Cloud Storage Applications Research Articles

Blockchain-based privacy-preserving public key searchable encryption with strong traceability

Public Key Searchable Encryption (PKSE) has essential applications in cloud storage because it allows users to search over encrypted data. To identify illegal users, many traceable PKSE schemes have been proposed. However, existing schemes cannot trace the keywords that illegal users searched and protect users’ privacy simultaneously. It is challenging to bind users’ identities and keywords while protecting their privacy. Moreover existing traceable PKSE schemes do not consider the unforgeability and immutability of trapdoor query records which leads to frame-up and denial. In this paper, to address these problems, we propose a blockchain-based privacy-preserving PKSE with strong traceability (BP3KSEST) scheme. The main features of our scheme are as follows: (1) authorized users can obtain trapdoors from trapdoor generation center without releasing their identities and keywords; (2) When required, a trusted third party (TTP) can trace both illegal users’ identities and the keywords which they searched; (3) trapdoor query records are unforgeable and immutable. This scheme is appropriate for scenarios where privacy must be addressed, e.g, electronic health record (EHR). We formalize the definition and security model of our BP3KSEST scheme. Furthermore, we present a concrete construction and prove its security. Finally, the implementation is conducted to analyze its efficiency.

Cloud Forensic Artefacts: Digital Forensics Registry Artefacts discovered from Cloud Storage Application

Cloud Forensic Artefacts: Digital Forensics Registry Artefacts discovered from Cloud Storage Application

Secure data sharing scheme with privacy-preserving and certificateless integrity auditing in cloud storage

With cloud storage services becoming wildspread and low-cost, individuals and organizations select outsourcing large amounts of document to cloud. Cloud storage applications provide data sharing services with varying functionality. In some cloud storage systems that provide data sharing, such as e-health systems, hiding sensitive information fields is a necessity. Meanwhile, in sharing process, unauthorized entities may have access to these privacy fields. The resource-constrained computation capability for data owner (DO) is universal. To tackle above problems, we propose a sanitizer-based secure data sharing scheme where sanitizer performs most computations of encryption and signature after receiving the partially blinded data from DO. It also checks the legitimacy of visitors before CSP returns stored data file. Besides, adopting an attribute-based access policy guarantees further privacy and fine-grained access authorization. After verification, cloud will return the required data to the legitimate visitors. Moreover, integrity auditing to shared data file is based on certificateless authentication technique, which removes certificates issue of traditional cryptographic technique, avoids key-escrow attack risk caused by identity-based cryptography. Finally, the performance analysis and experimental results show that our proposed scheme is competitive in practical applications since it reduces the authenticator generation overhead by up to 21.6% and proof generation overhead by up to 12% compared with related schemes.

Identity-based controlled delegated outsourcing data integrity auditing scheme

With the continuous development of cloud computing, the application of cloud storage has become more and more popular. To ensure the integrity and availability of cloud data, scholars have proposed several cloud data auditing schemes. Still, most need help with outsourced data integrity, controlled outsourcing, and source file auditing. Therefore, we propose a controlled delegation outsourcing data integrity auditing scheme based on the identity-based encryption model. Our proposed scheme allows users to specify a dedicated agent to assist in uploading data to the cloud. These authorized proxies use recognizable identities for authentication and authorization, thus avoiding the need for cumbersome certificate management in a secure distributed computing system. While solving the above problems, our scheme adopts a bucket-based red–black tree structure to efficiently realize the dynamic updating of data, which can complete the updating of data and rebalancing of structural updates constantly and realize the high efficiency of data operations. We define the security model of the scheme in detail and prove the scheme's security under the difficult problem assumption. In the performance analysis section, the proposed scheme is analyzed experimentally in comparison with other schemes, and the results show that the proposed scheme is efficient and secure.

Public cloud object storage auditing: Design, implementation, and analysis

Cloud storage auditing is a technique that enables a user to remotely check the integrity of the outsourced data in the cloud storage. Although researchers have proposed various protocols for cloud storage auditing, the proposed schemes are theoretical in nature, which are not fit for existing mainstream cloud storage service practices. To bridge this gap, this paper proposes a cloud storage auditing system that works for current mainstream cloud object storage services. We design the proposed system over existing proof of data possession (PDP) schemes and make them practical as well as usable in the real world. Specifically, we propose an architecture that separates the compute and storage functionalities of a storage auditing scheme. Because cloud object storage only provides read and write interfaces, we leverage a cloud virtual machine to implement the user-defined computations that are needed in a PDP scheme. We store the authentication tags of the outsourced data as an independent object to allow existing popular cloud storage applications, e.g., file online previewing. We also present a cost model to analyze the economic cost of a cloud storage auditing scheme. The cost model allows a user to balance security, efficiency, and economic cost by tuning various system parameters. We implemented, open-sourced the proposed system over a mainstream cloud object storage service. Experimental analysis shows that the proposed system is pretty efficient and promising for a production environment usage. Specifically, for a 40 GB sized data, the proposed system only incurs 1.66% additional storage cost, 3796 bytes communication cost, 2.9 seconds maximum auditing time cost, and 0.9 CNY per auditing monetary cost.

Performability evaluation of NoSQL-based storage systems

NoSQL database management systems (DBMS) have been commonly adopted in cloud storage applications, as they usually provide better performance and availability than relational DBMSs. Eventual consistency is a remarkable feature of many NoSQL database systems, in which not all redundant nodes have the newest data, but, eventually, such data will be present in all nodes. Distinct consistency levels can be utilized, but they may affect user experience and service level agreements. The assessment of consistency concerning the probability of accessing the newest data is not common, and the jointly evaluation of performance and availability is usually neglected. This work proposes a method based on stochastic Petri nets (SPN) for evaluating the consistency levels of storage systems based on NoSQL DBMS adopting quorum technique. The models take into account distinct consistency levels and redundant nodes for estimating system availability, throughput and the probability of accessing the newest data. Experimental results demonstrate the practical feasibility of our approach.

Framework for Data Provenance Assurance in Cloud Environment using Ethereum Blockchain

Ensuring secure data provenance is crucial for maintaining accountability and confidentiality in cloud environments. Cloud data provenance involves recording the history of creation and operations performed on cloud data objects. However, establishing trust between cloud customers and service providers remains a challenge, highlighting the need for assured data provenance models in cloud storage. Blockchain technology has emerged as a solution for designing data provenance assurance mechanisms. It provides a decentralized and distributed ledger to record the provenance of digital assets. In this context, we present a blockchain-based framework for ensuring data provenance in cloud storage. Initially, we develop a cloud storage application using OpenStack swift storage. This application caters to the storage needs of university students and faculty while providing data provenance capabilities. Subsequently, we design a data provenance assurance framework for confidential files of users using the Ethereum blockchain. To evaluate the scalability and performance of the proposed framework, we analyze various factors such as transaction throughput, latency, network size, and load on the blockchain network. The performance of the system is compared under two consensus algorithms: Proof of Work and Proof of Authority. By conducting this analysis, we aim to assess the effectiveness and efficiency of the blockchain-based solution in ensuring data provenance in cloud storage environments.

Proof of retrievability with flexible designated verification for cloud storage

With numerous applications in cloud storage, Proof of Retrievability (PoR) is an efficient solution for verification and retrieval of big data on a remote server. Existing PoR schemes can support two mutually exclusive verification modes, namely either private verifiability or public verifiability, depending on whether the outsourced data is verifiable by the data owner (user) only or by everyone. In order to allow the user to flexibly designate the capability of verification, we propose a novel framework for PoR schemes that enables fine-grained control of remote data verification for cloud storage. Our idea is enabling the user to dynamically release some tokens (verification keys) to one or more third parties (designated verifiers), such that only the user and the designated verifiers can verify and retrieve the outsourced data from the server. We formalize this notion as PoR with Flexible Designated Verification (PoR-FDV), and define an extended adversarial model for PoR-FDV based on Juel et al.'s PoR model. Under the new framework, we propose a generic, simple and elegant construction of PoR-FDV from public verifiable PoR and identity-based KEM/DEM, which then gives birth to a concrete and efficient PoR-FDV scheme. Compared to existing PoR schemes, PoR-FDV provides higher flexibility and scalability, as well as many useful features.

