12-10-2012, 05:09 PM
Ensuring Data Storage Security in Cloud Computing
Ensuring Data Storage Security in Cloud Computing.pdf (Size: 950.02 KB / Downloads: 41)
Abstract—
Cloud Computing has been envisioned as the nextgeneration
architecture of IT Enterprise. In contrast to traditional
solutions, where the IT services are under proper physical,
logical and personnel controls, Cloud Computing moves the
application software and databases to the large data centers,
where the management of the data and services may not be
fully trustworthy. This unique attribute, however, poses many
new security challenges which have not been well understood.
In this article, we focus on cloud data storage security, which
has always been an important aspect of quality of service. To
ensure the correctness of users’ data in the cloud, we propose an
effective and flexible distributed scheme with two salient features,
opposing to its predecessors. By utilizing the homomorphic token
with distributed verification of erasure-coded data, our scheme
achieves the integration of storage correctness insurance and data
error localization, i.e., the identification of misbehaving server(s).
Unlike most prior works, the new scheme further supports secure
and efficient dynamic operations on data blocks, including: data
update, delete and append. Extensive security and performance
analysis shows that the proposed scheme is highly efficient and
resilient against Byzantine failure, malicious data modification
attack, and even server colluding attacks.
INTRODUCTION
Several trends are opening up the era of Cloud Computing,
which is an Internet-based development and use of computer
technology. The ever cheaper and more powerful processors,
together with the software as a service (SaaS) computing architecture,
are transforming data centers into pools of computing
service on a huge scale. The increasing network bandwidth and
reliable yet flexible network connections make it even possible
that users can now subscribe high quality services from data
and software that reside solely on remote data centers.
PROBLEM STATEMENT
User: users, who have data to be stored in the cloud and
rely on the cloud for data computation, consist of both
individual consumers and organizations.
• Cloud Service Provider (CSP): a CSP, who has significant
resources and expertise in building and managing
distributed cloud storage servers, owns and operates live
Cloud Computing systems.
• Third Party Auditor (TPA): an optional TPA, who has
expertise and capabilities that users may not have, is
trusted to assess and expose risk of cloud storage services
on behalf of the users upon request.
SECURITY ANALYSIS AND PERFORMANCE EVALUATION
In this section, we analyze our proposed scheme in terms
of security and efficiency. Our security analysis focuses on
the adversary model defined in Section II. We also evaluate
the efficiency of our scheme via implementation of both file
distribution preparation and verification token precomputation.