This article was downloaded by: [198.91.36.

79]
On: 20 February 2015, At: 13:34
Publisher: Taylor & Francis
Informa Ltd Registered in England and Wales Registered Number: 1072954 Registered office: Mortimer House,
37-41 Mortimer Street, London W1T 3JH, UK

IETE Technical Review

Publication details, including instructions for authors and subscription information:
http://www.tandfonline.com/loi/titr20

On Protecting Data Storage in Mobile Cloud Computing

Paradigm
a a
Al-kindy Athman Abdalla & Al-Sakib Khan Pathan
a
Department of Computer Science, International Islamic University Malaysia, Kuala Lumpur
53100, Malaysia
Published online: 20 May 2014.

Click for updates

To cite this article: Al-kindy Athman Abdalla & Al-Sakib Khan Pathan (2014) On Protecting Data Storage in Mobile Cloud
Computing Paradigm, IETE Technical Review, 31:1, 82-91, DOI: 10.1080/02564602.2014.891382

To link to this article: http://dx.doi.org/10.1080/02564602.2014.891382

PLEASE SCROLL DOWN FOR ARTICLE

Taylor & Francis makes every effort to ensure the accuracy of all the information (the Content) contained
in the publications on our platform. However, Taylor & Francis, our agents, and our licensors make no
representations or warranties whatsoever as to the accuracy, completeness, or suitability for any purpose of the
Content. Any opinions and views expressed in this publication are the opinions and views of the authors, and
are not the views of or endorsed by Taylor & Francis. The accuracy of the Content should not be relied upon and
should be independently verified with primary sources of information. Taylor and Francis shall not be liable for
any losses, actions, claims, proceedings, demands, costs, expenses, damages, and other liabilities whatsoever
or howsoever caused arising directly or indirectly in connection with, in relation to or arising out of the use of
the Content.

This article may be used for research, teaching, and private study purposes. Any substantial or systematic
reproduction, redistribution, reselling, loan, sub-licensing, systematic supply, or distribution in any
form to anyone is expressly forbidden. Terms & Conditions of access and use can be found at http://
www.tandfonline.com/page/terms-and-conditions
 On Protecting Data Storage in Mobile Cloud
Computing Paradigm
Al-kindy Athman Abdalla and Al-Sakib Khan Pathan
Department of Computer Science, International Islamic University Malaysia, Kuala Lumpur 53100, Malaysia

ABSTRACT
To enhance the security of mobile cloud storage, a few proposals have been presented already, most of which
focus on securing data through passwords and encryption-decryption of data through cryptographic tools
and existing or rather new algorithms. However, these passwords and algorithms eventually get cracked by
the expert hackers who mostly spend their entire time learning the algorithms and the way to get through the
password-protected frameworks. It is for this reason that our article concentrates on a different way of secur-
ing data-storage for mobile cloud computing users. In this article, we present a secure framework that helps
protect the mobile-user data through storage in different servers located at different geographical locations
across the globe. In this way, it ensures strong data protection ability, because part of the data is stored in one
server located at a location and another part of the data is stored in another server located at a far different
Downloaded by [198.91.36.79] at 13:34 20 February 2015

location. We also analyse various facets of the issue and report on the state-of-the-art achievements.
Keywords:
Cloud, Data, Framework, Location, Mobile.

