Security of Cloud Storage: A Survey

Cloud computing is gaining increased adoption for everyday computing and storage needs. Its use starts from storing personnel files to storing Government data, enterprise business data, data from IOT devices, satellite imagery data, and data from social media applications running on the cloud and so on. However, due to lack of awareness and appropriate security measures, cloud users become victims of the security vulnerabilities exposed by the cloud storage. The cloud user and Cloud Storage Provider (CSP) should deploy appropriate techniques and follow best practices to overcome the security issues proactively. In this paper, the security vulnerabilities existing in cloud storage are discussed and recent state-of-the-art techniques used to enhance its security are analyzed. Further discussion is carried out on the best practices and security policies framed by various organizations. This survey shall enable researchers to gain an overall picture of cloud storage security aspects and find out open issues that can be further researched. Further, it shall enhance cloud storage providers to adopt stateof-the-art techniques to prevent security incidents. The end-users shall be aware of the risks of cloud storage and demand the appropriate security measures from the CSPs.

[1]  Xiaohui Liang,et al.  Provably secure and efficient bounded ciphertext policy attribute based encryption , 2009, ASIACCS '09.

[2]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[3]  Guojun Wang,et al.  PRMS: A Personalized Mobile Search Over Encrypted Outsourced Data , 2018, IEEE Access.

[4]  Tao Li,et al.  Dynamic Multi-keyword Top-k Ranked Search over Encrypted Cloud Data , 2014 .

[5]  Narendra Shekokar,et al.  Implementation of Fuzzy Keyword Search over Encrypted Data in Cloud Computing , 2015 .

[6]  Yongjun Ren,et al.  A CCA-secure multi-conditional proxy broadcast re-encryption scheme for cloud storage system , 2019, J. Inf. Secur. Appl..

[7]  Hao Yue,et al.  RAAC: Robust and Auditable Access Control With Multiple Attribute Authorities for Public Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[8]  Yuefei Zhu,et al.  Public Key Encryption with Keyword Search from Lattices , 2013 .

[9]  Lingyu Wang,et al.  PERMON: An OpenStack Middleware for Runtime Security Policy Enforcement in Clouds , 2018, 2018 IEEE Conference on Communications and Network Security (CNS).

[10]  Minghua Chen,et al.  Pyramid Codes: Flexible Schemes to Trade Space for Access Efficiency in Reliable Data Storage Systems , 2007, Sixth IEEE International Symposium on Network Computing and Applications (NCA 2007).

[11]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[12]  Mohsen Amini Salehi,et al.  S3BD: Secure semantic search over encrypted big data in the cloud , 2018, Concurr. Comput. Pract. Exp..

[13]  Lingyu Wang,et al.  Learning probabilistic dependencies among events for proactive security auditing in clouds , 2019, J. Comput. Secur..

[14]  Bo Meng,et al.  A Secure and Efficient Distributed Storage Scheme SAONT-RS Based on an Improved AONT and Erasure Coding , 2018, IEEE Access.

[15]  Jie Wu,et al.  Secure and privacy preserving keyword searching for cloud storage services , 2012, J. Netw. Comput. Appl..

[16]  Wei Chen,et al.  MORM: A Multi-objective Optimized Replication Management strategy for cloud storage cluster , 2014, J. Syst. Archit..

[17]  Cong Wang,et al.  Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data , 2014 .

[18]  Melissa Chase,et al.  FAME: Fast Attribute-based Message Encryption , 2017, CCS.

[19]  Weisong Shi,et al.  Differentiated Replication Strategy in Data Centers , 2010, NPC.

[20]  Zhangjie Fu,et al.  Enabling Central Keyword-Based Semantic Extension Search Over Encrypted Outsourced Data , 2017, IEEE Transactions on Information Forensics and Security.

[21]  Weiyi Zhang,et al.  A secured cost-effective multi-cloud storage in cloud computing , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[22]  G. R. Gangadharan,et al.  SecCloudSharing: Secure data sharing in public cloud using ciphertext‐policy attribute‐based proxy re‐encryption with revocation , 2018, Int. J. Commun. Syst..

[23]  Lingyu Wang,et al.  LeaPS: Learning-Based Proactive Security Auditing for Clouds , 2017, ESORICS.

[24]  Chunling Cheng,et al.  A Multi-dimensional Index Structure Based on Improved VA-file and CAN in the Cloud , 2014, Int. J. Autom. Comput..

