Skip to main content
SpringerLink
Log in
Book cover

Cloud Computing for Enterprise Architectures pp 263–281Cite as

Fair Non-repudiation Framework for Cloud Storage: Part I

  • Chapter
  • First Online:

Part of the book series: Computer Communications and Networks ((CCN))

Abstract

Data storage is one of the most profitable applications on the cloud ­computing platforms. Although a transparent service model provides more flexi­bility and convenience, it also brings new challenges with respect to data security. For example, existing vulnerabilities in some commercial cloud storage services can potentially lead to repudiation problems. In this chapter, we first analyze potential integrity vulnerabilities existing in today’s commercial cloud storage platforms. Then, we present an overview of security issues and introduce a framework that supports a fair data transmission procedure without the risk of dispute. More speci­fically, a basic two-party non-repudiation (TPNR) protocol has been proposed. This chapter addresses the scenario in which a consumer may be reluctant to move his private data to the cloud because of existing vulnerabilities. To eliminate ­concerns between the consumer and the provider, the solution needs to bridge the two ­sessions with an integrity link based on a new TPNR. A multiparty non-repudiation (MPNR) protocol and more comprehensive analysis of its security properties are discussed in the next chapter.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Amazon Inc.: Amazon import/export developer guide version 1.2. http://aws.amazon.com/decumentation (2009). Accessed Aug 2009

  2. Anagnostopoulos, A., Goodrich, M.T., Tamassia, R.: Persistent authenticated dictionaries and their applications. In: Proceedings of the 4th International Conference on Information Security, pp. 379–393, Springer, London, UK (2001)

    Google Scholar 

  3. Ateniese, G., Burns, R., Curtmola, R., et al.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS’07), pp. 598–609. ACM, New York, NY (2007)

    Google Scholar 

  4. Bagga, W., Molva, R.: Collusion-free policy-based encryption. In: Katsikas, S., et al. (eds.) Information Security. LNCS, vol. 4176, pp. 233–245. Springer, Berlin/Heidelberg (2006)

    Chapter  Google Scholar 

  5. Bairavasundaram, L.N., Goodson, G.R., Schroeder, B., Arpaci-Dusseau, A.C., Arpaci-Dusseau, R.H.: An analysis of data corruption in the storage stack. In: USENIX Conference on File and Storage Technologies, San Jose, CA, pp. 223–238 (2008)

    Google Scholar 

  6. Boneh, D., Gentry, C., Waters, B.: Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys. LNCS, vol. 3621, pp. 258–275. Springer, Berlin/Heidelberg (2005)

    Google Scholar 

  7. Carbonell, M., Sierra, J.M., Lopez, J.: Secure multi-party payment with an intermediary entity. Comput. Secur. 28(5), 289–300 (2009)

    Article  Google Scholar 

  8. Cachin, C., Keidar, I., Shraer, A.: Trusting the cloud. ACM SIGACT News 20(4), 81–86 (2009)

    Article  Google Scholar 

  9. Chiou, G., Chen, W.: Secure broadcasting using the secure lock. IEEE Trans. Softw. Eng. 15(8), 929–934 (1989)

    Article  Google Scholar 

  10. Chow, R., Golle, P., Jakobsson, M., et al.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security (CCSW 2009), pp. 85–90. ACM, Chicago, IL (2009)

    Google Scholar 

  11. Feng, J., Chen, Y., Liu, P.: Bridging the missing link of cloud data storage security in AWS. In: The 7th IEEE Consumer Communications and Networking Conference Security for CE Communications (CCNC’10, Short Position Paper), Las Vegas, NV (2010)

    Google Scholar 

  12. Feng, J., Chen, Y., Ku, W.S., Liu, P.: Analysis of integrity vulnerabilities and a non-repudiation protocol for cloud data storage platforms. In: The 2nd International Workshop on Security in Cloud Computing (SCC 2010), in conjunction with ICPP 2010, San Diego, CA (2010)

    Google Scholar 

  13. Gens, F.: IDC on “the cloud”: get ready for expanded research. http://blogs.idc.com/ie/?p=189 (2008). Accessed Sept 2008

  14. Gibson, A., Meter, R.V.: Network attached storage architecture. Commun. ACM 43(11), 37–45 (2000)

    Article  Google Scholar 

  15. Juels, A., Kaliski, B.S. Jr.: Pors: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS’07), pp. 584–597. ACM, New York, NY (2007)

    Google Scholar 

  16. Kallahalla, M., Riedel, E., Swaminathan, R., et al.: Plutus: scalable secure file sharing on untrusted storage. In: USENIX Conference on File and Storage Technologies (FAST), San Francisco, CA, pp. 29–42 (2003)

    Google Scholar 

  17. Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., et al. (eds.) Financial Cryptography and Data Security. LNCS, vol. 6054, pp. 136–149. Springer, Berlin/Heidelberg (2009)

    Chapter  Google Scholar 

  18. Kher, V., Kim, Y.: Securing distributed storage: challenges, techniques, and systems. In: Proceedings of the 2005 ACM Workshop on Storage, Fairfax, VA, pp. 9–25 (2005)

