survey on distributed secure data storage in cloud computingjoics.org/gallery/ics-1417.pdf2.1...
TRANSCRIPT
Survey on distributed secure data storage
in cloud computing
ATHIRA A R
Research Scholar
Department of Computer Science and Engineering
Vinayaka Mission‟s Kirupananda Variyar Engineering College
Vinayaka Mission Research Foundation, Salem
Dr. P SASIKALA
Associate professor / research supervisor
Department of Mathematics
Vinayaka Mission‟s Kirupananda Variyar Engineering College
Vinayaka Mission Research Foundation, Salem
Abstract: From the last decade, most of the individual end users and organizations are
exploiting online storage services to store their notable information for backup purposes. This
data is saved in the online storage system termed clouds. Later, this stored data is accessed
throughout the globe anyplace and anytime utilizing the internet. Nevertheless, as countless
personal data and information are sent via the cloud into social media sites namely Baidu
WangPan, DropBox, etc., data privacy and data security issues arise. Meanwhile, security and
privacy challenges are brought forward whilst the number of cloud storage user augments
tremendously. However, privacy and security issues proffer a strong difficulty for the users to
acclimatize into Cloud Computing (CC) systems. Lately, researchers paved attention on
distributed secure data storage in the CC environment utilizing disparate security and
cryptographic algorithms. This review paper emphasizes the modern studies concerning storage
methodologies in CC, some methods for ensuring data security in CC, dynamic ways of data
storage in CC, and optimum cloud storage system. Lastly, the performances of the research
studies are contrasted in respect of encryption time and also decryption time.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org600
1. INTRODUCTION
CC is the deliverance of computing services across the Internet. Cloud services permit businesses
and individuals to utilize hardware or software or both that are handled by 3rd
parties at distant
locations. Examples for such cloud services are i) social network sites, ii) online file storage, iii)
online-business applications and iv) webmail [1]. The CC model permits access to the computer
resources and information as of anyplace where a network connection exists. CC proffers a
shared set of resources, encompassing networks, data-storage space, computer processing power,
and specialized user and corporate applications [2, 3]. The CC architecture contains many cloud
constituents where each of them is loosely coupled [4]. The CC architecture comprises „2‟ parts:
a) Front end
b) Back end
Fig.1 depicts the graphical view of CC architecture:
Fig.1 Cloud computing architecture
The front end indicates the side which the client (computer user) sees. Moreover, the
second part termed back end specifies the „cloud‟ section of the system. The front end contains
the user‟s computer (or computer network) and the application requisite for accessing the CC
system. Not all CC systems contain the same specific user interface. Services say Web-based e-
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org601
mail programs hold the prevailing Web browsers like Firefox, Internet Explorer, et cetera Other
systems comprise ideal applications which proffer network access for the clients [5].
At its back end, there are disparate data storage systems, computers, and servers that
generate the „cloud‟ of computing services. Practically, a CC system could encompass any
computer program one can imagine, as of data processing to video games. Normally, every
application would contain its individual dedicated server [6].
The necessary principles of the CC are; a) the on-demand computing resources, b) a
“pay-as-you-go” business design for computing and c) information technology services that one
would use, d) elastic scaling, and e) eradication of up-fronting capital along with operational
expenses [7]. Security has a notable role in the cloud and the major concern over the internet to
serve all the services and benefits of it. The data secrecy on the network is attained by utilizing
cryptography which is the technique of hash functions and encryption [8].
1.1 Security Issues in Cloud computing
CC stands as a propitious technology with shared resources and less cost and it depends on pay
per use according to the user demand. Due to many characteristics, it has an effect on IT budget
and also an impact on security and privacy issues [9]. In this section, the security problems are
discussed. Disparate data security problems are evinced in Fig. 2,
Fig. 2 Various data security
a) Trust
Trust betwixt service providers and customer is the chief issue faced by CC nowadays. Customer
is never sure whether the Service is trustworthy or not, and whether his/her data is secure from
the intruders or not. The customer and Service provider are bound by the SLA (Service Level
Agreement) document. This is a type of agreement betwixt the customer and the service
provider; it contains the duties of service providers and their future plans [10].
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org602
b) Data Confidentiality
It is imperative for the users to save their confidential (personal) data on the cloud.
Authentication and also access control frameworks are utilized for ensuring such confidentiality.
The data confidentiality, access control and also authentication issues in CC are resolved by
augmenting the reliability of the cloud [11].
c) Data Availability
It means the recovery of users‟ data when an accident like damage, hard disk crash, or certain
other network failures occurs. The data storage over servers is a chief issue of users as cloud
vendors are administered by local laws. The cloud users should be cognizant of such laws [12].
d) Data Integrity
It is the utmost critical component in any information system. Normally, data integrity means
shielding the data as of unauthorized modification, fabrication or deletion. Handling the entity's
rights and admittance of certain enterprise resources assures that valuable services and data are
not abused, stolen or misappropriated [13].
e) Data privacy
Privacy indicates the competency of a group or individual to seclude them or their data (about
themselves) and then expose them selectively. The privacy-related problems differ as per
disparate cloud criteria [14].
