CC BY-NC-ND
0JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18
Journal of King Saud University Computer and Information Sciences (2015) xxx, xxx-xxx
King Saud University
Journal of King Saud University -Computer and Information Sciences
www.ksu.edu.sa www.sciencedirect.com
Journal of
King Saud University -
Computer and
Information Sciences
3 A new privacy preserving technique for cloud
4 service user endorsement using multi-agents
5 D. Chandramohan *, T. Vengattaraman, D. Rajaguru, P. Dhavachelvan
6 Dept of Computer Science, Pondicherry University, Pondicherry, India
7 Received 22 March 2013; revised 7 April 2014; accepted 4 June 2014
KEYWORDS
Privacy preserving;
Petri-net;
Cohesion;
Authorization;
Multi-agents;
Web service
Abstract The present focus on the cloud storage services are leveraged its crucial part while user data get compromised. In the recent years service user's valuable information has been utilized by unauthorized users and service providers. This paper examines the privacy awareness and importance of user's secrecy preserving in the current cloud computing era. Gradually the information kept under the cloud environment gets increased due to its elasticity and availability. However, highly sensitive information is in a serious attack from various sources. Once private information gets misused, the probability of privacy breaching increases which thereby reduces user's trust on cloud providers. In the modern internet world, information management and maintenance is one among the most decisive tasks. Information stored in the cloud by the finance, healthcare, government sectors, etc. makes it all the more challenging since such tasks are to be handled globally. The present scenario therefore demands a new Petri-net Privacy Preserving Framework (PPPF) for safeguarding user's privacy and, providing consistent and breach-less services from the cloud. This paper illustrates the design of PPPF and mitigates the cloud provider's trust among users. The proposed technique conveys and collaborates with Privacy Preserving Cohesion Technique (PPCT), to develop validate, promote, adapt and also increase the need for data privacy. Moreover, focus on the flexibility and availability of confidential data without affecting the performance of the cloud services. It also acts as an information preserving guard for high secrecy data storage areas. © 2015 Production and hosting by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
1. Introduction
Corresponding author. E-mail addresses: pdchandramohan@gmail.com (D. Chandramohan), vengattaraman.t@gmail.com (T. Vengattaraman), raja.guru42@gmail. com (D. Rajaguru), dhavachelvan@gmail.com (P. Dhavachelvan). Peer review under responsibility of King Saud University.
Contemporary IT-research makes web users share their 20
resources from anywhere and everywhere through service- 21
computing using cloud technologies. The emerging and vast 22
growing cutting edge information technologies is paving way 23
toward the next level of computing by utilizing software, hard- 24
ware, operating systems, and all expected IT services globally 25
in a matter of time with an affordable cost, with the help of 26
user convenient devices throughout the world connected using 27
cloud computing. User behavior regulation has been chosen as 28
http://dx.doi.Org/10.1016/j.jksuci.2014.06.018
1319-1578 © 2015 Production and hosting by Elsevier B.V. on behalf of King Saud University.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
29 one main strategic element by the content protection technolo-
30 gies. Privacy became one of the values embedded in content
31 protection system design. In addition to the development of
32 the content protection, technology can respond to privacy pro-
33 tection requirement in a goal oriented approach. Privacy no
34 longer means anonymity/secrecy, when it comes to safeguard-
35 ing of people's private communication and financial informa-
36 tion (Facebook Vows to Fix Major Privacy Breach, 2011).
37 Next generation privacy preserving models and its principles
38 have been already implemented by a few organizations for the
39 sake of economic cooperation and development, especially,
40 Asia pacific economic cooperation, United States federal trade
41 commission, European Union Privacy directive, and federal
42 and state/provincial laws in many countries. Self regulatory
43 regions and industry serve as the starting point of protection
44 around the world. But the realities of data fueled economy
45 require a re-examination of how to implement a principle in a
46 way that almost effectively serves the consumers. Privacy policy
47 for private and government sectors are set on to implement a
48 technologically advanced framework to protect highly confi-
49 dential information stored in the cloud (WSJ, 2012).
50 Some research labs framed its objectives to add value for
51 framing a generic framework for blocking the breach happen-
52 ing and the privacy preservation development is to achieve and
53 to protect privacy in significant ways, their objectives are to
54 optimize the use of data for the benefit of both individuals
55 and society, ensure that those data are accountable for its
56 use, provide a regime that permits more effective oversight
57 by regulators, and work effectively in a modern connected
58 society. A data rich world requires numerous user controls
59 and transparency features for both cloud users and providers
60 to achieve privacy preserving objectives.
61 The end-user's valuable data are processed and stored in
62 the cloud with different geographical locations. The leading
63 service provider gives access to the storage as-a-services
64 through their software as-a-services. User's information is
65 under serious issue by unauthorized accesses. It is vulnerable
66 if the secret data get compromised. Moreover, third party ser-
67 vice providers are fond of user's private information for their
68 business. It took place in a few computations, despite retriev-
69 ing data from the storage services. It is a prime factor for every
70 Cloud Service Provider to ensure the confidentiality of the
71 user's private and personal data. To preserve data, the provi-
72 der adopts their own framework and maintains the privacy
73 of the registered users.
74 This paper is organized as follows. Section 2 presents the
75 study of similar work and study identified in the cloud to pre-
76 serve the privacy of the user data. Section 3 describes the for-
77 mulation of Petri-net Privacy Preserving Framework and its
78 layers. Section 4 presents the workflow of the framework and
79 focus on Synchronization, Sequentiality, Concurrency and
80 Conflicts (2S2C) approach. It is also to focus on the framework
81 feasibility and its efficiency in the cloud environment. Section 5
82 presents an evaluation of experimental results analysis and its
83 comparison. Finally, Section 6 presents the conclusion part
84 with future key factor to carry the research further.
85 2. Related and background work
86 In cloud data storage, privacy preserving is one apex concern
87 in today's emerging IT world. Many researchers have been tar-
geting this field. Liu et al. (2012), investigate the characteristics 88
of cloud storage services and propose a secure and privacy pre- 89
serving keyword searching scheme. This allows the Cloud Ser- 90
vice Providers (CSP) to participate in the decipherment, and to 91
return only files containing certain keywords specified by the 92
users. His team focused on reducing both the computational 93
and communication overhead in decryption for the user's data, 94
on the condition of preserving user data privacy and user 95
querying privacy. Hao et al. (2011), propose a remote data 96
integrity checking protocol that supports data dynamics. 97
It supports public verifiability. The proposed protocol sup- 98
ports public verifiability without the help of a third-party audi- 99
tor. Wang et al. (2011), studied the problem of ensuring the 100
integrity of data storage in Cloud Computing. The task of 101
allowing a third party auditor, on behalf of the cloud client, 102
is to verify the integrity of the dynamic data stored in the 103
cloud. The authors found it is critical to enable a Third Party 104
Auditing to evaluate the service quality from an objective and 105
independent perspective. Zhang et al. (2012), check the cus- 106
tomer's need to take certain actions to protect their privacy 107
with noise injection. Service providers will be confused about 108
which requests are real ones. The authors develop a novel his- 109
torical probability based noise generation strategy. It generates 110
noise requests based on their historical occurrence probability 111
so that all requests including noise and real ones can reach 112
about the same occurrence probability, and then service provi- 113
ders would not be able to distinguish them. Wang et al. (2011), 114
proposed an approach to solve the problems of privacy and 115
security by including access control for the encrypted data, 116
and revoking the access rights from users when they are no 117
longer authorized to access the encrypted data. 118
The authors propose a hierarchical attribute based encryp- 119
tion scheme, by combining a hierarchical identity based 120
encryption system and a cipher text-policy attribute-based 121
encryption system. Liu et al. (2009), investigated the character- 122
istics of cloud computing and proposes an efficient privacy 123
preserving keyword search scheme in cloud computing and it 124
enables the service provider to search the keywords on 125
encrypted files to protect the user data privacy and the user 126
queries privacy efficiently. Public Key Encryption and decryp- 127
tion techniques adapted in this paper provide privacy in cloud. 128
It allows the service provider to participate in partial decipher- 129
ment to reduce a client's computational overhead. It is seman- 130
tically secure. Itani et al. (2009), present Privacy as a Service 131
(PasS) a set of security protocols for ensuring the privacy 132
and legal compliance of customer data in cloud computing 133
architectures. PasS allows for the secure storage and process- 134
ing of users' confidential data by leveraging the tamper-proof 135
capabilities of cryptographic coprocessors. The author uses 136
tamper-proof facilities to provide a secure execution domain 137
in computing cloud that is physically and logically protected 138
from unauthorized access. Author achieved user-configurable 139
software protection and data privacy mechanisms by his pro- 140
posed approach. 141
Wang et al. (2010), explain that in each cloud service it will 142
exchange data with other clouds, so when the data are 143
exchanged between the clouds there exists the problem of dis- 144
closure of privacy. Privacy disclosure problem about individ- 145
ual or company is inevitably exposed while releasing or 146
sharing data in the cloud service. This paper suggests some pri- 147
vacy preserving technologies used in cloud computing services. 148
The author argued that it is very important to take privacy 149
JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18
Privacy preserving technique for cloud service user endorsement 3
into account when designing cloud services. Zhou et al. (2010), found that the concerns are not adequate and more should be added in terms of five aspects (i.e., availability, confidentiality, data integrity, control, and audit) for security.
