TY - JOUR
T1 - A trusted third-party (TTP) based encryption scheme for ensuring data confidentiality in cloud environment
AU - Rizvi, Syed
AU - Cover, Katie
AU - Gates, Christopher
N1 - Publisher Copyright:
© 2014 Published by Elsevier B.V.
PY - 2014
Y1 - 2014
N2 - Cloud computing is an emerging paradigm that affects a large part of the IT industry by offering dynamically scalable resources (e.g., hardware and software) that are provisioned as a service over the Internet. Cloud computing provides numerous advantages to organizations in terms of improved scalability, lower cost, and flexibility, to name a few. Despite these technical and economical advantages, many potential cloud consumers are still hesitant to adopt cloud computing due to security and privacy concerns. In particular, one of the main factors for the reluctance of organizations to adopt cloud computing is the lack of strong encryption scheme that can ensure the confidentiality of client's data while store in cloud service provider's (CSPs) data centers. With the existing encryption schemes adopted by the CSPs, there is always a possibility that the client's data can be compromised due to insider threats. In this paper, we propose a new scheme capable to secure client information from both insider and outsider threats. In particular, we develop an encryption scheme by combining both symmetric and asymmetric cryptographic algorithms, which provide strong data confidentiality preserving secret key encryption functionalities, including periodically renewable public key certificates through trusted third parties. Due to these functionalities, the data owner can utilize the best secret key encryption schemes while the trusted third party will hold and communicate the secret keys to CSPs on behalf of cloud service users (CSUs).
AB - Cloud computing is an emerging paradigm that affects a large part of the IT industry by offering dynamically scalable resources (e.g., hardware and software) that are provisioned as a service over the Internet. Cloud computing provides numerous advantages to organizations in terms of improved scalability, lower cost, and flexibility, to name a few. Despite these technical and economical advantages, many potential cloud consumers are still hesitant to adopt cloud computing due to security and privacy concerns. In particular, one of the main factors for the reluctance of organizations to adopt cloud computing is the lack of strong encryption scheme that can ensure the confidentiality of client's data while store in cloud service provider's (CSPs) data centers. With the existing encryption schemes adopted by the CSPs, there is always a possibility that the client's data can be compromised due to insider threats. In this paper, we propose a new scheme capable to secure client information from both insider and outsider threats. In particular, we develop an encryption scheme by combining both symmetric and asymmetric cryptographic algorithms, which provide strong data confidentiality preserving secret key encryption functionalities, including periodically renewable public key certificates through trusted third parties. Due to these functionalities, the data owner can utilize the best secret key encryption schemes while the trusted third party will hold and communicate the secret keys to CSPs on behalf of cloud service users (CSUs).
UR - http://www.scopus.com/inward/record.url?scp=84938599255&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84938599255&partnerID=8YFLogxK
U2 - 10.1016/j.procs.2014.09.009
DO - 10.1016/j.procs.2014.09.009
M3 - Conference article
AN - SCOPUS:84938599255
SN - 1877-0509
VL - 36
SP - 381
EP - 386
JO - Procedia Computer Science
JF - Procedia Computer Science
IS - C
T2 - Complex Adaptive Systems, 2014
Y2 - 3 November 2014 through 5 November 2014
ER -