A Trusted Third-party (TTP) based Encryption Scheme for Ensuring Data Confidentiality in Cloud Environment

Abstract

Cloud computing is an emerging paradigm that affects a large part of the IT industry by offering dynamically scalable resources (e.g., hardware and software) that are provisioned as a service over the Internet. Cloud computing provides numerous advantages to organizations in terms of improved scalability, lower cost, and flexibility, to name a few. Despite these technical and economical advantages, many potential cloud consumers are still hesitant to adopt cloud computing due to security and privacy concerns. In particular, one of the main factors for the reluctance of organizations to adopt cloud computing is the lack of strong encryption scheme that can ensure the confidentiality of client's data while store in cloud service provider's (CSPs) data centers. With the existing encryption schemes adopted by the CSPs, there is always a possibility that the client's data can be compromised due to insider threats. In this paper, we propose a new scheme capable to secure client information from both insider and outsider threats. In particular, we develop an encryption scheme by combining both symmetric and asymmetric cryptographic algorithms, which provide strong data confidentiality preserving secret key encryption functionalities, including periodically renewable public key certificates through trusted third parties. Due to these functionalities, the data owner can utilize the best secret key encryption schemes while the trusted third party will hold and communicate the secret keys to CSPs on behalf of cloud service users (CSUs).