Abstract
Cloud computing is an emerging paradigm which allows to enhance the capabilities of users dynamically. It requires no investment in setting up new infrastructure and saves the cost of human resources, i.e., capabilities are increased with the available man power. Despite the presence of all the facilities, enterprise customer hesitates in transferring their business over the cloud. One major reason behind this reluctance is security. In cloud computing, data privacy and protection are always seen as the major concerns. The users of the cloud services need to be careful in understanding the risks of data breaches in cloud environment.Clouds have variant models for different types of services that are made available to the user. In Infrastructure as a Service (IaaS), cloud storage is offered as a service. Cloud storage is an online storage that can be accessed through network, i.e., both storing and accessing operations are performed with the help of network usage. The data is stored in virtualized pool of storage. This chapter gives the detailed overview of the cloud storage architecture and its detailed security architecture. It covers various possible security risks for cloud storage techniques and methods developed so far for making cloud storage secure. We have provided a detailed overview of the storage deduplication techniques, which are deployed for making cloud storage more efficient and free from various security risks caused due to deduplication. It provides comparison between different techniques used for security of cloud storage. Additionally, an effort has been made to include various case studies considering security aspects. This chapter provides detailed guidelines to secure various parts of cloud storage.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amazon Web Services at http://aws.amazon.com/
Available at https://www.idc.com/prodserv/4Pillars/cloud
Available at http://www.pcworld.com/article/242598/researchers_demo_cloud_security_issue_\with_amazon_aws_attack.html
Balduzzi M, Zaddach J, Balzarotti D, Loureiro S (2012) A security analysis of Amazon’s elastic compute cloud service. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC’12), pp 1427–1434
Barua M, Liang X, Lu X et al (2011) ESPAC: enabling security and patient-centric access control for eHealth in cloud computing. Int J Secur Netw 6(2):67–76
Burt C (2014) Large volume DDoS attacks see exceptional growth in first half of 2014: arbor networks. http://www.thewhir.com/web-hosting-news/large-volume-ddos-attacks-see-exceptional-growth-first-half-2014-arbor-networks. Available online on 18 July 2014
Chor B, Goldreich O, Kushilevitz E, Sudan M (1995) Private information retrieval. In: Proceedings of the 36th annual symposium on foundations of computer science. IEEE, Washington, DC, pp 41–51
Chor B, Gilboa N, Naor M (1998) Private information retrieval by keywords Report 98-03. Theory of cryptography library
Chow SSM, Chu C, Huang X et al (2011) Dynamic secure cloud storage with provenance. In: Cryptography and security: from theory to applications. LNCS, vol 6805. Springer, Berlin, pp 442–464
Chun-ho Ng, Mingcao Ma, Wong T-y, Lee PPC, Lui JCS (2011) Live deduplication storage of virtual machine images in an open-source cloud, pp 80–99
Cloud Computing Architecture. Available at https://en.m.wikipedia.org/wiki/Cloud_computing_architecture
Cloud Security Standards What to Expect & What to Negotiate (2013) http://www.cloud-council.org/
Dropbox at https://www.dropbox.com/en/
DropSmack Available at http://www.techrepublic.com/blog/it-security/dropsmack-using-dropbox-to-steal-files-and-deliver-malware/
Feng J, Chen Y, Summerville DH (2011) A fair multi-party non-repudiation scheme for storage clouds. In: International conference on collaboration technologies and systems (CTS 2011), Philadelphia, pp 457–465
Feng J, Chen Y, Summerville D et al (2011) Enhancing cloud storage security against roll-back attacks with a new fair multi-party non-repudiation protocol. In: IEEE conference on consumer communications and networking (CCNC), Las Vegas, pp 521–522
Fernandes DAB, Soares LFB, Gomes JV, Freire MM, Inácio PRM (2014) Security issues in cloud environments: a survey. Int J Inf Secur 13:113–170. Springer
Fiat A, Naor M (1994) Broadcast encryption. In: CRYPTO93. LNCS, vol 773. Springer, Heidelberg, p 480–491
Freire MM, Inácio PRM (2014) Security issues in cloud environments: a survey. Int J Inf Secur 13:113–170
Hoffman S (2013) Ddos: a brief history. https://blog.fortinet.com/post/ddos-a-brief-history. Available online on 25 March 2013
Gupta U (2015) Survey on security issues in file management in cloud computing environment. 5
