Article Preview
Top1. Introduction
Cloud computing is an emerging paradigm in which resources are outsourced on rent to the customers by the cloud service providers through internet. It is now acknowledged as utility service after electrical, water and gas services(Ali et al. 2015). It not only saves the capital expenditure of the customer but he can scale out or scale in the request for services provided and pay accordingly. It is not limited for storing and sharing data but is also for managing, monitoring and exploring data in space ground data system (Kaddouri et al., 2018). The four main deployment models are public, private, community and hybrid cloud having variations in cost and security. In cloud stack the services are arranged as layers from the most reduced layer to highest layer where each layer symbolizes one service model. IaaS is the most reduced layer, where the cloud supplier maintains a suite of management resources and services to cope a substantial cloud system (Zhu et al., 2013; Sun et al., 2014) and the user utilizes the infrastructure and resources such as network, storage, computational capacity etc without worrying about the complexity and management (Wang et al., 2012; Wei et al. 2014). The central layer PaaS, offers platform and software to develop applications. SaaS located at top layer, where completely developed software applications are provided as a service (Saouli et al., 2015).
For sharing the data, the cloud model comprises of three entities cloud service supplier, client, owner (Boyang Wang et al. 2015). Cloud service supplier regulates Cloud Storage Server (CSS) which has bigger storage space to shield the clients data and in addition high computation control (Manvi and Shyam 2014). Cloud servers gives a novel service approach where information is stored and its replica is maintained so that information can be acquired by clients anytime and from anyplace over the network (Sood 2012). Owner has colossal information documents for sharing and for this he uploads his data in cloud. The client are authorised by the data owner who can access the shared data. It can be a cloud proprietor itself too (Patel et al. 2013; Rong et al. 2013).
Although Cloud can confirm the client's information security through the thought of firewalls, fundamental private networks and by executing other security policies with in its own particular limits (Bera et al. 2015) yet Security is the most important key concern not only for data at transit but also for data at storage (Yang and Jia, 2012)
While outsourcing the sensitive data to be shared on cloud the owner losses his physical control. The data can be stored anywhere in the cloud as a result it becomes difficult to confirm exact location of storage (Li et al. 2015). The data not only have traditional security risks like (Ahmed et al.,2017), DDOS Attack (Li et al.,2015; Jeyanthi et al., 2013), man in middle attack and several intruder attacks (Boukhlouf et al.,2016) etc but even the third party service provider are semi trustful. As a result the owner needs to ensure the confidentiality, security from intruders, privacy, data availability and accessibility to users according to their access rights (AlZain et al. 2012;Zissis et al. 2012; Jakimoski, 2016).
The most common way to maintain confidentiality and security of the data stored in cloud against semi trusted cloud service provider is to send encrypted data. However there may be several other issues such as preventing the user to access the data for which he is not authorized, preventing the collusion between the revoked user and the semi trustful cloud, revoking away the given access right of the authorized user without re-encrypting the content and redistributing the new keys to the authorized users.