Data Security in Cloud Storage

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

This book provides a comprehensive overview of data security in cloud storage, ranging from basic paradigms and principles, to typical security issues and practical security solutions. It also illustrates how malicious attackers benefit from the compromised security of outsourced data in cloud storage and how attacks work in real situations, together with the countermeasures used to ensure the security of outsourced data. Furthermore, the book introduces a number of emerging technologies that hold considerable potential – for example, blockchain, trusted execution environment, and indistinguishability obfuscation – and outlines open issues and future research directions in cloud storage security. The topics addressed are important for the academic community, but are also crucial for industry, since cloud storage has become a fundamental component in many applications. The book offers a general introduction for interested readers with a basic modern cryptography background, and a reference guide for researchers and practitioners in the fields of data security and cloud storage. It will also help developers and engineers understand why some current systems are insecure and inefficient, and move them to design and develop improved systems.

Author(s): Yuan Zhang; Chunxiang Xu; Xuemin Sherman Shen
Series: Wireless Networks
Publisher: Springer
Year: 2020

Language: English
Pages: 171

Preface
Contents
Acronyms
1 Introduction
1.1 An Overview of Cloud Storage
1.1.1 Cloud Storage Architecture
1.1.2 Cloud Storage Applications
1.1.2.1 Electronic Healthcare
1.1.2.2 Data Sharing
1.1.2.3 IoT
1.2 Data Security in Cloud Storage
1.3 Organization of the Monograph
References
2 Basic Techniques for Data Security
2.1 Data Authentication
2.1.1 Message Authentication Code
2.1.2 Hash Function
2.1.3 Digital Signature
2.2 Data Confidentiality
2.2.1 Symmetric-Key Encryption
2.2.2 Public-Key Encryption
2.3 Threshold Cryptography
2.4 Public-Key Cryptosystems
2.4.1 PKI-Based Public-Key Cryptosystems
2.4.2 Identity-Based Public-Key Cryptosystems
2.4.3 Certificateless Public-Key Cryptosystems
2.5 Blockchain
2.6 Trusted Execution Environments
2.7 Summary and Further Reading
References
3 Cloud Storage Reliability
3.1 Data Integrity
3.2 Proofs of Storage: Definition and Criteria
3.2.1 Threat Models
3.2.2 Security Criteria
3.3 Proofs of Storage for Cloud Storage Systems
3.3.1 Proofs of Storage for Dynamic Data
3.3.1.1 PDP-Based Integrity Verification of Dynamic Data
3.3.1.2 PoR-Based Integrity Verification of Dynamic Data
3.3.2 Enhancement of Security
3.3.2.1 Privacy-Preserving Public Verification
3.3.2.2 Resistance Against External Adversaries
3.3.3 Constructing Public Verification on Different Cryptosystems
3.3.4 Other Works
3.4 Latest Advances in Proofs of Storage
3.4.1 Proofs of Storage Based on Indistinguishability Obfuscation
3.4.2 Proofs of Storage Based on Blockchain
3.4.2.1 On the Vulnerability of Existing Public Verification Schemes Against Dishonest Auditors
3.4.2.2 Blockchain-Based Public Verification Against Dishonest Auditors
3.5 Summary and Further Reading
References
4 Secure Deduplication
4.1 Deduplication Classification
4.2 Secure Deduplication: Threats and Countermeasures
4.2.1 Proofs of Ownership
4.2.2 Randomized Deduplication
4.3 Message-Locked Encryption
4.3.1 Overview
4.3.2 Threat Models of Encrypted Deduplication Storage Systems
4.3.3 Security Definition
4.4 Encrypted Deduplication Systems
4.4.1 Enhancement of Security
4.4.2 Practical Concern
4.4.3 Other Works
4.5 When Secure Deduplication Meets eHealth: A Case Study
4.5.1 Cloud-Based eHealth Systems
4.5.2 Adversary Model and Security Goals
4.5.3 Analysis of EMRs in Actual eHealth Systems
4.5.4 Study of HealthDep
4.6 Summary and Further Reading
References
5 Secure Keyword Search
5.1 Keyword Search Over Encrypted Data
5.2 Symmetric-Key Searchable Encryption
5.2.1 System and Threat Models
5.2.2 Survey on Symmetric-Key Searchable Encryption
5.2.2.1 Basic SSE and Its Development
5.2.2.2 SSE for Dynamic Data
5.2.2.3 Variants of SSE
5.2.2.4 Other Works
5.3 Public-Key Searchable Encryption
5.3.1 System model
5.3.2 Threat Model and Security Definition
5.3.3 Survey on Public-Key Searchable Encryption
5.3.3.1 Vulnerability of PSE Against Keyword Guessing Attacks and Countermeasures
5.3.3.2 Constructing PSE on Different Cryptosystems
5.3.3.3 Essential Relationships Between PSE and Other Cryptographic Primitives
5.4 Latest Advances in Public-Key Searchable Encryption
5.4.1 Public-Key Searchable Encryption Against Keyword Guessing Attacks
5.4.1.1 System Model
5.4.1.2 Threat Model
5.4.1.3 Introduction to SEPSE
5.4.2 Remark and Further Discussion
5.5 Summary and Further Reading
References
6 Secure Data Provenance
6.1 Introduction to Secure Data Provenance
6.1.1 Data Provenance vs. Secure Data Provenance
6.1.2 System and Threat Models
6.2 Survey on Secure Data Provenance
6.3 Blockchain: A Panacea for Secure Data Provenance
6.3.1 Blockchain-Based Secure Data Provenance
6.3.1.1 A Model of Data Provenance
6.3.1.2 System and Threat Models
6.3.1.3 Overview of ESP
6.3.1.4 Construction of ESP
6.3.2 Implementation Based on Ethereum
6.3.3 Data Provenance and Beyond: Further Discussion
6.4 Summary and Further Reading
References
7 Secure Data Time-Stamping
7.1 Introduction to Secure Data Time-Stamping
7.1.1 What Kinds of Data Would Benefit from Secure Time-Stamping?
7.1.2 System and Threat Models
7.2 Survey on Secure Time-Stamping
7.3 Secure Time-Stamping and Blockchain
7.3.1 Distributed Cryptocurrencies from Secure Time-Stamping
7.3.2 Secure Time-Stamping from Blockchain
7.3.2.1 Overview of Chronos+
7.3.2.2 Construction of Chronos+
7.3.2.3 Accuracy of Height-Derived Timestamps
7.3.2.4 Simulation on Ethereum
7.4 Summary and Further Reading
References
8 Summary and Future Research Directions
8.1 Summary
8.2 Future Work
8.2.1 Secure Data Integrity Verification from Smart Contract
8.2.2 Combination of Encrypted Deduplication and Symmetric-key Searchable Encryption
8.2.3 Secure Provenance Under Complex Models
8.2.4 Securely Time-stamping Operations in the Digital World