Confidentiality protection model for securing data in cloud computing

Date
2017
Authors
Mwanyika, James Mwasela
Journal Title
Journal ISSN
Volume Title
Publisher
Strathmore University
Abstract
Cloud storage providers store the data in multiple servers maintained by hosting companies. This increases the risk of unauthorized access to the private data. Even though the cloud continues to gain popularity in usability and attraction, the problems lies with data confidentiality, loss of control, lack of trust, data theft and the fact that user data is stored in unencrypted format such as in the case of amazon 3 cloud storage servers. This research focuses on internal threats presented by cloud service providers. Using encryption techniques, the risk of unauthorized access can be controlled. In the proposed methodology, a user encrypts files with secret keys before uploading them into the cloud. Once encrypted, the file is stored in an encrypted format in the cloud. For a user to download files form the cloud, the file owner first accepts a request by an authorized user, and an application server provides an Access key. Using an access key, a user downloads data and uses a secret key to convert cipher text into a plain text. This technique ensures end-to end encryption and completely hides the data from cloud service providers hence maintain confidentiality. Implementation involved building an encryption application algorithm, for deployment on the user computer. The algorithm consists of a single encryption and hybrid encryption modules. A user selects either a single or hybrid encryption module from the application based on security level requirements of data to be uploaded to the cloud. The model consists of registration/login module, encryption module, uploading module, downloading module and decryption module. This research contributes to providing security to the data stored in the cloud, by encrypting the data before uploading it into the cloud. Data owner controls key management where generation, storage and distribution remain in his control. Data owners lack the courage to strategically outsource data storage to the cloud. However, once the trust issues between data owners and cloud service providers are addressed through the deployment of this model, there shall be some attitude change on the side of data owners towards the adoption of cloud storage usage and therefore bridging the trust issues existing between data owners and cloud service providers.
Description
Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Information Technology (MSIT) at Strathmore University
Keywords
Multi-cloud Architecture, Edu-Cloud Architecture Model, Cross-VM attack, Malicious System Administrator, Symmetric Key Algorithms
Citation