An Evaluation of Security and Privacy Threats for Cloud-based Applications

Cloud computing system provides virtual IT infrastructures with a set of resources that are shared with multi-tenant users. Data Privacy and the security are major challenges when users outsource their data to a cloud. Privacy can be violated by the cloud vendor, vendor's authorized users, other cloud users, unauthorized users, or external malicious entities. Encryption is one of the solutions to protect and maintain privacy of cloud-stored data. However, encryption methods are complex and expensive for mobile devices. In this workshop, we review major literatures and we introduce our previous study about a light-weight method for mobile clients to store data on one or multiple clouds by using pseudo-random permutation based on chaos systems. The method can be used in client mobile devices to store data in the cloud(s) without using cloud computing resources for encryption to maintain user's privacy. We consider JPEG image format as a case study to present and evaluate the proposed method. Our results show that the proposed method achieves superior compare to encryption methods, such as AES and encryption on JPEG encoders while protecting the mobile user data privacy