Preserving Data Secrecy and Integrity for Cloud Storage Using Smart Contracts and Cryptographic Primitives

Cloud computing has emerged as a viable alternative to traditional computing infrastructures,offering various benefits.However,the adoption of cloud storage poses significant risks to data secrecy and integrity.This article presents an effective mechanism to preserve the secrecy and integrity of data stored on the public cloud by leveraging blockchain technology,smart contracts,and cryptographic primitives.The proposed approach utilizes a Solidity-based smart contract as an auditor for maintaining and verifying the integrity of outsourced data.To preserve data secrecy,symmetric encryption systems are employed to encrypt user data before outsourcing it.An extensive performance analysis is conducted to illustrate the efficiency of the proposed mechanism.Additionally,a rigorous assessment is conducted to ensure that the developed smart contract is free from vulnerabilities and to measure its associated running costs.The security analysis of the proposed system confirms that our approach can securely maintain the confidentiality and integrity of cloud storage,even in the presence of malicious entities.The proposed mechanism contributes to enhancing data security in cloud computing environments and can be used as a foundation for developing more secure cloud storage systems.

Health Data Availability Protection:Delta-XOR-Relay Data Update in Erasure-Coded Cloud Storage Systems

To achieve the high availability of health data in erasure-coded cloud storage systems,the data update performance in erasure coding should be continuously optimized.However,the data update performance is often bottlenecked by the constrained cross-rack bandwidth.Various techniques have been proposed in the literature to improve network bandwidth efficiency,including delta transmission,relay,and batch update.These techniques were largely proposed individually previously,and in this work,we seek to use them jointly.To mitigate the cross-rack update traffic,we propose DXR-DU which builds on four valuable techniques:(i)delta transmission,(ii)XOR-based data update,(iii)relay,and(iv)batch update.Meanwhile,we offer two selective update approaches:1)data-deltabased update,and 2)parity-delta-based update.The proposed DXR-DU is evaluated via trace-driven local testbed experiments.Comprehensive experiments show that DXR-DU can significantly improve data update throughput while mitigating the cross-rack update traffic.

Improved Cloud Storage Encryption Using Block Cipher-Based DNA Anti-Codify Model

When it comes to data storage,cloud computing and cloud storage providers play a critical role.The cloud data can be accessed from any location with an internet connection.Additionally,the risk of losing privacy when data is stored in a cloud environment is also increased.A variety of security techniques are employed in the cloud to enhance security.In this paper,we aim at maintaining the privacy of stored data in cloud environment by implementing block-based modelling to boost the privacy level with Anti-Codify Technique(ACoT)and block cipher-based algorithms.Initially,the cipher text is generated using Deoxyribo Nucleic Acid(DNA)model.Block-cipher-based encryption is used by ACoT,but the original encrypted file and its extension are broken up into separate blocks.When the original file is broken up into two separate blocks,it raises the security level and makes it more difficult for outsiders to cloud data access.ACoT improves the security and privacy of cloud storage data.Finally,the fuzzy-based classification is used that stores various access types in servers.The simulation results shows that the ACoT-DNA method achieves higher entropy against various block size with reduced computational cost than existing methods.

AVirtual Cloud Storage Architecture for Enhanced Data Security

The sensitive data stored in the public cloud by privileged users,such as corporate companies and government agencies are highly vulnerable in the hands of cloud providers and hackers.The proposed Virtual Cloud Storage Archi-tecture is primarily concerned with data integrity and confidentiality,as well as availability.To provide confidentiality and availability,thefile to be stored in cloud storage should be encrypted using an auto-generated key and then encoded into distinct chunks.Hashing the encoded chunks ensured thefile integrity,and a newly proposed Circular Shift Chunk Allocation technique was used to determine the order of chunk storage.Thefile could be retrieved by performing the opera-tions in reverse.Using the regenerating code,the model could regenerate the missing and corrupted chunks from the cloud.The proposed architecture adds an extra layer of security while maintaining a reasonable response time and sto-rage capacity.Experimental results analysis show that the proposed model has been tested with storage space and response time for storage and retrieval.The VCSA model consumes 1.5x(150%)storage space.It was found that total storage required for the VCSA model is very low when compared with 2x Replication and completely satisfies the CIA model.The response time VCSA model was tested with different sizedfiles starting from 2 to 16 MB.The response time for storing and retrieving a 2 MBfile is 4.96 and 3.77 s respectively,and for a 16 MBfile,the response times are 11.06 s for storage and 5.6 s for retrieval.

