MGPV: A novel and efficient scheme for secure data sharing among mobile users in the public cloud

https://doi.org/10.1016/j.future.2019.01.034Get rights and content

Highlights

  • Proposed a scheme for secure data sharing among mobile users in the public cloud.

  • Designed a collusion aware document storage technique to prevent various attacks.

  • Minimized the computational complexity incurred during the upload and download of documents.

  • Introduced a protocol to ensure the document confidentiality between data owner and data users.

Abstract

With the significant popularity and utility, the web services have uniquely emerged as a new paradigm shift to many enterprises such as banking, government applications, telecom sectors and other solution providers. When web services are integrated with cloud services, web services achieve more flexibility and performance. Hence, through a web service, a mobile phone user can upload sensitive documents to cloud and share them with employees and customers, but the security in the cloud is yet to be completely resolved. Recently, the authors Zhu and Jiang have securely shared group keys among cloud users without secure communication channels. But, we have recently proved that, the existing method is susceptible to man-in-the-middle attack and message modification attack. A new protocol termed as MGPV has been proposed in this research work which averts all the possible attacks. It minimizes the computation complexity and ensures that the documents are accessible only by valid group users. It ensures that even the group manager and the cloud cannot access the documents stored in the cloud. The experiments conducted on the mobile cloud environments reveal that this protocol is worthy of implementation in the real world scenarios.

Introduction

With the advent of customized web services, mobile phones and cloud storage, the secure sharing of sensitive documents among mobile users has become very common now-a-days [1], [2], [3], [4], [5], [6], [7]. It is more convenient for a mobile user to share a document with his peers through a web service. Because of the ubiquitous use of mobile phones and cloud computing, this scheme of sharing documents among the mobile user community is increasing exponentially day by day. In a typical context, a manager of a reputed company may want to share some sensitive documents with the employees of his company. Obviously, the manager would prefer to store the document from his mobile into the cloud using a web service due to the elastic nature and ease of use of cloud and web services [3], [4], [8], [9]. Though a web service is a viable option for mobile users to upload the documents, the documents if stored in a private file server, may need consistent support from maintenance personnels and security experts. But, if the user uploads a file to cloud storage, then the server maintenance and security issues are performed by cloud service providers. Additionally, the flexibility in computing, storage and licensing issues are vested with the cloud service providers themselves. Thus, web services when integrated with cloud services complement each other and emerge as a more powerful paradigm to solve the document storage and retrieval purposes.

Since the present day android powered mobile phones come with more than 2 GB of RAM and 2 GHz of computational capability, access to web services and storage applications in the cloud have become very handy [10], [11], [12], [13], [14]. Hence, if a web service is available, a manager (cloud user) shall upload the business related documents to the public cloud not only for easy storage and retrieval purposes, but for their sharing among other users as well [15].

In such a scenario, though many users attempt to utilize the sharing facilities through public cloud servers, attacks on the cloud storage by hackers and other fraudsters seem to be increasing in the recent past. It can be seen that, the attacks on the cloud and web services have been a matter of common scenario [16], [17], [18], [19], [20] which are yet to be completely resolved [21], [22]. Moreover, a mobile phone user can create hypersensitive documents through a web application. These documents are hosted in the cloud service which could be shared with their peer employees and valuable customers. In connection to this, since the data to the cloud passes through a public channel, the security concern is usually compromised in certain situations. Therefore, the clear idea and motivation behind this research work aims at resolving such security issues.

In this context, Zhu and Jiang in 2016 have proposed a collusion resistant scheme which enables the secure document storage and sharing among the members of a dynamic group in the public cloud [23]. They claimed that, without employing the secure communication channels, they can securely transfer the keys to the group users.

An attacker can make use of Man-in-the-Middle (MITM) attack and the message modification attack as cited in [24] to break the scheme proposed by Zhu and Jiang in [23]. Hence, in this research work, we have taken the attacks on the Zhu and Jiang’s work into consideration and proposed a novel collusion aware protocol which can be employed in a mobile user environment for enabling the mobile users to share documents through the public clouds without the fear of being fiddled with by attacker.

Following are the objectives of this novel research work. (1) To propose a novel collusion aware document storage technique called Modified Group key Protocol Version (MGPV) based on Zhu and Jiang’s scheme [23] which is free from MITM attack, message modification attack and other possible attacks, (2) To minimize the computational complexity incurred during the upload and download of document in the cloud server, (3) To introduce a novel protocol which ensures the document confidentiality between data owner and mobile cloud users even restricting the group manager and the cloud server from accessing the document.

The rest of this research contribution has been organized in such a way that Section 2 surveys the recent works in line with the proposed work which strive to share the data among other users in the cloud environments. The merits and limitations of the protocols under consideration have been analyzed. Section 3 presents the proposed protocol in the context of mobile cloud users and the cloud storage. Section 4 analyses the proposed protocol against the possible attacks and Section 5 provides a detailed discussion of the results obtained during the implementation of this research work. Finally, Section 6 concludes this research work.

Section snippets

A brief overview of the literature

The past literature can be spotted with numerous worthwhile secure methods which strives to improve security to group communication among multiple users. All of these schemes try to improvise upon the existing schemes in way or the other to enable secure group communication.

A past work proposed in 2003 by Kallahalla et al. is one such work which incurs an overhead due from frequent updating of the keys pertaining to various file blocks [8]. This work supports frequent join and leave operation

Proposed modified group key protocol version

The proposed protocol consists of the following five phases offered as appropriate web services. They are system initialization by the group manager, mobile user registration phase, file upload by the mobile user, file download by mobile user and the mobile user revocation phase. Also, the proposed protocol consists of three major entities such as mobile user (MU), group manager (GM) and the cloud service provider (CSP). The notations used in the proposed protocol are described in Table 1.

Security analysis of the proposed protocol

The proposed protocol has been designed in such a way that it is resistant to all the attacks. In this section, the security of MGPV protocol is provided during MITM attack, message modification attack and masquerading. Moreover, the proposed protocol is checked as to whether it preserves the forward and backward secrecies and ensures secure key distribution.

Results and discussion

The proposed scheme is compared with other existing schemes such as Mona proposed by Liu et al. [29], RBE method proposed by Zhou et al. [30], Delerablee et al.’s ODBE protocol [32], Liang et al.’s scheme [42] and Zhu and Jiang’s scheme [23]. The comparison of the security performance in Table 4 shows the capabilities provided by the proposed scheme.

The significance of the proposed MGPV protocol can be understood from the fact that, when a sensitive document is shared by an MU through GM, even

Conclusions

Well known cloud service providers such as Amazon, Google, Microsoft and others enable a mobile user to share a document with his peers securely through web services. In this context, based on the web services, a novel collusion attack resistant scheme called MGPV for ensuring the security of shared documents among a group of mobile users in the cloud storage has been proposed in this research work. This scheme is an improvised version of the protocol proposed by Zhu and Jiang for document

Acknowledgment

The authors are grateful to the Deanship of Scientific Research, King Saud University for funding through Vice Deanship of Scientific Research Chairs: Chair of Smart Cities Technology. Dr. Mohammad Mehedi Hassan is the corresponding author of this paper.

P. Vijayakumar completed his Ph.D in Computer Science and Engineering in Anna University Chennai in the year 2013. He completed Master of Engineering in the field of Computer Science and Engineering in Karunya Institute of Technology in the year 2005. He completed his Bachelor of Engineering under Madurai Kamarajar University in the year 2002. He is presently working as Assistant Professor at University College of Engineering, Tindivanam. He is guiding for many Ph.D scholars in the field of

References (42)

  • LiX. et al.

    The method and tool of cost analysis for cloud computing

  • VijayakumarP. et al.

    A new smartSMS protocol for secure SMS communication in m-health environment

    Comput. Electric. Eng.

    (2019)
  • KallahallaM. et al.

    Scalable secure file sharing on untrusted storage

  • BuyyaR. et al.

    InterCloud: Utility-oriented federation of cloud computing environments for scaling of application services

    LNCS

    (2010)
  • ZhangX. et al.

    Towards an elastic application model for augmenting the computing capabilities of mobile devices with cloud computing

    Mobile Netw. Appl.

    (2011)
  • GiurgiuI. et al.

    Calling the cloud: Enabling mobile phones as interfaces to cloud applications

  • JeongS. et al.

    Towards an elastic application model for augmenting computing capabilities of mobile platforms

  • HuangMin et al.

    Optimisation of mobile intelligent terminal data pre-processing methods for crowd sensing

    CAAI Trans. Intell. Technol. IET

    (2018)
  • M.R. Rahimi, J. Ren, C.H. Liu, A.V. Vasilakos, N. Venkatasubramanian, Mobile cloud computing: A survey, state of art...
  • BakshiA. et al.

    Securing cloud from DDoS attacks using intrusion detection system in virtual machine

  • JensenM. et al.

    On technical security issues in cloud computing

    • Cited by (6)

    P. Vijayakumar completed his Ph.D in Computer Science and Engineering in Anna University Chennai in the year 2013. He completed Master of Engineering in the field of Computer Science and Engineering in Karunya Institute of Technology in the year 2005. He completed his Bachelor of Engineering under Madurai Kamarajar University in the year 2002. He is presently working as Assistant Professor at University College of Engineering, Tindivanam. He is guiding for many Ph.D scholars in the field of network and cloud security. He has published various quality papers in the reputed journals like IEEE Transactions, Elsevier, Springer, IET, Taylor & Francis, Wiley etc. His main thrust research areas are Key management in Network Security and Multicasting in Computer Networks.

    S. Milton Ganesh is doing Ph.D in Anna University Chennai and has received his B.Tech in Information Technology in 2004 and Master of Engineering in Computer Science and Engineering in 2007. He is presently working as Assistant Professor in the Department of Computer Science and Engineering at University College of Engineering, Tindivanam. His areas of research are computer networks and mobile security.

    L. Jegatha Deborah completed Ph.D in Computer Science and Engineering in Anna University Chennai in 2013 and completed Master of Engineering in the field of Computer Science and Engineering in 2005. She completed Bachelor of Engineering in 2002. She is presently working as Assistant Professor in University College of Engineering Tindivanam and her research interests include database security and data mining.

    SK Hafizul Islam received the M.Sc. degree in Applied Mathematics from Vidyasagar University, Midnapore, India, in 2006, and the M.Tech. degree in Computer Application and the Ph.D. degree in Computer Science and Engineering in 2009 and 2013, respectively, from the Indian Institute of Technology [IIT (ISM)] Dhanbad, Jharkhand, India, under the INSPIRE Fellowship Ph.D. Program (funded by Department of Science and Technology, Government of India). He is currently an Assistant Professor with the Department of Computer Science and Engineering, Indian Institute of Information Technology Kalyani (IIIT Kalyani), West Bengal, India. Before joining the IIIT Kalyani, he was an Assistant Professor with the Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani (BITS Pilani), Rajasthan, India. He has more than five years of teaching and eight years of research experiences. He has authored or co-authored seventy five research papers in journals and conference proceedings of international reputes. His research interests include cryptography, information security, WSNs, IoT, and cloud computing. Dr. Islam is an Associate Editor for Wiley’s “International Journal of Communication Systems” and “Security and Privacy”. He was a reviewer in many reputed international journals and conferences. He was the recipient of the University Gold Medal, the S. D. Singha Memorial Endowment Gold Medal, and the Sabitri Parya Memorial Endowment Gold Medal from Vidyasagar University, in 2006. He was also the recipient of the University Gold Medal from IIT(ISM) Dhanbad in 2009 and the OPERA award from BITS Pilani in 2015. He is a senior member of the IEEE and a member of the ACM.

    Mohammad Mehedi Hassan is currently an Associate Professor of Information Systems Department in the College of Computer and Information Sciences (CCIS), King Saud University (KSU), Riyadh, Kingdom of Saudi Arabia. He received his Ph.D. degree in Computer Engineering from Kyung Hee University, South Korea in February 2011. He received Best Journal Paper Award from IEEE Systems Journal in 2018. He also received Excellence in Research Award from CCIS, KSU in 2015 and 2016. He also got Best Paper Award from CloudComp 2014 conference at China in 2014. He has published over 130+ research papers in the ISI-Indexed journals of international repute. He has served as, chair, and Technical Program Committee member in numerous reputed international conferences/workshops. He has also played role of the guest editor of several international ISI-indexed journals. He is currently an Associate Editor of IEEE Access Journal and Elsevier Computer and Electrical Engineering Journal. He has secured several national and international research grants in the domain of cloud computing and sensor network. His research areas of interest are cloud computing, multimedia cloud, Body sensor network, Internet of things, Big data, mobile cloud, cloud security, sensor network, 5G network, social network and publish/subscribe system.

    Abdulhameed Alelaiwi is an Associate Professor of Software Engg. Department, at the College of Computer and Information Sciences, King Fahad University. Riyadh, Saudi Arabia. He has authored and co-authored many publications including refereed IEEE/ACM/Springer journals, conference papers, books, and book chapters. His research interest includes IoT, Edge, Cloud, software testing analysis and design, cloud computing, and multimedia. He is a member of IEEE.

    Giancarlo Fortino is Full Professor of Computer Engineering at the Dept. of Informatics, Modeling, Electronics, and Systems of the University of Calabria (Unical), Italy. He received a Ph.D. in Computer Engineering from Unical in 2000. He is also guest professor at Wuhan University of Technology (Wuhan, China), high-end expert at HUST (China), and senior research fellow at the Italian National Research Council ICAR Institute. He is the director of the SPEME lab at Unical as well as co-chair of Joint labs on IoT established between Unical and WUT and SMU Chinese universities, respectively. His research interests include agent-based computing, wireless (body) sensor networks, and Internet of Things. He is author of over 400 papers in int’l journals, conferences and books. He is (founding) series editor of IEEE Press Book Series on Human-Machine Systems and EiC of Springer Internet of Things series and AE of many int’l journals such as IEEE TAC, IEEE THMS, IEEE IoTJ, IEEE SJ, IEEE SMCM, Information Fusion, JNCA, EAAI, etc. He is cofounder and CEO of SenSysCal S.r.l., a Unical spinoff focused on innovative IoT systems. Fortino is currently member of the IEEE SMCS BoG and of the IEEE Press BoG, and chair of the IEEE SMCS Italian Chapter.

    View full text
    © 2019 Elsevier B.V. All rights reserved.