Preserving Data Secrecy and Integrity for Cloud Storage Using Smart Contracts and Cryptographic Primitives

Cloud computing has emerged as a viable alternative to traditional computing infrastructures,offering various benefits.However,the adoption of cloud storage poses significant risks to data secrecy and integrity.This article presents an effective mechanism to preserve the secrecy and integrity of data stored on the public cloud by leveraging blockchain technology,smart contracts,and cryptographic primitives.The proposed approach utilizes a Solidity-based smart contract as an auditor for maintaining and verifying the integrity of outsourced data.To preserve data secrecy,symmetric encryption systems are employed to encrypt user data before outsourcing it.An extensive performance analysis is conducted to illustrate the efficiency of the proposed mechanism.Additionally,a rigorous assessment is conducted to ensure that the developed smart contract is free from vulnerabilities and to measure its associated running costs.The security analysis of the proposed system confirms that our approach can securely maintain the confidentiality and integrity of cloud storage,even in the presence of malicious entities.The proposed mechanism contributes to enhancing data security in cloud computing environments and can be used as a foundation for developing more secure cloud storage systems.

Analysis of Secured Cloud Data Storage Model for Information

This paper was motivated by the existing problems of Cloud Data storage in Imo State University, Nigeria such as outsourced data causing the loss of data and misuse of customer information by unauthorized users or hackers, thereby making customer/client data visible and unprotected. Also, this led to enormous risk of the clients/customers due to defective equipment, bugs, faulty servers, and specious actions. The aim if this paper therefore is to analyze a secure model using Unicode Transformation Format (UTF) base 64 algorithms for storage of data in cloud securely. The methodology used was Object Orientated Hypermedia Analysis and Design Methodology (OOHADM) was adopted. Python was used to develop the security model;the role-based access control (RBAC) and multi-factor authentication (MFA) to enhance security Algorithm were integrated into the Information System developed with HTML 5, JavaScript, Cascading Style Sheet (CSS) version 3 and PHP7. This paper also discussed some of the following concepts;Development of Computing in Cloud, Characteristics of computing, Cloud deployment Model, Cloud Service Models, etc. The results showed that the proposed enhanced security model for information systems of cooperate platform handled multiple authorization and authentication menace, that only one login page will direct all login requests of the different modules to one Single Sign On Server (SSOS). This will in turn redirect users to their requested resources/module when authenticated, leveraging on the Geo-location integration for physical location validation. The emergence of this newly developed system will solve the shortcomings of the existing systems and reduce time and resources incurred while using the existing system.

虚拟主机云存储系统VCloudStorage及文件传输协议VCFTP

对于广域网下的文件传输和管理,云存储系统提供Web Service API、基于文件的API、基于Block的API和其他的API,通常需要在客户端安装特定程序调用这些API实现云存储功能,测试发现如果多人同时访问,传输文件失败率较高。设计了基于Web Service、HTTP和Flash技术的文件传输协议VCFTP,开发了基于虚拟主机集群的云存储系统VCloudStorage。首先建立SaaS服务模型,利用HTTP数据流存储技术,建立虚拟主机存储接口;接着建立虚拟主机传输能力、存储能力和价格能力数学模型,结合用户的传输请求建立文件传输整数规划数学模型及最优化算法,最终以此为基础设计了文件传输控制协议VCFTP。VCFTP利用Flash跨平台和富客户端技术特点,无需在客户端部署其他程序;授权的用户根据传输请求、存储要求、服务水平和当前虚拟主机状态等条件,以传输能力最优化的方式进行文件传输。实验结果表明VCFTP具有较高的性能和稳定性,VCloudStorage总吞吐量、平均传输率和文件传输成功率均优于微软SkyDrive存储、腾讯QQ邮箱存储和单虚拟主机存储。本文提出的VCFTP增强了文件传输性能和稳定性,是提高广域网网络存储系统性能的一条有效途径。

NC-MACPABE: Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems

The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untrusted servers of cloud storage, a novel multi-authority access control scheme without a trustworthy central authority has been proposed based on CP-ABE for cloud storage systems, called non-centered multi-authority proxy re-encryption based on the cipher-text policy attribute-based encryption(NC-MACPABE). NC-MACPABE optimizes the weighted access structure(WAS) allowing different levels of operation on the same file in cloud storage system. The concept of identity dyeing is introduced to improve the users' information privacy further. The re-encryption algorithm is improved in the scheme so that the data owner can revoke user's access right in a more flexible way. The scheme is proved to be secure. And the experimental results also show that removing the central authority can resolve the existing performance bottleneck in the multi-authority architecture with a central authority, which significantly improves user experience when a large number of users apply for accesses to the cloud storage system at the same time.

Building a Cloud-Based Energy Storage System through Digital Transformation of Distributed Backup Battery in Mobile Base Stations

Battery energy storage systems(ESS) have been widely used in mobile base stations(BS) as the main backup power source. Due to the large number of base stations, massive distributed ESSs have largely stayed in idle and very difficult to achieve high asset utilization. In recent years, the fast-paced development of digital energy storage(DES) technology has revolutionized the traditional operation and maintenance of ESSs by transforming them into digital assets, further enabling battery energy storage services, raising up a new way to achieve a much higher utilization of such kind of largely idle ESS resources. In this paper, the disruptive DES technology will be introduced and its application under the context of mobile BSs will be studied, and then a cloud-based energy storage(CES) platform is proposed based on a large scale distributed DESs to provide a new cyber-enabled energy storage service to the local utility company. A real-world case study shows the effectiveness and efficiency of the CES platform.

Enable Data Dynamics for Algebraic Signatures Based Remote Data Possession Checking in the Cloud Storage

Cloud storage is one of the main application of the cloud computing.With the data services in the cloud,users is able to outsource their data to the cloud,access and share their outsourced data from the cloud server anywhere and anytime.However,this new paradigm of data outsourcing services also introduces new security challenges,among which is how to ensure the integrity of the outsourced data.Although the cloud storage providers commit a reliable and secure environment to users,the integrity of data can still be damaged owing to the carelessness of humans and failures of hardwares/softwares or the attacks from external adversaries.Therefore,it is of great importance for users to audit the integrity of their data outsourced to the cloud.In this paper,we first design an auditing framework for cloud storage and proposed an algebraic signature based remote data possession checking protocol,which allows a third-party to auditing the integrity of the outsourced data on behalf of the users and supports unlimited number of verifications.Then we extends our auditing protocol to support data dynamic operations,including data update,data insertion and data deletion.The analysis and experiment results demonstrate that our proposed schemes are secure and efficient.

A Data Assured Deletion Scheme in Cloud Storage

In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.

Searchable Encryption Cloud Storage with Dynamic Data Update to Support Efficient Policy Hiding

Ciphertext policy attribute based encryption(CP-ABE)can provide high finegrained access control for cloud storage.However,it needs to solve problems such as property privacy protection,ciphertext search and data update in the application process.Therefore,based on CP-ABE scheme,this paper proposes a dynamically updatable searchable encryption cloud storage(DUSECS)scheme.Using the characteristics of homomorphic encryption,the encrypted data is compared to achieve efficient hiding policy.Meanwhile,adopting linked list structure,the DUSECS scheme realizes the dynamic data update and integrity detection,and the search encryption against keyword guessing attacks is achieved by combining homomorphic encryption with aggregation algorithm.The analysis of security and performance shows that the scheme is secure and efficient.

Authorized Identity-Based Public Cloud Storage Auditing Scheme with Hierarchical Structure for Large-Scale User Groups

Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authenticate the identity and generate private keys for all users, and one Third Party Auditor(TPA) is employed to by users to check the integrity of cloud data. This approach is undesirable for large-scale users since the PKG and the TPA might not be able to afford the heavy workload. To solve the problem, we give a hierarchical Private Key Generator structure for large-scale user groups, in which a root PKG delegates lower-level PKGs to generate private keys and authenticate identities. Based on the proposed structure, we propose an authorized identity-based public cloud storage auditing scheme, in which the lowest-level PKGs play the role of TPA, and only the authorized lowest-level PKGs can represent users in their domains to check cloud data's integrity. Furthermore, we give the formal security analysis and experimental results, which show that our proposed scheme is secure and efficient.

