86 Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, 2014

Transcription

1 86 Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, 2014 Dual server-based secure data-storage system for cloud storage Woong Go ISAA Lab, Department of Information Security Engineering, Soonchunhyang University, Asan, Choongchungnam-do, Korea Jin Kwak* Department of Information Security Engineering, Soonchunhyang University, Asan, Choongchungnam-do, Korea *Corresponding author Abstract: Users can access data that they store in cloud storage anytime and anywhere over a network. In the cloud storage paradigm, users data are stored in several distributed servers and virtualisation is applied in order to logically integrate those data. However, when users access their data in cloud storage, they directly access the server on which the data are physically stored. Thus, there is a potential threat of data loss due to a malicious attacker accessing the data. In order to solve this threat, we propose a data storage system that uses link and data servers. The link server does not store real data; it only has the address of the data and a symmetric key. The data server, on the other hand, has the real data and access information, and it can only be accessed via the link server. Keywords: cloud storage; data loss prevention; link server; data server. Reference to this paper should be made as follows: Go, W. and Kwak, J. (2014) Dual server-based secure data-storage system for cloud storage, Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, pp Biographical notes: Woong Go received his BS and MS in Information Security from Soonchunhyang University, South Korea, in 2008 and 2010, respectively. He is currently a PhD candidate in the Information Security Application and Assurance Lab at Soonchunhyang University. His research interests include security of cloud computing, data management, and key distribution protocols. Jin Kwak received his BS (2000), MS (2003), and PhD (2006) from Sungkyunkwan University (SKKU) in Korea. Prior to joining the faculty at Soonchunhyang University (SCH) in 2007, he joined Kyushu University in Japan as a Visiting Scholar. After that, he served MIC (Ministry of Information and Communication, Korea) as a Deputy Director. Also, he has served as a Dean of DISE ( ) and Vice-Dean of College of Engineering (2009) in SCH. Now he is a Professor at Department of Information Security Engineering (DISE) at SCH. His main research areas are cryptology, information security applications and information assurance. This paper is a revised and expanded version of a paper entitled Dual server-based secure data-storage system for cloud storage presented at the 1st International Conference on Convergence and its Applications, Korea, July Introduction In recent times, advances in science and technology have brought us many benefits. One of those is remote storage, in which users can access their data anytime and anywhere over a network. Cloud storage, a model of networked online storage in which data is stored in virtualised storage pools that are generally hosted by third parties, is the technology that has made this possible. It is a subservice of infrastructure as a service in cloud computing (Peng et al., 2012). In the cloud storage paradigm, data are usually stored in the storage areas of third-party companies instead of in a single host. Further, the data have to be managed and integrated into available resources for users to access. Thus, Copyright 2014 Inderscience Enterprises Ltd.

2 Dual server-based secure data-storage system for cloud storage 87 cloud storage is able to provide reliable, secure storage services at a low cost (Wu et al., 2012; Zeng et al., 2009). However, when data are stored in cloud storage, users cannot directly manage data. This means that users do not know where the data are and how many copies are stored in cloud storage. These issues can cause serious security concerns. If users want to delete data, they can delete some, but they cannot be sure that all the relevant data have been deleted. This results in user anxiety. In addition, a malicious attacker may find it easy to steal users data due to the existence of many copies (Wu et al., 2010). We therefore propose a data loss prevention scheme for cloud storage that uses a link server. This scheme uses two servers: A LINK server and a DATA server. The link server only has the address of the user s data, which are actually stored in the DATA server. The DATA server, on the other hand, has the user s real data and the data access information. The remainder of this paper is organised as follows: In Section 2, we briefly provide basic information about cloud storage. In Section 3, we discuss problems associated with the security of cloud storage. In Section 4, we present and describe our proposed scheme, and analyse it in Section 5. Finally, we summarise our research and conclude this paper in Section 6. 2 Cloud storage Cloud storage facilities utilise thousands of storage devices clustered by network, distributed file systems, and other storage middleware to provide cloud storage services to users. Cloud storage is typically structured in terms of elements such as storage resource pools, distributed file systems, service level agreements (SLAs), and service interfaces. Globally, they can be divided by physical and logical functional boundaries and relationships to provide more compatibility and interactions (Zeng et al., 2009). Figure 1 Cloud storage architecture (see online version for colours) There are hundreds of different cloud storage systems. Some have a very specific focus, such as storing web messages or digital pictures. Others are available to store all forms of digital data. Some cloud storage systems are small operations, while others are so large that the physical equipment used can fill up entire warehouses. The facilities that house cloud storage systems are called data centres (Wu et al., 2010; Gelogo and Lee, 2012). 3 Security problems 3.1 Management of data Cloud storage users store their data in remote cloud storage servers. This means that users cannot manage their data directly. Further, they do not know where the data physically reside and how many copies are stored in cloud storage. These management problems can cause serious problems (Rehman and Hussain, 2011). First, users cannot simply rely on the honesty of cloud-storage service providers. In other words, users cannot be sure that the data are stored securely. Consequently, security discomfort occurs from the use of cloud storage. The second concern is data deletion. When users want to remove the data, they cannot be sure that all the data have been removed because cloud storage services backup user s data in case they need to be restored. Therefore, there is a possibility that some copies of the data have not been deleted. 3.2 Data loss problem Cloud storage services store a user s data in remote servers, to which the user has access. This means that the address of the remote server is exposed to the outside. This is the same for the attacker s side. Thus, a malicious attacker can access a remote server in which real data are stored. If a malicious attacker accesses a remote server illegally, he can steal users data from the remote server (Lee, 2012). 4 Proposed scheme In this paper, we propose a scheme for cloud-storage data loss prevention. The scheme solves the problems outlined above by utilising two different servers: a LINK server and a DATA server. The LINK server stores several pieces of data consisting of a symmetric key for encryption/decryption, the physical address of the data, and message authentication code (MAC) to detect illegal modification. The DATA server stores user data that have been encrypted using the symmetric key and access information, ACC INF, for the data. ACC INF consists of counter, timestamp, and user access ID. Figure 2 gives an overview of our proposed scheme.

3 88 W. Go and J. Kwak Figure 2 Overview of our proposed scheme (see online version for colours) 4.1 Notation Table 1 outlines the notations we will use throughout this paper to discuss our proposed scheme. Table 1 Notation ID U DATA RQ(DATA) DATA INF ACC INF TS MAC LINK INF PRNG( ) PW CK SYK LK CT ACC TB SQ H( ) Notations used in our proposed scheme Description 4.2 LINK server User ID User s data Request data Data information Access information for data Timestamp Message authentication code Link information for data Pseudo random generation User password Pre-distributed key Symmetric key for data Encryption/decryption key for LINK information Counter value Table of access information Sequence number of data Hash function The LINK server has LINK information (LINK INF ) that is used to access a user s real data. The LINK information is as follows: LINK = E ( SYK LINK) MAC INF CK SYK is an encryption/decryption key for a symmetric algorithm, such as AES and 3-DES. This key is generated each time the data are stored; resulting in a different key for each set of data. Furthermore, in cloud storage there is no need to directly manage the symmetric key, and so there is no key management problem occurring. LINK has the real address of the user s data. This address includes the location of the server in which the data are stored and the physical address of the data. The user can access his/her real data using LINK information. SYK and LINK are encrypted using the user s password and a sequence number (assigned according to the order in which the data are stored). This sequence number is managed by the server, and thus, the server can decrypt the user s data normally. MAC is hash data associated with SYK and LINK. Cloud storage services can detect forged data using the MAC. 4.3 DATA server The DATA server has DATA information (DATA INF ), and LINK information (LINK INF ) referred to it. This server is accessible only via LINK information on the LINK server. Further, no one can access it directly over the network. The DATA information is as follows: DATA = ACC E ( DATA ) INF INF SYK ACC INF stores access information about the user s data; it is updated each time the data are accessed. This information consists of three elements: counter (CT, when a user accesses the data, the value of this counter is increased), timestamp (TS), and access ID (not owner ID). These three elements are computed using an exclusive-or operation. To detect illegal modifications, ACC INF is duplicated and managed separately by the server. Thus, if a malicious attacker attempts to modify this information, s/he will be denied. DATA is the user s real data. The data are encrypted using SYK on the LINK server. Therefore, only authorised users can decrypt SYK and DATA.

4 Dual server-based secure data-storage system for cloud storage Data registration phase In the data registration phase, the user inputs his/her ID/PW ( IDU PW ) and data (DATA) in order to register the data. The cloud storage service then generates LINK and DATA information, which are stored on the LINK and DATA servers, respectively. The protocol used in this phase is outlined in Figure Data request phase In this phase, the user sends a request to the LINK server for his/her data. The LINK server then searches LINK INF and requests the user s data from the DATA server. Finally, the DATA server decrypts the user s data, and the user accesses the data via LINK. The protocol used in this phase is outlined in Figure 4. Figure 3 Protocol used in the data registration phase Figure 4 Protocol used in the data request phase

5 90 W. Go and J. Kwak 5 Analysis 5.1 Protection against data management problems Users cannot manage data directly, and they also do not know where data is stored or how many copies are stored in cloud storage. Consequently, users have to trust completely in the honesty of their cloud storage service provider. However, this is impossible. Our proposed scheme uses LINK information (LINK INF ) for data management. LINK INF comprises symmetric key (SYK), address of data (LINK), and MAC. A user can access his/her data using LINK, and determine where his/her data are stored. Thus, users do not simply have to trust completely in the honesty of their cloud storage service provider. Next, the access information parameter (ACC INF ) shows who accessed the user s data and how many times the data were accessed. Thus, users can check for illegal access to their data; which resolves the problems associated with data management. 5.2 Protection against illegal access Current cloud storage services allow users to access data directly from a remote server. This means that a malicious attacker can access a user s real data using illegal hacking, resulting in serious problems. In our proposed scheme, ACC INF is used to protect the data and detect illegal access. This information consists of counter (CT), timestamp (TS), and access user ID (ID U ). When the data are accessed, CT is increased and TS, and user ID are changed. These pieces of information are computed using an exclusive-or operation. In addition, the DATA server backs up this information and uses the backup to identify illegal modification. For example, if a malicious attacker modifies any element of ACC INF, the DATA server can detect that modification using the backup file. Further, the user can check the illegal access information using ACC INF. Attacker => ACCINF = CTA TSA ID A (uncorrected information) Server, User => Compare backup file and ACC ACCINF (from ACCTB ) = ACC INF Result of comparison is incorrect 5.3 Protection against data loss To prevent data loss, our proposed scheme encrypts user data using a symmetric key (SYK). This key is generated randomly, and SYK and LINK of ACC INF are encrypted using the encryption/decryption key (LK). This key is generated using the user s password (PW) and a sequence number (SQ). SQ is generated according to upload data sequences, whereas the LINK server manages and stores SQ. If anyone wants to access data, they need LINK from ACC INF. Thus, they need SYK and LK to decrypt and access? INF data. As a consequence, a malicious attacker not only needs LINK, but also PW or SQ from ACCINF. Acknowledgements This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korean government (MSIP) (No ). This work was supported by the Soonchunhyang University Research Fund. The authors declare that there is no conflict of interest regarding the publication of this article. 6 Conclusions In this paper, we proposed a dual server-based secure data storage scheme for cloud storage services. Our proposed scheme utilises two different servers: a LINK server and a DATA server. The LINK server has LINK INF, which comprises SYK, LINK, and MAC, while the DATA server stores DATA INF, which comprises ACC INF (CT, TS, and ID U ) and data encrypted using SYK. ACC INF is used to detect illegal access and illegal modifications. To protect user data in cloud storage, users are allowed direct access only to the LINK server. The DATA server can be accessed only through the LINK server. The above features provide security for cloud storage services. References Gelogo, Y.E. and Lee, S. (2012) Database management system as a cloud service, International Journal of Future Generation Communication and Networking, Vol. 5, No. 2, pp Lee, K. (2012) Security threats in cloud computing environments, International Journal of Security and Its Applications, Vol. 6, No. 4., pp Peng, Y., Zhao, W., Xie, F., Dai, Z., Gao, Y. and Chen, D. (2012) Secure cloud storage based on cryptographic techniques, The Journal of China Universities of Posts and Telecommunications, Vol. 19, No. 2, pp Rehman, A.u. and Hussain, M. (2011) Efficient cloud data confidentiality for DaaS, International Journal of Advanced Science and Technology, Vol. 35, pp Wu, J., Ping, L., Ge, X., Wang, Y. and Fu, J. (2010) Cloud storage as the infrastructure of cloud computing, International Conference on Intelligent Computing and Cognitive Informatics, Hangzhou, China, June, pp Wu, T., Lee, W. and Lin, C.F. (2012) Cloud storage performance enhancement by real-time feedback control and deduplication, Wireless Telecommunications Symposium (WTS), Taipei, Taiwan, 1 5 April. Zeng, W., Zhao, Y., Ou, K. and Song, W. (2009) Research on cloud storage architecture and key technologies, Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, New York, USA, November, pp