Data Security Policies in Cloud: A Survey

international journal for research in applied science and engineering technology ijraset, 2020

Cloud computing is a popular approach that is used to store any kind of data or information over the internet rather than storing it on our desktops. But there is one major issue that arises when we wish to adopt this method which is the security of the data of the user. When data is stored in the cloud it is not completely under the control of the user. So we need to make use of methods that will make sure that the data of the user stored in the cloud cannot be accessed by the cloud service provider and that only valid or authorised users can access the data. These methods will ensure security of the data and will increase the rate of adoption of cloud computing services.

paradigm also brings forth many new challenges for data security and access control mechanisms, when users outsource sensitive data for sharing on Cloud systems, which are not within the same trusted domain as data owners. Storing data on untrusted storage makes secure data sharing a challenge issue. To keep sensitive user data confidential against untrusted Cloud systems, on one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. The existing solutions usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce a heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired, and thus do not scale well. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key or user management, user accountability, data security, computational overhead and etc. To address these challenge issues, in this paper we defined and enforcing access policies based on data attributes and enabling the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. We achieve this goal by exploiting and uniquely combining techniques of Ciphertext policy attribute based encryption system and proxy re-encryption and re-encryption. Our proposed scheme also has salient features of user access privilege confidentiality and user secret key accountability.

Now a days outsourcing of data on cloud storage is a trend in most of the organizations as well as people for their storage purposes. As there came out to be a large number social networking sites with multi-media and huge amount of data exchanges over the network, led to the need for outsourcing the data. This outsourced data need to be maintained by the cloud storage providers by keeping a third party auditor. While auditing the outsourced data, security of the outsourced data is the main concern. Its important to ensure that only authorized users can access the stored data on the cloud. And also to provide guarantee of assured deletion, that user data stored is permanently inaccessible to anybody (including the data owner) once we requests for deletion of data. Keeping data permanently may lead to unexpectedly disclosed in the future due to attacks on the cloud or careless management of cloud operators. File Assured deletion[1] is that we have to trust a cloud storage provider to actually delete data is the challenge that should be achieved, but they may be reluctant in doing so. Also, cloud storage providers typically keep multiple backup copies of data for backup. It can't be said that cloud service provider remove all backup copies upon requests of deletion. Here, active data files that remain on the cloud are associated with a set of user-defined file access policies (e.g., time expiration, read/write permissions), such that data files are accessible only to users who satisfy the file access policies.

IAEME PUBLICATION, 2020

In recent years, the business and private people use cloud storage providers to outsource their data in a cloud environment. Cloud computing environment uses the various resources available in the internet to offer many services to date holders. Data violation event makes end –to– end encryption is necessary for preventing the data from intruders. Existing deduplication schema does not work well on encrypted data also suffer from security issues. Unfortunately, semantically secure encryption schema provides different storage optimization techniques to deduplicate data stored in cloud based on data ownership challenge, deduplication and proxy re-encryption. Our proposed method initiates the concepts of data popularity conflict that data known by many users do not require strong production as unpopular data. We also extend the original schema by focusing popularity of the data also analyze the efficiency of the proposed schema and highlight the clear functionality. The efficiency of the system can be analyzed by real dataset's properties and present clear evaluation of the system. Data deduplication significantly focuses the handling of sensitive decryption shares and popular data in cloud storage. The experimental results show that the proposed scheme is protected under Symmetric External Diffie – Hellman assumption in the random oracle model.

2015

Cloud computing is providing software, infrastructure, platform services all over the world and the percentage of its clients are increasing day by day. While data is stored over the cloud to remove the complexity of the maintenance work; it becomes a matter of concern the security of the data which is now in the open network of cloud. For securing cloud data, protection strategies have to be employed. Strategy should be applied to both data at rest and data in transit. The goal of encryption is to ensure that data stored in the cloud is protected against unauthorized access. Access to sensitive user data by third parties is a violation of privacy. This paper elucidates some existing encryption schemes of different kinds for securing enterprise data in the cloud. Also, it identifies efficient techniques by highlighting their salient features.

International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2020

Cloud computing technology is rapidly developing nowadays. The number of files stored and processed is increasing per day. This increase brings severe challenge in requirement of space, processing power and bandwidth. More than half of the data generated in the cloud is duplicate data. To handle this data, deduplication technique is used which eliminates duplicate copies of data. This removal of duplicate data increases storage efficiency and reduce cost. In this paper, we propose secure role re-encryption system which allows authorized deduplication of data and also maintains privacy of data. This system is based on convergent algorithm and re-encryption algorithm that encrypts the user data and assign role keys to each user. This system grants privileges to users in order to maintain ownership of each user so that authorized users can access the data efficiently. In this system management center is introduced where the file is being encrypted and role keys are generated to handle authorized requests. Role keys are stored in Merkle hash tree which maps relationship between roles and keys. Authorized user who has particular role-encryption key can access the file. Convergent algorithm and role re-encryption algorithm allows access of specific file without leakage of private data. Dynamic updating of user privileges is achieved.

Journal of Telematics and Informatics, 2015

Cloud computing is known as "Utility". Cloud computing enabling users to remotely store their data in a server and provide services on-demand. Since this new computing technology requires user to entrust their valuable data to cloud providers, there have been increasing security and privacy concerns on outsourced data. We can increase security on access of the data in the cloud. Morever we can provide encryption on the data so third party can not use the data. In this paper we will be reviewing various encryption based access control model for enhancing cloud security along with their limitations. We will be concluding with a proposed access control model to enhance cloud security.

International Journal of Science and Research Archive, 2024

Cloud computing is one of the most significant computing models, which provides easy access of resources. It is an alternative for costlier data framework and networking models. The services are provided to the data users based on their requirements. More industries are depending on the cloud, because of its fast computations and robust nature. However, there are several security concerns and threats in cloud storages. Moreover, large amounts of data are shared between people and organizations through the cloud. The data owner doesn't have control over the data in the cloud. To address the security and privacy issues in the cloud, this thesis aims at overcoming this trade-off, while considering security.

Inventive Computation Technologies, 2019

Cloud computing is a revolt processing chisel in which important of the registering correspondences are given as administrations over the Internet. This assembly purported a infrequent administrations for lead attach and admission distribute directly following re-appropriate touchy trace for sharing on cloud servers. This organization tends to this inspection out in the open happening by, on a handful of deal out, characterizing and implementing approval count on clue kidney, and, on the succeed and, enabling the information governor to prescribe the infinite stage of the render a reckoning for assignments combined regarding great grained information get to control to Unconfided in cloud servers without uncovering the basic information substance. Thorough study demonstrates wander our supposed focus sing is extremely deduced confer with and provably anchors under existing security models. Consequence as to direct this original intrigue and egg on bring off a spellbound and legitimate be a question of storage in conformity with, we function in this mix an accommodate sham stockpiling uprightness inspecting instrument, using the isomorphic token and dispersed coded information. By outsider inspecting in this framework, enhances the accessibility and dependability of clients information. This paper successfully underpins dynamic information tasks. As framework is appropriated, it is extremely basic to find the acting mischievously server so as that the client can get to his delicate data with no adjustments in it. This framework additionally neutralizes server assault and information crashes viably.