DOCSLIB.ORG

A Dynamic Cloud with Data Privacy Preservation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Dynamic Cloud with Data Privacy Preservation A Dynamic Cloud with Data Privacy Preservation by Mehdi Bahrami A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Electrical Engineering and Computer Science in the Graduate Division of the University of California, Merced Committee in charge: Professor Mukesh Singhal, Chair Professor Florin Rusu Professor Dong Li 1Professor Hamid R. Arabnia 1(External Committee Member, University of Georgia) Fall 2016 A Dynamic Cloud with Data Privacy Preservation Copyright 2017 by Mehdi Bahrami The Dissertation of Mehdi Bahrami is approved, and it is acceptable in quality and form for publication on microfilm and electronically: Professor Mukesh Singhal ______________________________________________________________________________ Professor Dong Li ____________________________________________________________________________ Professor Florin Rusu ______________________________________________________________________________ Professor Hamid R. Arabnia (University of Georgia) ______________________________________________________________________________ ______________________________________________________________________________ Co-Chair (if applicable) Professor Mukesh Singhal ______________________________________________________________________________ Chair University of California, Merced 2016 i Abstract A Dynamic Cloud with Data Privacy Preservation by Mehdi Bahrami Doctor of Philosophy in Electrical Engineering and Computer Science University of California, Merced Professor Mukesh Singhal The emerging field of Cloud Computing provides elastic on-demand services over the Internet or over a network. According to the International Data Corporation (IDC), cloud computing has two major issues: i) architecture issues, such as a lack of standardization, a lack of customization; and ii) users’ data privacy. In this study we focus on these issues. We are facing an increasing demand for migration of varieties of traditional databases and computation services to cloud computing environments, i.e., database-as-a-service. Although each service offers a new feature, it escalates standardization and customization issues due to the lack of standardization between cloud vendors and service customization because each cloud-based service has its own features, requirements and outputs. In the first part of this study, we propose a cloud architecture based on a Service-Oriented Architecture (DCCSOA) that enhances our ability to do standardization and customization in the cloud. The proposed architecture uses a single layer, which is called Dynamic Template Service Layer (DTSL), that provides the following operations and advantages: i) enables a single service layer to interact with all native cloud services (e.g., IaaS, PaaS, SaaS and any cloud-based services); ii) provides a standardization for existing services and future services in the cloud; iii) customizes native cloud services based on users’ group requests. The second part of this study focuses on users’ data privacy preservation on the proposed architecture. Users’ data privacy can be violated by the cloud vendor, the vendor’s authorized users, other cloud users, unauthorized users, or external malicious entities. Encryption of data on client side is one of the solutions to preserve data privacy in the cloud; however, encryption methods are complex and expensive for mobile devices to encrypt and decrypt each file, such as smart phones. We propose a novel light-weight data privacy method (DPM) by using a chaos system for mobile cloud users to store data on multiple clouds. The proposed method enables mobile users to store data in the clouds while it preserves users’ data privacy. ii We consider different technologies to deploy our proposed data privacy preservation method on DCCSOA, including the mobile devices, the Internet-of-things (IoT), and Graphic Processing Unit (GPU)-based computing. We also consider different use case scenarios for the proof of concept, including data privacy preservation for users’ photos in smart phones, sensitive electronic health records protection in the cloud, and data privacy preservation for cloud-based databases. We evaluate both the proposed dynamic architecture and the proposed data privacy preservation method. Our experimental results show that on the one hand DCCSOA enhances standardization by offering a flexible cloud architecture and minimizing the modification on the native cloud services; on the other hand, DPM achieves a superior performance over regular encryption methods in regard to computation time. iii To my Mother, Sisters, Brother, and Yuliya for their endless love, invaluable support, motivation and encouragement In Memory of My Father who was a great and kind teacher, and an invaluable supportive person and who always encouraged me to study, to teach and to complete this work This work would not have been possible without all your support. iv Contents A Dynamic Cloud with Data Privacy Preservation ....................................................................... i Abstract ................................................................................................................................................ i Contents ............................................................................................................................................. iv List of Figures .................................................................................................................................... x List of Tables .................................................................................................................................... xii List of Algorithms ......................................................................................................................... xiii List of Codes ....................................................................................................................................xiv Acknowledgements ........................................................................................................................ xv Organization of this thesis and contributions ............................................................................. 