Oblivious multi-cloud file storage

Abstract

Cloud storage facilities are now predominantly used to store outgrowing data. Information availability, improved performance and the trustworthiness are the key factors that the data owners mainly focus on, in storing data with a third party. With the multi-tenant concept on cloud computing, security threats have been evolved, as the trustworthiness of the neighbors has become a doubt. A malicious user could monitor the traffic between the client and the CSP. By analyzing the traffic attacker can get a clear picture regarding what kind of data has been passed or retrieved by the client and these questions the privacy level of stored data. Critical, highly Sensitive and Personally Identifiable Information (PII) used in government organizations such as Defense Ministry, Person’s Registration, Motor Traffic Department, Immigration and Emigration systems, among others, require data privacy, integrity and confidentiality which demotivate them in storing these highly sensitive data on cloud storage. But these organizations handle thousands of data records and adding more day by day and the physical storage expansion has become a huge challenge with the investments on infrastructure. The proposed solution would address both these challenges. The major security concerns the proposed solution focuses on is the data privacy, integrity, and confidentiality. In this research we propose a novel approach to obfuscate the data distribution patterns in a multi cloud environment. The solution is to be implemented at the client side based on the systems’ business requirements. So that a unified interface could be provided in storing/retrieving data in several cloud platforms. The uploaded file is encrypted with a public key, calculated the hash value, and divided into several small file chunks. Then the file chunks are scattered across several Storage accounts created on several CSPs randomly and hence, the confidentiality, integrity and privacy of data also can be achieved. The proposed solution consists of a central component through which all the communication between the client and the CSPs take place. Technology which is used within the central component is related to the ORAM concept. Further this facilitates dynamical scaling up of cloud storages.