Designing Secure Architectures for Data Storage in Cloud Environments
Keywords:
Cloud Computing, Cyber-attacks, Data Privacy, Malicious Activity, Secure Architecture.Abstract
Popularity of cloud computing is increasing day by day in the domain of information technology. It provides a lot of services utilizing resources that are dynamic and scalable. It enables users to cut their costs and also ease of utilization. Small as well as large enterprises are now inclined towards cloud solutions to enhance their services and businesses and also to easily integration with other enterprises. Even there are a lot of benefits that businesses achieve with cloud computing, however still some of the users are not comfortable to place their sensitive and private data on cloud due to security issues. The type of sensitive information may contain any personal identification information, government data, personal health information or emails etc. Because of that there is a need that cloud computing addresses the security issues during data transmission of sensitive information when shared on public environments. The type of security issues cloud computing is dealing with include; data privacy, data misuse, cyber-attacks or any other malicious attacks resulting in security breach. The intent of this paper is to highlight the issues in cloud computing related to security and to discuss the solution to deal with security issues. A secure architecture is presented in this paper that when applied secures not only the data transmission over cloud but also secure the data storage and enables authorized access.
References
B. R. Kandukuri and A. Rakshit, “Cloud security issues,” in 2009 IEEE International Conference on Services Computing, IEEE, 2009, pp. 517–520. Available: https://ieeexplore.ieee.org/abstract/document/5283911/
B. Lau, S. Chung, C. Song, Y. Jang, W. Lee, and A. Boldyreva, “Mimesis Aegis: A Mimicry Privacy {Shield–A}{System’s} Approach to Data Privacy on Public Cloud,” in 23rd usenix security symposium (USENIX Security 14), 2014, pp. 33–48. Available: https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/lau
G. Forecast, “Cisco visual networking index: global mobile data traffic forecast update, 2017–2022,” Update, vol. 2017, p. 2022, 2019.
S. Fahl, M. Harbach, T. Muders, and M. Smith, “TrustSplit: usable confidentiality for social network messaging,” in Proceedings of the 23rd ACM conference on Hypertext and social media, Milwaukee Wisconsin USA: ACM, Jun. 2012, pp. 145–154. doi: 10.1145/2309996.2310022.
M. Naveed et al., “Controlled Functional Encryption,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale Arizona USA: ACM, Nov. 2014, pp. 1280–1291. doi: 10.1145/2660267.2660291.
M. Nabeel and E. Bertino, “Privacy preserving delegated access control in public clouds,” IEEE Trans. Knowl. Data Eng., vol. 26, no. 9, pp. 2268–2280, 2013.
C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving public auditing for data storage security in cloud computing,” in 2010 proceedings ieee infocom, Ieee, 2010, pp. 1–9. Available: https://ieeexplore.ieee.org/abstract/document/5462173/
S. Kamara and K. Lauter, “Cryptographic Cloud Storage,” in Financial Cryptography and Data Security, vol. 6054, R. Sion, R. Curtmola, S. Dietrich, A. Kiayias, J. M. Miret, K. Sako, and F. Sebé, Eds., in Lecture Notes in Computer Science, vol. 6054. , Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 136–149. doi: 10.1007/978-3-642-14992-4_13.
R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric encryption: improved definitions and efficient constructions,” in Proceedings of the 13th ACM conference on Computer and communications security, Alexandria Virginia USA: ACM, Oct. 2006, pp. 79–88. doi: 10.1145/1180405.1180417.
C. Wang, Q. Wang, K. Ren, and W. Lou, “Ensuring data storage security in cloud computing,” in 2009 17th International Workshop on Quality of Service, Ieee, 2009, pp. 1–9. Available: https://ieeexplore.ieee.org/abstract/document/5201385/
M. Aazam, P. P. Hung, and E.-N. Huh, “Smart gateway based communication for cloud of things,” in 2014 IEEE ninth international conference on intelligent sensors, sensor networks and information processing (ISSNIP), IEEE, 2014, pp. 1–6. Accessed: May 15, 2024. [Online]. Available: https://ieeexplore.ieee.org/abstract/document/6827673/
S. Vinoski, “Advanced message queuing protocol,” IEEE Internet Comput., vol. 10, no. 6, pp. 87–89, 2006.
Q. Liu, C. C. Tan, J. Wu, and G. Wang, “Cooperative private searching in clouds,” J. Parallel Distrib. Comput., vol. 72, no. 8, pp. 1019–1031, 2012.
A. S. Rao et al., “A Secured Cloud Architecture for Storing Image Data using Steganography,” in 2024 2nd International Conference on Computer, Communication and Control (IC4), IEEE, 2024, pp. 1–6. Accessed: May 15, 2024. [Online]. Available: https://ieeexplore.ieee.org/abstract/document/10486495/
I. Bouleghlimat, S. Boudouda, and S. Hacini, “PPSecS: Privacy-Preserving Secure Big Data Storage in a Cloud Environment,” Arab. J. Sci. Eng., vol. 49, no. 3, pp. 3225–3239, Mar. 2024, doi: 10.1007/s13369-023-07924-4.
S. Guan, C. Zhang, Y. Wang, and W. Liu, “Hadoop-based secure storage solution for big data in cloud computing environment,” Digit. Commun. Netw., vol. 10, no. 1, pp. 227–236, 2024.
N. Jain and P. Singhal, “Securely Cloud Data Storage and Sharing,” J. Inform. Electr. Electron. Eng. JIEEE, vol. 5, no. 1, pp. 1–12, 2024.
E. M. Mohammed and E. H. Ziyati, “Novel Approach for Protecting Personal Sensitive Information in a Cloud Storage Environment,” Int. J. Comput. Digit. Syst., vol. 16, no. 1, pp. 1–10, 2024.
M. Kuštelega and R. Mekovec, “Migrating data to the cloud: An analysis of cloud storage privacy and security issues and solutions,” CroDiM Int. J. Mark. Sci., vol. 7, no. 1, pp. 89–98, 2024.
N. I. Ali, A. G. Memon, and A. Jamali, “Architectural Design for Data Security in Cloud-based Big Data Systems,” Baghdad Sci. J., 2024, Accessed: May 15, 2024. [Online]. Available: https://www.bsj.uobaghdad.edu.iq/index.php/BSJ/article/view/8722
V. Bande, B. D. Raju, K. P. Rao, S. Joshi, S. H. Bajaj, and V. Sarala, “Designing Confidential Cloud Computing for Multi-Dimensional Threats and Safeguarding Data Security in a Robust Framework,” Int. J. Intell. Syst. Appl. Eng., vol. 12, no. 11s, pp. 246–255, 2024.
S. R. Vulapula and H. B. Valiveti, “Secure and efficient data storage scheme for unstructured data in hybrid cloud environment,” Soft Comput., vol. 26, no. 23, pp. 13145–13152, 2022.
M. I. Reddy, P. V. Rao, T. S. Kumar, and S. R. K, “Encryption with access policy and cloud data selection for secure and energy-efficient cloud computing,” Multimed. Tools Appl., vol. 83, no. 6, pp. 15649–15675, Jul. 2023, doi: 10.1007/s11042-023-16082-6.
Downloads
Published
Issue
Section
License
Copyright (c) 2023 Arslan Shahid, Sharjeel Imtiaz
This work is licensed under a Creative Commons Attribution 4.0 International License.
This work is licensed under a Creative Commons Attribution 4.0 International License. Authors retain copyright and grant the journal the right of first publication, with the work simultaneously licensed under a CC-BY 4.0 License.
