CFP last date
20 January 2025
Reseach Article

Data Confidentiality in Public Cloud: A Method for Inclusion of ID-PKC Schemes in OpenStack Cloud

by Bhanu Prakash Gopularam, Nalini N
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 93 - Number 8
Year of Publication: 2014
Authors: Bhanu Prakash Gopularam, Nalini N
10.5120/16239-5784

Bhanu Prakash Gopularam, Nalini N . Data Confidentiality in Public Cloud: A Method for Inclusion of ID-PKC Schemes in OpenStack Cloud. International Journal of Computer Applications. 93, 8 ( May 2014), 40-45. DOI=10.5120/16239-5784

@article{ 10.5120/16239-5784,
author = { Bhanu Prakash Gopularam, Nalini N },
title = { Data Confidentiality in Public Cloud: A Method for Inclusion of ID-PKC Schemes in OpenStack Cloud },
journal = { International Journal of Computer Applications },
issue_date = { May 2014 },
volume = { 93 },
number = { 8 },
month = { May },
year = { 2014 },
issn = { 0975-8887 },
pages = { 40-45 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume93/number8/16239-5784/ },
doi = { 10.5120/16239-5784 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:15:19.259140+05:30
%A Bhanu Prakash Gopularam
%A Nalini N
%T Data Confidentiality in Public Cloud: A Method for Inclusion of ID-PKC Schemes in OpenStack Cloud
%J International Journal of Computer Applications
%@ 0975-8887
%V 93
%N 8
%P 40-45
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The term data security refers to the degree of resistance of protection given to information from unintended or unauthorized access. The core principles of information security remain the same - Confidentiality, Integrity and Availability also referred as CIA triad. With cloud adoption the confidential enterprise data is moved from organization premises to untrusted public network and due to this the attack surface has increased manifold. Several cloud computing platforms like OpenStack, Eucalyptus, Amazon EC2 offer users to build and configure public, hybrid and private clouds. While the traditional encryption based on PKI infrastructure still works in cloud scenario the management of public-private keys and trust certificates is difficult. The Identity based Public Key Cryptography (also referred as ID-PKC) overcomes this problem by using publicly identifiable information for generating the keys and works well with decentralized systems. The users can exchange information securely without having to manage any trust information. Another advantage is that access control (role based access control policy) information can be embedded into data unlike in PKI where it is handled by separate component or system. In OpenStack cloud platform the keystone service acts as identity service for authentication and authorization and has support for public key infrastructure for auth services. The proposed approach explains cloud security model using OpenStack cloud platform and analyzes its security architecture for data confidentiality. It provides a method to integrate ID-PKC schemes for securing data when in transit and storage and explains the key measures for safe guarding data. The proposed approach uses JPBC crypto library for key-pair generation based on IEEE standard(s) P1636. 3 for assuring data confidentiality in public cloud environment.

References
  1. Ullah K. W, Ahmed A. S. and Ylitalo J, "Towards Building an Automated Security Compliance Tool for the Cloud", IEEE Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1587-1593, July 2013
  2. Ristov S, Gusev M, "Security evaluation of open source clouds", IEEE EUROCON 2013, pp. 73-80, July 2013
  3. Fakhar F, Shibli M. A, "Management of Symmetric Cryptographic Keys in cloud based environment", IEEE Advanced Communication Technology (ICACT) 2013, pp. 39-44, Jan 2013
  4. Donevski A, Ristov S, Gusev M, "Security assessment of virtual machines in open source clouds", IEEE Information & Communication Technology Electronics & Microelectronics (MIPRO), pp. 1094-1099, May 2013
  5. Taheri Monfared A, Jaatun M. G, "As Strong as the Weakest Link: Handling Compromised Components in OpenStack", IEEE Cloud Computing Technology and Science (CloudCom), pp. 189-196, Dec. 2011
  6. Y. Chen, V. Paxson, and R. H. Katz, "What's New About Cloud Computing Security?" EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2010-5, Jan. 2010
  7. Hongwei Li, Yuanshun Dai, Bo Yang, "Identity-Based Cryptography for Cloud Security", IACR Cryptology, Jan 2011
  8. Ashish Kumar, "World of Cloud Computing & Security", Vol. 1, No. 2, International Journal of Cloud Computing and Services Science (IJ-CLOSER), pp. 53-58, Jun 2012
  9. D. Boneh and M. K. Franklin, "Identity-based encryption from the Weil pairing", CRYPTO, LNCS 2139, Springer-Verlag, pp. 213–229, 2001
  10. Sasko Ristov, Marjan Gusev and Aleksandar Donevski, "OpenStack Cloud Security Vulnerabilities from Inside and Outside", Cloud Computing, The Fourth International Conference on Cloud Computing, GRIDs, and Virtualization, 2013, pp. 95-101, 2013
  11. Chang-Ji Wang and Jian-Fa Luo "A Key-policy Attribute-based Encryption Scheme with Constant Size Ciphertext", Eighth International Conference on Computational Intelligence and Security, pp. 447-451, Nov 2012
  12. Sahai and B. Waters, "Fuzzy Identity Based Encryption", In EUROCRYPT 2005, LNCS 3494, Springer-Verlag, 2005
  13. V. Goyal, O. Pandey, A. Sahai and B. Waters, "Attribute Based Encryption for Fine-Grained Access Conrol of Encrypted Data?", ACM conference on Computer and Communications Security, 2006
  14. J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-policy attribute based encryption" Proc. of IEEE Symposium on S&P, 2007.
Index Terms

Computer Science
Information Sciences

Keywords

Data Encryption Key Policy Attribute based encryption OpenStack keystone Token scoping