A New Authentication and Homomorphic Encryption as a Service Model for Preserving Privacy in Clouds

The security as a Service (SECaaS) is a new model which provides security solution to users through Cloud Computing. The maturity of Cloud Computing services makes possible the use of the SECaaS model. This new model offers huge benefits to users, such as Authentication as a Service (AaaS) and Encryption as a Service (ENCaaS). So, it can offer more security features, since it uses the resources of Clouds and it’s connected to the different security policy databases. While SECaaS offers to cloud users and companies a multitude of security services, it still remains very limited and several aspects of security are not covered by this model, especially the part concerning the privacy. In addition, SECaaS is a new model that is not yet correctly deployed and it is not sufficiently solicited by companies. On the other side, Homomorphic encryption is considered as a good solution to ensure the privacy for users using the cloud services because it permits to make calculation on cipher text and data without decrypting them, but this solution suffer from many limitations such as the key size, the high latency and some serious performance problems. The main idea of this paper it’s to propose a new security model to preserving user’s privacy using homomorphic encryption while bypassing its limitations. So, This paper proposes a framework for Authentication and Homomorphic Encryption (A-HEaaS) based on security as a Service model which permits a secure access to the Cloud servers and the use of homomorphic encryption for calculations on encrypted data. The paper describes the design of our model and gives an implementation of our framework on medical Data.

[1]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[2]  Ulrike Meyer,et al.  Designing privacy-preserving interval operations based on homomorphic encryption and secret sharing techniques , 2017, J. Comput. Secur..

[3]  Mohammad Zulkernine,et al.  IFCaaS: Information Flow Control as a Service for Cloud Security , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[4]  Abdullah Mohd Zin,et al.  Encryption as a Service (EaaS) as a Solution for Cryptography in Cloud , 2013 .

[5]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[6]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[7]  Ghizlane Orhanou,et al.  Secure Mobile Multi Cloud Architecture for Authentication and Data Storage , 2017, Int. J. Cloud Appl. Comput..

[8]  Deepak H. Sharma,et al.  Homomorphic Encryption for Security of Cloud Data , 2016 .

[9]  Wen-Guey Tzeng,et al.  Preserving user query privacy in cloud-based security services , 2014, J. Comput. Secur..

[10]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[11]  Deepak H. Sharma,et al.  Identity and Access Management as Security-as-a-Service from Clouds , 2016 .

[12]  Deepak H. Sharma,et al.  Intelligent Transparent Encryption-Decryption as Security-as-a-Service from clouds , 2016, 2016 International Conference on Computation System and Information Technology for Sustainable Solutions (CSITSS).

[13]  Said El Hajji,et al.  Hybrid Homomorphic Encryption Method for Protecting the Privacy of Banking Data in the Cloud , 2015 .

[14]  Vijay Varadharajan,et al.  Security as a Service Model for Cloud Environment , 2014, IEEE Transactions on Network and Service Management.

[15]  Chia-Chu Chiang,et al.  Parallelizing fully homomorphic encryption for a cloud environment , 2015 .

[16]  David M'Raïhi,et al.  TOTP: Time-Based One-Time Password Algorithm , 2011 .

[17]  Carla Merkle Westphall,et al.  Cloud identity management: A survey on privacy strategies , 2017, Comput. Networks.

[18]  amna. ali A Comparative Study of Fully Homomorphic Encryption Schemes for Cloud Computing , 2013 .

[19]  V. Venkatesakumar,et al.  Providing Flexible Security as a Service Model for Cloud Infrastructure , 2014 .

[20]  Vladimir Getov,et al.  Security as a Service in Smart Clouds -- Opportunities and Concerns , 2012, 2012 IEEE 36th Annual Computer Software and Applications Conference.

[21]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[22]  S. Hemalatha,et al.  Performance of Ring Based Fully Homomorphic Encryption for securing data in Cloud Computing , 2014 .

[23]  Ryan K. L. Ko,et al.  Security as a service (SecaaS) - An overview , 2015, The Cloud Security Ecosystem.

[24]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[25]  Angelo Furfaro,et al.  Towards Security as a Service (SecaaS): On the modeling of Security Services for Cloud Computing , 2014, 2014 International Carnahan Conference on Security Technology (ICCST).

[26]  Sugata Sanyal,et al.  A Survey on Security Issues in Cloud Computing , 2011, 1109.5388.

[27]  E. Samlinson,et al.  User-centric trust based identity as a service for federated cloud environment , 2013, 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT).