Privacy Model Access for Outsourced Data in Hybrid Clouds

Volume: 3    Issue: 12

Year of Publication: 2017

Pages: (7-11)

Authors: Er. Mamoon Rashid, Er. Sanjay Madaan

Download Full Text (PDF)

Abstract

The continuity in the evolution of Cloud computing has transformed into managed cloud offerings where providers are now completing those hands-on activities on behalf of the client in a cloud environment. Due to managed cloud providers turning hybrid cloud providers, cloud computing also continues to gain the outsourcing market in ways that are lifting traditional outsourcing from the forefront. Outsourced storage make shared data and resources much more accessible as users can retrieve them anywhere away from the rich in terms of personal computers to smart phones. However, outsourcing the data to a third party causes the security and privacy issues to become a critical concern. This has raised the important security issue of how to control and prevent unauthorized access to data stored in the cloud. In this paper the authors proposed and implemented the access control and authentication mechanism for hybrid cloud architecture i.e. private cloud and public cloud, where the private cloud should store only the organization\"s sensitive structure information and the public cloud should store the actual data. This architecture not only will dispel the organization\"s concerns about risks of leaking sensitive structure information, but will also takes full advantage of public cloud’s power to securely store large volume of data. All data on public cloud is to be stored in encrypted form by employing cryptographic techniques which will save data from misuse and restrict data access to only those intended by the data owners.

References

1. I. Foster, Y. Zhao, I. Raicu, and S. Lu, “Cloud computing and grid computing 360-degree compared”, Grid Computing Environments Workshop, GCE’08, pp. 1-10, 2009.

2. Cloud Security Alliance (CSA), “Security Guidance for Critical Areas of Focus in Cloud Computing V2.1”, December 17, 2009.

3. Blog service hosted by google crashes review.http://hostwisely.com/blog/blog-service-hosted-by-googlecrashes.

4. Keir Thomas,“Microsoft cloud data breach heralds things to come”, Tech world, 29 December, 2010.

5. Summary of the amazon ec2 and amazon rds service disruption in the US East region. http://aws.amazon.com/message/65648.

6. Darlene Storm, “Epsilon breach: hack of the century”, 2011. http://blogs.computerworld.com/18079/epsilon_breach_hack_of_the_century.

7. Siani Pearson, “Taking Account of Privacy when Designing Cloud Computing Services”, CLOUD’09, Vancouver, Canada, pp. 44-52, May 23, 2009.

8. European Network and Information Security Agency (ENISA)“Benefits, risks and recommendations for information security”, Accessed: 28, December 2013.

9. F. R. Institute. (2010). Personal Data in the Cloud: A Global Survey of Consumer Attitudes [Online].

10. From Hype to Future: KPMG’s 2010 Cloud Computing Survey [Online].

11. S. G. Akl and P. D. Taylor, “Cryptographic solution to a problem of access control in a hierarchy”, ACM Trans. Comput. Syst., vol. 1, no. 3, pp. 239–248, 1983.

12. M. J. Atallah, K. B. Frikken, and M. Blanton, “Dynamic and efficient key management for access hierarchies”, in Proc. ACM Conference Comput. Commun. Sec., pp. 905-914.Nov, 2005.

13. H. R. Hassen, A. Bouabdallah, H. Bettahar, and Y. Challal, “Key management for content access control in a hierarchy”, Comput. Netw., vol. 51, no. 11, pp. 3197–3219, 2007.

14. S. D. C. Di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, “Over-encryption: Management of access control evolution on outsourced data”, in Proc. VLDB, pp. 123–134, Sep. 2007.

15. C. Blundo, S. Cimato, S. D. C. Di Vimercati, A. D. Santis, S. Foresti, S. Paraboschi, et al., “Efficient key management for enforcing access control in outsourced scenarios,” in SEC (IFIP), vol. 297. New York, NY, USA: Springer-Verlag, pp. 364–375, May 2009.

16. P. Samarati and S. D. C. di Vimercati, “Data protection in outsourcing scenarios: Issues and directions”, in Proc. ASIACCS, pp. 1–14, Apr. 2010.

17. C. Gentry and A. Silverberg, “Hierarchical ID-based cryptography,” in ASIACRYPT, vol. 2501. New York, NY, USA: Springer-Verlag, , pp. 548–566, 2002.

18. D. Boneh, X. Boyen, and E.-J. Goh, “Hierarchical identity based encryption with constant size ciphertext”, in EUROCRYPT, vol. 3494. New York, NY, USA: Springer- Verlag, pp. 440–456, May 2005.

Keywords

Outsourcing,Managed,Encryption, Cloud, Cryptography.