Abstract
Cloud storage systems have become the primary storage space for cloud users’ data. Despite the huge advantages and flexibility of the cloud storage services, many challenges are hindering the migration of users’ data into the cloud. Among them, the data privacy needs to be considered. In this paper, we design and implement an encryption service namely ESPRESSO (Encryption as a Service for Cloud Storage Systems) to protect the users’ data by using advanced encryption algorithms. The flexible design and the standalone property of ESPRESSO allow cloud storage service providers to easily integrate it without heavy modification and implementation of their infrastructures. ESPRESSO was integrated into two open-source cloud storage platforms: OpenStack/Swift and Nimbus/Cumulus. The real experiments were conducted, and the results assess the performance and effectiveness of ESPRESSO.
Chapter PDF
Similar content being viewed by others
References
IMEX: The Promise & Challenges of Cloud Storage. Technical report, IMEX Research (August 2010)
Tian, L.Q., Lin, C., Ni, Y.: Evaluation of User Behavior Trust in Cloud Computing. In: ICCASM 2010, Taiyuan, pp. 567–572 (October 2010)
Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) FC 2010 Workshops. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)
Factor, M., Hadas, D., Hamama, A., Har’el, N., Kolodner, E., Kurmus, A., Shulman-Peleg, A., Sorniotti, A.: Secure logical isolation for multi-tenancy in cloud storage. In: IEEE MSST 2013, Long Beach, CA, pp. 1–5 (May 2013)
Huang, Z., Li, Q., Zheng, D., Chen, K., Li, X.: YI Cloud: Improving User Privacy with Secret Key Recovery in Cloud Storage. In: IEEE SOSE 2011, Irvine, CA, pp. 268–272 (December 2011)
Hao, L., Han, D.: The study and design on secure-cloud storage system. In: ICECE 2011, Yichang, China, pp. 5126–5129 (September 2011)
Itani, W., Kayssi, A., Chehab, A.: Privacy as a Service: Privacy-aware Data Storage and Processing in Cloud Computing Architectures. In: IEEE DASC 2009, Chengdu, China, pp. 711–716 (December 2009)
Harrin, E.: Cloud Storage Vendors Offering Encryption as a Service. Technical report, Enterprise Networking Planet (February 2012)
Google, http://googlecloudplatform.blogspot.sg/2013/08/google-cloud-storage-now-provides.html
Amazon S3, http://docs.aws.amazon.com/AmazonS3/latest/dev/Welcome.html
Microsoft Azure (April 2014), http://www.windowsazure.com/en-us/
GoGrid, http://www.gogrid.com/
RackSpace, http://www.rackspace.com/
Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE INFOCOM 2010, San Diego, CA, pp. 1–9 (March 2010)
Litzenberger, D.C.: PyCrypto (April 2014), https://www.dlitz.net/software/pycrypto
OpenStack (April 2014), http://swift.openstack.org/
Bresnahan, J., Keahey, K., LaBissoniere, D., Freeman, T.: Cumulus: An Open Source Storage Cloud for Science. In: ScienceCloud 2011, CA, pp. 25–32 (June 2011)
cURL, http://curl.haxx.se
s3cmd (April 2014), http://s3tools.org/s3cmd
boto (April 2014), http://code.google.com/p/boto
jets3t (April 2014), http://jets3t.s3.amazonaws.com
Wikipedia: Wikipedia archive (February 2014), http://dumps.wikipedia.org
Kang, L., Zhang, X.: Identity-based Authentication in Cloud Storage Sharing. In: MINES 2010, Nanjing, China, pp. 851–855 (November 2010)
Gu, Y., Grossman, R.L.: Sector and Sphere: The Design and Implementation of a High Performance Data Cloud. Philosophical Transactions of The Royal Society A: Mathematical Physical and Engineering Sciences 367 (1897), 2429–2445 (2009)
Zhao, G., Rong, C., Li, J., Zhang, F., Tang, Y.: Trusted Data Sharing over Untrusted Cloud Storage Providers. In: IEEE CloudCom 2010, Indianapolis, IN, pp. 97–103 (November 2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 International Federation for Information Processing
About this paper
Cite this paper
Kang, S., Veeravalli, B., Aung, K.M.M. (2014). ESPRESSO: An Encryption as a Service for Cloud Storage Systems. In: Sperotto, A., Doyen, G., Latré, S., Charalambides, M., Stiller, B. (eds) Monitoring and Securing Virtualized Networks and Services. AIMS 2014. Lecture Notes in Computer Science, vol 8508. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-43862-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-662-43862-6_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-43861-9
Online ISBN: 978-3-662-43862-6
eBook Packages: Computer ScienceComputer Science (R0)