    Google Scholar 

  19. Li, J., Krohn, M., Mazieres, D., Shasha, D.: Secure untrusted data repository (SUNDR). In: Proceedings of the 6th Conference on Symposium on Operating Systems Design & Implementation. 6. USENIX Association, Berkeley, CA, pp. 9–9 (2004)

    Google Scholar 

  20. Li, S., Wang, G., Zhou, J., Chen, K.: Fair and secure mobile billing systems. Wirel. Pers. Commun. 51(1), 81–93 (2009)

    Article  Google Scholar 

  21. Louridas, P.: Some guidelines for non-repudiation protocols. SIGCOMM Comput. Commun. Rev. 30(5), 29–38 (2000)

    Article  Google Scholar 

  22. Markowitch, O., Kremer, S.: A multi-party optimistic non-repudiation protocol. In: Proceedings of 2000 International Conference on Information Security and Cryptology, Seoul, Korea, pp. 109–122 (2000)

    Google Scholar 

  23. Majuntke, M., Dobre, D., Serafini, M., Suri, N.: Abortable fork-linearizable storage. In: Abdelzaher, T., Raynal, M., Santoro, N. (eds.) Proceedings of the 13th International Conference on Principles of Distributed Systems (OPODIS’09). LNCS, vol. 5923, pp. 255–269. Springer, Berlin/Heidelberg (2009)

    Google Scholar 

  24. Mather, T., Kumaraswamy, S., LatifCloud, S.: Security & Privacy. O’Reilly, Sebastopol (2009)

    Google Scholar 

  25. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  26. Microsoft Azure Services Platform: http://www.microsoft.com/azure/default.mspx (2009). Accessed 2009

  27. Muniswamy-Reddy, K.K., Macko, P., Seltzer, M.: Provenance for the cloud. In: Proceedings of the 8th USENIX Conference on File and Storage Technologies (FAST’10). USENIX Association, Berkeley, CA, pp. 15–24 (2010)

    Google Scholar 

  28. Onieva, J., Lopez, J., Zhou, J.: Advances in Information Security Series. Springer, Berlin/Heidelberg (2009). ISBN 978–0–387–75629–5

    Google Scholar 

  29. Popa, R.A., Lorch, J., Molnar, D., et al.: Enabling security in cloud storage SLAs with CloudProof. Microsoft TechReport MSR-TR-2010–46. http://research.microsoft.com/apps/pubs/default.aspx?id=131137 (2010). Accessed May 2010

  30. Ruiz-Martinez, A., Marin-Lopez, I., Bano-Lopez, L., Gomez-Skarmeta, A.F.: A new fair non-repudiation protocol for secure negotiation and contract signing. J. Univ. Comput. Sci. 15(3), 555–583 (2009)

    Google Scholar 

  31. SANS News: Growing concern about cyber attacks in US, UK and EU. http://www.sans.org/newsletters/newsbites/newsbites.php?vol=12&issue=19 (2010). Accessed Mar 2010

  32. Schroeder, B., Gibson, G.A.: Disk failures in the real world: what does an MTTF of 1,000,000 hours mean to you? In: USENIX Conference on File and Storage Technologies (FAST 2007), San Jose, CA, pp. 1–16 (2007)

    Google Scholar 

  33. Security Guidance for Critical Areas of Focus in Cloud Computing: https://cloudsecurityalliance.org/research/initiatives/security-guidance (2009). Accessed Dec 2009

  34. Zhou, J., Gollmann, D.: A fair non-repudiation protocol. In: Proceedings of 1996 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 55–61 (1996)

    Google Scholar 

  35. Zhou, J., Gollmann, D.: An efficient non-repudiation protocol. In: Proceedings of the 10th Computer Security Foundations Workshop. IEEE Computer, Oakland, CA, pp. 126–132 (1996)

    Google Scholar 

  36. Zhou, J., Deng, R., Bao, F.: Evolution of fair non-repudiation with TTP. In: Proceedings of 1999 Australasian Conference on Information Security and Privacy, Wollongong, Australia, pp. 258–269 (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, Binghamton University, SUNY, Binghamton, NY, 13902, USA

    Jun Feng, Yu Chen & Douglas H. Summerville

  2. Department of Electrical Engineering – Systems, University of Southern California, Los Angeles, CA, 90089, USA

    Kai Hwang

Authors
  1. Jun Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Douglas H. Summerville
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kai Hwang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu Chen .

Editor information

Editors and Affiliations

  1. School of Computing, University of Derby, Kedleston Road, Derby, DE22 1GB, United Kingdom

    Zaigham Mahmood

  2. School of Computing, University of Derby, Kedleston Road, Derby, DE22 1GB, United Kingdom

    Richard Hill

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag London Limited

About this chapter

Cite this chapter

Feng, J., Chen, Y., Summerville, D.H., Hwang, K. (2011). Fair Non-repudiation Framework for Cloud Storage: Part I. In: Mahmood, Z., Hill, R. (eds) Cloud Computing for Enterprise Architectures. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-2236-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-2236-4_14

  • Published:

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-4471-2235-7

  • Online ISBN: 978-1-4471-2236-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation