IJMECS Vol. 6, No. 10, 8 Oct. 2014
Cover page and Table of Contents: PDF (size: 525KB)
Full Text (PDF, 525KB), PP.1-9
Views: 0 Downloads: 0
Cloud Computing, Security Service, TPA-HE (Third Party and Homomorphic Encryption), Authentication, User Attributes, Monitoring Service.
As the software technology evolves the focus of users are shifting form devices for data or information. This transformation requires reliable and scalable computing paradigms which satisfy the users processing and storage requirements. Service based, distributed, grid and web 2.0 are some of the most famous computing technologies. Conversions are occurring towards less managements and maintenance issues and despite of that the usage experience should be increased. But there are some security concerns like security, access control, privacy & isolation based trusted service delivery raises due to the data in an outsourced environment. Thus, several policies are created to define its boundaries. Also the type of user accessing the data and the service provided by the cloud needs to be verified. Thus the uses trust over the system can go down if the interoperability and security of services are satisfactory. To providing confidentiality to users data encryption is the traditional options which require decryption for reading or retrieving the data. But in outsourced environment the user is frequently accessing its data which may increase the overhead of performing such frequent encryption and then decryptions. Also for performing any operations the data need to be decrypted. It is something treating as a complex usage boundary. Thus, Homomorphic encryption is used to deal with such situations. This paper proposes a novel Third Party and Homomorphic Encryption (TPA-HE) based mechanism for secure computing. In this third party auditor and service provider is used for authentication and authorization of services & user profiles. It has three basic entities TPA, Cloud Service Provider, Encryption & Monitoring service to regularly analyze the security breaches in access & data transfer mechanism. To prove the effectiveness of suggested approach some of the results are taken which are better than the existing mechanism.
Pawan Kumar Parmar, Megha Patidar, Mayank Kumar Sharma, "Performance Evaluation of TPA-HE Based Fine Grained Data Access for Cloud Computing", International Journal of Modern Education and Computer Science (IJMECS), vol.6, no.10, pp.1-9, 2014. DOI:10.5815/ijmecs.2014.10.01
[1]Shucheng Yu, Cong Wang, Kui Ren and Wenjing Lou, “Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing”, in Proceedings of IEEE Infocomm, ISSN: 978-1-4244-5837-0/10, 2010.
[2]Deyan Chen and Hong Zhao, “Data Security and Privacy Protection Issues in Cloud Computing”, in International Conference on Computer Science and Electronics Engineering, IEEE 2012, ISSN: 978-0-7695-4647-6/12, DOI 10.1109/ICCSEE.2012.193, 2012.
[3]Daryl C. Plummer, Thomas J. Bittman, Tom Austin, David W. Cearley and David Mitchell Smith, “Cloud Computing: Defining and Describing an Emerging Phenomenon”, Research Article in Gartner Research, ID Number: G00156220, June 2008.
[4]Stephen S. Yau and Ho G. An, “Confidentiality Protection in Cloud Computing Systems”, in International Journal of Software and Informatics, ISSN 1673-7288, Vol.4, No.4, December 2010, pp. 351-365.
[5]Mohemed Almorsy, John Grundy and Amani S. Ibrahim, “Collaboration-Based Cloud Computing Security Management Framework”, in IEEE 4th International Conference on Cloud Computing, ISSN: 978-0-7695-4460-1/11, DOI 10.1109/CLOUD.2011.9, 2011.
[6]Pardeep Kumar, Vivek Kumar Sehgal , Durg Singh Chauhan, P. K. Gupta and Manoj Diwakar, “Effective Ways of Secure, Private and Trusted Cloud Computing”, in International Journal of Computer Science Issues, ISSN: 1694-0814, Vol. 8, Issue 3, No. 2, May 2011, pp 412-521.
[7]Farzad Sabahi, “Cloud Computing Security Threats and Responses”, in IEEE Transaction, ISSN: 978-1-61284-486-2/11, 2011.
[8]Farhan Bashir Shaikh and Sajjad Haider, “Security Threats in Cloud Computing”, in IEEE 6th International Conference on Internet Technologies & Transactional databases, ISSN: 978-1-908320-00-1/11, UAE, 2011.
[9]Wentao Liu, “Research on Cloud Computing Security Problem and Strategy”, in IEEE Transaction, ISSN: 978-1-4577-1415-3/12/, 2011.
[10]Wayne Jansen and Timothy Grance, “Guidelines on Security and Privacy in Public Cloud Computing”, in NIST Special Publication 800-144, Dec 2011.
[11]Christian Cachin, Divay Bansal, Gllunter Karjothm, “Key Management with Policy-based Access Control”, in IBM Research, April 2012.
[12]Dianli GUO and Fengtong WEN, “A More Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment”, in Journal of Computational Information Systems, ISSN; 1553–9105, Vol. 9:No. 2, 2013, 407-413.
[13]Kristin Lauter, Michael Naehrig and Vinod Vaikuntanathan, “Can Homomorphic Encryption be Practical”, in ACM, 2008.
[14]Craig Gentry, “Computing Arbitrary Functions of Encrypted Data”, in ACM by IBM T.J. Watson Research Center, 2008.
[15]Bharath K. Samanthula, Gerry Howser, Yousef Elmehdwi, and Sanjay Madria, “An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud”, in Cloud 1st conference by ACM, ISSN: 978-1-4503, DOI: 1596-8/12/08, 2012.
[16]Robert Griffin and Subhash Sankuratripati, “Key Management Interoperability Protocol Profile Version 1.1”, in OASIS Standards Organizations at http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.doc, 2013.
[17]Web Article, “Amazon Web Services: Overview of Security Processes” by Amazon Services at http://aws.amazon.com/security,June 2013.
[18]Pawan Kumar Parmar and Megha patidar, “A Novel TPA-HE Security Service Architecture for Fine Grained Data Access in Cloud Computing”, in International Conference on Cloud Big Data and Trust (ICCBDT), at RGPV Bhopal, India, Nov 2013.
[19]Sombir Singh, Sunil K Maakar and Dr. Sudesh Kumar, “A Performance Analysis of DES and RSA Cryptography “, in International Journal of Emerging Trends & Technology in Computer Science (IJETTCS), ISSN 2278-6856, Volume 2, Issue 3, May – June 2013.
[20]Pascal Paillier, “Public-Key Cryptosystems Based on Composite Degree Residuosity Classes”, Published in J. Stern,Ed., Advances in Cryptology – EUROCRYPT’99,vol. 1592 of Lecture Notes in Computer Sc. Springer-Verlag, 1999.