1 Chapter 1 ..................................................................................................................................... 3 Introduction ........................................................................................................................................ 3 Introduction ............................................................................................................................ 3 Big Data Definition ................................................................................................................ 5 Opportunities and Challenges ............................................................................................. 6 Storage Issues ........................................................................................................................ 7 Computing Issues .................................................................................................................. 8 Transfer Issues .................................................................................................................. 8 Cloud Computing .................................................................................................................. 8 On-demand Elastic Service ................................................................................................... 9 Resource pooling................................................................................................................... 9 Service Accessibility ......................................................................................................... 9 Measured Service ............................................................................................................ 10 1.4.2 Cloud Architecture .......................................................................................................... 10 The Role of Infrastructure-as-a-Service (IaaS) ................................................................... 11 The Role of Platform-as-a-Service (PaaS) .......................................................................... 12 The Role of Software-as-a-Service (SaaS) ..................................................................... 13 The Role of Business Intelligence (BI) ........................................................................... 14 v Other Service Layers ........................................................................................................... 15 Big Data Tools ....................................................................................................................... 15 Implementation Models of Cloud Computing Systems ................................................. 18 Cloud Computing Issues .................................................................................................... 19 Chapter Summary ................................................................................................................ 21 Chapter 2 ................................................................................................................................... 22 Dynamic Cloud Architecture ......................................................................................................... 22 Introduction .........................................................................................................................
Load more

Recommended publications
  • Emerging Issues & Challenges in Cloud Computing—A Hybrid
    Journal of Software Engineering and Applications, 2012, 5, 923-937 923 http://dx.doi.org/10.4236/jsea.2012.531107 Published Online November 2012 (http://www.SciRP.org/journal/jsea) Emerging Issues & Challenges in Cloud Computing— A Hybrid Approach Yaser Ghanam, Jennifer Ferreira, Frank Maurer Department of Computer Science, University of Calgary, Calgary, Canada. Email: [email protected] Received October 16th, 2012; revised November 17th, 2012; accepted November 26th, 2012 ABSTRACT As cloud computing continues to gain more momentum in the IT industry, more issues and challenges are being re- ported by academics and practitioners. In this paper, we aim to attain an understanding of the types of issues and chal- lenges that have been emerging over the past five years and identify gaps between the focus of the literature and what practitioners deem important. A systematic literature review as well as interviews with experts have been conducted to answer our research questions. Our findings suggest that researchers have been mainly focusing on issues related to security and privacy, infrastructure, and data management. Interoperability across different service providers has also been an active area of research. Despite the significant overlap between the topics being discussed in the literature and the issues raised by the practitioners, our findings show that some issues and challenges that practitioners consider im- portant are understudied such as software related issues, and challenges pertaining to learning fast-evolving technologies. Keywords: Cloud Computing; Issues; Challenges; Systematic Literature Review 1. Introduction RQ2. How has the interest in different types of issues and challenges evolved over the past five years? With unprecedented adoption in industry over the past RQ3.
