A Detailed Study on Security Services in Cloud Environment

Cloud computing is a powerful service that allows the cloud users to utilize the resources located in the cloud servers by pay-per-use or charge-per-use mode through the internet. The cloud users are enjoying the on-demand services provided by the cloud computing environment without maintaining the data in a local system. Even though the service is offered to cloud users in an efficient way, there are some serious security issues to be considered very much for maintaining and accessing the data in a secure way from the Cloud Service Provider (CSP). On the data placed in the cloud servers located in any part of the world, various security attacks might be performed by both the internal and external attackers to break the security services like confidentiality on data, user and server authentication, data integrity, and access control of data. This survey provides a detailed study of the recent security issues existing in the cloud environment. This study shows communication architecture of cloud computing and exhibits the security services data confidentiality, data integrity, user privacy, authentication and access control. There are five security services that need to be provided in the cloud network to make it a safe one in real time environment. This paper discusses about various existing works that are used to provide the five security services. For each security service, we have given a short description of the existing works and evaluated the efficiency of each existing works individually. Finally, based on the summary of the existing works, we have also proposed new solutions to mitigate the computation cost and to improve communication efficiency for providing the security services of the data stored in CSP.

[1]  TRBAC: A temporal role-based access control model , 2001, ACM Trans. Inf. Syst. Secur..

[2]  John S. Baras,et al.  An information-theoretic approach for design and analysis of rooted-tree-based multicast key management schemes , 2001, IEEE Trans. Inf. Theory.

[3]  Stanislaw Jarecki,et al.  Cryptographic Primitives Enforcing Communication and Storage Complexity , 2002, Financial Cryptography.

[4]  Cheng-Chi Lee,et al.  Cryptanalysis of the Hwang-Shi Proxy Signature Scheme , 2002, Fundam. Informaticae.

[5]  Min-Shiang Hwang,et al.  Generalization of proxy signature based on elliptic curves , 2004, Comput. Stand. Interfaces.

[6]  Elisa Bertino,et al.  Access-control language for multidomain environments , 2004, IEEE Internet Computing.

[7]  Radha Poovendran,et al.  Minimizing center key storage in hybrid one-way function based group key management with communication constraints , 2005, Inf. Process. Lett..

[8]  Ethan L. Miller,et al.  Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[9]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[10]  Steve Barker Action-status access control , 2007, SACMAT '07.

[11]  Charalampos Papamanthou,et al.  Dynamic provable data possession , 2009, IACR Cryptology ePrint Archive.

[12]  Elisa Bertino,et al.  An Efficient Time-Bound Hierarchical Key Management Scheme for Secure Broadcasting , 2008, IEEE Transactions on Dependable and Secure Computing.

[13]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[14]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[15]  Ling Tian,et al.  Identity-Based Authentication for Cloud Computing , 2009, CloudCom.

[16]  Xiaohui Liang,et al.  Attribute based proxy re-encryption with delegating capabilities , 2009, ASIACCS '09.

[17]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[18]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[19]  Zhong Chen,et al.  Ciphertext Policy Attribute-Based Proxy Re-encryption , 2010, ICICS.

[20]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[21]  Leocadio G. Casado,et al.  A suite of algorithms for key distribution and authentication in centralized secure multicast environments , 2012, J. Comput. Appl. Math..

[22]  Kyle Chard,et al.  Social Cloud Computing: A Vision for Socially Motivated Resource Sharing , 2012, IEEE Transactions on Services Computing.

[23]  Hoon Jeong,et al.  User Authentication using Profiling in Mobile Cloud Computing , 2012 .

[24]  Steven M. Bellovin,et al.  Privacy Enhanced Access Control for Outsourced Data Sharing , 2012, Financial Cryptography.

[25]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[26]  Hwajeong Seo,et al.  Attribute-based Proxy Re-encryption with a Constant Number of Pairing Operations , 2012, J. Inform. and Commun. Convergence Engineering.

[27]  Min-Shiang Hwang,et al.  A Study of Public Key Encryption with Keyword Search , 2013, Int. J. Netw. Secur..

[28]  Yi Mu,et al.  Identity-based data storage in cloud computing , 2013, Future Gener. Comput. Syst..

[29]  Min-Shiang Hwang,et al.  Privacy Protection Data Access Control , 2013, Int. J. Netw. Secur..

[30]  Cheng-Chi Lee,et al.  A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments , 2013, Int. J. Netw. Secur..

[31]  Cheng-Chi Lee,et al.  A new proxy signature scheme for a specified group of verifiers , 2013, Inf. Sci..

[32]  Jean-Pierre Hubaux,et al.  Privacy-Preserving Optimal Meeting Location Determination on Mobile Devices , 2014, IEEE Transactions on Information Forensics and Security.

[33]  刘义颖,et al.  Amazon Web Services(AWS)云平台可靠性技术研究 , 2014 .

[34]  V. T. Kamble,et al.  Ensuring Distributed Accountability for Data Sharing in the Cloud , 2014 .

[35]  R.T.Subhalakshmi,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .