An Integrated Architecture for Maintaining Security in Cloud Computing Based on Blockchain

Due to its wide accessibility, cloud services are susceptible to attacks. Data manipulation is a serious threat to data integrity which can occur in cloud computing – a relatively new offering under the umbrella of cloud services. Data can be tampered with, and malicious actors could use this to their advantage. Cloud computing clients in various application domains want to be assured that their data is accurate and trustworthy. On another spectrum, blockchain is a tamper-proof digital ledger that can be used alongside cloud technology to provide a tamper-proof cloud computing environment. This paper proposes a scheme that combines cloud computing with blockchain that assures data integrity for all homomorphic encryption schemes. To overcome the cloud service provider’s (CSP) ultimate authority over the data, the proposed scheme relies on the Byzantine Fault Tolerance consensus to build a distributed network of processing CSPs based on the client requirements. After certain computations performed by all CSPs, they produce a master hash value for their database. To ensure immutable data is produced, master hash values are preserved in Bitcoin or Ethereum blockchain networks. The master hash values can be obtained by tracking the block header address for verification purposes. A theoretical analysis of the overhead costs associated with creating master hash values for each of the cryptocurrencies is presented. We found that Ethereum leads to lower client financial costs and better online performance than Bitcoin. We also specify the data security requirements the proposed scheme provides, the ground-level implementation, and future work. The proposed verification scheme is based on public cryptocurrency as a back-end service and does not require additional setup actions by the client other than a wallet for the chosen cryptocurrency.

[1]  D. Yermack Is Bitcoin a Real Currency? An Economic Appraisal , 2013 .

[2]  Klaus Wehrle,et al.  A Quantitative Analysis of the Impact of Arbitrary Blockchain Content on Bitcoin , 2018, Financial Cryptography.

[3]  Chan Yeob Yeun,et al.  Lightweight secure storage model with fault-tolerance in cloud environment , 2014, Electronic Commerce Research.

[4]  Keke Gai,et al.  Permissioned Blockchain and Edge Computing Empowered Privacy-Preserving Smart Grid Networks , 2019, IEEE Internet of Things Journal.

[5]  Richard Kissel,et al.  Glossary of Key Information Security Terms , 2014 .

[6]  Ibtihal Mouhib,et al.  Homomorphic Encryption as a Service for Outsourced Images in Mobile Cloud Computing Environment , 2017, Int. J. Cloud Appl. Comput..

[7]  Davide Carboni Feedback based Reputation on top of the Bitcoin Blockchain , 2015, ArXiv.

[8]  MyungSan Jun,et al.  Blockchain government - a next form of infrastructure for the twenty-first century , 2018 .

[9]  Mahdi H. Miraz,et al.  Applications of Blockchain Technology Beyond Cryptocurrency , 2018, ArXiv.

[10]  Luther Martin,et al.  XTS: A Mode of AES for Encrypting Hard Disks , 2010, IEEE Security & Privacy.

[11]  F M Hoffman,et al.  The do it yourself supercomputer. , 2001, Scientific American.

[12]  M. Srivastava,et al.  PrOLoc: Resilient Localization with Private Observers Using Partial Homomorphic Encryption , 2017, 2017 16th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN).

[13]  Frederik Vercauteren,et al.  Overdrive2k: Efficient Secure MPC over Z2k from Somewhat Homomorphic Encryption , 2020, IACR Cryptol. ePrint Arch..

[14]  Cesare Pautasso,et al.  A Taxonomy of Blockchain-Based Systems for Architecture Design , 2017, 2017 IEEE International Conference on Software Architecture (ICSA).

[15]  Patil Madhubala R Survey on security concerns in Cloud computing , 2015, 2015 International Conference on Green Computing and Internet of Things (ICGCIoT).

[16]  Massimo Bartoletti,et al.  An Analysis of Bitcoin OP_RETURN Metadata , 2017, Financial Cryptography Workshops.

[17]  Nāgārjuna,et al.  A Secure Erasure Code-Based Cloud Storage System with Secure Data Forwarding , 2014 .

