enhancing cloud computing security and privacy 2019-03-11آ  cloud computing paradigms are gaining...

Download Enhancing Cloud Computing Security and Privacy 2019-03-11آ  Cloud computing paradigms are gaining widespread

Post on 07-Feb-2020

0 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Enhancing Cloud Computing Security and

    Privacy

    Nabil Giweli

    A thesis submitted in fulfilment for the degree of

    Master of Science (Honours)

    School of Computing, Engineering and Mathematics

    University of Western Sydney

    2013

  • Publications from this Thesis

    N. Giweli, S. Shahrestani, and H. Cheung, "Enhancing Data Privacy and Access Anonymity in Cloud Computing," Communications of the IBIMA, vol. 2013 (2013), p. 10, 2013.

    URL:

    http://www.ibimapublishing.com/journals/CIBIMA/2013/462966/a462966.html

    N. Giweli, S. Shahrestani, and H. Cheung, "Cloud Computing: Preserving Data Privacy and Managing Access Control," presented at the 19th International Business Information Management Conference, Barcelona, Spain, 2012.

    URL: http://www.ibima.org/spain2012/papers/nabi.html

  • Copyright

    Permission is granted to use this work or any portion of it for any purpose as long as sufficient context is given around the citation to correctly explain the author’s original intent.

  • Dedication

    To my mother Zohra Banon and my father Mohamed Jawelli.

  • Acknowledgements

    I owe my deepest gratitude to my supervisor, Dr. Seyed Sharhestani, for his

    encouragement, guidance and support. If it was not for the motivation and the

    guidance of Dr. Seyed, completing this thesis would not have been possible. His

    suggestions helped me improve my problem solving capabilities and research skills.

    Thanks are further due to my Co-supervisor Dr. Hon Cheung, for his help in

    completing this thesis and for his continuing advice. I also thank him for providing

    me with valuable suggestions and comments during my work.

    I owe a lot to my colleagues in the Networking, Security, and Cloud Research group

    for encouragement and valuable discussions during this work.

    I warmly thank the School of Computing, Engineering and Mathematics, In

    particular, Noshir Bulsara, campus support officer and Bruce Kneale, systems

    specialist, for their help and technical support.

    Finally, I would like to thank my parents and family for all the sacrifice they have

    done for me in order to succeed throughout my life and particularly during the

    completion of this thesis.

  • Statement of Authentication

    I certify the work presented in this thesis is, to my best knowledge and belief,

    original except as acknowledged in this thesis. I hereby declare that I have not

    submitted this material, either in whole or in part, for a degree at this or any other

    institution.

    Nabil Giweli

  • i

    Table of Contents List of Figures ……………………………………………………………………. ivs

    List of Tables ……………………………………………………………………….v

    List of Acronyms …………………………………………………………………..vi

    Abstract ………………………………………………………………………..….viii

    Chapter 1: Introduction ................................................................................................ 1

    1.1 Motivations and Background ........................................................................ 1

    1.2 Research Objectives and Stages .................................................................... 2

    1.3 Research Scope and Questions ...................................................................... 3

    1.4 Research Outcomes ....................................................................................... 4

    1.5 Thesis Structure ............................................................................................. 6

    Chapter 2: Cloud Computing and Security .................................................................. 8

    2.1 Introduction ................................................................................................... 8

    2.2 Cloud Computing Definition and Characteristics ......................................... 8

    2.3 Cloud Computing Service Delivery Models ............................................... 10

    2.3.1 Software as a Service (SaaS)................................................................ 10

    2.3.2 Platform as a Service (PaaS) ................................................................ 11

    2.3.3 Infrastructure as a Service (IaaS) ......................................................... 11

    2.4 Cloud Computing Service Deployment Models ......................................... 12

    2.4.1 Private Cloud ........................................................................................ 12

    2.4.2 Community Cloud ................................................................................ 12

    2.4.3 Public Cloud ......................................................................................... 12

    2.4.4 Hybrid Cloud ........................................................................................ 13

    2.4.5 Virtual Private Cloud ........................................................................... 13

    2.5 Cloud Computing: Issues and Challenges ................................................... 13

    2.6 Trends and Directions of Solutions ............................................................. 17

    2.6.1 Protecting Data Privacy and Integrity from Cloud Providers .............. 18

    2.6.2 Cryptography Techniques Fitting the Cloud Model ............................ 20

    2.6.3 Trusted Computing (TC) ...................................................................... 21

    2.6.4 Data Centric Security (DCS) ................................................................ 21

    2.7 Summary ..................................................................................................... 22

  • ii

    Chapter 3: Data Centric Security Approach for Cloud Computing ........................... 23

    3.1 Introduction ................................................................................................. 23

    3.2 Data-Centric Security Approach ................................................................. 23

    3.2.1 Classifying Security Solutions for Cloud Computing .......................... 25

    3.2.2 DCS Characteristics ............................................................................. 32

    3.2.3 DCS Conceptual Framework ............................................................... 39

    3.3 DCS Expected Benefits ............................................................................... 43

    3.4 Challenges of Applying DCS Approach ..................................................... 45

    3.4.1 Challenges Related to Secure Access Control ..................................... 45

    3.4.2 Challenges Related to Queries and Search on Encrypted Data............ 47

    3.4.3 Challenges Related to Outsourcing Computation ................................ 48

    3.4.4 Challenges Related to Overhead and Performance .............................. 48

    3.5 Identifying the Scope of Applying the DCS Approach ............................... 49

    3.6 Essential Security Requirements for Public Cloud Storage ........................ 50

    3.6.1 Privacy Preserving of Data Sharing and Access Control ..................... 51

    3.6.2 Secure Searching on Encrypted Data ................................................... 55

    3.6.3 Data Integrity Proof.............................................................................. 58

    3.7 Evaluating the Reviewed Security Techniques ........................................... 59

    3.8 Summary ..................................................................................................... 62

    Chapter 4: A Data Centric Solution to Cloud Privacy and Security Issues ............... 64

    4.1 Introduction ................................................................................................. 64

    4.2 Chinese Remainder Theorem and its Applications ..................................... 65

    4.3 Cryptography Access Control and Key Sharing Using the CRT ................ 68

    4.3.1 Enhancing Keys and Files Security...................................................... 69

    4.3.2 Secure Access Control Procedure ........................................................ 70

    4.3.3 Granting and Revoking Procedure ....................................................... 73

    4.4 Secure Search Ability .................................................................................. 75

    4.5 Access Procedure with Secure Search Ability ............................................ 75

    4.6 Constructing a DCS file with Integrity and Authenticity Proofs ................. 77

    4.7 Privacy Preserving and Integrity of the Proposed Solution ........................ 79

    4.8 Summary ..................................................................................................... 80

    Chapter 5: Implementation Issues and Evaluation ..................................................... 81

    5.1 Introduction ..........................................................................

Recommended

View more >