Fig. 3 Structure model for cloud storage
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org603
1.2 Data Storage in Cloud Computing
Cloud storage stands as a complex system composed of network equipment, storage device,
server, application software, public access interface, access network and client program, which
provides business access and data storage services through application software with storage
device as the core [15]. In general, cloud storage system structure consists of four layers such as:
Storage layer, Basic management layer, Application interface layer, and Access layer [16]. Fig.3
delineates the detailed structure of the cloud data storage.
a) Access Layer: Any authorized user can access the cloud storage system through the standard
public application interface and enjoy cloud storage service. Access types and access methods
provided by cloud storage are the different results from the difference of operating units [17].
b) Application Layer: It is the outermost layer, which interacts directly with the user via an
application interface. It is accountable for providing services and handling service
configurations. The user-centric configuration information can be defined and stored with XML
[18].
c) Basic Management Layer: Cloud-centric storage management is a fundamental part that
saves data (difficult to achieve) in the cloud [19].
d) Storage Layer: The chief function of this layer is to comprehend logical virtualization
management of storage devices, centralized management of data, status monitoring of data and
system maintenance and update [20].
1.3 Aspects of Data Security
The biggest security issue of people when moving data to the cloud is related to the problem of
keeping data secure and confidential. In this respect, certain problems arise: who can create data,
where the data is stored, who can access and modify data, what happens when data is deleted,
how the back-up is done, how the data transfer occurs, etc. All of this is known as data security
lifecycle and it is displayed in Fig. 4,
Fig. 4 The data security lifecycle
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org604
This lifecycle also exists in the classic architecture but in the cloud environment, its
stages are much more complex. It poses high-level security risks and needs more careful
management. Furthermore, it is much more intricate for the cloud customer to effectually check
the data which handles practices of the cloud provider. Hence, the data is ought to be handled in
a precise way.
To resolve such risk, approaches like public key infrastructure, data encryption,
standardization of APIs, data dispersion, et cetera are proposed for the users in the form of
security measures for generating a trusted secure environment.
2. RELATED WORK
There are countless works that were done over the years in the domain of distributed data storage
on CC. The literature works centered on the security in CC are elucidated below.
2.1 Storage Techniques in Cloud Computing
Pitchai et al. [21] suggested a prototype of SEDFS (Searchable Encrypted Data File Sharing) to
augment the requisite storage and flexibility and to diminish the overhead ratio, security hazards,
cost and searching time. This prototype diminished the security issues utilizing the RSA
algorithm for executing encryption together with decryption. In this prototype, the data owners
(DO) would broadcast the public key to the existing cloud servers but the private key would be
shared to the data users. Experiential results examine the entire performance and this prototype
has not only augmented the efficacy but also diminished the searching time.
Yibin et al. [22] recommended a methodology termed intelligent cryptography, through which
the cloud servers could not directly attain partial data. This methodology utilized SA-EDS
(Security-Aware Efficient Distributed Storage) model which was modeled to attain an effectual
MDS (Mass Distributed Storage) service and top-most security protections. The data comprised
„2‟ parts that were allotted to „2‟ cloud servers, which was executed by AD2 (Alternative Data
Distribution) algorithm, SED2 (Secure Efficient Data Distributions) Algorithm, which was
modeled to spilt data for preventing sensitive data as of leaking on the cloud side utilizing
minimal costs. EDCon (Efficient Data Conflation) algorithm utilized a sensitive data retrieval
process since it required a decryption strategy.
Jiguo et al. [23] put forward ABE (Attribute-Based Encryption) for ensuring security and
attained reliable fine-grain file access control in the cloud storage scheme. Furthermore, this
strategy proffers a CPABE (Cipher-text Policy ABE) framework with effectual user revocation
for the cloud storage scheme. Moreover, CPABE has great computational cost because it linearly
elevates with the intricacy of this access scheme. To diminish this cost, this strategy outsourced
high-level computational load to a cloud service operator without disclosing secret keys and file
contents. The experiential outcome showed the comparatively less or constant computational
cost for the local device.
Anirudha et al. [24] propounded an optimized public auditing protocol for optimizing the CSS
(Cloud Storage Server) by storing HLA (Homomorphic Linear Authenticators) for users‟ data on
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org605
TPA‟s site. Subsequently, Chameleon Hashing and a modified Chameleon Authentication Tree
were utilized to execute effectual dynamic data up-dates on clients‟ data (on a cloud) with
support for the fine-grain and block-level updates. By detailed performance and security
analysis, this approach‟s performance was confirmed.
Qian et al. [25] recommended data dynamics and public auditability to facilitate storage security
on CC. This strategy first recognizes the intricacies and potential security issues of direct
extensions with full-dynamic data updates as of prior works and then evinced how to develop an
excellent verification strategy for the countless incorporation of „2‟ salient features in this
protocol model. To attain effectual data dynamics this strategy utilized the Merkle Hash Tree to
facilitate block-tag authentications. Extensive performance and security analysis evinced that the
recommended schemes were greatly, effectually and reliably secure.
Cong et al. [26] propounded a reliable disseminated storage integrity auditing strategy by
employing the disseminated erasure-coded and homomorphic token data for attaining a secured
and also dependable CSS. This strategy has a flexible and effectual disseminated scheme with
clear dynamic data support, encompassing block update, append and delete. This strategy
permitted clients to audit the cloud storage with a lightweight communication and even
computational cost. The auditing outcome assured strong CSS correctness guarantee and
achieved faster data error localization (which indicates the recognition of misbehaving server).
2.2 Dynamic Data Storage Way in Cloud Computing
Wei et al. [27] recommended an ODPDP (outsourced dynamic provable data possession)
approach, which moved frequent auditing process to an external auditor to diminish users‟
verifications overhead and proffered log audit strategy with a less computational burden for users
to avert as of dishonest auditor. In this approach, EHVT (Efficient Homo-morphic Verifiable
Tag) could significantly ameliorate computation efficacy in respect of exponentiation operation,
specifically for clients amid AuditLog and Store protocols. Security analysis and tests evinced
that this approach was notably secure and greatly efficient.
Maryam et al. [28] suggested an Energy-Effectual Dynamic Resource Management framework
grounded on Meta-Heuristic (MH) and also clustering algorithms in CC IaaS platforms. This
framework utilized K-means clustering (KMC) methodology and the MH micro-genetic
algorithm for the dynamic consolidation of VMs (Virtual Machines) to attain an energy-QoS
framework that was termed KMGA. Hence, the KMGA methodology was modeled to diminish
the total server power consumption in the cloud Datacenter as possible by ameliorating resource
utilization. Then, the suggested algorithm was employed for ameliorating the dynamic
consolidation to attain KMC and the minimal energy consumption methodology to assign the
cluster of autonomous tasks to the cluster resources effectually by sustaining the Make-span at
minimal value.
Bijolin et al. [29] put forward the disparate facets on dynamic and cost-aware data replication
methodology via optimization which recognizes the less volume of data replication information
which was needed to assure that the data availability augments with the elevation in the
replication process. DCR2S (Dynamic cost-aware re-replication and rebalancing Strategies) on
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org606
heterogeneous cloud infra-data centers had multiple phases in rebalancing the data. The data
availability had been observed in order that the replication cost could be balanced with adequate
load balancing approaches. Subsequently, the ameliorated and effectual Knapsack algorithm was
executed for optimizing the replication cost. The effectual multi-objective optimized replication
management could augment the system performance.
Tao et al. [30] propounded an approach termed DCCP (Dynamic Computation Co-relation
Placement). DCCP locates the data sets with higher dynamic computational correlations into the
same specific data center concerning the capacity- and I/O- loads of data centers, in order that
when computations were assigned for this data center, most datasets they process were stored
locally, and thereby the mean execution time were diminished. Fresh datasets were dynamically
disseminated into the utmost suitable data center. Several tests confirmed that DCCP could attain
the capacity- and statistic I/O- load balancing of data centers, meanwhile lessened the entire data
scheduling betwixt data centers as far as possible at an extremely lower time complexity, even as
the data centers along with datasets augmented.
Qiong et.al [31] recommended a multi-media CC platform data dynamic task scheduling
methodology in the multi-core condition. The multi-media CC platform data dynamic task
scheduling framework was introduced grounded on the models, and proffered presumed criteria
of task scheduling design, priority calculation stage, mapping stage and improved particle swarm
task scheduling stage as of the task to processor were passed through to complete the analysis of
this strategy. The tasks were distributed to the processor in accordance with certain rules, and
dynamic task scheduling results were given and optimized. The simulation experiential results
evinced that this methodology has extremely higher scheduling performance.
Cheng et al. [32] expounded a KAAC (Key-Aggregate Authentication Crypto-system) which
could create a constant-sized key that upholds reliable delegation of decryption rights for all
cipher textual data. The system was grounded on effectual (example, small-sized keys) and
secured (example, leakage-resilient) data sharing through dynamic cloud storage with small-
sized keys. In this system, DOs only disseminate a single key even though countless files were
saved in the cloud. Also, delegates could proffer a cloud server an authentication key for
admitting and downloading a specific sub-set of files.
Feng et al. [33] propounded a monotonic dynamic structure termed index logic table. This table
resisted delete-insert attack and avoided synchronization issue. Moreover, the table had lower
computational cost contrasted to Merkle-hash tree and had less storage cost contrasted to the
map-version table. This structure employed an identity-centric non-repudiable dynamical
provable data possession for cloud storage and proffered the security examination. This structure
could avert tampering cloud returned value attack utilizing Diffie-Hellman key agreement. This
structure was also effectual in dynamic operations in the storage space and computational cost
contrasted to other structures.
2.3 Optimal Cloud Storage System
Gregory et al. [34] paved attention on co-resident attacks, where users‟ sensitive data in one VM
could be accessed via side channels by certain other co-resident VM of malevolent attackers. In
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org607
this strategy, „3‟ aspects were concerned: i) a preset number of AVMs, ii) an arbitrary number of
AVMs, and iii) strategic attackers who normally decide the total AVMs to augment their benefit.
As delineated via examples, this strategy could effectually lessen the co-resident attacks via
diminishing users‟ costs or losses.
Arkaitz and Marty [35] formulated a framework for data allocation in CC. This framework was
primarily developed as a formal prototype to signify the concern of allotting resources to services
proffered by disparate cloud providers. Afterward, a data management system with the ILP
solver rendered a timely optimum solution to a specific data allocation issue. Subsequently, this
framework has 2 use cases, a) BLAST and b) MODIS that other restrictions and metrics
(monthly budget) could also be concerned.
Philipp et al. [36] presented a system design that utilizes multiple cloud-centric services to
comprehend cost-effectual and redundant storage. This design developed a global and local
optimization issue that regarded previously defined quality of service requisites and historical
data access information to pick a cost effectual storage solution. Moreover, this design proffered
an MH optimization methodology for global-level optimization. Extensive assessments
confirmed the gains of this work in contrast with top-notch approaches.
Anitha ponraj [37] propounded optimum VM placement algorithms for VM scheduling in CC.
