Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment

Quang Hieu Vu; Maurizio Colombo; Rasool Asal; Ali Sajjad; Fadi Ali El-Moussa; Theo Dimitrakos

doi:10.1109/CNS.2015.7346879

Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment

Quang Hieu Vu, Maurizio Colombo, Rasool Asal, Ali Sajjad, Fadi Ali El-Moussa, Theo Dimitrakos

Emirates ICT Innovation Center

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

12 Scopus citations

Abstract

This paper introduces Secure Cloud Storage (SCS), a framework for Data Protection as a Service (DPaaS) to cloud computing users. Compared to the existing Data Encryption as a Service (DEaaS) such as those provided by Amazon and Google, DPaaS provides more flexibility to protect data in the cloud. In addition to supporting the basic data encryption capability as DEaaS does, DPaaS allows users to define fine-grained access control policies to protect their data. Once data is put under an access control policy, it is automatically encrypted and only if the policy is satisfied, the data could be decrypted and accessed by either the data owner or anyone else specified in the policy. The key idea of the SCS framework is to separate data management from security management in addition to defining a full cycle of data security automation from encryption to decryption. As a proof-of-concept for the design, we implemented a prototype of the SCS framework that works with both BT Cloud Compute platform and Amazon EC2. Experiments on the prototype have proved the efficiency of the SCS framework.

Original language	British English
Title of host publication	2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	638-642
Number of pages	5
ISBN (Electronic)	9781467378765
DOIs	https://doi.org/10.1109/CNS.2015.7346879
State	Published - 3 Dec 2015
Event	3rd IEEE International Conference on Communications and Network Security, CNS 2015 - Florence, Italy Duration: 28 Sep 2015 → 30 Sep 2015

Publication series

Name	2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015

Conference

Conference	3rd IEEE International Conference on Communications and Network Security, CNS 2015
Country/Territory	Italy
City	Florence
Period	28/09/15 → 30/09/15

Keywords

Access Control
Cloud Computing
Data Security
Key Management

Access to Document

10.1109/CNS.2015.7346879

Cite this

Vu, Q. H., Colombo, M., Asal, R., Sajjad, A., El-Moussa, F. A., & Dimitrakos, T. (2015). Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment. In 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015 (pp. 638-642). Article 7346879 (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNS.2015.7346879

Vu, Quang Hieu ; Colombo, Maurizio ; Asal, Rasool et al. / Secure Cloud Storage : A framework for Data Protection as a Service in the multi-cloud environment. 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 638-642 (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015).

@inproceedings{f96d4405b7894cfa9c86a65c830d4aea,

title = "Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment",

abstract = "This paper introduces Secure Cloud Storage (SCS), a framework for Data Protection as a Service (DPaaS) to cloud computing users. Compared to the existing Data Encryption as a Service (DEaaS) such as those provided by Amazon and Google, DPaaS provides more flexibility to protect data in the cloud. In addition to supporting the basic data encryption capability as DEaaS does, DPaaS allows users to define fine-grained access control policies to protect their data. Once data is put under an access control policy, it is automatically encrypted and only if the policy is satisfied, the data could be decrypted and accessed by either the data owner or anyone else specified in the policy. The key idea of the SCS framework is to separate data management from security management in addition to defining a full cycle of data security automation from encryption to decryption. As a proof-of-concept for the design, we implemented a prototype of the SCS framework that works with both BT Cloud Compute platform and Amazon EC2. Experiments on the prototype have proved the efficiency of the SCS framework.",

keywords = "Access Control, Cloud Computing, Data Security, Key Management",

author = "Vu, {Quang Hieu} and Maurizio Colombo and Rasool Asal and Ali Sajjad and El-Moussa, {Fadi Ali} and Theo Dimitrakos",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 3rd IEEE International Conference on Communications and Network Security, CNS 2015 ; Conference date: 28-09-2015 Through 30-09-2015",

year = "2015",

month = dec,

day = "3",

doi = "10.1109/CNS.2015.7346879",

language = "British English",

series = "2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "638--642",

booktitle = "2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015",

address = "United States",

}

Vu, QH, Colombo, M, Asal, R, Sajjad, A, El-Moussa, FA & Dimitrakos, T 2015, Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment. in 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015., 7346879, 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015, Institute of Electrical and Electronics Engineers Inc., pp. 638-642, 3rd IEEE International Conference on Communications and Network Security, CNS 2015, Florence, Italy, 28/09/15. https://doi.org/10.1109/CNS.2015.7346879

Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment. / Vu, Quang Hieu; Colombo, Maurizio; Asal, Rasool et al.
2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 638-642 7346879 (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Secure Cloud Storage

T2 - 3rd IEEE International Conference on Communications and Network Security, CNS 2015

AU - Vu, Quang Hieu

AU - Colombo, Maurizio

AU - Asal, Rasool

AU - Sajjad, Ali

AU - El-Moussa, Fadi Ali

AU - Dimitrakos, Theo

PY - 2015/12/3

Y1 - 2015/12/3

N2 - This paper introduces Secure Cloud Storage (SCS), a framework for Data Protection as a Service (DPaaS) to cloud computing users. Compared to the existing Data Encryption as a Service (DEaaS) such as those provided by Amazon and Google, DPaaS provides more flexibility to protect data in the cloud. In addition to supporting the basic data encryption capability as DEaaS does, DPaaS allows users to define fine-grained access control policies to protect their data. Once data is put under an access control policy, it is automatically encrypted and only if the policy is satisfied, the data could be decrypted and accessed by either the data owner or anyone else specified in the policy. The key idea of the SCS framework is to separate data management from security management in addition to defining a full cycle of data security automation from encryption to decryption. As a proof-of-concept for the design, we implemented a prototype of the SCS framework that works with both BT Cloud Compute platform and Amazon EC2. Experiments on the prototype have proved the efficiency of the SCS framework.

AB - This paper introduces Secure Cloud Storage (SCS), a framework for Data Protection as a Service (DPaaS) to cloud computing users. Compared to the existing Data Encryption as a Service (DEaaS) such as those provided by Amazon and Google, DPaaS provides more flexibility to protect data in the cloud. In addition to supporting the basic data encryption capability as DEaaS does, DPaaS allows users to define fine-grained access control policies to protect their data. Once data is put under an access control policy, it is automatically encrypted and only if the policy is satisfied, the data could be decrypted and accessed by either the data owner or anyone else specified in the policy. The key idea of the SCS framework is to separate data management from security management in addition to defining a full cycle of data security automation from encryption to decryption. As a proof-of-concept for the design, we implemented a prototype of the SCS framework that works with both BT Cloud Compute platform and Amazon EC2. Experiments on the prototype have proved the efficiency of the SCS framework.

KW - Access Control

KW - Cloud Computing

KW - Data Security

KW - Key Management

UR - http://www.scopus.com/inward/record.url?scp=84966349531&partnerID=8YFLogxK

U2 - 10.1109/CNS.2015.7346879

DO - 10.1109/CNS.2015.7346879

M3 - Conference contribution

AN - SCOPUS:84966349531

T3 - 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015

SP - 638

EP - 642

BT - 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 28 September 2015 through 30 September 2015

ER -

Vu QH, Colombo M, Asal R, Sajjad A, El-Moussa FA, Dimitrakos T. Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment. In 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 638-642. 7346879. (2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015). doi: 10.1109/CNS.2015.7346879

Secure Cloud Storage: A framework for Data Protection as a Service in the multi-cloud environment

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this