Abstract
In this chapter, the most applicable cloud storage security mechanisms are introduced. The chapter can be used as a reference to a set of cloud security solutions. The mechanisms are grouped according to the related security task or problem:
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Common Criteria for Information Technology Security Evaluation ISO\IEC 15408 (2005) Common criteria portal. http://www.commoncriteriaportal.org/cc/. Accessed 6 July 2016
NIST Special Publication 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems (1996) National Institute Standards and Technology Computer Security Division. http://csrc.nist.gov/publications/PubsSPs.html. Accessed 6 July 2016
Lopez M (2013) 4 reasons why you need stronger authentication now. Symantec Official Blog. http://www.symantec.com/connect/blogs/4-reasons-why-you-need-stronger-authentication-now. Accessed 6 July 2016
Boodaei M (2010) Real-time phishing takes off. Security intelligence: analysis and insight for information security professionals. https://securityintelligence.com/real-time-phishing-takes-off/#.VdOTBHhh1Bw. Accessed 6 July 2016
Schneier B (2016) Credential stealing as an attack vector. Schneier on Security blog. https://www.schneier.com/blog/archives/2016/05/credential_stea.html. Accessed 6 July 2016
Vellon M (2010) Authentication in the cloud. Network World. http://www.networkworld.com/article/2194263/tech-primers/authentication-in-the-cloud.html. Accessed 6 July 2016
Dinesha HA, Agrawal VK (2012) Multi-level authentication technique for accessing cloud services ICCCA. doi:10.1109/ICCCA.2012.6179130
Schneier B (2016) Google moving towards surveillance. Schneier on Security blog. https://www.schneier.com/blog/archives/2016/05/google_moving_f.html. Accessed 6 July 2016
Schneier B (1996) Applied cryptography: protocols, algorithms and source code in C. Wiley, New York
OpenID Authentication 2.0 (2007) OpenID Foundation Website. http://openid.net/specs/openid-authentication-2_0.html. Accessed 6 July 2016
OAuth 2.0. authorization framework (2012) Internet engineering task force tools http://tools.ietf.org/html/rfc6749. Accessed 6 July 2016
Richer J. User authentication with OAuth 2.0. OAuth community website. http://oauth.net/articles/authentication/. Accessed 6 July 2016
Kerberos: the network authentication protocol (2016) MIT Website. http://web.mit.edu/kerberos/. Accessed 6 July 2016
Harrison R (2006) Lightweight Directory Access Protocol (LDAP): authentication methods and security mechanisms. Internet Engineering Task Force Tools. https://tools.ietf.org/html/rfc4513. Accessed 6 July 2016
Biometrics standard ISO19092:2008 security framework (2013) International Organization for Standardization. http://www.iso.org/iso/catalogue_detail?csnumber=50145. Accessed 6 July 2016
Grotner P, Salamon W, Chandramouli R (2013) NIST special publication 800-76-2. Biometric specifications for personal identity verification. National Institute Standards and Technology Computer Security Division. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-76-2.pdf. Accessed 6 July 2016
Bhargava L, VenkataKiran K (2014) Two end point verification of secure data storage over cloud. IJETT 17(9):450–453
Spies T, Schmalz S (2013) Tokenization standard ANSI X9.119 Part 2. Using tokenization methods. Accredited Standards Committee X9 Inc. http://x9.org/wp-content/uploads/2014/01/X9-Tokenization-Webinar-January-2014.pptx. Accessed 6 July 2016
Scoping SIG, Tokenization Taskforce, PCI SSC (2011) Information supplement: PCI DSS tokenization guidelines. PCI Security Standards Council. https://www.pcisecuritystandards.org/documents/Tokenization_Guidelines_Info_Supplement.pdf. Accessed 6 July 2016
3DSI staff (2013) Credit card tokenization 101. 3Delta Systems Blog. http://www.3dsi.com/blog/credit-card-tokenization-101. Accessed 6 July 2016
IMPERVA (2015) Man in the Cloud (MITC) attacks. Hacker Intelligence Initiative. https://www.imperva.com/docs/HII_Man_In_The_Cloud_Attacks.pdf. Accessed 6 July 2016
Li-Hsiang Kuo Cracking Credit Card Number Tokenization. http://pages.cs.wisc.edu/~lorderic/webpage/tokenization-crack.pdf. Accessed 6 July 2016
Menezes AJ, van Oorschot PC, Vanstone SA (2001) Handbook of applied cryptography. CRC Press, Boca Raton
Schneier B, Ferguson N (2003) Practical cryptography. Wiley, New York
ISO/IEC 18033-3: Information technology – Security techniques — Encryption algorithms – Part 3: Block ciphers (2016) International Organization for Standardization. http://www.iso.org/iso/catalogue_detail.htm?csnumber=54531. Accessed 6 July 2016
