Paper Example on Data Security and Privacy Protection

CHAPTER 1: BACKGROUND TO THE STUDY

1.1 Introduction

Cloud computing has promoted the future generation, evolving from distributed computing, grid computing, utility computing, parallel computing, virtualization technology, as well as another computer technology. All those combinations of the model make cloud computing more favorable in the case of large-scale data storage and scale computation; its benefits include high expansibility, virtualization, and low-price service, together with high reliability. The model in cloud computing operates on the grounds of the network, system software, infrastructure, and application, hence it accessible to the user in different locations, in a concurrent manner. Also, the services can be apportioned among the great multitude of users [1].

As defined by the U.S. National Institute of Standards and Technology (NIST), the term cloud computing refers to a model for facilitating suitable, on-demand network access to a communal combination of configured computing elements such as the servers, networks, application, storage and services, which can be swiftly provisioned, then released with less effort of the management or service provider interaction [2, 3,4].

Generally, the cloud system may be split into different levels on the merit of the range of cloud and the users [5, 6, 7, and 8]. The similar cloud system may attend to various types of users varying from the enterprises, customers, individuals and so on. In the cloud settings, data storage, is done in the public storage provider (PSP). The file data are kept on the hard-drive owned and operated by the provider, therefore no one else has the access to the drive provider who has the control over it and is aware of the specific location that it is saved [9]

1.2 Background

Security in the data computing environment has been handled with a lot of seriousness, since the data is located in the various regions of the world. Data security and data authenticity are two key factors that users are more concerned with concerning the cloud technology. Despite several researches being conducted, both academic and industrial, still there has not been a fit recommendation that would guarantee a secure and authenticity data Majority of research based on the data security have revealed that, data authenticity and security concerns both the software and the hardware in the cloud architecture [9].

Storing of data in the third-party storage system, such as cloud, may seem to be not completely secure, as the integrity and confidentiality of the data are yet to be guaranteed. As a third-party cloud computing offers cost-effective storage services, still clients cannot trust the proficiency of the services in securing the data stored in the cloud [11]. For that reason, various organizations, as well as users, may not rely on the cloud until some substantial security guarantees are made [12, 13]. At this point, the long-lasting solution to the predicament associated with the securely storing the client's data is by letting it remain authentic and original, therefore, maintaining the integrity and confidentiality of the data within the clouds.. Also [14, 15] indicatethat, the system is based on the trusted computing platform technology that is made up the Trusted Platform Module, as recommended by the Trusted Computing Group. The system prevents the system administrator in the cloud from interfering with the data security [16].

1.3 Problem Statement

Recent research by the Business News Daily states that, by 2020, the value of in cloud computing will exceed $259 billion computer industry. It shows that there are a lot of data, whereby empowered user's share, synchronize, and also collaborate with other web-based files [16]. However, the convenience of computer clouding can never be discussed without touching on the issue of the confidentiality and the security of the data, lately; there have been various cases that have emerged concerning the vulnerability of the cloud storage services. However, the security methods of protecting the data kept in the cloud storage have been highlighted, although they have never been effective enough, as there are still escalating cases where people have complained about the incidences where their stored data lose authenticity and confidentiality due to security loopholes [17].

Some of the recommended protective measures highlighted in protecting the data stored in the cloud include:

Identifying the threats through the correlation of the real-time alerts with the global security intelligence

Program security using the information technology compliance control

Filtering of data stored in the clouds

Identify mischievous projects with the audit

Authentication of identities.

Research has been conducted for a long time to identify a practical and effective method that could permanently secure the data stored in the cloud storage since the existing ones keep on failing [17].

Keeping unencrypted data on the cloud storage creates a great risk of losing the data from unknown people, who will influence its original form. Furthermore, malevolent cloud provider system administrators or users may go to an extent of making adjustments to the data changing to be less authentic. Authentication of the identities could have been a much secure methodology of safeguarding the data stored in the cloud; however, there is a need for implementing more sophisticated techniques that will make it cumbersome for unaccredited users to access the data without the owners consent. With regards to proposed solution for this matter and seeking the integrity and confidentiality of the data, cryptographic techniques can be applied in the process of encrypting the data.

1.4 Research questions

This dissertation will have a critical focus on the following Research Questions:

How to enhance the authenticity of the data stored in the cloud by using the digital signature and the verification of the subsets of data?

How to promote the decentralization and robust access control plan prior to storing the information, including the process of encrypting and decrypting the data by the authentic user?

1.5 Purpose of the study

Data Security and Privacy protection matters are important in both the software and hardware with regards to the cloud architecture. Issues concerning the data security have become a major threat towards the information technology in the cloud computing environment; this case is emerging being serious, especially when the site is located at the different location even in the entire globe. Privacy protection and data security are the key things that the users are concerned with when it comes to cloud technology [18]

In order to enhance security and the authenticity of data within the cloud, it will include granting of the development of a Trusted Storage System for the Cloud, which is made up of a front-end server, trusted storage servers, together with a trusted third-party node (TTPN), which is sustained by the trusted party. The TTPN will evaluate the suitability of the platform for a storage server, i.e., it remotely verifies the storage server [19]. After approving to the storage server, the server is considered trusted and therefore it can be operated in the securely storing of the clients data. A client communicates by the cloud via the front-end server and the other way around.1.6 Objectives of the studyThe objective of the study will mainly be on the measures that will be taken in promoting the problem with data authenticity and when stored in the cloud and the proper means that the user will use to ensure that the data stored is only accessible by the accredited persons. Some of the security issues that the cloud is faced with are mainly insecurity which leads to the unauthenticated of the information, hence being prone to be lost, hacked or stolen. Lack of Authenticity and insecurity of the data threatens its confidentiality and trust [20]. This study would identify how the data can be secured before being transmitted to the cloud for storage, and to prevent any unauthorized entity from accessing it and/or making changes on it. At the end of the study, we will be able to note the procedure to be followed while securing the data, and the safety measures that will ensure that the data is safe and authentic while in the cloud storage.

1.7 Significance of the studyThis study will also benefit the institutions and individuals in securing their data and minimizing the cases of hacking or losing of their vital information [21]. Data is considered to be the much fundamental business asset that requires protection, the recommendation given in this study will substantially help in preventing the loss of data and information which could lead to the direct loss, like lost sales, Electronics or monetary judgment [22, 23].

The project goal is intended to assist the data user and the cloud administrator to enhance the safety of the data storage and avoid losing it. The goal can be archived by establishing the factors that threaten data security and implementation processes that will ensure safety and authenticity of the cloud computing are upgraded [24

1.8 Rationale for the studyHowever, no matter how much advantages cloud data storage will have, there are challenges and risks that are involved. The foremost challenge is insecurity of data storage in the cloud services which is seen as the loss of the integrity of the data stored. [45] This research seeks to review various security issues such as confidentiality, authenticity, encryption, key management, as well as resource sharing, which will be presented alongside the efforts to mitigate such cases and resolving these threats and issues [26,27].

CHAPTER 2: LITERATURE REVIEW

CHAPTER 2: LITERATURE REVIEW

2.1 Introduction

In the current era, digital advancements have been made to enhance the efficiency of computer systems. To be precise, storage capacity in computer systems has been increased from kilobyte up to terabytes to enhance lump sum storage of data. Despite the creation of larger storage capacities, attaining an infinite secure storage capacity was the key reason that led to the development of cloud computing [28]. Various organizations researched on how to attain infinite storage capacity in the comp...