1. INTRODUCTION about the background jobs. Thus, cloud computing

With the advancements of technology, the invention of
mobile internet devices (MIDs) such as tablets and
smartphones has become a reality. The existence of
MIDs makes the desktop less important than ever
before. MIDs, as service platforms, can provide several
societal, business and governmental services. Hence,
serious applications such as bank transactions can
now be performed on a mobile device, constituents
can send messages to their representatives in parlia-
ment, and people can access health information
through text enquiries. Further developments will
allow mobile devices with unique features that can
sense the environment and physiological parameters
to enhance quality of life and enable remote monitor-
ing of patients. All these activities require data storage.
While MIDs are enabling computing and storage tasks
from anywhere, anytime, new concepts have also been
emerging to enhance their usability in different con-
texts. Cloud computing is such a relatively new tech-
nology that is associated with a new paradigm for the
provision of computing infrastructure. This paradigm
shifts the location of this infrastructure to the network
to reduce the costs associated with the management of
hardware and software resources [1]. Virtualization is
an important feature in cloud technologies, which sep-
arates software from hardware. Users can run their
own applications in virtual machines, without caring
will help release institutes from the pressure of
upgrading hardware and software. An advanced tech-
nology that combines the use of MIDs and cloud com-
puting is mobile cloud computing. It has enabled the
use of computing resources as a public utility.
Mobile cloud computing (MCC) refers to an emerg-
ing infrastructure where both of the data storage and
the data processing happen outside the mobile device
from which an application is launched. MCC is
widely accepted as a concept that can significantly
improve the user experience when accessing mobile
services. By providing a new level of security by cen-
tralized maintenance of security-critical software, for
example mobile security applications, it is expected
that it will find broad acceptance on the business as
well as consumer side. Considering such an infra-
structure and demand from consumers, we analyse
various facets of protected or secure storage of
mobile user-data.
The rest of the paper is organized as follows: Section 2
outlines the necessity of enhancing mobile computing
and design issues; Section 3 talks about issues concern-
ing protecting mobile cloud storage data; Section 4
analyses the threats and vulnerabilities against such
data. An analysis of the state-of-the-art is presented in
Section 5; Section 6 presents our approach; and finally,
Section 7 concludes the paper.

82 IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014

 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
2. NEED FOR ENHANCED MOBILE
COMPUTING
2.1 Current Trends
Cloud computing is basically on-demand network
access to a shared pool of configurable computing
resources (e.g. networks, servers, storage, applications
and services) that can be rapidly provisioned and
released with minimal management effort or service
provider interaction. The functions of the cloud and its
use could be enhanced with various new technologies
that are emerging. In fact, often technologies merge, or
converge, or help each others growth. With this inter-
mingling of technologies, new needs often arise.
Today, the electronics manufacturers are trying their
best to enhance the features and functions of MIDs
that could be suitable for different MCC environments.
Side-by-side, the application developers are also com-
Downloaded by [198.91.36.79] at 13:34 20 February 2015
ing up with numerous software or applications that
provide easy handling of complicated computation
tasks. As of September 2012, there were more than
675,000 applications available for Android [2] and as
of 7 January 2013, there were more than 300,000 native
iPad applications available for users [3]. Among so
many applications, some or a significant number may
be dedicated to allowing mobile cloud services as
cloud-based mobile services benefit users by richer
communications and greater flexibility. One interest-
ing phenomenon is that the global percentage of
mobile broadband users exceeded the percentage of
fixed broadband users as early as 2008 and, in 2010,
there were 12.6 mobile broadband connections per 100
people worldwide. In the period 2008
2010, over
300,000 different mobile applications were developed
[4]. All of these statistical figures will be much higher
by this time, will constantly change, and will increase
steadily in the coming years. This wide range of func-
tionality indicates that MIDs are increasingly being
used as computing tools as well as communications
devices. Despite this trend, the computational capabili-
ties of mobile devices are still much more limited than
those of the traditional PCs (personal computers).
2.2 Design Issues and Future Prospects
Two primary considerations of mobile device design
are: (a) physical size and (b) battery capacity. The
energy density of batteries is limited by current tech-
nology and hence, any increase in battery capacity
results in an increase in physical size. While it is possi-
ble to enhance the computational capabilities of a
mobile device using more advanced hardware, this
results in higher power requirements and costs. As
new applications are being developed, it is likely that
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
their requirements will exceed the capabilities of
mobile devices. Therefore, to meet the rising demand,
it is necessary to augment and enhance the computa-
tional capabilities of mobile devices through the use of
mobile cloud computing [4].
Another dimension of this is the integration of sophis-
ticated and new wireless technologies. With the fast
development of wireless technology, mobile cloud
computing has become an emerging cloud service
model, where mobile devices and sensors are used as
the information collecting and processing nodes for
the cloud infrastructure. One such example is the Fi-
Wi cloud (fiber-wireless based cloud) [5]. This new
trend requires researchers and practitioners to con-
struct a trustworthy architecture for mobile cloud com-
puting that includes a large number of lightweight,
resource-constrained mobile devices. In such a mobile
cloud sensing environment, cloud users may request
the data from sensing devices. Such kinds of enhanced
MCC environments would make the process of mobile
data storage more frequent but complicated. Using
complex security mechanisms in different steps may
make the process slow and unattractive to users. For
instance, a typical solution to protecting data is to
encrypt the sensing data with a group key and broad-
cast the encrypted data; only legitimated users can
reveal the data content with the pre-distributed group
key [6]. However, such an approach demands high
levels of key management overhead and it is vulnera-
ble to single point of failure (SPoF) problems.
3. PROTECTING MOBILE CLOUD STORAGE
Today, many computing devices with high portability
and strong computing power are emerging (although
still much weaker than the PCs). Since anyone can
have multiple such devices and can also access wire-
less networks easily, the need has arisen for efficient
methods to share or synchronize user data among sev-
eral devices. Use of cloud storage services is one of the
possible solutions and has become very popular [7].
By removing the limitations of mobile devices with
respect to storage and computing capabilities, MCC is
expected to draw huge numbers of users [8].
There could be many real-life cases where MCC would
be the choice of users. For instance, a number of employ-
ees in a company may own and use MIDs to accomplish
company tasks as well as to store data. The data could
be company data or personal confidential data.
However, owing to the relatively low computational
ability and low storage capacity of the MIDs, a mobile
cloud computing environment would have to be estab-
lished. The mobile users could opt to store their data
in the cloud and make use of the cloud services (CS).
83
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
Downloaded by [198.91.36.79] at 13:34 20 February 2015
Figure 1: Mobile cloud service model.
CS are delivered and consumed on demand at any time,
through any access network, using any connected
device with cloud computing technologies.
To define it formally, a cloud service provider (CSP) is
an organization that provides and maintains delivered
cloud services. A cloud service user (CSU) is a person
or organization that consumes delivered cloud serv-
ices. A CSU can include intermediate users that will
deliver cloud services provided by a CSP to actual
users of the cloud service, that is, the end users. End
users can be persons, machines, or applications.
Figure 1 shows a typical mobile could service model
with different participating entities. In fact, MCC
assures anywhere, anytime data access provided that
there is Internet connection with wireless access [9].
However, such data storage raises a number of secu-
rity concerns as these data in the cloud is vulnerable to
attacks by hackers [21] who mostly seek a pool of data
located anywhere. Security issues may include: data
leakage, data modification, data loss. Also, MIDs can be
stolen, crashed or lost. Because of these, the need for a
secure model of data protection is realized.
Taking this scenario into consideration, in this work,
we analyse various efforts and issues to give a clear
84
picture of the field alongside proposing a framework
on how to protect the stored data in the cloud. Our
proposed framework should enable the following:
1. protection of the CSUs stored data from hackers;
2. recovery of CSUs stored data in case of stolen or
lost MIDs;
3. data secrecy for companies or organizations.
4. THREATS AGAINST MOBILE CLOUD
STORAGE
In an MCC environment, a number of security con-
cerns may be raised with regard to the secrecy and
confidentiality of data available in the MIDs of individ-
uals. Often users keep their most confidential data in
their mobile gadgets (e.g. Smartphones), however,
because MCC involves outside processing and storage
of data, there exist other threats such as eavesdropping
and theft of data over the mobile cloud network.
One of the major problems in cloud computing is the
fact that the security and confidentiality of a remote
resource cannot be technically validated by the cus-
tomer. As a consequence, the security aspect is still
subject to contracts and trust [10]. According to a study
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
of the National Vulnerability Database, there were 26
and 18 vulnerabilities in Xen and VMware ESX, respec-
tively. A malicious insider or attacker can acquire arbi-
trary user data through these vulnerabilities via VM
escape attacks, hypervisor rootkits or executing mali-
cious codes [7]. On the other hand, user carelessness
incurs client-side data leakage. If a user loses a mobile
device that is connected to the cloud storage service,
then anyone who picks up this device can access the
users security sensitive data, or if a user accesses his
or her cloud storage using untrusted devices, the
users credentials or security-sensitive data can be
intercepted by malicious programs (e.g. key logger
programs, viruses or malicious codes can reside in
untrusted device and cause client-side data leakage
through the network) [7].
The importance of the data stored in the smart phones
is increased as more applications are deployed and
Downloaded by [198.91.36.79] at 13:34 20 February 2015
executed. Once the smart phone is damaged or lost,
the valuable information stored in the device is lost
altogether. If cloud storage can be integrated with
cloud services for periodical data backup of a mobile
client, the risk of data loss can be minimized. However,
the important data might be uncovered by a malicious
third party during retrieval or transmission of infor-
mation using wireless cloud storage without proper
authentication and protection [11]. Again, if the service
is provided via the internet, the data in transit is vul-
nerable to various kinds of network level attacks like
eavesdropping and session hijacking. Hence, there is a
need for a system that can provide cloud service to the
organizations internally, which can be trusted for the
confidentiality of data [12].
The ability to securely delegate computation to a
remote resource provider is becoming a key feature in
resource outsourcing and cloud computing [22], where
programs and data are distributed over a wide net-
work of machines and resources that can no longer be
controlled by the customer. The customer has to trust
the resource provider, because to date all software,
once transmitted to the remote resource provider, is
executed in unencrypted form and is entirely under
the control of the resource owner [10]. Hence, some
trust factors should work in the process of forming a
defence against the threats and vulnerabilities.
Mobile devices connect to application providers via
wireless or mobile network which is an enabler of com-
munication. It would be a mistake to assume that all
mobile network access-points are trusted, to an extent
that no security measures are put in place to protect
mobile devices that connect through them. However,
service providers should be aware of security prob-
lems that may arise when they adopt and launch new
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
cloud services. According to an IDC report [13, 14],
when questioned, 74.6% of service providers answered
that the most important issue for cloud services is
security. In addition, recent cloud computing attacks
