Int
ern
at
i
onal
Journ
al of Ele
ctrical
an
d
Co
mput
er
En
gin
eeri
ng
(IJ
E
C
E)
Vo
l.
9
, No
.
5
,
Octo
ber
201
9
, pp.
3843
~
38
49
IS
S
N:
20
88
-
8708
,
DOI: 10
.11
591/
ijece
.
v
9
i
5
.
pp3843
-
38
49
3843
Journ
al h
om
e
page
:
http:
//
ia
es
core
.c
om/
journa
ls
/i
ndex.
ph
p/IJECE
Data storag
e lock
algorit
hm
with crypt
ograph
ic tech
niq
ues
An
ith
a K
.
L
.
1
,
T.R
.
G
opala
k
ri
shna
n
Nair
2
1
Bhara
th
ia
r
Un
iv
ersity
,
Indi
a
1,
2
Networks a
nd
Secur
ity
Rese
arch Group,
Advan
ce
d
R
ese
ar
ch
C
e
ntre
,
Ra
ja
ra
je
sw
ari
Group
of
Inst
it
uti
ons,
Indi
a
Art
ic
le
In
f
o
ABSTR
A
CT
Art
ic
le
history:
Re
cei
ved
N
ov
26
, 201
8
Re
vised
Ma
r
27
, 2
01
9
Accepte
d
Apr
10
, 201
9
The
cl
oud
computing
had
it
s
impact
far
and
wid
e,
and
En
te
rpris
e
soluti
ons
are
g
et
t
ing
m
igr
at
ed
to
diff
ere
n
t
t
y
pes
of
cl
ouds
.
Th
e
servi
ce
s
a
re
deliver
ed
from
the
dat
a
c
ent
ers
which
ar
e
loc
a
te
d
a
ll
ov
er
the
world.
A
s
the
dat
a
is
roa
m
ing
with
l
e
ss
cont
rol
in
an
y
d
at
a
c
ent
ers
,
dat
a
s
ec
uri
t
y
iss
ues
in
c
loud
are
ver
y
challenging.
Th
ere
for
e
we
nee
d
m
ul
ti
-
le
v
el
aut
hen
tication,
da
t
a
int
egr
i
t
y
,
priv
acy
and
abov
e
al
l
enc
r
y
pti
on
to
s
afe
guar
d
our
da
ta
which
is
stored
on
to
the
cl
oud.
The
data
and
appl
i
catio
ns
ca
nnot
b
e
re
l
oca
t
ed
to
a
virt
ual
serv
er
without
m
uch
degr
ee
of
sec
urity
co
nce
rn
as
the
r
e
c
an
be
m
uch
conf
ide
n
ti
a
l
data
or
m
ission
-
cri
ti
ca
l
app
lications.
In
thi
s
pape
r,
we
propose
Data
Storag
e
L
ock
Algorit
hm
(DS
LA)
to
store
conf
id
ential
d
at
a
the
r
eb
y
provide
s
sec
ur
e
dat
a
stor
age
in
cl
oud
computi
ng
base
d
o
n
cr
y
ptogr
aphic
standa
rds.
Ke
yw
or
d
s
:
Cl
oud
se
rv
ic
e
pro
vid
er
Crypto
gr
a
phy
Data sto
rag
e
Decr
y
ption
Encr
y
ption
Copyright
©
201
9
Instit
ut
e
o
f Ad
vanc
ed
Engi
n
ee
r
ing
and
S
cienc
e
.
Al
l
rights re
serv
ed
.
Corres
pond
in
g
Aut
h
or
:
An
it
ha
K
.
L
.
,
Re
search
Sc
hola
r,
Bha
rathia
r Un
i
ver
sit
y,
Coim
bator
e, In
dia
.
Em
a
il
:
anithakl07@
gm
ail.co
m
1.
INTROD
U
CTION
A
cl
ou
d
is
a
c
ollec
ti
on
of
res
ources
w
hich
a
re
virtu
al
iz
ed
that
hosts
a
va
ri
et
y
of
dif
fer
e
nt
w
orkloa
ds
and
can
be
de
plo
ye
d
an
d
sca
le
d
-
ou
t
qu
ic
kly
throu
gh
t
he
rap
i
d
pr
ov
isi
onin
g
of
virtu
al
m
achines
or
physi
cal
m
achine.
It
suppo
rts
sel
f
-
rec
ov
e
rin
g,
re
dundant
an
d
sig
nif
ic
antly
scal
abl
e
program
m
ing
m
e
tho
ds
that
al
lo
w
work
l
oa
ds
to
r
ecov
e
r
f
ro
m
m
any
necessa
ry
hard
war
e
or
s
of
t
war
e
fail
ure
s
and
m
on
it
or
resou
rce
us
e
in
real
t
i
m
e
to
enab
le
reb
al
anci
ng
of
al
locat
ions
wh
e
n
nee
de
d
[1
]
.
T
he
po
pu
la
r
al
gorith
m
s
include
th
e
Data
Encr
y
ption
Sta
nd
a
r
d
(DES)
[
2],
an
d
the
A
dvance
d
E
ncr
y
pt
ion
Stan
dard
(
AES)
[
3].
The
AES
al
gorithm
was
publishe
d
by
t
he
Nati
onal
I
nst
it
ute
of
Stan
dards
an
d
Tec
h
nolo
gy
(NIST
)
in
2001.
AE
S
is
a
sym
m
et
ri
c
bl
ock
ci
ph
e
r wh
ic
h
is
prop
os
ed
to re
place D
ES as
the a
ppr
ov
e
d
st
and
a
r
d
f
or a
n
e
xtensi
ve
c
ollec
ti
on
of ap
plica
ti
on
s
.
Wh
it
fiel
d
Dif
fie
and
Ma
rtin
Hellm
an
introdu
ce
d
a
n
al
gor
it
h
m
cal
le
d
the
Diff
ie
-
Hell
m
a
n
al
gorithm
(D
H)
in
1976
[
4],
accom
plished
dra
sti
c
chan
ges
i
n
crypt
ograph
y,
pr
ese
nting
the
first
asy
m
m
et
ric
cryptographic
al
gorithm
.
Riv
est
,
Sh
am
ir
an
d
Ad
el
m
an
def
i
ned
their
well
-
kn
own
Ri
vest
-
Sham
ir
-
Ad
le
m
an
(RS
A
)
al
gorithm
[5
]
in 1
97
8.
T
he
R
SA
al
gorithm
has
si
nce
that
t
i
m
e
reign
a
bso
lute
as
the
m
os
t
extensiv
el
y
acce
pted
and
im
ple
m
ent
ed
a
ge
ner
al
-
pur
pose
ap
proa
ch
to
pu
blic
-
ke
y
encr
ypti
on.
In
19
85,
Vict
or
Mi
ll
er
(I
B
M)
an
d
Neil
Koblit
z
(U
ni
ver
sit
y
of
Was
hingto
n)
di
scov
e
red
Ell
ip
ti
c
Curv
e
Cryp
tograp
hy
(ECC
)
w
hich
can
be
us
ed
,
as
an
al
te
rn
at
iv
e
m
echan
ism
t
o
im
ple
m
ent
pu
blic
key
cry
pto
gra
ph
y
[
6].
E
CC
al
go
rithm
s
rely
on
the
al
ge
br
ai
c
structu
re
of
el
li
ptic
curves
ov
er
fi
nite
fiel
ds
.
N
ow
a
days
cl
oud
se
r
vice
pr
ov
i
der
offe
rs
s
erv
e
r
sid
e
sec
uri
ty
to
retai
n
c
on
t
ro
l
f
or
the
cust
om
e
r’
s
data.
We
c
an’
t
m
ake
s
ur
e
that
the
us
er
’s
data
a
re
vulne
rab
le
t
o
at
ta
ck
s
or
a
data
breac
h.
T
her
e
fore
to
e
nsure
sec
uri
ty
and
pr
i
vacy
in
cl
oud
the
re
is
a
need
for
a
c
li
ent
side
encry
ption
m
echan
ism
to
safegua
rd
our
data.
Th
us
the
us
er
data
will
sta
y
pr
otect
ed
whoe
ver
be
th
e
entit
y
that
con
tr
ols
the
entire
com
pu
ti
ng
e
nv
ir
on
m
ent.
Thus
the
us
er
da
ta
in
the
cl
oud
rem
ai
ns
in
enc
rypte
d
f
or
m
un
ti
l
the
us
er
decr
y
pts
it
in
c
li
ent
side.
This
m
od
e
of
e
ncr
y
ptions
is
requir
ed
to
safe
gu
a
r
d
our
data
f
r
om
hack
ing,
m
a
li
ci
ou
s
a
tt
acks
an
d
vul
ner
a
bili
ti
es.
N
ow
we
are
pr
opos
i
ng
a
n
al
go
rithm
by
wh
ic
h,
ext
ra
la
ye
r
of secur
it
y
ca
n
be
giv
e
n
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2088
-
8708
In
t J
Elec
&
C
om
p
En
g,
V
ol.
9
, N
o.
5
,
Oct
ober
201
9
:
3
8
4
3
-
3
8
4
9
3844
to potenti
al
ly
vulne
rab
le
data
us
in
g
the
cli
ent
contro
ll
e
d
ap
proac
hes. This
will
en
able i
n
r
eal
iz
ing
sto
rage l
ock
syst
e
m
w
it
h
cr
yptogra
ph
y i
n real
i
zi
ng
t
he d
at
a in user
prot
ect
ed
f
oliage.
In
this
pap
e
r,
Sect
ion
2,
we
introdu
ce
t
he
discuss
i
on
of
relat
ed
w
ork.
Sect
ion
3
de
scribes
data
stora
ge
an
d
in
sect
ion
4,
the
detai
le
d
desc
r
ipti
on
of
the
pro
posed
al
gori
thm
fo
r
secu
re
data
stora
ge
i
n
the
cl
oud
has
bee
n
discu
ssed
.
Re
su
lt
and
A
naly
sis
sh
owe
d
in
sect
ion
5.
Finall
y,
sect
ion
6
desc
ri
bes
the
con
cl
us
io
n.
2.
RE
LATE
D
W
ORKS
Re
cent
te
chno
log
ic
al
ad
van
c
es
reli
eve
an
exp
l
os
ive
gro
wth
in
the
us
age
of
the
re
m
ote
storag
e
syst
e
m
,
nam
ely
the
cl
ou
d
-
ba
sed
st
or
a
ge
s
er
vic
es.
T
he
out
so
urce
d
data
bri
ngs
se
ver
al
c
loud
-
s
pecific
s
ecur
ity
issues li
ke
c
on
fide
ntial
it
y, int
egr
it
y an
d pr
i
va
cy
o
f
t
he data
.
Th
e
refor
e
, th
e
d
at
a sec
ur
it
y r
e
m
ai
ns
a dom
i
nating
hur
dle
to
t
he
dev
el
op
m
ent
and
wi
desprea
d
us
e
of
cl
ou
d
stora
ge.
The
use
rs
ou
ts
ou
rce
their
data
on
rem
ote
serv
e
rs,
wh
ic
h
are
co
ntro
ll
ed
and
m
anag
ed
by
Cl
ou
d
Ser
vice
Prov
i
der
s
(CSPs).
H
owever
to
pro
vide
dat
a
intende
d
t
o
be
kep
t
sec
ret
in
m
ulti
-
te
nan
t
e
nv
i
ronm
ents
be
com
es
ver
y
chall
eng
i
ng.
E
nc
ryptin
g
data
at
the
cl
ie
nt
side
is
a
go
od
al
t
ern
a
ti
ve
to
m
it
igate
su
c
h
ap
proa
che
s
of
data
c
onfide
ntial
it
y
[7,
8].
T
he
use
r
is
pr
ese
r
ving
the
decr
y
pting
key
s
out
of
reac
h
of
t
he
cl
ou
d
pr
ov
i
der.
H
owev
er,
this
m
et
ho
d
giv
es
rise
to
s
ever
a
l
key
m
anag
e
m
ent
co
ncerns,
su
ch
as
st
ori
ng
a
nd
m
ai
ntaining
the
ke
ys
'
a
vaila
bilit
y
at
the
cl
ie
n
t
side
.
The
as
pects
li
ke
ease
of
us
e,
e
ase
of
de
pl
oym
ent,
fle
xib
il
it
y,
rob
us
tnes
s
an
d
perform
ance
need
to
c
onsid
er
f
or
def
i
ning
the
so
luti
ons
f
or
integrity
an
d
confide
ntial
it
y
of
ou
ts
ource
d
data.
A
uthors
[
9]
propo
sed
a
crypto
gr
a
p
hic
schem
e
fo
r
cl
oud
sto
rag
e
,
bas
ed
on
ori
gi
nal
us
a
ge
of
ID
-
B
ased
C
rypto
gr
a
ph
y
(I
BC
)
to
e
ns
ure
the
confide
ntial
it
y
of
data.
I
n
this
plan,
e
very
cl
ie
nt
act
s
as
a
Pr
ivate
Key
Gen
e
rato
r
(PK
G)
f
or
e
ncr
y
pting
the
data
to
st
or
e
i
n
the
cl
oud
by
c
om
pu
ti
ng
a
n
I
D
-
ba
se
d
pair
of
keys
w
hich
a
ll
ow
s
data
acc
ess
to
be
m
anag
ed
by
the
data
owne
r
.
The
flexi
ble
sh
ari
ng
a
ppro
ac
h
pro
vid
e
d
by
us
in
g
a
per
data
ID
-
base
d
key
.
Ba
sed
on
a
con
te
nt
has
h
keyi
ng
m
et
hod,
a
cl
ie
nt side
de
-
du
plica
ti
on
sc
hem
e
fo
r
cl
oud
a
ppli
cat
ion
s h
as
bee
n
p
r
opos
e
d
to
im
pro
ve
the co
m
pu
ta
ti
on c
om
plexity
at the cu
stom
er s
ide [1
0].
Cl
oudaSec
[11
]
us
es
a
public
key
base
d
s
ol
ution
f
or
im
prov
i
ng
the
c
onf
identia
li
ty
of
da
ta
in
cl
oud
stora
ge
en
vir
onm
ents
and
en
han
ci
ng
dyna
m
ic
sh
aring
a
m
on
g
us
ers
.
T
o
ens
ur
e
the
c
onfi
den
ti
al
it
y
of
data,
the
data
owne
r
up
loads
the
e
ncry
pted
data
to
the
cl
oud
an
d
integ
rates
the
de
ci
ph
e
rin
g
key
encr
ypte
d
into
the
m
et
adata.
Moreo
ve
r,
Cl
ouda
Sec
inco
rpor
at
es
a
con
fe
renc
e
key
distribu
ti
on
sc
hem
e,
based
on
pa
rall
el
Diff
ie
-
Hellm
an
exc
ha
ng
e
s,
t
o
guara
ntee
backwar
ds
an
d
f
orward
secrecy
.
He
nc
e,
on
ly
a
uthori
zed
us
e
rs
ca
n
acce
ss
m
et
adata
and
de
ci
ph
e
r
the
dec
ryptin
g
data
ke
ys.
