Article Preview
TopIntroduction
Cloud computing is one of the very few technologies that has gained popularity not only in research areas but has also become a commercial success. As per the national institute of standards and technology’s (NIST) definition given by Mell & Grance (2011), “Cloud computing is a model for providing convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with little management effort or interaction from service providers”.
Cloud computing offers flexible resources to consumers based on their needs. This strategy is effective for both over- and under-allocating resources. Typically, cloud computing is categorised by its deployment or service model. Figure 1 depicts cloud models based on the NIST defining framework.
Low-cost computing and storage in the cloud have changed the way businesses and individuals use and manage data in a big way. However, many businesses are hesitant to store their applications and data on systems that aren't located in their own data centers because of privacy issues in cloud computing. Customers' confidential information is at greater danger of unauthorized access and exposure as workloads are migrated to a shared infrastructure.
Figure 1. Cloud computing framework
With growing concern about data privacy around the world, every government is pressing for stricter legislation. It is critical to find solutions that can give the benefits of cloud computing while also keeping an eye on the regulations that must be obeyed to ensure data privacy. Many researchers like Zheng et al. (2017), Zhang et al. (2018), and Gupta (2020), have given a new direction in this area by presenting a novel cloud-based encryption frameworks. However, in order to accomplish even the most elementary operations on the encrypted data, one of two things must happen: either the cloud server must have access to the secret key, raising concerns about data privacy; or the record owner must download, decrypt, and work on the data locally, which can be expensive and logistically challenging.
As suggested by Homomorphic Encryption Standardization in the year 2018, homomorphic encryption (HE) can be used to greatly simplify this situation because it can act directly on the cipher text and return output in the encrypted form to the owner of the data. So it can also be used to protect the private data. This property of the homomorphic encryption algorithms makes them suitable candidates for providing data privacy in cloud computing.
In this paper, various privacy concerns associated with cloud data storage are discussed. The goal of this work is to figure out which of the many ways to protect the privacy of data in the cloud is the best. This paper identifies that homomorphic encryption has more promise than other methods. A comparison of various homomorphic encryption systems (HES) is presented. The libraries developed by industry and research groups to implement these schemes have been discussed.
This paper provides a comprehensive overview of data privacy, particularly as it relates to cloud computing, and the significance of homomorphic encryption in preserving it. This work fills the gaps in previous research, which focused more on designing the algorithm but not on its implementation issues and use in industry. To the best of our knowledge, this is the first time that the HES implementation schemes have been discussed and compared in a research work.
The rest of the paper is organized as follows: In the second section, we discuss the definition of privacy in the context of cloud computing as well as the difficulties associated with preserving it in the cloud. The different categories of homomorphic encryption systems, their working and the operations performed on them are given in the third section. In the fourth section, a comparison of various privacy-preserving homomorphic encryption systems and their implementations is presented. Section five contains the paper's conclusions and future scope.