More Web Proxy on the site http://driver.im/

research-article

Domain based storage protection with secure access control for the cloud

Authors:

Nicolae Paladi,

Antonis Michalas,

Christian GehrmannAuthors Info & Claims

SCC '14: Proceedings of the 2nd international workshop on Security in cloud computing

Pages 35 - 42

https://doi.org/10.1145/2600075.2600082

Published: 03 June 2014 Publication History

Abstract

Cloud computing has evolved from a promising concept to one of the fastest growing segments of the IT industry. However, many businesses and individuals continue to view cloud computing as a technology that risks exposing their data to unauthorized users. We introduce a data confidentiality and integrity protection mechanism for Infrastructure-as-a-Service (IaaS) clouds, which relies on trusted computing principles to provide transparent storage isolation between IaaS clients. We also address the absence of reliable data sharing mechanisms, by providing an XML-based language framework which enables clients of IaaS clouds to securely share data and clearly define access rights granted to peers. The proposed improvements have been prototyped as a code extension for a popular cloud platform.

References

[1]

Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage. Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds. In Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS '09, pages 199--212, New York, NY, USA, 2009. ACM.

Digital Library

[2]

Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, and Luigi Lo Iacono. All Your Clouds Are Belong to us: Security Analysis of Cloud Management Interfaces. In Proceedings of the 3rd ACM Workshop on Cloud Computing Security, CCSW '11, pages 3--14, New York, NY, USA, 2011. ACM.

Digital Library

[3]

Michael Jordon. Cleaning up dirty disks in the cloud. Network Security, 2012(10):12--15, 2012.

[4]

Dawn Song, Elaine Shi, Ian Fischer, and Umesh Shankar. Cloud data protection for the masses. IEEE Computer, 45(1):39--45, 2012.

Digital Library

[5]

M. Rezaei, NS Moosavi, H. Nemati, and R. Azmi. Tcvisor: A hypervisor level secure storage. In Internet Technology and Secured Transactions (ICITST), 2010 International Conference for, pages 1--9. IEEE, 2010.

[6]

Fengzhe Zhang, Jin Chen, Haibo Chen, and Binyu Zang. Cloudvisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pages 203--216. ACM, 2011.

Digital Library

[7]

W. Wang, Z. Li, R. Owens, and B. Bhargava. Secure and efficient access to outsourced data. In Proceedings of the 2009 ACM workshop on Cloud computing security, pages 55--66. ACM, 2009.

Digital Library

[8]

S. Graf, P. Lang, S. Hohenadel, and M. Waldvogel. Versatile key management for secure cloud storage. Submitted at EuroSys, 11(11.4):2012--13, 2012.

[9]

M. Waldvogel, G. Caronni, D. Sun, N. Weiler, and B. Plattner. The versakey framework: Versatile group key management. Selected Areas in Communications, IEEE Journal on, 17(9):1614--1631, 1999.

Digital Library

[10]

Nicolae Paladi, Christian Gehrmann, and Fredric Morenius. Domain-Based Storage Protection (DBSP) in Public Infrastructure Clouds. In Secure IT Systems, pages 279--296. Springer, 2013.

Digital Library

[11]

Trusted Computing Group. TCG Specification, Architecture Overview, revision 1.4. Technical report, Trusted Computing Group, 2007.

[12]

Oded Goldreich, Shafi Goldwasser, and Silvio Micali. How to Construct Random Functions. J. ACM, 33(4):792--807, August 1986.

Digital Library

[13]

Michael Hohmuth, Michael Peter, Hermann H\"artig, and Jonathan S Shapiro. Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors. In Proceedings of the 11th workshop on ACM SIGOPS European workshop, page 22. ACM, 2004.

Digital Library

[14]

D. Dolev, Stanford University. Computer Science Dept, and A.C. Yao. On the Security of Public Key Protocols. Report (Stanford University. Computer Science Dept.). Department of Computer Science, Stanford University, 1981.

Digital Library

[15]

P. Mell and T. Grance. The NIST definition of cloud computing (draft). NIST special publication, 800, 2011.

Digital Library

[16]

Nicolae Paladi, Christian Gehrmann, Mudassar Aslam, and Fredric Morenius. Trusted Launch of Virtual Machine Instances in Public IaaS Environments. In Taekyoung Kwon, Mun-Kyu Lee, and Daesung Kwon, editors, Information Security and Cryptology -- ICISC 2012, volume 7839 of Lecture Notes in Computer Science, pages 309--323. Springer Berlin Heidelberg, 2013.

Digital Library

Cited By

Jasmine Sharon S S. Nagasundaram (2024)Multi-Tenant IaaS Cloud Security Evaluation ModelInternational Journal of Advanced Research in Science, Communication and Technology10.48175/IJETIR-1234(184-188)Online publication date: 10-Jul-2024
https://doi.org/10.48175/IJETIR-1234
Dhulipudi RDangeti SPynam VDaniya TDas PMaram B(2023)A Framework for Smart & Secure Vehicle Intelligent Life Monitoring System2023 1st DMIHER International Conference on Artificial Intelligence in Education and Industry 4.0 (IDICAIEI)10.1109/IDICAIEI58380.2023.10406405(1-6)Online publication date: 27-Nov-2023
https://doi.org/10.1109/IDICAIEI58380.2023.10406405
Vellela SVenkateswara Reddy BChaitanya KRao M(2023)An Integrated Approach to Improve E-Healthcare System using Dynamic Cloud Computing Platform2023 5th International Conference on Smart Systems and Inventive Technology (ICSSIT)10.1109/ICSSIT55814.2023.10060945(776-782)Online publication date: 23-Jan-2023
https://doi.org/10.1109/ICSSIT55814.2023.10060945
Show More Cited By

Index Terms

Domain based storage protection with secure access control for the cloud

Recommendations

Cloud Multi-Tenancy: Issues and Developments
UCC '17 Companion: Companion Proceedings of the10th International Conference on Utility and Cloud Computing

Cloud Computing (CC) is a computational paradigm that provides pay-per use services to customers from a pool of networked computing resources that are provided on demand. Customers therefore does not need to worry about infrastructure or storage. Cloud ...
Cloud Program with a Pricing Strategy for Iaas in Cloud Computing
IPDPSW '12: Proceedings of the 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops & PhD Forum

Cloud computing is the latest technology trend in delivering computing resources as a service. In practice, cloud service providers tend to offer services that can be grouped into three categories: software as a service (Saas), platform as a service (...
State-of-the-art research study for green cloud computing

Although cloud computing has rapidly emerged as a widely accepted computing paradigm, the research on cloud computing is still at an early stage. Cloud computing suffers from different challenging issues related to security, software frameworks, quality ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SCC '14: Proceedings of the 2nd international workshop on Security in cloud computing

June 2014

76 pages

ISBN:9781450328050

DOI:10.1145/2600075

General Chair:
Robert Deng
Singapore Management University
,
Program Chairs:
Elaine Shi
University of Maryland, College Park
,
Kui Ren
State University of New York, Buffalo

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 June 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '14

Sponsor:

SIGSAC

ASIA CCS '14: 9th ACM Symposium on Information, Computer and Communications Security

June 3, 2014

Kyoto, Japan

Acceptance Rates

SCC '14 Paper Acceptance Rate 9 of 21 submissions, 43%;

Overall Acceptance Rate 64 of 159 submissions, 40%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

25
Total Citations
View Citations
276
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)1

Reflects downloads up to 11 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Jasmine Sharon S S. Nagasundaram (2024)Multi-Tenant IaaS Cloud Security Evaluation ModelInternational Journal of Advanced Research in Science, Communication and Technology10.48175/IJETIR-1234(184-188)Online publication date: 10-Jul-2024
https://doi.org/10.48175/IJETIR-1234
Dhulipudi RDangeti SPynam VDaniya TDas PMaram B(2023)A Framework for Smart & Secure Vehicle Intelligent Life Monitoring System2023 1st DMIHER International Conference on Artificial Intelligence in Education and Industry 4.0 (IDICAIEI)10.1109/IDICAIEI58380.2023.10406405(1-6)Online publication date: 27-Nov-2023
https://doi.org/10.1109/IDICAIEI58380.2023.10406405
Vellela SVenkateswara Reddy BChaitanya KRao M(2023)An Integrated Approach to Improve E-Healthcare System using Dynamic Cloud Computing Platform2023 5th International Conference on Smart Systems and Inventive Technology (ICSSIT)10.1109/ICSSIT55814.2023.10060945(776-782)Online publication date: 23-Jan-2023
https://doi.org/10.1109/ICSSIT55814.2023.10060945
Kulzhanova ABakibayev TKerimbayev NKaloyanova KRakhimova D(2023)A Compact and Secure Access Control Solution Based on a Deterministic Finite Automaton2023 International Conference Automatics and Informatics (ICAI)10.1109/ICAI58806.2023.10339058(311-316)Online publication date: 5-Oct-2023
https://doi.org/10.1109/ICAI58806.2023.10339058
Verginadis YPatiniotakis IGouvas PMantzouratos SVeloudis SSchork SSeitzluwig LParaskakis IMentzas G(2022)Context-Aware Policy Enforcement for PaaS-Enabled Access ControlIEEE Transactions on Cloud Computing10.1109/TCC.2019.292734110:1(276-291)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TCC.2019.2927341
Michalas AKiss T(2020)Charlie and the CryptoFactory: Towards Secure and Trusted Manufacturing Environments2020 IEEE 20th Mediterranean Electrotechnical Conference ( MELECON)10.1109/MELECON48756.2020.9140712(141-146)Online publication date: Jun-2020
https://doi.org/10.1109/MELECON48756.2020.9140712
Kumaresan SShanmugam V(2020)Time-variant attribute-based multitype encryption algorithm for improved cloud data security using user profileThe Journal of Supercomputing10.1007/s11227-019-03118-8Online publication date: 15-Jan-2020
https://doi.org/10.1007/s11227-019-03118-8
Michalas AHung CPapadopoulos G(2019)The lord of the sharesProceedings of the 34th ACM/SIGAPP Symposium on Applied Computing10.1145/3297280.3297297(146-155)Online publication date: 8-Apr-2019
https://dl.acm.org/doi/10.1145/3297280.3297297
Xu SXin YZhu HLuo SChen Y(2019)A Authentication and Access Authorization Mechanism on the PaaS Platform2019 IEEE Symposium Series on Computational Intelligence (SSCI)10.1109/SSCI44817.2019.9002757(893-900)Online publication date: Dec-2019
https://doi.org/10.1109/SSCI44817.2019.9002757
Yan KShen WJin QLu H(2019)Emerging Privacy Issues and Solutions in Cyber-Enabled Sharing Services: From Multiple PerspectivesIEEE Access10.1109/ACCESS.2019.28943447(26031-26059)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2894344
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents