Mohammed Anwar MOHAMMED, Fadhil Salman ABED

4322

A symmetric-based framework for securing cloud data at rest

Cloud computing is the umbrella term for delivering services via the Internet. It enables enterprises and individuals to access services such as virtual machines, storage, or applications on demand. It allows them to achieve more by paying less, and it removes the barrier of installing physical infrastructure. However, due to its openness and availability over the Internet, the issue of ensuring security and privacy arises. This requires careful consideration from enterprises and individuals before the adoption of cloud computing. In order to overcome security issues, cloud service providers are required to use strong security measures to secure their storage and protect cloud data from unauthorized access. In this paper, a novel framework and symmetric-based encryption scheme for securing cloud data at rest is introduced. The performance evaluation of the new framework shows that it has a high level of efficiency, feasibility, and scalability.
Keywords:

Cloud computing security, encryption, decryption ASCII, cloud storage,

PDF

___

  • [1] Mell P, Grance T. The NIST Defnition of Cloud Computing. Gaithersburg, MD, USA: National Institute of Standards and Technology, 2011.
  • [2] Sharma PK, Kaushik PS, Agarwal P, Jain P, Agarwal S et al. Issues and challenges of data security in a cloud computing environment. In: IEEE 2017 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference; New York City, NY, USA; 2017. pp. 560-566.
  • [3] Columbus L. State of Enterprise Cloud Computing. Hoboken, NJ, USA: Forbes Media, 2018.
  • [4] Linthicum DS. Connecting fog and cloud computing. IEEE Cloud Computing 2017; 4 (2): 18-20. doi: 10.1109/MCC.2017.37
  • [5] Huan L. Big data drives cloud adoption in enterprise. IEEE Internet Computing 2013; 17 (4): 68-71. doi: 10.1109/MIC.2013.63
  • [6] Mahmood Z. Cloud computing: characteristics and deployment approaches. In: IEEE 2011 11th International Conference on Computer and Information Technology; 2011; pp. 121-126. doi: 10.1109/CIT.2011.75
  • [7] Mogull R, Arlen J, Gilbert F, Lane A, Mortman D et al. SECURITY GUIDANCE for Critical Areas of Focus in Cloud Computing, v4.0. Tokyo, Japan: Cloud Security Alliance, 2017.
  • [8] Fatemi MF, Rohani MB, Ahmadi M, Khodadadi T, Madadipouya K. Cloud computing: vision, architecture and characteristics. In: IEEE 2015 6th Control and System Graduate Research Colloquium; 2015. pp. 1-6. doi: 10.1109/ICSGRC.2015.7412454
  • [9] Hofer CN, Karagiannis G. Cloud computing services: taxonomy and comparison. Journal of Internet Services and Applications 2011; 2 (2): 81-94. doi: 10.1007/s13174-011-0027-x
  • [10] Zhang Q, Cheng L, Boutaba R. Cloud computing: state-of-the-art and research challenges. Journal of Internet Services and Applications 2010; 1 (1): 7-18. doi: 10.1007/s13174-010-0007-6
  • [11] Zissis D, Lekkas D. Addressing cloud computing security issues. Future Generation Computer Systems 2012; 28 (3): 583-592. doi: 10.1016/j.future.2010.12.006
  • [12] Al-Jabri IM. The perceptions of adopters and non-adopters of cloud computing: application of technology-34 organization-environment framework. In: 14th International Conference of Electronic Business; Taipei, Taiwan; 2014. pp. 250-257.
  • [13] CyberScout. DATA BREACH REPORTS. Berkeley, CA, USA: Identity Theft Resource Center, 2018.
  • [14] Mall S, Saroj SK. A new security framework for cloud data. Procedia Computer Science 2018; 143: 765-775. doi: 10.1016/j.procs.2018.10.397
  • [15] Balasaraswathi VR, Manikandan S. Enhanced security for multi-cloud storage using cryptographic data splitting with dynamic approach. In: 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies; 2014. pp. 1190-1194. doi: 10.1109/ICACCCT.2014.7019286
  • [16] Wang C, Wang Q, Ren K, Lou W. Ensuring data storage security in cloud computing. In: 17th International Workshop on Quality of Service; Charleston, SC, USA; 2009. pp. 1-9. doi: 10.1109/IWQoS.2009.5201385
  • [17] Arockiam L, Monikandan S. Data security and privacy in cloud storage using hybrid symmetric encryption algorithm. International Journal of Advanced Research in Computer and Communication Engineer 2013; 2 (8): pp. 3064-3070.
  • [18] Liu Q, Wang G, Wu J. Secure and privacy preserving keyword searching for cloud storage services. Journal of Network and Computer Applications 2012; 35 (3): 927-933. doi: 10.1016/j.jnca.2011.03.010
  • [19] Sun H, Wu M, Ting W, Hinek MJ. Dual RSA and its Security analysis. IEEE Transactions on Information Theory 2007; 53 (8): 2922-2933. doi: 10.1109/TIT.2007.901248
  • [20] Patidar R, Bhartiya R. Modified RSA cryptosystem based on offline storage and prime number. In: IEEE International Conference on Computational Intelligence and Computing Research; 2013. pp. 1-6. doi: 10.1109/ICCIC.2013.6724176
  • [21] Gupta S, Sharma J. A hybrid encryption algorithm based on RSA and Diffie-Hellman. In: IEEE International Conference on Computational Intelligence and Computing Research; Coimbatore; 2012. pp. 1-4. doi: 10.1109/ICCIC.2012.6510190
  • [22] Yang K, Jia X, Ren K. DAC-MACS: Effective data access control for multi-authority cloud storage systems. In: Proceedings IEEE INFOCOM; Turin, Italy; 2013. pp. 2895-2903. doi: 10.1109/INFCOM.2013.6567100
  • [23] Rabin MO. Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of the ACM 1989; 36 (2): 335-348. doi: 10.1145/62044.62050
  • [24] Santos N, Gummadi KP, Rodrigues R. Towards trusted cloud computing. In: HotCloud’09 Proceedings of the 2009 Conference on Hot Topics In Cloud Computing; San Diego, CA, USA; 2009.
  • [25] Hwang K, Li D. Trusted cloud computing with secure resources and data coloring. IEEE Internet Computing 2010; 14 (5): 14-22. doi: 10.1109/MIC.2010.86
  • [26] Sedayao J, Su S, Ma X, Jiang M, Miao K. A simple technique for securing data at rest stored in a computing cloud. In: IEEE International Conference on Cloud Computing; Beijing, China; 2009. pp. 553-558. doi: 10.1007/978-3- 642-10665-1-51
  • [27] Zissis D, Lekkas D. Addressing cloud computing security issues. Future Generation Computer Systems 2012; 28 (3): 583-592. doi: 10.1016/j.future.2010.12.006
  • [28] Qiu M, Gai K, Thuraisingham B, Tao L, Zhao H. Proactive user-centric secure data scheme using attribute-based semantic access controls for mobile clouds in financial industry. Future Generation Computer Systems 2018; 80: 421-429. doi: 10.1016/j.future.2016.01.006
  • [29] Li J, Li YK, Chen X, Lee PPC, Lou W. A hybrid cloud approach for secure authorized deduplication. IEEE Transactions on Parallel and Distributed Systems 2015; 26 (5): 1206-1216. doi: 10.1109/TPDS.2014.2318320
  • [30] Fan C, Huang S. Controllable privacy preserving search based on symmetric predicate encryption in cloud storage. Future Generation Computer Systems 2013; 29 (7): 1716-1724. doi: 10.1016/j.future.2012.05.005
  • [31] Gupta P, Kumar VD, Kumar SA. Improving RSA algorithm using multi-threading model for outsourced data security in cloud storage. In: 8th International Conference on Cloud Computing, Data Science & Engineering (Confluence); 2018. pp. 14-15. doi: 10.1109/CONFLUENCE.2018.8442788
  • [32] Debby MR, Rahardjo, Shidik GF. Design and implementation of self encryption method on file security. In: IEEE 2017 International Seminar on Application for Technology of Information and Communication (iSemantic); 2017. pp. 181-186. doi: 10.1109/ISEMANTIC.2017.8251866
  • [33] Bhandari A, Gupta A, Das D. Secure algorithm for cloud computing and its applications. In: IEEE 2016 6th International Conference - Cloud System and Big Data Engineering (Confluence); 2016. pp. 188-192. doi: 10.1109/CONFLUENCE.2016.7508111
  • [34] Xu P, Jiao T, Wu Q, Wang W, Jin H. Conditional identity-based broadcast proxy re-encryption and its application to cloud email. IEEE Transactions on Computers 2016; 65 (1): 66-79. doi: 10.1109/TC.2015.2417544
  • [35] Toth R, Faigl Z, Szalay M, Imre S. An advanced timing attack scheme on RSA. In: Networks 2008 - The 13th International Telecommunications Network Strategy and Planning Symposium; Budapest, Hungary; 2008. pp. 1-24. doi: 10.1109/NETWKS.2008.4763727
Turkish Journal of Electrical Engineering and Computer Science-Cover
  • ISSN: 1300-0632
  • Yayın Aralığı: Yılda 6 Sayı
  • Yayıncı: TÜBİTAK
Arşiv
Sayıdaki Diğer Makaleler

Kanu GOEL, Shalini BATRA

Engin ZEYDAN, Ahmet YILDIRIM

Gaurav GOYAL, Mohan AWARE

H. Seçkin DEMİR, Erdem AKAGÜNDÜZ

Maryam MURAD, Ishfaq HUSSAIN, Muhammad Yasir QADRI, Ayaz AHMAD, Nadia N. QADRI

Fatih KORKMAZ

Dequan KONG, Desheng LIU, Lei ZHANG, Lili HE, Qingwu SHI, Xiaojun MA

Sujit Kumar PATEL, Bharat GARG, Shireesh Kumar RA

Mohammad Amir Ghasemı SHABANKAREH

Hayrettin ODABAŞI