Scholarly article on topic 'A new privacy preserving technique for cloud service user endorsement using multi-agents'

A new privacy preserving technique for cloud service user endorsement using multi-agents Academic research paper on "Computer and information sciences"

CC BY-NC-ND
0
0
Share paper
Keywords
{"Privacy preserving" / Petri-net / Cohesion / Authorization / Multi-agents / "Web service"}

Abstract of research paper on Computer and information sciences, author of scientific article — D. Chandramohan, T. Vengattaraman, D. Rajaguru, P. Dhavachelvan

Abstract In data analysis the present focus on storage services are leveraged to attain its crucial part while user data get compromised. In the recent years service user’s valuable information has been utilized by unauthorized users and service providers. This paper examines the privacy awareness and importance of user’s secrecy preserving in the current cloud computing era. Gradually the information kept under the cloud environment gets increased due to its elasticity and availability. However, highly sensitive information is in a serious attack from various sources. Once private information gets misused, the probability of privacy breaching increases which thereby reduces user’s trust on cloud providers. In the modern internet world, information management and maintenance is one among the most decisive tasks. Information stored in the cloud by the finance, healthcare, government sectors, etc. makes it all the more challenging since such tasks are to be handled globally. The present scenario therefore demands a new Petri-net Privacy Preserving Framework (PPPF) for safeguarding user’s privacy and, providing consistent and breach-less services from the cloud. This paper illustrates the design of PPPF and mitigates the cloud provider’s trust among users. The proposed technique conveys and collaborates with Privacy Preserving Cohesion Technique (PPCT), to develop validate, promote, adapt and also increase the need for data privacy. Moreover, this paper focuses on clinching and verification of unknown user intervention into the confidential data present in storage area and ensuring the performance of the cloud services. It also acts as an information preserving guard for high secrecy data storage areas.

Academic research paper on topic "A new privacy preserving technique for cloud service user endorsement using multi-agents"

JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18

Journal of King Saud University Computer and Information Sciences (2015) xxx, xxx-xxx

King Saud University

Journal of King Saud University -Computer and Information Sciences

www.ksu.edu.sa www.sciencedirect.com

Journal of

King Saud University -

Computer and

Information Sciences

3 A new privacy preserving technique for cloud

4 service user endorsement using multi-agents

5 D. Chandramohan *, T. Vengattaraman, D. Rajaguru, P. Dhavachelvan

6 Dept of Computer Science, Pondicherry University, Pondicherry, India

7 Received 22 March 2013; revised 7 April 2014; accepted 4 June 2014

KEYWORDS

Privacy preserving;

Petri-net;

Cohesion;

Authorization;

Multi-agents;

Web service

Abstract The present focus on the cloud storage services are leveraged its crucial part while user data get compromised. In the recent years service user's valuable information has been utilized by unauthorized users and service providers. This paper examines the privacy awareness and importance of user's secrecy preserving in the current cloud computing era. Gradually the information kept under the cloud environment gets increased due to its elasticity and availability. However, highly sensitive information is in a serious attack from various sources. Once private information gets misused, the probability of privacy breaching increases which thereby reduces user's trust on cloud providers. In the modern internet world, information management and maintenance is one among the most decisive tasks. Information stored in the cloud by the finance, healthcare, government sectors, etc. makes it all the more challenging since such tasks are to be handled globally. The present scenario therefore demands a new Petri-net Privacy Preserving Framework (PPPF) for safeguarding user's privacy and, providing consistent and breach-less services from the cloud. This paper illustrates the design of PPPF and mitigates the cloud provider's trust among users. The proposed technique conveys and collaborates with Privacy Preserving Cohesion Technique (PPCT), to develop validate, promote, adapt and also increase the need for data privacy. Moreover, focus on the flexibility and availability of confidential data without affecting the performance of the cloud services. It also acts as an information preserving guard for high secrecy data storage areas. © 2015 Production and hosting by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

1. Introduction

Corresponding author. E-mail addresses: pdchandramohan@gmail.com (D. Chandramohan), vengattaraman.t@gmail.com (T. Vengattaraman), raja.guru42@gmail. com (D. Rajaguru), dhavachelvan@gmail.com (P. Dhavachelvan). Peer review under responsibility of King Saud University.

Contemporary IT-research makes web users share their 20

resources from anywhere and everywhere through service- 21

computing using cloud technologies. The emerging and vast 22

growing cutting edge information technologies is paving way 23

toward the next level of computing by utilizing software, hard- 24

ware, operating systems, and all expected IT services globally 25

in a matter of time with an affordable cost, with the help of 26

user convenient devices throughout the world connected using 27

cloud computing. User behavior regulation has been chosen as 28

http://dx.doi.Org/10.1016/j.jksuci.2014.06.018

1319-1578 © 2015 Production and hosting by Elsevier B.V. on behalf of King Saud University.

This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

29 one main strategic element by the content protection technolo-

30 gies. Privacy became one of the values embedded in content

31 protection system design. In addition to the development of

32 the content protection, technology can respond to privacy pro-

33 tection requirement in a goal oriented approach. Privacy no

34 longer means anonymity/secrecy, when it comes to safeguard-

35 ing of people's private communication and financial informa-

36 tion (Facebook Vows to Fix Major Privacy Breach, 2011).

37 Next generation privacy preserving models and its principles

38 have been already implemented by a few organizations for the

39 sake of economic cooperation and development, especially,

40 Asia pacific economic cooperation, United States federal trade

41 commission, European Union Privacy directive, and federal

42 and state/provincial laws in many countries. Self regulatory

43 regions and industry serve as the starting point of protection

44 around the world. But the realities of data fueled economy

45 require a re-examination of how to implement a principle in a

46 way that almost effectively serves the consumers. Privacy policy

47 for private and government sectors are set on to implement a

48 technologically advanced framework to protect highly confi-

49 dential information stored in the cloud (WSJ, 2012).

50 Some research labs framed its objectives to add value for

51 framing a generic framework for blocking the breach happen-

52 ing and the privacy preservation development is to achieve and

53 to protect privacy in significant ways, their objectives are to

54 optimize the use of data for the benefit of both individuals

55 and society, ensure that those data are accountable for its

56 use, provide a regime that permits more effective oversight

57 by regulators, and work effectively in a modern connected

58 society. A data rich world requires numerous user controls

59 and transparency features for both cloud users and providers

60 to achieve privacy preserving objectives.

61 The end-user's valuable data are processed and stored in

62 the cloud with different geographical locations. The leading

63 service provider gives access to the storage as-a-services

64 through their software as-a-services. User's information is

65 under serious issue by unauthorized accesses. It is vulnerable

66 if the secret data get compromised. Moreover, third party ser-

67 vice providers are fond of user's private information for their

68 business. It took place in a few computations, despite retriev-

69 ing data from the storage services. It is a prime factor for every

70 Cloud Service Provider to ensure the confidentiality of the

71 user's private and personal data. To preserve data, the provi-

72 der adopts their own framework and maintains the privacy

73 of the registered users.

74 This paper is organized as follows. Section 2 presents the

75 study of similar work and study identified in the cloud to pre-

76 serve the privacy of the user data. Section 3 describes the for-

77 mulation of Petri-net Privacy Preserving Framework and its

78 layers. Section 4 presents the workflow of the framework and

79 focus on Synchronization, Sequentiality, Concurrency and

80 Conflicts (2S2C) approach. It is also to focus on the framework

81 feasibility and its efficiency in the cloud environment. Section 5

82 presents an evaluation of experimental results analysis and its

83 comparison. Finally, Section 6 presents the conclusion part

84 with future key factor to carry the research further.