Released acts on privacy to protect users' private information in the new environment are out of date. The author studied adapting released acts for new scenarios in the cloud, which will result in more users to step into cloud. Pearson (2009), discusses the privacy challenges that software engineers face when targeting the cloud as their production environment to offer services are assessed, and key design principles are suggested. The author explains the risks to privacy mitigated and that data are not excessive, inaccurate or out of date, or used in unacceptable or unexpected ways beyond the control of data subjects. Many authors propose a privacy approach to prevent users' valuable information in cloud data center (Chandramohan et al., 2012a,b; 2013).
Huang et al. (2010) found an interactive protocol and an extirpation based key derivation algorithm combined with lay revocation, multi-tree structure and symmetric encryption to form a privacy preserving, effective framework for cloud storage area. Li et al. (2011) Global Enforcement of Data Assurance Control (GEODAC) framework is proposed to assure data enforcement globally by a policy approach. It preserves the data retention, data migration, and data appropriateness which are stored in cloud. Moreover, the policy is represented by a state of lifecycle stages and a state machine based representation. Wang et al. (2014) secure watermark detection is described in a compressive sensing based framework using multiparty computation protocol (MCP) under semi-honest security model.
To hide private data from the unauthorized services and users, an interactive protocol is designed to resolve the cloud storage privacy preservation. A key derivation algorithm is adopted to generate and manage keys of the data owners and storage service providers (Huang et al., 2011). The data ownership to avoid the anonymous authentication based on public key cryptography, and a tunable k-control trade-off between the degree of anonymity and the computational overhead were imposed by the system. In which, it would be a control system framework for the cloud users (Khan and Hamlen,
2012). Personalizing the computing by intelligent processing in hybrid cloud to predict the user activity and their interventions are monitored using the privacy framework (Zhang et al.,
2013). A virtual application with customized security policies are adopted to provide such services in a preventable approach (Zhao et al., 2012).
To maintain the user secrecy and leverage the need of confidentiality prevention a complete study has been deliberated which proposed a framework to prevent the information (Wei et al., 2012). To reduce the data redundancy and data duplication in the cloud efficient block encryption and duplication algorithms are used to design a privacy preserving framework in Nimgaonkar et al. (2012). Moreover, to reduce the computation complexity a key proxy re-encryption is used. CTrust framework for ubiquitous access restriction used a secure hyper visor as a building block to prevent the storage area discussed in Lin et al. (2013). This framework is working with partial trust on service providers. A proxy based framework was proposed by a team of researchers in Singhal et al. (2013) for preserving mobile health monitoring system by coupling with decryption technique. In the cloud, services are
leveraged as storage, network and servers, which are provided by platform as a service.
Ray and Biswas (2014) described the cryptographic solution for preserving the security of healthcare service customers by HIPAA policy. Moreover, Al-Muhtadia et al. (2011) maintain a threshold limit for a ubiquitous environment using cryptography techniques. Debnath et al. (2014) show the advantage of ring signature as a digital verification to prevent the unknown user's intrusion in the sensor networks.
3. Proposed approach: PPPF
The development of computing technology evolved through cloud computing. The whole IT world, academic sector, finance sector, government sector, and health care system have adapted cloud services in their work area. Users may access their data anywhere when in need of it. Cloud computing delivers their request as in the form of services to them. One can keep away from owning huge storage area and maintaining it by storing their data in the cloud. User's data privacy became a question mark by deploying their personal database in the cloud. Data stored in the service provider's end is highly risky because anyone can identify and collect one's personal information and it may lead to privacy bleach. Unknown cloud users may cause leakage in personal information by regular monitoring and collecting data regarding the client. The proposed framework acts as a secrecy locker for cloud users and providers. The PPPF focuses on layered approach which incorporates the traditional state transition representation with compressive data handling, mutual service oriented structure, unauthorized user detection key encryption handling and decryption identification to preserve users confidentiality in the cloud environment.
Privacy strategists are dealing today with multitudinous devices, applications and networks that need to be secured. There may be several ways to secure applications. These include web application firewalls, real time application monitoring and two factor authentication. Cloud organizations must secure users data at the application, endpoint, storage area and device levels, etc., the providers need to find the right balance between privacy and flexibility. Some service provider environments may rob an organization's data with their flexibility. Since there are too many devices to control, securing access has become a top priority for cloud providers for organizations.
Maintaining secrecy of user's information is one of the major issues in cloud computing. The secrecy of user database should be maintained properly, or else information gets breached consistently. We came forward with a privacy preserving framework to solve privacy issues. Layered privacy approach may be a way to detect and isolate unusual threats. We are focusing on an integrated layered set up for proposing the privacy preserving framework. It is essential to protect privacy of one's information in the cloud data storage. A few notable areas where the privacy breach happens are,
• API-interfaced application infection (Third Party Interfering)
• Privacy data loss in mass storage area (Distributed Server Storages)
• Privacy at service provider level (Policy Framing and Organizing)
271 • Privacy at users/client level (Responsibility and supporting
272 providers by reducing unknown identifications)
273 • Not accomplishing any one of generic universal standard
274 and unique service level agreement for service providers
275 and harsh cipher laws like (EU-US-SWIS) on intruders.
276 EU-US-SWIS {European Union, United State and
277 Switzerland}
279 In such a Framework setup, each layer overlaps the previ-
280 ous layer. In this manner, whatever gets missed in the first
281 layer is caught by the second. To describe secrecy protocols
282 for each and every application in the cloud may bring in a cer-
283 tain amount of rigidity into the process of delivering IT-
284 services. So the purpose of this paper is to propose a model
285 for user entry-level restrictions for cloud service using Petri-
286 net distribution model, and a set of privacy metrics for pro-
287 posed user entry-level restriction. Finally this paper concludes
288 by suggesting a privacy enforcement exploiter authentication
289 technique for the cloud.
290 4. Proposed PPPF workflow model
291 Organization's personal data get unruffled and upheld com-
292 munally, and used by providers without the knowledge of
293 the cloud users. It is a violation of confidentiality within users
294 and may lead to a huge exposure of private data in the IT
295 world. These users trust their service providers and share their
296 precious information. It has been noticed from the literature
297 study of privacy preserving techniques in cloud data storage,
298 that it adopted some hand full of privacy policy to protect
299 the user's data from breaching. Those policies are claimed to
300 be more rigid because of the policy framing strategies. It was
301 adopted from The United State and The European Union
302 (US-EU) privacy policy.
303 Researchers ardently elicit the origin for privacy breaching
304 happening in and around the IT world since even the leading
305 cloud providers failed to accept their user's privacy kept con-
306 fidentially (Google, Amazon, SalesForce.com, VMware,
307 Dropbox, Social Networking providers, etc.) (Facebook
308 Vows to Fix Major Privacy Breach, 2011; WSJ, 2012;
309 LinkedIn Corp, 2012; Dropbox User, 2012). It is analyzed
310 and targeted to light up the user's privilege to possess and fur-
311 nish to set their privacy and endorsement of priceless data.
