survey on distributed secure data storage in cloud computingjoics.org/gallery/ics-1417.pdf2.1...

Survey on distributed secure data storage

in cloud computing

ATHIRA A R

Research Scholar

Department of Computer Science and Engineering

Vinayaka Mission‟s Kirupananda Variyar Engineering College

Vinayaka Mission Research Foundation, Salem

[email protected]

Dr. P SASIKALA

Associate professor / research supervisor

Department of Mathematics

Vinayaka Mission‟s Kirupananda Variyar Engineering College

Vinayaka Mission Research Foundation, Salem

[email protected]

Abstract: From the last decade, most of the individual end users and organizations are

exploiting online storage services to store their notable information for backup purposes. This

data is saved in the online storage system termed clouds. Later, this stored data is accessed

throughout the globe anyplace and anytime utilizing the internet. Nevertheless, as countless

personal data and information are sent via the cloud into social media sites namely Baidu

WangPan, DropBox, etc., data privacy and data security issues arise. Meanwhile, security and

privacy challenges are brought forward whilst the number of cloud storage user augments

tremendously. However, privacy and security issues proffer a strong difficulty for the users to

acclimatize into Cloud Computing (CC) systems. Lately, researchers paved attention on

distributed secure data storage in the CC environment utilizing disparate security and

cryptographic algorithms. This review paper emphasizes the modern studies concerning storage

methodologies in CC, some methods for ensuring data security in CC, dynamic ways of data

storage in CC, and optimum cloud storage system. Lastly, the performances of the research

studies are contrasted in respect of encryption time and also decryption time.

Journal of Information and Computational Science

Volume 9 Issue 9 - 2019

ISSN: 1548-7741

www.joics.org600

1. INTRODUCTION

CC is the deliverance of computing services across the Internet. Cloud services permit businesses

and individuals to utilize hardware or software or both that are handled by 3rd

parties at distant

locations. Examples for such cloud services are i) social network sites, ii) online file storage, iii)

online-business applications and iv) webmail [1]. The CC model permits access to the computer

resources and information as of anyplace where a network connection exists. CC proffers a

shared set of resources, encompassing networks, data-storage space, computer processing power,

and specialized user and corporate applications [2, 3]. The CC architecture contains many cloud

constituents where each of them is loosely coupled [4]. The CC architecture comprises „2‟ parts:

a) Front end

b) Back end

Fig.1 depicts the graphical view of CC architecture:

Fig.1 Cloud computing architecture

The front end indicates the side which the client (computer user) sees. Moreover, the

second part termed back end specifies the „cloud‟ section of the system. The front end contains

the user‟s computer (or computer network) and the application requisite for accessing the CC

system. Not all CC systems contain the same specific user interface. Services say Web-based e-



ISSN: 1548-7741

www.joics.org601

mail programs hold the prevailing Web browsers like Firefox, Internet Explorer, et cetera Other

systems comprise ideal applications which proffer network access for the clients [5].

At its back end, there are disparate data storage systems, computers, and servers that

generate the „cloud‟ of computing services. Practically, a CC system could encompass any

computer program one can imagine, as of data processing to video games. Normally, every

application would contain its individual dedicated server [6].

The necessary principles of the CC are; a) the on-demand computing resources, b) a

“pay-as-you-go” business design for computing and c) information technology services that one

would use, d) elastic scaling, and e) eradication of up-fronting capital along with operational

expenses [7]. Security has a notable role in the cloud and the major concern over the internet to

serve all the services and benefits of it. The data secrecy on the network is attained by utilizing

cryptography which is the technique of hash functions and encryption [8].

1.1 Security Issues in Cloud computing

CC stands as a propitious technology with shared resources and less cost and it depends on pay

per use according to the user demand. Due to many characteristics, it has an effect on IT budget

and also an impact on security and privacy issues [9]. In this section, the security problems are

discussed. Disparate data security problems are evinced in Fig. 2,

Fig. 2 Various data security

a) Trust

Trust betwixt service providers and customer is the chief issue faced by CC nowadays. Customer

is never sure whether the Service is trustworthy or not, and whether his/her data is secure from

the intruders or not. The customer and Service provider are bound by the SLA (Service Level

Agreement) document. This is a type of agreement betwixt the customer and the service

provider; it contains the duties of service providers and their future plans [10].



ISSN: 1548-7741

www.joics.org602

b) Data Confidentiality

It is imperative for the users to save their confidential (personal) data on the cloud.

Authentication and also access control frameworks are utilized for ensuring such confidentiality.

The data confidentiality, access control and also authentication issues in CC are resolved by

augmenting the reliability of the cloud [11].

c) Data Availability

It means the recovery of users‟ data when an accident like damage, hard disk crash, or certain

other network failures occurs. The data storage over servers is a chief issue of users as cloud

vendors are administered by local laws. The cloud users should be cognizant of such laws [12].

d) Data Integrity

It is the utmost critical component in any information system. Normally, data integrity means

shielding the data as of unauthorized modification, fabrication or deletion. Handling the entity's

rights and admittance of certain enterprise resources assures that valuable services and data are

not abused, stolen or misappropriated [13].

e) Data privacy

Privacy indicates the competency of a group or individual to seclude them or their data (about

themselves) and then expose them selectively. The privacy-related problems differ as per

disparate cloud criteria [14].

Fig. 3 Structure model for cloud storage



ISSN: 1548-7741

www.joics.org603

1.2 Data Storage in Cloud Computing

Cloud storage stands as a complex system composed of network equipment, storage device,

server, application software, public access interface, access network and client program, which

provides business access and data storage services through application software with storage

device as the core [15]. In general, cloud storage system structure consists of four layers such as:

Storage layer, Basic management layer, Application interface layer, and Access layer [16]. Fig.3

delineates the detailed structure of the cloud data storage.

a) Access Layer: Any authorized user can access the cloud storage system through the standard

public application interface and enjoy cloud storage service. Access types and access methods

provided by cloud storage are the different results from the difference of operating units [17].

b) Application Layer: It is the outermost layer, which interacts directly with the user via an

application interface. It is accountable for providing services and handling service

configurations. The user-centric configuration information can be defined and stored with XML

[18].

c) Basic Management Layer: Cloud-centric storage management is a fundamental part that

saves data (difficult to achieve) in the cloud [19].

d) Storage Layer: The chief function of this layer is to comprehend logical virtualization

management of storage devices, centralized management of data, status monitoring of data and

system maintenance and update [20].

1.3 Aspects of Data Security

The biggest security issue of people when moving data to the cloud is related to the problem of

keeping data secure and confidential. In this respect, certain problems arise: who can create data,

where the data is stored, who can access and modify data, what happens when data is deleted,

how the back-up is done, how the data transfer occurs, etc. All of this is known as data security

lifecycle and it is displayed in Fig. 4,

Fig. 4 The data security lifecycle



ISSN: 1548-7741

www.joics.org604

This lifecycle also exists in the classic architecture but in the cloud environment, its

stages are much more complex. It poses high-level security risks and needs more careful

management. Furthermore, it is much more intricate for the cloud customer to effectually check

the data which handles practices of the cloud provider. Hence, the data is ought to be handled in

a precise way.

To resolve such risk, approaches like public key infrastructure, data encryption,

standardization of APIs, data dispersion, et cetera are proposed for the users in the form of

security measures for generating a trusted secure environment.

2. RELATED WORK

There are countless works that were done over the years in the domain of distributed data storage

on CC. The literature works centered on the security in CC are elucidated below.

2.1 Storage Techniques in Cloud Computing

Pitchai et al. [21] suggested a prototype of SEDFS (Searchable Encrypted Data File Sharing) to

augment the requisite storage and flexibility and to diminish the overhead ratio, security hazards,

cost and searching time. This prototype diminished the security issues utilizing the RSA

algorithm for executing encryption together with decryption. In this prototype, the data owners

(DO) would broadcast the public key to the existing cloud servers but the private key would be

shared to the data users. Experiential results examine the entire performance and this prototype

has not only augmented the efficacy but also diminished the searching time.

Yibin et al. [22] recommended a methodology termed intelligent cryptography, through which

the cloud servers could not directly attain partial data. This methodology utilized SA-EDS

(Security-Aware Efficient Distributed Storage) model which was modeled to attain an effectual

MDS (Mass Distributed Storage) service and top-most security protections. The data comprised

„2‟ parts that were allotted to „2‟ cloud servers, which was executed by AD2 (Alternative Data

Distribution) algorithm, SED2 (Secure Efficient Data Distributions) Algorithm, which was

modeled to spilt data for preventing sensitive data as of leaking on the cloud side utilizing

minimal costs. EDCon (Efficient Data Conflation) algorithm utilized a sensitive data retrieval

process since it required a decryption strategy.

Jiguo et al. [23] put forward ABE (Attribute-Based Encryption) for ensuring security and

attained reliable fine-grain file access control in the cloud storage scheme. Furthermore, this

strategy proffers a CPABE (Cipher-text Policy ABE) framework with effectual user revocation

for the cloud storage scheme. Moreover, CPABE has great computational cost because it linearly

elevates with the intricacy of this access scheme. To diminish this cost, this strategy outsourced

high-level computational load to a cloud service operator without disclosing secret keys and file

contents. The experiential outcome showed the comparatively less or constant computational

cost for the local device.

Anirudha et al. [24] propounded an optimized public auditing protocol for optimizing the CSS

(Cloud Storage Server) by storing HLA (Homomorphic Linear Authenticators) for users‟ data on



ISSN: 1548-7741

www.joics.org605

TPA‟s site. Subsequently, Chameleon Hashing and a modified Chameleon Authentication Tree

were utilized to execute effectual dynamic data up-dates on clients‟ data (on a cloud) with

support for the fine-grain and block-level updates. By detailed performance and security

analysis, this approach‟s performance was confirmed.

Qian et al. [25] recommended data dynamics and public auditability to facilitate storage security

on CC. This strategy first recognizes the intricacies and potential security issues of direct

extensions with full-dynamic data updates as of prior works and then evinced how to develop an

excellent verification strategy for the countless incorporation of „2‟ salient features in this

protocol model. To attain effectual data dynamics this strategy utilized the Merkle Hash Tree to

facilitate block-tag authentications. Extensive performance and security analysis evinced that the

recommended schemes were greatly, effectually and reliably secure.

Cong et al. [26] propounded a reliable disseminated storage integrity auditing strategy by

employing the disseminated erasure-coded and homomorphic token data for attaining a secured

and also dependable CSS. This strategy has a flexible and effectual disseminated scheme with

clear dynamic data support, encompassing block update, append and delete. This strategy

permitted clients to audit the cloud storage with a lightweight communication and even

computational cost. The auditing outcome assured strong CSS correctness guarantee and

achieved faster data error localization (which indicates the recognition of misbehaving server).

