Cloud Storage & Data Security
Cloud computing has emerged as an innovative approach to provide computing services. It offers numerous advantages such as fast deployment, lower costs, pay for use, rapid elasticity, scalability, ubiquitous network access, and greater resiliency. One of the primary uses of cloud computing is for data storage. Cloud storage is a model of networked online storage and can store data on multiple third-party servers. Cloud storage is an evolution of traditional hosted storage technology (FTP, WebDAV, NFS/CIFS) that involves more sophisticated APIs, namespaces, file or data location virtualization, and management tools. Wu et al. (2010) identified several benefits of using cloud storage such as ease of management, cost effectiveness, lower impact outages and upgrades, and simplified planning. So, cloud storage is convenient and offers more flexibility.
According to Borgmann et al. (2012), most cloud storage providers offer two types of services:
Basic cloud storage services: they are services mainly offer virtual online disk space that can be used as a normal hard drive for storing all types of data. Users cannot access these services directly. In fact, they are embedded into custom software using application programming interfaces (API). Examples of such basic cloud storage services are Amazon S3 and Google Cloud Storage.
Advanced cloud storage services: these services not only use basic cloud storage services for the actual storage of data but also they provide interfaces such as client or web applications which significantly simplify the use of the service for the customer. Many services may also provide an easy to use API to allow integration of the service’s capabilities into third-party software. An example of advanced cloud storage services is Dropbox.
The number of cloud storage providers has increased dramatically over the last couple of years so choosing the best one is a tough decision. In fact, trust, reliability, security, ease of use, cost and their support are the most important factors in choosing the best cloud storage provider. One of the crucial factors should be considered before choosing a cloud storage provider is the level of security offered by a cloud storage provider and the reputation that comes along with it. In other words, it is crucial for the cloud storage to be equipped with storage security solutions so that the whole cloud storage system is reliable and trustworthy. Unfortunately, majority of cloud storage systems do not provide security guarantees in their Service Level Agreements (SLAs). Lack of security support can be a main obstacle for the adoption of cloud services.
Cloud storage should possess four desirable security properties: confidentiality, integrity, write-serializability, and read freshness (denoted by C, I, W, F). In fact, confidentiality is achieved by encryption, data integrity is protected using message digests, non-reputation is supported by signed message-digests, freshness is achieved by periodic audit, and write-serializability is guaranteed by chain hash.
Many scholars believe that although database and document encryption can be efficient way to improve security, encryption often results in a serious server slowdown. Hence, many companies such as SK Telecom, a leading mobile telecommunication company in South Korea, have adopted another technique, anonymization, to increase the security of data in the public cloud. In fact, data anonymization is the process of changing data so that it can be processed in a useful way, while preventing that data from being linked to individual identities of people, objects, or organizations. So, data anonymization can be an effective way to protect sensitive data.
By Mojgan Afshari
Latest posts by Mojgan Afshari (see all)
- Cloud Computing Security – Network And Application Levels - July 28, 2014
- Big Data Analytics Adoption - July 21, 2014
- Pinup: Alpine Data Labs - July 16, 2014