[18]  Adrian-Tudor Panescu,et al.  Smart Contracts for Research Data Rights Management over the Ethereum Blockchain Network , 2018 .

[19]  Bernd Grobauer,et al.  Understanding Cloud Computing Vulnerabilities , 2011, IEEE Security & Privacy.

[20]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[21]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[22]  C. Pérez-Solà,et al.  Another coin bites the dust: an analysis of dust in UTXO-based cryptocurrencies , 2019, Royal Society Open Science.

[23]  Nico Döttling,et al.  IND-CCA Secure Cryptography Based on a Variant of the LPN Problem , 2012, ASIACRYPT.

[24]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[25]  Rui Zhang,et al.  Security and Privacy on Blockchain , 2019, ACM Comput. Surv..

[26]  T. Nivetha,et al.  Blockchain: A tool for a secure, safe and transparent way of food and agricultural supply chain , 2019, International Journal of Farm Sciences.

[27]  Ethan Buchman,et al.  Tendermint: Byzantine Fault Tolerance in the Age of Blockchains , 2016 .

[28]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[29]  Xiaofeng Wang,et al.  Foundations and Technological Landscape of Cloud Computing , 2013 .

[30]  Mauro Conti,et al.  A Survey on Homomorphic Encryption Schemes: Theory and Implementation , 2017 .

[31]  Damon McCoy,et al.  Stressing Out: Bitcoin "Stress Testing" , 2016, Financial Cryptography Workshops.

[32]  Keke Gai,et al.  Blockchain-Enabled Reengineering of Cloud Datacenters , 2018, IEEE Cloud Computing.

[33]  Elad Elrom Bitcoin Wallets and Transactions , 2019 .

[34]  PRADIP KUMAR SHARMA,et al.  A Software Defined Fog Node Based Distributed Blockchain Cloud Architecture for IoT , 2018, IEEE Access.

[35]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[36]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[37]  Ralph Deters,et al.  Performance analysis of ethereum transactions in private blockchain , 2017, 2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS).

[38]  Karen A. Scarfone,et al.  Blockchain Technology Overview , 2018, ArXiv.

[39]  Yvette Hackett,et al.  Agreements between Cloud Service Providers and their Clients: A Review of Contract Terms , 2014 .

[40]  Bart Preneel,et al.  Collisions and other Non-Random Properties for Step-Reduced SHA-256 , 2009, IACR Cryptol. ePrint Arch..

[41]  Ronald L. Rivest,et al.  Hourglass schemes: how to prove that cloud files are encrypted , 2012, CCS.

[42]  Sachin Shetty,et al.  ProvChain: A Blockchain-Based Data Provenance Architecture in Cloud Environment with Enhanced Privacy and Availability , 2017, 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID).

[43]  Lei Wu,et al.  Characterizing Code Clones in the Ethereum Smart Contract Ecosystem , 2019, Financial Cryptography.

[44]  Morris J. Dworkin,et al.  SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions , 2015 .

[45]  Fran Casino,et al.  A systematic literature review of blockchain-based applications: Current status, classification and open issues , 2019, Telematics Informatics.

[46]  Advin Manhar,et al.  A Review on Cryptography in Cloud Computing , 2020 .

[47]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[48]  Azman Samsudin,et al.  A Survey of Homomorphic Encryption for Outsourced Big Data Computation , 2016, KSII Trans. Internet Inf. Syst..

[49]  Sibeli Mukherjee,et al.  A Protected Cloud Computation Algorithm Using Homomorphic Encryption for Preserving Data Integrity , 2018, Advances in Intelligent Systems and Computing.

[50]  Lokesh Chouhan,et al.  A Survey on Cloud Computing Security Issues and Cryptographic Techniques , 2020, Social Networking and Computational Intelligence.

[51]  Fang Liu,et al.  NIST Cloud Computing Reference Architecture , 2011, 2011 IEEE World Congress on Services.

[52]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2013, The Journal of Supercomputing.

[53]  Rakesh Kumar,et al.  On cloud security requirements, threats, vulnerabilities and countermeasures: A survey , 2019, Comput. Sci. Rev..