2.2 Dynamic Data Storage Way in Cloud Computing

Wei et al. [27] recommended an ODPDP (outsourced dynamic provable data possession)

approach, which moved frequent auditing process to an external auditor to diminish users‟

verifications overhead and proffered log audit strategy with a less computational burden for users

to avert as of dishonest auditor. In this approach, EHVT (Efficient Homo-morphic Verifiable

Tag) could significantly ameliorate computation efficacy in respect of exponentiation operation,

specifically for clients amid AuditLog and Store protocols. Security analysis and tests evinced

that this approach was notably secure and greatly efficient.

Maryam et al. [28] suggested an Energy-Effectual Dynamic Resource Management framework

grounded on Meta-Heuristic (MH) and also clustering algorithms in CC IaaS platforms. This

framework utilized K-means clustering (KMC) methodology and the MH micro-genetic

algorithm for the dynamic consolidation of VMs (Virtual Machines) to attain an energy-QoS

framework that was termed KMGA. Hence, the KMGA methodology was modeled to diminish

the total server power consumption in the cloud Datacenter as possible by ameliorating resource

utilization. Then, the suggested algorithm was employed for ameliorating the dynamic

consolidation to attain KMC and the minimal energy consumption methodology to assign the

cluster of autonomous tasks to the cluster resources effectually by sustaining the Make-span at

minimal value.

Bijolin et al. [29] put forward the disparate facets on dynamic and cost-aware data replication

methodology via optimization which recognizes the less volume of data replication information

which was needed to assure that the data availability augments with the elevation in the

replication process. DCR2S (Dynamic cost-aware re-replication and rebalancing Strategies) on



ISSN: 1548-7741

www.joics.org606

heterogeneous cloud infra-data centers had multiple phases in rebalancing the data. The data

availability had been observed in order that the replication cost could be balanced with adequate

load balancing approaches. Subsequently, the ameliorated and effectual Knapsack algorithm was

executed for optimizing the replication cost. The effectual multi-objective optimized replication

management could augment the system performance.

Tao et al. [30] propounded an approach termed DCCP (Dynamic Computation Co-relation

Placement). DCCP locates the data sets with higher dynamic computational correlations into the

same specific data center concerning the capacity- and I/O- loads of data centers, in order that

when computations were assigned for this data center, most datasets they process were stored

locally, and thereby the mean execution time were diminished. Fresh datasets were dynamically

disseminated into the utmost suitable data center. Several tests confirmed that DCCP could attain

the capacity- and statistic I/O- load balancing of data centers, meanwhile lessened the entire data

scheduling betwixt data centers as far as possible at an extremely lower time complexity, even as

the data centers along with datasets augmented.

Qiong et.al [31] recommended a multi-media CC platform data dynamic task scheduling

methodology in the multi-core condition. The multi-media CC platform data dynamic task

scheduling framework was introduced grounded on the models, and proffered presumed criteria

of task scheduling design, priority calculation stage, mapping stage and improved particle swarm

task scheduling stage as of the task to processor were passed through to complete the analysis of

this strategy. The tasks were distributed to the processor in accordance with certain rules, and

dynamic task scheduling results were given and optimized. The simulation experiential results

evinced that this methodology has extremely higher scheduling performance.

Cheng et al. [32] expounded a KAAC (Key-Aggregate Authentication Crypto-system) which

could create a constant-sized key that upholds reliable delegation of decryption rights for all

cipher textual data. The system was grounded on effectual (example, small-sized keys) and

secured (example, leakage-resilient) data sharing through dynamic cloud storage with small-

sized keys. In this system, DOs only disseminate a single key even though countless files were

saved in the cloud. Also, delegates could proffer a cloud server an authentication key for

admitting and downloading a specific sub-set of files.

Feng et al. [33] propounded a monotonic dynamic structure termed index logic table. This table

resisted delete-insert attack and avoided synchronization issue. Moreover, the table had lower

computational cost contrasted to Merkle-hash tree and had less storage cost contrasted to the

map-version table. This structure employed an identity-centric non-repudiable dynamical

provable data possession for cloud storage and proffered the security examination. This structure

could avert tampering cloud returned value attack utilizing Diffie-Hellman key agreement. This

structure was also effectual in dynamic operations in the storage space and computational cost

contrasted to other structures.

2.3 Optimal Cloud Storage System

Gregory et al. [34] paved attention on co-resident attacks, where users‟ sensitive data in one VM

could be accessed via side channels by certain other co-resident VM of malevolent attackers. In



ISSN: 1548-7741

www.joics.org607

this strategy, „3‟ aspects were concerned: i) a preset number of AVMs, ii) an arbitrary number of

AVMs, and iii) strategic attackers who normally decide the total AVMs to augment their benefit.

As delineated via examples, this strategy could effectually lessen the co-resident attacks via

diminishing users‟ costs or losses.

Arkaitz and Marty [35] formulated a framework for data allocation in CC. This framework was

primarily developed as a formal prototype to signify the concern of allotting resources to services

proffered by disparate cloud providers. Afterward, a data management system with the ILP

solver rendered a timely optimum solution to a specific data allocation issue. Subsequently, this

framework has 2 use cases, a) BLAST and b) MODIS that other restrictions and metrics

(monthly budget) could also be concerned.

Philipp et al. [36] presented a system design that utilizes multiple cloud-centric services to

comprehend cost-effectual and redundant storage. This design developed a global and local

optimization issue that regarded previously defined quality of service requisites and historical

data access information to pick a cost effectual storage solution. Moreover, this design proffered

an MH optimization methodology for global-level optimization. Extensive assessments

confirmed the gains of this work in contrast with top-notch approaches.

Anitha ponraj [37] propounded optimum VM placement algorithms for VM scheduling in CC.

This prototype comprises 5 steps say: a) Datacenter creation, b) VCreation, Queuing Model, c)

BCreation, and d) VM Allocation. In this prototype, the VM and data center were generated

grounded on the parameters and characteristics. Subsequently, the tasks were sent to the queue

grounded on the tasks‟ priority. The VMs were delivered to the broker. The VM which contain

minimal job completion times were allotted to that specified task.

Tao and Yukari [38] suggested an analytical prototype that chiefly encompasses „3‟ facets: (a) In

CC storage systems with the heterogeneous architectures, the assessment of data availability

needed the model of respective mathematical indicators.; (b) an optimum methodology for

establishing redundant blocks for the storage nodes; together with (c) Cloud storage process, it

was indispensable to ascertain the redundancy minimization for assuring quality indicators.

Chunlin et al. [39] formulated an integrated optimization of data placement. This optimization

was indicated by the incorporation of optimum placement of data blocks and the optimal task

scheduling to diminish the response time and computational delay for the submitted tasks and

augment users‟ experience in edge computing. In the optimum placement of data blocks, the data

blocks‟ values regarded the eminence of data blocks and the data storage capacity and also

replacement ratios of an edge server that would save such data blocks. Moreover, the

replacement cost for data blocks was concerned as an imperative constituent of data block

placement. This optimum placement strategy could avert replacing the placed data blocks

continually in order that the bandwidth overhead was diminished. In optimum task scheduling,

the containers were regarded as the light-weight resource unit for the services of user requests to

fully exploit the saved data in edge servers and elevated the services' performance of edge

servers. Lastly, extensive tests were made to value the task scheduling performance.



ISSN: 1548-7741

www.joics.org608

Jun et al. [40] introduced an effectual framework termed DRAW (Data grouping aware data

placement). In this framework, the DRAW was modeled at rack-level hence it optimized the

grouping data dissemination within a rack. It comprised „3‟ parts: a) HDAG (Data Access

History Graph) to utilize system log files which learns the data grouping information; b) DGM

(Data Grouping Matrix) to gauge the grouping weights amongst the data and produce the

optimized data groupings; c) ODPA (Optimum Data Placement Algorithm) to generate the

optimum data placement. The Experiential results evinced that for 2 representative MapReduce

applications namely, Astrophysics and Genome Indexing, DRAW could notably augment the

throughput of local map task execution by up to 59.80 %, and diminish the execution time of

map phase by up to 41.70 %.

Mohammed et al. [41] formulated the cloud chiefly as a set of clients, HPN (high performances

compute nodes) and middleware control nodes. Here the HPNs signified the choices of advanced

computing methodologies in a heterogeneous cloud. In this methodology, the task allocation was

NP-complete, „2‟ heuristic algorithms centered on the GA and the HEFT were employed to

ascertain feasible solutions for huge issues. The examination of the outcomes proffered the

performances of a heterogeneous cloud system.

2.4 Approaches to Ensure Data Security in Cloud Computing

Sandeep [42] presented an integrated framework to assure data security in CC. This framework

had been structured to proffer complete data security. This framework was split into 2 phases.

Primary phase handled the transmitting process and also saved the data securely on the cloud.

Secondary phase handled the data retrieval as of cloud and evinced the creation of requests for

double authentication, data access, integrity, and verification of digital signature thereby offering

data for an authorized user on introducing all security aspects. This framework attained the

availability, integrity, and reliability of data traversing via cloud to user and DO to cloud.

Cong et al. [43] formulated an effectual scheme termed privacy-preserving public auditing

scheme for the data storage security on CC. This scheme utilized and uniquely integrated the

public key-centric homomorphic authenticator with arbitrary masking to attain the formulated

scheme. To uphold the effectual handling of multiple auditing tasks, this scheme should further

explore the method of bilinear aggregate signature to expand the main outcome in to multi-user

settings, where TPA (Third Party Auditor) could execute countless auditing tasks concomitantly.

Shucheng et al. [44] designed a fine-grain data access control on CC. This prototype utilized and

uniquely integrated 3 advanced cryptographic methodologies namely, a) KP-ABE (Key Policy-

ABE), b) lazy re-encryption along with c) PRE (Proxy ReEncryption). This design encrypted the

data files utilizing symmetric DEK (Data Encryption Key) and also encrypted the DEKs with

KP-ABE. Hence, the KP-ABE was competent to instantly enjoy fine-grain data access control

together with effectual operations say, new user grant and file deletion/creation. Formal security-

related proofs evinced that this prototype was utmost secure on standard cryptographic

prototypes.

Victor et al. [45] formulated a framework termed as CCAF (CC Adoption Framework) which

was customized to secure the cloud data. This framework delineated that CCAF multi-layer



ISSN: 1548-7741

www.joics.org609

security could shield data instantaneously and it contains 3 security layers: a) firewall with

access control; b) intrusion prevention along with identity management c) convergent encryption.

The CCAF could block approximately 9,919 Trojans and viruses and they could be eradicated in

seconds but the rests were isolated or quarantined. The tests confirmed, though the blocking

percentage could decrease for continual injection of Trojans and viruses, 97.430% of them could

be quarantined.

Malina et al. [46] propounded privacy-preserving security solutions for cloud services. However,

it employed the non-bilinear group signatures for ensuring the invalid users‟ authentication for

cloud services. This strategy utilized a protocol which comprises 5 phases: a) initialization, b)

registration, c) anonymous access, d) secure communication and e) revocation. Users employed

tamper-resistant devices amid the generation and also storing of user keys to shield against

collusion attacks.

Yuan et al. [47] recommended an effectual search model for an encrypted image by integrating

KMC and secured modular hashing, which could concurrently attain privacy-preserving of image

search and equivalent search accurateness to plaintext image. The encrypted image search model

employ secured modular hashing for encrypting feature vectors, which made the search intricacy

over ciphertext be constant with the search model over plaintext.

Analysis of approaches to ensure data security in CC is elucidated using table. 1

Table 1: Analysis of approaches to ensures data security in cloud computing

Researcher Name

and year Model Used Purpose Limitations

Cong et al. [43]

privacy-preserving

public auditing

model

Data storage

security in CC

A public auditing

protocol was

established for only

one user.

Shucheng et al. [44]

Combination of

three advanced

cryptographic

techniques.

Data access control

Encryption and

decryption accuracy

was low.

Victor et al. [45]

CC Adoption

Framework Securing cloud data

Security level was

low.

Yuan et al. [47] Search scheme

approach

Privacy-

preserving

Computation cost

was high.

2.5 Different Algorithms used for Distributed Secure Storage Data

Prabu and Vasudevan [48] presented privacy preservation facet by executing FH-ECC algorithm

(Fully Homomorphic–Elliptic Curve Cryptography). In this model, the actual data was encrypted

to attain cipher data utilizing ECC (Elliptic Curve Cryptography) which was employed for

elevating the data security. Subsequently, to employ the implicit multiplication and addition

processes on the encrypted data, the FH (Fully Homomorphic) function was executed. For



ISSN: 1548-7741

www.joics.org610

limiting the access on the data, the access policy verification was done, which assures the data

security. Lastly, the data was decrypted utilizing FH and ECC decryption operations.

Thangavel and Varalakshmi [49] developed an Enhanced El-Gamal cryptosystem (EEC). This

work ameliorated the randomization for key generation, decryption, and encryption as of the El-

Gamal cryptosystem. Primarily, the DO transmutes the unique ID of the Data User to a DNA

sequence termed as Data User sequence. The DO creates a random DNA sequence termed as DO

sequence. Subsequently, the DO encrypts the data with the DNA sequences utilizing DNA

cryptosystem and proffers a ciphertext file and key file. The ciphertext file was saved in the

cloud. The key file was encrypted with the public keys of the Data User which was created

utilizing the EEC. When the Data User requests the ciphertext from the cloud, it verifies the

Data. This model comprises 2 cryptosystems say, i) public key cryptosystem and ii) symmetric

key cryptosystem.

Miguel et al. [50] suggested (ABE and signing for security in the cloud (AES4SeC)) which was

a security model fully developed over crypto-graphic pairings. This model was employed to

facilitate 2 cryptographic engines: CPABE and the SSign (short signature). These 2 engines

permit signing and encrypting, respectively, the data uploaded to the cloud, hence proffering

integrity, confidentiality, authenticity services and also enforces access control methodology.

AES4SeC entirely averts the utilization of the PKI commonly requisite for an end-end

encryption methodology. The experiential results for the SSign and CP-ABE developments for

the asymmetric setting were presented.

Yaser et al. [51] recommended an effectual software-defined based model for data classification

on CC. This model sustained the integrity and even confidentiality of data amid the transmission

and also storage of data. It diminished the processing time consumed whilst encrypting the data.

Subsequently, by categorizing the data as per the confidentiality degree, it proffers maximal

flexibility and bandwidth utilization. Tests were made to appraise the recommended model. The

outcomes evinced that this model attained better processing time whilst ensuring data integrity

and confidentiality.

Manreet and Sandeep [52] proffered a cryptographic methodology that utilizes client-side data

encryption in order for encrypting the data before uploading it onto the end. This methodology

proffered security to the data uploaded by the DOs onto the cloud. It was a multi-fold symmetric-

key cryptography methodology which was reliant upon DNA cryptography. Its detailed design

was presented and contrasted to the prevailing symmetric-key algorithms (AES, DNA, Blowfish,

and DES). Moreover, the experiential results elucidate that this proffered algorithm performed

well on considering those traditional algorithms in respect of cipher-text size, throughput and

encryption time.

Muhammad et al. [53] presented a secured, robust, lightweight, and effectual strategy for data

exchange betwixt the media clouds and mobile users. In data hiding, this strategy regarded

HEVC (High-Efficiency Video Coding) together with Intra-encoded video streams in un-sliced

form as the source. It also upholds to instantaneous processing with power-saving restraint in

mind. AES (Advanced Encryption Standards) was employed as a base encryption methodology

by this scheme. The outcomes clearly evinced that this strategy outperformed AES-256 by



ISSN: 1548-7741

www.joics.org611

diminishing the processing time up to 4.760% and augmenting the data size up to 0.720%

approximately.

Xin et al. [54] propounded an identity and also attribute-centric signcryption algorithm for

ameliorating the storage security and remote data sharing. The proxy re-encryption method and

also multi-attribute authority centered signcryption methodology were utilized to attain collusion

resistant structure and fault-tolerant attributes management. In Healthcare system, an attribute-

centric signature, signcryption and encryption methods were separately employed to criteria of

disparate data security levels to hold data access effectually. Consequently, the security features

and the access efficacies of those algorithms were contrasted to other prevailing methods.

Subramanian and Leo [55] formulated an effectual architectural prototype with a yardstick

algorithm. It would facilitate the secured data sharing via dynamic index centered crypto-graphic

data slicing. This prototype was apt for decision making for the organizations and individuals in

the employment of multi-cloud storage services centered on trust.

Analysis of different algorithms used for distributed secure storage data is shown in table.2

Table 2: Analysis of different algorithms used for distributed secure storage data

Researcher Name

and year Model Used Purpose Limitations

Prabu and

Vasudevan [48]

FH-ECC

algorithm

Introduce a privacy

preservation

structure

Length of Public

key and Private Key

was low.

Thangavel and

Varalakshmi [49]

Alternative of DNA

crypto-system

Secure the actual

data

Efficiency of the

system was less.

Manreet and

Sandeep [52]

Cryptographic

technique

Encrypting

the data before

uploading them in

the cloud

While data

transmission it was

possible to perform

replay attack

Xin et al. [54]

Identification and

attribute

centric signcryption

algorithm

Ameliorate the

storage security and

also sharing of

distant data.

In re-encryption

process the

accuracy was low.

Subramanian and

Leo [55]

Architectural model

using a standard

algorithm.

Ameliorate the

secure data sharing

via dynamic index.

The features say,

non-repudiation and

dynamic symmetric

Encryption was not

regarded, so the

enhancement was

less.

Here, the performances of the data security methods are contrasted centered on encryption time

and also decryption time. The comparison graph is evinced in below Fig. 5 & Fig. 6.



ISSN: 1548-7741

www.joics.org612

Fig. 5 Comparison of Encryption time for different data security methods

Fig. 5 examines the performances proffered by disparate data security methods like FH-ECC, E-

ABSC and MRSAC centered on encryption time. Lesser the encryption time of an algorithm,

higher would be its efficiency. The comparison delineates that the FH-ECC takes less time for

encrypting the key. Therefore, FH-ECC is more effectual than those algorithms.

Fig. 6 Comparison of Decryption time for different data security methods

Fig. 6 examines the performances proffered by various data security approaches centered on

decryption time. Lesser the decryption time of an algorithm, higher would be its efficiency. Fig.

6 delineates that the decryption of FH-ECC is higher than all other techniques.

3. CONCLUSION

CC is a propitious computing paradigm that permits users to share resources and data as of a

pool of disseminated computing as a service over Internet. CC passes the database and



ISSN: 1548-7741

www.joics.org613

application software to the huge data center where the data management and even services may

not be fully admirable. The security is a crucial facet of quality of service. This paper proffers a

literature survey on distributed secure data storage in CC and also discussed disparate

cryptographic algorithms security and their limitations. This literature work enlightens the

various prevailing methods storage security in CC such as, storage techniques in CC, dynamic

data storage way in CC, optimal cloud storage system, approaches for ensuring data security in

CC and different algorithms used for distributed secure data storage. For future work, certain

modification or improvements in the cryptographic algorithms are suggested for attaining well-

secure cloud storage system. It will be motivating in the upcoming years to compare the

performance of the storage security techniques.

REFERENCES

1. Shakeeba S. Khan, and R. R. Tuteja, “Security in cloud computing using cryptographic

algorithms”, International Journal of Innovative Research in Computer and

Communication Engineering, vol. 3, no. 1, pp. 148-155, 2015.

2. Nikita Sangwan, and Sunita Sangwan, “Ranked keyword search in cloud computing: an

innovative approach”, International Journal of Computer Science and Mobile Computing,

vol. 3, no. 6, pp. 24-27, 2014

3. Khandakar Ahmed, and Mark Gregory, “Integrating wireless sensor networks with cloud

computing”, In 2011 Seventh International Conference on Mobile Ad-hoc and Sensor

Networks, pp. 364-366. IEEE, 2011.

4. Anuradha Mishra, Suresh Kashyap, and K.N. Singh, “An overview of security and

privacy issues for cloud computing environment”, International Journal of Advanced

Research in Computer Science & Technology (IJARCST 2014), vol. 2, no. 2, 2014.

5. Pankaj Sareen, “Cloud computing: types, architecture, applications, concerns,

virtualization and role of it governance in cloud”, International Journal of Advanced

Research in Computer Science and Software Engineering, vol. 3, no. 3, 2013

6. Ravish Saggar, Shubhra Saggar, and Nidhi Khurana, “Cloud computing: designing

different system architecture depending on real-world examples”, International Journal of

Computer Science and Information Technologies, vol. 5, no. 4, pp. 5025-5029, 2014.

7. Gayatri Dhavale, Rajnish Kumar Baranwal, Kapil Nagare, and S.N. Zaware, “3-D

(Dimensional) security in cloud computing”, International Journal of Computer Science

and Information Technology Research, vol. 2, no. 2, pp: 47-52.

8. Noha MM AbdElnapi, Fatma A. Omara, and Nahla F. Omran, “A hybrid hashing security

algorithm for data storage on cloud computing”, International Journal of Computer

Science and Information Security, vol. 14, no. 4, pp. 175, 2016.

9. Alvi, F. A., B. S. Choudary, N. Jaferry, and E. Pathan, “A review on cloud computing

security issues & challenges”, Iaesjournal.com, vol. 2, 2012.



ISSN: 1548-7741

www.joics.org614

10. Mohammed A. AlZain, Ben Soh, and Eric Pardede, “A new approach using redundancy

technique to improve security in cloud computing”, In Proceedings Title: 2012

International Conference on Cyber Security, Cyber Warfare and Digital Forensic

(CyberSec), pp. 230-235. IEEE, 2012.

11. Deyan Chen, and Hong Zhao, “Data security and privacy protection issues in cloud

computing”, In 2012 International Conference on Computer Science and Electronics

Engineering, vol. 1, pp. 647-651. IEEE, 2012.

12. Bhagawat, V., and A. Kumar, “Survey on data security issues in cloud environment”,

International Journal of Innovative Research in Advanced Engineering, vol. 2, no. 1, pp.

