Towards secure cloud storage services.

摘要

Cloud computing is anticipated to revolutionize the Information and Communication Technology sector and has been a mainstream of research over the last decade. The cloud computing, upsurges the capabilities of the hardware resources by optimal and shared utilization. The above mentioned features encourage the organizations and individual users to shift their data, applications and services to the cloud. However, the services provided by third-party cloud service providers entail additional security threats.;Data being one of the prime assets of the organizations must be protected from all sorts of security threats. The data in the cloud is much more vulnerable to risks in terms of confidentiality, integrity, and availability in comparison to the conventional computing model. The ever increasing number of users and applications leads to enhanced security risks. Violation of integrity may also result from multi-tenant nature of the cloud. Employee of SaaS providers, having access to information may also act as a potential risk.;Considering the paramount importance of data security in the cloud environment, we propose methodologies towards the secure cloud storage services. We propose methodologies to secure: (a) Single user data, (b) Group shared data, and (c) approach security and performance collectively. We propose Data Security for Cloud Environment with Semi-trusted third party (DaSCE) protocol, a cloud storage security system that provide key management, access control, and file assured deletion. Parts of keys are stored at semi-trusted servers called key managers. The key management is accomplished using (k, n) threshold secret sharing mechanism. Finally, we present the DROPS methodology that collectively deals with the security and performance in terms of retrieval time. The data file is fragmented and the fragments are dispersed over multiple nodes. The nodes are separated by means of T-coloring. The fragmentation and dispersal ensures that no significant information is obtainable by an adversary in case of a successful attack.