Secure Decentralised Storage Networks

Research output: ThesisDoctoral Thesis

523 Downloads (Pure)

Abstract

In recent years, cloud-based computing and storage have become increasingly popular,as they remove the need for users and developers to buy or rent expensive dedicated hardware on an ongoing basis. This has led to the increasing centralisation of both services and storage, where users are reliant upon a small number of cloud-based providers to hold their data, and provide them with services they use. Recent events have shown that security breaches of centralised data stores can lead to significant quantities of personal data being revealed. This centralisation can also result in inconvenience in the event of the failure of the service provider, resulting in potential data loss or a loss of utility of the service.

In contrast, a decentralised service and storage architecture removes the single point of failure from a network, and allows users to remove their dependency on a single company or service provider. In addition, by preventing storage providers from having access to user data, as is inherently needed in a decentralised network to preserve confidentiality,it is possible for users to protect their data from theft or unauthorised access,giving rise to data security and privacy benefits.

This thesis explores the the challenges encountered in implementing a secure decentralised network, based around storage, and presents solutions to some of these problems. A security analysis of the MaidSafe network is firstly given, setting the context of the work, and investigating the state-of-the-art. Potential uses for decentralised services are considered, including for use on mobile devices. The importance of client device security is also considered, and a number of vulnerabilities affecting the security of client-based software are identified and explored. A practical design of decentralised architecture for preserving user privacy when discovering users is also contributed, to illustrate how decentralised service design can be used to enhance privacy of existing systems, and solve otherwise unsolved problems. A review and analysis of the privacy policies of popular web-based services then shows the extent to which user privacy is at risk from centralised web services. Finally, the concepts of identity and authentication within decentralised networks are considered, with a novel smartcard-based approach to securing user credentials within a decentralised network demonstrated.
Original languageEnglish
QualificationPhD
Awarding Institution
  • Electronic And Electrical Engineering
Supervisors/Advisors
  • Irvine, James, Supervisor
Award date7 Nov 2017
Place of PublicationGlasgow
Publisher
Publication statusPublished - 7 Nov 2017

Keywords

  • storage networks
  • cloud based computing
  • security
  • privacy
  • cyber trust
  • authentication

Fingerprint

Dive into the research topics of 'Secure Decentralised Storage Networks'. Together they form a unique fingerprint.

Cite this