Storing of Data in the Third-Party Storage System - Paper Example

CHAPTER 1: BACKGROUND TO THE STUDY

1.1 Introduction

Cloud computing pictures the future generation computing framework, evolving from distributed computing, grid computing, utility computing, parallel computing, virtualization technology, as well as another computers technology. All those combinations of the model make cloud computing to be more favorable in the case of large scale data storage and scale computation, high expansibility, virtualization, low price service together with high reliability. The model in cloud computing operated on the grounds of the network, having the model for the users. Furthermore, these services assume the system of software, infrastructure, and application, making it accessible to the user in different locations, in a concurrent manner. Also, the services can be apportioned among the great multitude of users [1].

As defined by the U.S. National Institute of Standards and Technology (NIST), the term cloud computing refers to a model for facilitating suitable, on-demand network access to a communal combination of configurated computing elements such as the servers, networks, application, storage and services, which can be swiftly be provisioned then released with less effort of management or services provider interaction [2].

Lately, data security has emerged as a major barrier that obstructs the expansion of the cloud storage service. According to the study shown by [2,3,4] about 500 IT and CTO managers in 17 nations, revealing that regardless of the possible advantages of the cloud storage, individuals, as well as organizations, have no confidence in the existence of the cloud storage services providers, due to the fact that, the worry on the security risk related to them. Generally, the cloud system may be split into different levels on the merit of the range of cloud and the users [5,6,7,8]. The similar cloud system may attend to various types of users varying from the enterprises, customers, individuals and so on. The issue with security as well as the associated risks is dissimilar. In the cloud settings of storage, data is done in the public storage provider (PSP). The file data is kept on the hard-drive owned also operated by the provider, and hence no one else has the access to the drive provider who has the control over it and is aware of the specific location that it is saved [9]

1.2 Background

Storing of data in the third-party storage system, such as cloud may seem to be not much secure, due to the fact that the integrity and confidentiality of the data are yet to be guaranteed. A s a third party, cloud computing offers cost-effective storage services, therefore the client cannot trust the authenticity of the services in securing the data stored in the cloud [11]. For that reason, various organizations, as well as users, may not rely on the cloud until some substantial security guarantees are made [12]. At this point, the long-lasting solution to the predicament associated with the securely storing the client's data in letting it remain authentic as it was original, therefore, maintaining the integrity and confidentiality of the data within the clouds is developed. This prompts supported by [13, 14], is meant to the establishment of five protocols which ensured that the clients data are stored in a confide storage servers, simulated only on the trusted storage servers, as well as guaranteeing that owners of the data and the rest of licensed users of that data access the data securely. Also 14,15] indicates that the system is based on the trusted computing platform technology; it entails the Trusted Platform Module, recommended by the Trusted Computing Group. The essence of encrypting the users data was affected by the encrypted file system. The system prevents the system administrator in the cloud, from interfering with the data security [16].

1.3 Problem Statement

It is established that the client cannot store the unencrypted data in the cloud, due to the fact that the cloud provider will get access to the data, therefore posing the possibility of losing the confidentiality and authenticity of the data. Furthermore, malevolent cloud provider/ system administrators or users may go to an extent of making adjustments to the data making it less authentic. With regards to proposed solution for this matter and seeking the integrity and confidentiality of the data, cryptographic techniques can be applied in the process of encrypting the data.

1.4 Research questionsThis dissertation will have a critical focus on the following Research Questions:

How to enhance the authenticity of the data stored in the cloud by using the digital signature and the verification of the subsets of data.

How to promote the decentralization and robust access control plan prior to storing the information, including the process of encrypting and decrypting the data by the authentic user.

1.5 Purpose of the study

Data Security and Privacy protection matters are important in both the software and hardware with regards to the cloud architecture. Issues regarding the data security have become a major threat towards the information technology in the cloud computing environment, this case is emerging being serious especially because the site is located at the different location even in all the globe. Privacy protection and data security are the key things that the users are concerned with when it comes to cloud technology [18]

In order to enhance security and the authenticity of data within the cloud, it will include granting of the development of a Trusted Storage System for the Cloud, which is made up of a front-end server, trusted storage servers, together with a trusted third-party node (TTPN), which is sustained by the trusted party. The TTPN will evaluate the suitability of the platform for a storage server, i.e., it remotely verifies the storage server [19]. After approving to the storage server, the server is considered trusted and therefore it can be operated in the securely storing of the clients data. A client communicates with the cloud via the front-end server and the other way around.

1.6 Objectives of the study

The objective of the study will mainly be on the measures that will be taken in promoting the authenticity and the security of the data stored in the cloud and the proper means that the user will use to ensure that the data stored is only accessible by the accredited persons. Some of the security issues that the cloud is faced with are mainly insecurity which leads to the unauthenticity of the information, hence being prone to be either lost, hacked or stolen. Lack of Authenticity and insecurity of the data threatens its confidentiality and trust [20]. This study would identify how the data can be secured before being transmitted to the cloud for storage, and to prevent any unauthorized entity from accessing it and/or making changes on it. At the end of the study, we will be able to note the procedure to be followed while securing the data and the safety measures that will ensure that the data is safe and authentic while in the cloud storage.

1.7 Significance of the study

This study will be the significant endeavor in enhancing and promoting the security of the clouding computing as well as promoting its authenticity, confidently, trust and encryption. This study will also benefit the institutions, individuals in securing their data and minimizing the cases of hacking or losing of their vital information [21]. Data is considered to be the most vital business asset that requires protection, implementation of the recommendation given in this study will substantially help in losing data and information which could lead to the direct loss, like lost sales, Electronics or monetary judgment [22].

The project goal is intended to assist the data user and the cloud administrator to enhance the safety of the data storage and avoid losing it. The goal can be archived by establishing the factors that threaten data security and implement processes that will ensure safety and authenticity of the cloud computing are upgraded [23]. Within the cloud, the client's data can be encrypted by Encrypted file systems (EFS), it will include the encrypting of the user's data, create and manage keys that are used for the encryption of data and decryption. The decryption and encryption of files are transparent to the application and the user [24]. The EFS offers a suitable method to decrypt and encrypt data because decryption, encryption and data storage is automatic and it functions key 2 management and key creation functions. Encrypted files system are executed in the kernel of the operating system [25].

1.8 Rationale for the study

However, how much advantages and pros cloud data storage will have, there are challenges and risks that are involved. The foremost challenge is insecurity of data storage in the cloud services which seen as the loss of the integrity of the data stored. This research seeks to review various security issues such as confidentiality, authenticity, encryption, key management, as well as resource sharing, which will be presented alongside the efforts to mitigate such cases and resolving these threats and issues [26,27].

1.9 Delimitation of the study

CHAPTER 2: LITERATURE REVIEW IntroductionIn the current era, digital advancements have been made in order to enhance the efficiency of computer systems. To be precise, storage capacity in computer systems have been increased to the extents of terabytes for the purposes of enhancing lump sum storage of data. Despite the creation of larger storage capacities, attaining an infinite storage capacity was the key reason that led to the development of Cloud computing [28]. Various organization researched on how to attain infinite storage capacity in the computer system, however, Larry Ellison and Marc Benioff have been credited with being the personnel's who discovered cloud computing. After the development of cloud computing by these two personnel's other computer based organization chipped in so as to further enhance and maximize the utilization of cloud computing. These computers based organization included; AT&T, Amazon, Enomaly, Google, GoGrid, Microsoft, NetSuite, Rackspace, and RightScale [29.30]. The chipping in of these organizations was focused on enhancing the security of this developed infinite storage capacity in order to guarantee its user...