Abstract
Cloud Computing is an emerging technology paradigm, enabling and facilitating the dynamic and versatile provision of computational resources and services. Even though the advantages offered by cloud computing are several, there still exists thoughts as per the thus offered security and privacy services. Transferring and storing data to a cloud computing infrastructure, provided by Storage-as-a-Service (STaS) tenants, changes an organization’s security posture, as it is challenging to control or audit the cloud provider’s infrastructure in terms of the way the underlying risks are controlled and mitigated. Therefore, it is necessary that the organizations understand the new threats and risks introduced by the cloud technology. On the other hand we need to adopt, develop, and deploy mechanisms that can effectively and efficiently preserve the confidentiality and integrity of the data. In this paper we examine available cloud computing architectures, focusing on their security capabilities regarding the storage of the data. We then define a set of comparative criteria, so as to evaluate these architectures. Finally, we evaluate current commercial secure storage services, in order to demonstrate their strengths and weaknesses as well as their supported features and usability.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable Data Possession at Untrusted Stores. In: Proc. of the 14th ACM Conference on Computer and Communications Security, USA, pp. 598–609 (2007)
Ateniese, G., di Pietro, R., Mancini, V., Tsudik, G.: Scalable and efficient provable data possession. In: Proc. of the 4th International Conference on Security and Privacy in Communication Networks, Turkey (2008)
Juels, A., Kaliski, B.: Pors: Proofs of Retrievability for Large Files. In: Proc. of the 14th ACM Conference on Computer and Communications Security, USA, pp. 584–597 (2007)
Bowers, K., Juels, A., Oprea, A.: Proofs of Retrievability: Theory and implementation. In: Proc. of the 2009 ACM Workshop on Cloud Computing Security, USA, pp. 43–54 (2009)
Bowers, K., Juels, A., Oprea, A.: HAIL: A High-Availability and Integrity Layer for Cloud Storage. Cryptology ePrint Archive, Report 2008/489 (2008)
Wang, Q., Wang, K., Ren, W., Lou: Ensuring Data Storage Security in Cloud Computing. In: 17th IEEE International Workshop on Quality of Service (IWQoS 2009), USA (2009)
Erway, A., Kupcu, C., Papamanthou, R., Tamassia : Dynamic Provable Data Possession. In: Proc. of the 16th ACM Conference on Computer and Communications Security, USA, pp. 213–222 (2009)
Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008)
Stoner, M., Greenan, K., Miller, E., Voruganti, K.: POTSHARDS: Secure Long-Term Storage without Encryption. In: Proc. of the USENIX Annual Technical Conference, USA, pp. 143–156 (2007)
Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Proc. of the Financial Cryptography: Workshop on Real-Life Cryptographic Protocols and Standardization, Spain (2010)
Wang, W., Li, Z., Owens, R., Bhargava, B.: Secure and Efficient Access to Outsourced Data. In: Proc. of the 2009 ACM Workshop on Cloud Computing Security, USA, pp. 55–66 (2009)
Aaram, Y., Chunhui, S., Yongdae, K.: On Protecting Integrity and Confidentiality of Cryptographic File System for Outsourced Storage. In: Proc. of the 2009 ACM Workshop on Cloud Computing Security, USA, pp. 67–76 (2009)
Goh, U.-J., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: Securing Remote Untrusted Storage. In: Proc. Network and Distributed Systems Security Symposium, USA, pp. 131–145 (2003)
Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: Proc. of the 2nd Conference on File and Storage Technologies (FAST 2003), USA, pp. 29–42 (March 2003)
Li, J., Krohn, M., Mazieres, D., Shasha, D.: Secure Untrusted Data Repository. In: Proc. of the 6th Symposium on Operating Systems Design and Implementation (OSDI), USA, pp. 121–136 (2004)
Popa, A., Lorch, J., Molnar, D., Wang, H., Zhuang, L.: Enabling Security in Cloud Storage SLA with CloudProof. Microsoft Research, TechReport MSR-TR-2010-46 (May 2010)
Virvilis, N., Dritsas, S., Gritzalis, D.: A cloud provider-agnostic secure storage protocol. In: Proc. of the 5th International Conference on Critical Information Infrastructure Security (CRITIS-2010), Greece (September 2010)
Singh, A., Lin, L.: Sharoes: A Data Sharing Platform for Outsourced Enterprise Storage Environments. In: Proc. of Data Engineering 2008, pp. 993–1002. PRC (April 2008)
Dropbox (accessed February 2, 2011), https://www.dropbox.com/
Sygarsync (accessed February 2, 2011), https://www.sugarsync.com/
Wuala (accessed February 2, 2011), http://www.wuala.com/
Spideroak (accessed February 2, 2011), https://spideroak.com/
Ubuntu One (accessed February 2, 2011), https://one.ubuntu.com/
Carbonite (accessed February 2, 2011), http://www.carbonite.com/
Mozy (accessed February 2, 2011), http://mozy.ie
Grolimund, D., Meisser, L., Schmid, S., Wattenhofer, R.: Cryptree: A folder tree structure for cryptographic file systems. In: Proc. of the 25th IEEE Symposium on Reliable Distributed Systems (SRDS 2006), pp. 189–198 (2006)
Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)
Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: A view of cloud computing. Communications of the ACM 53(4) (April 2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Virvilis, N., Dritsas, S., Gritzalis, D. (2011). Secure Cloud Storage: Available Infrastructures and Architectures Review and Evaluation. In: Furnell, S., Lambrinoudakis, C., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2011. Lecture Notes in Computer Science, vol 6863. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22890-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-22890-2_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22889-6
Online ISBN: 978-3-642-22890-2
eBook Packages: Computer ScienceComputer Science (R0)