Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: Access control, data integrity, data confidentiality, Kerberos authentication, cloud security.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1123945

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1720

References:

[1] Farhan Bashir Shaikh and Sajjad Haider, "Security Threats in Cloud Computing," In 6th International Conference on Internet Technology and Secured Transactions, IEEE. 2011.
[2] B. Meena, Krishnaveer Abhishek Challa, "Cloud Computing Security Issues with Possible Solutions," In IJCST Vol. 3, Issue 1, Jan. – March 2012.
[3] Weiliang Luo, Li Xu, Zhenxin Zhan, Qingji Zheng, and Shouhuai Xu, "Federated Cloud Security Architecture for Secure and Agile Clouds," In High Performance Cloud Auditing and Applications, DOI 10.1007/978-1-4614-3296-87, Springer Science and Business Media New York, USA, 2014.
[4] S Narula, A. Jain, "Cloud Computing Security: Amazon Web Service Advanced," In Proceeding of Computing & Communication Technologies (ACCT), fifth International Conference , 501 - 505 , IEEE. 2015
[5] Richard Chow, Philippe Golle, Markus Jakobsson,"Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control," In Fujitsu Laboratories of America, CCS 2009.
[6] Beloglazov, Rajkumar Buyya, "Energy Efficient Resource Management in Virtualized Cloud Data Centers," In 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing 2010.
[7] Kresimir Popovic, Zeljko Hocenski, "Cloud computing security issues and challenges," In The Third International Conference on Advances in Human-oriented and Personalized Mechanisms, Technologies, and Services, pp. 344-349 2010.
[8] Deyan Chen1, Hong Zhao, "Data Security and Privacy Protection Issues in Cloud Computing," In International Conference on Computer Science and Electronics Engineering DOI 10.1109/ICCSEE, IEEE 2012.
[9] Cong Wang, Sherman S.-M, Qian Wang, Kui Ren, Wenjing Lou, "Privacy-Preserving Public Auditing for Secure Cloud Storage," IEEE Transactions on Computers vol: 62 NO: 2. 2013.
[10] Dimitrios Zissis, Dimitrios Lekkas, "Addressing Cloud Computing Security Issues," Future Generation Computer Systems 28, Elsevier 583–592doi:10.1016/j.future, 2012.
[11] Sebastian Gajek, Tibor Jager, Mark Manulis, and J¨org Schwenk, "A Browser-Based Kerberos Authentication Scheme," ESORICS 2008, pp. 115–129, Springer-Verlag Berlin Heidelberg 2008
[12] Shucheng Yu, Cong Wang, Kui Ren, Wenjing Lou, "Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing Shucheng," In proceeding of the IEEE INFOCOM, 2010.
[13] Boyang Wang, Baochun Li and Hui Li Panda, "Public Auditing for Shared Data with Efficient User Revocation," In the Cloud IEEE Transactions On service computing, computing, (Volume:8, Issue:1) 2015.
[14] Wassim Itani, Ayman Kayssi, Ali Chehab, "Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures," In Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, 2009.
[15] Bashkar Parasad, Eunmi Choi, "A Taxonomy and Survey of Cloud Computing Systems," In Fifth International Joint Conference on INC, IMS and IDC, IEEE DOI 10.1109/NCM. 2009.
[16] Khurana Sumit and Gaurav Verma Anmol, "Comparison of Cloud Computing Service Models: SaaS, PaaS, IaaS," In IJECT, vol. 4,2013.
[17] Balachandra Reddy Kandukuri, Ramakrishna Patur, Atanu Rakshit, "Cloud Security Issues," In Proceedings of the 2009 IEEE International Conference on Services Computing, pp. 517-520, 2009.
[18] Lifei Wei, Haojin Zhu, Zhenfu Cao, Xiaolei Dong, Weiwei Jia, Yunlu Chen, Athanasios V. Vasilakos," Security and Privacy for Storage and Computation in Cloud Computing," Information Sciences, 258, 371–386 Elsevier2014.
[19] Xun Yi, Fang Yu Rao, Elisa Bertino, "Privacy-Preserving Association Rule Mining in Cloud Computing," In proceeding of the 10th ACM Symposium on Information, Computer and Communication Security Pages 439-450 New York, USA, 2015.
[20] Meiko Jensen, Jörg Schwenk, Nils Gruschka and Luigi Lo Iacono, "On Technical Security Issues in Cloud Computing," In IEEE ICCC, Bangalore, pp. 109-116, 2009.
[21] Minqi Zhou, Rong Zhang and others, "Security and Privacy in Cloud Computing: A Survey," In Sixth International Conference on Semantics, Knowledge and Grids, IEEE, 2010.
[22] Anton Beloglazov, Rajkumar Buyya, Allocation of Virtual Machines in Cloud Data Centers," In the 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing Energy Efficient 2010.
[23] Lanxiang Chen, Shuming Zhou, Xinyi Huang, Li Xu, "Data dynamics for Remote Data Possession Checking in Cloud Storage," In Computers & Electrical Engineering 39, 7, 2413–2424, 2013.
[24] Chi-Chun Lo, Chun-Chieh Huang and Joy Ku, "A Cooperative Intrusion Detection System Framework for Cloud Computing Networks," In 39th International Conference on Parallel Processing Workshops, 2010.