Framework Modeling for User Privacy in Cloud Computing
This paper develops a user privacy framework in the cloud environment. Major user privacy issues are discussed in comparison with current solutions.
8 Pages5479 Words500 Views
Added on 2023-06-03
About This Document
This paper develops a user privacy framework in the cloud environment. Major user privacy issues are discussed in comparison with current solutions. The framework model for illustrating privacy in a cloud environment is provided. Different solutions for security, privacy, and trust concerns are discussed in detail.
Framework Modeling for User Privacy in Cloud Computing
This paper develops a user privacy framework in the cloud environment. Major user privacy issues are discussed in comparison with current solutions.
Added on 2023-06-03
ShareRelated Documents
Framework modeling for User privacy in cloud computing
Abstract
Many organizations around the world recognize the
vitality of cloud computing. However, there are
some concerns that make organizations reluctant in
adopting cloud computing. These include data
security, privacy, and trust issues. It is very
important that these issues are addressed to meet
client concerns and encourage the wider adoption of
cloud computing. This paper develops a user privacy
framework in the cloud environment. Major user
privacy issues are discussed in comparison with
current solutions.
I. INTRODUCTION
Cloud Computing is a modern architecture in which
resources are shared on the Internet in external physical
locations rather than on local servers. This new paradigm
has resulted in a major change in Information Technology
(IT) [1]. Moreover, it impacts positively on IT by delivering
cloud software and services [2]. However, one main
limitation of cloud computing is privacy. Privacy is a major
issue in cloud computing from both legal and user
perspective.
When organizations move their important data to the cloud,
they need high security and privacy measures to protect
their information. Privacy entails the protection and
appropriate use of user’s information [3]. To ensure privacy
in Cloud environments, clearly, state user requirement,
ensure accountability on data usage, specify limitations of
data collection and data usage, control the data visibility
and ensure data integrity and transparency [2].
In recent years, different techniques have been introduced
to store sensitive data. One way is to upload data into the
cloud. However, users have concerns about the privacy of
their sensitive data. Besides that, users have less control of
their data.
Privacy issues become more challenging in Cloud
Computing because cloud providers are authorized to
access all or some of the data. Also, the huge number of
users in cloud computing increase possibilities of data
breaches and thus privacy issues.
Cloud providers are required to ensure that users’ data
are protected properly. Some data protection techniques
include data segmentation, encryption, processing
encrypted data, obfuscation, sticky policy, trusted platform
module, and trusted third party mediator [3]. The
approaches include data-centric, user-centric, and hybrid
techniques [4].
A. Research Problem
Privacy is an important right for everyone in the
world. In IT privacy means secure and protect user
information. However, the rapid growth of IT and
computers bring about the challenge of data
protection. Most websites have their own legislation,
policies, and standards to manage the users’
information, and reach the users’ trust. Cloud
Computing should prioritize privacy because it hosts
confidential and sensitive information such as
financial, health, and governmental data.
II. PRIVACY CHALLENGES IN CLOUD
ENVIRONMENTS
Cloud computing is a modern technique of
computing in which resources are shared on the
Internet rather than on local servers. In other words,
it is storing and retrieving data using special
programs on the Internet instead of local computer
hard drives. The term cloud computing refers to
Internet-based computing in which different servers,
storage, and applications are used to deliver data and
reports anywhere anytime without having their own
system.
This section presents a summary of the main cloud
computing issues regarding security and privacy.
A. Loss of control
Loss of control is one of the main problems facing
cloud-computing. Cloud users fear losing control of
their data once they upload data to the cloud.
Universally, cloud systems are available to the
public. Also, the cloud provider owns the software,
hardware and the networks [5] that host the user
data. Every cloud user relies on the conventional
operations and technical standards without
considering the content of the information stored.
This makes cloud users worry about their data
getting lost or even being breached considering
1
Abstract
Many organizations around the world recognize the
vitality of cloud computing. However, there are
some concerns that make organizations reluctant in
adopting cloud computing. These include data
security, privacy, and trust issues. It is very
important that these issues are addressed to meet
client concerns and encourage the wider adoption of
cloud computing. This paper develops a user privacy
framework in the cloud environment. Major user
privacy issues are discussed in comparison with
current solutions.
