TO: Prof. Ellis
FROM: Mahir Faisal
DATE: 03/03/2021
SUBJECT: 500-Word summery of Article about Cloud Storage Security Assessment Through Equilibrium Analysis
The following is a 500-word summery of a peer-reviewed article about essential Security Analysis of cloud storage solution. The authors discussed about how cloud providers and third-party providers can provide strong security measurements and effective data protection to make the data more secured and reliable in cloud infrastructure. Cloud storage solution has been widely used by the companies and enterprises to put their data and information to the cloud servers. Users can upload their data on the cloud and access to the data without having any issues. however, as user data contains confidential information Network attackers target third-party cloud service providers to hack the user data. Some methods and schemes have been proposed for risk assessment of the cloud which will help cloud providers to act as a defender of security. However, Users cannot have full trust in These service providers because they may ensure the integrity and confidentiality of the data, but they may have accessed the content of the data. For example- Cloud service providers are responsible for the security of the data whereas cloud infrastructure providers make resources available on the cloud, they do not do security assessments as cloud service providers do. There is a chance of having conflicts of benefits between attackers and defenders. This conflict of benefits may drive users to think that cloud providers have a lack of appropriate assessment mechanisms. Some Third-party Service providers serve security services to cloud providers by encrypting user data. But the benefit conflicts with cloud providers and users make them semi-trustworthy the same as cloud providers. According to the author’ each person’s benefit is determined by the security level of the whole system.” (Wu et al., 2019, p. 739). If the layer of security is strong, then an attacker needs to solve security mechanisms one by one which will become difficult for the attackers to decrypt it. Another point to be noted that decision-makers can be divided into attackers and defenders, Users and cloud providers can act as attackers or defenders. However, to solve this issue, game theory offers tools and models help decision-makers to make a strategy. study shows that by assessing the security of public cloud storage providers and third-party mediators through equilibrium analysis. To be precise, we conduct evaluations and assessments on a series of game models between public cloud storage providers and users to analyze the security of different services. By using the game theory model, users can analyze the risk of whether their private data is likely to be hacked by the cloud service providers. Moreover, Cloud service providers can make effective strategies to improve their service and make it more trustworthy. For example- if a cloud service provider uses a Nash equilibrium strategy and would not steal user data then the cloud system has effective internal security and confidentiality to the user data and privacy. A semi trustworthy Third-party Service providers will give additional security to the user data if users have trust in Third-party providers as same as Cloud service providers. I believe that cloud providers should emphasize strong security measurements and assessment mechanisms to protect the confidentiality and integrity of user data.
Reference
Y. Wu., Y. Lyu., & Y. Shi. (2019) “Cloud storage security assessment through equilibrium analysis,” in Tsinghua Science and Technology, vol. 24, no. 6, pp. 738-749, Dec.2019, DOI : 10.26599/TST.2018.9010127