Au
th
ors
in
vestigat
ed
the v
ari
ou
s
sec
ur
it
y
fr
am
ewo
rk
s
f
or
the
m
ob
il
e
cl
ou
d
c
om
pu
ti
ng
e
nviro
nm
ent.
Du
e
to
the
res
ource
lim
it
at
io
n
of
m
ob
il
e
dev
ic
es
,
m
os
t
of
the
se
cur
it
y
fr
am
ewo
r
ks
offloa
d
proce
ssor
intensi
ve
jo
bs
on
the
cl
oud
[12].
T
o
a
ccom
plish
a
secur
e
m
ob
il
e
cl
oud
com
pu
ti
ng
e
nv
iro
nm
ent,
servi
ce
prov
i
ders
hav
e
to
a
ddres
s
the
sec
ur
it
y
threats
a
bout
t
he
netw
ork
se
cur
it
y,
data
sec
u
rity
, dat
a
co
nf
ide
ntia
li
ty
,
and
d
at
a breach
issue
s
a
nd
s
o
on.
M
or
e
over
, n
ew
sec
ur
i
ty
risk
a
rises due
to
la
ck
of
c
om
plete
isolat
ion
am
ong
virt
ual
m
a
chine
instance
s
r
unning
on
t
he
sam
e
ph
ysi
cal
ser
ver
.
Ba
s
ed
on
Attrib
ute
-
ba
se
d
sig
natu
re
(
ABS)
sc
hem
e,
auth
or
s
pro
pose
d
a
ne
w
pro
ve
nan
ce
sys
tem
with
fine
-
grai
ne
d
acce
ss
co
ntr
ol
[13].
The
use
r'
s
anonym
ity
is
gu
ara
nte
ed
by,
i
ncor
porati
ng
ABS
and
gro
up
sig
natu
re
appr
oach
es
.
T
he
us
e
r
acce
ss
is
m
ov
ed
to
th
e
cl
ou
d
se
rv
e
r
with
broa
dcast
encr
ypti
on
the
reb
y
the
com
pu
ta
ti
on
and
com
m
un
ic
at
ion
ov
e
r
hea
d
f
or
the
dat
a
owne
r
is
r
e
du
ce
d.
Th
e
se
cur
it
y
vulne
ra
bili
ti
es
li
ke
Identi
t
y
Ma
nag
em
ent
Syst
e
m
s
(I
DM
)
ser
ver
c
om
pr
om
ise
,
m
ob
il
e
dev
ic
e
com
prom
ise
,
and
traff
ic
interce
pt
ion
is
identifie
d
in
[
14
]
an
d
de
velop
e
d
an
arc
hi
te
ct
ur
e
cal
le
d
con
s
olidate
d
ID
M
(CI
DM)
for
sepa
rati
ng
t
he
auth
or
iz
at
io
n
c
red
e
ntial
s
to p
r
even
t
il
le
gal
ac
cess
in
ca
se o
f
ID
M
c
om
pr
om
ise
or
traf
fic
in
te
rcep
ti
on. I
t
a
dd
s
a
seco
nd
la
ye
r
of
aut
he
ntica
tio
n
us
in
g
hum
an
-
base
d
chall
eng
e
-
re
spo
ns
e
to
gu
ar
d
ag
ai
ns
t
m
ob
il
e
dev
ic
e
c
om
pr
om
ise
.
The
e
xp
e
rim
ents
pro
ve
that
c
om
par
ed
to
t
he
current
ID
M
s
yst
e
m
s,
CIDM
offers
it
s
cl
ie
nt
s
with
enh
a
nce
d
secu
rity
gu
ara
ntee
s
and
that
it
has
le
ss
ene
rg
y
an
d
com
m
un
ic
at
ion
overh
ea
d.
T
he
auth
or
s
inv
est
igate
an
appr
oach
to
en
su
re
tr
us
t
a
nd
pro
ven
a
nce
i
n
the
cl
ou
d
-
base
d
se
rv
ic
es
wit
h
th
e
help
of
dig
it
al
sign
at
ur
es
us
i
ng
pro
per
ti
es
or
the
at
trib
ut
es
der
iv
ed
f
r
om
their
con
str
uct
ion
a
nd
the
so
ftwa
re
be
ha
viour
.
As
se
r
vice
e
xecu
ti
on
proc
eeds,
the
ke
ys
are
ge
nerat
ed
dynam
i
c
al
ly
by
the
featu
res
obta
ined
.
A
m
ul
ti
di
m
ension
al
key
ge
ne
rati
on
ap
proac
h
is
i
ntrod
uced
w
her
ei
n
it
m
a
ps
from
m
ulti
-
dim
ension
al
fe
at
ure
sp
ace
directl
y
to
a
key
sp
ace.
An
e
ntr
opy
al
go
rithm
is
dev
el
ope
d
to
evaluate
the
entr
op
y
of
the
key
sp
ace
[
15]
.
A
ut
hors
pr
opos
e
d
m
ulti
-
factor
b
i
om
et
ric
fing
e
r
pr
i
nt
authe
ntica
ti
on
a
nd
p
r
ote
ct
ion
ga
te
way [16]
in
wh
ic
h
the
en
te
rp
rises
ca
n
protect
their
custom
er'
s
s
ensiti
ve
data
in
a
public
cl
oud
en
vir
on
m
ent.
The
a
uth
e
ntica
ti
on
c
red
e
ntial
s
of
the
us
e
rs
will
not
be
r
eveale
d
t
o
the
cl
oud
se
r
vice
pro
vid
e
r
a
nd
othe
r
m
al
ic
iou
s u
ser
s ther
e
by p
r
ovi
ding h
i
gh
se
cu
rity
f
or
th
e u
se
rs
an
d
at
ta
ins dat
a p
rivacy. T
o pr
ese
rve the privac
y
of
the
key
bit
of
in
form
at
io
n
from
ind
oor
or
outd
oor
m
al
ic
iou
s
at
ta
ck
ers,
the
a
uthor
s
i
m
ple
m
ented
data
anonym
iz
ation
and
a
dv
a
nce
d
tok
e
nizat
ion
a
p
pr
oach
es
as vi
ta
l
par
t
of
prot
ect
ion
gate
way.
In
cl
ou
d
com
pu
ti
ng
env
i
ronm
ent,
secur
it
y
nee
ds
an
ex
act
point
of
view
an
d
can
be
create
d
by
the
tr
us
t,
m
itigati
ng
prot
ect
ion
Evaluation Warning : The document was created with Spire.PDF for Python.
In
t J
Elec
&
C
om
p
En
g
IS
S
N:
20
88
-
8708
Da
t
a
st
or
age l
ock
algorit
hm
wi
th cryp
to
gra
ph
ic
tec
hn
i
que
s
(
Anith
a
K L
)
3845
towa
rd
s
a
t
ru
st
ed
thir
d
par
ty
[17].
He
re
the
auth
or
s
pro
po
sed
a
s
olu
ti
on
by
inco
r
pora
ti
ng
PKI
(
Publi
c
Key
Infr
ast
ru
ct
ur
e
),
SSO
(S
i
ng
le
-
Sig
n
-
O
n)
an
d
LDA
P
(
Lig
ht
weigh
t
Dir
ect
or
y
Access
P
ro
t
oco
l)
to
e
nsure
authe
ntica
ti
on
,
avail
abili
ty
,
integrity
and
c
on
fide
ntial
it
y
of
data
an
d
the
c
omm
un
ic
at
ion
s.
W
it
h
t
his
sol
ution,
essenti
al
trust
is
su
sta
in
e
d,
by
a
horizo
ntal
le
vel
of
ser
vic
e
w
hich
is
a
va
il
able
to
al
l
th
e
i
m
plica
te
d
entit
ie
s,
wh
ic
h real
iz
es
a secu
rity
m
esh.
