New Hybrid Approach for Secure Data Storage in Cloud Computing Environment | ||||
Menoufia Journal of Electronic Engineering Research | ||||
Article 12, Volume 26, Issue 1, January 2017, Page 193-212 | ||||
Document Type: Original Article | ||||
DOI: 10.21608/mjeer.2017.63449 | ||||
View on SCiNiTO | ||||
Authors | ||||
Sheren A. El-Booz; Gamal M. Attiya; Nawal El-Fishawy | ||||
Dept. of Computer Science and Eng., Faculty of Elect., Eng., Menoufia University | ||||
Abstract | ||||
"> Cloud storages in cloud data centers are used for enterprises and individuals to store and access their data remotely anywhere anytime without any additional burden. By data outsourcing, users can relieve the burden of local data storage and maintenance. However, one of the major problems of cloud environment is data storage security. Therefore, data auditing is introduced to verify the data in the cloud storages with the aid of Third Party Auditor (TPA). However, the TPA is leased by cloud service provider and after a time the provider may contract with the TPA to conceal the loss of data from the user to prevent the defamation. This paper presents a new hybrid approach for data storage security in cloud computing to protect organizations’ data from the cloud provider, the third party auditor and some users who may use their old accounts to access the data stored on the cloud. The hybrid approach enhances the authentication level of security by combining two efficient authentication techniques; Time-based One Time Password (TOTP) for cloud users verification and Automatic Blocker Protocol (ABP) to fully protect the system from unauthorized TPA. The experimental results demonstrate the effectiveness and efficiency of the proposed approach when auditing shared data integrity. | ||||
References | ||||
t-stroke-width: 0px; "> [1] George SUCIU, Simona HALUNGA, Anca APOSTU, Alexandru VULPE, Gyorgy TODORAN, “Cloud Computing as Evolution of Distributed Computing – A Case Study for SlapOS Distributed Cloud Computing Platform,” Informatica Economică, Vol. 17, No. 4, pp. 109-122, 2013. [2] P. Mell and T. Grance, "The NIST Definition of Cloud Computing," National Institute of Standards and Technology, Information Technology Laboratory, October 7 2009. http://www.nist.gov/itl/cloud/ [3] Mohamed Abu Sharkh, Manar Jammal, Abdallah Shami, and Abdelkader Ouda, “Resource Allocation in a Network-Based Cloud Computing Environment: Design Challenges,” IEEE Communications Magazine, Vol. 51, Issue 11, pp 46-52, November 2013. [4] C. Wang, Q. Wang, K.Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure Cloud Storage,” IEEE Transactions on Computers, Vol. 62, No. 2, pp. 1-12, 2013. [5] M. Venkatesh, M. R. Sumalatha and C. SelvaKumar, “Improving public auditability, data possession in data storage security for cloud computing,” Proc. of the International Conference on Recent Trends in Information Technology, pp. 463-467, 19-21 April 2012. [6] S. Bhagyashri and Y. B. Gurave, “A Survey on Privacy Preserving Techniques for Secure Cloud Storage”, International Journal of Computer Science and Mobile Computing, Vol. 3, Issue. 2, pp. 675-680, Feb. 2014. t-text-size-adjust: auto; -webkit-text[7] T. Paigude, T. A. Chavan, “A survey on Privacy Preserving Public Auditing for Data Storage Security”, International Journal of Computer Trends and Technology, Vol. 4, Issue 3, pp. 412-418, 2013. [8] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Paterson, and D. Song, “Provable Data Possession at Untrusted Stores”, Proc. of the ACM Conference on Computer and Communications Security (CCS’07), pp. 598- 610, October 29–November 2, 2007. [9] G. Ateniese, R. D. Pietro, L. v. Mancini, and G. Tsudik, “Scalable and Efficient Provable Data Possession”, Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm, pp. 1–10, 2008. [10] C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia, “Dynamic Provable Data Possession”, Proc. of the 16th ACM conference on Computer and communications security, pp. 213-222, 2009. [11] C. Wang, Q. Wang, K. Ren and W. Lou, “Privacy Preserving Public Auditing for Secure Cloud Storage”, IEEE Transactions on Computers, Vol. 62, Issue 2, pp. 362-375, 2011. [12] C. Wang, Q. Wang, K. Ren, and W. Lou, “Towards Secure and Dependable Storage Services in Cloud Computing,” IEEE Trans. on Services Computing, Vol. 5, No. 2, pp. 220-232, Apr-Jun 2012. [13] A. Juels, J. Burton, and S. Kaliski, “Proofs of Retrievaliability for Large Files”, Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 584-597, 2007. [14] H. Shecham, and B. Wates, “Compact Proofs of Retrievliablilty”, Advances in Cryptology-ASIACRYPT, Vol. 5350, pp. 90–107, Dec 2008. [15] M. A. Shah, M. Baker, J. C. Mogul, and R. Swaminathan, “Auditing to Keep Online Storage Services Honest,” Proceedings of the 11th workshop on hot topics in operating systems (HotOS'07), 'HotOS', USENIX Association, pp. 1-6, 2007. [16] Q. Wang, C. Wang, J. Li, K. Ren and W. Lou, “Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing”, Proc. 14th European Symp. Research in Computer Security (ESORICS '09), pp. 355-370, 2009. [17] P. Prasadreddy, T. Srinivasa and S.Phani, “A Threat Free Architecture For Privacy Assurance in Cloud Computing” Proc. of the IEEE World Congress on Services, pp. 564-568, Jul.4-9, 2011, USA. IEEE Xplore Press, DOI:10.1109/SERVICES.2011.11. [18] D. M'Raihi, S. Machani, M. Pei, J. Rydell, “TOTP: Time-Based One-Time Password Algorithm", Request for Comments (RFC) 6238, July 13, 2011. [19] K. Kiran, K. Padmaj, and P. Radha, “Automatic Protocol Blocker for Privacy–Preserving Public Auditing in Cloud Computing”, IJCST, Vol. 3, Issue 1, Jan-March, 2012. [20] www.owasp.org/index.php/Top_10. Accessed on April 2015. | ||||
Statistics Article View: 622 |
||||