Protecting Resources and Regulating Access in Cloud-Based Object Storage

Cloud storage services offer a variety of benefits that make them extremely attractive for the management of large amounts of data. These services, however, raise some concerns related to the proper protection of data that, being stored on servers of third party cloud providers, are no more under the data owner control. The research and development community has addressed these concerns by proposing solutions where encryption is adopted not only for protecting data but also for regulating accesses. Depending on the trust assumption on the cloud provider offering the storage service, encryption can be applied at the server side, client side, or through an hybrid approach. The goal of this chapter is to survey these encryption-based solutions and to provide a description of some representative systems that adopt such solutions.

[1]  Sabrina De Capitani di Vimercati,et al.  Practical Techniques Building on Encryption for Protecting and Managing Data in the Cloud , 2015, The New Codebreakers.

[2]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[3]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[4]  Shawn Wilkinson,et al.  Storj A Peer-to-Peer Cloud Storage Network , 2014 .

[5]  Marko Vukolic,et al.  Design and Implementation of a Key-Lifecycle Management System , 2010, Financial Cryptography.

[6]  Theodosis Dimitrakos,et al.  Managed security service distribution model , 2016, 2016 4th International Conference on Cloud Computing and Intelligence Systems (CCIS).

[7]  Sabrina De Capitani di Vimercati,et al.  Selective and Private Access to Outsourced Data Centers , 2015, Handbook on Data Centers.

[8]  Vincenzo Piuri,et al.  Supporting Security Requirements for Resource Management in Cloud Computing , 2012, 2012 IEEE 15th International Conference on Computational Science and Engineering.

[9]  Sushil Jajodia,et al.  Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[10]  Ali Dehghantanha,et al.  Cloud storage forensics: MEGA as a case study , 2017 .

[11]  Sabrina De Capitani di Vimercati,et al.  Mix&Slice: Efficient Access Revocation in the Cloud , 2016, CCS.

[12]  Sushil Jajodia,et al.  Encryption policies for regulating access to outsourced data , 2010, TODS.

[13]  Pierangela Samarati,et al.  Cloud Security: Issues and Concerns , 2016 .

[14]  Aram Jivanyan,et al.  Secure Collaboration in Public Cloud Storages , 2015, CRIWG.

[15]  Marco Rosa,et al.  Access Control Management for Secure Cloud Storage , 2016, SecureComm.

[16]  Marco Rosa,et al.  EncSwift and key management: An integrated approach in an industrial setting , 2017, 2017 IEEE Conference on Communications and Network Security (CNS).

[17]  Marco Rosa,et al.  Managing Data Sharing in OpenStack Swift with Over-Encryption , 2016, WISCS@CCS.