A revocation game model for secure cloud storage

Cloud computing is a revolutionary model that allows companies and individuals to outsource their data to external data centers which become responsible for their storage and processing. Nevertheless, this new computing model has raised some issues related to data security. In fact, since cloud computing environments are shared between different users, there is definitely a way that a malicious (undesirable) cloud user will find to access and alter other users´ data. Ponemon Institute research report [1] has showed that data security has become of great concern to the users who aren´t likely to entrust their data to an external company without a guarantee. In fact, cloud users are still unenthusiastic about storing their data in an external data centers and think that storage cloud systems are vulnerable. In this context, several proposals have been presented in the literature to provide secure cloud storage. In [2], Qingni et al. have addressed both data isolation problem, which ensures that data in storage cloud owned by one company wouldn´t be crossly accessed by other ones. They have proposed a protocol of granting and revoking cross-organization access rights. In [3], Ravi et al. have also addressed the problem of guaranteeing security while managing resources in cloud environments. They have presented a heuristics-based approach which takes into account different kind of security constraints for allocating virtual machines to external hosts. In [4], Harkeerat and Sajjan have focused on Denial of Service (DoS) where an attacker congests a bottleneck network channel shared among virtual machines co-resident on the same physical node in the cloud infrastructure. They have illustrated that game theoretic concepts can be used to model this attack as a two-player game and have recommended strategies for defending against such attack. However, although game theory is an important tool to ensure security in networks, we have noticed that proposed solutions do not - ake advantage of it. In this work, we will focus on securing stored data from malicious cloud users. Indeed, we address the problem of resource allocation in storage cloud with additional consideration on ensuring security requirements. To that purpose, we will take full advantage of game theory and propose a game-theoretic model enhancing secure data storage in cloud computing environments. We will focus on a particular kind of games which is sequential revocation game where cloud users can cooperate to revoke malicious ones. The proposed model allows users to impose restrictions on the allocations to be made.