Repository logo
 

Client-side encryption and key management: enforcing data confidentiality in the cloud.

dc.contributor.advisorBlackledge, Jonathan Michael.
dc.contributor.advisorDlamini, Moses Thandokuhle.
dc.contributor.authorMosola, Napo Nathnael.
dc.date.accessioned2018-10-02T12:44:05Z
dc.date.available2018-10-02T12:44:05Z
dc.date.created2016
dc.date.issued2016
dc.descriptionMaster of Science in Computer Science. University of KwaZulu-Natal, Durban 2016.en_US
dc.description.abstractCloud computing brings flexible, scalable and cost effective services. This is a computing paradigm whose services are driven by the concept of virtualization and multi-tenancy. These concepts bring various attractive benefits to the cloud. Among the benefits is reduction in capital costs, pay-per-use model, enormous storage capacity etc. However, there are overwhelming concerns over data confidentiality on the cloud. These concerns arise from various attacks that are directed towards compromising data confidentiality in virtual machines (VMs). The attacks may include inter-VM and VM sprawls. Moreover, weaknesses or lack of data encryption make such attacks to thrive. Hence, this dissertation presents a novel client-side cryptosystem derived from evolutionary computing concepts. The proposed solution makes use of chaotic random noise to generate a fitness function. The fitness function is used to generate strong symmetric keys. The strength of the encryption key is derived from the chaotic and randomness properties of the input noise. Such properties increase the strength of the key without necessarily increasing its length. However, having the strongest key does not guarantee confidentiality if the key management system is flawed. For example, encryption has little value if key management processes are not vigorously enforced. Hence, one of the challenges of cloud-based encryption is key management. Therefore, this dissertation also makes an attempt to address the prevalent key management problem. It uses a counter propagation neural network (CPNN) to perform key provision and revocation. Neural networks are used to design ciphers. Using both supervised and unsupervised machine learning processes, the solution incorporates a CPNN to learn a crypto key. Using this technique there is no need for users to store or retain a key which could be compromised. Furthermore, in a multi-tenant and distributed environment such as the cloud, data can be shared among multiple cloud users or even systems. Based on Shamir's secret sharing algorithm, this research proposes a secret sharing scheme to ensure a seamless and convenient sharing environment. The proposed solution is implemented on a live openNebula cloud infrastructure to demonstrate and illustrate is practicability.en_US
dc.identifier.urihttp://hdl.handle.net/10413/15496
dc.language.isoen_ZAen_US
dc.subjectTheses - Computer Science.en_US
dc.subject.otherCloud computing.en_US
dc.subject.otherVirtualization.en_US
dc.subject.otherNeural Network.en_US
dc.subject.otherInter-VM attacks.en_US
dc.titleClient-side encryption and key management: enforcing data confidentiality in the cloud.en_US
dc.typeThesisen_US

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Mosola_Napo_N_2016.pdf
Size:
2.71 MB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.64 KB
Format:
Item-specific license agreed upon to submission
Description: