Multimedia Security in Cloud Computing Environments

Abstract—Cloud computing environments are just beginning to emerge, taking advantage of the tremendous processing power, storage and other resources provided by cloud infrastructure. However, some issues such as cost, privacy, and security make some companies wonder if they can choose such environment for operating. Therefore, this electronic document is a collection of description of several solutions for ensuring multimedia storage security in cloud computing environment. In addition, this paper describes four main characteristics of cloud computing.

Keywords—multimedia, Infrastructure, cloud computing, security, data integrity

I.     Introduction

Simply put, cloud computing provides computing services including servers, storage, databases, networks, software, analysis and intelligence through the Internet called “cloud” to provide faster innovation, flexible resources and economies of scale. Cloud computing has become the most important innovation in recent years. Even if the cloud computing environment has great potential, the problem that how to ensure the data security is the biggest challenge for cloud supplier.

According to a recent IDCI survey, 74% of IT executives and CIOs cite security as their primary challenge to prevent them from adopting the cloud service model [1]. Economic analysts estimate that the global cloud computing market will grow at least $95 billion in the next few years, during which 12% of the global software market will shift to cloud computing. In order to realize this huge potential, enterprises must solve the privacy problems related to this new computing model.

II.    Characteristics of Cloud Computing

A.    Service characteristics

Comparing to other methods such as  grid computing and high performance computing (HPC), the cloud computing provides more flexible space and jurisdiction for users. Generally speaking, cloud computing services can be separated into three categories according to the types of functions [2]:

1. Infrastructure as a service has the ability to provide tremendous computing resources, such as processing, storage and network. Take storage as an example. When a user uses cloud computing storage services, he just only pays several dollars for the usufruct of the cloud without buying any disks, or even does not know the location of the data he processes. Also, the users can extract information at anywhere, anytime.
2. Platform as a service usually abstracts the architecture and provides a great amount of interfaces for cloud environment. In other words, it’s like an intermediate bridge between the hardware and applications. As a result of this reason, many companies eager to hold the core platform so as to be competitive. The well-known examples are Windows Azure, AWS Elastic Beanstalk and Magento Commerce Cloud.
3. Software as a Service is designed to replace applications running on PC. With SaaS, you don’t need to install and run software applications on your computer. Everything will be available over the internet as long as you log in your account online. You just need to pay for few money for a monthly subscription fee.

B.    Technical characteristics

In parallel computing, when servers need to handle different tasks at the same time, it’s important to ensure the correctness between these tasks and return the results back to the users which is the fault tolerant method. For cloud computing, there is little dependence between the two transactions. Failure of one transaction does not affect another transaction. Similarly, failure of some systems does not cause a chain reaction in the whole cloud

C.    Economic characteristics

   Cloud computing provides tremendous benefits to organizations and individuals by reducing costs and improving flexibility. Take the how-to-pay model in cloud computing as an example, Pay-per-use may be the favorite one. Users only need to pay for the services or space they use. Also, there is no hidden or additional cost to be paid. The service is very economical and most of the time is free. Google did so well in this aspect, such as it provides free searching engine and huge space for G-mail. You just log in and then you can enjoy these services.

D.   User characteristics

   User experience, which belongs to the topic of human-computer interaction, is an important criterion for evaluating the success of an application. In cloud computing, users have easier access to valuable services. The core of user experience is ease of use. Easy to use is not only simple but also elegant. For example, Web 2.0 adds interaction between Web users and suppliers and it blurs the boundaries between software and the Internet. The emerging AJAX technology makes web applications and services are becoming more software-like[3]. In that way, searching in the Internet is very simple.

III.   Multimedia storage security

The multimedia storage system of cloud computing center is a cooperative storage service, which includes many devices and application fields, in order to reduce the operation cost of the client and improve the overall system efficiency. The architecture is showed as following:

Fig. 1: Cloud storage layered model [4].

Obviously, the security of data storage is one of the most important indicators in the performance comparison of these cloud computing systems. If a malicious attacker can access or destroy the cloud storage provided, the service provider will lose the trust of its users, and the leakage of personal data may cause great damage to everyone.

