Copyright © 2014 Inderscience Enterprises Ltd.
Dual server-based secure data-storage system for
cloud storage
Woong Go
ISAA Lab,Department of Information Security Engineering, Soonchunhyang University,
Asan, Choongchungnam-do, Korea E-mail: [email protected]
Jin Kwak*
Department of Information Security Engineering, Soonchunhyang University,
Asan, Choongchungnam-do, Korea E-mail: [email protected]
*Corresponding author
Abstract: Users can access data that they store in cloud storage anytime and anywhere over a network. In the cloud storage paradigm, users’ data are stored in several distributed servers and virtualisation is applied in order to logically integrate those data. However, when users access their data in cloud storage, they directly access the server on which the data are physically stored. Thus, there is a potential threat of data loss due to a malicious attacker accessing the data. In order to solve this threat, we propose a data storage system that uses link and data servers. The link server does not store real data; it only has the address of the data and a symmetric key. The data server, on the other hand, has the real data and access information, and it can only be accessed via the link server.
Keywords: cloud storage; data loss prevention; link server; data server.
Reference to this paper should be made as follows: Go, W. and Kwak, J. (2014) ‘Dual server-based secure data-storage system for cloud storage’, Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, pp.86–90.
Biographical notes: Woong Go received his BS and MS in Information Security from Soonchunhyang University, South Korea, in 2008 and 2010, respectively. He is currently a PhD candidate in the Information Security Application and Assurance Lab at Soonchunhyang University. His research interests include security of cloud computing, data management, and key distribution protocols.
Jin Kwak received his BS (2000), MS (2003), and PhD (2006) from Sungkyunkwan University (SKKU) in Korea. Prior to joining the faculty at Soonchunhyang University (SCH) in 2007, he joined Kyushu University in Japan as a Visiting Scholar. After that, he served MIC (Ministry of Information and Communication, Korea) as a Deputy Director. Also, he has served as a Dean of DISE (2009–2010) and Vice-Dean of College of Engineering (2009) in SCH. Now he is a Professor at Department of Information Security Engineering (DISE) at SCH. His main research areas are cryptology, information security applications and information assurance.
This paper is a revised and expanded version of a paper entitled ‘Dual server-based secure data-storage system for cloud storage’ presented at the 1st International Conference on Convergence and its Applications, Korea, 10–12 July 2013.
1 Introduction
In recent times, advances in science and technology have brought us many benefits. One of those is remote storage, in which users can access their data anytime and anywhere over a network. Cloud storage, a model of networked online storage in which data is stored in virtualised storage pools
that are generally hosted by third parties, is the technology that has made this possible. It is a subservice of infrastructure as a service in cloud computing (Peng et al., 2012). In the cloud storage paradigm, data are usually stored in the storage areas of third-party companies instead of in a single host. Further, the data have to be managed and integrated into available resources for users to access. Thus,
cloud storage is able to provide reliable, secure storage services at a low cost (Wu et al., 2012; Zeng et al., 2009).
However, when data are stored in cloud storage, users cannot directly manage data. This means that users do not know where the data are and how many copies are stored in cloud storage. These issues can cause serious security concerns. If users want to delete data, they can delete some, but they cannot be sure that all the relevant data have been deleted. This results in user anxiety. In addition, a malicious attacker may find it easy to steal users’ data due to the existence of many copies (Wu et al., 2010).
We therefore propose a data loss prevention scheme for cloud storage that uses a link server. This scheme uses two servers: A LINK server and a DATA server. The link server only has the address of the user’s data, which are actually stored in the DATA server. The DATA server, on the other hand, has the user’s real data and the data access information.
The remainder of this paper is organised as follows: In Section 2, we briefly provide basic information about cloud storage. In Section 3, we discuss problems associated with the security of cloud storage. In Section 4, we present and describe our proposed scheme, and analyse it in Section 5. Finally, we summarise our research and conclude this paper in Section 6.
2 Cloud storage
Cloud storage facilities utilise thousands of storage devices clustered by network, distributed file systems, and other storage middleware to provide cloud storage services to users. Cloud storage is typically structured in terms of elements such as storage resource pools, distributed file systems, service level agreements (SLAs), and service interfaces. Globally, they can be divided by physical and logical functional boundaries and relationships to provide more compatibility and interactions (Zeng et al., 2009). Figure 1 Cloud storage architecture (see online version
for colours)
There are hundreds of different cloud storage systems. Some have a very specific focus, such as storing web e-mail messages or digital pictures. Others are available to store all forms of digital data. Some cloud storage systems are small operations, while others are so large that the physical equipment used can fill up entire warehouses. The facilities that house cloud storage systems are called data centres (Wu et al., 2010; Gelogo and Lee, 2012).
3 Security problems
3.1 Management of data
Cloud storage users store their data in remote cloud storage servers. This means that users cannot manage their data directly. Further, they do not know where the data physically reside and how many copies are stored in cloud storage. These management problems can cause serious problems (Rehman and Hussain, 2011).
First, users cannot simply rely on the honesty of cloud-storage service providers. In other words, users cannot be sure that the data are stored securely. Consequently, security discomfort occurs from the use of cloud storage. The second concern is data deletion. When users want to remove the data, they cannot be sure that all the data have been removed because cloud storage services backup user’s data in case they need to be restored. Therefore, there is a possibility that some copies of the data have not been deleted.
3.2 Data loss problem
Cloud storage services store a user’s data in remote servers, to which the user has access. This means that the address of the remote server is exposed to the outside. This is the same for the attacker’s side. Thus, a malicious attacker can access a remote server in which real data are stored. If a malicious attacker accesses a remote server illegally, he can steal users’ data from the remote server (Lee, 2012).
4 Proposed scheme
In this paper, we propose a scheme for cloud-storage data loss prevention. The scheme solves the problems outlined above by utilising two different servers: a LINK server and a DATA server.
The LINK server stores several pieces of data consisting of a symmetric key for encryption/decryption, the physical address of the data, and message authentication code (MAC) to detect illegal modification. The DATA server stores user data that have been encrypted using the symmetric key and access information, ACC INF, for the data. ACC INF consists of counter, timestamp, and user access ID.
Figure 2 Overview of our proposed scheme (see online version for colours)
4.1 Notation
Table 1 outlines the notations we will use throughout this paper to discuss our proposed scheme.
Table 1 Notations used in our proposed scheme
Notation Description IDU User ID
DATA User’s data
RQ(DATA) Request data
DATAINF Data information
ACCINF Access information for data
TS Timestamp
MAC Message authentication code
LINKINF Link information for data
PRNG(·) Pseudo random generation
PW User password
CK Pre-distributed key
SYK Symmetric key for data
LK Encryption/decryption key for LINK information
CT Counter value
ACCTB Table of access information
SQ Sequence number of data
H(·) Hash function
4.2 LINK server
The LINK server has LINK information (LINKINF) that is
used to access a user’s real data. The LINK information is as follows:
( || ) || =
INF CK
LINK E SYK LINK MAC
SYK is an encryption/decryption key for a symmetric algorithm, such as AES and 3-DES. This key is generated each time the data are stored; resulting in a different key for
each set of data. Furthermore, in cloud storage there is no need to directly manage the symmetric key, and so there is no key management problem occurring.
LINK has the real address of the user’s data. This address includes the location of the server in which the data are stored and the physical address of the data. The user can access his/her real data using LINK information.
SYK and LINK are encrypted using the user’s password and a sequence number (assigned according to the order in which the data are stored). This sequence number is managed by the server, and thus, the server can decrypt the user’s data normally.
MAC is hash data associated with SYK and LINK. Cloud storage services can detect forged data using the MAC. 4.3 DATA server
The DATA server has DATA information (DATAINF), and
LINK information (LINKINF) referred to it. This server is
accessible only via LINK information on the LINK server. Further, no one can access it directly over the network. The DATA information is as follows:
|| ( )
=
INF INF SYK
DATA ACC E DATA
ACCINF stores access information about the user’s data; it is
updated each time the data are accessed. This information consists of three elements: counter (CT, when a user accesses the data, the value of this counter is increased), timestamp (TS), and access ID (not owner ID). These three elements are computed using an exclusive-OR operation. To detect illegal modifications, ACCINF is duplicated and
managed separately by the server. Thus, if a malicious attacker attempts to modify this information, s/he will be denied.
DATA is the user’s real data. The data are encrypted using SYK on the LINK server. Therefore, only authorised users can decrypt SYK and DATA.
4.4 Data registration phase
In the data registration phase, the user inputs his/her ID/PW (IDU ||PW) and data (DATA) in order to register the data. The cloud storage service then generates LINK and DATA information, which are stored on the LINK and DATA servers, respectively. The protocol used in this phase is outlined in Figure 3.
4.5 Data request phase
In this phase, the user sends a request to the LINK server for his/her data. The LINK server then searches LINKINF and
requests the user’s data from the DATA server. Finally, the DATA server decrypts the user’s data, and the user accesses the data via LINK. The protocol used in this phase is outlined in Figure 4.
