Data Security, Privacy, Availability and Integrity in Cloud Computing: Issues and Current Solutions

Cloud computing changed the world around us. Now people are moving their data to the cloud since data is getting bigger and needs to be accessible from many devices. Therefore, storing the data on the cloud becomes a norm. However, there are many issues that counter data stored in the cloud starting from virtual machine which is the mean to share resources in cloud and ending on cloud storage itself issues. In this paper, we present those issues that are preventing people from adopting the cloud and give a survey on solutions that have been done to minimize risks of these issues. For example, the data stored in the cloud needs to be confidential, preserving integrity and available. Moreover, sharing the data stored in the cloud among many users is still an issue since the cloud service provider is untrustworthy to manage authentication and authorization. In this paper, we list issues related to data stored in cloud storage and solutions to those issues which differ from other papers which focus on cloud as general.

[1]  Junfeng Yao,et al.  Cloud computing and its key techniques , 2011, Proceedings of 2011 International Conference on Electronic & Mechanical Engineering and Information Technology.

[2]  P. S. Sandhya Kumari,et al.  A Key Aggregate Framework with Adaptable Offering of Information in Cloud , 2015 .

[3]  Reza Curtmola,et al.  Remote data checking using provable data possession , 2011, TSEC.

[4]  S Ramgovind,et al.  The management of security in Cloud computing , 2010, 2010 Information Security for South Africa.

[5]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[6]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[7]  Wei Ren,et al.  Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing , 2011 .

[8]  Hai Jiang,et al.  Survey of attribute based encryption , 2014, 15th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD).

[9]  Suriayati Chuprat,et al.  Secured data partitioning in multi cloud environment , 2014, 2014 4th World Congress on Information and Communication Technologies (WICT 2014).

[10]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.

[11]  Lizhe Wang,et al.  Fast and Scalable Multi-Way Analysis of Massive Neural Data , 2015, IEEE Transactions on Computers.

[12]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[13]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[14]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[15]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[16]  Salve Bhagyashri Salve Bhagyashri,et al.  Privacy-Preserving Public Auditing For Secure Cloud Storage , 2014 .

[17]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[18]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[19]  Meng Hua Song Analysis of Risks for Virtualization Technology , 2014 .

[20]  Shahaboddin Shamshirband,et al.  Incremental proxy re-encryption scheme for mobile cloud computing environment , 2013, The Journal of Supercomputing.

[21]  Xiaohua Jia,et al.  An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing , 2013, IEEE Transactions on Parallel and Distributed Systems.

[22]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[23]  Jaehyuk Huh,et al.  Architectural support for secure virtualization under a vulnerable hypervisor , 2011, 2011 44th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[24]  Jie Xu,et al.  Multi-tenancy in Cloud Computing , 2014, 2014 IEEE 8th International Symposium on Service Oriented System Engineering.

[25]  Wayne A. Jansen,et al.  Cloud Hooks: Security and Privacy Issues in Cloud Computing , 2011, 2011 44th Hawaii International Conference on System Sciences.

[26]  A. B. M. Shawkat Ali,et al.  A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing , 2012, Future Gener. Comput. Syst..

[27]  Fawaz S. Al-Anzi,et al.  Towards robust, scalable and secure network storage in Cloud Computing , 2014, 2014 Fourth International Conference on Digital Information and Communication Technology and its Applications (DICTAP).

[28]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[29]  Ejaz Ahmed,et al.  A review on remote data auditing in single cloud server: Taxonomy and open issues , 2014, J. Netw. Comput. Appl..

[30]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[31]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[32]  Marcos A. Simplício,et al.  A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing , 2011, CloudCom.

[33]  Eduardo B. Fernández,et al.  An analysis of security issues for cloud computing , 2013, Journal of Internet Services and Applications.

[34]  Cong Wang,et al.  Toward publicly auditable secure cloud data storage services , 2010, IEEE Network.

[35]  James A. Thom,et al.  Cloud Computing Security: From Single to Multi-clouds , 2012, 2012 45th Hawaii International Conference on System Sciences.

[36]  Ramakrishna Gummadi,et al.  Determinating timing channels in compute clouds , 2010, CCSW '10.

[37]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[38]  Yung-Hsiang Lu,et al.  Cloud Computing for Mobile Users: Can Offloading Computation Save Energy? , 2010, Computer.

