Skip to main content
SpringerLink
Log in

Lightweight secure storage model with fault-tolerance in cloud environment

  • Published:
Electronic Commerce Research Aims and scope Submit manuscript

Abstract

According to several surveys studied by both cloud computing providers and security solution providers, security concerns, in particular data security, are the main reasons for people’s reluctance to employ cloud computing. In this paper, we address the concern of data security by introducing SECRESO, a SEcure storage model for Cloud data based on REed-SOlomon code. In our proposed model, we enhance Reed-Solomon code with an extra security layer in which a password is always required to reconstruct data from its encoded blocks in the storage. In this way, without a correct password, unauthorized users cannot see the data, and hence the data is secure. Additionally, to support fault tolerance, we also introduce a log based data recovery scheme that allows data recovery without knowing the password. In this way, even though the recovered data can be incorrect, as soon as the password is provided, information from the log can be used to correct the data.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Aguilera, M. K., Janakiraman, R., Xu, L. (2010). Reliable and secure distributed storage using erasure codes. Technical report, Washington University in St. Louis.

  2. Aikebaier, A., Enokido, T., & Takizawa, M. (2011). rustworthy group making algorithm in distributed systems. Human-centric Computing and Information Sciences, 1(6), 1–15.

    Google Scholar 

  3. Almulla, S. A., Yeun, C. Y. (2011). New secure storage architecture for cloud computing. In Proceedings of the international conference on future information technology (FutureTech) (pp. 75–84).

  4. Best, R.M. (1980). Preventing software piracy with Crypto-microprocessors. In Proceedings of the spring COMPCON conference (pp. 466–469).

  5. Chun, B., Culler, D., Roscoe, T., Bavier, A., Peterson, L., Wawrzoniak, M., et al. (2003). Planetlab: An overlay testbed for broad-coverage services. ACM SIGCOMM Computer Communication Review, 33(3), 3–12.

    Article  Google Scholar 

  6. Cloud Security Alliance (2010). Top threats to cloud computing V1.0, March 2010. [Online]. https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.

  7. Crescenzo, G. D., Herranz, J., & Sez, G. (2010). On server trust in private proxy auctions. Journal of Electronic Commerce Research (ECR), 10(3—-4), 291–311.

    Article  Google Scholar 

  8. Dikaiakos, M. D., Katsaros, D., Mehra, P., & Vakali, A. (2009). Cloud computing: Distributed internet computing for it and scientific research. IEEE Internet Computing, 10(5), 10–13.

    Article  Google Scholar 

  9. Dimakis, A. G., Godfrey, P. B., Wu, Y., Wainwright, M., & Ramchandran, K. (2010). Network coding for distributed storage systems. IEEE Transactions on Information Theory, 56(9), 4539–4551.

    Article  Google Scholar 

  10. Guillou, L. C., Ugon, M., & Quisquater, J. J. (1992). The smart card: A standardized security device dedicated to public cryptology. Piscataway: IEEE Press.

    Google Scholar 

  11. Itani, W., Kayssi, A., Chehab, A. (2009). Privacy as a service: privacy-aware data storage and processing in cloud computing architectures. In Proceedings of the international conference on dependable, autonomic and secure computing (pp. 711–716).

  12. Jesus, T. I., Sherali, Z., & Jose, S. C. (2013). A lightweight secure mobile payment protocol for vehicular ad-hoc networks (VANETs). Journal of Electronic Commerce Research, 12, 97–123.

    Google Scholar 

  13. Kerr, R., & Cohen, R. (2010). TREET: The trust and reputation experimentation and evaluation testbed. Journal of Electronic Commerce Research, 10(3—-4), 271–290.

    Article  Google Scholar 

  14. Li, T., Yu, F., Lin, Y., Kong, X., & Yu, Y. (2011). Trusted computing dynamic attestation using a static analysis based behaviour model. Journal of Convergence, 2(1), 61–68.

    Google Scholar 

  15. Lin, H.Y., Tzeng, W.G. (2012). A secure Erasure code based cloud storage system with secure data forwarding. IEEE transactions on parallel and distributed systems (pp. 995–1003).

  16. Lin, H.Y., Tzeng, W.G., Lin, B.S. (2011). A decentralized repair mechanism for decentralized erasure code based storage systems. In Proceedings of the international conference on trust, security and privacy in comupting and communications (pp. 613–620).

  17. Mather, T. K. S. L. S. (2009). Cloud security and privacy: An enterprise perspective on risks and compliance. Cambridge: O’Reilly Media.

    Google Scholar 

  18. Papaioannou, T. G., & Stamoulis, G. D. (2010). A mechanism that provides incentives for truthful feedback in peer-to-peer systems. Journal of Electronic Commerce Research, 10(3—-4), 331–362.

    Article  Google Scholar 

  19. PlanetLab (2003). https://www.planet-lab.org/.

  20. Ponemon Institute (2011). Security of cloud computing providers study. White paper.

  21. Ristenpart, T., Tromer, E., Shacham, H., Savage, S. (2009). Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the cloud computing security conference (pp. 199–212).

  22. Santos, N., Gummadi, K.P., Rodrigues, R. (2009). Towards trusted cloud computing. In Proceedings of the conference on hot topics in cloud computing (HotCloud).

  23. Silas, S., Ezra, K., & Rajsingh, E. B. (2012). A novel fault tolerant service selection frameworkfor pervasive computing. Human-centric Computing and Information Sciences, 2(5), 1–14.

    Google Scholar 

  24. Speake, G. (2011). Securing the cloud: Cloud computer security techniques and tactics. Amsterdam: Elsevier.

    Google Scholar 

  25. Sqalli, M.H. (2011) EDoS-Shield: a two-steps mitigation tehcnique against EDoS attacks in cloud computing. In Proceedings of the international conference on utility and Cloud Computing (UCC) (pp. 49–56).

  26. Swamynathan, G., Almeroth, K. C., & Zhao, B. Y. (2010). The design of a reliable reputation system. Journal of Electronic Commerce Research, 10(3—-4), 239–270.

    Article  Google Scholar 

  27. Symantec (2011). State of cloud survey. White paper.

  28. Tahoe-LAFS (2007). https://tahoe-lafs.org/trac/tahoe-lafs.

  29. Wang, C., Wang, Q., Ren, K. (2009). Ensuring data storage security in cloud computing. In Proceedings of the International Workshop on Quality of Service (IWQoS) (pp. 1).

  30. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J. (2011). Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Transactions on parallel and distributed system (pp. 847–859).

  31. Xu, L. (2003). A general encryption scheme based on MDS Code. In Proceedings of the International Symposium on Information Theory (ISIT) (pp. 19–24).

  32. Yarlagadda, V. K., & Ramanujam, S. (2011). Data security in cloud computing. Journal of Computer and Mathmatical Sciences, 2(1), 15–23.

    Google Scholar 

  33. Yee, D. T. A. B (1994). Dyad: A system for using physically secure coprocessors. In Proceedings of the IP Workshop.

  34. Yu, S., Wang, C., Ren, K., Lou, W. (2010) Achieving secure, scalable, and fine-grained access control in cloud computing. In Proceedings of the conference on Information Communications (INFOCOM) (pp. 534–542).

  35. Zunnurhain, S.K. (2001). Security in cloud computing. In Proceedings of the international conference on security and management.

Download references

Author information

Authors and Affiliations

  1. Etisalat BT innovation Center (EBTIC), Khalifa University, Abu Dhabi, United Arab Emirates (UAE)

    Muhra Ahmed, Quang Hieu Vu & Rasool Asal

  2. Department of Electrical and Computer Engineering, Khalifa University, Abu Dhabi, United Arab Emirates (UAE)

    Hassan Al Muhairi & Chan Yeob Yeun

Authors
  1. Muhra Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Quang Hieu Vu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rasool Asal
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hassan Al Muhairi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chan Yeob Yeun
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Muhra Ahmed.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ahmed, M., Vu, Q.H., Asal, R. et al. Lightweight secure storage model with fault-tolerance in cloud environment. Electron Commer Res 14, 271–291 (2014). https://doi.org/10.1007/s10660-014-9140-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10660-014-9140-9

Keywords

Search

Navigation