    [Show full text]
  • CLOUD COMPUTING up - Coming Era in IT Punam Assistant Professor, Department of Computer Science, University College Miranpur, Patiala
    TRJ VOL. 2 ISSUE 6 NOV-DEC 2016 ISSN: 2454-7301 (PRINT) | ISSN: 2454-4930 (ONLINE) CLOUD COMPUTING UP - Coming Era in IT Punam Assistant Professor, Department of Computer Science, University College Miranpur, Patiala Abstract- The Cloud computing is a term which is a set of Remotely hosted: Services or data are hosted on remote technologies that allows computing applications and data to systems which mean someone else’s infrastructure. be visible as a set of services from a group of essential Omnipresent: Services or data are available from resources. The establishment of cloud computing comprises anywhere. of data centres (servers, storage, networking), the business Commodified: The result is a utility computing model applications and middleware, virtualization software and for which is equivalent to traditional that of traditional sure operating systems. The cloud computing infrastructure utilities, like gas and electricity. You pay for what you consists of services that are offered up and delivered would like. through data centres that can be accessed from anywhere in II. CLOUD COMPUTING ISSUES: the world. Cloud computing is very much beneficial for businesses now a days because of its valuable features. It is a) Privacy well suited for small organizations where there is budget or Privacy is the key issue that should be kept in mind while infrastructure limitation. The key idea behind this new adopting cloud computing. In cloud computing the private information sharing technology is virtualization which data of a company that was stored in its data centres moves reduces the need to install hardware on each and every into a public cloud which is open for everyone.
    [Show full text]
  • Security of Cloud Computing in the Iot Era
    future internet Article Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era Michele De Donno 1 , Alberto Giaretta 2, Nicola Dragoni 1,2 and Antonio Bucchiarone 3,∗ and Manuel Mazzara 4,∗ 1 DTU Compute, Technical University of Denmark, 2800 Kongens Lyngby, Denmark; [email protected] (M.D.D.); [email protected] (N.D.) 2 Centre for Applied Autonomous Sensor Systems Orebro University, 701 82 Orebro, Sweden; [email protected] 3 Fondazione Bruno Kessler, Via Sommarive 18, 38123 Trento, Italy 4 Institute of Software Development and Engineering, Innopolis University, Universitetskaya St, 1, 420500 Innopolis, Russian Federation * Correspondence: [email protected] (A.B.); [email protected] (M.M.) Received: 28 January 2019; Accepted: 30 May 2019; Published: 4 June 2019 Abstract: The Internet of Things (IoT) is rapidly changing our society to a world where every “thing” is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors.
    [Show full text]
  • Trustcloud: a Framework for Accountability and Trust in Cloud Computing
    TrustCloud: A Framework for Accountability and Trust in Cloud Computing Ryan K L Ko, Peter Jagadpramana, Miranda Mowbray, Siani Pearson, Markus Kirchberg, Qianhui Liang, Bu Sung Lee HP Laboratories HPL-2011-38 Keyword(s): trust in cloud computing, logging, auditability, accountability, data provenance, continuous auditing and monitoring, governance Abstract: The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential customers. While preventive controls for security and privacy measures are actively being researched, there is still little focus on detective controls related to cloud accountability and auditability. The complexity resulting from the sheer amount of virtualization and data distribution carried out in current clouds has also revealed an urgent need for research in cloud accountability, as has the shift in focus of customer concerns from server health and utilization to the integrity and safety of end-users' data. This paper discusses key challenges in achieving a trusted cloud through the use of detective controls, and presents the TrustCloud framework, which addresses accountability in cloud computing via technical and policy-based approaches. External Posting Date: June 22, 2011 [Fulltext]. Approved for External Publication Internal Posting Date: March 21, 2011 [Fulltext] Additional Publication Information: To be published and presented at the 2nd IEEE Cloud Forum for Practitioners (IEEE ICFP 2011), Washington DC, USA, July 7-8, 2011. Copyright IEEE ICFP 2011. TrustCloud: A Framework
    [Show full text]
  • Security Issues Model on Cloud Computing: a Case of Malaysia
    (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 6, No. 8, 2015 Security Issues Model on Cloud Computing: A Case of Malaysia Komeil Raisian Jamaiah Yahaya Faculty of Information Science and Technology, the Faculty of Information Science and Technology, the National University of Malaysia 43600 UKM Bangi National University of Malaysia 43600 UKM Bangi Selangor, Malaysia Selangor, Malaysia Abstract—By developing the cloud computing, viewpoint of scenario, with nearly all the administrations that tried to make many people regarding the infrastructure architectures, software it as an entry. Followings are considered as the benefits of distribution and improvement model changed significantly. using cloud computing: i) decreasing the price of hardware and Cloud computing associates with the pioneering deployment related maintenance charges, ii) it is easily accessible all over architecture, which could be done through grid calculating, the world, and iii) it has flexible and the extremely automatic effectiveness calculating and autonomic calculating. The fast procedure, in that the clients are not usually worried about transition towards that, has increased the worries regarding a upgrading the software which is a daily manner [3]. Security critical issue for the effective transition of cloud computing. control events in cloud are identical to old IT settings. From the security viewpoint, several issues and problems were Regarding the multi-tenant features, service delivery and discussed regarding the cloud transfer. The goal of this study is deploy models of cloud computing usually associates with the to represent a general security viewpoint of cloud computing through signifying the security problems that must be focused previous IT settings, though, cloud computing might have and accomplished appropriately for identifying a better several risks and problems too [2].The most important goal of perspective about current world of cloud computing.