make it difficult to guarantee the trust and safety of
cloud services [15]. However, service providers should
be aware of security problems that may arise when
they adopt and launch new cloud services.
Currently, a typical cloud storage service, Drop box,
offers server-side data encryption for security purpose.
However, we argue that such a method is not secure
enough because all the encryption keys are managed
by software and there is no attestation on the client
software integrity. Moreover, a simple user identifica-
tion based on user ID and password is also easily com-
promised. Hence, a stronger method of data protection
is needed in this scenario.
5. ANALYSIS OF THE STATE-OF-THE-ART
Most of the frameworks proposed by some previous
research works use passwords and cryptographic algo-
rithms to secure or protect the data in the cloud. With
this kind of framework, more powerful computational
abilities are even required. Also, it leads to faster usage
and finishing of the low battery powers of MIDs.
Some commercial cloud storage services protect users
data located in server-storages by introducing client-
based or server-based data encryption. When client-
based encryption is used, it is ensured that the users
data are encrypted before transmitting to the server.
All components related to encryption, such as encryp-
tion process, library and data keys, are hosted by the
client program. By using these components, the client
program generates a one-time-use symmetric key for
data encryption. This key will be encrypted using the
users asymmetric public key and uploaded with
encrypted data to the server. When the user wants to
download his or her data, the client program requests
this encrypted data key along with data and then
decrypts the data key using users private key and
finally decrypts the data. Similar operational architec-
ture is presented in reference [7].
Although the adoption of cloud computing services is
undergoing rapid proliferation, customers of critical
cloud services are reluctant and sceptical about the
integrity of their stored data in the remote cloud [16].
This fact is further aggravated in mobile cloud com-
puting models that support battery-operated wireless
and mobile client devices with limited energy resour-
ces. Any integrity enforcement mechanism should
securely support dynamic operations on remote data
and consider the limitations of mobile customers by
85
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
Figure 2: Insecurity in cloud storage data.
employing energy-efficient algorithmic techniques and
cryptographic data structures. Moreover, in this kind
Downloaded by [198.91.36.79] at 13:34 20 February 2015
of framework, stored data are less secure. Expert hack-
ers are known to crack passwords through brute-force
attacks and dictionary attacks and hack the entire sys-
tem over a given period of time. Hackers have made
programs and codes that are mainly used to hack a
password-protected framework. Therefore, the tradi-
tional frameworks often fail to entirely secure the
stored data in the cloud.
Data encryption methods do mitigate the risk of
server-side data leakage, but several risks of data leak-
age still exist. First, in case of the client-based encryp-
tion, the keys involved in the process of encryption are
managed by software. If that software gets corrupted,
the keys could be exposed to the attacker. Second, in
the case of server-based encryption, the users data still
remain as plain text in the server before the encryption
process. Therefore, an attacker can exploit the vulner-
abilities of servers to fetch the users data. Third, user
authentications are depend only on user ID and pass-
word. A user can access all of the content of cloud stor-
age if he or she logs in with valid pair of user ID and
password [7].
6. OUR APPROACH
6.1 Security of Stored Data
On the internet, users can be attacked everywhere. As
long as the internet is accessed to send a message, the
message transmission is subject to attack [11]. Hence,
many of the issues we have mentioned in the previous
sections also resonate with cyber security issues. While
the existing defence mechanisms may be employed for
protecting communications, to mitigate the damage
done to the databases or to pool of data by attacks like,
for example, SQL Injection [17], password- or
86
encryption-based mechanisms by themselves are not
enough. Indeed, we need a second line of defence to
protect the stored data. Hence, by data protection or
data security in this paper, we mainly mean protecting
the cloud-storage-data once the communications have
been done.
The abstract model of generated data-storage (data
pool) and potential threat could be depicted as in
Figure 2. When the Data Owner (DO) (e.g. mobile
user) stores data in the cloud, the hackers try to get
access to the data by hacking the system. There are
mainly two categories of data in the cloud data storage
(Figure 3): sensitive data and non-sensitive data.
If the whole pool of data is non-sensitive and thus could
be shared with the public, hacking of the data-storage
may not really do harm; however, sensitive data
exposed by the hackers from a single storage location
would really cause harm. As the user (or, the commu-
nity or organization) is the owner of the data, extra
protection should be desired by the owner from the
storage mechanism in the mobile cloud. This is what
has persuaded us to develop our framework.
6.2 Our Framework
We use a different approach to data protection. Data
storage in the cloud is designed in such a way that
users can use mobile phones or such handheld devices
as a platform to upload, download, share and synchro-
nize information through cloud computing anywhere
at any time.
6.2.1 Topological and Operational Models
Figure 4 shows the topological model of our frame-
work which depicts that mobile users could use wire-
less access to just upload/download their data. In this
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
Figure 3: Sensitive and non-sensitive data.
Downloaded by [198.91.36.79] at 13:34 20 February 2015
Figure 4: Secure data storage framework for MCC.
model, data will be stored in different servers that are
situated at different locations. Part of the data will be
stored for instance, in Server 1 at Location C; another
part of the data will be stored in Server 2 at Location
D, and so on. All of these servers are connected in a
structured manner. In that way, even if the hacker gets
access to the stored data of one server, it will only
mean access to part of the data that does not make
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
sense. Hence, the hacker will have to get access to all
of the different servers in different geographical loca-
tions to eventually have the whole meaningful data.
To facilitate upload or download, each MID may have
an application installed in it to access cloud service, or
a website interface could be used for the same task. If a
website is used, many typical cyber security issues
may arise during communications, which are beyond
87
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
the scope of this work, and any standard mechanism
or combination of mechanisms could be used. Other
than this, it should be noted here that the internal net-
work structure could be any as long as such fragmented
storage is allowed. RAID (redundant array of indepen-
dent disks) [23], for instance, is one type of technology
in which data are distributed across the drives in one
of several ways called RAID levels, depending on the
level of redundancy and performance required. New
techniques that can also be thought of as RAID may
not be appropriate for this case. We have shown here a
hierarchical structure of the network; however, finding
the optimal structure or optimality issue would
demand a completely separate work, both from a topo-
logical and from an operational point of view.
Figure 5 shows an operational model of our frame-
work. The dotted lines at the top of the figure mean
that both the cloud diagrams are the same. To clearly
Downloaded by [198.91.36.79] at 13:34 20 February 2015
Figure 5: Operational model of our approach.
88
depict the operations, we have used two copies of the
partial diagram. This figure illustrates that the mobile
user (or CSU) uploads the data, which go through the
cloud service provider which has a data protection
manager (DPM) module. The DPM has mainly two
sub-modules: a user data fragmenter (UDF) that frag-
ments the data and stores it in different locations; and
a user data merger (UDM) that generates the original
data when a user downloads that on demand. The
DPM has a data mapping function that allows frag-
mentation and merging for a particular client (i.e. the
user). A table keeps the records and we assume that
the DPM is well protected, which is essential for this
framework. The fragmentation service is available if
user chooses to have such data protection, which
should be defined in the service level agreement
(SLA). Hence, the user should choose the service, pay
for it, and it should be formally agreed upon and
recorded in the SLA. Also, the lifetime of data for a
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
particular user and other policy issues should be
defined in the SLA.
6.2.2 Use of Erasure Coding with our Framework
To enable such storage and protection of data, an era-
sure coding (EC) [18] method could be applied. EC is
basically a data protection method in which data are
broken into fragments, expanded and encoded with
redundant data pieces and stored across a set of differ-
ent locations, such as disks, storage nodes or geo-
graphic locations. A work based on EC has been
presented in reference [19]; however, that work mainly
presents the issue from an operational point of view
involving mathematical illustrations. In our work, we
have designed a framework (mainly a physical model)
that could support such data protection with practi-
cally placed devices. Moreover, our framework would
enable the task to be performed from any mobile
Downloaded by [198.91.36.79] at 13:34 20 February 2015
hand-held device with the required application or
interface via wireless communications.
To relate the concept of EC here, this method basically
creates a mathematical function to describe a set of
numbers so they can be checked for accuracy and
recovered if one is lost. Referred to as polynomial
interpolation or oversampling, this is the key concept
behind erasure codes. In mathematical terms, the pro-
tection offered by erasure coding can be represented in
simple form by the following equation: n k m. The
variable k is the original amount of data or number of
symbols. The variable m stands for the extra or redun-
dant symbols that are added to provide protection
from failures. The variable n is the total number of
symbols created after the EC process.
For example, in a 10 of 16 configuration, or EC 10/16,
six extra symbols (m) would be added to the 10 base
symbols (k). The 16 data fragments (n) would be spread
across 16 drives, nodes or geographic locations. The