This prototype comprises 5 steps say: a) Datacenter creation, b) VCreation, Queuing Model, c)
BCreation, and d) VM Allocation. In this prototype, the VM and data center were generated
grounded on the parameters and characteristics. Subsequently, the tasks were sent to the queue
grounded on the tasks‟ priority. The VMs were delivered to the broker. The VM which contain
minimal job completion times were allotted to that specified task.
Tao and Yukari [38] suggested an analytical prototype that chiefly encompasses „3‟ facets: (a) In
CC storage systems with the heterogeneous architectures, the assessment of data availability
needed the model of respective mathematical indicators.; (b) an optimum methodology for
establishing redundant blocks for the storage nodes; together with (c) Cloud storage process, it
was indispensable to ascertain the redundancy minimization for assuring quality indicators.
Chunlin et al. [39] formulated an integrated optimization of data placement. This optimization
was indicated by the incorporation of optimum placement of data blocks and the optimal task
scheduling to diminish the response time and computational delay for the submitted tasks and
augment users‟ experience in edge computing. In the optimum placement of data blocks, the data
blocks‟ values regarded the eminence of data blocks and the data storage capacity and also
replacement ratios of an edge server that would save such data blocks. Moreover, the
replacement cost for data blocks was concerned as an imperative constituent of data block
placement. This optimum placement strategy could avert replacing the placed data blocks
continually in order that the bandwidth overhead was diminished. In optimum task scheduling,
the containers were regarded as the light-weight resource unit for the services of user requests to
fully exploit the saved data in edge servers and elevated the services' performance of edge
servers. Lastly, extensive tests were made to value the task scheduling performance.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org608
Jun et al. [40] introduced an effectual framework termed DRAW (Data grouping aware data
placement). In this framework, the DRAW was modeled at rack-level hence it optimized the
grouping data dissemination within a rack. It comprised „3‟ parts: a) HDAG (Data Access
History Graph) to utilize system log files which learns the data grouping information; b) DGM
(Data Grouping Matrix) to gauge the grouping weights amongst the data and produce the
optimized data groupings; c) ODPA (Optimum Data Placement Algorithm) to generate the
optimum data placement. The Experiential results evinced that for 2 representative MapReduce
applications namely, Astrophysics and Genome Indexing, DRAW could notably augment the
throughput of local map task execution by up to 59.80 %, and diminish the execution time of
map phase by up to 41.70 %.
Mohammed et al. [41] formulated the cloud chiefly as a set of clients, HPN (high performances
compute nodes) and middleware control nodes. Here the HPNs signified the choices of advanced
computing methodologies in a heterogeneous cloud. In this methodology, the task allocation was
NP-complete, „2‟ heuristic algorithms centered on the GA and the HEFT were employed to
ascertain feasible solutions for huge issues. The examination of the outcomes proffered the
performances of a heterogeneous cloud system.
2.4 Approaches to Ensure Data Security in Cloud Computing
Sandeep [42] presented an integrated framework to assure data security in CC. This framework
had been structured to proffer complete data security. This framework was split into 2 phases.
Primary phase handled the transmitting process and also saved the data securely on the cloud.
Secondary phase handled the data retrieval as of cloud and evinced the creation of requests for
double authentication, data access, integrity, and verification of digital signature thereby offering
data for an authorized user on introducing all security aspects. This framework attained the
availability, integrity, and reliability of data traversing via cloud to user and DO to cloud.
Cong et al. [43] formulated an effectual scheme termed privacy-preserving public auditing
scheme for the data storage security on CC. This scheme utilized and uniquely integrated the
public key-centric homomorphic authenticator with arbitrary masking to attain the formulated
scheme. To uphold the effectual handling of multiple auditing tasks, this scheme should further
explore the method of bilinear aggregate signature to expand the main outcome in to multi-user
settings, where TPA (Third Party Auditor) could execute countless auditing tasks concomitantly.
Shucheng et al. [44] designed a fine-grain data access control on CC. This prototype utilized and
uniquely integrated 3 advanced cryptographic methodologies namely, a) KP-ABE (Key Policy-
ABE), b) lazy re-encryption along with c) PRE (Proxy ReEncryption). This design encrypted the
data files utilizing symmetric DEK (Data Encryption Key) and also encrypted the DEKs with
KP-ABE. Hence, the KP-ABE was competent to instantly enjoy fine-grain data access control
together with effectual operations say, new user grant and file deletion/creation. Formal security-
related proofs evinced that this prototype was utmost secure on standard cryptographic
prototypes.
Victor et al. [45] formulated a framework termed as CCAF (CC Adoption Framework) which
was customized to secure the cloud data. This framework delineated that CCAF multi-layer
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org609
security could shield data instantaneously and it contains 3 security layers: a) firewall with
access control; b) intrusion prevention along with identity management c) convergent encryption.
The CCAF could block approximately 9,919 Trojans and viruses and they could be eradicated in
seconds but the rests were isolated or quarantined. The tests confirmed, though the blocking
percentage could decrease for continual injection of Trojans and viruses, 97.430% of them could
be quarantined.
Malina et al. [46] propounded privacy-preserving security solutions for cloud services. However,
it employed the non-bilinear group signatures for ensuring the invalid users‟ authentication for
cloud services. This strategy utilized a protocol which comprises 5 phases: a) initialization, b)
registration, c) anonymous access, d) secure communication and e) revocation. Users employed
tamper-resistant devices amid the generation and also storing of user keys to shield against
collusion attacks.
Yuan et al. [47] recommended an effectual search model for an encrypted image by integrating
KMC and secured modular hashing, which could concurrently attain privacy-preserving of image
search and equivalent search accurateness to plaintext image. The encrypted image search model
employ secured modular hashing for encrypting feature vectors, which made the search intricacy
over ciphertext be constant with the search model over plaintext.
Analysis of approaches to ensure data security in CC is elucidated using table. 1
Table 1: Analysis of approaches to ensures data security in cloud computing
Researcher Name
and year Model Used Purpose Limitations
Cong et al. [43]
privacy-preserving
public auditing
model
Data storage
security in CC
A public auditing
protocol was
established for only
one user.
Shucheng et al. [44]
Combination of
three advanced
cryptographic
techniques.
Data access control
Encryption and
decryption accuracy
was low.
Victor et al. [45]
CC Adoption
Framework Securing cloud data
Security level was
low.
Yuan et al. [47] Search scheme
approach
Privacy-
preserving
Computation cost
was high.
2.5 Different Algorithms used for Distributed Secure Storage Data
Prabu and Vasudevan [48] presented privacy preservation facet by executing FH-ECC algorithm
(Fully Homomorphic–Elliptic Curve Cryptography). In this model, the actual data was encrypted
to attain cipher data utilizing ECC (Elliptic Curve Cryptography) which was employed for
elevating the data security. Subsequently, to employ the implicit multiplication and addition
processes on the encrypted data, the FH (Fully Homomorphic) function was executed. For
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org610
limiting the access on the data, the access policy verification was done, which assures the data
security. Lastly, the data was decrypted utilizing FH and ECC decryption operations.
Thangavel and Varalakshmi [49] developed an Enhanced El-Gamal cryptosystem (EEC). This
work ameliorated the randomization for key generation, decryption, and encryption as of the El-
Gamal cryptosystem. Primarily, the DO transmutes the unique ID of the Data User to a DNA
sequence termed as Data User sequence. The DO creates a random DNA sequence termed as DO
sequence. Subsequently, the DO encrypts the data with the DNA sequences utilizing DNA
cryptosystem and proffers a ciphertext file and key file. The ciphertext file was saved in the
cloud. The key file was encrypted with the public keys of the Data User which was created
utilizing the EEC. When the Data User requests the ciphertext from the cloud, it verifies the
Data. This model comprises 2 cryptosystems say, i) public key cryptosystem and ii) symmetric
key cryptosystem.
Miguel et al. [50] suggested (ABE and signing for security in the cloud (AES4SeC)) which was
a security model fully developed over crypto-graphic pairings. This model was employed to
facilitate 2 cryptographic engines: CPABE and the SSign (short signature). These 2 engines
permit signing and encrypting, respectively, the data uploaded to the cloud, hence proffering
integrity, confidentiality, authenticity services and also enforces access control methodology.
AES4SeC entirely averts the utilization of the PKI commonly requisite for an end-end
encryption methodology. The experiential results for the SSign and CP-ABE developments for
the asymmetric setting were presented.
Yaser et al. [51] recommended an effectual software-defined based model for data classification
on CC. This model sustained the integrity and even confidentiality of data amid the transmission
and also storage of data. It diminished the processing time consumed whilst encrypting the data.
Subsequently, by categorizing the data as per the confidentiality degree, it proffers maximal
flexibility and bandwidth utilization. Tests were made to appraise the recommended model. The
outcomes evinced that this model attained better processing time whilst ensuring data integrity
and confidentiality.
Manreet and Sandeep [52] proffered a cryptographic methodology that utilizes client-side data
encryption in order for encrypting the data before uploading it onto the end. This methodology
proffered security to the data uploaded by the DOs onto the cloud. It was a multi-fold symmetric-
key cryptography methodology which was reliant upon DNA cryptography. Its detailed design
was presented and contrasted to the prevailing symmetric-key algorithms (AES, DNA, Blowfish,
and DES). Moreover, the experiential results elucidate that this proffered algorithm performed
well on considering those traditional algorithms in respect of cipher-text size, throughput and
encryption time.
Muhammad et al. [53] presented a secured, robust, lightweight, and effectual strategy for data
exchange betwixt the media clouds and mobile users. In data hiding, this strategy regarded
HEVC (High-Efficiency Video Coding) together with Intra-encoded video streams in un-sliced
form as the source. It also upholds to instantaneous processing with power-saving restraint in
mind. AES (Advanced Encryption Standards) was employed as a base encryption methodology
by this scheme. The outcomes clearly evinced that this strategy outperformed AES-256 by
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org611
diminishing the processing time up to 4.760% and augmenting the data size up to 0.720%
approximately.
Xin et al. [54] propounded an identity and also attribute-centric signcryption algorithm for
ameliorating the storage security and remote data sharing. The proxy re-encryption method and
also multi-attribute authority centered signcryption methodology were utilized to attain collusion
resistant structure and fault-tolerant attributes management. In Healthcare system, an attribute-
centric signature, signcryption and encryption methods were separately employed to criteria of
disparate data security levels to hold data access effectually. Consequently, the security features
and the access efficacies of those algorithms were contrasted to other prevailing methods.
Subramanian and Leo [55] formulated an effectual architectural prototype with a yardstick
algorithm. It would facilitate the secured data sharing via dynamic index centered crypto-graphic
data slicing. This prototype was apt for decision making for the organizations and individuals in
the employment of multi-cloud storage services centered on trust.
Analysis of different algorithms used for distributed secure storage data is shown in table.2
Table 2: Analysis of different algorithms used for distributed secure storage data
Researcher Name
and year Model Used Purpose Limitations
Prabu and
Vasudevan [48]
FH-ECC
algorithm
Introduce a privacy
preservation
structure
Length of Public
key and Private Key
was low.
Thangavel and
Varalakshmi [49]
Alternative of DNA
crypto-system
Secure the actual
data
Efficiency of the
system was less.
Manreet and
Sandeep [52]
Cryptographic
technique
Encrypting
the data before
uploading them in
the cloud
While data
transmission it was
possible to perform
replay attack
Xin et al. [54]
Identification and
attribute
centric signcryption
algorithm
Ameliorate the
storage security and
also sharing of
distant data.
In re-encryption
process the
accuracy was low.
Subramanian and
Leo [55]
Architectural model
using a standard
algorithm.
Ameliorate the
secure data sharing
via dynamic index.
The features say,
non-repudiation and
dynamic symmetric
Encryption was not
regarded, so the
enhancement was
less.
Here, the performances of the data security methods are contrasted centered on encryption time
and also decryption time. The comparison graph is evinced in below Fig. 5 & Fig. 6.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org612
Fig. 5 Comparison of Encryption time for different data security methods
Fig. 5 examines the performances proffered by disparate data security methods like FH-ECC, E-
ABSC and MRSAC centered on encryption time. Lesser the encryption time of an algorithm,
higher would be its efficiency. The comparison delineates that the FH-ECC takes less time for
encrypting the key. Therefore, FH-ECC is more effectual than those algorithms.
Fig. 6 Comparison of Decryption time for different data security methods
Fig. 6 examines the performances proffered by various data security approaches centered on
decryption time. Lesser the decryption time of an algorithm, higher would be its efficiency. Fig.
6 delineates that the decryption of FH-ECC is higher than all other techniques.
3. CONCLUSION
CC is a propitious computing paradigm that permits users to share resources and data as of a
pool of disseminated computing as a service over Internet. CC passes the database and
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org613
application software to the huge data center where the data management and even services may
not be fully admirable. The security is a crucial facet of quality of service. This paper proffers a
literature survey on distributed secure data storage in CC and also discussed disparate
cryptographic algorithms security and their limitations. This literature work enlightens the
various prevailing methods storage security in CC such as, storage techniques in CC, dynamic
data storage way in CC, optimal cloud storage system, approaches for ensuring data security in
CC and different algorithms used for distributed secure data storage. For future work, certain
modification or improvements in the cryptographic algorithms are suggested for attaining well-
secure cloud storage system. It will be motivating in the upcoming years to compare the
performance of the storage security techniques.
REFERENCES
1. Shakeeba S. Khan, and R. R. Tuteja, “Security in cloud computing using cryptographic
algorithms”, International Journal of Innovative Research in Computer and
Communication Engineering, vol. 3, no. 1, pp. 148-155, 2015.
2. Nikita Sangwan, and Sunita Sangwan, “Ranked keyword search in cloud computing: an
innovative approach”, International Journal of Computer Science and Mobile Computing,
vol. 3, no. 6, pp. 24-27, 2014
3. Khandakar Ahmed, and Mark Gregory, “Integrating wireless sensor networks with cloud
computing”, In 2011 Seventh International Conference on Mobile Ad-hoc and Sensor
Networks, pp. 364-366. IEEE, 2011.
4. Anuradha Mishra, Suresh Kashyap, and K.N. Singh, “An overview of security and
privacy issues for cloud computing environment”, International Journal of Advanced
Research in Computer Science & Technology (IJARCST 2014), vol. 2, no. 2, 2014.
5. Pankaj Sareen, “Cloud computing: types, architecture, applications, concerns,
virtualization and role of it governance in cloud”, International Journal of Advanced
Research in Computer Science and Software Engineering, vol. 3, no. 3, 2013
6. Ravish Saggar, Shubhra Saggar, and Nidhi Khurana, “Cloud computing: designing
different system architecture depending on real-world examples”, International Journal of
Computer Science and Information Technologies, vol. 5, no. 4, pp. 5025-5029, 2014.
7. Gayatri Dhavale, Rajnish Kumar Baranwal, Kapil Nagare, and S.N. Zaware, “3-D
(Dimensional) security in cloud computing”, International Journal of Computer Science
and Information Technology Research, vol. 2, no. 2, pp: 47-52.
8. Noha MM AbdElnapi, Fatma A. Omara, and Nahla F. Omran, “A hybrid hashing security
algorithm for data storage on cloud computing”, International Journal of Computer
Science and Information Security, vol. 14, no. 4, pp. 175, 2016.
9. Alvi, F. A., B. S. Choudary, N. Jaferry, and E. Pathan, “A review on cloud computing
security issues & challenges”, Iaesjournal.com, vol. 2, 2012.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org614
10. Mohammed A. AlZain, Ben Soh, and Eric Pardede, “A new approach using redundancy
technique to improve security in cloud computing”, In Proceedings Title: 2012
International Conference on Cyber Security, Cyber Warfare and Digital Forensic
(CyberSec), pp. 230-235. IEEE, 2012.
11. Deyan Chen, and Hong Zhao, “Data security and privacy protection issues in cloud
computing”, In 2012 International Conference on Computer Science and Electronics
Engineering, vol. 1, pp. 647-651. IEEE, 2012.
12. Bhagawat, V., and A. Kumar, “Survey on data security issues in cloud environment”,
International Journal of Innovative Research in Advanced Engineering, vol. 2, no. 1, pp.
31-35, 2015.