Authorized Identity-Based Public Cloud Storage Auditing Scheme with Hierarchical Structure for Large-Scale User Groups

Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authenticate the identity and generate private keys for all users, and one Third Party Auditor(TPA) is employed to by users to check the integrity of cloud data. This approach is undesirable for large-scale users since the PKG and the TPA might not be able to afford the heavy workload. To solve the problem, we give a hierarchical Private Key Generator structure for large-scale user groups, in which a root PKG delegates lower-level PKGs to generate private keys and authenticate identities. Based on the proposed structure, we propose an authorized identity-based public cloud storage auditing scheme, in which the lowest-level PKGs play the role of TPA, and only the authorized lowest-level PKGs can represent users in their domains to check cloud data's integrity. Furthermore, we give the formal security analysis and experimental results, which show that our proposed scheme is secure and efficient.

A Data Assured Deletion Scheme in Cloud Storage

In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.

Searchable Encryption Cloud Storage with Dynamic Data Update to Support Efficient Policy Hiding

Ciphertext policy attribute based encryption(CP-ABE)can provide high finegrained access control for cloud storage.However,it needs to solve problems such as property privacy protection,ciphertext search and data update in the application process.Therefore,based on CP-ABE scheme,this paper proposes a dynamically updatable searchable encryption cloud storage(DUSECS)scheme.Using the characteristics of homomorphic encryption,the encrypted data is compared to achieve efficient hiding policy.Meanwhile,adopting linked list structure,the DUSECS scheme realizes the dynamic data update and integrity detection,and the search encryption against keyword guessing attacks is achieved by combining homomorphic encryption with aggregation algorithm.The analysis of security and performance shows that the scheme is secure and efficient.

Enable Data Dynamics for Algebraic Signatures Based Remote Data Possession Checking in the Cloud Storage

Cloud storage is one of the main application of the cloud computing.With the data services in the cloud,users is able to outsource their data to the cloud,access and share their outsourced data from the cloud server anywhere and anytime.However,this new paradigm of data outsourcing services also introduces new security challenges,among which is how to ensure the integrity of the outsourced data.Although the cloud storage providers commit a reliable and secure environment to users,the integrity of data can still be damaged owing to the carelessness of humans and failures of hardwares/softwares or the attacks from external adversaries.Therefore,it is of great importance for users to audit the integrity of their data outsourced to the cloud.In this paper,we first design an auditing framework for cloud storage and proposed an algebraic signature based remote data possession checking protocol,which allows a third-party to auditing the integrity of the outsourced data on behalf of the users and supports unlimited number of verifications.Then we extends our auditing protocol to support data dynamic operations,including data update,data insertion and data deletion.The analysis and experiment results demonstrate that our proposed schemes are secure and efficient.

GRSA: Service-Aware Flow Scheduling for Cloud Storage Datacenter Networks

The proliferation of the global datasphere has forced cloud storage systems to evolve more complex architectures for different applications.The emergence of these application session requests and system daemon services has created large persistent flows with diverse performance requirements that need to coexist with other types of traffic.Current routing methods such as equal-cost multipath(ECMP)and Hedera do not take into consideration specific traffic characteristics nor performance requirements,which make these methods difficult to meet the quality of service(QoS)for high-priority flows.In this paper,we tailored the best routing for different kinds of cloud storage flows as an integer programming problem and utilized grey relational analysis(GRA)to solve this optimization problem.The resulting method is a GRAbased service-aware flow scheduling(GRSA)framework that considers requested flow types and network status to select appropriate routing paths for flows in cloud storage datacenter networks.The results from experiments carried out on a real traffic trace show that the proposed GRSA method can better balance traffic loads,conserve table space and reduce the average transmission delay for high-priority flows compared to ECMP and Hedera.

Locally Minimum Storage Regenerating Codes in Distributed Cloud Storage Systems

In distributed cloud storage systems, inevitably there exist multiple node failures at the same time. The existing methods of regenerating codes, including minimum storage regenerating(MSR) codes and minimum bandwidth regenerating(MBR) codes, are mainly to repair one single or several failed nodes, unable to meet the repair need of distributed cloud storage systems. In this paper, we present locally minimum storage regenerating(LMSR) codes to recover multiple failed nodes at the same time. Specifically, the nodes in distributed cloud storage systems are divided into multiple local groups, and in each local group(4, 2) or(5, 3) MSR codes are constructed. Moreover, the grouping method of storage nodes and the repairing process of failed nodes in local groups are studied. Theoretical analysis shows that LMSR codes can achieve the same storage overhead as MSR codes. Furthermore, we verify by means of simulation that, compared with MSR codes, LMSR codes can reduce the repair bandwidth and disk I/O overhead effectively.

Multi-authority proxy re-encryption based on CPABE for cloud storage systems

The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption（MPRE-CPABE） is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption（CPABE）is always criticized for its heavy overload and insecure issues when distributing keys or revoking user＇s access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure（WAS） is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user＇s access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman（DBDH）.

Critical Factors for Personal Cloud Storage Adoption in China

Purpose： In order to explain and predict the adoption of personal cloud storage, this study explores the critical factors involved in the adoption of personal cloud storage and empirically validates their relationships to a user＇s intentions.Design/methodology/approach： Based on technology acceptance model（TAM）, network externality, trust, and an interview survey, this study proposes a personal cloud storage adoption model. We conducted an empirical analysis by structural equation modeling based on survey data obtained with a questionnaire.Findings： Among the adoption factors we identified, network externality has the salient influence on a user＇s adoption intention, followed by perceived usefulness, individual innovation, perceived trust, perceived ease of use, and subjective norms. Cloud storage characteristics are the most important indirect factors, followed by awareness to personal cloud storage and perceived risk. However, although perceived risk is regarded as an important factor by other cloud computing researchers, we found that it has no significant influence. Also, subjective norms have no significant influence on perceived usefulness. This indicates that users are rational when they choose whether to adopt personal cloud storage.Research limitations： This study ignores time and cost factors that might affect a user＇s intention to adopt personal cloud storage.Practical implications： Our findings might be helpful in designing and developing personal cloud storage products, and helpful to regulators crafting policies.Originality/value： This study is one of the first research efforts that discuss Chinese users＇ personal cloud storage adoption, which should help to further the understanding of personal cloud adoption behavior among Chinese users.

The Cloud Storage Ciphertext Retrieval Scheme Based on ORAM

Due to its characteristics distribution and virtualization, cloud storage also brings new security problems. User＇s data is stored in the cloud, which separated the ownership from management. How to ensure the security of cloud data, how to increase data availability and how to improve user privacy perception are the key issues of cloud storage research, especially when the cloud service provider is not completely trusted. In this paper, a cloud storage ciphertext retrieval scheme based on AES and homomorphic encryption is presented. This ciphertext retrieval scheme will not only conceal the user retrieval information, but also prevent the cloud from obtaining user access pattern such as read-write mode, and access frequency, thereby ensuring the safety of the ciphertext retrieval and user privacy. The results of simulation analysis show that the performance of this ciphertext retrieval scheme requires less overhead than other schemes on the same security level.

Cloud Storage Technology and Its Applications

Cloud storage employs software that interconnects and facilitates collaboration between different types of storage devices Compared with traditional storage methods, cloud storage poses new challenges in data security, reliability, and management. This paper introduces four layers of cloud storage architecture： data storage layer （connecting multiple storage components）, data management layer （providing common support technology for multiple services）, data service layer （sustaining multiple storage applications）, and user access layer. A typical cloud storage application--Backup Cloud （B-Cloud）--is examined and its software architecture, characteristics, and main research areas are discussed.

Encrypted Storage and Retrieval in Cloud Storage Applications

Problems with data security impede the widespread application of cloud computing. Although data can be protected through encryption, effective retrieval of encrypted data is difficult to achieve using traditional methods. This paper analyzes encrypted storage and retrieval technologies in cloud storage applications. A ranking method based on fully homomorphic encryption is proposed to meet demands of encrypted storage. Results show this method can improve efficiency.

Novel Hyper-Combined Public Key Based Cloud Storage Key Management Scheme

In order to ensure the security of cloud storage, on the basis of the analysis of cloud storage security requirements, this paper puts forward a kind of＂ hidden mapping hyper-combined public key management scheme based on the hyperelliptic curve crypto system, which is applicable to the distributed cloud storage. A series of operation processes of the key management are elaborated, including key distribution, key updating and key agreement, etc. Analysis shows that the scheme can solve the problem of large-scale key management and storage issues in cloud storage effectively. The scheme feathers high efficiency and good scalability. It is able to resist collusion attack and ensure safe and reliable service provided by the cloud storaee system

Data Security and Privacy in Cloud Storage

In this paper, we survey data security and privacy problems created by cloud storage applications and propose a cloud storage security architecture. We discuss state-of-the-art techniques for ensuring the privacy and security of data stored in the cloud. We discuss policies for access control and data integrity, availability, and privacy. We also discuss several key solutions proposed in current literature and point out future research directions.

Ensuring Readability of Electronic Records Based on Virtualization Technology in Cloud Storage

With the rapid development of E-commerce and E-government, there are somany electronic records have been produced. The increasing number of electronicrecords brings about storage difficulties, the traditional electronic records center isdifficult to cope with the current fast growth requirements of electronic records storageand management. Therefore, it is imperative to use cloud storage technology to buildelectronic record centers. However, electronic records also have weaknesses in the cloudstorage environment, and one of them is that once electronic record owners or managerslose physical control of them, the electronic records are more likely to be tampered withand destroyed. So, the paper builds a reliable electronic records preservation systembased on coding theory. It can effectively guarantee the reliability of record storage whenthe electronic record is damaged, and the original electronic record can be restored byredundant coding, thus ensuring the reliable storage of electronic records.

NC-MACPABE: Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems

The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untrusted servers of cloud storage, a novel multi-authority access control scheme without a trustworthy central authority has been proposed based on CP-ABE for cloud storage systems, called non-centered multi-authority proxy re-encryption based on the cipher-text policy attribute-based encryption(NC-MACPABE). NC-MACPABE optimizes the weighted access structure(WAS) allowing different levels of operation on the same file in cloud storage system. The concept of identity dyeing is introduced to improve the users' information privacy further. The re-encryption algorithm is improved in the scheme so that the data owner can revoke user's access right in a more flexible way. The scheme is proved to be secure. And the experimental results also show that removing the central authority can resolve the existing performance bottleneck in the multi-authority architecture with a central authority, which significantly improves user experience when a large number of users apply for accesses to the cloud storage system at the same time.

Reliable cloud storage system for mobile devices using personal computer

In recent years,the use of mobile devices such as smart phones,tablet PCs,etc.is rapidly increasing.In case of these mobile devices,the storage space is limited due to their characteristics.To make up for the limited space of storage in mobile devices,several methods are being researched.Of these,cloud storage service(CSS),one of cloud computing services,is an efficient solution to compensate such limited storage space.CSS is a service of storing files to the storage and thus getting access to stored files through networks(Internet)at anytime,anywhere.As for the existing CSS,users store their personally important files in the cloud storage,not in their own computers.It may cause security problems such as the leaking of information from private files or the damaging to the information.Thus,we propose a cloud storage system which can solve the security problem of CSS for mobile devices using the personal computer.Our system is deigned to store and manage files through the direct communication between mobile devices and personal computer storages by using the software as a service(SaaS),one of computing services,instead of directly storing files into cloud storages.