[25]  Wei Wang,et al.  Public-Key Encryption with Fuzzy Keyword Search: A Provably Secure Scheme under Keyword Guessing Attack , 2013, IEEE Transactions on Computers.

[26]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[27]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[28]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[29]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[30]  GhemawatSanjay,et al.  The Google file system , 2003 .

[31]  Chetna Dabas,et al.  Delayed Replication Algorithm with Dynamic Threshold for Cloud Datacenters , 2019, Lecture Notes in Electrical Engineering.

[32]  Ming Xu,et al.  A Privacy-Preserving Fuzzy Keyword Search Scheme over Encrypted Cloud Data , 2013, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science.

[33]  J. Morris Chang,et al.  QoS-Aware Data Replication for Data-Intensive Applications in Cloud Computing Systems , 2013, IEEE Transactions on Cloud Computing.

[34]  Chun-I Fan,et al.  Controllable Privacy Preserving Search Based on Symmetric Predicate Encryption in Cloud Storage , 2011, 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[35]  Atsuko Miyaji,et al.  A ciphertext-policy attribute-based encryption scheme with constant ciphertext length , 2009, Int. J. Appl. Cryptogr..

[36]  Yuqiong Sun,et al.  Cloud Verifier: Verifiable Auditing Service for IaaS Clouds , 2013, 2013 IEEE Ninth World Congress on Services.

[37]  Jianwei Liu,et al.  Identity-based proxy re-encryption version 2: Making mobile access easy in cloud , 2016, Future Gener. Comput. Syst..

[38]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[39]  CaoZhenfu,et al.  Secure threshold multi authority attribute based encryption without a central authority , 2008, Inf. Sci..

[40]  Dimitris S. Papailiopoulos,et al.  Locality and Availability in Distributed Storage , 2014, IEEE Transactions on Information Theory.

[41]  Hairong Kuang,et al.  The Hadoop Distributed File System , 2010, 2010 IEEE 26th Symposium on Mass Storage Systems and Technologies (MSST).

[42]  P. Vijay Kumar,et al.  Codes With Local Regeneration and Erasure Correction , 2014, IEEE Transactions on Information Theory.

[43]  Wei Li,et al.  TMACS: A Robust and Verifiable Threshold Multi-Authority Access Control System in Public Cloud Storage , 2016, IEEE Transactions on Parallel and Distributed Systems.

[44]  Xinwen Zhang,et al.  CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud , 2012, ASIACCS '12.

[45]  Bharati Mishra,et al.  CCA Secure Proxy Re-Encryption Scheme for Secure Sharing of Files through Cloud Storage , 2018, 2018 Fifth International Conference on Emerging Applications of Information Technology (EAIT).

[46]  Liqun Chen,et al.  Revisiting and Extending the AONT-RS Scheme: A Robust Computationally Secure Secret Sharing Scheme , 2017, AFRICACRYPT.

[47]  Cheng Huang,et al.  Erasure Coding in Windows Azure Storage , 2012, USENIX Annual Technical Conference.

[48]  James S. Plank,et al.  Erasure Codes for Storage Systems: A Brief Primer , 2013, login Usenix Mag..

[49]  Zhiguang Qin,et al.  Strongly Secure and Cost-Effective Certificateless Proxy Re-encryption Scheme for Data Sharing in Cloud Computing , 2015, BigCom.

[50]  Abdelkader Hameurlain,et al.  Ensuring performance and provider profit through data replication in cloud systems , 2017, Cluster Computing.

[51]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[52]  Shashank Srivastava,et al.  An Efficient Dictionary and Lingual Keyword based Secure Search Scheme in Cloud Storage , 2013 .

[53]  Haiping Xu,et al.  Reliable and Secure Distributed Cloud Data Storage Using Reed-Solomon Codes , 2015, Int. J. Softw. Eng. Knowl. Eng..

[54]  Fei Liu,et al.  Public-Key Encryption with Keyword Search from Lattice , 2013, 2013 Eighth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.

[55]  Riad Mokadem,et al.  Data replication strategy with satisfaction of availability, performance and tenant budget requirements , 2019, Cluster Computing.

[56]  Pieter H. Hartel,et al.  Efficient and Provable Secure Ciphertext-Policy Attribute-Based Encryption Schemes , 2008, ISPEC.

[57]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[58]  Cong Wang,et al.  Secure Ranked Keyword Search over Encrypted Cloud Data , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[59]  Sarbjeet Singh,et al.  A dynamic, cost-aware, optimized data replication strategy for heterogeneous cloud data centers , 2016, Future Gener. Comput. Syst..