85 2. Related and background work

86 In cloud data storage, privacy preserving is one apex concern

87 in today's emerging IT world. Many researchers have been tar-

geting this field. Liu et al. (2012), investigate the characteristics 88

of cloud storage services and propose a secure and privacy pre- 89

serving keyword searching scheme. This allows the Cloud Ser- 90

vice Providers (CSP) to participate in the decipherment, and to 91

return only files containing certain keywords specified by the 92

users. His team focused on reducing both the computational 93

and communication overhead in decryption for the user's data, 94

on the condition of preserving user data privacy and user 95

querying privacy. Hao et al. (2011), propose a remote data 96

integrity checking protocol that supports data dynamics. 97

It supports public verifiability. The proposed protocol sup- 98

ports public verifiability without the help of a third-party audi- 99

tor. Wang et al. (2011), studied the problem of ensuring the 100

integrity of data storage in Cloud Computing. The task of 101

allowing a third party auditor, on behalf of the cloud client, 102

is to verify the integrity of the dynamic data stored in the 103

cloud. The authors found it is critical to enable a Third Party 104

Auditing to evaluate the service quality from an objective and 105

independent perspective. Zhang et al. (2012), check the cus- 106

tomer's need to take certain actions to protect their privacy 107

with noise injection. Service providers will be confused about 108

which requests are real ones. The authors develop a novel his- 109

torical probability based noise generation strategy. It generates 110

noise requests based on their historical occurrence probability 111

so that all requests including noise and real ones can reach 112

about the same occurrence probability, and then service provi- 113

ders would not be able to distinguish them. Wang et al. (2011), 114

proposed an approach to solve the problems of privacy and 115

security by including access control for the encrypted data, 116

and revoking the access rights from users when they are no 117

longer authorized to access the encrypted data. 118

The authors propose a hierarchical attribute based encryp- 119

tion scheme, by combining a hierarchical identity based 120

encryption system and a cipher text-policy attribute-based 121

encryption system. Liu et al. (2009), investigated the character- 122

istics of cloud computing and proposes an efficient privacy 123

preserving keyword search scheme in cloud computing and it 124

enables the service provider to search the keywords on 125

encrypted files to protect the user data privacy and the user 126

queries privacy efficiently. Public Key Encryption and decryp- 127

tion techniques adapted in this paper provide privacy in cloud. 128

It allows the service provider to participate in partial decipher- 129

ment to reduce a client's computational overhead. It is seman- 130

tically secure. Itani et al. (2009), present Privacy as a Service 131

(PasS) a set of security protocols for ensuring the privacy 132

and legal compliance of customer data in cloud computing 133

architectures. PasS allows for the secure storage and process- 134

ing of users' confidential data by leveraging the tamper-proof 135

capabilities of cryptographic coprocessors. The author uses 136

tamper-proof facilities to provide a secure execution domain 137

in computing cloud that is physically and logically protected 138

from unauthorized access. Author achieved user-configurable 139

software protection and data privacy mechanisms by his pro- 140

posed approach. 141

Wang et al. (2010), explain that in each cloud service it will 142

exchange data with other clouds, so when the data are 143

exchanged between the clouds there exists the problem of dis- 144

closure of privacy. Privacy disclosure problem about individ- 145

ual or company is inevitably exposed while releasing or 146

sharing data in the cloud service. This paper suggests some pri- 147

vacy preserving technologies used in cloud computing services. 148

The author argued that it is very important to take privacy 149

JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18

Privacy preserving technique for cloud service user endorsement 3

into account when designing cloud services. Zhou et al. (2010), found that the concerns are not adequate and more should be added in terms of five aspects (i.e., availability, confidentiality, data integrity, control, and audit) for security.

Released acts on privacy to protect users' private information in the new environment are out of date. The author studied adapting released acts for new scenarios in the cloud, which will result in more users to step into cloud. Pearson (2009), discusses the privacy challenges that software engineers face when targeting the cloud as their production environment to offer services are assessed, and key design principles are suggested. The author explains the risks to privacy mitigated and that data are not excessive, inaccurate or out of date, or used in unacceptable or unexpected ways beyond the control of data subjects. Many authors propose a privacy approach to prevent users' valuable information in cloud data center (Chandramohan et al., 2012a,b; 2013).

Huang et al. (2010) found an interactive protocol and an extirpation based key derivation algorithm combined with lay revocation, multi-tree structure and symmetric encryption to form a privacy preserving, effective framework for cloud storage area. Li et al. (2011) Global Enforcement of Data Assurance Control (GEODAC) framework is proposed to assure data enforcement globally by a policy approach. It preserves the data retention, data migration, and data appropriateness which are stored in cloud. Moreover, the policy is represented by a state of lifecycle stages and a state machine based representation. Wang et al. (2014) secure watermark detection is described in a compressive sensing based framework using multiparty computation protocol (MCP) under semi-honest security model.

To hide private data from the unauthorized services and users, an interactive protocol is designed to resolve the cloud storage privacy preservation. A key derivation algorithm is adopted to generate and manage keys of the data owners and storage service providers (Huang et al., 2011). The data ownership to avoid the anonymous authentication based on public key cryptography, and a tunable k-control trade-off between the degree of anonymity and the computational overhead were imposed by the system. In which, it would be a control system framework for the cloud users (Khan and Hamlen,

2012). Personalizing the computing by intelligent processing in hybrid cloud to predict the user activity and their interventions are monitored using the privacy framework (Zhang et al.,

2013). A virtual application with customized security policies are adopted to provide such services in a preventable approach (Zhao et al., 2012).

To maintain the user secrecy and leverage the need of confidentiality prevention a complete study has been deliberated which proposed a framework to prevent the information (Wei et al., 2012). To reduce the data redundancy and data duplication in the cloud efficient block encryption and duplication algorithms are used to design a privacy preserving framework in Nimgaonkar et al. (2012). Moreover, to reduce the computation complexity a key proxy re-encryption is used. CTrust framework for ubiquitous access restriction used a secure hyper visor as a building block to prevent the storage area discussed in Lin et al. (2013). This framework is working with partial trust on service providers. A proxy based framework was proposed by a team of researchers in Singhal et al. (2013) for preserving mobile health monitoring system by coupling with decryption technique. In the cloud, services are

leveraged as storage, network and servers, which are provided by platform as a service.

Ray and Biswas (2014) described the cryptographic solution for preserving the security of healthcare service customers by HIPAA policy. Moreover, Al-Muhtadia et al. (2011) maintain a threshold limit for a ubiquitous environment using cryptography techniques. Debnath et al. (2014) show the advantage of ring signature as a digital verification to prevent the unknown user's intrusion in the sensor networks.

3. Proposed approach: PPPF

The development of computing technology evolved through cloud computing. The whole IT world, academic sector, finance sector, government sector, and health care system have adapted cloud services in their work area. Users may access their data anywhere when in need of it. Cloud computing delivers their request as in the form of services to them. One can keep away from owning huge storage area and maintaining it by storing their data in the cloud. User's data privacy became a question mark by deploying their personal database in the cloud. Data stored in the service provider's end is highly risky because anyone can identify and collect one's personal information and it may lead to privacy bleach. Unknown cloud users may cause leakage in personal information by regular monitoring and collecting data regarding the client. The proposed framework acts as a secrecy locker for cloud users and providers. The PPPF focuses on layered approach which incorporates the traditional state transition representation with compressive data handling, mutual service oriented structure, unauthorized user detection key encryption handling and decryption identification to preserve users confidentiality in the cloud environment.

Privacy strategists are dealing today with multitudinous devices, applications and networks that need to be secured. There may be several ways to secure applications. These include web application firewalls, real time application monitoring and two factor authentication. Cloud organizations must secure users data at the application, endpoint, storage area and device levels, etc., the providers need to find the right balance between privacy and flexibility. Some service provider environments may rob an organization's data with their flexibility. Since there are too many devices to control, securing access has become a top priority for cloud providers for organizations.

Maintaining secrecy of user's information is one of the major issues in cloud computing. The secrecy of user database should be maintained properly, or else information gets breached consistently. We came forward with a privacy preserving framework to solve privacy issues. Layered privacy approach may be a way to detect and isolate unusual threats. We are focusing on an integrated layered set up for proposing the privacy preserving framework. It is essential to protect privacy of one's information in the cloud data storage. A few notable areas where the privacy breach happens are,

• API-interfaced application infection (Third Party Interfering)

• Privacy data loss in mass storage area (Distributed Server Storages)

• Privacy at service provider level (Policy Framing and Organizing)

271 • Privacy at users/client level (Responsibility and supporting

272 providers by reducing unknown identifications)

273 • Not accomplishing any one of generic universal standard

274 and unique service level agreement for service providers

275 and harsh cipher laws like (EU-US-SWIS) on intruders.

276 EU-US-SWIS {European Union, United State and

277 Switzerland}

279 In such a Framework setup, each layer overlaps the previ-

280 ous layer. In this manner, whatever gets missed in the first

281 layer is caught by the second. To describe secrecy protocols

282 for each and every application in the cloud may bring in a cer-

283 tain amount of rigidity into the process of delivering IT-

284 services. So the purpose of this paper is to propose a model

285 for user entry-level restrictions for cloud service using Petri-

286 net distribution model, and a set of privacy metrics for pro-

287 posed user entry-level restriction. Finally this paper concludes

288 by suggesting a privacy enforcement exploiter authentication

289 technique for the cloud.

290 4. Proposed PPPF workflow model

291 Organization's personal data get unruffled and upheld com-

292 munally, and used by providers without the knowledge of

293 the cloud users. It is a violation of confidentiality within users

294 and may lead to a huge exposure of private data in the IT

295 world. These users trust their service providers and share their

296 precious information. It has been noticed from the literature

297 study of privacy preserving techniques in cloud data storage,

298 that it adopted some hand full of privacy policy to protect

299 the user's data from breaching. Those policies are claimed to

300 be more rigid because of the policy framing strategies. It was

301 adopted from The United State and The European Union

302 (US-EU) privacy policy.

303 Researchers ardently elicit the origin for privacy breaching

304 happening in and around the IT world since even the leading

305 cloud providers failed to accept their user's privacy kept con-

306 fidentially (Google, Amazon, SalesForce.com, VMware,

307 Dropbox, Social Networking providers, etc.) (Facebook

308 Vows to Fix Major Privacy Breach, 2011; WSJ, 2012;

309 LinkedIn Corp, 2012; Dropbox User, 2012). It is analyzed

310 and targeted to light up the user's privilege to possess and fur-

311 nish to set their privacy and endorsement of priceless data.

312 PERMIS authentication technique (Chadwick and Fatema,

313 2012) gave a vague idea for researchers to concentrate on this

314 big issue. It is presumed to have an influence on the whole IT

315 industry, E-governance, government secret information, busi-

316 ness, healthcare, individual privacy right, etc., as a landmark

317 to impede these issues and prevent all secret data leverage

318 and its breaching out. In this paper we are going to propose

319 a generic privacy preserving authentication approach shown

320 in Fig. 1 with cohesive Petri-net modeling and we designed a

321 framework using it to develop this loom. Our framework con-

322 sists of seven different modules inbuilt with four cohesive

323 Petri-net modules to surmount a silhouette.

324 In this section, we discuss the Petri-net Privacy Preserving

325 Framework, the main components of this system include

326 Cloud Service Request, User Validation, User Request Verifi-

327 cation, Cloud requestors Authorization and Cloud users

328 Authentication or response, which are presented in Fig. 2

and described in detail below (Chandramohan et al., 2012a, 329

b; 20 1 3). 330

• Cloud Service Provider 331

• Cloud Service Request 332

• Petri-Net Privacy Preserving Model 333

• User Request Verification 334

• User Validation 335

• Cloud requestors Authorization and 336

• Cloud users Authentication or response 337

Preserving one's data in cloud before getting invaded was a 339 risky responsibility for both providers and users. Fig. 3 gives 340 an invasion mitigation technique to minimize the risk factor 341

and develop a rigid trust on cloud providers. 342

Method Type CPr_CRq() 345

BEGIN 346

Get i/p for r and q 347

CPr: = Manipulate (CPs) 348

CPs checked with CRq and verify for Trust Policy Tpi; 349

For (CP - 0) 350

Do until ({CRq = = Tpi [CPi]}) 351

Return value for CP (Tpi): 352

If (CP ? (CRq< > 0)) then 353

State 1 = P; 354

CRq should satisfy Petri-net policy Pt 355

End 356

If (CRq = True) then verified and filter to next validation 357

State 2 = Pi* (Rq * Vn* Vt* CPpi)); 358

Repeat until delivers TRUE; 359

End 360

If (CRq = NP) then {New Policy (NP)} 361

State 3 = TNpi; 362

End 363

If (STn = = Return 1) then {State (ST) 364

IFF ({STn = (ST1 * ST2 * ST3)}) {IFF-ifand only if} 365

STn = Always Return 1; 366

End 367

Else 368

If (TRpi = ExSpi) 369

Then Validate & Authenticate: 370

SR, ? {TRp, Psi, Ex, Spi}; 371

Entree to Data; 372

Rq ? Recognized as authenticated user; 373

End 374

Else 375

Rq = RETURN 0; 376

Exit No Authorization; 377

End If 378

End For 379

End 380

A generic flow carried out in PPM Cloud Provider CPr, CRq 382 begin the process with input request 'q' and response with 383 'r', it manipulated as CPr: = Manipulate (CPs), and similarly 384

'CPs' checked with 'CRq' and verify for Trust Policy 'Tpi', 385 pre-defined policy verified until 'CP' refined to null and 386

'CRq should satisfy Petri-net policy 'Pi+\ let us prolong the 387

steps to complete the execution 'CRq' turned to be true. 388

Rapidly verify and filter to next validation State T2 = Pi * 389 (Rq * Vn * Vt * CPpi), once these steps get athwart then 390

JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18

Privacy preserving technique for cloud service user endorsement 5

Cloud Service Requestors

Cloud Service Provider

Petrinet Privacy Preserving Model

User Request Verification

User Validation

Cloud Request Authorization

Cloud Users Authentication

Figure 1 Petrinet privacy preserving framework-PPPF.

391 repeat until it delivers TRUE values. Now we arrived to end

392 the initial state. To carry forward the initial true values there

393 presents few pre-conditions as a quantitative measures

394 CRq = NP mitigating the privacy policy with EU-SW laws,

395 New Policy (NP) framed at State 3 i.e. TNpi end the policy

396 after nominal standard inherited. Once policies get validated

397 continue the verification whether STn returns to be true.

398 If and only if STn = ST * ST2 * ST3, STn will be always

399 true, otherwise TRpi = ExSpi is Validated & Authentication

400 process starts from SRi ? {TRpi, Psi, Ex, Spi}. After all these

401 truncation processes if any request gets passed by returning a

402 true value, 'Rq' he/she can be allowed or Recognized as

403 authenticated user to view the stored data and information

(Chandramohan et al., 2012a,b; 2013). If any one of the above 404

processes failed and is noticed to obtain a false state immedi- 405

ately the whole system gets truncated and 'Rq' response is 0 406

i.e. if no Authorization, he/she is rejected for requested service 407

and sent out from regular cycle. Simultaneously a log file is 408

maintained to verify and identifying if any user repeating the 409

vulnerable activities in future. If they are found to be one 410

among them they are punished according to the EU-policy 411

and law. The representation of PPPF-Petri-net Privacy Pre- 412

serving Framework is designed and structured to handle the 413

complex interaction with cloud requester and provider. Our 414

proposed framework has the ability to identify the Synchro- 415

nization, Sequentiality, Concurrency and Conflicts of different 416

cloud users to access their own data without disturbing other 417

cloud users' information. So many new researches have been 418

progressing to preserve the privacy of cloud user's informa- 419

tion. We came up with PPPF framework as a milestone to 420

achieve preserving user information in a cloud environment. 421

Each provider has their own privacy policy and law to protect 422

their data storage area located worldwide. We are climbing 423

from Facebook Vows to Fix Major Privacy Breach (2011), 424

WSJ (2012), LinkedIn Corp (2012), Dropbox User (2012) the 425

existing policies are not adequate to preserve users' confiden- 426

tiality. The proposed mitigation flow persuades to prevent 427

user's information from an unknown users grab. 428

Cloud Request Providers CPr riposte as per the customary 429

granted Trust Policy Tpi while CP — 0 && CP = 0. The retort 430

capitulation repeats until CRq < > 0. CRq tartan its medley 431

with Petri-net policy Pi and stick to set its conduit to pass 432

through {Rq, Vn, Vf, CPpi} and isolate consequently with this 433

conciliation rule TNpi and put forward the data availability 434

of stipulate user. If and only if all former steps get processed, 435

it gets verified correctly and the output response returns to be 436

true. Otherwise it truncates farther processing into the data 437

storage area. Similarly two factor authentication starts with 438

TRi and ExSpi to refine the consumer policy according to the 439

proposed method. It permits requested users by limiting their 440

Figure 2 Petrinet privacy preserving work flow in cloud.

441 accessibility and secrecy priority. It reiterates the whole

442 method for accessing cloud data storage area and allocates

443 confidential information to the correct user (Chandramohan

444 et al., 2012a,b; 2013).

445 Figs. 3 and 4 shows current progression works under the

446 umbrella of algorithm stated below and these steps are followed

447 continuously until the user gets identified. Their original data

448 are kept more confidential. Start with Request to the Cloud

449 Service Providers as {CSRi}Send Request to {CSPi}, repeat

450 request until it returns Concrete solution. {RRi} Repeat — 0

451 {Until} RRi fl Es(CSPi - CSRi) {Es-EXPECTED SERVICE},

452 Es(CSPi — CSR^ Expected service gets salvage prop up then,

453 go to the previous and promote state of affairs to obtain the

454 truthful user. CSPi P p {CUai + PPMi (URv + Uv +

455 CRai)}. This shows the Privacy Preserving Algorithmic

456 approach for the proposed framework in Figs. 1 and 4 and

457 its internal doling out with the help of Fig. 5. Leading research

458 scholars deal with this issue to enhance the privacy features as a

459 deterrent footstep for the preservation of user's data (see

460 Figs. 6-13).

461 Cloud users' verification and their validation carried out

462 with PPPF and its seven different modules are designed as high

463 cohesion intra-modules that shall have an influence on the next

464 module authentication and carry forward the request query.

