Encrypted Cloud Storage : A Survey
Sachin Keshavaiah Lohith University of Southern California Los Angeles, CA, USA lohith@usc.edu
Abstract
This electronic document is a live template. The various components of your paper [title, text, heads, etc.] are already defined on the style sheet, as illustrated by the portions given in this document.
Keywords : encryption, cloud, storage, cryptography, token, keyword
1. Introduction
The surge in advancements in distributed systems and networking technology and the advantages that it has brought along with it, has many individuals and organizations move from local to remote cloud storage [1]. Cloud storage falls under Infrastructure as a Service (IaaS) in the series of cloud services where in, a user’s or organization’s data is stored in a nexus of remote servers. Cloud infrastructures can be broadly classified as either public or private. The remote servers provided by public cloud storage service, preserves the unhindered and efficient accessibility of a local storage server along with transparency while customers/users has access to their data. While there are benefits to using a public cloud infrastructure, it poses significant privacy and security risks [2]. The goal of this research is to obtain the degree of security that is indigenous to a private cloud environment in a public cloud environment with respect to data storage. To achieve such degree of security [1], a public cloud storage service should provide (at least):
•
A company allows its staffs in the same groupor department to store and share files in the cloud. By utilizing the cloud, the staffs can be completely released from the troublesome local data storage and maintenance.However, it also poses a significant risk to the confidentialityof those stored files. Specifically, the cloud serversmanaged by cloud providers are not fully trusted by userswhile the data files stored in the cloud may be sensitive andconfidential, such as business plans. To preserve dataprivacy, a basic solution is to encrypt data files, and thenupload the encrypted data into the cloud. Unfortunately,designing an efficient and secure data sharing scheme forgroups in the cloud is not an easy task due to the followingchallenging issues.First, identity privacy is one of the most significantobstacles for the wide
Organizations use the Cloud in a variety of different service models (SaaS, PaaS, IaaS) and deployment models (Private, Public, Hybrid). There are a number of security issues/concerns associated with cloud computing but these issues fall into two broad categories: Security issues faced by cloud providers (organizations providing software-, platform-, or infrastructure-as-a-service via the cloud) and security issues faced by their customers.In most cases, the provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information.
Cloud computing has set a trend in the information technology arena that has sparked the interest of all who utilize the internet on purpose and unsuspectingly. Initially, the primary purpose of cloud computing was to provide a centralized data bank that organizations could use for quick data access. Its use has been quickly adapted, however, beyond business use to become the first option for personal use. The advantages and disadvantages of implementing such a shift from business to personal are varied, yet, statistically, according to the CISCO Global Cloud Index: Forecast and Methodology, 2014-2019 White Paper, its public use is on the rise. The report notes that “by 2019, 56 percent of the cloud workloads will be in public cloud data centers, up from 30 percent in 2014 and by 2019, 44 percent of the cloud workloads will be in private cloud data centers, down from 70 percent in 2014”. Though disadvantages with regard to data security is prominent, users have deemed that its implementation will still promote greater benefits than loss.
While Cloud administrations offers adaptability, versatility and economies of scale, there have been equivalent worries about security. As more information moves from midway found server capacity to the Cloud, the potential for individual and private information to be traded off will increase. Accessibility and trustworthiness of information are in danger if suitable measures are not put set up preceding selecting a Cloud seller or executing your own cloud and moving to Cloud administrations. Cloud administrations, for example, Software as an administration, Platform as an administration or Infrastructure as an administration, will have their own security worries that need to be tended to. The cloud organizations or the vendors conduct a survey on the issues related to the Cloud security. This paper audits the best practices to secure the cloud administrations and information, the threats associated with the cloud technologies and counting traditional security methods and working with sellers to guarantee legitimate Administration Level Agreements exist.
Usage of remote servers via internet to store, manage and process data instead of using a personal computer is known as Cloud computing. It’s a set of Information Technology services with the ability to scale up or down their service requirements. Most of the cloud services are provided by a third party service provider. In cloud computing, organizations can utilize IT services without in advance investment. Despite its benefits obtained from the cloud computing, the organizations are slow in accepting it due to security issues and challenges. Security is one of the major problems which hinder the growth of cloud. It’s not wise to handing over the important data to another company; such that clients need to be vigilant in understanding the risks of data infringement in this new environment. This paper discusses a detailed analysis of the cloud computing security issues and challenges. (Ayoleke)
Abstract - Cloud Computing is huge computing, it is the internet based computing, where all users can remotely store their data into the cloud so as to enjoy the latest and high quality applications and services. In outsourcing data , users can be relieved from the burden of local maintenance and data storage .Thus, enabling public auditability for cloud data storage security is of difficult so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective. The following two fundamental requirements to securely introduce an effective third party auditor (TPA) .1) The third party auditing process should bring in no new vulnerabilities towards user data privacy. 2) TPA introduces no additional on-line burden to the cloud user. TPA should be able to efficiently audit the cloud data storage. 3) TPA should audit the data for checking the integrity of that data. In this we propose for privacy-preserving public auditing for cloud data storage.To enable the TPA to perform audits for multiple users simultaneously and efficiently.We also doing batch auditing for multiple users data.
Are cloud storage solutions irrelevant for a large organisation of 1,500 staff? - An evaluation of capabilities and potential for Cloud storage in the enterprise
Cloud computing platform is vulnerable to security due to shared computing resources between multiple users. Also cloud computing resources are installed and managed by cloud providers. So cloud providers can have access to the confidential data. Data breaches can occur due to stealing or modifying important data by the harmful cloud providers. So data security, confidentiality and integrity can be problematic when cloud computing services are used[1]. Organizations can use Cryptographic techniques and Encrypted File System (EFS) to do data encryption for the security. Public keys are used for the encryption and decryption of the data by EFS. These keys are stored in the disk of the computer. So EFS is not a good option to use for the data security in the cloud. System administrators can have
Several researchers have addressed the issue of depending on a single cloud storage service, such as cite {AbuLibdeh2010} cite {Scalia}, and they believe that adopting multiple cloud storage services is a useful approach to tackling the problems associated with the dependence on a single cloud provider. Simply, This method combines several independent cloud services and considers them as one cloud. Although the distribution of data among several cloud storage services increase availability, performance, and reduces the probability of losing data, it may increase the amount of storage and bandwidth used and as a result, the cost rises. Scalia cite {Scalia} introduced a cloud brokerage solution that continuously adapts the placement of data, based on files access statistics among several cloud storage services to minimise the storage cost, improve the data availability, and eliminate vendor lock-in risk. However, The work does not evaluate the impact of the system on the latency time. HAIL cite {Bowers2009} used the principle of RAID to distribute files across a collection of cloud storage to enhance the availability of data and remotely manage data security risks (i.e. data integrity) in the cloud by employing the Proofs of Retrievability (PORs) system. Although this work shows a reduce in storage cost, they do not consider the effect of access patterns on the network cost. Besides, they assume that
Cloud technology links remote computers to a network of data servers that contain user data. It serves to increase efficiency in data access, increase user convenience and lower costs. It also has created efficiencies in terms of user hardware requirements necessary to access files and programs in multiple locations. A system designed in only 2006, it has already become a $68 billion global industry, with an anticipated $17 billion per annum growth rate. With such a growth rate, cloud technology is rapidly becoming an increasingly important aspect of individual and corporate data storage. While cloud technology provides an expansive range of possibilities of use for individuals and businesses alike, it has also posed challenges for its effective governance and privacy.
With the need for more storage and backup we are looking for a storage cloud. Cloud is a place where you have unlimited place to store your data. Any place you go, you are on a cloud until you have an internet access to your smart phone or smart devices. Cloud computing is a trending technology in every sector. It is a computing phase in which various remote servers are interacted. In this we have a centralized data storage system on a cloud based wed storage system where anyone who has internet or Wi-Fi can access those resources. The clouds are classified as public cloud, private cloud and hybrid cloud. Private cloud computing is only for a private organization which offers the solutions to the problems being requested. Private cloud computing is privatized by itself by having its own hardware including servers, VM’s, hosts, network and their storage and thus providing service to users.
There are clear indications that private data center use may have peaked. Cloud storage faces the same risks as the enterprise network, adding a virtual location that is also vulnerable to hacked APIs, account hijacking, poor key/certificate management and lax authentication. With the cloud/hybrid model as the growing standard, it is critical for companies to secure data and applications in both the physical and virtual locations.
Section 2 deals with related works to this survey, and give generalizations of those works as they pertain to this paper. The third section details the parts of the cloud IaaS, SaaS, and PaaS, and how they are deployed using public, private, hybrid, and community clouds. It also speaks of the data centers and the need to understand setting them up, location, humidity, political, governmental, and energy-saving aspects to ensure high cloud high uptime. The authors’ talk of certain threats such as physically breaking into data centers, malicious employees, and exploits by those in the community who search for vulnerabilities.
The purpose of this study is to determine whether or not cloud computing is secure and safe enough to store your information in. The world of cloud computing is constantly expanding to the point that it is a useful resource on a personal, private, and international level. Cloud computing is continuously evolving in this modern day and age and so are the threats to its security. Cloud computing has grown into a flexible and scalable environment overtime, it began by trying to make computer systems remotely timeshare their applications. Latter-day cloud computing refers to the variety of services that the cloud performs such as email, document access, maps, calendars, web analytics, storage, and text translations.
The reason for the author selecting to look at literature regarding cloud security within this review is because of how it ties in with a Computing Science degree currently being worked towards at Staffordshire University. One of the modules being studied involves the creation of a database system, with the client formally requesting a cloud-based data centre as part of their system. Therefore, it would interesting to take an in-depth look at the security concerns surrounding what is a technology that is still within its infancy stage.