    [Show full text]
  • Chapter 1 Cloud Computing
    Contents 1 Cloud computing 1 1.1 Overview ............................................... 1 1.2 History of cloud computing ...................................... 1 1.2.1 Origin of the term ....................................... 2 1.2.2 The 1950s ........................................... 2 1.2.3 The 1990s ........................................... 2 1.3 Similar concepts ............................................ 3 1.4 Characteristics ............................................. 3 1.5 Service models ............................................ 4 1.5.1 Infrastructure as a service (IaaS) ............................... 5 1.5.2 Platform as a service (PaaS) ................................. 5 1.5.3 Software as a service (SaaS) ................................. 5 1.6 Cloud clients .............................................. 5 1.7 Deployment models .......................................... 6 1.7.1 Private cloud ......................................... 6 1.7.2 Public cloud .......................................... 6 1.7.3 Hybrid cloud ......................................... 6 1.7.4 Others ............................................. 7 1.8 Architecture .............................................. 7 1.8.1 Cloud engineering ....................................... 7 1.9 Security and privacy .......................................... 7 1.10 The future ............................................... 8 1.11 The cloud revolution is underway ................................... 8 1.12 See also ...............................................
    [Show full text]
  • Security Threats and Challenges in Cloud Computing Application
    International Journal of Computer Science and Mathematical Theory E-ISSN 2545-5699 P-ISSN 2695-1924, Vol 5. No. 2 2019www.iiardpub.org Security Threats and Challenges in Cloud Computing Application Abdulrahman Saidu Department of Computer Science, Federal Polytechnic Bali, Taraba State Nigeria [email protected] Abstract Security issues and challenges is the major concern of data storage on cloud. The paper discuses the most recent vulnerable security threats in cloud computing, which will enable both end users and cloud providers to take necessary measures. In particular, the paper makes critical evaluation on various challenges that impede successful hosting of data on cloud such as lack of data confidentiality and integrity, inadequate policy to manage security threats, software vulnerability, inadequate access to client information, loss of data, breach of trustworthiness and cloud compatibility issue. .The paper aims to discover the most susceptible security threats and issues in cloud computing environment. Also, the paper provides some recommendations that will enhance the security challenges of cloud computing application. Keywords: Cloud computing, Security, threats, challenges, application and data. INTRODUCTION The application of cloud computing is receiving fast recognition from various stakeholders due it importance. (Masud et al., 2012, Pocatilu et al., 2009, 2010a, 2010b, Greenhow, et al., 2009, Ramgovind, et al., 2010, Leavitt, 2009& Dong, et al., 2009). Cloud computing is an informal expression used to describe different types of computing concepts that involve a large number of computers connected through a real-time communication network such as the Internet (Carrol et al., 2012 and Leavitt, 2009). This means that Cloud computing is a type of computing that relies on sharing computing resources rather than having local services on personal devices to handle applications.
