MS2: Practical data privacy and security framework for data at rest in cloud

Security and performance are two major concerns in cloud, to manage balance between security and performance is really another big practical challenge for researchers today. In cloud computing, cloud consumers´ or clients´ data is kept on cloud service provider´s premises which raises the data privacy and integrity concerns, consequently decreases degree of trust on cloud computing paradigm. In this paper, we proposed the unified data encryption architecture which ensures the data security and privacy with reasonable performance overhead of computing system. Our proposed system is practically viable and based on multilevel identity encryption approach with two level/factor identity verification process. Proposed data security architecture includes encryption and verification services both at file and block storage level to satisfy the data protection needs of different cloud service models, especially computing service (IaaS) model. In IaaS model, elastic block storage (EBS) volumes are dynamically provisioned to full-fill the additional storage requirement of running computing Virtual servers (VMs).While in storage service, data objects (files) are stored directly on shared storage media. Our solution facilitates cloud consumers to store their sensitive information and application data objects in corresponding storage devices with complete data privacy and security. It also leverages both CSP and cloud vendors for achieving transparency in security processes of cloud.