A security framework with authentication group key management confidentiality and integrity mechanisms for data sharing in the cloud

Abstract

With the advent of the technological revolutions in cloud computing storing of data in the cloud has become widespread This very explosion in the usage of cloud storage poses a serious threat to the security of sensitive data in the cloud due to the multitenancy characteristic of the cloud The users fear that their control on data is lost because of the data being stored in the cloud Providing security to the cloud data at rest/transit and addressing scalability are major issues in the cloud Many techniques have been proposed by various researchers in the area of cloud security However these techniques focus on addressing a particular security issue rather than providing an integrated solution Hence the aim of this research work is to develop a security framework that incorporates mechanisms to efficiently address data security issues of the cloud namely confidentiality and integrity as well as user authentication The work also includes a group key distribution mechanism that ensures backward secrecy forward secrecy and scalability of key distribution for the secure data storage in the cloud The proposed security framework encompasses a novel Compressed Trie based Group Key Distribution CTGKD mechanism that addresses the scalability issue and communication overhead in key management a modified Elliptic Curve Diffie Hellman ECDH based authentication mechanism which provides robust authentication a Self Similar Key Generation SSKG based Elliptic Curve Cryptography mechanism that ensures confidentiality and a Chinese Remainder Theorem Key Generation based keyed Hashing for Message Authentication Code CRTK HMAC mechanism for preserving integrity of data stored in the cloud newline