords— Cloud; Data Security; Key 

Reference

  1. M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R. Ktaz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoics, and M. Zaharia, “A View of Cloud Computing,” Communications of the ACM, Vol. 53, No. 4, 2010, pp. 50-58. 
  2. M. S. Blumenthal, “Is Security Lost in the Clouds?”Communica-tions and Strategies, No. 81, 2011, pp. 69-86.
  3.  C.Cachinand M.Schunter, “A cloud you can trust,”IEEESpectrum,Vol. 48, No. 12,2011,pp. 28-51.
  4. C. Cremers, “The Scyther Tool: Verification, falsification, and analysis of security protocols.” In Computer Aided Verification, Springer Berlin Heidelberg, 2008, pp. 414-418.
  5. Cloud Security Alliance https://downloads.cloudsecurityalliance.org/initiatives/cdg/CSA_CCAQIS_Survey.pdf (accessed March 24, 2013).

  6. W. Diffie, P. C. V. Oorschot, and M. J. Wiener, “Authentication and authenticated key exchanges,”Designs, Codes and Cryptography,Vol. 2, No. 2, 1992, pp. 107-125.
  7. M. Ali, K. Bilal, S. U. Khan, B. Veeravalli, K. Li, and A. Y. Zomaya, “DROPS: Division and Replication of Data in the Cloud for Optimal Performance and Security,” IEEE Transactions on Cloud Computing, 2015, DOI: 10.1109/TCC.2015.2400460.
  8. N. En and N. Srensson, “An extensible SAT-solver,” Lecture Notes in Computer Science, vol. 2919, Springer, 2003, pp. 502-518.
  9. C P. Gomes, H. Kautz, A. Sabharwal, and B. Selman, “Satisfiability solvers,” In Handbook of Knowledge Representation, Elsevier, 2007.
  10. M. Ali, S. U. Khan, and A. V. Vasilakos, “Security in cloud computing: Opportunities and challenges,” Information Sciences, Vol. 305,
  11. A. Juels and A. Opera, “New approaches to security and availability for cloud data,” Communications of the ACM, Vol. 56, No. 2,
  12. S. Kamara and K. Lauter, “Cryptographic cloud storage,” Financial Cryptography and Data Security, Springer Berlin Heidelberg, 2010, pp. 136-149.
  13. M.Kaufman, ”Data security in the world of cloud computing,” IEEE Security and Privacy, Vol. 7, No. 4, 2009, pp. 61-64.
  14. H. Lin and W. Tzeng, “A secure decentralized erasure code for distributed network storage,” IEEE Transactions on Parallel and Distributed Systems, vol. 21, no. 11, Nov. 2010, pp. 1586-1594.
  15. H. Lin and W. Tzeng, “A secure erasure code-based cloud storage system with secure data forwarding,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 6, June 2012, pp. 995-1003.
  16. S. U. R. Malik, S. K. Srinivasan, S. U. Khan, and L. Wang, “A Methodology for OSPF Routing Protocol Verification,” 12th Inter- national Conference on Scalable Computing and Communications (ScalCom), Changzhou, China, Dec. 2012.
  17. L. Moura and N. Bjrner, “Satisfiability Modulo Theories: An appetizer,” Lecture Notes in Computer Science, Vol. 5902, Springer,
  18.  T. Murata, “Petri Nets: Properties, Analysis and Applications,” Proc. IEEE, Vol. 77, No. 4, pp. 541-580, Apr. 1989.
  19. A. Shamir, “How to Share a Secret,” Comm. ACM, Vol. 22, No. 11, Nov. 1979, pp. 612-613.
  20. H. Takabi, J. B. D. Joshi, and G. J. Ahn, “Security and privacy challenges in cloud computing environments,” IEEE Security and Privacy, Vol. 8, No. 6, 2010,pp. 24-31.
  21. Y. Tang, P. P. Lee, J. C. S. Lui, and R. Perlman, “Secure Overlay Cloud Storage with Access Control and Assured Deletion,” IEEE Transactions on Dependable and Secure Computing, Vol. 9, No. 6, Nov. 2012, pp. 903-916.
  22. A. Yun, C. Shi, and Y. Kim, “On protecting integrity and confiden- tiality of cryptographic file system for outscored storage,” Proceed- ings of 2009 ACM workshop on cloud computing security CCSA’09, pp. 67-76, 2009.
  23. M. Ali, R. Dhamotharan, E. Khan, S. U. Khan, A. V. Vasilakos, K.Li, and A. Y. Zomaya, “SeDaSC: Secure Data Sharing in Clouds,” IEEE Systems Journal, 2015, http:// dx.doi.org/10.1109/JSYST.2014.2379646.
  24. A. R. Khan, M. Othman, S. A. Madani, and S. U. Khan, “A survey of mobile cloud computing application models,” IEEE Communica- tions Surveys and Tutorials, 2013, 1-21.