CloudS: A Multi-cloud Storage System with Multi-level Security

  • Lu Shen
  • Shifang Feng
  • Jinjin Sun
  • Zhongwei Li
  • Gang WangEmail author
  • Xiaoguang LiuEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9530)


With the increase of data quantity, people have begun to attach importance to cloud storage, however, traditional single cloud can’t ensure the privacy of users’ data to a certain extent. To solve the security issue, we present a multi-cloud storage system called CloudS which spreads data over multiple cloud storage servers by using a new kind of XOR-based non-systematic erasure codes - Privacy Protecting Codes (PPC). For better user experiences and tradeoffs between security and performance, CloudS provides multiple levels of security by a variety of combinations of compression, encryption and coding schemes. In addition, we also put forward a novel Parallel Cyclic Encryption (PCE) scheme to achieve random secret key protection which attains high security and performance. We implement CloudS as a web application which doesn’t require users to perform complicated operations on local.


Multi-cloud Multi-level security Erasure code Encryption Key management 



This work is partially supported by NSF of China (grant numbers: 61373018, 11301288), Program for New Century Excellent Talents in University (grant number: NCET130301) and the Fundamental Research Funds for the Central Universities (grant number: 65141021).


  1. 1.
  2. 2.
    China personal cloud storage industry and users’ behavior research.
  3. 3.
  4. 4.
    Abu-Libdeh, H., Princehouse, L., Weatherspoon, H.: RACS: a case for cloud storage diversity. In: Proceedings of the 1st ACM Symposium on Cloud Computing, pp. 229–240. ACM, Indianapolis (2010)Google Scholar
  5. 5.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 229–240. ACM, Alexandria (2007)Google Scholar
  6. 6.
    Bessani, A., Correia, M., Quaresma, B., André, F., Sousa, P.: DepSky: dependable and secure storage in a cloud-of-clouds. ACM Trans. Storage (TOS) 9, 12 (2013)Google Scholar
  7. 7.
    Bowers, K.D., Juels, A., Oprea, A.: HAIL: a high-availability and integrity layer for cloud storage. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 187–198. ACM, Chicago (2009)Google Scholar
  8. 8.
    Cachin, C., Keidar, I., Shraer, A.: Trusting the cloud. ACM SIGACT News 40, 81–86 (2009)CrossRefGoogle Scholar
  9. 9.
    Ghemawat, S., Gobioff, H., Leung, S.T.: The google file system. In: ACM SIGOPS operating systems review, pp. 29–43. ACM, New York (2003)Google Scholar
  10. 10.
    Hafner, J.L.: WEAVER codes: highly fault tolerant erasure codes for storage systems. In: 4th Conference on File and Storage Technologies, pp. 16–16. USENIX, San Francisco (2005)Google Scholar
  11. 11.
    Juels, A., Kaliski Jr., B.S.: PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 584–597. ACM, Alexandria (2007)Google Scholar
  12. 12.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES-The Advanced Encryption Standard. Springer Science and Business Media, Heidelberg (2013)zbMATHGoogle Scholar
  13. 13.
    Patterson, D.A., Gibson, G., Katz, R.H.: A case for redundant arrays of inexpensive disks (RAID). ACM (1988)Google Scholar
  14. 14.
    Plank, J.S., Schuman, C.D., Robison, B.D.: Heuristics for optimizing matrix-based erasure codes for fault-tolerant storage systems. In: Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 1–12. IEEE/IFIP, Boston (2012)Google Scholar
  15. 15.
    Plank, J.S., et al.: A tutorial on Reed-Solomon coding for fault-tolerance in RAID-like systems. Softw. Prac. Exp. 27, 995–1012 (1997)CrossRefGoogle Scholar
  16. 16.
    Plank, JS, Huang C: Tutorial: erasure coding for storage applications. In: Slides presented at FAST-2013: 11th Usenix Conference on File and Storage Technologies. USENIX, San Jose (2013)Google Scholar
  17. 17.
    Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM (JACM) 36, 335–348 (1989)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Rashmi, K., Nakkiran, P., Wang, J., Shah, N.B., Ramchandran, K.: Having your cake and eating it too: jointly optimal erasure codes for I/O, storage, and network-bandwidth. In: Proceedings of the 13th USENIX Conference on File and Storage Technologies, pp. 81–94. USENIX, Santa Clara (2015)Google Scholar
  19. 19.
    Resch, J.K., Plank, J.S.: AONT-RS: blending security and performance in dispersed storage systems. In: Proceedings of the 9th USENIX Conference on File and Storage Technologies. USENIX, San Jose (2011)Google Scholar
  20. 20.
    Singleton, R.: Maximum distance-nary codes. In: IEEE Transactions on Information Theory, pp. 116–118. IEEE (1964)Google Scholar
  21. 21.
    Shamir, A.: How to share a secret. Communications of the ACM. 22, 612–613 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Sun, J., Xu, M., Feng, S., Li, Z., Wang, G., Liu, X.: Secure store of user authentication tokens in multi-cloud storage system. J. Comput. Inf. Syst. 11, 1013–1020 (2015)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Nankai-Baidu Joint Lab, College of Computer and Control Engineering and College of SoftwareNankai UniversityTianjinChina

Personalised recommendations