• DocumentCode
    3324852
  • Title

    The attack on DDIMT: Dynamic data and indirect mutual trust for cloud computing

  • Author

    Xiaowei Gao ; Rui Jiang

  • Author_Institution
    Sch. of Inf. Sci. & Eng., Southeast Univ., Nanjing, China
  • fYear
    2013
  • fDate
    23-24 Dec. 2013
  • Firstpage
    521
  • Lastpage
    525
  • Abstract
    Cloud computing offers a kind of on-demand computing method that lets users use IT resources such as network, operating system, hardware, software, application and so on when needing them. However, cloud computing faces many security issues including data integrity, data confidentiality and access control. Recently, Barsoum et al. presents a cloud-based data access scheme that allows the data owner to benefit from the facilities offered by the CSP and enables indirect mutual trust between them. They declare that their scheme can assure data integrity, newness and CSP´s defense. However, through our security analysis, their scheme still has some security vulnerabilities. It will easily suffer from the integrity attack, newness attack and CSP´s defense attack. In other words, Although CSP have corrupted the outsourced data or ignore the data-updated request issued by the owner, the CSP is able to cheat authorized user into passing through the integrity checking, On the contrary, the owner also accuses CSP of having corrupted the outsourced data, whereas in reality the CSP not.
  • Keywords
    authorisation; cloud computing; data integrity; operating system kernels; CSP defense attack; DDIMT; IT resources; access control; cloud computing; cloud-based data access scheme; data confidentiality; data integrity; data-updated request; dynamic data; hardware; indirect mutual trust; integrity attack; integrity checking; newness attack; on-demand computing method; operating system; outsourced data; security analysis; security vulnerabilities; software; Access control; Cloud computing; Encryption; Servers; Tin; Access control; Cloud Computing; Defense Attack; Integrity Attack; Newness attack;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Instrumentation and Measurement, Sensor Network and Automation (IMSNA), 2013 2nd International Symposium on
  • Conference_Location
    Toronto, ON
  • Type

    conf

  • DOI
    10.1109/IMSNA.2013.6743329
  • Filename
    6743329