13. Yunchuan Sun, Junsheng Zhang, Yongping Xiong, and Guangyu Zhu, “Data security and
privacy in cloud computing”, International Journal of Distributed Sensor Networks, vol.
10, no. 7, pp. 190903, 2014.
14. Mandeep Kaur Neha, and Satwinder Singh, “Issues of data security and privacy in cloud
computing”, International Journal of Software and Web Sciences, vol. 10, no. 1, pp. 47-
52, 2014.
15. Peng Jing, “A new model of data protection on cloud storage”, Journal of Networks, vol.
9, no. 3, pp. 666-672, 2014.
16. Ning Wang, “Analysis and research of data security policy based on cloud storage”,
In Advanced Materials Research, vol. 912, pp. 1160-1163. Trans Tech Publications,
2014.
17. Diao Zhe, Wang Qinghong, Su Naizheng, and Zhang Yuhan, “Study on data security
policy based on cloud storage”, In 2017 IEEE 3rd International Conference on Big Data
Security on Cloud (Bigdatasecurity), Ieee International Conference on High Performance
and Smart Computing (Hpsc), and Ieee International Conference on Intelligent Data and
Security (Ids), pp. 145-149. IEEE, 2017.
18. Amit Kr Mandal, Suvamoy Changder, Anirban Sarkar, and Narayan C. Debnath,
“Architecting software as a service for data centric cloud applications”, International
Journal of Grid and High Performance Computing (IJGHPC), vol. 6, no. 1, pp. 77-92,
2014.
19. Dejun Wang, “An efficient cloud storage model for heterogeneous cloud infrastructures”,
Procedia Engineering, vol. 23, pp. 510-515, 2011.
20. Shuying Li, and Ya Pan, “Study on secure data storage based on cloud computing”,
BTAIJ, vol. 10, no. 22, 2014.
21. Pitchai, R., S. Jayashri, and J. Raja, “Searchable encrypted data file sharing method using
public cloud service for secure storage in cloud computing”, Wireless Personal
Communications, vol. 90, no. 2, pp. 947-960, 2016.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org615
22. Yibin Li, Keke Gai, Longfei Qiu, Meikang Qiu, and Hui Zhao, “Intelligent cryptography
approach for secure distributed big data storage in cloud computing”, Information
Sciences, vol. 387, pp. 103-115, 2017.
23. Jiguo Li, Wei Yao, Yichen Zhang, Huiling Qian, and Jinguang Han, “Flexible and fine-
grained attribute-based data storage in cloud computing”, IEEE Transactions on Services
Computing, vol. 10, no. 5, pp. 785-796, 2017.
24. Anirudha Pratap Singh, and Syam Kumar Pasupuleti, “Optimized public auditing and
data dynamics for data storage security in cloud computing”, Procedia Computer Science,
vol. 93, pp. 751-759, 2016.
25. Qian Wang, Cong Wang, Kui Ren, Wenjing Lou, and Jin Li, “Enabling public
auditability and data dynamics for storage security in cloud computing”, IEEE
Transactions on Parallel and Distributed Systems, vol. 22, no. 5, pp. 847-859, 2011.
26. Cong Wang, Qian Wang, Kui Ren, Ning Cao, and Wenjing Lou, “Toward secure and
dependable storage services in cloud computing”, IEEE Transactions on Services
Computing, vol. 5, no. 2, pp. 220-232, 2012.
27. Guo W., H. Zhang, S. Qin et al., “Outsourced dynamic provable data possession with
batch update for secure cloud storage”, Future Generation Computer Systems, 2019.
28. Maryam Askarizade Haghighi, Mehrdad Maeen, and Majid Haghparast, “An Energy-
Efficient Dynamic Resource Management Approach Based on Clustering and Meta-
Heuristic Algorithms in Cloud Computing IaaS Platforms”, Wireless Personal
Communications, vol. 104, no. 4, pp. 1367-1391, 2019.
29. Bijolin Edwin, E., P. Umamaheswari, and M. Roshni Thanka, “An efficient and
improved multi-objective optimized replication management with dynamic and cost
aware strategies in cloud computing data center”, Cluster Computing, pp. 1-10, 2017.
30. Tao Wang, Shihong Yao, Zhengquan Xu, and Shan Jia, “DCCP: an effective data
placement strategy for data-intensive computations in distributed cloud computing
systems”, The Journal of Supercomputing, vol. 72, no. 7, pp. 2537-2564, 2016.
31. Qiong Wu, Guihe Qin, and Biaobing Huang, “The research of multimedia cloud
computing platform data dynamic task scheduling optimization method in multi core
environment”, Multimedia Tools and Applications, vol. 76, no. 16, pp. 17163-17178,
2017.
32. Cheng Guo, Ningqi Luo, Md Zakirul Alam Bhuiyan, Yingmo Jie, Yuanfang Chen, Bin
Feng, and Muhammad Alam, “Key-aggregate authentication cryptosystem for data
sharing in dynamic cloud storage”, Future Generation Computer Systems, vol. 84, pp.
190-199, 2018.
33. Feng Wang, Li Xu, Huaqun Wang, and Zhide Chen, “Identity-based non-repudiable
dynamic provable data possession in cloud storage”, Computers & Electrical
Engineering, vol. 69, pp. 521-533, 2018.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org616
34. Gregory Levitin, Liudong Xing, and Yuanshun Dai, “Optimal data partitioning in cloud
computing system with random server assignment”, Future Generation Computer
Systems, vol. 70, pp. 17-25, 2017.