I. INTRODUCTION
Cloud Computing is a modern architecture in which
resources are shared on the Internet in external physical
locations rather than on local servers. This new paradigm
has resulted in a major change in Information Technology
(IT) [1]. Moreover, it impacts positively on IT by delivering
cloud software and services [2]. However, one main
limitation of cloud computing is privacy. Privacy is a major
issue in cloud computing from both legal and user
perspective.
When organizations move their important data to the cloud,
they need high security and privacy measures to protect
their information. Privacy entails the protection and
appropriate use of user’s information [3]. To ensure privacy
in Cloud environments, clearly, state user requirement,
ensure accountability on data usage, specify limitations of
data collection and data usage, control the data visibility
and ensure data integrity and transparency [2].
In recent years, different techniques have been introduced
to store sensitive data. One way is to upload data into the
cloud. However, users have concerns about the privacy of
their sensitive data. Besides that, users have less control of
their data.
Privacy issues become more challenging in Cloud
Computing because cloud providers are authorized to
access all or some of the data. Also, the huge number of
users in cloud computing increase possibilities of data
breaches and thus privacy issues.
Cloud providers are required to ensure that users’ data
are protected properly. Some data protection techniques
include data segmentation, encryption, processing
encrypted data, obfuscation, sticky policy, trusted platform
module, and trusted third party mediator [3]. The
approaches include data-centric, user-centric, and hybrid
techniques [4].
A. Research Problem
Privacy is an important right for everyone in the
world. In IT privacy means secure and protect user
information. However, the rapid growth of IT and
computers bring about the challenge of data
protection. Most websites have their own legislation,
policies, and standards to manage the users’
information, and reach the users’ trust. Cloud
Computing should prioritize privacy because it hosts
confidential and sensitive information such as
financial, health, and governmental data.
II. PRIVACY CHALLENGES IN CLOUD
ENVIRONMENTS
Cloud computing is a modern technique of
computing in which resources are shared on the
Internet rather than on local servers. In other words,
it is storing and retrieving data using special
programs on the Internet instead of local computer
hard drives. The term cloud computing refers to
Internet-based computing in which different servers,
storage, and applications are used to deliver data and
reports anywhere anytime without having their own
system.
This section presents a summary of the main cloud
computing issues regarding security and privacy.
A. Loss of control
Loss of control is one of the main problems facing
cloud-computing. Cloud users fear losing control of
their data once they upload data to the cloud.
Universally, cloud systems are available to the
public. Also, the cloud provider owns the software,
hardware and the networks [5] that host the user
data. Every cloud user relies on the conventional
operations and technical standards without
considering the content of the information stored.
This makes cloud users worry about their data
getting lost or even being breached considering
1
cloud services operate on a multi-tenancy basis. [5].
B. Lack of Transparency
Cloud computing suffers from a lack of transparency
in different ways reducing the credibility of
information stored. Cloud providers are unlikely to
share information concerning the methodologies,
processes, controls, and operations affecting the
cloud environment [6]. The willingness to share and
disclose secured information such as trade secrets is
a big issue facing this technology. There are laid
security principles which single out the types of
information that should be disclosed as well as those
that remain restricted [6]. Accessibility of data that
is has been archived is a major security problem that
takes longer than expected. A majority of times the
cloud user is not aware that accessing archived data
is a complex process signifying a lack of
transparency. The cloud provider is forced to engage
in negotiations with the user in order to find
common ground concerning the security of data
being stored. The levels of engagement are usually
elongated by mistrust between the two parties [6].
C. Multi-tenancy
Multi-tenancy architecture is an arrangement where
a single instance of a cloud service or application is
used for serving multiple consumers. Each of these
consumers is known as a tenant [6]. The tenants may
have permissions to modify the GUI and parts of
business rules for the applications, but cannot
customize or modify the core parts and code of the
application. Multi-tenancy is implemented by using
virtualization and remote access technologies [6].
Usually, the SaaS or Software-as-a-Service model is
used for delivering multi-tenancy architecture based
cloud services.
D. Virtualization
Refers to allowing large mainframes to be shared
amongst different applications within an
environment. Cloud computing has employed
virtualization at all levels to enhance security, reduce
costs as well as increase availability and reliability
[7]. Attacks on hypervisors are a reality since they
contain vulnerabilities making them prone to
exploitation by hackers. It is possible for Virtual
machine (VM) hijacking to happen which translates
to tricking the hypervisor to overwrite its memory
resulting to total exploitation. VM hopping is an
attack that allows for compromising of the VMs
projections and separations giving way for accessing
the hypervisors, other VMs, and the main computer.
VM Escape is another problem where an attacker
interacts with the hypervisor directly, after running
some codes that assist in breaking into the operating
system [7]. VM mobility takes place when an
attacker moves a VM between hosts physically.
E. Management
The management of cloud platform and a multi-
tenant architecture depends on various factors. The
basic factors are the type of cloud deployment model
and the SLA. If the deployment model is the public
cloud, then the service vendor will be responsible for
the management of the major parts of the application
[5].
The consumers may have limited capability to make
modifications. On the other hand, if the cloud
deployment model is private cloud, then the
enterprise can hire internal staff for the management
of the application
III. SOLUTIONS OF PRIVACY IN CLOUD
ENVIRONMENTS
A. Encryption Solution
Organizations using cloud computing and cloud data
systems need to protect their data more than the
organizations’ infrastructure [8]. Cloud data
encryption reduces the vulnerability of cloud data by
using encryption algorithms which match the degree
of sensitivity of cloud-stored data. Cloud data
encryption prevents unauthorized users from
accessing certain information from the cloud. Third-
party users can access classified information from
reliable sources [10]. Third party users are privileged
to enjoy interfaces that provide real-time delivery of
secured data [3].
B. Access Control Solution
Access control systems are a security solution to
user authentication in cloud computing [10]. For the
service provider, access control systems help in
providing data that has been verified to be of a given
clearance level [9]. Access control has enabled the
prevention of data theft. Only authorized persons
have the ability to transfer and provide data. This
helps companies and organizations to ensure that
qualified and authorized people have access to
classified data [9].
C. Third Party Audit
2
B. Lack of Transparency
Cloud computing suffers from a lack of transparency
in different ways reducing the credibility of
information stored. Cloud providers are unlikely to
share information concerning the methodologies,
processes, controls, and operations affecting the
cloud environment [6]. The willingness to share and
disclose secured information such as trade secrets is
a big issue facing this technology. There are laid
security principles which single out the types of
information that should be disclosed as well as those
that remain restricted [6]. Accessibility of data that
is has been archived is a major security problem that
takes longer than expected. A majority of times the
cloud user is not aware that accessing archived data
is a complex process signifying a lack of
transparency. The cloud provider is forced to engage
in negotiations with the user in order to find
common ground concerning the security of data
being stored. The levels of engagement are usually
elongated by mistrust between the two parties [6].
C. Multi-tenancy
Multi-tenancy architecture is an arrangement where
a single instance of a cloud service or application is
used for serving multiple consumers. Each of these
consumers is known as a tenant [6]. The tenants may
have permissions to modify the GUI and parts of
business rules for the applications, but cannot
customize or modify the core parts and code of the
application. Multi-tenancy is implemented by using
virtualization and remote access technologies [6].
Usually, the SaaS or Software-as-a-Service model is
used for delivering multi-tenancy architecture based
cloud services.
D. Virtualization
Refers to allowing large mainframes to be shared
amongst different applications within an
environment. Cloud computing has employed
virtualization at all levels to enhance security, reduce
costs as well as increase availability and reliability
[7]. Attacks on hypervisors are a reality since they
contain vulnerabilities making them prone to
exploitation by hackers. It is possible for Virtual
machine (VM) hijacking to happen which translates
to tricking the hypervisor to overwrite its memory
resulting to total exploitation. VM hopping is an
attack that allows for compromising of the VMs
projections and separations giving way for accessing
the hypervisors, other VMs, and the main computer.
VM Escape is another problem where an attacker
interacts with the hypervisor directly, after running
some codes that assist in breaking into the operating
system [7]. VM mobility takes place when an
attacker moves a VM between hosts physically.
E. Management
The management of cloud platform and a multi-
tenant architecture depends on various factors. The
basic factors are the type of cloud deployment model
and the SLA. If the deployment model is the public
cloud, then the service vendor will be responsible for
the management of the major parts of the application
[5].
The consumers may have limited capability to make
modifications. On the other hand, if the cloud
deployment model is private cloud, then the
enterprise can hire internal staff for the management
of the application
III. SOLUTIONS OF PRIVACY IN CLOUD
ENVIRONMENTS
A. Encryption Solution
Organizations using cloud computing and cloud data
systems need to protect their data more than the
organizations’ infrastructure [8]. Cloud data
encryption reduces the vulnerability of cloud data by
using encryption algorithms which match the degree
of sensitivity of cloud-stored data. Cloud data
encryption prevents unauthorized users from
accessing certain information from the cloud. Third-
party users can access classified information from
reliable sources [10]. Third party users are privileged
to enjoy interfaces that provide real-time delivery of
secured data [3].
B. Access Control Solution
Access control systems are a security solution to
user authentication in cloud computing [10]. For the
service provider, access control systems help in
providing data that has been verified to be of a given
clearance level [9]. Access control has enabled the
prevention of data theft. Only authorized persons
have the ability to transfer and provide data. This
helps companies and organizations to ensure that
qualified and authorized people have access to
classified data [9].
C. Third Party Audit
2
Third party audit (TPA) has the capability of
maintaining and ensuring the integrity of data [11].
TPA is capable of monitoring data and information
stored in a cloud where users have to give a
signature before changing or adding any new
information [9]. TPA utilizes encryption systems
that are supported by hardware that is effective in
ensuring the integrity of data [11].
IV. SECURITY, PRIVACY AND TRUST
SOLUTIONS IN CLOUD ENVIRONMENTS
One of the main solutions for security, privacy and
trust concerns is the proper management of cloud
environments. In this section, we survey the
management of security, privacy and trust issues in
cloud environments. We also compare and contrast
these three issues in term of the following criteria:
Encryption, Access Control, Third Party Audit, and
Cloud Administration. We summarized the results of
our literature survey in Table 1.
Examples of encryption algorithms that address the
issue of security in cloud environments include
Rivest-Shamir- Adleman (RSA) [12] and Advanced
Encryption Standard (AES) [14]. The RSA
algorithm is an asymmetric cryptography algorithm
that uses public and private keys that are
mathematically linked. AES is a symmetric
encryption algorithm that is fast to encrypt and
decrypt messages. A cloud environment would use
the RSA to exchange keys securely and use AES to
encrypt and decrypt the actual message. Both
methods are used in the cloud even though they
serve different purposes.
Encryption is also used to address the privacy issue
in the cloud. For example, the Data Encryption
Standard (DES) [15], and PCM [16] address the
privacy issue in cloud environments. The DES
assumes that both the sender and receiver know the
private keys. Thus, makes it less secure than AES.
TABLE I: Security and Privacy Challenges vs.
Solutions [9]
Encryption is also used in literature to address the
problem of Trust in Cloud Environments. Diffie
Hellman (DH) [17] represents security methods to
secure malicious attacks on the cloud. This is
completely avoided by DH key exchange algorithm.
Beside this, DH protocol is useful when the number
of users on the cloud is very large and key
management is very difficult.
Access Control gives users limited authorization to
connection network, data, and system files. Also, it
manages who or what can use resources in the
cloud- computing environment. Access control could
be used to solve the security issues in cloud
computing by more than two schemes such as Role-
based access control (RBAC) [18], and
Discretionary Access Control (DAC) [19]. These
methods give the ability to the individual user to
access cloud computing and perform a specific task
like create, view or modify a file. Mandatory Access
Control (MAC) [20] is used in multi-level security
systems where the administrator of the system
decides the access permissions. In Ciphertext-Policy
Attribute-Based Encryption (CP-ABE) [21] a user’s
private key is associated with a set of attributes and a
certain cipher text specifies an access control policy
for defined metrics within the managed system.
Third party audit uses multiple methods to address
all the management problem in cloud computing. In
the security area, we can use a Holomorphic linear
authenticator (HLA) [21]. By using HLA the TPA
will not know any information about data stored in
cloud during the auditing process.
Hashed Message Authentication Codes (HMAC)
[18] is a third party audit method to solve privacy
issues in cloud computing using a private key. Users
have to make a unique HMAC in their request.
Table I summarizes the different privacy problems
and their available solutions in the cloud. As we
notice from the table, the Encryption solution can be
applied to solve the problem of Loss of Control,
Multi-tenancy, Visualization, and Management
privacy problems. Similarly, we notice that the
Access control solution could be used to address the
issue of Loss of Control, Multi-tenancy,
Virtualization, and Management problems. Also, the
Third Party Audit solution could be used to address
the problem of Loss of Control, Lack of
Transparency, Multi-tenancy, Virtualization, and
Management problems. The Isolation solution could
be used to handle the Multi-tenancy and
Virtualization cloud privacy issues.