    [Show full text]
  • Cloud Computing – Issues, Research and Implementations
    Journal of Computing and Information Technology - CIT 16, 2008, 4, 235–246 235 doi:10.2498/cit.1001391 Cloud Computing – Issues, Research and Implementations Mladen A. Vouk Department of Computer Science, North Carolina State University, Raleigh, North Carolina, USA “Cloud” computing – a relatively recent term, builds on based on Virtual Computing Laboratory (VCL) decades of research in virtualization, distributed com- technology. VCL has been in production use at puting, utility computing, and more recently networking, web and software services. It implies a service oriented NC State University since 2004, and is a suitable architecture, reduced information technology overhead vehicle for dynamic implementation of almost for the end-user, great flexibility, reduced total cost of any current “cloud” computing solution. Sec- ownership, on-demand services and many other things. This paper discusses the concept of “cloud” computing, tion 4 discusses “cloud”-related research and some of the issues it tries to address, related research engineering challenges. Section 5 summarizes topics, and a “cloud” implementation available today. and concludes the paper. Keywords: “cloud” computing, virtual computing lab, virtualization, utility computing, end-to-end quality of service 2. Cloud Computing A key differentiating element of a successful 1. Introduction information technology (IT) is its ability to be- come a true, valuable, and economical contrib- [ ] “Cloud computing” is the next natural step in utor to cyberinfrastructure 4 . “Cloud” com- the evolution of on-demand information tech- puting embraces cyberinfrastructure, and builds nology services and products. To a large extent, upon decades of research in virtualization, dis- cloud computing will be based on virtualized tributed computing, “grid computing”, utility resources.
    [Show full text]
  • Research Challenges for Enterprise Cloud Computing
    Research Challenges for Enterprise Cloud Computing A l i K h a j e h -H o s s e i n i Ian Sommerville Ilango Sriram Cloud Computing Co -laboratory Cloud Computing Co -l a b o r a t o r y Department of Computer Science School of Computer Science School of Com puter Science University of Bristol University of St Andrews University of St Andrews Bristol, UK St Andrews, UK St Andrews, UK a k h @ c s . s t -andrews.ac.uk i f s @ c s . s t -andrews.ac.uk [email protected] ABSTRACT the research challenges for cloud computing from an enterprise or Cloud computing represents a shift away from computing as a organizational perspective. This paper discusses some of these product that is purchased, to computing as a service that is research challenges and puts them in context by reviewing the delivered to consumers over the internet from large-scale data existing body of literature in cloud computing. We hope that this centers – or ‘clouds’. This paper discusses some of the research paper can act as a key resource for researchers in this fast moving challenges for cloud computing from an enterprise or field. organizational perspective, and puts them in context by reviewing There seems to be many definitions of cloud computing [e.g. 1, the existing body of literature in cloud computing. Various 51, 60]. The US National Institute of Standards and Technology research challenges relating to the following topics are discussed: (NIST) has published a working definition [37] that seems to have the organizational changes brought about by cloud computing; the captured the commonly agreed aspects of cloud computing.
    [Show full text]
  • Cloud Computing: Security Issues
    International Journal of Computer and Communication Engineering, Vol. 3, No. 4, July 2014 Cloud Computing: Security Issues Nivedita M. Mathkunti development and integrations of computer technologies such Abstract—Cloud computing is a present and future of the as fast microprocessor, huge memory high speed network and Technology (IT), to enhance the capacity of Information reliable system architecture. Today we are utilizing the cloud dynamically without investing capital for new infrastructure, computing which is exist because of standard inter-connected training new personnel or licensing new software. With extending the IT’s present capabilities, it is growing radically. protocols and matured assembling data center technologies Enterprise customers are unenthusiastic to deploy their business [3]. Oracle CEO L Ellison said that, “cloud computing is in the cloud, because of security of the cloud computing. In this nothing more than everything that we currently do” [4]. study, a survey of the different security risks is presented with The other advanced technical definition of cloud proposal of new idea to build cloud with optical network which computing as the development and adoption of rapidly is suitable for the access network is considered as the one of evolving technology, strong fault tolerance, TCP/IP based highly secured for the cloud because of its optical devices. and virtualized. These characteristics are partially supported Index Terms—Cloud computing, cloud computing security, by grid computing. High security is not yet ensured cloud computing issues. completely. There are many more definitions for cloud computing these will focus on certain aspects of the technology. From these I. INTRODUCTION definitions any one can get confusion about what cloud Cloud computing is an evolving paradigm, according to computing really is what the services are provided by it and National Institute of Standards and Technology (NIST), cloud how it is deployed and so on.
