Computer Engineering Commons^™

Efficient Certificateless Multi-Copy Integrity Auditing Scheme Supporting Data Dynamics, Lei Zhou, Anmin Fu, Guomin Yang, Huaqun Wang, Yuqing Zhang

Research Collection School Of Computing and Information Systems

To improve data availability and durability, cloud users would like to store multiple copies of their original files at servers. The multi-copy auditing technique is proposed to provide users with the assurance that multiple copies are actually stored in the cloud. However, most multi-replica solutions rely on Public Key Infrastructure (PKI), which entails massive overhead of certificate computation and management. In this article, we propose an efficient multi-copy dynamic integrity auditing scheme by employing certificateless signatures (named MDSS), which gets rid of expensive certificate management overhead and avoids the key escrow problem in identity-based signatures. Specifically, we improve the classic …

Attribute-Based Cloud Data Integrity Auditing For Secure Outsourced Storage, Yong Yu, Yannan Li, Bo Yang, Willy Susilo, Guomin Yang, Jian Bai

Research Collection School Of Computing and Information Systems

Outsourced storage such as cloud storage can significantly reduce the burden of data management of data owners. Despite of a long list of merits of cloud storage, it triggers many security risks at the same time. Data integrity, one of the most burning challenges in secure cloud storage, is a fundamental and pivotal element in outsourcing services. Outsourced data auditing protocols enable a verifier to efficiently check the integrity of the outsourced files without downloading the entire file from the cloud, which can dramatically reduce the communication overhead between the cloud server and the verifier. Existing protocols are mostly based …

A Symmetric-Based Framework For Securing Cloud Data At Rest, Mohammed Mohammed, Fadhil Abed

Turkish Journal of Electrical Engineering and Computer Sciences

Cloud computing is the umbrella term for delivering services via the Internet. It enables enterprises and individuals to access services such as virtual machines, storage, or applications on demand. It allows them to achieve more by paying less, and it removes the barrier of installing physical infrastructure. However, due to its openness and availability over the Internet, the issue of ensuring security and privacy arises. This requires careful consideration from enterprises and individuals before the adoption of cloud computing. In order to overcome security issues, cloud service providers are required to use strong security measures to secure their storage and …

On I/O Performance And Cost Efficiency Of Cloud Storage: A Client's Perspective, Binbing Hou

LSU Doctoral Dissertations

Cloud storage has gained increasing popularity in the past few years. In cloud storage, data are stored in the service provider’s data centers; users access data via the network and pay the fees based on the service usage. For such a new storage model, our prior wisdom and optimization schemes on conventional storage may not remain valid nor applicable to the emerging cloud storage.

In this dissertation, we focus on understanding and optimizing the I/O performance and cost efficiency of cloud storage from a client’s perspective. We first conduct a comprehensive study to gain insight into the I/O performance behaviors …

Frameup: An Incriminatory Attack On Storj: A Peer To Peer Blockchain Enabled Distributed Storage System, Xiaolu Zhang, Justin Grannis, Ibrahim Baggili, Nicole Lang Beebe

Electrical & Computer Engineering and Computer Science Faculty Publications

In this work we present a primary account of frameup, an incriminatory attack made possible because of existing implementations in distributed peer to peer storage. The frameup attack shows that an adversary has the ability to store unencrypted data on the hard drives of people renting out their hard drive space. This is important to forensic examiners as it opens the door for possibly framing an innocent victim. Our work employs Storj as an example technology, due to its popularity and market size. Storj is a blockchain enabled system that allows people to rent out their hard drive space …

Concurrency Control Algorithms For Deduplicated Cloud Storage, Prabavathy Balasundaram, Chitra Babu

Turkish Journal of Electrical Engineering and Computer Sciences

Deduplication of data is essential to effectively use cloud storage. As the metadata in deduplicated cloud storage are shared across multiple users, concurrent updates may result in inconsistencies. A coarse-grained locking strategy that has been proposed earlier to overcome this difficulty is not suited for inline deduplication owing to poor performance. In the present work, a fine-grained locking strategy that overcomes this shortcoming is proposed. A metadata structure along with a set of concurrent control mechanisms to accomplish this is presented. This strategy is shown to improve the throughput by as much as 60% with only marginal lock overhead.

Attribute-Based Encryption With Expressive And Authorized Keyword Search, Hui Cui, Robert H. Deng, Joseph K. Liu, Yingjiu Li

Research Collection School Of Computing and Information Systems

To protect data security and privacy in cloud storage systems, a common solution is to outsource data in encrypted forms so that the data will remain secure and private even if storage systems are compromised. The encrypted data, however, must be pliable to search and access control. In this paper, we introduce a notion of attribute-based encryption with expressive and authorized keyword search (ABE-EAKS) to support both expressive keyword search and fine-grained access control over encrypted data in the cloud. In ABE-EAKS, every data user is associated with a set of attributes and is issued a private attribute-key corresponding to …

Towards Deadline Guaranteed Cloud Storage Services, Guoxin Liu, Haiying Shen, Lei Yu

Publications

More and more organizations move their data and workload to commercial cloud storage systems. However, the multiplexing and sharing of the resources in a cloud storage system present unpredictable data access latency to tenants, which may make online data-intensive applications unable to satisfy their deadline requirements. Thus, it is important for cloud storage systems to provide deadline guaranteed services. In this paper, to meet a current form of service level objective (SLO) that constrains the percentage of each tenant's data access requests failing to meet its required deadline below a given threshold, we build a mathematical model to derive the …

The Utilization Of Mobile Technology For Crime Scene Investigation In The San Francisco Bay Area, Marc Logrande

Themis: Research Journal of Justice Studies and Forensic Science

The research presented aims to explore factors affecting the decision to adopt a mobile crime scene investigation application in police departments throughout the San Francisco Bay Area. To accomplish this goal, the mobile technology acceptance model was used in designing a survey for data collection. This model utilizes four categories to interpret the factors that influence a police officer’s decision to accept or reject mobile technologies: performance, security and reliability, management style, and cognitive acceptance. Nine police departments were sampled through a series of in-person and over-the-phone interviews to obtain data regarding factors affecting the adoption of a mobile crime …

Api-Based Acquisition Of Evidence From Cloud Storage Providers, Andres E. Barreto

University of New Orleans Theses and Dissertations

Cloud computing and cloud storage services, in particular, pose a new challenge to digital forensic investigations. Currently, evidence acquisition for such services still follows the traditional approach of collecting artifacts on a client device. In this work, we show that such an approach not only requires upfront substantial investment in reverse engineering each service, but is also inherently incomplete as it misses prior versions of the artifacts, as well as cloud-only artifacts that do not have standard serialized representations on the client.

In this work, we introduce the concept of API-based evidence acquisition for cloud services, which addresses these concerns …

Cloud-Based Storage Applications For Smart Phones: Forensic Investigation Of Cloud Storage Applications, Radoslaw Ochrymowicz

Dissertations

The proliferation of smart phones across the globe, development of 4G network standards and its progressing implementation along with shift towards cloud computing bring risks to smart phone users who avail of these service. Security of cloud storage mobile applications should be essential to smart phone users. Enterprises’ move to huge data centres and availing of their infrastructure, platform and service is an advantage but poses a risk. Users use corporate resources managed and administered with security in mind of policy makers but it is still possible to use unsecure, designed for users services without business being aware of it. …

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo

Research Collection School Of Computing and Information Systems

Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism.We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data without …