Figure 3 Protocol used in the data registration phase
5 Analysis
5.1 Protection against data management problems Users cannot manage data directly, and they also do not know where data is stored or how many copies are stored in cloud storage. Consequently, users have to trust completely in the honesty of their cloud storage service provider. However, this is impossible.
Our proposed scheme uses LINK information (LINKINF)
for data management. LINKINF comprises symmetric key
(SYK), address of data (LINK), and MAC. A user can access his/her data using LINK, and determine where his/her data are stored. Thus, users do not simply have to trust completely in the honesty of their cloud storage service provider. Next, the access information parameter (ACCINF)
shows who accessed the user’s data and how many times the data were accessed. Thus, users can check for illegal access to their data; which resolves the problems associated with data management.
5.2 Protection against illegal access
Current cloud storage services allow users to access data directly from a remote server. This means that a malicious attacker can access a user’s real data using illegal hacking, resulting in serious problems.
In our proposed scheme, ACCINF is used to protect the
data and detect illegal access. This information consists of counter (CT), timestamp (TS), and access user ID (IDU).
When the data are accessed, CT is increased and TS, and user ID are changed. These pieces of information are computed using an exclusive-OR operation. In addition, the DATA server backs up this information and uses the backup to identify illegal modification. For example, if a malicious attacker modifies any element of ACCINF, the DATA server
can detect that modification using the backup file. Further, the user can check the illegal access information using ACCINF.
• Attacker =>ACCINF′ =CTA⊕TSA⊕IDA (uncorrected
information)
• ?
Server, User => Compare backup file and (from )
Result of comparison is incorrect ′ ′ = INF INF TB INF ACC
ACC ACC ACC
5.3 Protection against data loss
To prevent data loss, our proposed scheme encrypts user’ data using a symmetric key (SYK). This key is generated randomly, and SYK and LINK of ACCINF are encrypted
using the encryption/decryption key (LK). This key is generated using the user’s password (PW) and a sequence number (SQ). SQ is generated according to upload data sequences, whereas the LINK server manages and stores SQ. If anyone wants to access data, they need LINK from ACCINF. Thus, they need SYK and LK to decrypt and access
data. As a consequence, a malicious attacker not only needs LINK, but also PW or SQ from ACCINF.
Acknowledgements
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korean government (MSIP) (No. 2012-010886). This work was supported by the Soonchunhyang University Research Fund. The authors declare that there is no conflict of interest regarding the publication of this article.
6 Conclusions
In this paper, we proposed a dual server-based secure data storage scheme for cloud storage services. Our proposed scheme utilises two different servers: a LINK server and a DATA server. The LINK server has LINKINF, which
comprises SYK, LINK, and MAC, while the DATA server stores DATAINF, which comprises ACCINF (CT, TS, and IDU)
and data encrypted using SYK. ACCINF is used to detect
illegal access and illegal modifications. To protect user data in cloud storage, users are allowed direct access only to the LINK server. The DATA server can be accessed only through the LINK server. The above features provide security for cloud storage services.
References
Gelogo, Y.E. and Lee, S. (2012) ‘Database management system as a cloud service’, International Journal of Future Generation Communication and Networking, Vol. 5, No. 2, pp.71–76. Lee, K. (2012) ‘Security threats in cloud computing
environments’, International Journal of Security and Its Applications, Vol. 6, No. 4., pp.25–32.
Peng, Y., Zhao, W., Xie, F., Dai, Z., Gao, Y. and Chen, D. (2012) ‘Secure cloud storage based on cryptographic techniques’,
The Journal of China Universities of Posts and Telecommunications, Vol. 19, No. 2, pp.182–189.
Rehman, A.u. and Hussain, M. (2011) ‘Efficient cloud data confidentiality for DaaS’, International Journal of Advanced Science and Technology, Vol. 35, pp.1–10.
Wu, J., Ping, L., Ge, X., Wang, Y. and Fu, J. (2010) ‘Cloud storage as the infrastructure of cloud computing’,
International Conference on Intelligent Computing and Cognitive Informatics, Hangzhou, China, June, pp.380–383. Wu, T., Lee, W. and Lin, C.F. (2012) ‘Cloud storage performance
enhancement by real-time feedback control and de-duplication’, Wireless Telecommunications Symposium (WTS), Taipei, Taiwan, 1–5 April.
Zeng, W., Zhao, Y., Ou, K. and Song, W. (2009) ‘Research on cloud storage architecture and key technologies’, Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, New York, USA, November, pp.1044–1048.
