Towards secure cloud computing through a separation of duties
نویسندگان
چکیده
Cloud Computing offers many opportunities but also introduces new risks. A user outsourcing his database into the cloud loses control over this data. While the service provider often secures the data against external threats using standard techniques, the service providers themselves have to be trusted to ensure privacy. This work proposes a novel approach to provide security for database services without the need to trust the provider. We suggest employing a separation of duties by distributing critical information and services between two or more providers in a way that the confidentiality of a database can only be compromised if all providers are corrupted and work together. We also present a formal security notion for such a database.
منابع مشابه
A Mobile and Fog-based Computing Method to Execute Smart Device Applications in a Secure Environment
With the rapid growth of smart device and Internet of things applications, the volume of communication and data in networks have increased. Due to the network lag and massive demands, centralized and traditional cloud computing architecture are not accountable to the high users' demands and not proper for execution of delay-sensitive and real time applications. To resolve these challenges, we p...
متن کاملSESOS: A Verifiable Searchable Outsourcing Scheme for Ordered Structured Data in Cloud Computing
While cloud computing is growing at a remarkable speed, privacy issues are far from being solved. One way to diminish privacy concerns is to store data on the cloud in encrypted form. However, encryption often hinders useful computation cloud services. A theoretical approach is to employ the so-called fully homomorphic encryption, yet the overhead is so high that it is not considered a viable s...
متن کاملDoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a ...
متن کاملTowards Secure Cloud Computing Architecture - A Solution Based on Software Protection Mechanism
Cloud computing grows as an important keyword to accelerate IT businesses. A feature of cloud computing is distributed architecture based on unfixed nodes, and security risks have been highlighted for cloud computing services. In this paper, we present a novel approach for solving the essential issue of cloud computing: how to protect a program running in an untrusted cloud computing environmen...
متن کاملA risk model for cloud processes
Traditionally, risk assessment consists of evaluating the probability of "feared events", corresponding to known threats and attacks, as well as these events' severity, corresponding to their impact on one or more stakeholders. Assessing risks of cloud-based processes is particularly difficult due to lack of historical data on attacks, which has prevented frequency-based identification...
متن کامل