465 Clients need authorization from cloud providers to get their

466 quantifiable services. {CPai} Repeating a verification course

467 of action in all intra-modules with cohesion principle,

468 NAi ± Qs¥ (CSPi + CSRi) {Qs-Quantifiable Service}. These

469 evaluation factors are manipulated by Qs (CSPi + CSRi),

470 For NAi ± Qs¥ (CSPi + CSRi) where i = {0, 1, 2, 3 ... n};

471 Iff it- may get assorted as per cloud user notations, constraint

472 and attributes exploits by particular authentication evolution

473 waiting to reach the final destination CSR fl CSP &&

CSRi < >CSPi. 474

Step 1: CRPn = URi + p ({Rszn*Rsqn*Rcyn*Rcf„}) 477

Step 2: if 2S2C Rszn = TRUE; then goto Step 6: 478

RETRUN 1; Else 479

Step 3: CRPn = UR, + p ({0*Rsqn*Rcyn*Rcfn}) 480

Step 4: CRPn = UR, + P ({0}) 481

Step 5: CRPn = {0}; Return 0; End; // {0, 1, 1, 1}; or {0, 0, 0, 0}; 482

or {0, 1, 1, 1}; 483

Step 6: CRPn = UR, + P ({Rszn — 0*Rsq„*Rcy„*Rcf„}) 484

Step 7: CRP„ = UR,■ + P ({1*Rsq„*Rcy„*Rcf„}) 485

Step 8: if 2S2C step 7 — 0; continue with residual 7 PPCT 486

modules to Return: 1; 487

//{1, 1, 1, 1}; or {1, 0, 0, 0}; or {1, 1, 1, 1}; 488

Else goto step: 5. Return: 0; End; 489

The following Petri-net Preserving Framework properties have 491

to solve the complexity among the interactions through 4 basic 492

self requirements and Fig. 3 all the providers' and clients' 493

request should be communicated through these principles 494

namely synchronization (Rsz), sequentiality (Rsq), concur- 495

rency (Rcy) and conflicts (Rcf). 496

• Liveness - Cl 497

• Safeness - Cs 498

• Boundedness - Cb 499

• Conservation - Cv 500

• Reachability - Crc 501

• Place Invariant - Cpivt 502

• Priority Levels - Cpl 503

• Reliability - Crty 504

Step 1: Start with Request to the Cloud Step 1: Begin Cloud Service

Service providers as providers service to users requests

{CSR}Send Request to {CSP} {CSP}Send Response to {CSR}

Step 2: Repeat request until it returns CSRi < >CSP,

Concrete solution. Step 2: Clients need authorization from

{RRi} Repeat — 0 {Until} Cloud providers to get their quantifiable services.

RRi n Es (CSPi — CSRi) {CPai} Repeat 1: do

{Es-EXPECTED SERVICE} NAi ± Qs¥(CSPi + CSRi)

Step 3: Es (CSPt — CSR,) Expected service {Qs-Quantifiable Service}

get salvage prop up then, Step 3: Qs(CSPt + CSR);

go to step 5: Step 4: Iff only then

Step 4: Starts a loop for CSPi P P {NAi + MA(URv + Uv + CRai)}

CSPi P p {CUai + PPM(URv + Uv + CRai)} Continue step2 and end it

do ... else

The process as per user authentication, For NAi ± Qs ¥(CSP, + CSR)

End; Return 1: Repeat step 3 until CSPi reached an i = {0,1,2,3, ... n};

authorization state

Else i- may get varied as per their notations and parameters and attributes.

Exit; Return 0: the Request process through valid Step 5: Authorization get verified as per their validation measures, verification

exception and followed below, do techniques, quality measure, scaling measure, etc.

Step 5. CSRQCSP end exit

CUai ? Cloud User Authentication,

URv ? Requested User Verification,

Uv ? User Validation, Step 6:End; Return 61: Repeat step 2 until

RRi ? Repeat Request CSRi gained an authentication state

CRai ? Cloud Requestor authorization, Else end Return null

PPMi ? Layers framed using {URv, Uv, and CRa} Exit; the Request process by through valid exception and

Step 7.CSRQCSP&& CSRi< >CSPt

End; NAi ? Need Authorization, MAv ? Maturity Verification,

JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18

Privacy preserving technique for cloud service user endorsement 7

Reliabil ity

Reliability Crty Reliability

Crty Reliability Crty Crty

CRPn = {Rszn, Rsqn, Rcyn, Rcf„} SSCC / 2S2C

Place Invariant Cpivt

Cpivt Place Invariant

^îlf tu

Boundedness

Boundedness Cb Boundedness

Cb Boundedness Cb Cb

Place Invariant Cpivt

Cpivt Reachability

Reachability Crc Reachability

M Crc Reachability Crc

Conservation Cv

Conservation Cv

Conservation Cv

Conservation Cv

Figure 3 2S2C privacy preserving cohesion technique.

Cloud Client Request (CRq)

Trust policy

Rq=T, check Tpi No

Selecting pertinent Policy (Pi)

CRq < > 0

Submit to requesters (Rq, V»,Vt and CPpi)

Segregating as per negotiation rules

(TNpi)

Rq Policy converse-False

TRpj=ExSpj

^ True-Rq recognized

Psi"»SR

CPp^ Cloud Provider policy

CRq^ Cloud Requestor Policy

TPj^ Trusted Policy regulations

TNp^Trusted Negotiation policy regulations

TRpi-^Targeted Service request

ExSpi^Expected Service as per Cloud provider policy

Rq^Internal and External Request policies

V^ Internal and External Verification regulation

Vt^Internal and External Validation regulation

Figure 4 Sequential dynamic privacy preserving cloud service flow.

552278

D. Chandramohan et al.

Users Privacy Breach Prevention at End Point

CD Provider CD Req

CRXL...CRX., j CRy^^CRy.,

y I ""■----...

Different Providers

CDP,i CDP,2

Typical Requestors

Breach Trigger

Different Providers

I DPi Y_

"G,"- DP, ->|-

^ "G,"- DP,.....DPn

CRxi.. ..CRxn

Info Blocked

Typical Requestors

CRxn-1

CRxn-1

Oy- TRL. TR

CRy,....CRyn

Figure 5 Privacy breach prevention at cloud user's end point.

Preliminaries

Cloud Request Provider (CRPn) = {Rszn, Rsqn, Rcyn, Rcfn}

Synchronization (Rsz), Sequentiality (Rsq), Concurrency (Rcy) and Conflicts (Rcf) (2S2C), where the request gets varied accordingly form 0 to n and it is denoted as Request synchronization various form (0-n), Request Sequentiality various form (0-n), Request Concurrency various form (0-n) and Request Concurrency various form (0-n), where the 2S2C delivers its cohesive nature form this scenario by comparing with each service request and the condition applied by the provider. In this section we introduce the origin of 2S2C into the proposed framework as an ordinal highly cohesive module to verify user identification and their originality. Later the dynamic event driven function as priorities and decision making are carried out by definition and axioms described in this section.

Axiom 1

Cloud Request Provider (CRPn) = {Rszn, Rsqn, Rcyn, Rcfn}

Definition 1. Requester's inputs are mounted to verify and validate the user's identity for accessing information in the cloud using our proposed SSCC pre-requesting privacy cohesion technique. SSCC (Synchronization, Sequentiality, Concurrency and Conflicts also named as 2S2C technique)

Rcyn(Rsq1) = {Rsz1} Rcyn(Rsq2) = {RSZ2} Rcyn(Rsq3) = {RSZ3} Rcyn(Rsq4) = {Rsz4}

Rcfn(Rsq1) = {Rsz2, Rsz3} Rcfn(Rsq2) = {Rsz4} Rcfn(Rsq3) = {Rsz5} Rcfn(Rsq4) = {Rsz2}

Rcyn(Rsq5) = {Rsz4, Rsz5} Rcfn(Rsq5) = {Rsz1}

Definition 2. Sequential Execution: The sequential execution (SE) and its execution Sj can fire only after the firing of Si. This imposes the precedence constraints Si & Sj. Such precedence constraints are typically of the execution as a part of a dynamic system.

SEN-—1{Si, Sj} Iff Sj starts functioning only when Si is done with its verification.

Definition 3. Synchronization System: In the system while integrating and verification of highly cohesive synchronized execution process require a multiple resources to run in real-time system. Their state Sz gets enabled only when two different executions trigger and request St to get all (z', z") possible

results. Sz

Definition 4. Concurrency Identification: Cy deposits and verifies user request in two or more places to deliver correct user interaction ti, tj and System interaction (SIt) Si, Sj.

Cy ! (SIt((S„ Sj)*(t,, tj)))

Definition 5. User Conflict: If the user's response probability distributions get conflict with actual state (Cli/Clj) turned off to continue with the requested operation.

If (li = +ve) then

Continue to next position verification state; Deactivate "lj", {li = 0}; Return 0; Else

(li = +ve) make li as + ve State;

{lj = 0}; Deactivate li; & Return 0: procedure;

End If

(1) Cf = +ve : (Cli : Clj);

Rszn = {Rsz15 Rsz2, Rsz3, Rsz4, Rsz5};

Rsqn = {Rsq1,Rsq2,Rsq3,Rsq4, Rsq5}; , D .

