Triangular data privacy-preserving model for authenticating all key stakeholders in a cloud environment

Abdul Razaque, Syed S. Rizvi

Research output: Contribution to journalArticle

17 Citations (Scopus)

Abstract

Cloud computing is a relatively new paradigm that provides numerous advantages to service providers, developers, and customers with respect to flexibility, scalability, and availability at a lower cost. Motivated by these technical and economical advantages, many data owners outsource their data to centralized large data centers where the data are not only stored but also shared among multiple users. This method of data outsourcing brings many new security challenges for data integrity. There have been several mechanisms proposed lately that allow data owners to use a public verifier (e.g., a third-party auditor (TPA)) for efficiently auditing cloud data integrity. The use of a TPA for this purpose is inevitable, since it provides several advantages to both cloud service users (CSUs) and cloud service providers (CSPs) in terms of efficiency, fairness, trust, etc. – which is essential to achieve economies of scale for cloud computing. Although the existing public auditing schemes are capable of simultaneously performing multiple auditing tasks (including the integrity of cloud data) in an efficient manner, these methods can reveal confidential information to public verifiers which makes a TPA a potential threat to the data security of CSUs and the reputation of CSPs. Therefore, cloud computing requires a holistic approach to security that can deal with all the potential threats that exist in the cloud environment. Taking these points into account, this paper presents a novel triangular data privacy-preserving (TDPP) model that supports public auditing with the capability of auditing all the key stakeholders (i.e., CSU, TPA, and CSP) for achieving optimal security in a cloud environment. Specifically, our proposed TDPP model supports three types of auditing. First, the TPA can audit the CSP for ensuring (a) the correctness of the CSU's data stored at the service provider side and (b) that the CSP is in full compliance of its own service level agreement (SLA). Second, the TPA can audit the CSU to (a) determine any violation of terms and conditions defined in the SLA for the cloud services provided by the CSP and (b) monitor the feedback provided by the CSU for the utilized services. Third, either the CSU or CSP can audit the TPA to minimize the possibility of any potential insider threats or attacks. For instance, the CSU can audit the TPA to (a) ensure that private information being shared with the TPA is not disclosed to any third party or misused by an insider and (b) verify that the TPA performs assigned auditing tasks according to the given specification within the agreed time frame. Our experimental results demonstrate the effectiveness and efficiency of our proposed scheme when auditing all key stakeholders.

Original languageEnglish (US)
Pages (from-to)328-347
Number of pages20
JournalComputers and Security
Volume62
DOIs
StatePublished - Sep 1 2016

Fingerprint

Data privacy
Cloud computing
privacy
auditing
stakeholder
service provider
Outsourcing
Security of data
audit
Scalability
Availability
Specifications
Feedback
integrity
threat
Costs
data security
efficiency
holistic approach
public support

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Law

Cite this

@article{219392a005e44745bea393a71f12e9a7,
title = "Triangular data privacy-preserving model for authenticating all key stakeholders in a cloud environment",
abstract = "Cloud computing is a relatively new paradigm that provides numerous advantages to service providers, developers, and customers with respect to flexibility, scalability, and availability at a lower cost. Motivated by these technical and economical advantages, many data owners outsource their data to centralized large data centers where the data are not only stored but also shared among multiple users. This method of data outsourcing brings many new security challenges for data integrity. There have been several mechanisms proposed lately that allow data owners to use a public verifier (e.g., a third-party auditor (TPA)) for efficiently auditing cloud data integrity. The use of a TPA for this purpose is inevitable, since it provides several advantages to both cloud service users (CSUs) and cloud service providers (CSPs) in terms of efficiency, fairness, trust, etc. – which is essential to achieve economies of scale for cloud computing. Although the existing public auditing schemes are capable of simultaneously performing multiple auditing tasks (including the integrity of cloud data) in an efficient manner, these methods can reveal confidential information to public verifiers which makes a TPA a potential threat to the data security of CSUs and the reputation of CSPs. Therefore, cloud computing requires a holistic approach to security that can deal with all the potential threats that exist in the cloud environment. Taking these points into account, this paper presents a novel triangular data privacy-preserving (TDPP) model that supports public auditing with the capability of auditing all the key stakeholders (i.e., CSU, TPA, and CSP) for achieving optimal security in a cloud environment. Specifically, our proposed TDPP model supports three types of auditing. First, the TPA can audit the CSP for ensuring (a) the correctness of the CSU's data stored at the service provider side and (b) that the CSP is in full compliance of its own service level agreement (SLA). Second, the TPA can audit the CSU to (a) determine any violation of terms and conditions defined in the SLA for the cloud services provided by the CSP and (b) monitor the feedback provided by the CSU for the utilized services. Third, either the CSU or CSP can audit the TPA to minimize the possibility of any potential insider threats or attacks. For instance, the CSU can audit the TPA to (a) ensure that private information being shared with the TPA is not disclosed to any third party or misused by an insider and (b) verify that the TPA performs assigned auditing tasks according to the given specification within the agreed time frame. Our experimental results demonstrate the effectiveness and efficiency of our proposed scheme when auditing all key stakeholders.",
author = "Abdul Razaque and Rizvi, {Syed S.}",
year = "2016",
month = "9",
day = "1",
doi = "10.1016/j.cose.2016.08.006",
language = "English (US)",
volume = "62",
pages = "328--347",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "Elsevier Limited",

}

Triangular data privacy-preserving model for authenticating all key stakeholders in a cloud environment. / Razaque, Abdul; Rizvi, Syed S.