312 PERMIS authentication technique (Chadwick and Fatema,
313 2012) gave a vague idea for researchers to concentrate on this
314 big issue. It is presumed to have an influence on the whole IT
315 industry, E-governance, government secret information, busi-
316 ness, healthcare, individual privacy right, etc., as a landmark
317 to impede these issues and prevent all secret data leverage
318 and its breaching out. In this paper we are going to propose
319 a generic privacy preserving authentication approach shown
320 in Fig. 1 with cohesive Petri-net modeling and we designed a
321 framework using it to develop this loom. Our framework con-
322 sists of seven different modules inbuilt with four cohesive
323 Petri-net modules to surmount a silhouette.
324 In this section, we discuss the Petri-net Privacy Preserving
325 Framework, the main components of this system include
326 Cloud Service Request, User Validation, User Request Verifi-
327 cation, Cloud requestors Authorization and Cloud users
328 Authentication or response, which are presented in Fig. 2
and described in detail below (Chandramohan et al., 2012a, 329
b; 20 1 3). 330
• Cloud Service Provider 331
• Cloud Service Request 332
• Petri-Net Privacy Preserving Model 333
• User Request Verification 334
• User Validation 335
• Cloud requestors Authorization and 336
• Cloud users Authentication or response 337
Preserving one's data in cloud before getting invaded was a 339 risky responsibility for both providers and users. Fig. 3 gives 340 an invasion mitigation technique to minimize the risk factor 341
and develop a rigid trust on cloud providers. 342
Method Type CPr_CRq() 345
BEGIN 346
Get i/p for r and q 347
CPr: = Manipulate (CPs) 348
CPs checked with CRq and verify for Trust Policy Tpi; 349
For (CP - 0) 350
Do until ({CRq = = Tpi [CPi]}) 351
Return value for CP (Tpi): 352
If (CP ? (CRq< > 0)) then 353
State 1 = P; 354
CRq should satisfy Petri-net policy Pt 355
End 356
If (CRq = True) then verified and filter to next validation 357
State 2 = Pi* (Rq * Vn* Vt* CPpi)); 358
Repeat until delivers TRUE; 359
End 360
If (CRq = NP) then {New Policy (NP)} 361
State 3 = TNpi; 362
End 363
If (STn = = Return 1) then {State (ST) 364
IFF ({STn = (ST1 * ST2 * ST3)}) {IFF-ifand only if} 365
STn = Always Return 1; 366
End 367
Else 368
If (TRpi = ExSpi) 369
Then Validate & Authenticate: 370
SR, ? {TRp, Psi, Ex, Spi}; 371
Entree to Data; 372
Rq ? Recognized as authenticated user; 373
End 374
Else 375
Rq = RETURN 0; 376
Exit No Authorization; 377
End If 378
End For 379
End 380
A generic flow carried out in PPM Cloud Provider CPr, CRq 382 begin the process with input request 'q' and response with 383 'r', it manipulated as CPr: = Manipulate (CPs), and similarly 384
'CPs' checked with 'CRq' and verify for Trust Policy 'Tpi', 385 pre-defined policy verified until 'CP' refined to null and 386
'CRq should satisfy Petri-net policy 'Pi+\ let us prolong the 387
steps to complete the execution 'CRq' turned to be true. 388
Rapidly verify and filter to next validation State T2 = Pi * 389 (Rq * Vn * Vt * CPpi), once these steps get athwart then 390
JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18
Privacy preserving technique for cloud service user endorsement 5
Cloud Service Requestors
Cloud Service Provider
Petrinet Privacy Preserving Model
User Request Verification
User Validation
Cloud Request Authorization
Cloud Users Authentication
Figure 1 Petrinet privacy preserving framework-PPPF.
391 repeat until it delivers TRUE values. Now we arrived to end
392 the initial state. To carry forward the initial true values there
393 presents few pre-conditions as a quantitative measures
394 CRq = NP mitigating the privacy policy with EU-SW laws,
395 New Policy (NP) framed at State 3 i.e. TNpi end the policy
396 after nominal standard inherited. Once policies get validated
397 continue the verification whether STn returns to be true.
398 If and only if STn = ST * ST2 * ST3, STn will be always
399 true, otherwise TRpi = ExSpi is Validated & Authentication
400 process starts from SRi ? {TRpi, Psi, Ex, Spi}. After all these
401 truncation processes if any request gets passed by returning a
402 true value, 'Rq' he/she can be allowed or Recognized as
403 authenticated user to view the stored data and information
(Chandramohan et al., 2012a,b; 2013). If any one of the above 404
processes failed and is noticed to obtain a false state immedi- 405
ately the whole system gets truncated and 'Rq' response is 0 406
i.e. if no Authorization, he/she is rejected for requested service 407
and sent out from regular cycle. Simultaneously a log file is 408
maintained to verify and identifying if any user repeating the 409
vulnerable activities in future. If they are found to be one 410
among them they are punished according to the EU-policy 411
and law. The representation of PPPF-Petri-net Privacy Pre- 412
serving Framework is designed and structured to handle the 413
complex interaction with cloud requester and provider. Our 414
proposed framework has the ability to identify the Synchro- 415
nization, Sequentiality, Concurrency and Conflicts of different 416
cloud users to access their own data without disturbing other 417
cloud users' information. So many new researches have been 418
progressing to preserve the privacy of cloud user's informa- 419
tion. We came up with PPPF framework as a milestone to 420
achieve preserving user information in a cloud environment. 421
Each provider has their own privacy policy and law to protect 422
their data storage area located worldwide. We are climbing 423
from Facebook Vows to Fix Major Privacy Breach (2011), 424
WSJ (2012), LinkedIn Corp (2012), Dropbox User (2012) the 425
existing policies are not adequate to preserve users' confiden- 426
tiality. The proposed mitigation flow persuades to prevent 427
user's information from an unknown users grab. 428
Cloud Request Providers CPr riposte as per the customary 429
granted Trust Policy Tpi while CP — 0 && CP = 0. The retort 430
capitulation repeats until CRq < > 0. CRq tartan its medley 431
with Petri-net policy Pi and stick to set its conduit to pass 432
through {Rq, Vn, Vf, CPpi} and isolate consequently with this 433
conciliation rule TNpi and put forward the data availability 434
of stipulate user. If and only if all former steps get processed, 435
it gets verified correctly and the output response returns to be 436
true. Otherwise it truncates farther processing into the data 437
storage area. Similarly two factor authentication starts with 438
TRi and ExSpi to refine the consumer policy according to the 439
proposed method. It permits requested users by limiting their 440
Figure 2 Petrinet privacy preserving work flow in cloud.
441 accessibility and secrecy priority. It reiterates the whole
442 method for accessing cloud data storage area and allocates
443 confidential information to the correct user (Chandramohan
444 et al., 2012a,b; 2013).
445 Figs. 3 and 4 shows current progression works under the
446 umbrella of algorithm stated below and these steps are followed
447 continuously until the user gets identified. Their original data
448 are kept more confidential. Start with Request to the Cloud
449 Service Providers as {CSRi}Send Request to {CSPi}, repeat
450 request until it returns Concrete solution. {RRi} Repeat — 0
451 {Until} RRi fl Es(CSPi - CSRi) {Es-EXPECTED SERVICE},
452 Es(CSPi — CSR^ Expected service gets salvage prop up then,
453 go to the previous and promote state of affairs to obtain the
454 truthful user. CSPi P p {CUai + PPMi (URv + Uv +
455 CRai)}. This shows the Privacy Preserving Algorithmic
456 approach for the proposed framework in Figs. 1 and 4 and
457 its internal doling out with the help of Fig. 5. Leading research
458 scholars deal with this issue to enhance the privacy features as a
459 deterrent footstep for the preservation of user's data (see
460 Figs. 6-13).
461 Cloud users' verification and their validation carried out
462 with PPPF and its seven different modules are designed as high
463 cohesion intra-modules that shall have an influence on the next
464 module authentication and carry forward the request query.
465 Clients need authorization from cloud providers to get their
466 quantifiable services. {CPai} Repeating a verification course
467 of action in all intra-modules with cohesion principle,
468 NAi ± Qs¥ (CSPi + CSRi) {Qs-Quantifiable Service}. These
469 evaluation factors are manipulated by Qs (CSPi + CSRi),
470 For NAi ± Qs¥ (CSPi + CSRi) where i = {0, 1, 2, 3 ... n};
471 Iff it- may get assorted as per cloud user notations, constraint
472 and attributes exploits by particular authentication evolution
473 waiting to reach the final destination CSR fl CSP &&
CSRi < >CSPi. 474
Step 1: CRPn = URi + p ({Rszn*Rsqn*Rcyn*Rcf„}) 477
Step 2: if 2S2C Rszn = TRUE; then goto Step 6: 478
RETRUN 1; Else 479
Step 3: CRPn = UR, + p ({0*Rsqn*Rcyn*Rcfn}) 480
Step 4: CRPn = UR, + P ({0}) 481
Step 5: CRPn = {0}; Return 0; End; // {0, 1, 1, 1}; or {0, 0, 0, 0}; 482
or {0, 1, 1, 1}; 483
Step 6: CRPn = UR, + P ({Rszn — 0*Rsq„*Rcy„*Rcf„}) 484
Step 7: CRP„ = UR,■ + P ({1*Rsq„*Rcy„*Rcf„}) 485
Step 8: if 2S2C step 7 — 0; continue with residual 7 PPCT 486
modules to Return: 1; 487
//{1, 1, 1, 1}; or {1, 0, 0, 0}; or {1, 1, 1, 1}; 488
Else goto step: 5. Return: 0; End; 489
The following Petri-net Preserving Framework properties have 491
to solve the complexity among the interactions through 4 basic 492
self requirements and Fig. 3 all the providers' and clients' 493
request should be communicated through these principles 494
namely synchronization (Rsz), sequentiality (Rsq), concur- 495
rency (Rcy) and conflicts (Rcf). 496
• Liveness - Cl 497
• Safeness - Cs 498
• Boundedness - Cb 499
• Conservation - Cv 500
• Reachability - Crc 501
• Place Invariant - Cpivt 502
• Priority Levels - Cpl 503
• Reliability - Crty 504
Step 1: Start with Request to the Cloud Step 1: Begin Cloud Service
Service providers as providers service to users requests
{CSR}Send Request to {CSP} {CSP}Send Response to {CSR}
Step 2: Repeat request until it returns CSRi < >CSP,
Concrete solution. Step 2: Clients need authorization from
{RRi} Repeat — 0 {Until} Cloud providers to get their quantifiable services.
RRi n Es (CSPi — CSRi) {CPai} Repeat 1: do
{Es-EXPECTED SERVICE} NAi ± Qs¥(CSPi + CSRi)
Step 3: Es (CSPt — CSR,) Expected service {Qs-Quantifiable Service}
get salvage prop up then, Step 3: Qs(CSPt + CSR);
go to step 5: Step 4: Iff only then
Step 4: Starts a loop for CSPi P P {NAi + MA(URv + Uv + CRai)}
CSPi P p {CUai + PPM(URv + Uv + CRai)} Continue step2 and end it
do ... else
The process as per user authentication, For NAi ± Qs ¥(CSP, + CSR)
End; Return 1: Repeat step 3 until CSPi reached an i = {0,1,2,3, ... n};
authorization state
Else i- may get varied as per their notations and parameters and attributes.
Exit; Return 0: the Request process through valid Step 5: Authorization get verified as per their validation measures, verification
exception and followed below, do techniques, quality measure, scaling measure, etc.
Step 5. CSRQCSP end exit
CUai ? Cloud User Authentication,
URv ? Requested User Verification,
Uv ? User Validation, Step 6:End; Return 61: Repeat step 2 until
RRi ? Repeat Request CSRi gained an authentication state
CRai ? Cloud Requestor authorization, Else end Return null
PPMi ? Layers framed using {URv, Uv, and CRa} Exit; the Request process by through valid exception and
Step 7.CSRQCSP&& CSRi< >CSPt
End; NAi ? Need Authorization, MAv ? Maturity Verification,
JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18
Privacy preserving technique for cloud service user endorsement 7
Reliabil ity
Reliability Crty Reliability
Crty Reliability Crty Crty
CRPn = {Rszn, Rsqn, Rcyn, Rcf„} SSCC / 2S2C
Place Invariant Cpivt
Cpivt Place Invariant
^îlf tu
Boundedness
Boundedness Cb Boundedness
Cb Boundedness Cb Cb
Place Invariant Cpivt
Cpivt Reachability
Reachability Crc Reachability
M Crc Reachability Crc
Conservation Cv
Conservation Cv
Conservation Cv
Conservation Cv
Figure 3 2S2C privacy preserving cohesion technique.
Cloud Client Request (CRq)
Trust policy
Rq=T, check Tpi No
Selecting pertinent Policy (Pi)
CRq < > 0
Submit to requesters (Rq, V»,Vt and CPpi)
Segregating as per negotiation rules
(TNpi)
Rq Policy converse-False
TRpj=ExSpj
^ True-Rq recognized
Psi"»SR
CPp^ Cloud Provider policy
CRq^ Cloud Requestor Policy
TPj^ Trusted Policy regulations
TNp^Trusted Negotiation policy regulations
TRpi-^Targeted Service request
ExSpi^Expected Service as per Cloud provider policy
Rq^Internal and External Request policies
V^ Internal and External Verification regulation
Vt^Internal and External Validation regulation
Figure 4 Sequential dynamic privacy preserving cloud service flow.
552278
D. Chandramohan et al.
Users Privacy Breach Prevention at End Point
CD Provider CD Req
CRXL...CRX., j CRy^^CRy.,
y I ""■----...
Different Providers
CDP,i CDP,2
Typical Requestors
Breach Trigger
Different Providers
I DPi Y_
"G,"- DP, ->|-
^ "G,"- DP,.....DPn
CRxi.. ..CRxn
Info Blocked
Typical Requestors
CRxn-1
CRxn-1
Oy- TRL. TR
CRy,....CRyn
Figure 5 Privacy breach prevention at cloud user's end point.
Preliminaries
Cloud Request Provider (CRPn) = {Rszn, Rsqn, Rcyn, Rcfn}
Synchronization (Rsz), Sequentiality (Rsq), Concurrency (Rcy) and Conflicts (Rcf) (2S2C), where the request gets varied accordingly form 0 to n and it is denoted as Request synchronization various form (0-n), Request Sequentiality various form (0-n), Request Concurrency various form (0-n) and Request Concurrency various form (0-n), where the 2S2C delivers its cohesive nature form this scenario by comparing with each service request and the condition applied by the provider. In this section we introduce the origin of 2S2C into the proposed framework as an ordinal highly cohesive module to verify user identification and their originality. Later the dynamic event driven function as priorities and decision making are carried out by definition and axioms described in this section.
Axiom 1
Cloud Request Provider (CRPn) = {Rszn, Rsqn, Rcyn, Rcfn}
Definition 1. Requester's inputs are mounted to verify and validate the user's identity for accessing information in the cloud using our proposed SSCC pre-requesting privacy cohesion technique. SSCC (Synchronization, Sequentiality, Concurrency and Conflicts also named as 2S2C technique)
Rcyn(Rsq1) = {Rsz1} Rcyn(Rsq2) = {RSZ2} Rcyn(Rsq3) = {RSZ3} Rcyn(Rsq4) = {Rsz4}
Rcfn(Rsq1) = {Rsz2, Rsz3} Rcfn(Rsq2) = {Rsz4} Rcfn(Rsq3) = {Rsz5} Rcfn(Rsq4) = {Rsz2}
Rcyn(Rsq5) = {Rsz4, Rsz5} Rcfn(Rsq5) = {Rsz1}
Definition 2. Sequential Execution: The sequential execution (SE) and its execution Sj can fire only after the firing of Si. This imposes the precedence constraints Si & Sj. Such precedence constraints are typically of the execution as a part of a dynamic system.
SEN-—1{Si, Sj} Iff Sj starts functioning only when Si is done with its verification.
Definition 3. Synchronization System: In the system while integrating and verification of highly cohesive synchronized execution process require a multiple resources to run in real-time system. Their state Sz gets enabled only when two different executions trigger and request St to get all (z', z") possible
results. Sz
Definition 4. Concurrency Identification: Cy deposits and verifies user request in two or more places to deliver correct user interaction ti, tj and System interaction (SIt) Si, Sj.
Cy ! (SIt((S„ Sj)*(t,, tj)))
Definition 5. User Conflict: If the user's response probability distributions get conflict with actual state (Cli/Clj) turned off to continue with the requested operation.
If (li = +ve) then
Continue to next position verification state; Deactivate "lj", {li = 0}; Return 0; Else
(li = +ve) make li as + ve State;
{lj = 0}; Deactivate li; & Return 0: procedure;
End If
(1) Cf = +ve : (Cli : Clj);
Rszn = {Rsz15 Rsz2, Rsz3, Rsz4, Rsz5};
Rsqn = {Rsq1,Rsq2,Rsq3,Rsq4, Rsq5}; , D .
> 2S2C Privacy Preserving Cohesion Technique (2)
Rcyn = {Rcy1, Rcy2; Rcy3; Rcy4; Rcy5}; Rcfn = {Rcf1, Rcf2, Rcf3, Rcf4, Rcf5};
JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18
Privacy preserving technique for cloud service user endorsement 9
Rszn Rsqn Rcyn Rcfn CLn
Step 1: CLn input is checked with 2S2C technique if it returns 1 go to next level else
Step: 2 If the resultants of step 1 return 0: then CLn check with next set of combinations until it returns 1 to make its true combination with next set of inputs.
Step 3: Repeat step 1 and 2: for all set of Modules in 2S2C technique and make sure until it returns 1.
Step 4: As per the 2S2C-PPPF algorithm, the input condition check with all combinational logic and returns false (0) and one combination return true (1)
Figure 6 2S2C privacy preserving logic diagram.
Figure 7 State transition diagram representation of 2S2Ci-modules in PPCT.
(a) (b)
Figure 8 (a, b) PPPF verification and validation of minimal-support T-Invariants and Linear Combinational construction of privacy conflict in cloud data storage.
571 In order to define the axioms of 2S2C its attributes are
572 debut by {SE, Sz, Cy, Cf} respectively, (Synchronization
573 (SE), Sequentiality (Sz), Concurrency (Cy) and Conflicts
574 (Cf)). The privacy preserving module is defined as PPMi vali-
575 dated with respect to i value which can be varied from i = (1
576 to n). In 2S2C scenario n has the maximum probability of 1
577 to 8. Similarly the liveness of first privacy module verification
578 of user request and their data is represented as (PCL0). Their
579 internal function f is calculated as per the transactions 't'
580 and the number of places 'p' required to complete a task f
581 (Tn, Pn).
582 Axiom 2
583 We define 2S2C as an axiom in our proposed PPPF using
584 definitions 1, 2, 3, 4, and 5. It should act consequently with dif-
585 ferent request and repeat the execution and generate its out-
586 come represented in axiom 2.
Figure 9 Privacy breach identified in recent years arise from leading Cloud Service Providers.
Privacy preserving technique for cloud service user endorsement
Resolution for Conflicting Transitions Probability Priority
T1 0.3 0.8
T2 0.5 0.6
T3 0.5 0.9
T4 0.5 0.1
T5 0.6 1.6
T6 0.8 2.9
T7 0.1 3.7
T8 0.5 4.2
T9 0.7 9.0
T10 0.3 12
Probability
Priority
T2 T3 T4 T5 T6 T7 T8 T9 T10
Transition Conflict
Figure 10 PPPF probability and priority privacy transition conflict in cloud data storage.
(a) (b)
Figure 11 (a, b) Global privacy breach prevention in data storage area using PPM.
Figure 12 (a, b) PPPF users secrecy prevention during data transitions request and response in the cloud.
{SE,SZ, Cy, Cf} -
' Rszn = {Rsz1, Rsz2, Rsz3, Rsz4, Rsz5} ; Rsqn = {Rsqi, Rsq2, Rsq3, Rsq4, Rsq5}; Rcy„ = { Rcyi, Rcy2, Rcy3, Rcy4, Rcy5} ; Rcfn — { Rcfi, Rcfz, Rcf3, Rcf4, Rcf5} ; SEN=^{Si, Sj}; S {St};
Cy ! {SIt ((Si, S;)*(ii, j)) ); Cf(ij) — +ve, [Cl, = 0], [Clj = £];
By converting into mathematical form T, * f(2S2C) f(Tn, Pn ) —2n
f(Tn, Pn) — 2n where n — {0,1,2, and 3} respectively as per 2S2C.
{f(Tn,Pn) — 2n} ) {f(To,Po) — 20, f(Ti,Pi) — 21, f(T2,P2) — 22, f(T3,P3) —23}
{f(Tn, Pn)—2n} ) {1,2,4,8}
598 600
Theorem 1. Let PPPF as PPMi protect the sensitive data 602
(5) present at the data center, by blocking multiple unknown 603
users' hands on confidential information stored in the cloud. 604
PPMi framework modules are communal to verify and are 605
checked with privacy 2S2C technique at each and every level. 606
t combinations
Figure 13 2S2C combinations in logical truth value portrayal.
607 User identification management gets interacted and authorized
608 according to the policy agreement between cloud users and
609 providers. The bonding among sub-system structure modules
610 are intra-dependent on each other so each input and output
611 sub tasks are dependent on 2S2C evaluation.
Proof. Now, PPMi modules are verified with 2S2C cohesion 612
technique in all possible conditions (initial, typical, custom, 613
and medium). Let's check the trial and error method to verify 614
the possibility of getting penetrated or blocking user into 615
source data 'Di'. 616
PPMi here let's consider i = N, where {N = (n + 1)}, 617
PPMi = Pn + f(Tn,Pn). 618
Liveness- C 619
In 2S2C {Rszn, Rsqn, Rcyn, Rcfn} = 2n where n = 620
{0, 1, 2, 3 ..., n} technique users input (information) parame- 621
ters are checked periodically with Cloud Request Provider 622
(CRPn) validating their suitability of accessing information 623
Table 2 Recent confrontation identified in leading cloud service providers.
Recent confrontation Facebook Google Dropbox Linkedln
2009 0 0 0 0
2010 0 0 1 0
2011 1 0 0 0
2012 0 1 1 1
Table 1 2S2C privacy preserving verification and validation.
Present state Input Next state Output
Rszn Rsqn Rcyn Rcfn CLn Rszn * CLn Rsqn * CLn Rcyn * CLn Rcfn * CLn CRPn = CLn + P ({Rszn * Rsqn * Rcyn * Rcfn})
0 0 0 0 0 0 0 0 0 0
0 0 0 0 1 0 0 0 0 0
0 0 0 1 0 0 0 0 0 0
0 0 0 1 1 0 0 0 1 0
0 0 1 0 0 0 0 0 0 0
0 0 1 0 1 0 0 1 0 0
0 0 1 1 0 0 0 0 0 0
0 0 1 1 1 0 0 1 1 0
0 1 0 0 0 0 0 0 0 0
0 1 0 0 1 0 1 0 0 0
0 1 0 1 0 0 0 0 0 0
0 1 0 1 1 0 1 0 1 0
0 1 1 0 0 0 0 0 0 0
0 1 1 0 1 0 1 1 0 0
0 1 1 1 0 0 0 0 0 0
0 1 1 1 1 0 1 1 1 0
1 0 0 0 0 0 0 0 0 0
1 0 0 0 1 1 0 0 0 0
1 0 0 1 0 0 0 0 0 0
1 0 0 1 1 1 0 0 1 0
1 0 1 0 0 0 0 0 0 0
1 0 1 0 1 1 0 1 0 0
1 0 1 1 0 0 0 0 0 0
1 0 1 1 1 1 0 1 1 0
1 1 0 0 0 0 0 0 0 0
1 1 0 0 1 1 1 0 0 0
1 1 0 1 0 0 0 0 0 0
1 1 0 1 1 1 1 0 1 0
1 1 1 0 0 0 0 0 0 0
1 1 1 0 1 1 1 1 0 0
1 1 1 1 0 0 0 0 0 0
1 1 1 1 1 1 1 1 1 1
JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18
Privacy preserving technique for cloud service user endorsement 13
Table 3 PPPF-minimal-support T-Invariants and Linear Combinational construction verification of privacy conflict in cloud data
storage.
Minimal support Linear Combinations constructed
T-Invariants
T1 30 150 69 39 54 11 34 51 107 88
T2 16 80 37 21 29 6 18 27 57 47
T3 0 0 0 0 0 0 0 0 0 0
T4 15 75 35 20 27 5 17 26 54 44
T5 0 0 0 0 0 0 0 0 0 0
T6 0 0 0 0 0 0 0 0 0 0
T7 0 0 0 0 0 0 0 0 0 0
T8 15 75 35 20 27 5 17 26 54 44
T9 1 5 2 1 0 1 2 4 3 0
T10 0 0 0 0 0 0 0 0 0 0
Table 4 PPPF resolution for conflicting transitions, probability and priority of privacy conflict in cloud data storage.
Resolution for conflicting transitions Probability Priority
T1 0.3 0.8
T2 0.5 0.6
T3 0.5 0.9
T4 0.5 0.1
T5 0.6 1.6
T6 0.8 2.9
T7 0.1 3.7
T8 0.5 4.2
T9 0.7 9.0
T10 0.3 12
624 stored in the cloud. The user's request URi communicates with
625 the cloud through our proposed technique as a privacy pre-
626 serving measure, according to our approach the request is sent
627 to PPCT-Privacy Preserving Cohesion Technique that consist
628 of eight different modules PPMi where i = {0, 1,2, ..., 7},
each and every input module gets hold of validation with the liveness module of 2S2C technique Cl, later its output acts as an input to subsequent modules. If liveness is inequitable, it throws its first exception info and exits from its farther symmetric cycle.
Let us consider the single sequence input request carried out inside 2S2C with zeroth module 'Cl'.
PPM, = PClo
(PClUi = PCLn + f(Tn, Pn)
(PCL)n+1 = MPn + f(Tn, Pn) * MPn - Current Module of PPM i.e. PCLn
Initially start with n = 0,
PClo + i = MPo + f(To,Po) * f(Tn, Pn) = 2n according to Axiom 2
PCL1 = MP1 + 20 PCli = 1 + 1 PCli = 2;
The result shows positive implication with 2S2C single input, similarly we have to verify with the rest three inputs,
Table 5a Global privacy breach prevention in data storage area using PPM.
Place name Arrival sum Arrival rate Arrival dist Throughput sum Throughput rate Throughput dist Waiting time Queue length
P1 171 0 0 125 0 0 0 0
p2 237 0 0 176 0 0 0 0
p3 171 0 0 188 0 0 0 0
p4 341 0 0 00 0 0 0
p5 88 0 0 75 0 0 0 0
P6 385 0 0 00 0 0 0
p7 280 0 0 00 0 0 0
Table 5b Global privacy breach prevention in data storage area using PPM.
Place name Arrival sum Arrival rate Arrival dist Throughput sum Throughput rate Throughput dist Waiting time Queue length
p1 167 0 0 66 0 0 0 0
p2 95 0 0 107 0 0 0 0
p3 219 0 0 229 0 0 0 0
p4 266 0 0 00 0 0 0
p5 114 0 0 105 0 0 0 0
p6 368 0 0 00 0 0 0
p7 441 0 0 00 0 0 0
662 663
Now put n = 1 in Eq. (6),
PCl1 + 1 = 2 + f(Tx,Px) [* PCLl = 2]
PCL2 = 2 + 21 ['.' f(Tn, Pn) — 2" according to Axiom 2]
PCL2 = 4;Now put n = 2 in Eq. (6),
PCL2+1 = 4 + f(T2, P2)[v PCl2 = 4]
PCL3 = 4 + 22 [* f(Tn, Pn) = 2n according to Axiom 2]
PCL3 = 8;Now put n = 3 in Eq. (6),
PCl3+1 — 8 + f(T2,P2)[v PCl3 — 8]
Cl0 —
Cl3 — '
Cl2 — <
+ 23[* f(Tn, Pn — 2n accordingtoAxiom2]
L2, PCl3, PCL4} — {2, 4,8,16}
0 1 11 0 1 11
0 0 00 1 0 00
0 1 11 0 1 11
0 0 11 0 1 11
0 0 00 1 1 00
0 1 11 0 1 11
CL1 — <
0 0 01 0 1 11
0 0 00 1 1 10
0 1 11 0 1 11
0 0 00 0 1 11
0 0 00 1 1 11
0 1 11 - 0 1 11
0 1 11 0 1 11
0 0 00 0 0 10
1 1 11 1 1 11
0 1 11 0 1 11
1 0 10 0 0 01
1 1 11 1 1 11
L J CL4 — < L
0 1 11 0 1 11
1 0 01 0 1 11
1 1 11 1 1 11
0 1 11 0 1 11
0 1 00 0 1 10
1 oc 11 1 1 11
0 1 11
0 0 00
1 1 11
0 1 11
1 0 00
1 1 11
0 1 11
1 1 00
1 1 11
0 1 11
1 1 10
1 1 11
CL5 —
0 1 11
1 1 11
1 1 11
CLn ! Cloud Liveness Wheren — {0,1,2, ...n}
If and only if all the 2S2C inputs get verified and the results 668
indicate a positive signal, then the 'PCL' overall output is car- 669
ried forward as an input value to PPMi the subsequent next 670
module. Similarly same process is repeated until PPMi and 671
2S2C cohesive technique gets verified and indicates a positive 672
response to the requested user. Immediately the user request 673
gets quit from PPMi workflow if any one of its module indi- 674
cates a negative sign (i.e.) the request is identified to be 675
unknown. 676
The 2S2C iteration and its module are verified with the rest 677
of PPMi form 1 to 8, Cloud request Safeness (Cs), Cloud 678
Request Boundedness (Cb), Cloud Conservation (Cv), Cloud 679
Request Reachability (Crc), Cloud Request Place Invariant 680
(Cpivt), Cloud Request Priority Levels (Cpl), Cloud Request 681
Reliability (Crty) and 2S2Ci. 682
Cloud providers (CRx1.. .CRxn), Cloud requestors 683
(CRy1.. .CRyn), Different Providers are defined by CRx CRx1 684
and Typical Requestors (TR) are denoted as (CRxn_! CRxn) 685
and (CRxn_!, TRi, CRxn_i, CRxj...CRxn). TR^'O" 686
initialized with cloud requestors CRxn_1, Oy-TR1.. .TRn. with 687
respect to "Q" CRx, DP1 and "Gx" DPx CRy1.. .CRyn. 688
5. Experimental methodology and result analysis 689
In this experimental methodology section, we first present the 690
control logic flow representation for the 2S2C technique. It is 691
then proceeded to necessary verification and validation for a 692
trusted authorization, which supports a state transition model- 693
Table 6a PPPF secrecy prevention in transitions states.
Transition Service Service Service Service Utilization
name sum rate dist time
t1 66 0 0 0 0
t2 53 0 0 0 0
t3 113 0 0 0 0
t4 114 0 0 0 0
t5 131 0 0 0 0
t6 226 0 0 0 0
t7 22 0 0 0 0
t8 53 0 0 0 0
t9 7 0 0 0 0
t10 215 0 0 0 0
666 667
In PCLn, {2, 4, 8, 16} ) 2S2Ci = {(2S2C0, 2S2Q, 2S2C2, 2S2C3)}; where i = {0, 1, 2, 3}.
Table 6b PPPF secrecy prevention in transition states.
Transition Service Service Service Service Utilization
name sum rate dist time
t1 119 0 0 0 0
t2 84 0 0 0 0
t3 88 0 0 0 0
t4 88 0 0 0 0
t5 140 0 0 0 0
t6 148 0 0 0 0
t7 113 0 0 0 0
t8 83 0 0 0 0
t9 5 0 0 0 0
t10 132 0 0 0 0
L4 —
JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18
Privacy preserving technique for cloud service user endorsement 15
Table 7 PPPF Coverability Tree - Text Mode M [p1, p2, p3,
p4, p5, p6, p7]; M = [100, m]; M0 = ; [100, 200].
From Fired To
M0 T0, T1 M1
M1 T1, T2 M2
M2 T2, T3 M3
M3 T3, T4 M4
Mn TN M.+ 1
Table 8 PPPF input invariance IM preservation time in mSec.
CA(n) CPn-Time Invariant in mSec
CA(0) 305.0035
CA(1) 205.0073
CA(2) 307.0037
CA(3) 127.0062
CA(4) 9.0037
CAn Cn1, Cn2, Cn3, ... Cn - 1, Cn, Cn + 1
ing for the proposed cohesive technique. The experiment analysis is followed with necessary comparison and evaluation parameters. The proposed flow is evaluated with the Petri-net (PN) tool to check its efficiency in normal, medium and critical scenarios. Then we compared the PPPF with the existing privacy frameworks and its features are illustrated with a table representation, which shows the PPPF implementation architecture performance is comparatively high in all scenarios.
Table 1 illustrates the clear mock-up identification of recent privacy breach happened globally by leading cloud providers. Facebook vows to fix major privacy breach-Australian report-sep-2011 (Facebook Vows to Fix Major Privacy Breach, 2011). Google pays $22.5 million to settle privacy charges: July-2012 WSJ-Wall Street Journal (WSJ, 2012). Linkedln sheds more light on Privacy Breach, san-fancisco: LinkedIn corps criticized for inadequate network security after hackers exposed millions of its user's passwords Jun-2012 (LinkedIn Corp, 2012).
Dropbox confirms it got hacked, will offer two-factor authentication. Spammers used stolen password to access a list of Dropbox user e-mails. Aug-12 (Dropbox User, 2012). Salesforce.com sent an e-mail to its customers notifying them that a variety of recent phishing attacks against salesforce and officially confirmed they are hacked (www.zdnet.com) (see Table 2).
2S2 Ci ? Where {i = 0, 1, 2...15}, PPCTi ? Where {i = 0, 1, 2...7}, 2S2C - {Synchronization (Rsz), Sequentiality (Rsq), Concurrency (Rcy) and Conflicts (Rcf)}, PPCT-{Privacy Preserving Cohesion Technique}, NMt-Next Module present in PPCT-Technique.
All input requests are processed through the proposed system (2S2C-PPCT), where PPCT consists of eight different modules and 2S2C has four different qualitative attributes, these attributes are considered in digital logic combinational approach starting from 0 to 15, unerringly the system checks 16 different combinations i.e. (0000, 0001, 0010,... 1101, 1110, 1111) and communicates with those four qualitative attributes. Two different input states {0, 1} are checked with these combinations to arrive at an authenticate and authorized state. It is explained in Fig. 5 with the help of a transition state diagram. Correspondingly Fig. 5 processes all eight different modules {Liveness-Cl, Safeness-Cs, Boundedness-Cb, Conservation-Cv, Reachability-Crc, Place Invariant-Cpivt, Priority Levels-Cpl, Reliability-Crty} in same way by communicating with {Rsz, Rsq, Rcy, Rcf}.