> 2S2C Privacy Preserving Cohesion Technique (2)

Rcyn = {Rcy1, Rcy2; Rcy3; Rcy4; Rcy5}; Rcfn = {Rcf1, Rcf2, Rcf3, Rcf4, Rcf5};

JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18

Privacy preserving technique for cloud service user endorsement 9

Rszn Rsqn Rcyn Rcfn CLn

Step 1: CLn input is checked with 2S2C technique if it returns 1 go to next level else

Step: 2 If the resultants of step 1 return 0: then CLn check with next set of combinations until it returns 1 to make its true combination with next set of inputs.

Step 3: Repeat step 1 and 2: for all set of Modules in 2S2C technique and make sure until it returns 1.

Step 4: As per the 2S2C-PPPF algorithm, the input condition check with all combinational logic and returns false (0) and one combination return true (1)

Figure 6 2S2C privacy preserving logic diagram.

Figure 7 State transition diagram representation of 2S2Ci-modules in PPCT.

(a) (b)

Figure 8 (a, b) PPPF verification and validation of minimal-support T-Invariants and Linear Combinational construction of privacy conflict in cloud data storage.

571 In order to define the axioms of 2S2C its attributes are

572 debut by {SE, Sz, Cy, Cf} respectively, (Synchronization

573 (SE), Sequentiality (Sz), Concurrency (Cy) and Conflicts

574 (Cf)). The privacy preserving module is defined as PPMi vali-

575 dated with respect to i value which can be varied from i = (1

576 to n). In 2S2C scenario n has the maximum probability of 1

577 to 8. Similarly the liveness of first privacy module verification

578 of user request and their data is represented as (PCL0). Their

579 internal function f is calculated as per the transactions 't'

580 and the number of places 'p' required to complete a task f

581 (Tn, Pn).

582 Axiom 2

583 We define 2S2C as an axiom in our proposed PPPF using

584 definitions 1, 2, 3, 4, and 5. It should act consequently with dif-

585 ferent request and repeat the execution and generate its out-

586 come represented in axiom 2.

Figure 9 Privacy breach identified in recent years arise from leading Cloud Service Providers.

Privacy preserving technique for cloud service user endorsement

Resolution for Conflicting Transitions Probability Priority

T1 0.3 0.8

T2 0.5 0.6

T3 0.5 0.9

T4 0.5 0.1

T5 0.6 1.6

T6 0.8 2.9

T7 0.1 3.7

T8 0.5 4.2

T9 0.7 9.0

T10 0.3 12

Probability

Priority

T2 T3 T4 T5 T6 T7 T8 T9 T10

Transition Conflict

Figure 10 PPPF probability and priority privacy transition conflict in cloud data storage.

(a) (b)

Figure 11 (a, b) Global privacy breach prevention in data storage area using PPM.

Figure 12 (a, b) PPPF users secrecy prevention during data transitions request and response in the cloud.

{SE,SZ, Cy, Cf} -

' Rszn = {Rsz1, Rsz2, Rsz3, Rsz4, Rsz5} ; Rsqn = {Rsqi, Rsq2, Rsq3, Rsq4, Rsq5}; Rcy„ = { Rcyi, Rcy2, Rcy3, Rcy4, Rcy5} ; Rcfn — { Rcfi, Rcfz, Rcf3, Rcf4, Rcf5} ; SEN=^{Si, Sj}; S {St};

Cy ! {SIt ((Si, S;)*(ii, j)) ); Cf(ij) — +ve, [Cl, = 0], [Clj = £];

By converting into mathematical form T, * f(2S2C) f(Tn, Pn ) —2n

f(Tn, Pn) — 2n where n — {0,1,2, and 3} respectively as per 2S2C.

{f(Tn,Pn) — 2n} ) {f(To,Po) — 20, f(Ti,Pi) — 21, f(T2,P2) — 22, f(T3,P3) —23}

{f(Tn, Pn)—2n} ) {1,2,4,8}

598 600

Theorem 1. Let PPPF as PPMi protect the sensitive data 602

(5) present at the data center, by blocking multiple unknown 603

users' hands on confidential information stored in the cloud. 604

PPMi framework modules are communal to verify and are 605

checked with privacy 2S2C technique at each and every level. 606

t combinations

Figure 13 2S2C combinations in logical truth value portrayal.

607 User identification management gets interacted and authorized

608 according to the policy agreement between cloud users and

609 providers. The bonding among sub-system structure modules

610 are intra-dependent on each other so each input and output

611 sub tasks are dependent on 2S2C evaluation.

Proof. Now, PPMi modules are verified with 2S2C cohesion 612

technique in all possible conditions (initial, typical, custom, 613

and medium). Let's check the trial and error method to verify 614

the possibility of getting penetrated or blocking user into 615

source data 'Di'. 616

PPMi here let's consider i = N, where {N = (n + 1)}, 617

PPMi = Pn + f(Tn,Pn). 618

Liveness- C 619

In 2S2C {Rszn, Rsqn, Rcyn, Rcfn} = 2n where n = 620

{0, 1, 2, 3 ..., n} technique users input (information) parame- 621

ters are checked periodically with Cloud Request Provider 622

(CRPn) validating their suitability of accessing information 623

Table 2 Recent confrontation identified in leading cloud service providers.

Recent confrontation Facebook Google Dropbox Linkedln

2009 0 0 0 0

2010 0 0 1 0

2011 1 0 0 0

2012 0 1 1 1

Table 1 2S2C privacy preserving verification and validation.

Present state Input Next state Output

Rszn Rsqn Rcyn Rcfn CLn Rszn * CLn Rsqn * CLn Rcyn * CLn Rcfn * CLn CRPn = CLn + P ({Rszn * Rsqn * Rcyn * Rcfn})

0 0 0 0 0 0 0 0 0 0

0 0 0 0 1 0 0 0 0 0

0 0 0 1 0 0 0 0 0 0

0 0 0 1 1 0 0 0 1 0

0 0 1 0 0 0 0 0 0 0

0 0 1 0 1 0 0 1 0 0

0 0 1 1 0 0 0 0 0 0

0 0 1 1 1 0 0 1 1 0

0 1 0 0 0 0 0 0 0 0

0 1 0 0 1 0 1 0 0 0

0 1 0 1 0 0 0 0 0 0

0 1 0 1 1 0 1 0 1 0

0 1 1 0 0 0 0 0 0 0

0 1 1 0 1 0 1 1 0 0

0 1 1 1 0 0 0 0 0 0

0 1 1 1 1 0 1 1 1 0

1 0 0 0 0 0 0 0 0 0

1 0 0 0 1 1 0 0 0 0

1 0 0 1 0 0 0 0 0 0

1 0 0 1 1 1 0 0 1 0

1 0 1 0 0 0 0 0 0 0

1 0 1 0 1 1 0 1 0 0

1 0 1 1 0 0 0 0 0 0

1 0 1 1 1 1 0 1 1 0

1 1 0 0 0 0 0 0 0 0

1 1 0 0 1 1 1 0 0 0

1 1 0 1 0 0 0 0 0 0

1 1 0 1 1 1 1 0 1 0

1 1 1 0 0 0 0 0 0 0

1 1 1 0 1 1 1 1 0 0

1 1 1 1 0 0 0 0 0 0

1 1 1 1 1 1 1 1 1 1

JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18

Privacy preserving technique for cloud service user endorsement 13

Table 3 PPPF-minimal-support T-Invariants and Linear Combinational construction verification of privacy conflict in cloud data

storage.

Minimal support Linear Combinations constructed

T-Invariants

T1 30 150 69 39 54 11 34 51 107 88

T2 16 80 37 21 29 6 18 27 57 47

T3 0 0 0 0 0 0 0 0 0 0

T4 15 75 35 20 27 5 17 26 54 44

T5 0 0 0 0 0 0 0 0 0 0

T6 0 0 0 0 0 0 0 0 0 0

T7 0 0 0 0 0 0 0 0 0 0

T8 15 75 35 20 27 5 17 26 54 44

T9 1 5 2 1 0 1 2 4 3 0

T10 0 0 0 0 0 0 0 0 0 0

Table 4 PPPF resolution for conflicting transitions, probability and priority of privacy conflict in cloud data storage.

Resolution for conflicting transitions Probability Priority

T1 0.3 0.8

T2 0.5 0.6

T3 0.5 0.9

T4 0.5 0.1

T5 0.6 1.6

T6 0.8 2.9

T7 0.1 3.7

T8 0.5 4.2

T9 0.7 9.0

T10 0.3 12

624 stored in the cloud. The user's request URi communicates with

625 the cloud through our proposed technique as a privacy pre-

626 serving measure, according to our approach the request is sent

627 to PPCT-Privacy Preserving Cohesion Technique that consist

628 of eight different modules PPMi where i = {0, 1,2, ..., 7},

each and every input module gets hold of validation with the liveness module of 2S2C technique Cl, later its output acts as an input to subsequent modules. If liveness is inequitable, it throws its first exception info and exits from its farther symmetric cycle.

Let us consider the single sequence input request carried out inside 2S2C with zeroth module 'Cl'.

PPM, = PClo

(PClUi = PCLn + f(Tn, Pn)

(PCL)n+1 = MPn + f(Tn, Pn) * MPn - Current Module of PPM i.e. PCLn

Initially start with n = 0,

PClo + i = MPo + f(To,Po) * f(Tn, Pn) = 2n according to Axiom 2

PCL1 = MP1 + 20 PCli = 1 + 1 PCli = 2;

The result shows positive implication with 2S2C single input, similarly we have to verify with the rest three inputs,

Table 5a Global privacy breach prevention in data storage area using PPM.

Place name Arrival sum Arrival rate Arrival dist Throughput sum Throughput rate Throughput dist Waiting time Queue length

P1 171 0 0 125 0 0 0 0

p2 237 0 0 176 0 0 0 0

p3 171 0 0 188 0 0 0 0

p4 341 0 0 00 0 0 0

p5 88 0 0 75 0 0 0 0

P6 385 0 0 00 0 0 0

p7 280 0 0 00 0 0 0

Table 5b Global privacy breach prevention in data storage area using PPM.

Place name Arrival sum Arrival rate Arrival dist Throughput sum Throughput rate Throughput dist Waiting time Queue length

p1 167 0 0 66 0 0 0 0

p2 95 0 0 107 0 0 0 0

p3 219 0 0 229 0 0 0 0

p4 266 0 0 00 0 0 0

p5 114 0 0 105 0 0 0 0

p6 368 0 0 00 0 0 0

p7 441 0 0 00 0 0 0

662 663

Now put n = 1 in Eq. (6),

PCl1 + 1 = 2 + f(Tx,Px) [* PCLl = 2]

PCL2 = 2 + 21 ['.' f(Tn, Pn) — 2" according to Axiom 2]

PCL2 = 4;Now put n = 2 in Eq. (6),

PCL2+1 = 4 + f(T2, P2)[v PCl2 = 4]

PCL3 = 4 + 22 [* f(Tn, Pn) = 2n according to Axiom 2]

PCL3 = 8;Now put n = 3 in Eq. (6),

PCl3+1 — 8 + f(T2,P2)[v PCl3 — 8]

Cl0 —

Cl3 — '

Cl2 — <

+ 23[* f(Tn, Pn — 2n accordingtoAxiom2]

L2, PCl3, PCL4} — {2, 4,8,16}

0 1 11 0 1 11

0 0 00 1 0 00

0 1 11 0 1 11

0 0 11 0 1 11

0 0 00 1 1 00

0 1 11 0 1 11

CL1 — <

0 0 01 0 1 11

0 0 00 1 1 10

0 1 11 0 1 11

0 0 00 0 1 11

0 0 00 1 1 11

0 1 11 - 0 1 11

0 1 11 0 1 11

0 0 00 0 0 10

1 1 11 1 1 11

0 1 11 0 1 11

1 0 10 0 0 01

1 1 11 1 1 11

L J CL4 — < L

0 1 11 0 1 11

1 0 01 0 1 11

1 1 11 1 1 11

0 1 11 0 1 11

0 1 00 0 1 10

1 oc 11 1 1 11

0 1 11

0 0 00

1 1 11

0 1 11

1 0 00

1 1 11

0 1 11

1 1 00

1 1 11

0 1 11

1 1 10

1 1 11

CL5 —

0 1 11

1 1 11

1 1 11

CLn ! Cloud Liveness Wheren — {0,1,2, ...n}

If and only if all the 2S2C inputs get verified and the results 668

indicate a positive signal, then the 'PCL' overall output is car- 669

ried forward as an input value to PPMi the subsequent next 670

module. Similarly same process is repeated until PPMi and 671

2S2C cohesive technique gets verified and indicates a positive 672

response to the requested user. Immediately the user request 673

gets quit from PPMi workflow if any one of its module indi- 674

cates a negative sign (i.e.) the request is identified to be 675

unknown. 676

The 2S2C iteration and its module are verified with the rest 677

of PPMi form 1 to 8, Cloud request Safeness (Cs), Cloud 678

Request Boundedness (Cb), Cloud Conservation (Cv), Cloud 679

Request Reachability (Crc), Cloud Request Place Invariant 680

(Cpivt), Cloud Request Priority Levels (Cpl), Cloud Request 681

Reliability (Crty) and 2S2Ci. 682

Cloud providers (CRx1.. .CRxn), Cloud requestors 683

(CRy1.. .CRyn), Different Providers are defined by CRx CRx1 684

and Typical Requestors (TR) are denoted as (CRxn_! CRxn) 685

and (CRxn_!, TRi, CRxn_i, CRxj...CRxn). TR^'O" 686

initialized with cloud requestors CRxn_1, Oy-TR1.. .TRn. with 687

respect to "Q" CRx, DP1 and "Gx" DPx CRy1.. .CRyn. 688

5. Experimental methodology and result analysis 689

In this experimental methodology section, we first present the 690

control logic flow representation for the 2S2C technique. It is 691

then proceeded to necessary verification and validation for a 692

trusted authorization, which supports a state transition model- 693

Table 6a PPPF secrecy prevention in transitions states.

Transition Service Service Service Service Utilization

name sum rate dist time

t1 66 0 0 0 0

t2 53 0 0 0 0

t3 113 0 0 0 0

t4 114 0 0 0 0

t5 131 0 0 0 0

t6 226 0 0 0 0

t7 22 0 0 0 0

t8 53 0 0 0 0

t9 7 0 0 0 0

t10 215 0 0 0 0

666 667

In PCLn, {2, 4, 8, 16} ) 2S2Ci = {(2S2C0, 2S2Q, 2S2C2, 2S2C3)}; where i = {0, 1, 2, 3}.

Table 6b PPPF secrecy prevention in transition states.

Transition Service Service Service Service Utilization

name sum rate dist time

t1 119 0 0 0 0

t2 84 0 0 0 0

t3 88 0 0 0 0

t4 88 0 0 0 0

t5 140 0 0 0 0

t6 148 0 0 0 0

t7 113 0 0 0 0

t8 83 0 0 0 0

t9 5 0 0 0 0

t10 132 0 0 0 0

L4 —

JKSUCI 193 20 November 2015 ARTICLE IN PRESS No. of Pages 18

Privacy preserving technique for cloud service user endorsement 15

Table 7 PPPF Coverability Tree - Text Mode M [p1, p2, p3,

p4, p5, p6, p7]; M = [100, m]; M0 = ; [100, 200].

From Fired To

M0 T0, T1 M1

M1 T1, T2 M2

M2 T2, T3 M3

M3 T3, T4 M4

Mn TN M.+ 1

Table 8 PPPF input invariance IM preservation time in mSec.

CA(n) CPn-Time Invariant in mSec

CA(0) 305.0035

CA(1) 205.0073

CA(2) 307.0037

CA(3) 127.0062

CA(4) 9.0037

CAn Cn1, Cn2, Cn3, ... Cn - 1, Cn, Cn + 1

ing for the proposed cohesive technique. The experiment analysis is followed with necessary comparison and evaluation parameters. The proposed flow is evaluated with the Petri-net (PN) tool to check its efficiency in normal, medium and critical scenarios. Then we compared the PPPF with the existing privacy frameworks and its features are illustrated with a table representation, which shows the PPPF implementation architecture performance is comparatively high in all scenarios.

Table 1 illustrates the clear mock-up identification of recent privacy breach happened globally by leading cloud providers. Facebook vows to fix major privacy breach-Australian report-sep-2011 (Facebook Vows to Fix Major Privacy Breach, 2011). Google pays $22.5 million to settle privacy charges: July-2012 WSJ-Wall Street Journal (WSJ, 2012). Linkedln sheds more light on Privacy Breach, san-fancisco: LinkedIn corps criticized for inadequate network security after hackers exposed millions of its user's passwords Jun-2012 (LinkedIn Corp, 2012).

Dropbox confirms it got hacked, will offer two-factor authentication. Spammers used stolen password to access a list of Dropbox user e-mails. Aug-12 (Dropbox User, 2012). Salesforce.com sent an e-mail to its customers notifying them that a variety of recent phishing attacks against salesforce and officially confirmed they are hacked (www.zdnet.com) (see Table 2).

2S2 Ci ? Where {i = 0, 1, 2...15}, PPCTi ? Where {i = 0, 1, 2...7}, 2S2C - {Synchronization (Rsz), Sequentiality (Rsq), Concurrency (Rcy) and Conflicts (Rcf)}, PPCT-{Privacy Preserving Cohesion Technique}, NMt-Next Module present in PPCT-Technique.

All input requests are processed through the proposed system (2S2C-PPCT), where PPCT consists of eight different modules and 2S2C has four different qualitative attributes, these attributes are considered in digital logic combinational approach starting from 0 to 15, unerringly the system checks 16 different combinations i.e. (0000, 0001, 0010,... 1101, 1110, 1111) and communicates with those four qualitative attributes. Two different input states {0, 1} are checked with these combinations to arrive at an authenticate and authorized state. It is explained in Fig. 5 with the help of a transition state diagram. Correspondingly Fig. 5 processes all eight different modules {Liveness-Cl, Safeness-Cs, Boundedness-Cb, Conservation-Cv, Reachability-Crc, Place Invariant-Cpivt, Priority Levels-Cpl, Reliability-Crty} in same way by communicating with {Rsz, Rsq, Rcy, Rcf}.

Table 10 Input invariance IM preservation time in mSec.

A(n) Time invariant in mSec

A(0) 408.0059

A(1) 409.0059

A(2) 409.0063

A(3) 274.0084

A(4) 9.0054

An n1, n2, n3, ... n — 1, n, n + 1

Table 9 Privacy preserving representation in complex logical interaction of PPPF.

Consistent

Structural enabling bound (SE)

TI PI SE SE SE SE SE SE SE SE SE SE

T1 T2 T3 T4 T5 T6 T7 T8 T9 T10

P1 B X Y Y Y UD UD UD UD UD UD UD UD UD UD

P2 UB X Y Y Y D D UD UD UD UD D UD D UD

P3 B Y Y N Y UD D D UD D UD UD D UD UD

P4 B X Y N Y UD UD D UD UD D D UD UD UD

P5 UB Y Y N Y UD UD UD D UD UD UD UD D UD

P6 UB X Y N Y UD UD UD UD UD D D UD UD UD

P7 UB X Y N Y UD UD UD UD UD D D UD UD D

D. Chandramohan et al.

5.1. Minimal-support T-Invariants

n-Rank (A) = 3 => at most T-Invariants are linearly independent Linear Combinations constructed with these vectors are displayed after 2nd column (see Tables 3-9).

and responses as Tn = {T1, T2, T3, T4, T5, T6, T7, T8, T9, T10} and its input variance IM = [At (A0 * AJ}

Ai (Ac — Ai) ? IM = Ai (Tn * Pn) IM = Ai (T10 * P7)

<?xml version = "1.0"?> <Color> black</Color>

<PNToolbox> <PPMMessage>Firing transition t2</PPMMessage>

<PPMModel_name >PPM.xml</PPMModel_name> <Label>

<Type>2</Type> < !-- T-timed CPN-- > <Name >t2</Name>

<Seed>66</Seed> < !-- initialseed-- > <Offset> 0.70,-0.34< /Offset>

<Place> < !-- placedefinitionCRn -- > <Visible>yes</Visible>

<Id>p1 </Id> < !-- place'sid CPn-- > </Label>

<Value>5,43</Value> <Time>

<Color>black</Color> <PPMDistribution>cont. uniform</PPMDistribution>

<Label> <PPMParameters>2.5,7</PPMParameters>

<Name >Cp1</Name> </Time >

<Offset> 0.50,-0.20< /Offset> </PPMTransition>

<Visible>yes</Visible> <PPMArc>

</Label> <Id>a1 </Id>

<PPMInitialMarking>5</PPMInitialMarking> <From>p1</From>

<PPMCapacity>Inf< /PPMCapacity> <To>t1</To>

</Place> <Style>1</Style>

<PPMTransition> <Type>1</Type>

<Id>Ct1</Id> <Color> black</Color>

<Value>8 ,45</Value> <Weight>2</Weight>

<Color>black</Color> </PPMArc>

<PPMMessage>Firing transition Ct1</PPMMessage > <PPMArc>

<Label> <Id>a2 </Id>

<Name >t1</Name> <From>p1</From>

<Offset> 0.41,-0.12< /Offset> <To>t2</To>

<Visible>yes</Visible> <Style>1</Style>

</Label> <Type>1</Type>

<Time> <Color> black</Color>

<PPMDistribution> constant</PPMDistribution> <Weight>3</Weight>

<PPMParameters>3< / PPMParameters> </PPMArc>

</Time > <PPMProbability>

</PPMTransition> <PPMTransitions>t1 ,t2</PPMTransitions>

<PPMTransition> <Values> 0.25,0.75</Values>

<Id>t2</Id> </PPMProbability>

<Value> 6,37</Value> </PNToolbox>

User Request-UR; Bounded-B; UN-Bounded-UB; Structured Boundedness-SB; Structured Conservativeness-SC; True-Y; False-X; Repetitiveness-R; TI-T-Invariant; I-P-Invariant; Determined-D; Undetermined-UD; Consistent-C; Structural enabling Bound-SE.

An incidence Matrix form of cloud service exchange and user interaction is happening at different service request and its privacy verification and evaluation process is denoted in the form of a matrix Ai (A0 * Ai). Cloud service exchange is denoted by Pn = {P1, P2, P3, P4, P5, P6, P7}, Interaction service request

Table 11 Different data privacy preserving frameworks in the cloud and their prime factors compared with PPPF.

Comparison of GEODAC DPPCSF CS- PPPF

frameworks MPCF

Policy based approach P X X p

Symmetric key X P X p

encryption

Key derivation X P X p

algorithm

State machine P X X p

representation

Petrinet layers X X X p

Watermark detection X X p X

Compressive sensing X X p X

Cohesive technique X X X p

Privacy preserving technique for cloud service user endorsement

A, — (10 * 7)

Aq — (10 * 7)

A — (Aq - A,)

1 0 0 0 0 0 0

0 1 0 0 0 0 0

0 0 1 0 0 0 0

0 0 1 0 0 0 0

0 0 0 0 0 0 0

0 0 0 0 0 0 0

0 0 0 0 0 0 0

0 1 0 0 0 0 0

0 0 0 0 15 0 0

0 0 0 0 0 0 0

0 1 0 0 0 0 03

0 0 0 0 0 0 0

0 0 1 1 0 0 0

1 0 0 0 1 0 0

0 0 0 1 0 1 0

0 0 0 0 0 0 1

0 1 0 1 0 1 0

1 0 1 0 0 0 0

0 1 0 0 0 0 0

0 0 0 0 0 1 1

r -1 1 0 0 0 0 03

0 -1 0 0 0 0 0

0 0 0 1 0 0 0

1 0 -1 0 1 0 0

0 0 0 1 0 1 0

0 0 0 0 0 0 1

0 1 0 1 0 1 0

1 -1 1 0 0 0 0

0 1 0 0 -15 0 0

0 0 0 0 0 1 1

Table 10 shows the timed invariants and its iterations happen in these stipulated time intervals from different users to Cloud Service Providers.

Designs of privacy preserving cloud storage framework, GEODAC framework and a compressive sensing based framework have been proposed literally to preserve user information in the cloud. Huang et al. (2010) privacy framework the researchers concentrated on symmetric key encryption algorithm clustered with lazy revocation, multi-tree structure, and extirpation based key derivation algorithm. Li et al. (2011) framed a policy based privacy framework to preserve data in the cloud. Wang et al. (2014) studied the multimedia privacy issue and developed a compressive sensing based framework using MCP which protects semi-trust users. PPPF demonstrates the data privacy potency in a cloud storage area with Petri-net based cohesive framework to preserve and prevent the cloud user's data privacy. The paper analyses the effectiveness of PPPF and its feasibility by comparing existing frameworks in Table 11. PPPF identifies the un-trusted users and voids their services if they are trying to access the private information stored in the cloud.