[39]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[40]  Lori M. Kaufman,et al.  Data Security in the World of Cloud Computing , 2009, IEEE Security & Privacy.

[41]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[42]  Balamurugan Balusamy,et al.  Enhanced Security Framework for Data Integrity Using Third-party Auditing in the Cloud System , 2015 .

[43]  Marko Vukolic,et al.  The byzantine empire in the intercloud , 2010, SIGA.

[44]  Farzad Sabahi,et al.  Cloud computing security threats and responses , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[45]  Jianfeng Yang,et al.  Cloud Computing Research and Security Issues , 2010, 2010 International Conference on Computational Intelligence and Software Engineering.

[46]  M Hasan Islam,et al.  Cloud computing security auditing , 2011, The 2nd International Conference on Next Generation Information Technology.

[47]  Cong Wang,et al.  Toward Secure and Dependable Storage Services in Cloud Computing , 2012, IEEE Transactions on Services Computing.

[48]  E. M. Mohamed,et al.  Enhanced data security model for cloud computing , 2012, 2012 8th International Conference on Informatics and Systems (INFOS).

[49]  Yihua Zhang,et al.  An Overview of Issues and Recent Developments in Cloud Computing and Storage Security , 2014 .

[50]  Gaikwad Prajakta,et al.  Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage , 2015 .

[51]  Daniele Catteddu and Giles Hogben Cloud Computing. Benefits, risks and recommendations for information security , 2009 .

[52]  Antonio Corradi,et al.  VM consolidation: A real case based on OpenStack Cloud , 2014, Future Gener. Comput. Syst..

[53]  Haibo Chen,et al.  Security-Preserving Live Migration of Virtual Machines in the Cloud , 2012, Journal of Network and Systems Management.

[54]  J. Ananthi,et al.  Privacy preservation and public auditing for cloud data using ASS in Multi-cloud , 2015, 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS).

[55]  Christopher J. Novak,et al.  2009 Data Breach Investigations Report , 2009 .

[56]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[57]  Yi Ding,et al.  Network security for virtual machine in cloud computing , 2010, 5th International Conference on Computer Sciences and Convergence Information Technology.

[58]  Nesrine Kaaniche,et al.  A Secure Client Side Deduplication Scheme in Cloud Storage Environments , 2014, 2014 6th International Conference on New Technologies, Mobility and Security (NTMS).

[59]  Roberto Bifulco,et al.  Transparent migration of virtual infrastructures in large datacenters for Cloud computing , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[60]  L. Arockiam,et al.  A secure authentication scheme for MobiCloud , 2015, 2015 International Conference on Computer Communication and Informatics (ICCCI).

[61]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[62]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[63]  Shahaboddin Shamshirband,et al.  BSS: block-based sharing scheme for secure data storage services in mobile cloud environment , 2014, The Journal of Supercomputing.

[64]  Mahesh U. Shankarwar,et al.  Security and Privacy in Cloud Computing: A Survey , 2014, FICTA.

[65]  Xiaohua Jia,et al.  Data storage auditing service in cloud computing: challenges, methods and opportunities , 2011, World Wide Web.

[66]  Rajkumar Buyya,et al.  Dynamic remote data auditing for securing big data storage in cloud computing , 2017, Inf. Sci..

[67]  Laurent Lefèvre,et al.  Energy Consumption Side-Channel Attack at Virtual Machines in a Cloud , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[68]  Mukesh Singhal,et al.  A Light-Weight Permutation Based Method for Data Privacy in Mobile Cloud Computing , 2015, 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering.

[69]  Hyotaek Lim,et al.  Homomorphic encryption in mobile multi cloud computing , 2015, 2015 International Conference on Information Networking (ICOIN).

[70]  Zhibin Zhou,et al.  Efficient and secure data storage operations for mobile cloud computing , 2012, 2012 8th international conference on network and service management (cnsm) and 2012 workshop on systems virtualiztion management (svm).

[71]  Idit Keidar,et al.  Trusting the cloud , 2009, SIGA.

[72]  Ralf Steinmetz,et al.  Detecting VM Live Migration using a Hybrid External Approach , 2013, CLOSER.

[73]  M. Mrinalni Vaknishadh,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2012 .