McWilliams G (2011).Hardware AES showdown. Grant McWilliams Blog. http://grantmcwilliams.com/tech/technology/387-hardware-aes-showdown-via-padlock-vs-intel-aes-ni-vs-amd-hexacore. Accessed 6 July 2016
Lucian C (2014) Microsoft continues RC4 encryption phase-out plan with. NET security updates. Computerworld Digital Magazine. http://www.computerworld.com/article/2489395/encryption/microsoft-continues-rc4-encryption-phase-out-plan-with--net-security-updates.html. Accessed 6 July 2016
Bangerter E, Gullasch D, Krenn S (2010) Cache games – bringing access-based cache attacks on AES to practice. Cryptology ePrint Archive. http://eprint.iacr.org/2010/594.pdf. Accessed 6 July 2016
Breaking AES-128 in real time, no ciphertext required. Hacker News. https://news.ycombinator.com/item?id=1937902. Accessed 6 July 2016
Jonsson J, Kaliski B (2003) PKCS standards: RSA cryptography specifications: version 2.1. Engineering Task Force Tools. https://tools.ietf.org/html/rfc3447. Accessed 6 July 2016
Brown RL (2009) SEC 1: elliptic curve cryptography. Standards for Efficient Cryptography Group (SECG). http://www.secg.org/sec1-v2.pdf. Accessed 6 July 2016
NIST Special publication 800-57 Recommendation for Key Management – Part 1: general (2005) National Institute Standards and Technology Computer Security Division. http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf. Accessed 6 July 2016
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. ACM CCS 06:89–98. doi:10.1145/1180405.1180418
Bellovin SM, Merritt M (1993) Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. ACM CCS 93:244–250. doi:10.1145/168588.168618
Kocher P, Jaffe J, Jun B (1999) Differential power analysis. LNCS 1666:388–397
Kocher P, Jaffe J, Jun B, Rohatgi P (2011) Introduction to differential power analysis. J Cryptogr Eng 1:5. doi:10.1007/s13389-011-0006-y
Boutin C (2015) NIST releases SHA-3 cryptographic hash standard. NIST Information Technology Laboratory. http://www.nist.gov/itl/csd/201508_sha3.cfm
Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613
Galibus T, Matveev G, Shenets N (2009) Some structural and security properties of the modular secret sharing. SYNASC 2008:197–200. doi:10.1109/SYNASC.2008.14
ANSI ASC X9.95 Standard for Trusted Time Stamps (2012) Accredited Standards Committee X9 Inc. https://x9.org/standards/. Accessed 6 July 2016
ISO/IEC 18014 Information technology — Security techniques — Time-stamping services (2014) International Organization for Standardization. http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=50678. Accessed 6 July 2016
Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. IEEE INFOCOM 2010:534–542
Parakh A, Kak S (2009) Online data storage using implicit security. Inform Sci 179:3323–3331
Initiative for Open Authentication (2007) OATH reference architecture version 2.0. OATH Initiative Website. https://openauthentication.org/wp-content/uploads/2015/09/ReferenceArchitectureVersion2.pdf. Accessed 6 July 2016
Hu CV et al (2014) NIST special publication 800-162. Guide to Attribute Based Access Control (ABAC) definition and considerations. National Institute Standards and Technology. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-162.pdf. Accessed 6 July 2016
Musa S (2014) Cybersecurity: access control. Evolllution Online Newspaper. http://www.evolllution.com/media_resources/cybersecurity-access-control/. Accessed 6 July 2016
Shamir A (1984) Identity-based cryptosystems and signature schemes. LNCS 7:47–53
Boneh D, Franklin KM (2001) Identity-based encryption from the weil pairing. LNCS 2139:213–229
Storgrid secure enterprise share and sync solution. http://www.storgrid.com/. Accessed 6 July 2016
Galibus T, Vissia H (2015) Cloud storage security. Proc NSCE 2014:123–127
Alotaibi S, Furnell S, Clarke, N (2015) Transparent authentication systems for mobile device security: a review. 2015 10th international conference for Internet Technology and Secured Transactions (ICITST), London, pp 406–413
“TCG Mobile Reference Architecture Specification Version 1.0, Revision 1,” June 2008. Available at: http://www.trustedcomputinggroup.org/tcg-mobile-reference-architecture-specification-v1-r5-26-june-2008/
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2016 The Author(s)
About this chapter
Cite this chapter
Galibus, T., Krasnoproshin, V.V., de Oliveira Albuquerque, R., Pignaton de Freitas, E. (2016). Cloud Storage Security Mechanisms. In: Elements of Cloud Storage Security. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-44962-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-44962-3_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-44961-6
Online ISBN: 978-3-319-44962-3
eBook Packages: Computer ScienceComputer Science (R0)