Modified SeDaSc system for efficient data sharing in the cloud

Abstract

SummaryOrganizations tend to store their sensitive data on trusted cloud data storage server to protect it from outside security attacks. However, storing data on the cloud has serious security issues like data misuse from the cloud vendors themselves and attacks from outsources. In this manner, the organizations tend to encrypt their data before storing it in the cloud to protect against the misuse from the cloud vendors and other outer attacks. This article offers an enhancement to Secure Data Sharing in the Cloud (SeDaSc) system in terms of enhancing security metrics related to data privacy and disk storage handling. In the proposed system, the cryptographic server (CS) has been treated a semi‐trusted entity by not giving direct access to the data directly. The data encryption is carried at the client side. While, the keys generation and other related cryptographic operations as the access control list (ACL) management are carried at the CS. The client generates the hash of the file needed to be shared in the cloud and then sends such hash to the CS. Then, the CS uses the hash to generate the cryptographic key and sends it to the client for encryption process. Further, the proposed system achieves better disk management by only updating the ACL in case of uploading the same file more than once. The CS stores generated key hash and whenever receives a new file, the CS compares the hash of the generated key with other stored hashes. The hash computation in key generation in the proposed system makes the key generation process varies with data size in compare with the key generation process in SeDaSc that is independent on data size. Furthermore, in the case of identical hashes, the ACL will only be updated. Therefore, the identical files neither will be encrypted nor uploaded to cloud twice. The proposed system has been represented mathematically and graphically using high level petri net model and simulated by python language environment.