Cloud-based Privacy-Preserving Data Storage
Abstract
Cloud computing has significantly transformed the way individuals and organizations store, manage, and access data. Despite its advantages such as scalability, flexibility, and cost efficiency, storing sensitive data in the cloud introduces serious privacy and security challenges. Issues such as unauthorized access, insider threats, cyberattacks, and data leakage have raised concerns about trusting third-party cloud service providers. This paper presents a Cloud-based Privacy Preserving Data Storage (CPPDS) framework designed to ensure confidentiality, integrity, and controlled access to outsourced data. The proposed system integrates encryption mechanisms, secure key management, access control policies, and auditing techniques to protect sensitive information stored in the cloud. Experimental evaluation demonstrates that the framework enhances data privacy while maintaining system efficiency and performance. Furthermore, the framework incorporates role-based authentication to restrict unauthorized access and ensure that only verified users can interact with sensitive data. The system also supports scalability, allowing it to handle increasing volumes of data without compromising security or performance. In addition, real-time monitoring mechanisms are employed to detect and respond to potential security threats promptly. The proposed approach contributes to building a reliable and secure cloud environment suitable for handling critical and sensitive information.
References
M. Armbrust et al., “Above the clouds: A Berkeley view of cloud computing,” University of California at Berkeley, Feb. 2009.
C. Dwork, “Differential privacy,” Automata, Languages and Programming, vol. 4052, pp. 1–12, 2006.
V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” Proceedings of the 13th ACM conference on Computer and communications security, 2006, pp. 89–98.
C. Gentry, “Fully homomorphic encryption using ideal lattices,” Proceedings of the 41st annual ACM symposium on Symposium on theory of computing, May 2009, pp. 169–178.
M. J. Dworkin et al., “Advanced Encryption Standard (AES),” Federal information processing standards (NIST FIPS), Nov. 2001.
R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, vol. 21, no. 2, pp. 120–126, Feb. 1978.
R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, “Role-based access control models,” IEEE Computer, vol. 29, no. 2, pp. 38–47, Feb. 1996.
S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” Bitcoin, 2008.
Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling public auditability and data dynamics for storage security in cloud computing,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 5, pp. 847–859, May 2011.
K. Ren, C. Wang, and Q. Wang, “Security challenges for the public cloud,” IEEE Internet Computing, vol. 16, no. 1, pp. 69–73, Jan.–Feb. 2012.
M. Ali, S. U. Khan, and A. V. Vasilakos, “Security in cloud computing: Opportunities and challenges,” Information Sciences, vol. 305, no. 1, pp. 357–383, Jun. 2018.
C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving public auditing for secure cloud storage,” IEEE Transactions on Computers, vol. 62, no. 2, pp. 362–375, Feb. 2013.
