Design of Security Solution to Mobile Cloud Storage
The cloud storage ownsadvantages in pay for use and elastic scalability. However, the data securityrisk destroysthe trustrelation between the cloud service provider and user. A direct method to avoid this problemis toencrypt databefore data stored in the
- PDF / 326,807 Bytes
- 9 Pages / 429.725 x 659.895 pts Page_size
- 2 Downloads / 247 Views
Abstract. The cloud storage owns advantages in pay for use and elastic scalability. However, the data security risk destroys the trust relation between the cloud service provider and user. A direct method to avoid this problem is to encrypt data before data stored in the cloud. Thus, without the decryption key, the leakage data cannot be decrypted. While the encryption technology is good, it is not always suitable for the mobile user. When using the mobile device, such as smart phone, to access the data that stored in cloud storage system, the performance issue should be considered, because the encryption scheme involves high workload. This paper is focus on the design of security solution to mobile cloud storage. It detailed the design principle, security function model, and typical deploy model. It also proposed a design case based on searchable encryption to guide the further research. Keywords: Mobile cloud storage, security solution, data security, searchable encryption.
1 Introduction The mobile cloud storage is a typical application that people use cloud storage as their information store and communicate with the cloud storage by mobile devices. However, the data security problem has not been solved in mobile cloud storage. On one hand, it is hesitant for enterprise to store the information related to enterprise benefit in cloud storage system, where the attacks occurred frequently, resulting the relation between user and cloud storage provider is low trust. On the other hand, people use the mobile devices to get the cloud storage service where the security level is low [1]. So the attacker can intrude into cloud storage system from mobile platform. Thus, the security problem has become a top research issue in mobile cloud storage field. One of technologies to solve the data security problem is the searchable encryption. It achieves the data confidentiality by using the encryption and it also supports the search ability on cipher text. Song et.al [2] proposed a sequential scanning searchable encryption. This scheme is low performance as every word in all files will be compared in searching process. Goh[3]proposed the keyword-based searchable encryption. The pain file is encrypted with symmetric encryption scheme and the keyword indexes are encrypted with other encryption. The search work could be conducted on the encrypted keywords. Other related work of searchable encryption is in [4][5].
H. Tan (Ed.): Knowledge Discovery and Data Mining, AISC 135, pp. 255–263. springerlink.com © Springer-Verlag Berlin Heidelberg 2012
256
X. Yu and Q. Wen
However, the searchable encryption technology brings much work load to client, such as the encryption and decryption, resulting low performance in mobile device which is in limited computing ability. This paper is focus on the design of security solution. The functions architecture and security deploy model are proposed according to the threat model and design principle. It also proposed a design case of security solution base on searchable encryption. In this case,
Data Loading...
