Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trust, Privacy and Security in Digital Business

TrustBus 2011: Trust, Privacy and Security in Digital Business pp 74–85Cite as

Secure Cloud Storage: Available Infrastructures and Architectures Review and Evaluation

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6863))

Abstract

Cloud Computing is an emerging technology paradigm, enabling and facilitating the dynamic and versatile provision of computational resources and services. Even though the advantages offered by cloud computing are several, there still exists thoughts as per the thus offered security and privacy services. Transferring and storing data to a cloud computing infrastructure, provided by Storage-as-a-Service (STaS) tenants, changes an organization’s security posture, as it is challenging to control or audit the cloud provider’s infrastructure in terms of the way the underlying risks are controlled and mitigated. Therefore, it is necessary that the organizations understand the new threats and risks introduced by the cloud technology. On the other hand we need to adopt, develop, and deploy mechanisms that can effectively and efficiently preserve the confidentiality and integrity of the data. In this paper we examine available cloud computing architectures, focusing on their security capabilities regarding the storage of the data. We then define a set of comparative criteria, so as to evaluate these architectures. Finally, we evaluate current commercial secure storage services, in order to demonstrate their strengths and weaknesses as well as their supported features and usability.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable Data Possession at Untrusted Stores. In: Proc. of the 14th ACM Conference on Computer and Communications Security, USA, pp. 598–609 (2007)

    Google Scholar 

  2. Ateniese, G., di Pietro, R., Mancini, V., Tsudik, G.: Scalable and efficient provable data possession. In: Proc. of the 4th International Conference on Security and Privacy in Communication Networks, Turkey (2008)

    Google Scholar 

  3. Juels, A., Kaliski, B.: Pors: Proofs of Retrievability for Large Files. In: Proc. of the 14th ACM Conference on Computer and Communications Security, USA, pp. 584–597 (2007)

    Google Scholar 

  4. Bowers, K., Juels, A., Oprea, A.: Proofs of Retrievability: Theory and implementation. In: Proc. of the 2009 ACM Workshop on Cloud Computing Security, USA, pp. 43–54 (2009)

    Google Scholar 

  5. Bowers, K., Juels, A., Oprea, A.: HAIL: A High-Availability and Integrity Layer for Cloud Storage. Cryptology ePrint Archive, Report 2008/489 (2008)

    Google Scholar 

  6. Wang, Q., Wang, K., Ren, W., Lou: Ensuring Data Storage Security in Cloud Computing. In: 17th IEEE International Workshop on Quality of Service (IWQoS 2009), USA (2009)

    Google Scholar 

  7. Erway, A., Kupcu, C., Papamanthou, R., Tamassia : Dynamic Provable Data Possession. In: Proc. of the 16th ACM Conference on Computer and Communications Security, USA, pp. 213–222 (2009)

    Google Scholar 

  8. Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  9. Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  10. Stoner, M., Greenan, K., Miller, E., Voruganti, K.: POTSHARDS: Secure Long-Term Storage without Encryption. In: Proc. of the USENIX Annual Technical Conference, USA, pp. 143–156 (2007)

    Google Scholar 

  11. Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Proc. of the Financial Cryptography: Workshop on Real-Life Cryptographic Protocols and Standardization, Spain (2010)

    Google Scholar 

  12. Wang, W., Li, Z., Owens, R., Bhargava, B.: Secure and Efficient Access to Outsourced Data. In: Proc. of the 2009 ACM Workshop on Cloud Computing Security, USA, pp. 55–66 (2009)

    Google Scholar 

  13. Aaram, Y., Chunhui, S., Yongdae, K.: On Protecting Integrity and Confidentiality of Cryptographic File System for Outsourced Storage. In: Proc. of the 2009 ACM Workshop on Cloud Computing Security, USA, pp. 67–76 (2009)

    Google Scholar 

  14. Goh, U.-J., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: Securing Remote Untrusted Storage. In: Proc. Network and Distributed Systems Security Symposium, USA, pp. 131–145 (2003)

    Google Scholar 

  15. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: Proc. of the 2nd Conference on File and Storage Technologies (FAST 2003), USA, pp. 29–42 (March 2003)

    Google Scholar 

  16. Li, J., Krohn, M., Mazieres, D., Shasha, D.: Secure Untrusted Data Repository. In: Proc. of the 6th Symposium on Operating Systems Design and Implementation (OSDI), USA, pp. 121–136 (2004)

    Google Scholar 

  17. Popa, A., Lorch, J., Molnar, D., Wang, H., Zhuang, L.: Enabling Security in Cloud Storage SLA with CloudProof. Microsoft Research, TechReport MSR-TR-2010-46 (May 2010)

    Google Scholar 

  18. Virvilis, N., Dritsas, S., Gritzalis, D.: A cloud provider-agnostic secure storage protocol. In: Proc. of the 5th International Conference on Critical Information Infrastructure Security (CRITIS-2010), Greece (September 2010)

    Google Scholar 

  19. Singh, A., Lin, L.: Sharoes: A Data Sharing Platform for Outsourced Enterprise Storage Environments. In: Proc. of Data Engineering 2008, pp. 993–1002. PRC (April 2008)

    Google Scholar 

  20. Dropbox (accessed February 2, 2011), https://www.dropbox.com/

  21. Sygarsync (accessed February 2, 2011), https://www.sugarsync.com/

  22. Wuala (accessed February 2, 2011), http://www.wuala.com/

  23. Spideroak (accessed February 2, 2011), https://spideroak.com/

  24. Ubuntu One (accessed February 2, 2011), https://one.ubuntu.com/

  25. Carbonite (accessed February 2, 2011), http://www.carbonite.com/

  26. Mozy (accessed February 2, 2011), http://mozy.ie

  27. Grolimund, D., Meisser, L., Schmid, S., Wattenhofer, R.: Cryptree: A folder tree structure for cryptographic file systems. In: Proc. of the 25th IEEE Symposium on Reliable Distributed Systems (SRDS 2006), pp. 189–198 (2006)

    Google Scholar 

  28. Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  29. Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: A view of cloud computing. Communications of the ACM 53(4) (April 2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security and Critical Infrastructure Protection Research Laboratory Dept. of Informatics, Athens University of Economics & Business (AUEB), 76 Patission Ave., Athens, GR-10434, Greece

    Nikos Virvilis, Stelios Dritsas & Dimitris Gritzalis

Authors
  1. Nikos Virvilis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stelios Dritsas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dimitris Gritzalis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing, Communications and Electronics, University of Plymouth, PL4 8AA, Plymouth, UK

    Steven Furnell

  2. Department of Digital Systems, University of Piraeus, 18532, Piraeus, Greece

    Costas Lambrinoudakis

  3. Department of Management Information Systems, University of Regensburg, Universitätsstraße 31, 93053, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Virvilis, N., Dritsas, S., Gritzalis, D. (2011). Secure Cloud Storage: Available Infrastructures and Architectures Review and Evaluation. In: Furnell, S., Lambrinoudakis, C., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2011. Lecture Notes in Computer Science, vol 6863. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22890-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22890-2_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22889-6

  • Online ISBN: 978-3-642-22890-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation