Secure cloud storage model to preserve confidentiality and integrity

Abstract

Cloud Service Providers (CSPs) offer remotely located cloud storage services to business organizations which include cost-effective advantages. From an industrial perspective, Amazon Simple Storage Service (S3) and Google Cloud Storage (GCS) are the leading cloud storage services. These storages are secured using the latest data security approaches such as cryptography algorithms, data auditing processes, and strict access control policies. However, organizations where confidentiality of information is a significant act, they are not assertive to adopt these services due to emerging data confidentiality and integrity concerns. Malicious attackers have violated the cloud storages to steal, view, manipulate, and tamper clients’ data. The researchers have attempted to overcome these shortcomings by designing and developing various security models. These solutions incorporate limitations and require enhancements as well as improvements before they can be widely accepted by CSPs to guarantee secure cloud storage services. In order to solve the stated problem, this research developed an improved security solution namely Secure Cloud Storage Model (SCSM) which consists of Multi-factor authentication and authorization process using Role-Based Access Control (RBAC) with Complex Random Security Code Generator (CRSCG), Partial homomorphic cryptography using Rivest, Shamir and Adleman (RSA) algorithm, Trusted Third Party (TTP) services including Key Management (KM) approach and data auditing process, Implementation of 256-bit Secure Socket Layer (SSL), and Service Level Agreement (SLA). SCSM was implemented using Java Enterprise Edition with glassfish server and deployed on a cloud computing infrastructure. The model was evaluated using extended euclidean algorithm, system security analysis, key management recommendations, web-based testing tool, security scanner, and survey. The survey results presented that 83.33% of the respondents agreed for SCSM to be widely accepted by CSPs to offer secured cloud storage services. The aggregate evaluation results proved that SCSM is successful in preserving data confidentiality and integrity at remotely located cloud storages.