31-35, 2015.

13. Yunchuan Sun, Junsheng Zhang, Yongping Xiong, and Guangyu Zhu, “Data security and

privacy in cloud computing”, International Journal of Distributed Sensor Networks, vol.

10, no. 7, pp. 190903, 2014.

14. Mandeep Kaur Neha, and Satwinder Singh, “Issues of data security and privacy in cloud

computing”, International Journal of Software and Web Sciences, vol. 10, no. 1, pp. 47-

52, 2014.

15. Peng Jing, “A new model of data protection on cloud storage”, Journal of Networks, vol.

9, no. 3, pp. 666-672, 2014.

16. Ning Wang, “Analysis and research of data security policy based on cloud storage”,

In Advanced Materials Research, vol. 912, pp. 1160-1163. Trans Tech Publications,

2014.

17. Diao Zhe, Wang Qinghong, Su Naizheng, and Zhang Yuhan, “Study on data security

policy based on cloud storage”, In 2017 IEEE 3rd International Conference on Big Data

Security on Cloud (Bigdatasecurity), Ieee International Conference on High Performance

and Smart Computing (Hpsc), and Ieee International Conference on Intelligent Data and

Security (Ids), pp. 145-149. IEEE, 2017.

18. Amit Kr Mandal, Suvamoy Changder, Anirban Sarkar, and Narayan C. Debnath,

“Architecting software as a service for data centric cloud applications”, International

Journal of Grid and High Performance Computing (IJGHPC), vol. 6, no. 1, pp. 77-92,

2014.

19. Dejun Wang, “An efficient cloud storage model for heterogeneous cloud infrastructures”,

Procedia Engineering, vol. 23, pp. 510-515, 2011.

20. Shuying Li, and Ya Pan, “Study on secure data storage based on cloud computing”,

BTAIJ, vol. 10, no. 22, 2014.

21. Pitchai, R., S. Jayashri, and J. Raja, “Searchable encrypted data file sharing method using

public cloud service for secure storage in cloud computing”, Wireless Personal

Communications, vol. 90, no. 2, pp. 947-960, 2016.



ISSN: 1548-7741

www.joics.org615

22. Yibin Li, Keke Gai, Longfei Qiu, Meikang Qiu, and Hui Zhao, “Intelligent cryptography

approach for secure distributed big data storage in cloud computing”, Information

Sciences, vol. 387, pp. 103-115, 2017.

23. Jiguo Li, Wei Yao, Yichen Zhang, Huiling Qian, and Jinguang Han, “Flexible and fine-

grained attribute-based data storage in cloud computing”, IEEE Transactions on Services

Computing, vol. 10, no. 5, pp. 785-796, 2017.

24. Anirudha Pratap Singh, and Syam Kumar Pasupuleti, “Optimized public auditing and

data dynamics for data storage security in cloud computing”, Procedia Computer Science,

vol. 93, pp. 751-759, 2016.

25. Qian Wang, Cong Wang, Kui Ren, Wenjing Lou, and Jin Li, “Enabling public

auditability and data dynamics for storage security in cloud computing”, IEEE

Transactions on Parallel and Distributed Systems, vol. 22, no. 5, pp. 847-859, 2011.

26. Cong Wang, Qian Wang, Kui Ren, Ning Cao, and Wenjing Lou, “Toward secure and

dependable storage services in cloud computing”, IEEE Transactions on Services

Computing, vol. 5, no. 2, pp. 220-232, 2012.

27. Guo W., H. Zhang, S. Qin et al., “Outsourced dynamic provable data possession with

batch update for secure cloud storage”, Future Generation Computer Systems, 2019.

28. Maryam Askarizade Haghighi, Mehrdad Maeen, and Majid Haghparast, “An Energy-

Efficient Dynamic Resource Management Approach Based on Clustering and Meta-

Heuristic Algorithms in Cloud Computing IaaS Platforms”, Wireless Personal

Communications, vol. 104, no. 4, pp. 1367-1391, 2019.

29. Bijolin Edwin, E., P. Umamaheswari, and M. Roshni Thanka, “An efficient and

improved multi-objective optimized replication management with dynamic and cost

aware strategies in cloud computing data center”, Cluster Computing, pp. 1-10, 2017.

30. Tao Wang, Shihong Yao, Zhengquan Xu, and Shan Jia, “DCCP: an effective data

placement strategy for data-intensive computations in distributed cloud computing

systems”, The Journal of Supercomputing, vol. 72, no. 7, pp. 2537-2564, 2016.

31. Qiong Wu, Guihe Qin, and Biaobing Huang, “The research of multimedia cloud

computing platform data dynamic task scheduling optimization method in multi core

environment”, Multimedia Tools and Applications, vol. 76, no. 16, pp. 17163-17178,

2017.

32. Cheng Guo, Ningqi Luo, Md Zakirul Alam Bhuiyan, Yingmo Jie, Yuanfang Chen, Bin

Feng, and Muhammad Alam, “Key-aggregate authentication cryptosystem for data

sharing in dynamic cloud storage”, Future Generation Computer Systems, vol. 84, pp.

190-199, 2018.

33. Feng Wang, Li Xu, Huaqun Wang, and Zhide Chen, “Identity-based non-repudiable

dynamic provable data possession in cloud storage”, Computers & Electrical

Engineering, vol. 69, pp. 521-533, 2018.



ISSN: 1548-7741

www.joics.org616

34. Gregory Levitin, Liudong Xing, and Yuanshun Dai, “Optimal data partitioning in cloud

computing system with random server assignment”, Future Generation Computer

Systems, vol. 70, pp. 17-25, 2017.