Table 10 Input invariance IM preservation time in mSec.
A(n) Time invariant in mSec
A(0) 408.0059
A(1) 409.0059
A(2) 409.0063
A(3) 274.0084
A(4) 9.0054
An n1, n2, n3, ... n — 1, n, n + 1
Table 9 Privacy preserving representation in complex logical interaction of PPPF.
Consistent
Structural enabling bound (SE)
TI PI SE SE SE SE SE SE SE SE SE SE
T1 T2 T3 T4 T5 T6 T7 T8 T9 T10
P1 B X Y Y Y UD UD UD UD UD UD UD UD UD UD
P2 UB X Y Y Y D D UD UD UD UD D UD D UD
P3 B Y Y N Y UD D D UD D UD UD D UD UD
P4 B X Y N Y UD UD D UD UD D D UD UD UD
P5 UB Y Y N Y UD UD UD D UD UD UD UD D UD
P6 UB X Y N Y UD UD UD UD UD D D UD UD UD
P7 UB X Y N Y UD UD UD UD UD D D UD UD D
D. Chandramohan et al.
5.1. Minimal-support T-Invariants
n-Rank (A) = 3 => at most T-Invariants are linearly independent Linear Combinations constructed with these vectors are displayed after 2nd column (see Tables 3-9).
and responses as Tn = {T1, T2, T3, T4, T5, T6, T7, T8, T9, T10} and its input variance IM = [At (A0 * AJ}
Ai (Ac — Ai) ? IM = Ai (Tn * Pn) IM = Ai (T10 * P7)
<?xml version = "1.0"?> <Color> black</Color>
<PNToolbox> <PPMMessage>Firing transition t2</PPMMessage>
<PPMModel_name >PPM.xml</PPMModel_name> <Label>
<Type>2</Type> < !-- T-timed CPN-- > <Name >t2</Name>
<Seed>66</Seed> < !-- initialseed-- > <Offset> 0.70,-0.34< /Offset>
<Place> < !-- placedefinitionCRn -- > <Visible>yes</Visible>
<Id>p1 </Id> < !-- place'sid CPn-- > </Label>
<Value>5,43</Value> <Time>
<Color>black</Color> <PPMDistribution>cont. uniform</PPMDistribution>
<Label> <PPMParameters>2.5,7</PPMParameters>
<Name >Cp1</Name> </Time >
<Offset> 0.50,-0.20< /Offset> </PPMTransition>
<Visible>yes</Visible> <PPMArc>
</Label> <Id>a1 </Id>
<PPMInitialMarking>5</PPMInitialMarking> <From>p1</From>
<PPMCapacity>Inf< /PPMCapacity> <To>t1</To>
</Place> <Style>1</Style>
<PPMTransition> <Type>1</Type>
<Id>Ct1</Id> <Color> black</Color>
<Value>8 ,45</Value> <Weight>2</Weight>
<Color>black</Color> </PPMArc>
<PPMMessage>Firing transition Ct1</PPMMessage > <PPMArc>
<Label> <Id>a2 </Id>
<Name >t1</Name> <From>p1</From>
<Offset> 0.41,-0.12< /Offset> <To>t2</To>
<Visible>yes</Visible> <Style>1</Style>
</Label> <Type>1</Type>
<Time> <Color> black</Color>
<PPMDistribution> constant</PPMDistribution> <Weight>3</Weight>
<PPMParameters>3< / PPMParameters> </PPMArc>
</Time > <PPMProbability>
</PPMTransition> <PPMTransitions>t1 ,t2</PPMTransitions>
<PPMTransition> <Values> 0.25,0.75</Values>
<Id>t2</Id> </PPMProbability>
<Value> 6,37</Value> </PNToolbox>
User Request-UR; Bounded-B; UN-Bounded-UB; Structured Boundedness-SB; Structured Conservativeness-SC; True-Y; False-X; Repetitiveness-R; TI-T-Invariant; I-P-Invariant; Determined-D; Undetermined-UD; Consistent-C; Structural enabling Bound-SE.
An incidence Matrix form of cloud service exchange and user interaction is happening at different service request and its privacy verification and evaluation process is denoted in the form of a matrix Ai (A0 * Ai). Cloud service exchange is denoted by Pn = {P1, P2, P3, P4, P5, P6, P7}, Interaction service request
Table 11 Different data privacy preserving frameworks in the cloud and their prime factors compared with PPPF.
Comparison of GEODAC DPPCSF CS- PPPF
frameworks MPCF
Policy based approach P X X p
Symmetric key X P X p
encryption
Key derivation X P X p
algorithm
State machine P X X p
representation
Petrinet layers X X X p
Watermark detection X X p X
Compressive sensing X X p X
Cohesive technique X X X p
Privacy preserving technique for cloud service user endorsement
A, — (10 * 7)
Aq — (10 * 7)
A — (Aq - A,)
1 0 0 0 0 0 0
0 1 0 0 0 0 0
0 0 1 0 0 0 0
0 0 1 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 0 0 0 0 0 0
0 1 0 0 0 0 0
0 0 0 0 15 0 0
0 0 0 0 0 0 0
0 1 0 0 0 0 03
0 0 0 0 0 0 0
0 0 1 1 0 0 0
1 0 0 0 1 0 0
0 0 0 1 0 1 0
0 0 0 0 0 0 1
0 1 0 1 0 1 0
1 0 1 0 0 0 0
0 1 0 0 0 0 0
0 0 0 0 0 1 1
r -1 1 0 0 0 0 03
0 -1 0 0 0 0 0
0 0 0 1 0 0 0
1 0 -1 0 1 0 0
0 0 0 1 0 1 0
0 0 0 0 0 0 1
0 1 0 1 0 1 0
1 -1 1 0 0 0 0
0 1 0 0 -15 0 0
0 0 0 0 0 1 1
Table 10 shows the timed invariants and its iterations happen in these stipulated time intervals from different users to Cloud Service Providers.
Designs of privacy preserving cloud storage framework, GEODAC framework and a compressive sensing based framework have been proposed literally to preserve user information in the cloud. Huang et al. (2010) privacy framework the researchers concentrated on symmetric key encryption algorithm clustered with lazy revocation, multi-tree structure, and extirpation based key derivation algorithm. Li et al. (2011) framed a policy based privacy framework to preserve data in the cloud. Wang et al. (2014) studied the multimedia privacy issue and developed a compressive sensing based framework using MCP which protects semi-trust users. PPPF demonstrates the data privacy potency in a cloud storage area with Petri-net based cohesive framework to preserve and prevent the cloud user's data privacy. The paper analyses the effectiveness of PPPF and its feasibility by comparing existing frameworks in Table 11. PPPF identifies the un-trusted users and voids their services if they are trying to access the private information stored in the cloud.