    [Show full text]
  • Cloud Computing Issues and Impacts
    Global Technology Industry Discussion Series Cloud computing issues and impacts VIEW NOW Overview Drill-downs Outlook Glossary of terms Source notes Contacts Contents Contents 4 Overview: clouds are inevitable 50 Outlook All signs point to the rapid adoption of Higher-level business processes as cloud computing as a fundamental shift a service will evolve rapidly atop in the delivery model of information cloud-based IT services, leading to technology (IT) — but abundant the increasing rise of incredibly agile challenges will make it a difficult virtual organizations. adoption curve. 52 Glossary of terms 11 Drill-down discussions A list of new words and phrases that Nine detailed reports explore the cloud-based IT models have placed into specific benefits, risks, accelerants the business vernacular — including a and inhibitors associated with the widely adopted definition of cloud following critical aspects of cloud computing and its characteristics, computing adoption: service and deployment models. • Pricing and business models . 12 • Vendor management and 54 Source notes strategic sourcing . 18 •Availability and interoperability . 22 • Security and privacy. 26 • Standards and risk management. 30 • Government . 34 • Accounting...................38 • Cross-border taxation of CSP arrangements. 42 • Regulatory compliance . 46 Cloud computing issues and impacts Overview Drill-downs Outlook Glossary of terms Source notes Contacts Contents “By concentrating technology in the cloud, making it available as a service and freeing organizations to focus on business strategies — that’s how the IT industry will once again not only transform business, but business models.” Pat Hyek Global Technology Industry Leader Cloud computing issues and impacts Estimates of 2010 worldwide revenue from cloud computing services range from a low of about $12 billion to a high of slightly more than $68 billion — reflecting different views and means of evaluating this fast-growing technology phenomenon.1,2 Where the market researchers all agree, however, is that cloud computing is no fad.
    [Show full text]
  • Security Guidance for Critical Areas of Focus in Cloud Computing V4.0
    The permanent and official location for Cloud Security Alliance’security S Guidance for Critical Areas of Focus in Cloud Computing v4.0 is https://cloudsecurityalliance.org/download/security- guidance-v4/. Official Study Guide for the © 2017 Cloud Security Alliance – All Rights Reserved. The Security Guidance for Critical Areas of Focus in Cloud Computing v4.0 (“Guidance v4.0”) is licensed by the Cloud Security Alliance under a Creative Commons Attribution-NonCommercial- ShareAlike 4.0 International License (CC-BY-NC-SA 4.0). Sharing - You may share and redistribute the Guidance in any medium or any format, only for non- commercial purposes. Adaptation - You may adapt, transform, modify and build upon the Guidance v4 and distribute the modified Guidance v4.0, only for non-commercial purposes. Attribution - You must give credit to the Cloud Security Alliance, link to Guidance v4.0 webpage located at https://cloudsecurityalliance.org/download/security-guidance-v4/, and indicate whether changes were made. You may not suggest that CSA endorsed you or your use. Share-Alike - All modifications and adaptations must be distributed under the same license as the original Guidance v4.0. No additional restrictions - You may not apply legal terms or technological measures that restrict others from doing anything that this license permits. Commercial Licenses - If you wish to adapt, modify, share or distribute copies of the Guidance v4.0 for revenue generating purposes you must first obtain an appropriate license from the Cloud Security Alliance. Please contact us at [email protected]. Notices: All trademark, copyright or other notices affixed onto the Guidance v4.0 must be reproduced and may not be removed.
    [Show full text]