3
maintaining and ensuring the integrity of data [11].
TPA is capable of monitoring data and information
stored in a cloud where users have to give a
signature before changing or adding any new
information [9]. TPA utilizes encryption systems
that are supported by hardware that is effective in
ensuring the integrity of data [11].
IV. SECURITY, PRIVACY AND TRUST
SOLUTIONS IN CLOUD ENVIRONMENTS
One of the main solutions for security, privacy and
trust concerns is the proper management of cloud
environments. In this section, we survey the
management of security, privacy and trust issues in
cloud environments. We also compare and contrast
these three issues in term of the following criteria:
Encryption, Access Control, Third Party Audit, and
Cloud Administration. We summarized the results of
our literature survey in Table 1.
Examples of encryption algorithms that address the
issue of security in cloud environments include
Rivest-Shamir- Adleman (RSA) [12] and Advanced
Encryption Standard (AES) [14]. The RSA
algorithm is an asymmetric cryptography algorithm
that uses public and private keys that are
mathematically linked. AES is a symmetric
encryption algorithm that is fast to encrypt and
decrypt messages. A cloud environment would use
the RSA to exchange keys securely and use AES to
encrypt and decrypt the actual message. Both
methods are used in the cloud even though they
serve different purposes.
Encryption is also used to address the privacy issue
in the cloud. For example, the Data Encryption
Standard (DES) [15], and PCM [16] address the
privacy issue in cloud environments. The DES
assumes that both the sender and receiver know the
private keys. Thus, makes it less secure than AES.
TABLE I: Security and Privacy Challenges vs.
Solutions [9]
Encryption is also used in literature to address the
problem of Trust in Cloud Environments. Diffie
Hellman (DH) [17] represents security methods to
secure malicious attacks on the cloud. This is
completely avoided by DH key exchange algorithm.
Beside this, DH protocol is useful when the number
of users on the cloud is very large and key
management is very difficult.
Access Control gives users limited authorization to
connection network, data, and system files. Also, it
manages who or what can use resources in the
cloud- computing environment. Access control could
be used to solve the security issues in cloud
computing by more than two schemes such as Role-
based access control (RBAC) [18], and
Discretionary Access Control (DAC) [19]. These
methods give the ability to the individual user to
access cloud computing and perform a specific task
like create, view or modify a file. Mandatory Access
Control (MAC) [20] is used in multi-level security
systems where the administrator of the system
decides the access permissions. In Ciphertext-Policy
Attribute-Based Encryption (CP-ABE) [21] a user’s
private key is associated with a set of attributes and a
certain cipher text specifies an access control policy
for defined metrics within the managed system.
Third party audit uses multiple methods to address
all the management problem in cloud computing. In
the security area, we can use a Holomorphic linear
authenticator (HLA) [21]. By using HLA the TPA
will not know any information about data stored in
cloud during the auditing process.
Hashed Message Authentication Codes (HMAC)
[18] is a third party audit method to solve privacy
issues in cloud computing using a private key. Users
have to make a unique HMAC in their request.
Table I summarizes the different privacy problems
and their available solutions in the cloud. As we
notice from the table, the Encryption solution can be
applied to solve the problem of Loss of Control,
Multi-tenancy, Visualization, and Management
privacy problems. Similarly, we notice that the
Access control solution could be used to address the
issue of Loss of Control, Multi-tenancy,
Virtualization, and Management problems. Also, the
Third Party Audit solution could be used to address
the problem of Loss of Control, Lack of
Transparency, Multi-tenancy, Virtualization, and
Management problems. The Isolation solution could
be used to handle the Multi-tenancy and
Virtualization cloud privacy issues.
3
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Secure and Efficient Search Techniques in Cloud Computinglg...
|7
|1912
|79
CLOUD COMPUTING SECURITY AND PRIVACY.lg...
|13
|446
|329
SECURE SEARCHABLE ENCRYPTION SECURE SEARCHABLE ENCRYPTION Namelg...
|5
|1158
|61
Cloud Computing Issues Assignmentlg...
|10
|2234
|41
Cloud Computing and its Securitylg...
|6
|1303
|492
Cloud Computing Report Executive Summary: Sensitive Approach to Data Mining Techniqueslg...
|10
|1947
|418