6. Conclusions 787
This paper discusses the need for a generic privacy preserving 788
framework, which performs a decisive task in preserving user's 789
confidential data, which is stored in the cloud storage service 790
provider. The Gargantuan rise in the cloud service era, may 791
lead to users losing control over the storage environment. 792
However, users software, applications, platform, entertain- 793
ment, E-governance along with the list growing as it tries to 794
satisfy the ever-growing concerns of service users valuable data 795
pertained in the cloud service utilization. Cloud users are com- 796
pelled to share their complete niceties and information to the 797
providers by accepting cloud provider's terms and conditions. 798
Only 5% to 10% of the users are aware of the fact that the pro- 799
vider has access to their personal information. This is a serious 800
issue in the emerging cloud storage world. This paper 801
addresses these issues and proposes a novel generic approach 802
with framework to protect and preserve the user's privacy. 803
Future work should be there focusing on improving the algo- 804
rithm, policy and authorization strategies in dynamic real time 805
cloud environment to adapt its practicability without effecting 806
the performance of cloud computing. 807
Acknowledgements 808
This work is a part of the Research Project sponsored under 809
the scheme of Major Research Project, UGC, India. Reference 810
number F.No. 41-616/2012 (SR), dated 18 July 2012. The 811
authors would like to express their thanks for the financial sup- 812
port offered by the Sponsored Agency. 813
References 814
Al-Muhtadia, Jalal, Hillb, Raquel, Al-Rwaisa, Sumayah, 2011. Access 815
control using threshold cryptography for ubiquitous computing 816
environments. J. King Saud Univ. - Comput. Inf. Sci. 23 (2), 71-78. 817
Chadwick, David W., Fatema, Kaniz, 2012. A privacy preserving 818
authorization system for the cloud. Elsevier-J. Comput. Syst. Sci., 819
1359-1373 820
Chandramohan, D., Vengattaraman, T., Basha, M.S.S., Dhavachel- 821
van, P., 2012. MSRCC-Mitigation of security risks in cloud 822
computing, Springer Book Series-AISC-2012, India, vol. 176, doi: 823
http://dx.doi.org/10.1007/978-3-642-31513-8_54, ISBN: 97 8-3-642- 824
31513-8, pp. 525-5 32 . 825
Chandramohan, D, Vengattaraman, T., Dhavachelvan, P., 20 1 2. 826
HPPC-hierarchical Petri-net based privacy nominal model 827
approach for Cloud. In: Annual IEEE India Conference (INDI- 828
CON) Kochi, 2012, 1052, doi: http://dx.doi.org/10.1109/INDCON. 829
2012.6420771, ISBN: 978-1-4673-2270-6. pp. 1047-1052. 830
Chandramohan, D., Vengattaraman, T., Rajaguru, D., Baskaran, R., 831
Dhavachelvan, P., ''A privacy preserving representation for web 832
service communicators' in the cloud. In" QSHINE-2013, 9th 833
International Conference on Heterogeneous Networking for Qual- 834
ity, Reliability, Security and Robustness, India, Lecture Notes of 835
the Institute for Computer Sciences, Social-Informatics and 836
Telecommunications Engineering, vol. 115, doi: http://dx.doi.org/ 837
10.1007/978-3-642-37949-9_44, ISBN:978-3-642-37948-2, pp. 496- 838
50 6 . 839
Debnath, Ashmita, Singaravelu, Pradheepkumar, Verma, Shekhar, 840
2014. Privacy in wireless sensor networks using ring signature. J. 841
King Saud Univ. - Comput. Inf. Sci. http://dx.doi.org/10.1016/j. 842
jksuci.20 13.12.00 6 . 843
844 Dropbox confirms it got hacked, will offer two-factor authentication
845 Spammers used stolen password to access list of Dropbox user
846 e-mails.Aug-12, News-Conde Nast <http://www.Foxnews.com>.
847 Facebook Vows to Fix Major Privacy Breach-Australian Report-Sep-
848 2011, <http://www.Foxnews.com>.
849 Google to pay $22.5 million to settle privacy charges: July-2012 WSJ-
850 Wall Street Journal, <http://www.IBM Live>.
851 Hao, Zhuo, Zhong, Sheng, Yu, Nenghai, 2011. A privacy-preserving
852 remote data integrity checking protocol with data dynamics and
853 public verifiability. IEEE Trans. Knowl. Data Eng. 23 (9), 1432854 1437.
855 Huang, Ruwei, Yu, Si, Zhuang, Wei, Gui, Xiaolin, November 2010.
856 Design of privacy-preserving cloud storage framework, In: The
857 Ninth International Conference on Grid and Cloud Computing,
858 Nanjing, Jiangsu, China, pp. 1-5.
859 Huang, RuWei, Gui, XiaoLin, Yu, Si, Zhuang, Wei, 2011. Research
860 on privacy-preserving cloud storage framework supporting cipher-
861 text retrieval. International Conference on Network Computing
862 and Information Security (NCIS) 1, 93-97.
863 Itani, Wassim, Kayssi, Ayman, Chehab, Ali, 2009. Privacy as a service-
864 privacy-aware data storage and processing in cloud computing
865 architectures. In: Eighth IEEE International Conference on
866 Dependable, Autonomic and Secure Computing, pp. 711-716.
867 Khan, S.M., Hamlen, K.W., 2012. Anonymous cloud: a data
868 ownership privacy provider framework in cloud computing. In:
869 IEEE 11th International Conference on Trust, Security and Privacy
870 in Computing and Communications (TrustCom), pp. 170-176.
871 Li, Jun, Stephenson, Bryan, Motahari-Nezhad, Hamid Reza, Singhal,
872 Sharad, 2011. IEEE Trans. Serv. Comput. 4 (4), 340-354.
873 Lin, Huang, Shao, Jun, Zhang, Chi, Fang, Yuguang, 2013. CAM:
874 cloud-assisted privacy preserving mobile health monitoring. In:
875 IEEE Transactions on Information Forensics and Security, vol. 8
876 (6), pp. 985-997.
877 Linkedln sheds more light on privacy breach, San-fancisco: LinkedIn
878 Corp, criticized for inadequate network security after hackers
879 exposed millions of its users'passwords Jun-2012, <http://www.
880 IBM Live >.
881 Liu, Qin, Wang, Guojun, Wu, Jie, 2009. An efficient privacy
882 preserving keyword search scheme in cloud computing. In: IEEE
883 International Conference on Computational Science and Engineer-
884 ing, CSE '09, pp. 715-720.
885 Liu, Qin, Wang, Guojun, Jie, Wu, 2012. Secure and privacy preserving
886 keyword searching for cloud storage services. Elsevier-J. Network
887 Comput. Appl. 35 (3), 927-933.
888 Nimgaonkar, S., Kotikela, S., Gomathisankaran, M., 2012. CTrust: a
889 framework for secure and trustworthy application execution in
890 cloud computing. In: International Conference on Cyber Security
891 (CyberSecurity), pp. 24-31.
Pearson, Siani, 2009. Taking account of privacy when designing cloud 892
computing services. In: IEEE ICSE Workshop on Software 893
Engineering Challenges of Cloud Computing, CLOUD, pp. 44-52. 894
Ray, Sangram, Biswas, G.P., 2014. A certificate authority (CA)-based 895
cryptographic solution for HIPAA privacy/security regulations. J. 896
King Saud Univ. - Comput. Inf. Sci. http://dx.doi.org/10.1016/]. 897
jksuci.2013.10.001. 898
Singhal, M., Chandrasekhar, S., Ge, Tingjian, Sandhu, R., Krishnan, 899
R., Ahn, Gail-Joon, Bertino, E., 2013. Collaboration in multicloud 900
computing environments: framework and security issues. IEEE 901
Comput. Mag. 46 (2), 76-84 . 902
Wang, Jian, Zhao, Yan, Jiang, Shuo, Le, Jiajin, 2010. Providing 903
privacy preserving in cloud computing. In: 3rd IEEE Conference 904
on Human System Interactions (HSI), pp. 472-475. 905
Wang, Guojun, Liu, Qin, Wu, Jie, Guo, Minyi, 2011. Hierarchical 906
attribute-based encryption and scalable user revocation for sharing 907
data in cloud servers. Comput. Secur. - Elsevier, 320-331. 908
Wang, Qian, Wang, Cong, Ren, Kui, Lou, Wenjing, Li, Jin, 2011. 909
Enabling public auditability and data dynamics for storage security 910
in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22 (5), 847- 911
859. 912
Wang, Q., Zeng, W., Tian, J., 2014. A compressive sensing based 913
secure watermark detection and privacy preserving storage frame- 914
work. IEEE Trans. Image Process. 23 (3). 915
Wei, Yang, Jianpeng, Zhao, Junmao, Zhu, Wei, Zhong, Xinlei, Yao, 916
2012. Design and implementation of security cloud storage 917 framework. In: Second International Conference on Instrumenta- 918 tion, Measurement, Computer, Communication and Control 919 (IMCCC), pp. 323-326. 920
< http://www.zdnet.com/blog/berlind/phishing-based-breach-of-sales- 921
force >. 922
Zhang, Gaofeng, Yang, Yun, Chen, Jinjun, 2012. A historical 923
probability based noise generation strategy for privacy protection 924
in cloud computing. Elsevier-J. Comput. Syst. Sci. 78 (5), 13 74- 925
1381. 926
Zhang, Joy Ying, Wu, Pang, Zhu, Jiang, Hu, Hao, Bonomi, Flavio, 927
2013. Privacy-preserved mobile sensing through hybrid cloud trust 928 framework. In: IEEE Sixth International Conference on Cloud 929 Computing (CLOUD), pp. 9 52-95 3 . 930
Zhao, Gansen, Li, Ziliu, Li, Wenjun, Zhang, Hao, Tang, Yong, 20 1 2 . 931
Privacy enhancing framework on PaaS. In: International Confer- 932
ence on Cloud and Service Computing (CSC), pp. 131-137. 933
Zhou, Minqi, Zhang, Rong, Xie, Wei, Qian, Weining, Zhou, Aoying, 934
2010. Security and privacy in cloud computing a survey. In: Sixth 935
IEEE International Conference on Semantics Knowledge and Grid 936
(SKG), pp. 105-112. 937
