A unidirectional data-flow model for cloud data security with user involvement during data transit

Bhargav J. Bhatkalkar, Ramegowda
{"title":"A unidirectional data-flow model for cloud data security with user involvement during data transit","authors":"Bhargav J. Bhatkalkar, Ramegowda","doi":"10.1109/ICCSP.2014.6949883","DOIUrl":null,"url":null,"abstract":"Traditional computational models are rapidly shifting from a centralized computing to a distributed computing paradigm. As a result of this shift, the buzz of cloud computing is heard everywhere these days. The main concern in cloud computing environment is providing security to the user data. Often user data is moved back and forth between Cloud Service Vendor (CSV) and Cloud Service User (CSU). The degree of trust of CSU in CSV varies when it comes to the sensitivity of data. A CSU may or may not trust the CSV. In the latter case, the CSU may be interested to use the security service provided by a Third-Party (TP) like a Certification Authority to whom both the CSU and CSV may trust. Once again here, the CSU may or may not even trust the TP based on the supremacy of the data. In order to provide a flexible and secure management of CSUs data, the proposed model explicitly considers the degree of trust possessed by the CSU in both CSV and TP. The movement of CSU data within the premises of CSV is also strictly controlled with the involvement of CSU so that the data is not moved arbitrarily without the consent of CSU. Majority of the flow of data among entities in the proposed model is kept unidirectional to block the reverse transmission of sensitive information and also to block the return path to shield the secure data source from hidden viruses, Trojans, malicious instructions or other intrusion attempts. The security mechanisms suggested for realization of the proposed model are widely accepted and practically proven. The proposed data security model ensures privacy and security of the data both at CSV side and CSU side.","PeriodicalId":149965,"journal":{"name":"2014 International Conference on Communication and Signal Processing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2014-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Communication and Signal Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCSP.2014.6949883","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Traditional computational models are rapidly shifting from a centralized computing to a distributed computing paradigm. As a result of this shift, the buzz of cloud computing is heard everywhere these days. The main concern in cloud computing environment is providing security to the user data. Often user data is moved back and forth between Cloud Service Vendor (CSV) and Cloud Service User (CSU). The degree of trust of CSU in CSV varies when it comes to the sensitivity of data. A CSU may or may not trust the CSV. In the latter case, the CSU may be interested to use the security service provided by a Third-Party (TP) like a Certification Authority to whom both the CSU and CSV may trust. Once again here, the CSU may or may not even trust the TP based on the supremacy of the data. In order to provide a flexible and secure management of CSUs data, the proposed model explicitly considers the degree of trust possessed by the CSU in both CSV and TP. The movement of CSU data within the premises of CSV is also strictly controlled with the involvement of CSU so that the data is not moved arbitrarily without the consent of CSU. Majority of the flow of data among entities in the proposed model is kept unidirectional to block the reverse transmission of sensitive information and also to block the return path to shield the secure data source from hidden viruses, Trojans, malicious instructions or other intrusion attempts. The security mechanisms suggested for realization of the proposed model are widely accepted and practically proven. The proposed data security model ensures privacy and security of the data both at CSV side and CSU side.
一个单向数据流模型,用于在数据传输过程中用户参与的云数据安全
传统的计算模型正迅速从集中式计算向分布式计算范式转变。这种转变的结果是,如今云计算的嗡嗡声无处不在。云计算环境的主要关注点是为用户数据提供安全性。用户数据经常在云服务供应商(CSV)和云服务用户(CSU)之间来回移动。CSV中CSU的信任程度随数据敏感性的不同而不同。CSU可能信任CSV,也可能不信任CSV。在后一种情况下,CSU可能有兴趣使用第三方(TP)提供的安全服务,比如CSU和CSV都可以信任的证书颁发机构。这里再次强调,CSU可能信任TP,也可能不信任TP,这是基于数据的至高无上性。为了提供灵活、安全的CSU数据管理,该模型明确考虑了CSU在CSV和TP中所拥有的信任程度。在CSU的参与下,对CSV场所内CSU数据的移动也有严格的控制,不允许未经CSU同意擅自移动数据。在该模型中,实体之间的大部分数据流都是单向的,以阻止敏感信息的反向传输,并阻止返回路径,以保护安全数据源免受隐藏的病毒、木马、恶意指令或其他入侵企图的影响。为实现所提出的模型而提出的安全机制已被广泛接受和实践证明。所提出的数据安全模型保证了CSV端和CSU端数据的私密性和安全性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信