35. Arkaitz Ruiz-Alvarez, and Marty Humphrey, “A model and decision procedure for data

storage in cloud computing”, In Proceedings of the 2012 12th IEEE/ACM International

Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012), pp. 572-579. IEEE

Computer Society, 2012.

36. Philipp Waibel, Johannes Matt, Christoph Hochreiner, Olena Skarlat, Ronny Hans, and

Stefan Schulte, “Cost-optimized redundant data storage in the cloud”, Service Oriented

Computing and Applications, vol. 11, no. 4, pp. 411-426, 2017.

37. Anitha Ponraj, “Optimistic virtual machine placement in cloud data centers using queuing

approach”, Future Generation Computer Systems, vol. 93, pp. 338-344, 2019.

38. Tao Shen, and Yukari Nagai, “Non-homogeneous distributed cloud storage system with

minimal redundancy in heterogeneous environment”, Measurement, 2018.

39. Chunlin Li, Jingpan Bai, and JianHang Tang, “Joint optimization of data placement and

scheduling for improving user experience in edge computing”, Journal of Parallel and

Distributed Computing, vol. 125, pp. 93-105, 2019.

40. Jun Wang, Pengju Shang, and Jiangling Yin, “Draw: A new data-grouping-aware data

placement scheme for data intensive applications with interest locality”, In Cloud

Computing for Data-Intensive Applications, pp. 149-174. Springer, New York, NY,

2014.

41. Mohammed S. Bensaleh, Yaman Sharaf-Dabbagh, Hazem Hajj, Mazen AR Saghir,

Haitham Akkary, Hassan Artail, Abdulfattah M. Obeid, and Syed Manzoor Qasim,

“Optimal task scheduling for distributed cluster with active storage devices and

accelerated nodes”, IEEE Access, vol. 6, pp. 48195-48209, 2018.

42. Sandeep K Sood, “A combined approach to ensure data security in cloud computing”,

Journal of Network and Computer Applications, vol. 35, no. 6, pp. 1831-1838, 2012.

43. Cong Wang, Qian Wang, Kui Ren, and Wenjing Lou, “Privacy-preserving public

auditing for data storage security in cloud computing”, In 2010 Proceedings Ieee

Infocom, pp. 1-9. IEEE, 2010.

44. Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou, “Achieving secure, scalable, and

fine-grained data access control in cloud computing”, In 2010 Proceedings IEEE

INFOCOM, pp. 1-9. IEEE, 2010.

45. Victor Chang, and Muthu Ramachandran, “Towards achieving data security with the

cloud computing adoption framework”, IEEE Transactions on Services Computing, vol.

9, no. 1, pp. 138-151, 2016.



ISSN: 1548-7741

www.joics.org617

46. Lukas Malina, Jan Hajny, Petr Dzurenda, and Vaclav Zeman, “Privacy-preserving

security solution for cloud services”, Journal of Applied Research and Technology, vol.

13, no. 1, pp. 20-31, 2015.

47. Yuan Wang, Meixia Miao, Jian Shen, and Jianfeng Wang, “Towards efficient privacy-

preserving encrypted image search in cloud computing”, Soft Computing, vol. 23, no. 6,

pp. 2101-2112, 2019.

48. Prabu Kanna, G. and V. Vasudevan, “A fully homomorphic–elliptic curve cryptography

based encryption algorithm for ensuring the privacy preservation of the cloud data”,

Cluster Computing, pp. 1-9, 2018.

49. Thangavel, M., and P. Varalakshmi, “Enhanced DNA and ElGamal cryptosystem for

secure data storage and retrieval in cloud”, Cluster Computing, vol. 21, no. 2, pp. 1411-

1437, 2018.

50. Miguel Morales-Sandoval, Jose Luis Gonzalez-Compean, Arturo Diaz-Perez, and Victor

J. Sosa-Sosa, “A pairing-based cryptographic approach for data security in the cloud”,

International Journal of Information Security, vol. 17, no. 4, pp. 441-461, 2018.

51. Yaser Jararweh, Mahmoud Al-Ayyoub, and Houbing Song, “Software-defined systems

support for secure cloud computing based on data classification”, Annals of

Telecommunications, vol. 72, no. 5-6, pp. 335-345, 2017.

52. Manreet Sohal, and Sandeep Sharma, “BDNA-A DNA inspired symmetric key

cryptographic technique to secure cloud computing”, Journal of King Saud University-

Computer and Information Sciences, 2018.

53. Muhammad Usman, Mian Ahmad Jan, and Xiangjian He, “Cryptography-based secure

data storage and sharing using HEVC and public clouds”, Information Sciences, vol. 387,

pp. 90-102, 2017.

54. Xin Pei, Yongjian Wang, Wei Yao, Jiuchuan Lin, and Ruxiang Peng, “Security enhanced

attribute based signcryption for private data sharing in cloud”, In 2016 IEEE

Trustcom/BigDataSE/ISPA, pp. 737-743. IEEE, 2016.

55. Subramanian, K., and F. Leo John, “Dynamic data slicing in multi cloud storage using

cryptographic technique”, In 2017 World Congress on Computing and Communication

Technologies (WCCCT), pp. 159-161. IEEE, 2017.

56. Anbuchelian, S., C. M. Sowmya, and C. Ramesh, “Efficient and secure auditing scheme

for privacy preserving data storage in cloud”, Cluster Computing, pp. 1-9, 2017.



ISSN: 1548-7741

www.joics.org618

survey on distributed secure data storage in cloud computingjoics.org/gallery/ics-1417.pdf2.1...

Documents