دانلود رایگان مقاله انگلیسی مدل محافظت از حریم خصوصی: طرح جدید برای حسابرسی سهامداران ابری - اشپرینگر 2017

Abstract

The Cloud computing paradigm provides numerous attractive services to customers such as the provision of the on-demand self-service, usage-based pricing, ubiquitous network access, transference of risk, and location independent resource sharing. However, the security of cloud computing, especially its data privacy, is a highly challengeable task. To address the data privacy issues, several mechanisms have been proposed that use the third party auditor (TPA) to ensure the integrity of outsourced data for the satisfaction of cloud users (CUs). However, the role of the TPA could be the potential security threat itself and can create new security vulnerabilities for the customer’s data. Moreover, the cloud service providers (CSPs) and the CUs could also be the adversaries while deteriorating the stored private data. As a result, the objective of this research is twofold. Our first research goal is to analyze the data privacy-preserving issues by identifying unique privacy requirements and presenting a supportable solution that eliminates the possible threats towards data privacy. Our second research goal is to develop the privacy-preserving model (PPM) to audit all the stakeholders in order to provide a relatively secure cloud computing environment. Specifically, the proposed model ensures the quality of service (QoS) of cloud services and detects potential malicious insiders in CSPs and TPAs. Furthermore, our proposed model provides a methodology to audit a TPA for minimizing any potential insider threats. In addition, CUs can use the proposed model to periodically audit the CSPs using the TPA to ensure the integrity of the outsourced data. For demonstrating and validating the performance, the proposed PPM is programmed in C++ and tested on GreenCloud with NS2 by applying merging processes. The experimental results help to identify the effectiveness, operational efficiency, and reliability of the CSPs. In addition, the results demonstrate the successful rate of handling the negative role of the TPA and determining the TPA’s malicious insider detection capabilities.

Conclusion

To guarantee data privacy in a cloud computing environment, it is essential to introduce a new scheme to authenticate the three cloud stakeholders (i.e., CSP, CU and TPA). Thus, the proposed triangle authentication process enables the three stakeholders to detect the negative role of each other. Another Razaque and Rizvi Journal of Cloud Computing: Advances, Systems and Applications (2017) 6:7 Page 15 of 17 concern is how to design a privacy-preserving model to restrict the potential TPA vulnerabilities, control the malicious insider threats in CSPs, and determine the CUs deceitful role of distributing the obtained service to other clients. In this paper, we explored the integrity and privacy-related challenges among the three entities. To build a secure and efficient cloud computing environment, we extend and improve the existing CSP and TPA security models by leveraging the properties into a single triangular data privacypreserving model to provide the auditing capability to all the key stakeholders. To support efficient and effective triangular auditing tasks, the scope of our privacy-preserving model is limited to: (a) guaranteeing the TPA’s integrity, (b) administering the firm compliance of SLA by both the CSP and CUs, (c) authoring the exact use of allotted session keys for auditing the confidential data stored on the cloud’s server, and (d) confirming the message authentication at the cloud service provider’s side. The TPA audits the CSP to confirm the privacy of the CUs’ outsourced data. The TPA also monitors the response provided by the CUs for the utilized services according to the SLA. Finally, an audit of the TPA is performed by both CSPs and CUs to reduce the probability of any possible malicious insider threats. To validate the correctness and soundness of the proposed work, an experimental analysis is conducted, which proves that the proposed PPM is highly efficient for preserving the data stored in the cloud computing environment.