A.    Data Integrity

1. Third-party auditors (TPA) are a mechanism for obtaining trust from their users in service providers. The key issue here is to build a credible mechanism. Trusting mechanisms can be established by monitoring transactions between cloud owners and stored data in cloud servers using TPA [5]. Nowadays, TPA usually uses homomorphic solutions to audit or examine integrated data in cloud storage.
2. Another widely studied mechanism to ensure data integrity is called Retrievability Proof (POR). Under this framework, the system ensures that the data stored by the server of the client is complete in the process of storage and retrieval of the client. POR can be regarded as a knowledge proof, but it emphasizes file integrity more. In other words, POR guarantees users that they will not modify stored data until they retrieve it themselves [6].

B.    Data privacy

   Developing new or improved data confidentiality technology is one of the main research topics in the field of cloud storage security. The application of encryption algorithm to data blocks in cloud storage is a common method to ensure the confidentiality of stored data. Secure provenance (SP) model, based on the bilinear pairing techniques, is proposed. The scheme basically almost records the ownership and process history of data objects in cloud storage to increase the trust of public users. The SP model can be divided to the following modules: system settings, key generation, anonymous authentication, authorized access and origin tracking.

C.    Access right

   One source of cloud security vulnerabilities is malicious service providers. For example, Service providers can sell data to their competitors, or malicious attackers can harm service providers and gain unauthorized access to data. Therefore, access control is used to allow only data owners to access their data. One solution is to separate content and formats for processing and storing in different locations, as shown in Figure 2. The optimized authorization method selected can help protect privacy by assigning access rights only to authorized users. This method prevents data from being intercepted during transmission from client to cloud.

Fig. 2: Operations in the scheme based on content and format separation [7].

D.   Data Recovery

   Researchers have studied data recovery. For example, SCONEDB solves the general problem of k-nearest neighbor (kNN) computation in encrypted database [8]. Since attackers can be identified by background knowledge in SCONEDB, attack models can be extended to cover other related issues. In addition, another protection target can be set for SCONEDB, such as location privacy, to further protect the data stored in the system from attackers.

E.    Other related work

   Sadeghi, Schneider and Winandy proposed a model to minimize computing latency by combining trusted hardware tokens with security function evaluation (SFE), and discussed three architectures associated with the model [9]. The first one is based on tamper-proof hardware tokens, the second one is evaluated by chaotic circuits under fully homomorphic encryption, and the third one is the combination of the above two architectures.

IV.   CONCLUSION

   Cloud computing technology is a new technology, which can provide software and hardware facilities on the Internet on demand. Cheaper technology for sharing resources over the Internet. This is an Internet-based technology. Despite its many advantages, there are many problems about the security of cloud transactions and data storage on the Internet in cloud computing environments.

This paper has proposed some new methods for solving these hot problems through cloud computing environment and Some advanced research topics are described in more details, such as data integrity, data privacy, access right and other related work.

Overall, we believe that the security of multimedia cloud storage is still in its infancy, and we expect more important breakthroughs in the near future.

References

[1]      Dinh HT, Lee C, Niyato D, Wang P (2013) A Survey of Mobile Cloud Computing: Architecture, Applications, and Approaches. Wirel Commun Mob Comput 13: 1587-1611.

[2]      Gibson, J., Rondeau, R., Eveleigh, D., & Tan, Q. (2012, November). Benefits and challenges of three cloud computing service models. In 2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN) (pp. 198-205). IEEE.

[3]      Smith, T. (2006). UX 2.0: Any User, Any Time, Any Channel. TechSmith Corporation, Okemos.

[4]      Zeng, W., Zhao, Y., Ou, K., & Song, W. (2009, November). Research on cloud storage architecture and key technologies. In Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human (pp. 1044-1048). ACM.

[5]      Wang, C., Ren, K., Lou, W., & Li, J. (2010). Toward publicly auditable secure cloud data storage services. IEEE network, 24(4), 19-24.

[6]      Juels, A., & Kaliski Jr, B. S. (2007, October). PORs: Proofs of retrievability for large files. In Proceedings of the 14th ACM conference on Computer and communications security (pp. 584-597). Acm.

[7]      Xu, J. S., Huang, R. C., Huang, W. M., & Yang, G. (2009, December). Secure document service for cloud computing. In IEEE International Conference on Cloud Computing (pp. 541-546). Springer, Berlin, Heidelberg.

[8]      Wong, W. K., Cheung, D. W. L., Kao, B., & Mamoulis, N. (2009, June). Secure kNN computation on encrypted databases. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data (pp. 139-152). ACM.

[9]      reza Sadeghi, A., Schneider, T., & Win, M. (2010). Token-based cloud computing secure outsourcing of data and arbitrary computations with lower latency. In Workshop on Trust in the Cloud.