The Centrifuge of Cloud Service: Separated Cryptographic and Ciphered-storage Services

Zheng-Yun Zhuang, Yi-Chang Hsu, Hsing-Hua Liu, Chien-Hsing Wu

Research output: Contribution to journalArticle

Abstract

This study proposes a business model to provision a security-enabled cloud via splitting cryptographic and cipher-storage sub-services off from the main cloud service, being independently operated by other SPs. The security/privacy enhancements of the model over the existing approaches are proved progressively but cogently. As such, the model can alleviate the improper user data disclosure risk, raise the privacy preservation of sensitive user information and therefore, mitigate the two information-leaking threats. The interoperability (among the centrifuged services) and migration issues (i.e., seamless system transferring and SLA amending) are illustrated and studied by using the extremely security-sensitive e-banking cloud service example.
Original languageEnglish
Pages (from-to)39-64
Number of pages26
Journal資訊安全通訊
Volume22
Issue number4
Publication statusPublished - 2016

Fingerprint

Centrifuges
Interoperability
Industry

Keywords

  • service operation risk management
  • security service and privacy
  • distributed cloud systems organizing principle
  • database and storage security
  • management and querying of encrypted data
  • cryptography and key management

Cite this

Zhuang, Z-Y., Hsu, Y-C., Liu, H-H., & Wu, C-H. (2016). The Centrifuge of Cloud Service: Separated Cryptographic and Ciphered-storage Services. 資訊安全通訊, 22(4), 39-64.

The Centrifuge of Cloud Service: Separated Cryptographic and Ciphered-storage Services. / Zhuang, Zheng-Yun; Hsu, Yi-Chang; Liu, Hsing-Hua; Wu, Chien-Hsing.

In: 資訊安全通訊, Vol. 22, No. 4, 2016, p. 39-64.

Research output: Contribution to journalArticle

Zhuang, Z-Y, Hsu, Y-C, Liu, H-H & Wu, C-H 2016, 'The Centrifuge of Cloud Service: Separated Cryptographic and Ciphered-storage Services', 資訊安全通訊, vol. 22, no. 4, pp. 39-64.
Zhuang, Zheng-Yun ; Hsu, Yi-Chang ; Liu, Hsing-Hua ; Wu, Chien-Hsing. / The Centrifuge of Cloud Service: Separated Cryptographic and Ciphered-storage Services. In: 資訊安全通訊. 2016 ; Vol. 22, No. 4. pp. 39-64.
@article{e785426ef7df42e0a00f7ee450342407,
title = "The Centrifuge of Cloud Service: Separated Cryptographic and Ciphered-storage Services",
abstract = "This study proposes a business model to provision a security-enabled cloud via splitting cryptographic and cipher-storage sub-services off from the main cloud service, being independently operated by other SPs. The security/privacy enhancements of the model over the existing approaches are proved progressively but cogently. As such, the model can alleviate the improper user data disclosure risk, raise the privacy preservation of sensitive user information and therefore, mitigate the two information-leaking threats. The interoperability (among the centrifuged services) and migration issues (i.e., seamless system transferring and SLA amending) are illustrated and studied by using the extremely security-sensitive e-banking cloud service example.",
keywords = "service operation risk management, security service and privacy, distributed cloud systems organizing principle, database and storage security, management and querying of encrypted data, cryptography and key management",
author = "Zheng-Yun Zhuang and Yi-Chang Hsu and Hsing-Hua Liu and Chien-Hsing Wu",
year = "2016",
language = "English",
volume = "22",
pages = "39--64",
journal = "資訊安全通訊",
issn = "1729-6056",
publisher = "中華民國資訊安全學會",
number = "4",

}

TY - JOUR

T1 - The Centrifuge of Cloud Service: Separated Cryptographic and Ciphered-storage Services

AU - Zhuang, Zheng-Yun

AU - Hsu, Yi-Chang

AU - Liu, Hsing-Hua

AU - Wu, Chien-Hsing

PY - 2016

Y1 - 2016

N2 - This study proposes a business model to provision a security-enabled cloud via splitting cryptographic and cipher-storage sub-services off from the main cloud service, being independently operated by other SPs. The security/privacy enhancements of the model over the existing approaches are proved progressively but cogently. As such, the model can alleviate the improper user data disclosure risk, raise the privacy preservation of sensitive user information and therefore, mitigate the two information-leaking threats. The interoperability (among the centrifuged services) and migration issues (i.e., seamless system transferring and SLA amending) are illustrated and studied by using the extremely security-sensitive e-banking cloud service example.

AB - This study proposes a business model to provision a security-enabled cloud via splitting cryptographic and cipher-storage sub-services off from the main cloud service, being independently operated by other SPs. The security/privacy enhancements of the model over the existing approaches are proved progressively but cogently. As such, the model can alleviate the improper user data disclosure risk, raise the privacy preservation of sensitive user information and therefore, mitigate the two information-leaking threats. The interoperability (among the centrifuged services) and migration issues (i.e., seamless system transferring and SLA amending) are illustrated and studied by using the extremely security-sensitive e-banking cloud service example.

KW - service operation risk management

KW - security service and privacy

KW - distributed cloud systems organizing principle

KW - database and storage security

KW - management and querying of encrypted data

KW - cryptography and key management

M3 - Article

VL - 22

SP - 39

EP - 64

JO - 資訊安全通訊

JF - 資訊安全通訊

SN - 1729-6056

IS - 4

ER -