In
the
c
omm
o
n
en
vir
on
m
ent
of
cl
oud
c
om
pu
ti
ng
there
is
a
dire
nee
d
f
or
inc
orp
orat
ing
cl
ie
nt
con
t
ro
ll
ed
enc
r
ypti
on
ca
pa
bili
ty
to
bri
ngin
a
s
su
re
d
data
prot
ect
ion
a
gainst
t
he
pro
bab
le
se
cur
it
y
ga
ps
e
xi
sti
ng
in
any
par
ti
c
ular
cl
ou
d
syst
em
.
I
m
ple
m
entin
g
a
cl
ie
nt
c
ontrolle
d
sec
uri
ty
strat
egy
m
ai
nl
y
le
ver
a
ges
by
ta
king
con
t
ro
l
of
the
protect
ion
of
t
he
data
cl
ie
nt
can
deposit
in
rem
ote
m
achines.
As
we
di
scusse
d
ea
rlie
r
m
os
t
su
ccess
fu
l
data
protect
ion
is
po
s
sible
th
rou
gh
data
e
ncr
yp
ti
on
te
ch
nolo
gy
.
As
the
cl
oud
syst
em
s
has
caught
strat
egic
path
s
throu
gh
w
hich
data
ha
s
to
run
bac
k
a
nd
forth
f
r
om
cen
tral
cl
ou
d
a
rea
,
it
cal
ls
fo
r
sp
eci
fic
encr
y
ption
-
de
c
ryptio
n
pro
ces
s
to
be
ge
nerat
ed
f
or
t
his
pur
po
se
.
W
e
dev
el
op
e
d
a
Data
Sto
rag
e
Loc
k
Algorithm
w
hi
ch
a
ddresses
th
is i
ssu
e a
nd s
uc
cessf
ully
r
eso
lves the
secu
rity
ch
al
le
nges.
3.
DA
T
A
ST
ORAGE
Cl
oud
stora
ge
al
lows
data
ow
ner
s
to
rem
otely
store
their
da
ta
and
acce
ss
them
via
netw
orks
at
any
tim
e
and
fro
m
anywh
e
re.
Desp
it
e
the
obvi
ous
be
nef
it
s
su
c
h
as
im
pro
ved
scal
a
bi
li
ty
and
acce
ssibil
it
y,
ou
ts
ourcin
g
da
ta
to
the
cl
ou
d
br
i
ngs
new
secur
it
y
issues
to
the
cl
ou
d
data
secur
it
y.
On
ce
the
data
gets
ou
ts
ource
d,
t
he
dat
a
owners
aband
on
the
c
on
t
ro
l
over
t
he
destiny
of
t
hei
r
data.
T
he
se
r
ver
m
ay
con
ce
al
data
loss
acci
den
ts
to
uphold
t
he
r
epu
ta
ti
on
or
re
j
ect
the
in
form
at
ion
,
w
hich
is
not
in
us
e
or
no
t
oft
en
acce
s
sed
t
o
keep
sto
ra
ge
sp
ace.
Cl
oud
as
a
new
way
to
red
uc
e
the
co
m
plexit
y
and
costs
an
d
face
it
m
uch
bette
r
in
this
econom
y.
In
the
case
of
t
ra
diti
on
al
c
om
pu
ti
ng,
set
up
re
qu
i
res
the
us
e
r
to
be
i
n
the
s
a
m
e
place
where
the
dev
ic
e,
is
locat
ed
w
her
ei
n
the
cl
ou
d
al
lo
ws
you
to
sto
re,
a
ccess
and
m
odify
your
data
f
r
om
any
locat
ion
with
your
intern
et
-
e
nab
le
d
de
vice.
The
inf
or
m
at
i
on
st
or
e
d
on
a
local
com
pu
te
r
can
be
kep
t
on
to
t
he
cl
oud
an
d
acce
ssed
f
ro
m
any
com
pu
ti
ng
dev
ic
es.
T
he
us
er
do
e
s
not
know
w
her
e
th
e
data
gets
sto
red,
how
sec
ure
the
data
will
be.
Au
th
ors
pro
pose
d
sm
art
c
l
oud
arc
hitec
tu
re
cal
le
d
S
m
a
rt
Cl
ou
d
Data
Ma
nag
er
[
18]
wh
ic
h
handles
sec
ur
it
y
issues
in
the
cl
oud.
A
uthe
ntica
ti
on
,
a
uthorizat
io
n,
data
sp
li
tt
ing
,
enc
r
ypti
on
,
data
ba
ckup,
data
acce
ss
c
ontr
ol
rig
hts
by
ver
ific
at
io
n
ne
eds
to
e
nsure
for
prov
i
ding
m
or
e
secur
it
y
for
the
data.
I
n
[
19]
,
the
auth
ors
pr
opos
e
d
arc
hitec
ture
f
or
exa
m
ining
w
heth
er
secu
rity
m
et
rics
in
a
secur
it
y
SLA
ha
s
m
et
.
More
ov
e
r,
the
se
structu
res
ne
ed
to
be
s
ecu
red.
He
nce
to
ens
ur
e
the
sa
f
et
y
of
the
data
,
en
d
us
e
rs
w
ho
are
acce
ssing
the
cl
oud
ser
vices
hav
e
t
o
a
naly
ze
their
data
ho
w
se
ns
it
ive
it
is
an
d
ho
w
m
uch
sec
ur
it
y
it
needs.
Ther
e
f
or
e
it
is
necessa
ry
to
us
e
e
ncr
ypti
on
sta
nd
a
rds
to
s
ecur
e
our
ver
y
se
ns
it
ive
data
befor
e
outso
urci
ng
to clo
ud.
Cl
oud
com
pu
t
ing
is
ra
pid
ly
beco
m
ing
a
m
ai
ns
ta
y
in
t
od
ay
'
s
dig
it
al
world
beca
us
e
of
it
s
gr
eat
er
flexibili
ty
,
ease
of
acce
ss
,
and
ca
pacit
y
com
par
ed
to
tradit
ion
al
st
orage
a
nd
data
sh
ari
ng
m
eth
ods
.
Be
fore
putt
ing
data
onto
t
he
public
cl
oud,
the
cl
oud
us
e
r
sho
uld
e
nsur
e
the
ty
pe
of
data
or
ap
plica
ti
on
(whethe
r
it
is
sensiti
ve
or
no
t
),
sec
uri
ty
env
i
ronm
ent
pro
vid
e
d
for
da
ta
stora
ge
a
nd
the
ser
vice
-
le
vel
agr
eem
ent.
Th
eref
or
e
,
seve
ra
l
safety
m
easur
es
ha
ve
to
be
set
up
,
t
o
sur
viv
e
with
the
new
ly
-
visible
cl
oud
con
ce
r
ns
,
nam
el
y
ou
ts
ourcin
g
e
ncr
y
pted
da
ta
and
pe
rio
dic
al
ly
check
i
ng
d
at
a
i
nteg
r
it
y
and
a
vaila
bili
ty
.
Fo
r
e
xam
ple,
storing
e
ncr
y
pt
ed
data
yi
el
ds
to
be
a
c
um
ber
so
m
e
key
m
anag
em
ent
and
acce
s
s
c
on
t
ro
l,
and
re
gu
la
rly
check
i
ng
m
ass
ive
am
ou
nts
of
data
ti
ghte
ns
the
ba
ndwi
dth
co
nsum
ption.
So
m
e
crypto
gr
a
phic
te
chn
iq
ues
ne
eded
for
e
ns
uri
ng
secu
rity
and
pr
i
vacy
in
cl
ouds.
W
e
can
us
e
e
nc
r
ypti
on
te
ch
niques
f
or
protect
ing data
in
m
ulti
te
nan
t env
i
ronm
ents as w
e
don'
t ha
ve
full
contro
l
.
4.
PROP
OSE
D MO
DEL
(
D
A
TA
S
TOR
AGE LOC
K AL
G
ORIT
HM)
Let
us
ass
ume
that
there
are
n
data
ce
nters;
dc
1,
dc
2,
…
…,
dcn
a
nd
sto
rag
e
s
pa
ce
as
ss1
,
ss2
,
……,s
sn.
The
us
e
r
acce
ssing
the
cl
ou
d
ser
vice
has
to
reg
ist
er
the
cl
ou
d
wit
h
sign
at
ur
e
in
for
m
at
ion
.
The dat
a cla
ssi
fies into
tw
o: c
onfide
ntial
d
at
a (c
d)
a
nd
non
-
confide
ntial
d
a
ta
(
nd)
.
In
it
ia
li
zat
ion
−
Data Ce
nt
er:
dc
−
Stor
a
ge Space:
ss
−
Pr
ivate
Key:
P
k.
−
Secu
reK
ey
: s
K
EY
−
Inp
ut d
at
a:
data.
−
Confide
ntial
dat
a:
cd
−
Ci
ph
er
Te
xt: C1,
C
2
−
Crypto
gr
a
phic
has
h
f
unct
ion
:
Hs ()
−
Transp
or
t
Lay
er S
ec
ur
it
y:
TL
S
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2088
-
8708
In
t J
Elec
&
C
om
p
En
g,
V
ol.
9
, N
o.
5
,
Oct
ober
201
9
:
3
8
4
3
-
3
8
4
9
3846
Steps
1.
Use
r: in
pu
ts
sign
at
ur
e i
nfo.
2.
Key
Gen
e
rat
or
:
Pass=
nu
m
eric (s
i
gn
at
ur
e i
nfo)
−
Pk
=
Hs (
pass, r
andom
(
))
−
return
(Pk)
to u
ser
−
store (P
k) to C
SP.
3.
Use
r: L
ogin
(
P
k)
if (
a
uth
e
ntica
te
d)
Bi
ll
ing f
or sto
rag
e
sp
ac
e
el
se
go to
ste
p 1.
4.
CS
P: sto
re(P
k,
dci,
ssi)
wh
ere i=1
,2,….
,n.
5:
Us
er: if
(data
==c
d)
{
a
)
C
1=E
ncry
ptAES (
data,
KA
E
S)
b) s
KEY
=
Enc
rypt
RSA(K
AES
, R
SA
pu
b)
c
)
C
2=
HMAC(Mes
sa
ge)
+C
1
}
el
se
c=encry
pt (dat
a)
us
in
g
TL
S i
n
se
rv
e
r
si
de.
6.
Cl
oud St
or
a
ge: Sto
re e
ncr
y
pted data
.
7.
For
dow
nlo
a
ding
the
d
at
a
, t
he user
h
a
s to
be
a
uth
e
ntica
te
d usin
g
t
he pri
vate k
ey
Pk.
If authe
ntica
ti
on is
su
ccess
fu
l,
the
us
er
g
et
s
en
c
rypted dat
a.
8.
The
u
se
r
ca
n use
sK
E
Y an
d dec
ryptio
n
al
gorithm
s to
ret
rieve the
origi
na
l data.
a)
KA
E
S =
De
cryptR
SA(s
KE
Y,
RS
A
pr
i)
b)
data =
D
ec
r
yptAES
(
C
1,
K
AES)
Figure
1
sho
ws
the
sec
ure
data
stora
ge
an
d
F
igure
2
s
hows
the
c
onsu
m
er
a
ccessi
ng
cl
ou
d
serv
ic
es
to
dow
nlo
a
d
data.
Th
e author
s [
20]
p
r
opos
e
d
a w
ork
flo
w
of th
e u
ser
acce
ssi
ng the cloud
se
r
vices for
secu
r
e d
at
a
stora
ge
by
us
i
ng
the
pr
i
vate
key.
Her
e
we
us
e
our
pr
opos
e
d
"Data
Stor
a
ge
Lo
ck
A
lgorit
hm
"
to
pr
ovid
e
secur
it
y
f
or
th
e
co
nf
i
den
ti
al
data.
In
D
SLA,
the
us
e
r
has
t
o
in
put
sig
natu
re
in
form
at
ion
.
The
key
ge
ne
rato
r
gen
e
rates
a
pri
vate
key
by
usi
ng
the
crypt
ogra
ph
ic
has
h
functi
on
.
The
us
ers
as
well
as
the
Cl
oud
Ser
vice
Pr
ovi
der
(C
SP
),
get
the
pr
i
va
te
key
of
the
use
r
to
pr
ov
i
de
m
or
e
secur
it
y.
The
CSP
ide
nt
ifie
s
the
us
er
by
the
pr
i
vate
key.
CSP
m
ai
ntains
a
n
in
dex
ta
ble
c
on
sist
s
of
pr
i
va
te
key,
datace
nter
id,
st
or
a
ge
sp
ace
id.
T
he
us
er
can
lo
g
into
th
e
cl
oud
by
us
i
ng
the
pri
vate
ke
y
and
can r
eq
uest
f
or
the
sto
rag
e
s
pace
by p
ay
-
as
-
you
-
go
m
od
el
.
The
CS
P
ver
ifi
es
the
pr
i
vate
key
an
d
al
lo
cat
es
the
blo
c
k
of
sp
ace
re
qu
i
red
by
the
use
r.
N
on
-
c
onfide
ntial
dat
a
sh
oul
d
be
e
ncry
pted,
by
us
i
ng
TLS
.
Ma
ny
s
tora
ge
ser
vice
pro
vid
er
s
us
e
TLS.
T
he
c
onf
identia
l
data
ne
eds
t
o
be
e
ncr
y
pted,
in
cl
ie
nt
si
de
be
fore
up
l
oa
ding
to
the
cl
oud
stora
ge.
The
refor
e
we
nee
d
t
o
create
a
secu
r
e
key
(sK
E
Y
)
f
or the
confi
den
ti
al
dat
a encr
y
ption.
Figure
1. Sec
ure data
st
or
a
ge
Figure
2. Use
r a
ccessi
ng clo
ud se
rv
ic
es
to d
ownloa
d
data
In
D
SLA,
we
i
nteg
rate
A
ES
[
3]
al
gorithm
and
RS
A
al
go
rithm
[5
]
to
pro
vid
e
m
or
e
sec
ur
it
y
f
or
our
data.
I
n
the
fi
rst
phase,
we
gen
e
rate
a
ke
y
by
encr
ypti
ng
AES
key
and
RS
A
public
key
by
us
i
ng
RS
A
al
gorithm
.
In
the
seco
nd
pha
se,
the
data
w
il
l
be
encr
ypte
d,
by
us
in
g
A
ES
al
gorithm
.
The
n
the
enc
r
ypte
d
Evaluation Warning : The document was created with Spire.PDF for Python.
In
t J
Elec
&
C
om
p
En
g
IS
S
N:
20
88
-
8708
Da
t
a
st
or
age l
ock
algorit
hm
wi
th cryp
to
gra
ph
ic
tec
hn
i
que
s
(
Anith
a
K L
)
3847
m
essage
can
be
up
l
oad
e
d
to
the
cl
oud
st
orage.
As
we
use
encr
y
ption
s
ta
nd
a
rd
t
o
enc
rypt
the
c
onfiden
ti
a
l
data,
the
data
sh
oul
d
not
be
delet
ed,
m
od
if
ie
d
or
fa
bri
cat
ed
duri
ng
sto
r
age.
O
nly
authen
ti
cat
ed
us
e
rs
can
acce
ss
the
data
stora
ge
s
pace
there
by
no
data
le
akag
e
duri
ng
sto
rag
e
.
T
he
le
gitim
at
e
us
er
can
acce
ss
t
he
data
at
any
tim
e
fr
om
any
co
m
pu
ti
ng
de
vice.
To
pro
vi
de
integrity
to
the
encr
y
pted
data,
hash
-
ba
sed
m
essa
ge
authe
ntica
ti
on
cod
e
(HMAC
) [21]
is
us
ed
to a
tt
ach
a m
essage alo
ng
with e
ncr
y
pted data
.
Fo
r
do
wn
l
oad
i
ng
t
he
data,
th
e
us
er
has
to
lo
gin
us
in
g
the
pri
vate
key
(Pk)
.
The
pri
vate
ke
y
locks
t
he
stora
ge
sp
ace
for
a
us
er
.
Th
e
CSP
check
s
the
ind
e
x
ta
ble
fo
r
P
k.
I
f
f
ound,
the
data
center
id
(
dci)
a
nd
th
e
stora
ge
sp
ace
id
(ssi),
is
ide
ntifie
d.
T
he
use
r
can
do
wn
l
oad
the
data
f
ro
m
the
data
center.
Fi
gure
5
and
Figure
6
s
how
s
the
tim
e
ta
ken
for
enc
ryptin
g
an
d
decr
y
pting
the
data
of
var
i
ou
s
siz
es
usi
ng
D
SL
A.
D
SLA
pro
vid
es
a
n
ef
f
ic
ie
nt
locking
syst
e
m
and
en
crypti
on
ap
pr
oa
ch
that
does
not
pro
duce
sig
nificant
ov
e
rh
e
ads,
as
well
as
e
ns
ure
s
data
a
vaila
bi
li
ty
and
retrie
val.
And
al
s
o
it
pr
e
ven
ts
cl
oud
pro
vi
der
s
a
ccessi
ng
the
use
rs'
or
i
gin
al
data.
5.
RESU
LT
S
AND A
N
ALYSIS
In
e
ver
y
ap
pro
ach
de
velo
ping
a
si
m
ulati
on
env
i
ronm
ent
is
ver
y
vital
inor
der
to
ver
i
fy
th
e
propose
d
al
gorithm
s
and
it
s
per
form
ance.
To
te
st
this
cl
ie
nt
con
tr
ol
le
d
encr
ypti
on
schem
e
in
cl
oud
en
vir
on
m
ent
an
exp
e
rim
ental
i
m
ple
m
entat
ion
an
d
perf
or
m
ance
eval
uati
on
of
Data
Sto
ra
ge
Loc
k
Algorith
m
is
arr
ive
d
at
us
i
ng
Ecl
ipse IDE a
nd
j
ava
.
Fi
gure
3
a
nd Fig
ure
4
sh
ows
en
c
rypti
ng and
uploa
din
g a
file
u
sin
g DSL
A
al
gorith
m
.
Figure
3. Enc
r
ypti
ng
file
u
si
ng
DS
L
A
al
gorithm
Figure
4. Data
up
l
oad
e
d usi
ng D
SL
A
al
gori
thm
Mult
il
evel
config
ur
at
io
n
of
s
ecur
e
data
m
a
nag
em
ent
and
Data
Sto
rag
e
Loc
k
Al
gorith
m
(D
SL
A)
t
o
store
c
onfide
nt
ia
l
data
that
prov
i
de
hi
gh
e
r
de
gr
ee
of
sec
ur
e
data
stora
ge
in
cl
oud
c
om
pu
ti
ng.
T
he
co
m
plex
par
a
dig
m
o
f
cl
oud per
f
or
m
ance and
us
er e
ngagem
ents of
va
r
io
us
levels
of
inter
-
nodal tra
ns
act
io
ns
, m
it
i
gation
of
data
le
ak
is
a
vital
chall
eng
e
.
T
o
e
nsu
re
im
pr
ov
e
d
s
ecur
it
y
an
d
c
onfide
ntial
le
ve
l
on
pri
vate
data,
encr
y
ption
al
gorithm
s
are
en
gag
e
d
in
a
m
ul
ti
-
le
vel
config
ur
at
io
n
bet
wee
n
the
us
e
r
en
d
and
th
e
cl
oud
c
lusters.
Confide
ntial
da
ta
can
be
st
ored
a
nd
retrie
ve
d
from
cl
ou
d
with
suffici
en
t
secur
it
y
m
anag
em
ent,
wh
ic
h
is
i
n
high
dem
and
tod
ay
f
or
e
nter
pr
ise
c
ompu
ti
ng
inte
gr
a
ti
on
.
T
he
res
pons
e
is
scal
able
with
high
-
s
pee
d
process
or
s
,
a
nd
to
est
im
a
te
t
his
res
ponse
,
s
a
m
ple
runs
we
re
do
ne,
on
lo
wer
le
vel
proc
essors.
Ta
ble
1
a
nd
T
able
2
s
hows
the
encr
y
ptio
n
and
decr
y
ption
tim
e
fo
r
the
file
siz
e
in
kilo
by
te
s
and
m
ega
byte
s.
Fig
ur
e
5
an
d
Figure
6
sho
w
s
on
e
of
the
r
esp
on
se
grap
hs
for
enc
rypti
on
a
nd
dec
ryp
ti
on
.
T
he
init
ia
l
load
gi
ven
is
10
kilob
yt
e,
an
d
it
syst
e
m
at
ic
ally
i
m
pr
ove
d
to
5
m
egab
yt
es.
T
he
respo
ns
e
i
ndic
at
es
that
th
e
tim
e
con
s
um
e
d
for
a
higher
am
ou
nt o
f
data on the d
ead
weig
ht d
a
ta
o
f
10
k
il
oby
te
s is
m
arg
inall
y s
m
a
ll
. I
t ensu
res
that ov
e
rlo
adin
g
the
data
into
hig
h
-
sec
ur
it
y
storag
e
a
nd
processin
g
will
no
t
co
nsum
e
m
uch
tim
e
aff
ect
ing
the
total
perform
ance o
f
the
j
ob e
xec
ut
ed by t
he
cl
oud p
ro
ces
sors.
It
pro
ves
t
hat
ve
ry
low
le
vel
of
ove
rh
ea
d
is
a
dd
e
d,
by
DS
L
A
a
ppro
ac
h
on
co
nf
ide
ntial
da
ta
.
Here
w
e
app
li
ed
a
ne
w
m
et
ho
d
of
dee
per
le
vel
secu
r
it
y
lock
pro
vis
ion
s
on
co
nf
i
de
ntial
data
of
bu
si
ness
e
nter
pr
ise
s
and
hi
gh
-
sec
uri
ty
insti
tuti
on
s
su
c
h
that
t
he
y
can
go
vern
the
co
nf
i
de
ntial
it
y
of
data
s
toring
a
nd
retr
ie
val.
To
reali
ze
this
appro
ac
h
w
e
us
ed
c
om
bi
nations
of
sta
nd
a
r
d
ap
pr
oac
hes
to
secu
rity
li
ke
AES
and
R
S
A
al
gorithm
s.
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2088
-
8708
In
t J
Elec
&
C
om
p
En
g,
V
ol.
9
, N
o.
5
,
Oct
ober
201
9
:
3
8
4
3
-
3
8
4
9
3848
Table
1
.
E
nc
ryption an
d dec
r
ypti
on
of
data
of f
il
e size
in
KB usi
ng
DS
L
A
File Size
(
in
kilo
bytes)
Encry
p
tio
n
(
in
m
s)
Decr
y
p
tio
n
(
in
m
s
)
10
295
15
50
295
15
100
296
16
150
296
16
200
296
16
250
296
16
300
296
16
Table
2
.
E
nc
ryption an
d dec
r
ypti
on
of
data
of f
il
e size
in
MB
u
sin
g DSL
A
File Size
(
in
m
eg
a
b
y
tes)
Encry
p
tio
n
(
in
m
s)
Decr
y
p
tio
n
(
in
m
s
)
1
296
16
2
297
16
3
297
17
4
297
17
5
298
18
Figure
5. Enc
r
ypti
on
a
nd
dec
ryptio
n of
data
of
file
siz
e (in
kilo
b
y
te
s)
Figure
6. Enc
r
ypti
on
a
nd
dec
ryptio
n of
data
of f
il
e
siz
e (in
m
egaby
te
s)
6.
CONCL
US
I
O
N
In
this
pa
pe
r,
we
presente
d
issues
in
cl
ou
d
com
pu
ti
ng
su
ch
as
sec
ur
it
y,
serv
ic
e
avai
la
bili
ty
and
authe
ntica
ti
on
.
The
spotl
igh
t
of
the
pap
e
r
is
the
introdu
ct
i
on
of
Data
Sto
rag
e
L
oc
k
Algorithm
(D
SL
A
).
This
al
gorithm
is
us
ed,
for
the
sa
fe
stora
ge
of
c
onfide
ntial
data
onto
the
cl
oud.
Her
e
we
c
heck
the
aut
hen
ti
ci
ty
of
a
us
er
who
acce
sses
the
cl
oud
stora
ge
by
us
i
ng
the
pr
i
vate
key
(Pk)
wh
ic
h
is
stor
e
d
ont
o
the
Cl
oud
S
erv
ic
e
Pr
ovi
der
.
The
pr
i
vate
key
is
us
e
d,
f
or
loc
ki
ng
t
he
st
or
a
ge
sp
ace
al
locat
e
d
to
a
us
e
r
in
any
data
ce
nte
r.
T
he
us
er
can
do
wnload
or
acce
ss
their
data
at
any
tim
e
by
usi
ng
the
pr
i
vate
key.
The
fas
t
retrieval
of
da
ta
i
s
po
s
sible
by
m
a
intai
ning
a
n
ind
e
x
ta
ble
in
the
Cl
ou
d
S
erv
ic
e
Prov
i
de
r.
It
ena
bles
a
scena
rio
i
n
wh
ic
h
confide
ntial
data
can
be
store
d
an
d
retrie
ve
d
from
the
cl
ou
d
with
suffici
ent
secur
it
y
m
anag
em
ent
with
data
encr
y
ption ap
proac
hes.
REFERE
NCE
S
[
1
]
G.
Boss
,
P.
Mall
adi,
D.
Q
uan
,
L.
L
egr
egni,H.
Hall
.
Cloud
C
omputing
,
2007
.
ww
w.i
bm
.
com/
deve
lop
erworks/
websphere
/z
on
e
s/hipods/
[
2
]
Nati
ona
l
Bure
au
Of Sta
nda
rds NIS
T.
Dat
a enc
r
y
p
t
ion
stand
a
rd
(d
e
s).
Technol
og
y
,
4
6
-
3(46):1
-
26,
19
99.
[
3
]
N
FI
PS
.
197:
A
nnounci
ng
the
a
dvanc
ed
en
cr
y
pt
ion
standa
r
d
(aes
)
Te
chnol
og
y
La
bora
tor
y
,
Nat
iona
l
Ins
ti
tu
te
o
f
Standa
rds,
2009
(
12):8
-
12,
2001
.
[
4
]
W
.
Diffie a
nd
M.
Hel
lman.
New
dire
c
ti
ons i
n
cr
yptogra
ph
y
,
1976.
[
5
]
R.
Riv
est,
A
.
Sh
amir,
and
L
.
Ad
le
m
an.
“
A
m
et
h
od
for
obt
ai
ning
digi
t
al
signat
ur
es
and
p
ub
li
c
-
k
e
y
cr
y
ptos
y
s
te
m
s.
Com
m
un,
”
ACM
,
21(2):120
-
126,
1978.
[
6
]
D.
Hanke
rson,
A.
Mene
ze
s,
and
S.
Vanstone.
“
Guide
to
El
l
ipt
i
c
Curve
Cr
y
ptogr
aph
y
,
”
Spring
er
-
Verl
ag
New
York,
Inc
.
,
Sec
auc
us,
NJ
,
US
A,
2003.
[
7
]
S.
Kam
ara
and
K.
La
u
te
r
.
“
Cr
yptogra
phi
c
c
lou
d
storage
,
”
In
P
roce
edi
ngs
o
f
th
e
14th
Inte
rnat
i
onal
Confe
r
enc
e
on
Fi
nanci
a
l
Cryp
t
ography
and
dat
a
sec
urit
y
,
F
C'
10
,
Ber
li
n
,
He
ide
lb
erg
,
Spring
er
-
Ve
rla
g
,
2010
.
[
8
]
R.
Chow,
P.
Golle,
M.
Jakobss
on,
E.
Shi
,
J.
Sta
ddon,
R.
Masuoka,
and
J.
Molin
a.
“
Control
l
ing
dat
a
in
the
c
lou
d:
outsourci
ng
co
m
put
at
ion
with
out
outsourci
ng
cont
rol
,
”
In
P
roce
edi
ngs
of
t
he
2009
ACM
workshop
on
C
loud
computi
ng
se
curit
y
,
p
age
s 85
-
90
.
ACM
,
2009.
Evaluation Warning : The document was created with Spire.PDF for Python.
In
t J
Elec
&
C
om
p
En
g
IS
S
N:
20
88
-
8708
Da
t
a
st
or
age l
ock
algorit
hm
wi
th cryp
to
gra
ph
ic
tec
hn
i
que
s
(
Anith
a
K L
)
3849
[
9
]
N.
Kaa
ni
che,
A
.
Boudguig
a,
an
d
M.
L
aur
en
t.
“
ID
base
d
cr
y
p
t
ogra
ph
y
for
cl
o
ud
data
storag
e
,
”
In
I
EE
E
Si
xth
Inte
rnational
Co
nfe
ren
c
e
on
Clo
ud
Computing, S
anta
Clara
,
CA, U
SA
,
Ju
ne
28
-
Jul
y
3,
2013,
pag
es
375
-
382,
2013.
[
1
0
]
N.
Kaa
ni
che
an
d
M.
L
aur
ent.
“
A
sec
ure
cl
i
ent
-
side
deduplic
at
i
on
sche
m
e
in
cloud
storage
env
ironments
,
”
In
6
th
Inte
rnational
Co
nfe
renc
e
on
N
e
w
Technol
ogi
es,
Mobil
i
ty
and
Se
curit
y
,
NT
MS
20
14
,
Dubai
,
Unit
e
d
Arab
Emira
te
s
,
Ma
rch
30
-
April
2,
2014
,
pag
es
1
-
7,
2014
.
[
1
1
]
N.
Kaa
nic
h
e,
M
.
La
ur
ent,
and
M.
El
Barbor
i
.
“
Clouda
sec
:
A
Novel
Public
-
k
e
y
Based
Fram
ework
to
Handle
Da
ta
Sharing
Secur
ity
in
Clouds
,
”
In
Proce
ed
ings
of
t
he
11th
Inte
rnat
ional
Conf
ere
nc
e
on
S
ec
urit
y
an
d
Cryptography
-
Vol
ume
1:
SEC
R
Y
PT,
(
ICETE
2014)
ISBN
978
-
9
89
-
758
-
045
-
1,
p
age
s 5
-
18
,
2014
.
[
1
2
]
Abdul
Nasir
Kh
an,
M.L
.
Mat
Kiah,
Sam
ee
U.
Khan,
Sajjad
A.
Mada
ni.
“
Towa
r
ds
sec
ure
m
obil
e
cl
oud
computi
ng:
A
surve
y
,
”
Futur
e
Gene
ration
Computer
Syst
em
s
,
Volum
e
2
9
Iss
ue
5,
Pa
ges
1278
-
1299.
El
sevi
er
Sci
en
ce
Publishers
B.
V
.
Am
sterda
m
,
T
he
Nethe
r
la
nds,
Th
e
Neth
erlands,
J
ul
y
2013
.
[
1
3
]
Jin
Li
,
Xiao
fen
g
Chen,
Qiong
Huang,
Dunc
an
S.
W
ong.
“
Digit
al
prove
n
anc
e
:
Ena
bli
ng
se
cur
e
dat
a
for
ensic
s
i
n
cl
oud
computing
,
”
Fut
ure
Gene
r
ati
on
Comput
er
Syste
ms
,
Volum
e
37,
Pages 259
-
266
,
Jul
y
2014
.
[
1
4
]
Iss
a
Khali
l
,
Abd
al
l
ah
Khrei
shah
,
Muham
m
ad
Aze
em.
“
Consolida
t
ed
Ide
n
ti
t
y
M
an
age
m
ent
S
y
stem
for
sec
u
re
m
obi
le
cl
oud
computing
,
”
Comput
er
N
e
t
works
,
Volum
e 65,
Pages
99
-
11
0
,
June
2014
.
[
1
5
]
Bin
Ye,
Gar
et
h
How
el
ls,
Mus
ta
f
a
Hac
iosm
an
an
d
Frank
W
ang.
“
Multi
-
dimension
al
ke
y
gen
era
t
io
n
of
ICMetrics
f
or
cl
oud
computing
,
”
Journal
o
f
Clo
ud
Computing A
dvanc
e
s,
Syst
ems and
Applicatio
ns
,
vol.
4
,
no.
19
,
2015
.
[
1
6
]
Naga
raj
u
,
S
.
&
Parthi
ban
,
“
Truste
d
fra
m
ework
for
onli
ne
banki
n
g
in
publi
c
cl
ou
d
using
m
ult
i
-
fac
tor
aut
h
ent
i
ca
t
i
on
and
priv
acy
prot
ec
t
ion
ga
te
wa
y
,
”
L. J
Cloud
Comp
,
vol
.
4
,
no
.
22
,
2015
.
[
1
7
]
Dim
it
rios
Zi
ss
is,
Dim
it
rios
L
ekk
as.
Address
ing
c
loud
computing
sec
urity
”,
Fut
ur
e
Gene
rat
ion
C
omputer
Syste
ms
Volum
e
28,
Iss
u
e
3,
Pages
5
83
-
5
92.
,
Marc
h
2012
.
[
1
8
]
Anitha
K
L
,
T
.
R
.
Gopal
akr
ishna
n
Nair
.
“
A
Sm
art
Cloud
Arch
it
e
c
ture
to
handle
S
ec
uri
t
y
Iss
ues
an
d
Vulner
abilities
in
Cloud
,
”
IEE
E
spons
ored
Inte
rnational
Conf
ere
nce
on
In
ve
n
ti
v
e
Computati
on
T
ec
hnolog
ie
s
(
ICICT)
,
Coim
bat
ore
,
Publisher:
I
EE
E
,
Volum
e
3,
pag
e
s 1
-
6.
DO
I:
10
.
1
109/INVENTIVE.
2016.
7830166
,
2016
.
[
1
9
]
SA
de
Chave
s,
C.
B.
W
estph
al
l
,
and
F.
R.
La
m
in.
“
SLA
Perspec
ti
v
e
in
Secur
ity
Ma
n
ag
ement
for
Clou
d
Com
puti
ng
,
”
6
th
Inte
rnat
ional
C
onfe
renc
e
on
Ne
tw
orking
and
Se
rvic
es
(
ICNS)
,
IEE
E
,
p
age
s 212
-
217
,
2010
.
[
2
0
]
Anitha
K
L
,
T
.
R.
Gopal
akr
ishn
an
Nair
,
“
Secur
e
Cloud
Da
ta
St
ora
ge
with
Cr
y
p
togra
phi
c
Int
erv
ent
ion
for
pre
m
i
er
ent
erp
r
ise
da
ta
”
,
Global
Journal
of
Eng
ineering
Scienc
e
and
R
ese
arche
s,
ICRTCET
-
2018
,
ISS
N:
2348
–
803
4,
Pg.No:
714
–
72
0
,
Mar
ch
2019
.
[
2
1
]
Arasu,
S.
Ez
h
il
,
B.
Gow
ri,
and
S.
Ananthi
.
"P
ri
vacy
pre
serv
ing
publi
c
audi
t
ing
i
n
cl
oud
using
HM
AC
al
gorit
hm
.
"
Inte
rnational
Jo
urnal
of Re
ce
nt
Te
chnol
ogy
and
Engi
ne
ering
(
IJ
RTE)
,
2013
.
BIOGR
AP
HI
ES OF
A
UTH
ORS
An
itha
K
.
L
.
is
a
rese
ar
ch
schol
ar
in
the
Dep
artm
ent
of
Com
put
er
Scie
n
ce
,
Bh
ar
at
hi
ar
Univer
sit
y,
Coim
bat
ore
,
Ind
ia
.
Anith
a
K
L
r
ec
e
ive
d
post
gra
duat
e
degr
ee
in
Master
of
Com
p
ute
r
Applicati
on
s
and
B.
Sc
.
d
egr
e
e
in
Com
put
er
Scie
nc
e
from
th
e
Univer
si
t
y
of
Kera
l
a.
Her
r
e
sea
rch
int
er
ests
inc
lud
e
c
loud
computing
sec
urity
,
virt
u
al
i
zation,
data
ce
nt
er
ne
tworking
and
d
istri
but
e
d
comput
ing.
T.
R.
Gopalakr
ish
nan
Nair
,
a
Fell
ow
of
Institution
of
Eng
ineers,
has
34
y
e
ar
s
of
expe
rie
n
ce
in
profe
ss
iona
l
f
ie
l
d
sprea
d
ov
er
R
ese
arc
h
,
Industr
y
and
Educ
a
ti
on
.
Curre
n
tly
,
he
i
s
the
R
ec
tor
fo
r
Raj
ar
aj
eswar
y
G
roup
of
Instit
uti
o
ns i
n
India
.
He
was
the
Aram
co
Endowed
Chai
r
i
n
Te
chnol
og
y
in
PM
Univer
sit
y
,
KS
A.
He
holds
degr
ee
s
M.T
ec
h
.
(I.
I.
Sc.
,
Indi
a)
a
nd
a
Ph.D.
in
Com
pute
r
Scie
nc
e
.
His
are
as
of
int
e
rest
inc
lud
e
Advanc
ed
ne
tworks,
Cognit
ive
S
y
st
e
m
s
and
Multi
disci
pli
n
ar
y
studie
s
inc
ludi
ng
Bra
in
and
p
h
y
sical
sy
stems
.
He
is
a
senior
m
ember
of
IEE
E,
ACM
and
few
oth
er
profe
ss
iona
l
bod
ie
s.
Evaluation Warning : The document was created with Spire.PDF for Python.