PELUANG DAN TANTANGAN PENYIMPANAN CLOUD STORAGE PADA DOKUMEN DIGITAL

Cloud storage is a digital document storage application which is the result of the development of a cloud computing system, this system utilizes the internet network in carrying out its business processes. Utilization of cloud storage applications on digital documents provides various conveniences for users, not only professional users who work for their organizations but can be used by individual personal users who use it to store personal documents. With the existence of a remote work system must be implemented, in disruption era which is slowly shifting conventional patterns, it also affects the process of storing digital documents into things that need to be implemented in organizations. Cloud storage supports collaboration which is easy to implement with colleagues, access can be done anywhere and anytime, to have advanced security. Online document storage provides benefits for business processes. The benefits of cloud storage are supporting paperless programs, making it easier to preserve digital documents, helping organizations in controlling data, mitigating disasters against unpredictable events, saving expenses, and having an advanced data security system. In addition to the benefits/conveniences offered by the service provider. User readiness needs to be considered. This will be a challenge aspect in implementing cloud storage, such as education and socialization regarding the use of cloud storage systems which are still not optimal, vulnerabilities in the misuse of document data stored in the cloud and requires superior human resources in the use of cloud storage.

The AMD 400-G Adaptive SmartNIC System on Chip: A Technology Preview

This paper presents the AMD 400G Adaptive SmartNIC SoC, a Domain Specific Architecture (DSA) for Offload Acceleration of multi-tenant Cloud Network and Storage Applications. The paper introduces the motivating factors behind Smart Network Interface Card (NIC) and DPU accelerators in the datacenter. The paper then describes how and why the Adaptive SoC aims to strike a balance between software processing on the embedded processors, fastpath ASIC-like processing on hardened logic, and adaptive and composable processing on the integrated FPGA. In architecting various subsystems of the SoC, the paper describes how the device adapts to varying workloads over time, through dynamic function exchange of programmable logic, and adapts to varying workloads over space by having different hardware execution pipelines executing alongside different programmable logic binaries. The paper also describes how Security Attestation & Authentication, Firewalls, and Cryptographic Acceleration permeate the device for a robust, Multi-Tenant Confidential Compute environment.

Pengelolaan Dokumen Arsip Laboratorium Menggunakan OwnCloud Sebagai Media Cloud Storage Berbasis Infrastructure as a Service (IaaS)

Archive document management of three laboratories namely Database Laboratory, Network Laboratory and Programming Laboratory under the Department of Informatics, Faculty of Information Technology and Business, Institute of Science & Technology Akprind Yogyakarta in managing laboratory archive documents still uses public applications, so they are vulnerable to exposure hack. In addition, the management of archival documents in each laboratory has not been managed centrally by the Informatics Department. Based on the problem of archival document management in each laboratory that has not been managed centrally by the Informatics Department and document storage that still uses public applications so it is vulnerable to being hacked, this research will develop an Infrastructure as a Service (IaaS) private cloud storage application. ) by using the OwnCloud application. The PPDIOO method developed by CISCO is used as a research method. The steps of the PPDIOO method are Prepare, which is preparing a work plan both from a technical and strategic point of view which is used to build a Cloud Server, Plan, which is a needs analysis used as a parameter before designing a private cloud network system, Design, which is making a design for monitoring virtual servers that will implemented on a cloud computing network, Implement is the process of building a Cloud Server using OwnCloud, Operate is the process of operating OwnCloud such as user management, uploading and downloading documents, and sharing documents with other users, and Optimize, namely the process of increasing capacity (storage, resources) according to needs users so that OwnCloud's performance is optimal. After testing using the blackbox testing method, the result is that the Cloud Computing application based on Infrastructure as a Service (IaaS) using OwnCloud can work properly starting from the login process to the process of storing data, uploading and downloading files and sharing files with other users. All forms and features work according to their function.

Determination of Cloud Storage and IT Infrastructure on File Security

This study discusses the determination of cloud storage and IT infrastructure for file security. The purpose of this study is to find out whether the application of cloud storage plays a role in securing files and implementing IT infrastructure plays a role in securing files. The research method used is descriptive qualitative, which aims to obtain hypotheses for further research. The results of this study include: 1) Cloud storage plays a role in securing files, where by implementing and using cloud storage, companies can more easily access cloud computing. So that it does not require disk space on hardware and 2) IT infrastructure plays a role in securing files, where with adequate IT infrastructure such as: network, hardware and software it will make it easier for companies to secure files. Other IT infrastructure that can be done is in the form of developing the speed of the company's internet network, in addition to making it easier for company employees to convey information. High internet speed is also useful in transferring and securing files and backing up files. If one of the company's hardware is attacked by a virus, the data can be quickly transferred with high internet speed. Another infrastructure is the development of its own applications, so that companies can easily control and operate applications according to the wishes and needs of the company. There are other factors that affect file security, including: 1) Employee performance; 2) Employee education; and 3) Competitive advantage.

Raspberry Pi as a Personal Cloud Server with Next-cloud

This research will show steps on how to build personal cloud storage by using Raspberry Pi (minicomputer), which will help the user to enable cloud storage mode to their external hard drive. Software solutions like Next-cloud, own-cloud are open-source cloud storage applications that allow users to store and access files, photos, and other digital assets from any device with internet access. The main objective of our project is to give a user personal Cloud Storage of his own in a cost-efficient manner which will be much more reliable than any other material cloud service.

An enhanced traceable CP-ABE scheme against various types of privilege leakage in cloud storage

Cloud storage can save not only local storage costs but also provide data-sharing services. Ciphertext-policy attribute-based encryption (CP-ABE) can work as the underlying engine for cloud storage since it supports one-to-many encryption and fine-grained access control. To prevent users from disclosing their access permissions, we can apply traceable CP-ABE systems. There are two kinds of traceability: white-box traceability and black-box traceability. White-box traceability is simple and efficient, but it cannot support black-box tracing; black-box traceability supports white-box tracing, but its operations are usually cumbersome. So, these two kinds of traceability are unable (or unsuitable) to solve each other’s problems. However, in cloud storage applications, users may leak their privileges in various ways, which means the underlying CP-ABE system should have multiple traceability. Unfortunately, the current traceable CP-ABE schemes only support single traceability. Therefore, we propose a novel CP-ABE scheme with enhanced traceability. It intertwines white-box and black-box traceability together securely and efficiently, which makes it more targeted and simpler to solve distinct tracing problems than previous schemes. Moreover, the proposed scheme has scalability, flexible policy expressiveness, and certain advantages in computing performance.

A Design Framework of Exploring Moderating Factors in Perceived Security Risk for Blockchain Technology Applications in Cloud Storage: Enhancing Secure Healthcare Systems

A Design Framework of Exploring Moderating Factors in Perceived Security Risk for Blockchain Technology Applications in Cloud Storage: Enhancing Secure Healthcare Systems

Retracted: Perceived Security Risk Based on Moderating Factors for Blockchain Technology Applications in Cloud Storage to Achieve Secure Healthcare Systems

Retracted: Perceived Security Risk Based on Moderating Factors for Blockchain Technology Applications in Cloud Storage to Achieve Secure Healthcare Systems

Cloud Computing Database and Travel Smart Platform Design Based on LSTM Algorithm

Information technology has played a key role in the development of the tourism planning service industry and has now become an important foundation for the survival and rapid development of the industry. In this context, due to the fast updating and popularization of information technology, it has greatly promoted the development of the tourism industry. In order to meet the current public demand for tourism information, this paper integrates cloud computing, VR technology, and big data analysis technology to build a smart platform for intelligent perception tourism information services. The system can obtain tourism information through mobile Internet terminals. Among them, the database of the smart tourism planning platform is the most important module. Aiming at the many difficulties in adapting data encryption in cloud storage applications, this article designs an adaptive CloudCrypt data encryption system based on cloud computing technology and proposes dynamic JavaScript dynamic analysis and automatic identification of data technology, through adaptive different cloud applications to obtain data encryption protection. CloudCrypt is suitable for typical cloud applications, such as mail and storage. The entry cost of the system is extremely low; it can fully guarantee the security of the tourism information platform database and can integrate wireless sensor networks into the tourism information platform. The network system composed of sensor nodes activates detection, calculation, and communication modules through wireless communication and has the advantages of low cost, low power consumption, and fast networking speed. In this paper, through the construction of integrated wireless sensor technology and cloud computing database, it is applied to the construction of a tourism smart platform, thereby promoting the development of smart travel technology.

Medication adherence manager and its clinical application.

Adherence to prescribed medication affects global clinical practice especially on chronic disease management resulting in adverse medical and economic burden. Reliable standard and practice in measuring adherence among patient is yet to be established clinically although aspects from user behavioural, clinical needs and technology-assisted devices design have been studied. Lack of real-time monitoring and inefficient method of medication consumption validation has been identified as the challenges in monitoring patient medication consumption’s pattern. The aim of this study is to design and deploy an IoT driven medication adherence manager. The proposed IoT architecture enabled by real time monitoring through a multi-sensor alert option in medicinal compartment to ensure adherence integrity. The reliability of the proposed device further enhanced with the mobile application and cloud storage and usage analytic support application. The medication adherence manager expected to digitize the medication consumption process thus improving the patient health and well-being at the same time reduce pharmaceutical wastage due to nonadherence.

Video Steganography Encryption on Cloud Storage for Securing Digital Image

Cloud storage is a data storage service in cloud computing that allows stored data to be shared and accessed via the internet. Cloud storage is usually used to store personal data such as files, photos, or videos with so that these data can be accessed anywhere via the internet without the need to use physical storage media. However, cases of data leaks in cloud storage still occur which causes personal data stored in cloud storage to be accessed by other people who do not have access.
 The Client-Side Steganography Encryption on Cloud Storage Application was developed using the Modified Least Significant Bit (LSB) method and the Standard Advanced Encryption (AES) algorithm. This desktop-based application was developed to protect personal data of digital images embedded in a video so that unauthorized parties cannot view the data. This application is expected to be a data security solution on cloud storage to prevent theft of personal data by non-existent parties.
 From the test results, the developed application can receive input, process input, and produce the desired output. The image from the extraction process from video also does not change at all in terms of visual or visible. The results obtained from this test is the PSNR value with an average of 36,395 dB. A good PSNR value is above 30 dB and indicates that the quality of the extracted image is good and also indicates that the developed application can protect data of digital images into video.

Third-party enabled auditing for uniqueness-based integrity and data sharing with information hiding

The majority data are now kept in the cloud. There are many Cloud storage applications used to exchange data that range from normal to highly sensitive. Among the most essential security measures in cloud is Cloud auditing. It is the process of validating the reliability of data stored in the cloud. As of the inevitability of hardware problems, system failures and errors by people these data may be corrupted or lost. An efficient auditing system to determine whether or not the data is corrupted is a challenging task among the recent research. This paper proposes a third-party enabled auditing methodology to ensure data integrity, privacy data sharing and protect against outside attackers in the public cloud. In this proposed method, the record / data owner generates signatures or add sanitizer before importing sensitive data blocks into the cloud. The record blocks that report sensitive data are sanitized, and the signatures of those records blocks are converted into legitimate ones for the sanitized report. As a result, the records saved in the cloud have the identical signature. Then a third-party auditor is implemented to confirm the cloud's storage accuracy by validating the reliability of the cloud records on the person's behalf.