Locally Minimum Storage Regenerating Codes in Distributed Cloud Storage Systems

In distributed cloud storage systems, inevitably there exist multiple node failures at the same time. The existing methods of regenerating codes, including minimum storage regenerating(MSR) codes and minimum bandwidth regenerating(MBR) codes, are mainly to repair one single or several failed nodes, unable to meet the repair need of distributed cloud storage systems. In this paper, we present locally minimum storage regenerating(LMSR) codes to recover multiple failed nodes at the same time. Specifically, the nodes in distributed cloud storage systems are divided into multiple local groups, and in each local group(4, 2) or(5, 3) MSR codes are constructed. Moreover, the grouping method of storage nodes and the repairing process of failed nodes in local groups are studied. Theoretical analysis shows that LMSR codes can achieve the same storage overhead as MSR codes. Furthermore, we verify by means of simulation that, compared with MSR codes, LMSR codes can reduce the repair bandwidth and disk I/O overhead effectively.

Multi-authority proxy re-encryption based on CPABE for cloud storage systems

The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption（MPRE-CPABE） is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption（CPABE）is always criticized for its heavy overload and insecure issues when distributing keys or revoking user＇s access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure（WAS） is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user＇s access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman（DBDH）.

Towards a Comprehensive Security Framework of Cloud Data Storage Based on Multi Agent System Architecture

The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.

GRSA: Service-Aware Flow Scheduling for Cloud Storage Datacenter Networks

The proliferation of the global datasphere has forced cloud storage systems to evolve more complex architectures for different applications.The emergence of these application session requests and system daemon services has created large persistent flows with diverse performance requirements that need to coexist with other types of traffic.Current routing methods such as equal-cost multipath(ECMP)and Hedera do not take into consideration specific traffic characteristics nor performance requirements,which make these methods difficult to meet the quality of service(QoS)for high-priority flows.In this paper,we tailored the best routing for different kinds of cloud storage flows as an integer programming problem and utilized grey relational analysis(GRA)to solve this optimization problem.The resulting method is a GRAbased service-aware flow scheduling(GRSA)framework that considers requested flow types and network status to select appropriate routing paths for flows in cloud storage datacenter networks.The results from experiments carried out on a real traffic trace show that the proposed GRSA method can better balance traffic loads,conserve table space and reduce the average transmission delay for high-priority flows compared to ECMP and Hedera.

Critical Factors for Personal Cloud Storage Adoption in China

Purpose： In order to explain and predict the adoption of personal cloud storage, this study explores the critical factors involved in the adoption of personal cloud storage and empirically validates their relationships to a user＇s intentions.Design/methodology/approach： Based on technology acceptance model（TAM）, network externality, trust, and an interview survey, this study proposes a personal cloud storage adoption model. We conducted an empirical analysis by structural equation modeling based on survey data obtained with a questionnaire.Findings： Among the adoption factors we identified, network externality has the salient influence on a user＇s adoption intention, followed by perceived usefulness, individual innovation, perceived trust, perceived ease of use, and subjective norms. Cloud storage characteristics are the most important indirect factors, followed by awareness to personal cloud storage and perceived risk. However, although perceived risk is regarded as an important factor by other cloud computing researchers, we found that it has no significant influence. Also, subjective norms have no significant influence on perceived usefulness. This indicates that users are rational when they choose whether to adopt personal cloud storage.Research limitations： This study ignores time and cost factors that might affect a user＇s intention to adopt personal cloud storage.Practical implications： Our findings might be helpful in designing and developing personal cloud storage products, and helpful to regulators crafting policies.Originality/value： This study is one of the first research efforts that discuss Chinese users＇ personal cloud storage adoption, which should help to further the understanding of personal cloud adoption behavior among Chinese users.

Distributed energy storage node controller and control strategy based on energy storage cloud platform architecture

Based on the energy storage cloud platform architecture,this study considers the extensive configuration of energy storage devices and the future large-scale application of electric vehicles at the customer side to build a new mode of smart power consumption with a flexible interaction,smooth the peak/valley difference of the load side power,and improve energy efficiency.A plug and play device for customer-side energy storage and an internet-based energy storage cloud platform are developed herein to build a new intelligent power consumption mode with a flexible interaction suitable for ordinary customers.Based on the load perception of the power grid,this study aims to investigate the operating state and service life of distributed energy storage devices.By selecting an integrated optimal control scheme,this study designs a kind of energy optimization and deployment strategy for stratified partition to reduce the operating cost of the energy storage device on the client side.The effectiveness of the system and the control strategy is verified through the Suzhou client-side distributed energy storage demonstration project.

Performance Analysis and Framework Optimization of Open Source Cloud Storage System

More and more embedded devices, such as mobile phones, tablet PCs and laptops, are used in every field, so huge files need to be stored or backed up into cloud storage. Optimizing the performance of cloud storage is very important for Internet development. This paper presents the performance evaluation of the open source distributed storage system, a highly available, distributed, eventually consistent object/blob store from Open Stack cloud computing components. This paper mainly focuses on the mechanism of cloud storage as well as the optimization methods to process different sized files. This work provides two major contributions through comprehensive performance evaluations. First, it provides different configurations for Open Stack Swift system and an analysis of how every component affects the performance. Second, it presents the detailed optimization methods to improve the performance in processing different sized files. The experimental results show that our method improves the performance and the structure. We give the methods to optimize the object-based cloud storage system to deploy the readily available storage system.

Blockchain-Based Trusted Electronic Records Preservation in Cloud Storage

Cloud storage represents the trend of intensive,scale and specialization of information technology,which has changed the technical architecture and implementation method of electronic records management.Moreover,it will provide a convenient way to generate more advanced and efficient management of the electronic data records.However,in cloud storage environment,it is difficult to guarantee the trustworthiness of electronic records,which results in a series of severe challenges to electronic records management.Starting from the definition and specification of electronic records,this paper firstly analyzes the requirements of the trustworthiness in cloud storage during their long-term preservation according to the information security theory and subdivides the trustworthiness into the authenticity,integrity,usability,and reliability of electronic records in cloud storage.Moreover,this paper proposes the technology framework of preservation for trusted electronic records.Also,the technology of blockchain,proofs of retrievability,the open archival information system model and erasure code are adopted to protect these four security attributes,to guarantee the credibility of the electronic record.

Cloud Storage Technology and Its Applications

Cloud storage employs software that interconnects and facilitates collaboration between different types of storage devices Compared with traditional storage methods, cloud storage poses new challenges in data security, reliability, and management. This paper introduces four layers of cloud storage architecture： data storage layer （connecting multiple storage components）, data management layer （providing common support technology for multiple services）, data service layer （sustaining multiple storage applications）, and user access layer. A typical cloud storage application--Backup Cloud （B-Cloud）--is examined and its software architecture, characteristics, and main research areas are discussed.

Reliable cloud storage system for mobile devices using personal computer

In recent years,the use of mobile devices such as smart phones,tablet PCs,etc.is rapidly increasing.In case of these mobile devices,the storage space is limited due to their characteristics.To make up for the limited space of storage in mobile devices,several methods are being researched.Of these,cloud storage service(CSS),one of cloud computing services,is an efficient solution to compensate such limited storage space.CSS is a service of storing files to the storage and thus getting access to stored files through networks(Internet)at anytime,anywhere.As for the existing CSS,users store their personally important files in the cloud storage,not in their own computers.It may cause security problems such as the leaking of information from private files or the damaging to the information.Thus,we propose a cloud storage system which can solve the security problem of CSS for mobile devices using the personal computer.Our system is deigned to store and manage files through the direct communication between mobile devices and personal computer storages by using the software as a service(SaaS),one of computing services,instead of directly storing files into cloud storages.

Security analysis and improvement on resilient storage outsourcing schemes in mobile cloud computing

The resilient storage outsourcing schemes in mobile cloud computing are analyzed. It is pointed out that the sharing-based scheme （ShS） has vulnerabilities regarding confidentiality and integrity; meanwhile, the coding-based scheme （COS） and the encryption-based scheme （EnS） have vulnerabilities on integrity. The corresponding attacks on these vulnerabilities are given. Then, the improved protocols such as the secure sharing-based protocol （SShP）, the secure coding-based protocol （SCoP） and the secure encryption- based protocol （SEnP）, are proposed to overcome these vulnerabilities. The core elements are protected through public key encryptions and digital signatures. Security analyses show that the confidentiality and the integrity of the improved protocols are guaranteed. Meanwhile, the improved protocols can keep the frame of the former schemes and have higher security. The simulation results illustrate that compared with the existing protocols, the communication overhead of the improved protocols is not significantly increased.