CloudS: A Multi-Cloud Storage System with Multi-Level Security

Lu SHEN  Shifang FENG  Jinjin SUN  Zhongwei LI  Ming SU  Gang WANG  Xiaoguang LIU  

IEICE TRANSACTIONS on Information and Systems   Vol.E99-D   No.8   pp.2036-2043
Publication Date: 2016/08/01
Publicized: 2016/05/31
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2015INP0009
Type of Manuscript: Special Section PAPER (Special Section on Security, Privacy and Anonymity of Internet of Things)
multi-cloud,  multi-level security,  erasure code,  data dispersal,  key management,  

Full Text: PDF(968KB)>>
Buy this Article

 | Errata[Uploaded on November 1,2016]

With the increase of data quantity, people have begun to attach importance to cloud storage. However, numerous security accidents occurred to cloud servers recently, thus triggering thought about the security of traditional single cloud. In other words, traditional single cloud can't ensure the privacy of users' data to a certain extent. To solve those security issues, multi-cloud systems which spread data over multiple cloud storage servers emerged. They employ a series of erasure codes and other keyless dispersal algorithms to achieve high-level security. But non-systematic codes like RS require relatively complex arithmetic, and systematic codes have relatively weaker security. In terms of keyless dispersal algorithms, they avoid key management issues but not suit to complete parallel optimization or deduplication which is important to limited cloud storage resources. So in this paper, we design a new kind of XOR-based non-systematic erasure codes - Privacy Protecting Codes (PPC) and a SIMD encoding algorithm for better performance. To achieve higher-level security, we put forward a novel deduplication-friendly dispersal algorithm called Hash Cyclic Encryption-PPC (HCE-PPC) which can achieve complete parallelization. With these new technologies, we present a multi-cloud storage system called CloudS. For better user experience and the tradeoffs between security and performance, CloudS provides multiple levels of security by various combinations of compression, encryption and coding schemes. We implement CloudS as a web application which doesn't require users to perform complicated operations on local.