Cloud Hosting

May 22, 2017 Cloud storage services make data storage and sharing more efficient and cost-effective, but their use requires trust in the clouds security. Credit: Wavebreak Media Ltd/123rf

By securing data files with a 'need-to-know' decryption key, researchers at Singapore's Agency for Science, Technology and Research (A*STAR) have developed a way to control access to cloud-hosted data in real time, adding an extra layer of security for data sharing via the Internet.

Cloud-based file storage has rapidly become one of the most popular uses of the Internet, allowing files to be safely saved in a virtual drive that is often replicated on numerous servers around the world. Cloud storage theoretically provides near-seamless backup and data redundancy, preventing data loss and also enabling files to be shared among users almost anywhere. However, proper treatment of sensitive or confidential information stored on the cloud cannot be taken for granted: the security of the cloud environment is not immune to hacker attacks or misuse by a cloud provider.

"Cloud storage services make data storage and sharing more efficient and cost-effective, but their use requires trust in the cloud's security," explains Jianying Zhou from the A*STAR Institute for Infocomm Research. "We wanted to find a way to ease the security concerns by creating a system that does not require the data owner to trust the cloud service or assume perfect protection against hacking."

The scheme Zhou and his team developed allows access to an individual file hosted on a cloud service to be issued or revoked in real time, and eliminates the possibility that files can be taken offline and accessed without authorization.

Zhou explains the process. "The file owner, Alice, generates the proxy keys, which define who can decrypt the file, for example Bob, and gives them to the cloud server. When Bob wants to access the encrypted file in the cloud, the cloud server needs to first decrypt the file for Bob using the proxy key as well as the cloud server's private key. This results in an intermediate decryption that the cloud server passes to Bob. He then uses his private key to decrypt the file to get the plaintext file. If Alice wants to revoke Bob's access, she simply informs the cloud server to remove his proxy key."

The scheme allows the data owner to retain control over file access while making use of all the other benefits of cloud hosting. Importantly, it is applicable at the per-file and per-user level, and has 'lightweight' user decryption, meaning that files can be opened quickly even on mobile devices such as smart phones.

"Our technology could be used to provide scalable and fine-grained access control to various bodies of data collected by different organizations and shared via the cloud, with applications in areas such as healthcare, finance and data-centric cloud applications," says Zhou.

Explore further: User-controlled system makes it possible to instantly revoke access to files hosted on internet cloud servers

By securing data files with a 'need-to-know' decryption key, A*STAR researchers have developed a way to control access to cloud-hosted data in real-time, adding an extra layer of security for data-sharing via the Internet.

Cloud storage services, like Dropbox and Gmail, may soon be able to better manage your content, giving you more storage capacity while still being unable to 'read' your data.

Computer scientists in Italy are working on a new concept for remote and distributed storage of documents that could have all the benefits of cloud computing but without the security issues of putting one's sensitive documents ...

A systematic analysis reveals that cloud storage services have security weaknesses that can inadvertently leak users' data.

We are producing more data than ever before, with more than 2.5 quintillion bytes produced every day, according to computer giant IBM. That's a staggering 2,500,000,000,000 gigabytes of data and it's growing fast.

The most obvious disadvantage of putting your data in the cloud is losing access when you have no internet connection. According to research publishes in the International Journal of Cloud Computing, this is where "dew" could ...

By analyzing network traffic going to suspicious domains, security administrators could detect malware infections weeks or even months before they're able to capture a sample of the invading malware, a new study suggests. ...

An international team of researchers has uncovered the mechanism that allowed Volkswagen to circumvent U.S. and European emission tests over at least six years before the Environmental Protection Agency put the company on ...

Researchers have developed an AI algorithm to accurately predict the gender of pre-paid mobile phone users, which could be useful in crises.

The massive global cyber attack that wreaked havoc in computer systems earlier this month caused plenty of visible disruption, not least in Britain's National Health Service.

It's man vs machine this week as Google's artificial intelligence programme AlphaGo faces the world's top-ranked Go player in a contest expected to end in another victory for rapid advances in AI.

Numerous studies have raised critical concerns about the promise of corn ethanol's ability to mitigate climate change and reduce dependence on fossil fuels. Some of the studies have suggested that after a full life cycle ...

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Originally posted here:
A user-controlled file security scheme for cloud services - Phys.Org