Skip to main content

Advertisement

Springer Nature Link
Log in

Cloud to cloud data migration using self sovereign identity for 5G and beyond

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

The Coronavirus pandemic and the work-from-anywhere has created a shift toward cloud-based services. The pandemic is causing an explosion in cloud migration, expected that by 2025, 95% of workloads will live in the cloud. One of the challenges of the cloud is data security. It is the responsibility of cloud service providers to protect user data from unauthorized access. Historically, a third-party auditor (TPA) is used to provide security services over the cloud. With the tremendous growth of demand for cloud-based services, regulatory requirements, there is a need for a semi to fully automated self sovereign identity (SSI) implementation to reduce cost. It’s critical to manage cloud data strategically and extend the required protection. At each stage of the data migration process, such as data discovery, classification, and cataloguing of the access to the mission-critical data, need to be secured. Cloud storage services are centralized, which requires users must place trust in a TPA. With the SSI, this can become decentralized, reducing the dependency and cost. Our current work involves replacing TPA with SSI. A cryptographic technique for secure data migration to and from the cloud using SSI implemented. SSI facilitate peer-to-peer transactions, meaning that the in-between presence of TPA needs no longer be involved. The C2C migration performance is recorded and found the background or foreground replication scenario is achievable. Mathematically computed encrypted and decrypted ASCII values for a word matched with the output by the algorithm. The keys generated by the algorithm are validated with an online validator to ensure the correctness of the generated keys. RSA based mutual TLS algorithm is a good option for SSI based C2C migration. SSI is beneficial because of the low maintenance cost, and users are more and more using a cloud platform. The result of the implemented algorithm shows that the SSI based implementation can provide a 13.32 Kbps encryption/decryption rate which is significantly higher than the TPA method of 1 Kbps.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17

Similar content being viewed by others

References

  1. Housley, R., et al.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL). https://www.ipa.go.jp/security/rfc/RFC3280-00EN.html. Accessed 01 Jan 2021

  2. Perl, H., Fahl, S., Smith, M.: You won’t be needing these any more: on removing unused certificates from trust stores. In: International Conference on Financial Cryptography and Data Security. Springer, Berlin (2014)

  3. DigiNotar removal follow up (2011). https://blog.mozilla.org/security/2011/09/02/diginotar-removal-follow-up. Accessed 01 Jan 2021

  4. Hasan, M.K., Ahmed, M.M., Hashim, A.H., Razzaque, A., Islam, S., Pandey, B.: A novel artificial intelligence based timing synchronization scheme for smart grid applications. Wirel. Pers. Commun. 114(2), 1067–1084 (2020)

    Article  Google Scholar 

  5. Hasan, M.K., Ismail, A.F., Abdalla, A.H., Abdullah, K., Ramli, H., Islam, S., Saeed, R.A.: Inter-cell interference coordination in LTE-A HetNets: a survey on self organizing approaches. In: 2013 International Conference on Computing, Electrical and Electronic Engineering (ICCEEE), 26 August 2013, pp. 196–201. IEEE (2013)

  6. Hasan, M.K., Ismail, A.F., Islam, S., Hashim, W., Ahmed, M.M., Memon, I.: A novel HGBBDSA-CTI approach for subcarrier allocation in heterogeneous network. Telecommun. Syst. 70(2), 245–262 (2019)

    Article  Google Scholar 

  7. Hasan, M.K., Saeed, R.A., Hashim, A.H., Islam, S., Alsaqour, R.A., Alahdal, T.A.: Femtocell network time synchronization protocols and schemes. Res. J. Appl. Sci. Eng. Technol. 4(23), 5136–5143 (2012)

    Google Scholar 

  8. Amanlou, S., Hasan, M.K., Bakar, K.A.: Lightweight and secure authentication scheme for IoT networks based on publish-subscribe fog computing model. Comput. Netw. 199, 108465 (2021)

    Article  Google Scholar 

  9. Hasan, M.K., Shafiq, M., Islam, S., Pandey, B., Baker El-Ebiary, Y.A., Nafi, N.S., Ciro Rodriguez, R., Vargas, D.E.: Lightweight cryptographic algorithms for guessing attack protection in complex Internet of Things applications. Complexity (2021). https://doi.org/10.1155/2021/5540296

    Article  Google Scholar 

  10. Akhtaruzzaman, M., Hasan, M.K., Kabir, S.R., Abdullah, S.N., Sadeq, M.J., Hossain, E.: HSIC bottleneck based distributed deep learning model for load forecasting in smart grid with a comprehensive survey. IEEE Access (2020). https://doi.org/10.1109/ACCESS.2020.3040083

    Article  Google Scholar 

  11. Hasan, M.K., Islam, S., Sulaiman, R., Khan, S., Hashim, A.H., Habib, S., Islam, M., Alyahya, S., Ahmed, M.M., Kamil, S., Hassan, M.A.: Lightweight encryption technique to enhance medical image security on Internet of medical things applications. IEEE Access 9, 47731–47742 (2021)

    Article  Google Scholar 

  12. Comodo: Comodo Fraud Incident. Comodo (2011). https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html. Accessed 01 Jan 2021

  13. Wendlandt, D., Andersen David, G., Perrig, A.: Perspectives: improving SSH-style host authentication with multi-path probing. In: USENIX Annual Technical Conference (2008)

  14. Bates, A., Pletcher, J., Nichols, T., Hollembaek, B., Butler, K.R.B.: Forced perspectives: evaluating an SSL trust enhancement at scale. In: Proceedings of the 2014 Conference on Internet Measurement Conference. ACM (2014)

  15. Khan, S., Zhu, L., Zhang, Z., Rahim, M.A., Khan, K., Li, M.: Attack-resilient TLS certificate transparency. IEEE Access 8, 98958–98973 (2020). https://doi.org/10.1109/ACCESS.2020.2996997

    Article  Google Scholar 

  16. Thaseeb, K., Din, I.U., Almogren, A., Jan, Z., Abbas, N., Adnan, M.: DDR-ESC: a distributed and data reliability model for mobile edge-based sensor-cloud. IEEE Access 8, 185752–185760 (2020)

    Article  Google Scholar 

  17. Memon, I., Shaikh, R.A., Hasan, M.K., Hassan, R., Haq, A.U., Zainol, K.A.: Protect mobile travelers information in sensitive region based on fuzzy logic in IoT technology. Secur. Commun. Netw. (2020). https://doi.org/10.1155/2020/8897098

    Article  Google Scholar 

  18. Moghaddam, J., Esmaeilzadeh, M., Ghavipour, A., et al.: Minimizing virtual machine migration probability in cloud computing environments. Clust. Comput. 23, 3029–3038 (2020). https://doi.org/10.1007/s10586-020-03067-5

    Article  Google Scholar 

  19. Aruna, M.G., Mohan, K.G.: Secured cloud data migration technique by competent probabilistic public key encryption. China Commun. 17(5), 168–190 (2020). https://doi.org/10.23919/JCC.2020.05.014

    Article  Google Scholar 

  20. Masdari, M., Khezri, H.: Efficient VM migrations using forecasting techniques in cloud computing: a comprehensive review. Clust. Comput. 23, 2629–2658 (2020). https://doi.org/10.1007/s10586-019-03032-x

    Article  Google Scholar 

  21. Ahmad, N., Naveed, Q.N., Hoda, N.: Strategy and procedures for migration to the cloud computing. In: IEEE 5th International Conference on Engineering Technologies and Applied Sciences (ICETAS), Bangkok, Thailand, pp. 1–5 (2018). https://doi.org/10.1109/ICETAS.2018.8629101

  22. Zhao, D., Luo, L., Yu, H., et al.: Security-SLA-guaranteed service function chain deployment in cloud-fog computing networks. Clust. Comput. 24, 2479–2494 (2021). https://doi.org/10.1007/s10586-021-03278-4

    Article  Google Scholar 

  23. Kumar, D., Singh, R.K., Layek, A.: Block chain and its application. In: Kumar, K., Davim, J. (eds.) Supply Chain Intelligence. Management and Industrial Engineering. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-46425-7_6

    Chapter  Google Scholar 

  24. Casino, F., Thomas, K., Patsakis, D.C.: A systematic literature review of blockchain-based applications: current status, classification and open issues. Telemat. Inform. 36, 55–81 (2019). https://doi.org/10.1016/j.tele.2018.11.006

    Article  Google Scholar 

  25. Chaudhry, S.A., Yahya, K., Al-Turjman, F., Yang, M.-H.: A secure and reliable device access control scheme for IoT based sensor cloud systems. IEEE Access 8, 139244–139254 (2020). https://doi.org/10.1109/ACCESS.2020.3012121

    Article  Google Scholar 

  26. Mo, Y., Liang, M., Xing, L., Liao, J., Liu, X.: Network simplification and K terminal reliability evaluation of sensor-cloud systems. IEEE Access 8, 177206–177218 (2018)

    Article  Google Scholar 

  27. Ahmed, Z.E., Hasan, M.K., Saeed, R.A., Hassan, R., Islam, S., Mokhtar, R.A., Khan, S., Akhtaruzzaman, M.: Optimizing energy consumption for cloud Internet of Things. Front. Phys. 8, 358 (2020). https://doi.org/10.3389/fphy

    Article  Google Scholar 

  28. Ghazal, T.M., Hasan, M.K., Hassan, R., Islam, S., Abdullah, S.N., Afifi, M.A., Kalra, D.: Security vulnerabilities, attacks, threats and the proposed countermeasures for the Internet of Things applications. Solid State Technol. 63(1s), 2513–2521 (2020)

    Google Scholar 

  29. Liang, J., Zhang, M., Leung, V.C.: A reliable trust computing mechanism based on multi-source feedback and fog computing in social sensor cloud. IEEE Internet Things J. (2020). https://doi.org/10.1109/JIOT.2020.2981005

    Article  Google Scholar 

  30. Wang, T., Mei, Y., Jia, W., Zheng, X., Wang, G., Xie, M.: Edge-based differential privacy computing for sensor–cloud systems. J. Parallel Distrib. Comput. 136, 75–85 (2020)

    Article  Google Scholar 

  31. Patel, Y.S., Reddy, M., Misra, R.: Energy and cost trade-off for computational tasks offloading in mobile multi-tenant clouds. Clust. Comput. 24, 1793–1824 (2021). https://doi.org/10.1007/s10586-020-03226-8

    Article  Google Scholar 

  32. Kim, H., Chun, K., Kim, H., Chung, Y.: Utilization of workflow management system for virtual machine instance management on cloud. Concurr. Comput. Pract. Exp. 27(17), 5350–5373 (2015)

    Article  Google Scholar 

  33. Zorz, Z.: DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable. Help Net Security, 1 March (2016). https://www.helpnetsecurity.com/2016/03/01/drownattack-breaks-tls-encryption-one-third-of-all-https-servers-vulnerable/. Accessed 01 Jan 2021

  34. Duong, T. Rizzo, J.: Attack against TLS 1.0’s use of cipher block chaining (CBC) in a browser environment. Imperial Violet. https://www.imperialviolet.org/2011/09/23/chromeandbeast.html.Accessed 01 Jan 2021

  35. Hijmans, R.J., van Etten, J.: Raster: geographic analysis and modeling with raster data. R Package Version 2.0-12, January 12 (2012). http://CRAN.R-project.org/package=raster. Accessed 01 Jan 2021

  36. Sankalpa, I., Dhanushka, T., Amarasinghe, N., Alawathugoda, J., Ragel, R.: On implementing a client–server setting to prevent the Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) attacks. In: 2016 Manufacturing and Industrial Engineering Symposium (MIES), Colombo, pp. 1–5 (2016). https://doi.org/10.1109/MIES.2016.7780263

  37. Dan, G.: New attack bypasses HTTPS protection on Macs, Windows, and Linux. Ars Technica, July (2016). https://arstechnica.com/information-technology/2016/07/new-attack-thatcripples-https-crypto-works-on-macs-windows-and-linux/. Accessed 01 Jan 2021

  38. Zhu, Y., Huang, D., Hu, C.J., Wang, X.: From RBAC to ABAC: constructing flexible data access. IEEE Trans. Serv. Comput. 8(4), 601–616 (2015)

    Article  Google Scholar 

  39. Malik, A.M., Khan, S.: DaSCE: data security for cloud environment with semi-trusted third party. IEEE Trans. Cloud Comput. (2016). https://doi.org/10.1109/TCC.2015.2446458

    Article  Google Scholar 

  40. Alsalhi, Y.: An accurate and high-efficient QuBits steganography scheme based on hybrid neural networks. Multimed. Tools Appl. 78, 1–17 (2019)

    Article  Google Scholar 

  41. Shs, H., Ding, W.: Cryptanalysis of three dynamic ID-based remote user authentication schemes using smart cards. In: IEEE International Conference of Online Analysis and Computing Science (ICOACS), pp. 44–52 (2016)

  42. Szalachowski, P., Perrig, A.: Short paper: on deployment of DNS-based security enhancements. Financial Crypto (2017)

  43. VanderSloot, B., Amann, J., Bernhard, M., Durumeric, Z., Bailey, M., Halderman, J.A.: Towards a complete view of the certificate ecosystem. In: ACM ICM (2016)

  44. Varshney, G., Szalachowski, P.: A metapolicy framework for enhancing domain expressiveness on the Internet. In: Secure Comm (2018)

  45. W3Techs: Usage of SSL certificate authorities for websites (2018). bit.ly/2IoWN8u

  46. Wang, Z., Lin, J., Cai, Q., Wang, Q., Jing, J., Zha, D.: Blockchain based certificate transparency and revocation transparency. IEEE Trans. Depend. Secure Comput. (2018). https://doi.org/10.1109/TDSC.2020.2983022

    Article  Google Scholar 

  47. Ouvrier, G., Laterman, M., Arlitt, M., Carlsson, N.: Characterizing the https trust landscape: a passive view from the edge. IEEE Commun. Mag. (2017). https://doi.org/10.1109/MCOM.2017.1600981

    Article  Google Scholar 

  48. Newton, A.: Cross Registry Internet Service Protocol (CRISP) Requirements. Technical Report, RFC Editor. https://www.rfc-editor.org/info/rfc3707. (Status: Informational) (Stream: IETF, Area: app, WG: crisp). https://doi.org/10.17487/RFC3707

  49. Xu, X., Pautasso, C., Zhu, L., Gramoli, V., Ponomarev, A., Tran, A.B., Chen, S.: The blockchain as a software connector. In: Proceedings (2016)

  50. Braga, J., de Amorim Silva, R., Endo, P.T., Omar, N.: Dark think security: enhancing the security for the autonomous architecture over a restricted domain. In: Proceeding of CSBC 2017, p. 8. Mackenzie Presbyterian University (2017)

  51. Knauth, T., Steiner, M., Chakrabarti, S., Lei, L., Xing, C., Vij, M.: Integrating remote attestation with transport layer security. CoRR (2018). http://arxiv.org/abs/1801.05863

  52. Elkhalil, A., Zhang, J., Elhabob, R.: An efficient heterogeneous blockchain-based online/offline signcryption systems for Internet of vehicles. Clust. Comput. 24, 2051–2068 (2021). https://doi.org/10.1007/s10586-021-03246-y

    Article  Google Scholar 

  53. Ji, Y., Shao, B., Chang, J., et al.: Flexible identity-based remote data integrity checking for cloud storage with privacy preserving property. Clust. Comput. (2021). https://doi.org/10.1007/s10586-021-03408-y

    Article  Google Scholar 

  54. Rashid, A., Masood, A., Khan, A.U.R.: RC-AAM: blockchain-enabled decentralized role-centric authentication and access management for distributed organizations. Clust. Comput. (2021). https://doi.org/10.1007/s10586-021-03352-x

    Article  Google Scholar 

  55. Rabaninejad, R., Rajabzadeh Asaar, M., Ahmadian Attari, M., et al.: An identity-based online/offline secure cloud storage auditing scheme. Clust. Comput. 23, 1455–1468 (2020). https://doi.org/10.1007/s10586-019-03000-5

    Article  Google Scholar 

  56. Elhabob, R., Zhao, Y., Eltayieb, N., et al.: Identity-based encryption with authorized equivalence test for cloud-assisted IoT. Clust. Comput. 23, 1085–1101 (2020). https://doi.org/10.1007/s10586-019-02979-1

    Article  Google Scholar 

  57. Dewan, S., Kumar, D., Gonnade, S.: Secure data migration across cloud system using third party auditor (TPA). Int. J. Innov. Res. Sci. Eng. Technol. (2015). https://doi.org/10.15680/ijirset.2015.0406031

    Article  Google Scholar 

Download references

Funding

This work was supported by the Universiti Kebangsaan Malaysia (UKM) under the Research Grant Ministry of Education Malaysia, FRGS/1/2020/ICT03/UKM/02/6.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, M S Engineering College, Bengaluru, Karnataka, 562110, India

    M. G. Aruna

  2. Center for Cyber Security, Faculty of Information Science and Technology, Universiti Kebangsaan Malaysia, UKM, 43600, Bangi, Selangor, Malaysia

    Mohammad Kamrul Hasan & Rosilah Hassan

  3. Department of Computer Science, Institute of Computer Science and Digital Innovation, UCSI University, 56000, Kuala Lumpur, Malaysia

    Shayla Islam

  4. Department of Computer Science and Engineering, GITAM University, Bengaluru, Karnataka, 560064, India

    K. G. Mohan

  5. Department of Electrical and Communication Engineering, The Oxford Engineering College, Bengaluru, Karnataka, 560064, India

    Preeta Sharan

Authors
  1. M. G. Aruna
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Mohammad Kamrul Hasan
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Shayla Islam
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. K. G. Mohan
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Preeta Sharan
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Rosilah Hassan
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding authors

Correspondence to Mohammad Kamrul Hasan or Shayla Islam.

Ethics declarations

Conflict of interest

The authors declare no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Aruna, M.G., Hasan, M.K., Islam, S. et al. Cloud to cloud data migration using self sovereign identity for 5G and beyond. Cluster Comput 25, 2317–2331 (2022). https://doi.org/10.1007/s10586-021-03461-7

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-021-03461-7

Keywords