6. Conclusions 787

This paper discusses the need for a generic privacy preserving 788

framework, which performs a decisive task in preserving user's 789

confidential data, which is stored in the cloud storage service 790

provider. The Gargantuan rise in the cloud service era, may 791

lead to users losing control over the storage environment. 792

However, users software, applications, platform, entertain- 793

ment, E-governance along with the list growing as it tries to 794

satisfy the ever-growing concerns of service users valuable data 795

pertained in the cloud service utilization. Cloud users are com- 796

pelled to share their complete niceties and information to the 797

providers by accepting cloud provider's terms and conditions. 798

Only 5% to 10% of the users are aware of the fact that the pro- 799

vider has access to their personal information. This is a serious 800

issue in the emerging cloud storage world. This paper 801

addresses these issues and proposes a novel generic approach 802

with framework to protect and preserve the user's privacy. 803

Future work should be there focusing on improving the algo- 804

rithm, policy and authorization strategies in dynamic real time 805

cloud environment to adapt its practicability without effecting 806

the performance of cloud computing. 807

Acknowledgements 808

This work is a part of the Research Project sponsored under 809

the scheme of Major Research Project, UGC, India. Reference 810

number F.No. 41-616/2012 (SR), dated 18 July 2012. The 811

authors would like to express their thanks for the financial sup- 812

port offered by the Sponsored Agency. 813

References 814

Al-Muhtadia, Jalal, Hillb, Raquel, Al-Rwaisa, Sumayah, 2011. Access 815

control using threshold cryptography for ubiquitous computing 816

environments. J. King Saud Univ. - Comput. Inf. Sci. 23 (2), 71-78. 817

Chadwick, David W., Fatema, Kaniz, 2012. A privacy preserving 818

authorization system for the cloud. Elsevier-J. Comput. Syst. Sci., 819

1359-1373 820

Chandramohan, D., Vengattaraman, T., Basha, M.S.S., Dhavachel- 821

van, P., 2012. MSRCC-Mitigation of security risks in cloud 822

computing, Springer Book Series-AISC-2012, India, vol. 176, doi: 823

http://dx.doi.org/10.1007/978-3-642-31513-8_54, ISBN: 97 8-3-642- 824

31513-8, pp. 525-5 32 . 825

Chandramohan, D, Vengattaraman, T., Dhavachelvan, P., 20 1 2. 826

HPPC-hierarchical Petri-net based privacy nominal model 827

approach for Cloud. In: Annual IEEE India Conference (INDI- 828

CON) Kochi, 2012, 1052, doi: http://dx.doi.org/10.1109/INDCON. 829

2012.6420771, ISBN: 978-1-4673-2270-6. pp. 1047-1052. 830

Chandramohan, D., Vengattaraman, T., Rajaguru, D., Baskaran, R., 831

Dhavachelvan, P., ''A privacy preserving representation for web 832

service communicators' in the cloud. In" QSHINE-2013, 9th 833

International Conference on Heterogeneous Networking for Qual- 834

ity, Reliability, Security and Robustness, India, Lecture Notes of 835

the Institute for Computer Sciences, Social-Informatics and 836

Telecommunications Engineering, vol. 115, doi: http://dx.doi.org/ 837

10.1007/978-3-642-37949-9_44, ISBN:978-3-642-37948-2, pp. 496- 838

50 6 . 839

Debnath, Ashmita, Singaravelu, Pradheepkumar, Verma, Shekhar, 840

2014. Privacy in wireless sensor networks using ring signature. J. 841

King Saud Univ. - Comput. Inf. Sci. http://dx.doi.org/10.1016/j. 842

jksuci.20 13.12.00 6 . 843

844 Dropbox confirms it got hacked, will offer two-factor authentication

845 Spammers used stolen password to access list of Dropbox user

846 e-mails.Aug-12, News-Conde Nast <http://www.Foxnews.com>.

847 Facebook Vows to Fix Major Privacy Breach-Australian Report-Sep-

848 2011, <http://www.Foxnews.com>.

849 Google to pay $22.5 million to settle privacy charges: July-2012 WSJ-

850 Wall Street Journal, <http://www.IBM Live>.

851 Hao, Zhuo, Zhong, Sheng, Yu, Nenghai, 2011. A privacy-preserving

852 remote data integrity checking protocol with data dynamics and

853 public verifiability. IEEE Trans. Knowl. Data Eng. 23 (9), 1432854 1437.

855 Huang, Ruwei, Yu, Si, Zhuang, Wei, Gui, Xiaolin, November 2010.

856 Design of privacy-preserving cloud storage framework, In: The

857 Ninth International Conference on Grid and Cloud Computing,

858 Nanjing, Jiangsu, China, pp. 1-5.

859 Huang, RuWei, Gui, XiaoLin, Yu, Si, Zhuang, Wei, 2011. Research

860 on privacy-preserving cloud storage framework supporting cipher-

861 text retrieval. International Conference on Network Computing

862 and Information Security (NCIS) 1, 93-97.

863 Itani, Wassim, Kayssi, Ayman, Chehab, Ali, 2009. Privacy as a service-

864 privacy-aware data storage and processing in cloud computing

865 architectures. In: Eighth IEEE International Conference on

866 Dependable, Autonomic and Secure Computing, pp. 711-716.

867 Khan, S.M., Hamlen, K.W., 2012. Anonymous cloud: a data

868 ownership privacy provider framework in cloud computing. In:

869 IEEE 11th International Conference on Trust, Security and Privacy

870 in Computing and Communications (TrustCom), pp. 170-176.

871 Li, Jun, Stephenson, Bryan, Motahari-Nezhad, Hamid Reza, Singhal,

872 Sharad, 2011. IEEE Trans. Serv. Comput. 4 (4), 340-354.

873 Lin, Huang, Shao, Jun, Zhang, Chi, Fang, Yuguang, 2013. CAM:

874 cloud-assisted privacy preserving mobile health monitoring. In:

875 IEEE Transactions on Information Forensics and Security, vol. 8

876 (6), pp. 985-997.

877 Linkedln sheds more light on privacy breach, San-fancisco: LinkedIn

878 Corp, criticized for inadequate network security after hackers

879 exposed millions of its users'passwords Jun-2012, <http://www.

880 IBM Live >.

881 Liu, Qin, Wang, Guojun, Wu, Jie, 2009. An efficient privacy

882 preserving keyword search scheme in cloud computing. In: IEEE

883 International Conference on Computational Science and Engineer-

884 ing, CSE '09, pp. 715-720.

885 Liu, Qin, Wang, Guojun, Jie, Wu, 2012. Secure and privacy preserving

886 keyword searching for cloud storage services. Elsevier-J. Network

887 Comput. Appl. 35 (3), 927-933.

888 Nimgaonkar, S., Kotikela, S., Gomathisankaran, M., 2012. CTrust: a

889 framework for secure and trustworthy application execution in

890 cloud computing. In: International Conference on Cyber Security

891 (CyberSecurity), pp. 24-31.

Pearson, Siani, 2009. Taking account of privacy when designing cloud 892

computing services. In: IEEE ICSE Workshop on Software 893

Engineering Challenges of Cloud Computing, CLOUD, pp. 44-52. 894

Ray, Sangram, Biswas, G.P., 2014. A certificate authority (CA)-based 895

cryptographic solution for HIPAA privacy/security regulations. J. 896

King Saud Univ. - Comput. Inf. Sci. http://dx.doi.org/10.1016/]. 897

jksuci.2013.10.001. 898

Singhal, M., Chandrasekhar, S., Ge, Tingjian, Sandhu, R., Krishnan, 899

R., Ahn, Gail-Joon, Bertino, E., 2013. Collaboration in multicloud 900

computing environments: framework and security issues. IEEE 901

Comput. Mag. 46 (2), 76-84 . 902

Wang, Jian, Zhao, Yan, Jiang, Shuo, Le, Jiajin, 2010. Providing 903

privacy preserving in cloud computing. In: 3rd IEEE Conference 904

on Human System Interactions (HSI), pp. 472-475. 905

Wang, Guojun, Liu, Qin, Wu, Jie, Guo, Minyi, 2011. Hierarchical 906

attribute-based encryption and scalable user revocation for sharing 907

data in cloud servers. Comput. Secur. - Elsevier, 320-331. 908

Wang, Qian, Wang, Cong, Ren, Kui, Lou, Wenjing, Li, Jin, 2011. 909

Enabling public auditability and data dynamics for storage security 910

in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22 (5), 847- 911

859. 912

Wang, Q., Zeng, W., Tian, J., 2014. A compressive sensing based 913

secure watermark detection and privacy preserving storage frame- 914

work. IEEE Trans. Image Process. 23 (3). 915

Wei, Yang, Jianpeng, Zhao, Junmao, Zhu, Wei, Zhong, Xinlei, Yao, 916

2012. Design and implementation of security cloud storage 917 framework. In: Second International Conference on Instrumenta- 918 tion, Measurement, Computer, Communication and Control 919 (IMCCC), pp. 323-326. 920

< http://www.zdnet.com/blog/berlind/phishing-based-breach-of-sales- 921

force >. 922

Zhang, Gaofeng, Yang, Yun, Chen, Jinjun, 2012. A historical 923

probability based noise generation strategy for privacy protection 924

in cloud computing. Elsevier-J. Comput. Syst. Sci. 78 (5), 13 74- 925

1381. 926

Zhang, Joy Ying, Wu, Pang, Zhu, Jiang, Hu, Hao, Bonomi, Flavio, 927

2013. Privacy-preserved mobile sensing through hybrid cloud trust 928 framework. In: IEEE Sixth International Conference on Cloud 929 Computing (CLOUD), pp. 9 52-95 3 . 930

Zhao, Gansen, Li, Ziliu, Li, Wenjun, Zhang, Hao, Tang, Yong, 20 1 2 . 931

Privacy enhancing framework on PaaS. In: International Confer- 932

ence on Cloud and Service Computing (CSC), pp. 131-137. 933

Zhou, Minqi, Zhang, Rong, Xie, Wei, Qian, Weining, Zhou, Aoying, 934

2010. Security and privacy in cloud computing a survey. In: Sixth 935

IEEE International Conference on Semantics Knowledge and Grid 936

(SKG), pp. 105-112. 937