35. Arkaitz Ruiz-Alvarez, and Marty Humphrey, “A model and decision procedure for data
storage in cloud computing”, In Proceedings of the 2012 12th IEEE/ACM International
Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012), pp. 572-579. IEEE
Computer Society, 2012.
36. Philipp Waibel, Johannes Matt, Christoph Hochreiner, Olena Skarlat, Ronny Hans, and
Stefan Schulte, “Cost-optimized redundant data storage in the cloud”, Service Oriented
Computing and Applications, vol. 11, no. 4, pp. 411-426, 2017.
37. Anitha Ponraj, “Optimistic virtual machine placement in cloud data centers using queuing
approach”, Future Generation Computer Systems, vol. 93, pp. 338-344, 2019.
38. Tao Shen, and Yukari Nagai, “Non-homogeneous distributed cloud storage system with
minimal redundancy in heterogeneous environment”, Measurement, 2018.
39. Chunlin Li, Jingpan Bai, and JianHang Tang, “Joint optimization of data placement and
scheduling for improving user experience in edge computing”, Journal of Parallel and
Distributed Computing, vol. 125, pp. 93-105, 2019.
40. Jun Wang, Pengju Shang, and Jiangling Yin, “Draw: A new data-grouping-aware data
placement scheme for data intensive applications with interest locality”, In Cloud
Computing for Data-Intensive Applications, pp. 149-174. Springer, New York, NY,
2014.
41. Mohammed S. Bensaleh, Yaman Sharaf-Dabbagh, Hazem Hajj, Mazen AR Saghir,
Haitham Akkary, Hassan Artail, Abdulfattah M. Obeid, and Syed Manzoor Qasim,
“Optimal task scheduling for distributed cluster with active storage devices and
accelerated nodes”, IEEE Access, vol. 6, pp. 48195-48209, 2018.
42. Sandeep K Sood, “A combined approach to ensure data security in cloud computing”,
Journal of Network and Computer Applications, vol. 35, no. 6, pp. 1831-1838, 2012.
43. Cong Wang, Qian Wang, Kui Ren, and Wenjing Lou, “Privacy-preserving public
auditing for data storage security in cloud computing”, In 2010 Proceedings Ieee
Infocom, pp. 1-9. IEEE, 2010.
44. Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou, “Achieving secure, scalable, and
fine-grained data access control in cloud computing”, In 2010 Proceedings IEEE
INFOCOM, pp. 1-9. IEEE, 2010.
45. Victor Chang, and Muthu Ramachandran, “Towards achieving data security with the
cloud computing adoption framework”, IEEE Transactions on Services Computing, vol.
9, no. 1, pp. 138-151, 2016.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org617
46. Lukas Malina, Jan Hajny, Petr Dzurenda, and Vaclav Zeman, “Privacy-preserving
security solution for cloud services”, Journal of Applied Research and Technology, vol.
13, no. 1, pp. 20-31, 2015.
47. Yuan Wang, Meixia Miao, Jian Shen, and Jianfeng Wang, “Towards efficient privacy-
preserving encrypted image search in cloud computing”, Soft Computing, vol. 23, no. 6,
pp. 2101-2112, 2019.
48. Prabu Kanna, G. and V. Vasudevan, “A fully homomorphic–elliptic curve cryptography
based encryption algorithm for ensuring the privacy preservation of the cloud data”,
Cluster Computing, pp. 1-9, 2018.
49. Thangavel, M., and P. Varalakshmi, “Enhanced DNA and ElGamal cryptosystem for
secure data storage and retrieval in cloud”, Cluster Computing, vol. 21, no. 2, pp. 1411-
1437, 2018.
50. Miguel Morales-Sandoval, Jose Luis Gonzalez-Compean, Arturo Diaz-Perez, and Victor
J. Sosa-Sosa, “A pairing-based cryptographic approach for data security in the cloud”,
International Journal of Information Security, vol. 17, no. 4, pp. 441-461, 2018.
51. Yaser Jararweh, Mahmoud Al-Ayyoub, and Houbing Song, “Software-defined systems
support for secure cloud computing based on data classification”, Annals of
Telecommunications, vol. 72, no. 5-6, pp. 335-345, 2017.
52. Manreet Sohal, and Sandeep Sharma, “BDNA-A DNA inspired symmetric key
cryptographic technique to secure cloud computing”, Journal of King Saud University-
Computer and Information Sciences, 2018.
53. Muhammad Usman, Mian Ahmad Jan, and Xiangjian He, “Cryptography-based secure
data storage and sharing using HEVC and public clouds”, Information Sciences, vol. 387,
pp. 90-102, 2017.
54. Xin Pei, Yongjian Wang, Wei Yao, Jiuchuan Lin, and Ruxiang Peng, “Security enhanced
attribute based signcryption for private data sharing in cloud”, In 2016 IEEE
Trustcom/BigDataSE/ISPA, pp. 737-743. IEEE, 2016.
55. Subramanian, K., and F. Leo John, “Dynamic data slicing in multi cloud storage using
cryptographic technique”, In 2017 World Congress on Computing and Communication
Technologies (WCCCT), pp. 159-161. IEEE, 2017.
56. Anbuchelian, S., C. M. Sowmya, and C. Ramesh, “Efficient and secure auditing scheme
for privacy preserving data storage in cloud”, Cluster Computing, pp. 1-9, 2017.
Journal of Information and Computational Science
Volume 9 Issue 9 - 2019
ISSN: 1548-7741
www.joics.org618