[1] Liu XiaoJiang Rui,. Security analysis and improvement on resilient storageoutsourcing schemes in mobile cloud computing [J]. Journal of Southeast University (English Edition), 2012, 28 (4): 392-397. [doi:10.3969/j.issn.1003-7985.2012.04.004]

Copy

Security analysis and improvement on resilient storageoutsourcing schemes in mobile cloud computing()

移动云计算中弹性存储外包方案的安全性分析和改进

Share：

Journal of Southeast University (English Edition)[ISSN:1003-7985/CN:32-1325/N]

Volumn:

28

Issue:

2012 4

Page:

392-397

Research Field:

Computer Science and Engineering

Publishing date:

2012-12-30

Info

Title:

Security analysis and improvement on resilient storageoutsourcing schemes in mobile cloud computing

移动云计算中弹性存储外包方案的安全性分析和改进

Author(s):

Liu XiaoJiang Rui

School of Information Science and Engineering, Southeast University, Nanjing 210096, China

刘晓;  蒋睿

东南大学信息科学与工程学院, 南京210096

Keywords:

mobile cloud computing;  cloud storage;  security protocols

移动云计算;  云存储;  安全协议

PACS:

TP393

DOI:

10.3969/j.issn.1003-7985.2012.04.004

Abstract:

The resilient storage outsourcing schemes in mobile cloud computing are analyzed. It is pointed out that the sharing-based scheme(ShS)has vulnerabilities regarding confidentiality and integrity; meanwhile, the coding-based scheme(CoS)and the encryption-based scheme(EnS)have vulnerabilities on integrity. The corresponding attacks on these vulnerabilities are given. Then, the improved protocols such as the secure sharing-based protocol(SShP), the secure coding-based protocol(SCoP)and the secure encryption-based protocol(SEnP), are proposed to overcome these vulnerabilities. The core elements are protected through public key encryptions and digital signatures. Security analyses show that the confidentiality and the integrity of the improved protocols are guaranteed. Meanwhile, the improved protocols can keep the frame of the former schemes and have higher security. The simulation results illustrate that compared with the existing protocols, the communication overhead of the improved protocols is not significantly increased.

分析了移动云计算中弹性存储外包方案, 指出该方案中基于共享方案(ShS)存在机密性和完整性缺陷, 基于编码方案(CoS)和基于加密方案(EnS)存在完整性缺陷, 同时给出针对缺陷的攻击方法.由此提出了改进安全协议安全共享协议(SShP)、安全编码协议(SCoP)和安全加密协议(SEnP), 以克服原协议中存在的安全性缺陷.采用公钥加密和数字签名, 对协议中核心数据加以保护.安全性分析表明:改进协议可确保用户数据的机密性和完整性, 且在保持原方案架构的基础上具有更高安全性.仿真结果显示改进安全协议的通信开销和原协议相比没有明显增加.

References:

[1] Park Ji Soo, Yi Ki Jung, Park Jong Hyuk. SSP-MCloud: a study on security service protocol for smartphone centric mobile cloud computing [C]//Lecture Notes in Electrical Engineering. Springer, 2012, 107:165-172.
[2] Feng Jun, Chen Yu, Summerville D, et al. Enhancing cloud storage security against roll-back attacks with a new fair multi-party non-repudiation protocol[C]//2011 IEEE Consumer Communications and Networking Conference. New York, USA, 2011:521-522.
[3] Bermbach D. Meta storage: a federated cloud storage system to manage consistency-latency tradeoffs [C]//2011 IEEE 4th International Conference on Cloud Computing. Washington DC, USA, 2011:452-459.
[4] Zhang Xinwen, Joshua Schiffman, Simon Gibbs, et al. Securing elastic applications on mobile devices for cloud computing [C]//Proceedings of the 2009 ACM Workshop on Cloud Computing Security. New York, USA, 2009:127-134.
[5] Park Ki-Woong, Han Jaesun, Chung Jae Woong, et al. THEMIS: towards mutually verifiable billing transactions in the cloud computing environment[C]//2010 IEEE 3rd International Conference on Cloud Computing. Miami, USA, 2010:139-147.
[6] Hsueh Sue-Chen, Lin Jing-Yan, Lin Ming-Yen. Secure cloud storage for convenient data archive of smart phones [C]//2011 IEEE 15th International Symposium on Consumer Electronics. Singapore, 2011: 251-258.
[7] Ruiz-Alvarez A, Humphrey M. An automated approach to cloud storage service selection [C]//Proceedings of the 2nd International Workshop on Scientific Cloud Computing. New York, USA, 2011: 39-48.
[8] Feng Jun, Chen Yu, Ku Wei-Shinn, et al. Analysis of integrity vulnerabilities and a non-repudiation protocol for cloud data storage platforms [C]//2010 39th International Conference on Parallel Processing Workshops. San Diego, USA, 2010: 251-258.
[9] Ren Wei, Yu Linchen, Gao Ren, et al. Lightweight and compromise resilient storage outsourcing with distributed secure accessibility in mobile cloud computing [J]. Tsingha Science and Technology, 2011, 16(5): 520-528.

Memo

Memo:

Biographies: Liu Xiao(1989—), male, graduate; Jiang Rui(corresponding author), male, doctor, associate professor, R.Jiang@seu.edu.cn.
Foundation items: The National Natural Science Foundation of China(No.60902008), the Key Laboratory Hi-Tech Program of Changzhou City(No.CM20103003), the Key Laboratory Program of Information Network Security of Ministry of Public Security(No.C12602), the Science and Technology Supporting Project of Changzhou City(No.CE20120030).
Citation: Liu Xiao, Jiang Rui. Security analysis and improvement on resilient storage outsourcing schemes in mobile cloud computing.[J]. Journal of Southeast University(English Edition), 2012, 28(4):392-397.[doi:10.3969/j.issn.1003-7985.2012.04.004]

Common functions