Faculty: Physical Sciences
Department: Computer Science
Agu, E. Onyebueke
Cloud computing is a service delivery model whereby its rich shared resources are provided to clients electronically as a utility over an internet. Security of internally stored sensitive data has been challenging due to some known risks posed to these data such as internal risks like fire and liquid hazards, conflicts of interest, political intent, and others. This research proposes outsourcing of these data that are managed locally to the cloud where it will be devoid of these risks. Cloud computing services do provide huge amounts of storage space and customizable cheap and easily adaptable computing resources, and further eliminate the responsibility of local machines for data maintenance at the same time. As a result, the availability and integrity of clients’ data are solely determined by cloud service providers (CSP). This research develops an Enhanced Model for Hybrid Dynamic Remote Data Auditing to mitigate these identified threats. The developed system hashes data to be outsourced into blocks using Merkle Hash Tree (MHT).
Improved Revester Code Version 6 (IRC6) cryptosystem was also developed in this research to secure the MHT root key which is the main auditing key. The hybrid model was formed by
combining MHT and IRC6. Object-oriented analysis and design methodology (OOADM),
together with MHT and IRC6 techniques were used in this research in order to achieve the
research goal. The security of the main auditing key was equally achieved in this new system at little or no cost, which has been a major challenge in the existing systems. The developed IRC6 was evaluated to be sustain transparent ciphertext and thereby found to survive any crypto analytical attack. The new system further strengthens the data integrity assurance to the Data Owners (DOs) by eliminating the services of vulnerable Third Party Auditor (TPA) and allowing the auditing to DOs. Triangular Security Handshake (TSH) with timestamp was implemented to improve access control. An adversary data authentication model was also developed and used to ascertain the effectiveness of the developed model. An intrusion detection mechanism was equally implemented through access log for access control. The new system implemented was able to ascertain the authenticity of the outsourced data to the cloud thereby restoring the integrity of cloud storage services, and has boost the confidence of prospective clients, especially the Nigerian Federal Universities (as the case study).