Privacy Enforcement on Subscribers Data in Cloud Computing

Authors

  • Solomon A. Akinboro Department of Computer Science, University of Lagos, Akoka, Lagos State, NIGERIA
  • U. J. Asanga Department of Computer Science and Information Technology, Bells University of Technology, Ota, Ogun State NIGERIA
  • M. O. Abass Department of Computer Science, University of Lagos, Akoka, Lagos State, NIGERIA

Keywords:

privacy, AES, subscriber, CSP, PTP, PNTP, brute force hacking

Abstract

Data stored in the cloud are susceptible to an array of threats from hackers. This is because threats, hackers and unauthorized access are not supported by the cloud service providers as implied. This study improves user privacy in the cloud system, using privacy with non-trusted provider (PNTP) on software and platform as a service model. The subscribers encrypt the data using user’s personal Advanced Encryption Standard (AES) symmetric key algorithm and send the encrypted data to the storage pool of the Cloud Service Provider (CSP) via a secure socket layer. The AES performs a second encryption on the data sent to the cloud and generates for the subscriber a key that will be used for decryption of previously stored data. The encryption and decryption keys are managed by the key server and have been hardcoded into the PNTP system. The model was simulated using the Stanford University multimedia dataset and benchmarked with a Privacy with Trusted cloud Provider (PTP) model using encryption time, decryption time and efficiency (brute force hacking) as parameters. Results showed that it took a longer time to access the user files in PNTP than in the PTP system. The brute force hacking took a longer time (almost double) to access data stored on the PNTP system. This will give subscribers a high level of control over their data and increase the adoption of cloud computing by businesses and organizations with highly sensitive information.

http://dx.doi.org/10.4314/njt.v40i2.17

Downloads

Published

2021-04-28

Issue

Section

Computer, Telecommunications, Software, Electrical & Electronics Engineering