original file could be reconstructed from 10 verified
fragments [20]. Hence, in our framework, the UDF could
divide the data into several pieces to store in different
servers and UDM could merge those again, possibly
using erasure coding method. The full mapping infor-
mation of the pieces and redundant portions (if used)
would be kept in the main cloud service provider.
6.2.3 An Example Scenario
An example scenario for applicability of this frame-
work is: suppose, a user has some important data in
his smartphone. Suddenly he notices that the battery is
low and the phone could go off soon. Therefore, he
needs to keep a backup securely somewhere. In this
case, our framework could allow such data storage in
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
a protected manner. After a while, when the user gets
a PC (personal computer) or any other device, he could
access the uploaded data, which would be merged and
served to the user by the CSPs DPM. Figure 5 shows
that the PC could be either wired or wirelessly
connected.
The core idea of this work is that we do not fully agree
with the available and usual data protection methods
proposed so far such as using only usernames and
passwords and encryption algorithms. Although those
mechanisms work to some extent, we thought about a
different way to protect user data so that, if it is com-
bined with the usual approaches, it could increase the
level of security. To clarify with an example, even if
the user uses Dropbox (www.dropbox.com) kind of
cloud service for data storage, the DPM in our frame-
work would ensure fragmentized storage for a better
level of security. Dropbox allows users to create a spe-
cial folder on each of their computers, which Dropbox
then synchronizes so that it appears to be the same
folder (with the same contents) regardless of which
computer is used to view it. Files placed in this folder
also are accessible through a website and mobile
phone applications. Our concept is that, unlike Drop-
box, we would store the data in different locations
with different parts using the UDF module and it
would still provide the service, especially for the users
on the move.
7. CONCLUSION AND FUTURE WORKS
The purpose of our framework is to enhance security
and data protection of the vast stored data in the
mobile cloud environment. As our future work, we
like to develop a mathematical model of the operations
as well as conducting an empirical study on the perfor-
mance of such a framework. Other important issues
could be Quality of Service, performance issues, opti-
mal structure of network for data storage, and data/
traffic flow modeling for wireless networks [24, 25] in
the MCC scenario.
ACKNOWLEDGEMENT
This work was supported by NDC Laboratory, KICT, IIUM.
Al-Sakib Khan Pathan is the corresponding author.
REFERENCES
1. A. Kumar, and E. S. Pilli, University wide M-learning using
cloud environment, in 2012 ISCOS, 17
18 December 2012,
pp. 118
23.
2. Google Play hits 25 billion downloads. Available: http://
officialandroid.blogspot.com/2012/09/google-play-hits-25-
billion-downloads.html (last accessed: 18 May 2013).
3. App Store tops 40 billion downloads with almost half in 2012.
Available: http://www.apple.com/pr/library/2013/01/07App-
89
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
Store-Tops-40-Billion-Downloads-with-Almost-Half-in-2012.
html (last accessed: 18 May 2013).
4. A. J. Paverd, M. R. Inggs, and S. L. Winberg, Towards a frame-
work for enhanced mobile computing using cloud resources.
Available: http://www.satnac.org.za/proceedings/2011/papers/
Work_In_Progress/Internet_Services_and_Applications/230.pdf
(last accessed: 18 May 2013).
5. T. H. Win, and A.-S. K. Pathan, On the issues and challenges
of fiber-wireless (Fi-Wi) networks, J. Eng., Vol. 2013, article ID
645745, pp. 1
11.
6. Z. Zhou, and D. Huang, Efficient and secure data storage
operations for mobile cloud computing, in Proceedings of
2012 8th International Conference and 2012 Workshop on
SVM, 22
26 October 2012, pp. 37
45.
7. J. Shin, Y. Kim, W. Park, and C. Park, DFCloud: A TPM-based
secure data access control method of cloud storage in mobile
devices, in Proceedings of 2012 IEEE CloudCom, 3
6
December 2012, pp. 551
6.
8. A. Klein, C. Mannweiler, J. Schneider, and H. D. Schotten,
Access schemes for mobile cloud computing, in 2010 MDM,
pp. 387
92.
9. L.-c, Zhou., and C.-d., Xiu, Cloud security service providing
schemes based on mobile internet framework, in 2012 ICC-
Downloaded by [198.91.36.79] at 13:34 20 February 2015
SEE, 2012, pp. 307
11.
10. M. Brenner, J. Wiebelitz, G. V. Voigt, and M. Smith, Secret pro-
gram execution in the cloud applying homomorphic encryp-
tion, in 2011 Proceedings of 5th IEEE DEST, 31 May to 3 June
2011, pp. 114
9.
11. S.-C. Hsueh, J.-Y. Lin, and M.-Y. Lin, Secure cloud storage for
convenient data archive of smart phones, in 2011 IEEE ISCE,
pp. 156
61.
12. S. Horrow, S. Gupta, A. Sardana, and A. Abraham, Secure pri-
vate cloud architecture for mobile infrastructure as a service,
in Proceedings of 2012 IEEE Eighth World Congress Services,
2012, pp. 149
54.
13. T. Kim, Y. Choi, S. Han, J. Y. Chung, J. Hyun, J. Li, and J. W.-K.
Hong, Monitoring and detecting abnormal behavior in mobile
cloud infrastructure, in Proceedings of 2012 IEEE NOMS,
pp. 1303
10.
14. F. Gens, IT cloud services user survey, pt.2: Top benefits &
challenges. Available: http://blogs.idc.com/ie/?p=210 (last
accessed: 18 May 2013).
90
15. W. Jia, H. Zhu, Z. Cao, L. Wei, and X. Lin, SDSM: A secure
data service mechanism in mobile cloud computing, in 2011
IEEE INFOCOM Workshps, 10
15 April 2011, pp. 1060
5.
16. W. Itani, A. Kayssi, and A. Chehab, Energy-efficient incremen-
tal integrity for securing storage in mobile cloud computing,
in Proceedings of ICEAC, 16
18 December 2010, Cairo.
17. D. A. Kindy, and A.-S. K. Pathan, A walk through SQL injection:
Vulnerabilities, attacks, and countermeasures in current and
future networks, in Building Next-Generation Converged Net-
works: Theory and Practice, A. -S. K. Pathan, M. M. Monowar, Z.
M. Fadlullah, Eds. Boca Raton, FL: CRC Press/Taylor & Francis,
2013, pp. 171
97.
18. L. Rizzo, Effective erasure codes for reliable computer com-
munication protocols, in ACM SIGCOMM CCR, Vol. 27, no. 2,
1997, pp. 24
36.
19. H.-Y. Lin, and W.-G. Tzeng, A secure erasure code-based
cloud storage system with secure data forwarding, IEEE
Trans. Parallel Distributed Syst., Vol. 23, no. 6, 2012,
pp. 995
1003.
20. Erasure coding. Available: http://searchstorage.techtarget.
com/definition/erasure-coding (last accessed: 18 May 2013).
21. N. K. Sehgal, S. Sohoni, Y. Xiong, D. Fritz, W. Mulia, and J. M.
Acken, A cross section of the issues and research activities
related to both information security and cloud computing,
IETE Tech. Rev., Vol. 28, no. 4, 2011, pp. 279
91.
22. S. Kaur, Pushing frontiers with the first lady of emerging tech-
nologies
Cloud computing is like having an infinite credit
line!, IETE Tech. Rev., Vol. 29, no. 6, 2012, pp. 438
41.
23. K. Hwang, H. Jin, and R. S. C. Ho, Orthogonal striping and
mirroring in distributed RAID for I/O-centric cluster computing,
IEEE Trans. Parallel Distributed Syst., Vol. 13, no. 1, 2002,
pp. 26
44.
24. Z. Shi, C. Beard, and K. Mitchell, Analytical models for under-
standing space, backoff, and flow correlation in CSMA wireless
networks, Wireless Networks, Apr. 2013, Vol. 19, no. 3,
pp. 393
409.
25. M. M. Monowar, M. O. Rahman, A.-S. K. Pathan, and C. S.
Hong, Congestion control protocol for wireless sensor net-
works handling prioritized heterogeneous traffic, Proceedings
of SMPE08 Workshop in Conjunction with MobiQuitous 2008,
article no. 17, 21
25 July 2008, Trinity College Dublin, Ireland,
2008.
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
 Abdalla A-K A and Khan Pathan A-S: On Protecting Data Storage in Mobile Cloud Computing Paradigm
Authors
Al-kindy Athman Abdalla completed his BSc
degree in computer science from the Interna-
tional Islamic University Malaysia (IIUM) in
2013. During his BSc, he worked as an under-
grad researcher at the Networking and Distrib-
uted Computing Laboratory (NDC Lab.), KICT,
IIUM. In 2008, Athman received his Kenya Cer-
tificate of Secondary Education (K.C.S.E) from
Allidina Visram High School. He also finished
the Kenya Certificate of Primary School (K.C.P.E) in 2004. Currently,
he is planning to move ahead with his higher studies. His research
interests include information security and network security.
Email: athmanalkindy@yahoo.com
Al-Sakib Khan Pathan received PhD degree
(MS leading to PhD) in computer engineering
in 2009 from Kyung Hee University, South
Downloaded by [198.91.36.79] at 13:34 20 February 2015
Korea. He received BSc degree in computer
science and information technology from
Islamic University of Technology (IUT), Bangla-
desh in 2003. He is currently an assistant pro-
fessor at Computer Science Department in
International Islamic University Malaysia
(IIUM), Malaysia. Till June 2010, he served as an assistant professor
at Computer Science and Engineering Department in BRAC Univer-
sity, Bangladesh. Prior to holding this position, he worked as a
researcher at Networking Lab, Kyung Hee University, South Korea till
DOI: 10.1080/02564602.2014.891382; Copyright 2014 by the IETE
IETE TECHNICAL REVIEW | VOL 31 | NO 1 | JAN
FEB 2014
August 2009. His research interest includes wireless sensor networks,
network security, and e-services technologies. He is a recipient of sev-
eral awards/best paper awards and has several publications in these
areas. He has served as a chair, organizing committee member, and
technical program committee member in numerous international con-
ferences/workshops like GLOBECOM, GreenCom, HPCS, ICA3PP,
IWCMC, VTC, HPCC, IDCS, etc. He was awarded the IEEE Outstand-
ing Leadership Award and Certificate of Appreciation for his role in
IEEE GreenCom13 conference. He is currently serving as the editor-
in-chief of IJIDS, an area editor of IJCNIS, editor of IJCSE, Inder-
science, associate editor of IASTED/ACTA Press IJCA and CCS,
guest editor of many special issues of top-ranked journals, and edi-
tor/author of 11 books. One of his books has been included twice in
Intel Corporations Recommended Reading List for Developers, 2nd
half 2013 and 1st half of 2014; three other books are included in IEEE
Communications Societys (IEEE ComSoc) Best Readings in Com-
munications and Information Systems Security, 2013, and a fifth book
is in process of being translated to simplified Chinese language from
English version. Also, two of his journal papers and one conference
paper are included under different categories in IEEE Communica-
tions Societys (IEEE ComSoc) Best Readings Topics on Communica-
tions and Information Systems Security, 2013. He also serves as a
referee of numerous renowned journals. He is a senior member of
Institute of Electrical and Electronics Engineers (IEEE), USA; IEEE
ComSoc Bangladesh Chapter, and several other international profes-
sional organizations.
Email: sakib.pathan@gmail.com
91