In recent years, cloud-based computing and storage have become increasingly popular,as they remove the need for users and developers to buy or rent expensive dedicated hardware on an ongoing basis. This has led to the increasing centralisation of both services and storage, where users are reliant upon a small number of cloud-based providers to hold their data, and provide them with services they use. Recent events have shown that security breaches of centralised data stores can lead to significant quantities of personal data being revealed. This centralisation can also result in inconvenience in the event of the failure of the service provider, resulting in potential data loss or a loss of utility of the service.In contrast, a decentralised service and storage architecture removes the single point of failure from a network, and allows users to remove their dependency on a single company or service provider. In addition, by preventing storage providers from having access to user data, as is inherently needed in a decentralised network to preserve confidentiality,it is possible for users to protect their data from theft or unauthorised access,giving rise to data security and privacy benefits.This thesis explores the the challenges encountered in implementing a secure decentralised network, based around storage, and presents solutions to some of these problems.A security analysis of the MaidSafe network is firstly given, setting the context of the work, and investigating the state-of-the-art. Potential uses for decentralised services are considered, including for use on mobile devices. The importance of client device security is also considered, and a number of vulnerabilities affecting the security of client-based software are identified and explored. A practical design of decentralised architecture for preserving user privacy when discovering users is also contributed, to illustrate how decentralised service design can be used to enhance privacy of existing systems, and solve otherwise unsolved problems. A review and analysis of the privacy policies of popular web-based services then shows the extent to which user privacy is at risk from centralised web services. Finally, the concepts of identity and authentication within decentralised networks are considered, with a novel smartcard-based approach to securing user credentials within a decentralised network demonstrated.
|Date of Award||1 Oct 2016|
- University Of Strathclyde
|Sponsors||University of Strathclyde & EPSRC (Engineering and Physical Sciences Research Council)|
|Supervisor||James Irvine (Supervisor) & David Harle (Supervisor)|