A unidirectional data-flow model for cloud data security with user involvement during data transit

Bhargav J. Bhatkalkar, Ramegowda
{"title":"A unidirectional data-flow model for cloud data security with user involvement during data transit","authors":"Bhargav J. Bhatkalkar, Ramegowda","doi":"10.1109/ICCSP.2014.6949883","DOIUrl":null,"url":null,"abstract":"Traditional computational models are rapidly shifting from a centralized computing to a distributed computing paradigm. As a result of this shift, the buzz of cloud computing is heard everywhere these days. The main concern in cloud computing environment is providing security to the user data. Often user data is moved back and forth between Cloud Service Vendor (CSV) and Cloud Service User (CSU). The degree of trust of CSU in CSV varies when it comes to the sensitivity of data. A CSU may or may not trust the CSV. In the latter case, the CSU may be interested to use the security service provided by a Third-Party (TP) like a Certification Authority to whom both the CSU and CSV may trust. Once again here, the CSU may or may not even trust the TP based on the supremacy of the data. In order to provide a flexible and secure management of CSUs data, the proposed model explicitly considers the degree of trust possessed by the CSU in both CSV and TP. The movement of CSU data within the premises of CSV is also strictly controlled with the involvement of CSU so that the data is not moved arbitrarily without the consent of CSU. Majority of the flow of data among entities in the proposed model is kept unidirectional to block the reverse transmission of sensitive information and also to block the return path to shield the secure data source from hidden viruses, Trojans, malicious instructions or other intrusion attempts. The security mechanisms suggested for realization of the proposed model are widely accepted and practically proven. The proposed data security model ensures privacy and security of the data both at CSV side and CSU side.","PeriodicalId":149965,"journal":{"name":"2014 International Conference on Communication and Signal Processing","volume":"2 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Communication and Signal Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCSP.2014.6949883","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Traditional computational models are rapidly shifting from a centralized computing to a distributed computing paradigm. As a result of this shift, the buzz of cloud computing is heard everywhere these days. The main concern in cloud computing environment is providing security to the user data. Often user data is moved back and forth between Cloud Service Vendor (CSV) and Cloud Service User (CSU). The degree of trust of CSU in CSV varies when it comes to the sensitivity of data. A CSU may or may not trust the CSV. In the latter case, the CSU may be interested to use the security service provided by a Third-Party (TP) like a Certification Authority to whom both the CSU and CSV may trust. Once again here, the CSU may or may not even trust the TP based on the supremacy of the data. In order to provide a flexible and secure management of CSUs data, the proposed model explicitly considers the degree of trust possessed by the CSU in both CSV and TP. The movement of CSU data within the premises of CSV is also strictly controlled with the involvement of CSU so that the data is not moved arbitrarily without the consent of CSU. Majority of the flow of data among entities in the proposed model is kept unidirectional to block the reverse transmission of sensitive information and also to block the return path to shield the secure data source from hidden viruses, Trojans, malicious instructions or other intrusion attempts. The security mechanisms suggested for realization of the proposed model are widely accepted and practically proven. The proposed data security model ensures privacy and security of the data both at CSV side and CSU side.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
一个单向数据流模型,用于在数据传输过程中用户参与的云数据安全
传统的计算模型正迅速从集中式计算向分布式计算范式转变。这种转变的结果是,如今云计算的嗡嗡声无处不在。云计算环境的主要关注点是为用户数据提供安全性。用户数据经常在云服务供应商(CSV)和云服务用户(CSU)之间来回移动。CSV中CSU的信任程度随数据敏感性的不同而不同。CSU可能信任CSV,也可能不信任CSV。在后一种情况下,CSU可能有兴趣使用第三方(TP)提供的安全服务,比如CSU和CSV都可以信任的证书颁发机构。这里再次强调,CSU可能信任TP,也可能不信任TP,这是基于数据的至高无上性。为了提供灵活、安全的CSU数据管理,该模型明确考虑了CSU在CSV和TP中所拥有的信任程度。在CSU的参与下,对CSV场所内CSU数据的移动也有严格的控制,不允许未经CSU同意擅自移动数据。在该模型中,实体之间的大部分数据流都是单向的,以阻止敏感信息的反向传输,并阻止返回路径,以保护安全数据源免受隐藏的病毒、木马、恶意指令或其他入侵企图的影响。为实现所提出的模型而提出的安全机制已被广泛接受和实践证明。所提出的数据安全模型保证了CSV端和CSU端数据的私密性和安全性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Design and simulation of dense dielectric patch antenna for wireless applications Texture image retrieval by combining local binary pattern and discontinuity binary pattern Dynamic beacon based and load balanced geo routing in MANETs Analysis of leakage current and leakage power reduction during write operation in CMOS SRAM cell HDL implementation of 128- bit Fused Multiply Add unit for multi mode SoC
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1