Herley C, van Oorschot P, Patrick A (2009) Financial Cryptography and Data Security. In: 13th international conference, Accra Beach, vol 5628. Washington, DC
https://www.in.capgemini.com/resource-file-access/resource/pdf
http://www.tripwire.com/state-of-security/security-data-protection/dropbox-security/
Jensen M, Gruschka N, Iacono LL, Horst G (2009) On technical security issues in cloud computing. In: Cloud Computing (CLOUD ’09)
Jin K, Miller EL (2009) The effectiveness of deduplication on virtual machine disk images. In: Proceedings of SYSTOR 2009: the Israeli experimental systems conference, Haifa. ACM, p 7
Juels A, Burton J, Kaliski S (2007) PORs: proofs of retrievability for large files. In: Proceedings of CCS 07, Alexandria, pp 584–597
Kamara S, Papamanthou C, Roeder T (2011) CS2: a semantic cryptographic cloud storage system. Microsoft research, Technical report MSR-TR-2011-58
Kandukuri BR (2009) Cloud security issues. In: 2009 IEEE international conference on services computing, Bangalore, pp 517–520
Kumbhare A, Simmhan Y, Prasanna V (2012) Cryptonite: a secure and performant data repository on public clouds. In: Proceedings – 2012 IEEE 5th international conference on cloud computing, CLOUD 2012, Honolulu, pp 510–517
Li J, Chen X, Li M, Li J, Lee PPC, Lou W (2014) Secure deduplication with efficient and reliable convergent key management. IEEE Trans Parallel Distrib Syst 25(6):1615–1625
Meyer DT, Bolosky WJ (2012) A study of practical deduplication. ACM Trans Storage 7(4):1–20
Ng WK, Wen Y, Zhu H (2012) Private data deduplication protocols in cloud storage. In: ACM symposium on applied computing, Trento, p 441
Peng Y, Zhao W, Xie F, Dai ZH, Gao Y, Chen DQ (2012) Secure cloud storage based on cryptographic techniques. J China Universities Posts Telecommun 19(Suppl 2):182–189
Popa RA, Lorch JR, Molnar D et al (2010) Enabling security in cloud storage SLAs with CloudProof. Microsoft TechReport MSR-TR-2010, 46
Prasad P, Ojha B, Shahi RR, Lal R (2011) 3-dimensional security in cloud computing. Comput Res Dev (ICCRD) 3:198–208
Rackspace Open Cloud at http://www.rackspace.com/cloud
Ruj S, Nayak A, Stojmernovic I (2011) DACC: distributed access control in clouds. In: International joint conference of IEEE TrustCom-11/IEEE ICESS-11/FCST-11. IEEE Computer Society, Los Alamitos, 91–98
Schwarzkopf R, Schmidt M, Rüdiger M, Freisleben B (2012) Efficient storage of virtual machine images. In: Proceedings of the 3rd workshop on scientific cloud computing date – ScienceCloud ’12, New York, p 51
SIT (2012) Technical reports On the security of cloud storage services
Somorovsky J, Meyer C, Tran T et al (2012) SEC2: secure moblie solution for distributed public cloud storages. In: 2nd international conference on cloud computing and services science (CLOSER), Porto, pp 555–561
Sood SK (2012) A combined approach to ensure data security in cloud computing. J Netw Comput Appl 35(6):1831–1838
Storer MW, Greenan K, Long DDE, Miller EL (2008) Secure data deduplication. In: Proceedings of the 4th ACM international workshop on storage security and survivability StorageSS 08, New York, p 1
Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34(1):1–11. Elsevier Conference
Wang C, Wang Q, Ren K, Lou W (2009) Ensuring data storage security in cloud computing. In: IEEE 17th international workshop on quality of service, IWQoS 2009, Charleston, p 19
Wang C, Cao N, Li J, Ren K, Lou W (2010) Secure ranked keyword search over encrypted cloud data. J ACM 43(3):431–473
Wei L, Zhu H, Cao Z, Dong X, Jia W, Chen Y, Vasilakos A (2014) Security and privacy for storage and computation in cloud computing. Inf Sci 258:371–386. Elsevier conference
Windows Azure at http://azure.microsoft.com/en-us/
Zarandioon S, Yao D, Ganapathy V (2012) K2C: cryptographic cloud storage with lazy revocation and anonymous access. In: Security and privacy in communication networks. Lecture notes of the institute for computer sciences, social-informatics and telecommunications engineering LNICST, vol 96. Springer, Berlin/Heidelberg, pp 59–76
Zhao X, Zhang Y, Wu Y, Chen K, Jiang J, Li K (2014) Liquid: a scalable deduplication file system for virtual machine images. IEEE Trans Parallel Distrib Syst 25(5):1257–1266
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Saharan, S., Somani, G. (2015). Security of Cloud-Based Storage. In: Zhu, S., Hill, R., Trovati, M. (eds) Guide to Security Assurance for Cloud Computing. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-25988-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-25988-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25986-4
Online ISBN: 978-3-319-25988-8
eBook Packages: Computer ScienceComputer Science (R0)