Improving the Security and Usability of Cloud Services with User-centric Security Models by Saman Zarandioon

OF THE DISSERTATION Improving the security and usability of cloud services with user-centric security models by Saman Zarandioon Dissertation Director: Danfeng Yao and Vinod Ganapathy Cloud computing is a paradigm shift in the way we define software and hardware, and architect our IT solutions. The emerging cloud technologies, due to their various unique and attractive properties, are evolving with tremendous momentum and rapidly being adopted throughout the IT industry. In this dissertation, we identify security challenges that arise in integration of cloud-based services, and present a set of novel solutions to address them. We analyze the security of our solutions, demonstrate their usage and effectiveness, and evaluate their performance by extensive experimentation. To address the problem of access control in untrusted cloud storage, we introduce K2C (Key To Cloud) protocol, which is a cryptographic access control protocol based on our new key-updating scheme referred to as AB-HKU. To improve the security and usability of integrated cloud services, we introduce a flexible client-side integration framework called OMOS. This framework enables secure and seamless client-side integration of cloud-based resources and services. Finally, to address the problem of identity management in an integrated cloud environment, we present a user-centric identity management solution called Web2ID. Our Web2ID protocol, by leveraging secure client-side cryptography and communication, introduces a privacy-preserving and secure mechanism for user authentication, fine-grained access delegation and identity attribute exchange.