Secure distributed data storage in cloud computing

Abstract

Mahra Mohammed Ahmed. Secure Distributed Data Storage in Cloud Computing. M.S.c By Research Thesis, Electrical and Computer Engineering Department, Khalifa University of Science, Technology and Research, Abu Dhabi, United Arab Emirates, December 2013 Cloud Computing has become popular as it offers to users several advantages such as cost reduction, speed of delivery and rapid scaling, over traditional computing models. Furthermore, due to its resource-sharing capability, the Cloud Computing model is considered the main driver towards reducing the energy consumption of computer systems, and hence promoting green computing. However, a number of business owners are still reluctant to employ Cloud Computing due to concerns about the security of data in the Cloud. To simply provide data security in the Cloud, the most popular solution is to apply traditional cryptographic methods to encrypt data stored in the Cloud and decrypt encrypted data only when needed. The main disadvantage of this solution is that it greatly increases processing speed and incurs a high computational cost for encrypting as well as decrypting data. As a result, this solution is impracticable in several cases. As the first effort to provide a more practical solution for data security in the Cloud, a secure distributed storage model based on Erasure code in general and particularly Reed-Solomon code was proposed. In this proposed storage model, while the use of Reed-Solomon code provides reliability and availability for data in the storage, its security is achieved through an interesting property of Reed-Solomon code which is that data recovery could only be achieved if both encoded data blocks and their indices are known. However, the weakness of the above distributed storage model is that it does not efficiently support fault tolerance, which is an important qualification factor of services in general and Cloud Computing services in particular. This thesis proposes a solution to improve the security of the storage model by enhancing Reed- Solomon code with an extra security layer where a password is always required to recover the data. Furthermore, design a log based recovery scheme in which data can be temporarily recovered without knowing the password and is corrected later when a user provides the password.

Date of Award	2013
Original language	American English
Supervisor	Hussain Al Ahmad (Supervisor)