In: Computers and Security, Vol. 62, 01.09.2016, p. 328-347.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Triangular data privacy-preserving model for authenticating all key stakeholders in a cloud environment

AU - Razaque, Abdul

AU - Rizvi, Syed S.

PY - 2016/9/1

Y1 - 2016/9/1

N2 - Cloud computing is a relatively new paradigm that provides numerous advantages to service providers, developers, and customers with respect to flexibility, scalability, and availability at a lower cost. Motivated by these technical and economical advantages, many data owners outsource their data to centralized large data centers where the data are not only stored but also shared among multiple users. This method of data outsourcing brings many new security challenges for data integrity. There have been several mechanisms proposed lately that allow data owners to use a public verifier (e.g., a third-party auditor (TPA)) for efficiently auditing cloud data integrity. The use of a TPA for this purpose is inevitable, since it provides several advantages to both cloud service users (CSUs) and cloud service providers (CSPs) in terms of efficiency, fairness, trust, etc. – which is essential to achieve economies of scale for cloud computing. Although the existing public auditing schemes are capable of simultaneously performing multiple auditing tasks (including the integrity of cloud data) in an efficient manner, these methods can reveal confidential information to public verifiers which makes a TPA a potential threat to the data security of CSUs and the reputation of CSPs. Therefore, cloud computing requires a holistic approach to security that can deal with all the potential threats that exist in the cloud environment. Taking these points into account, this paper presents a novel triangular data privacy-preserving (TDPP) model that supports public auditing with the capability of auditing all the key stakeholders (i.e., CSU, TPA, and CSP) for achieving optimal security in a cloud environment. Specifically, our proposed TDPP model supports three types of auditing. First, the TPA can audit the CSP for ensuring (a) the correctness of the CSU's data stored at the service provider side and (b) that the CSP is in full compliance of its own service level agreement (SLA). Second, the TPA can audit the CSU to (a) determine any violation of terms and conditions defined in the SLA for the cloud services provided by the CSP and (b) monitor the feedback provided by the CSU for the utilized services. Third, either the CSU or CSP can audit the TPA to minimize the possibility of any potential insider threats or attacks. For instance, the CSU can audit the TPA to (a) ensure that private information being shared with the TPA is not disclosed to any third party or misused by an insider and (b) verify that the TPA performs assigned auditing tasks according to the given specification within the agreed time frame. Our experimental results demonstrate the effectiveness and efficiency of our proposed scheme when auditing all key stakeholders.

AB - Cloud computing is a relatively new paradigm that provides numerous advantages to service providers, developers, and customers with respect to flexibility, scalability, and availability at a lower cost. Motivated by these technical and economical advantages, many data owners outsource their data to centralized large data centers where the data are not only stored but also shared among multiple users. This method of data outsourcing brings many new security challenges for data integrity. There have been several mechanisms proposed lately that allow data owners to use a public verifier (e.g., a third-party auditor (TPA)) for efficiently auditing cloud data integrity. The use of a TPA for this purpose is inevitable, since it provides several advantages to both cloud service users (CSUs) and cloud service providers (CSPs) in terms of efficiency, fairness, trust, etc. – which is essential to achieve economies of scale for cloud computing. Although the existing public auditing schemes are capable of simultaneously performing multiple auditing tasks (including the integrity of cloud data) in an efficient manner, these methods can reveal confidential information to public verifiers which makes a TPA a potential threat to the data security of CSUs and the reputation of CSPs. Therefore, cloud computing requires a holistic approach to security that can deal with all the potential threats that exist in the cloud environment. Taking these points into account, this paper presents a novel triangular data privacy-preserving (TDPP) model that supports public auditing with the capability of auditing all the key stakeholders (i.e., CSU, TPA, and CSP) for achieving optimal security in a cloud environment. Specifically, our proposed TDPP model supports three types of auditing. First, the TPA can audit the CSP for ensuring (a) the correctness of the CSU's data stored at the service provider side and (b) that the CSP is in full compliance of its own service level agreement (SLA). Second, the TPA can audit the CSU to (a) determine any violation of terms and conditions defined in the SLA for the cloud services provided by the CSP and (b) monitor the feedback provided by the CSU for the utilized services. Third, either the CSU or CSP can audit the TPA to minimize the possibility of any potential insider threats or attacks. For instance, the CSU can audit the TPA to (a) ensure that private information being shared with the TPA is not disclosed to any third party or misused by an insider and (b) verify that the TPA performs assigned auditing tasks according to the given specification within the agreed time frame. Our experimental results demonstrate the effectiveness and efficiency of our proposed scheme when auditing all key stakeholders.

UR - http://www.scopus.com/inward/record.url?scp=84987678810&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84987678810&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2016.08.006

DO - 10.1016/j.cose.2016.08.006

M3 - Article

AN - SCOPUS:84987678810

VL - 62

SP - 328

EP - 347

JO - Computers and Security

JF - Computers and Security

SN - 0167-4048

ER -