waypoint 03home / Research / Secure Data Sharing in Cloud Computing: A Cryptographic Review and Methodology

status
Completed
year
2026
type
Technical Review Paper

Secure Data Sharing in Cloud Computing: A Cryptographic Review and Methodology

A technical review paper on secure cloud data sharing, cryptographic protection methods, and a layered methodology for confidentiality, integrity, authentication, and auditing.

Abstract

This technical review paper examines secure data sharing in cloud computing from both a cryptographic and methodological perspective. The study begins by describing how cloud computing has transformed modern data management through scalable storage, on-demand services, and flexible collaboration, while also introducing a major trust problem: sensitive data is often stored and shared through third-party cloud service providers, causing the data owner to lose direct physical control over the infrastructure. The paper defines the main security problem as the need to make shared cloud data available to authorized users while protecting it from unauthorized access, malicious insiders, external attackers, data tampering, and the honest-but-curious cloud provider model. It reviews key security requirements for cloud data sharing, including confidentiality, integrity, authentication, non-repudiation, access control, revocation, and accountability. The paper then analyzes the main cryptographic and security techniques used to support these requirements. AES is presented as an efficient symmetric encryption method for protecting file contents before cloud upload, while RSA is used for secure key sharing by encrypting the AES session key with the recipient’s public key. SHA-256 is discussed as a practical integrity verification mechanism that allows users to detect unauthorized modification or accidental corruption by comparing cryptographic hashes. Digital signatures are used to support authenticity and non-repudiation, ensuring that shared data or metadata can be linked to the correct sender and verified by recipients. Audit logging is also included as a process-level security mechanism that records uploads, downloads, updates, deletions, sharing actions, permission changes, timestamps, user identities, and access results. The proposed methodology follows a layered protection model that places the main security operations on the client side and uses the cloud primarily as a storage and delivery platform. The workflow begins with local AES encryption before upload, continues with RSA-based secure sharing of the session key, applies SHA-256 integrity checking after download, verifies digital signatures for authenticity, and records access actions in audit logs for accountability and forensic analysis. The paper highlights the advantages of this approach, including reduced reliance on the cloud provider, stronger owner control over keys, improved tamper detection, and better traceability in multi-user sharing environments. At the same time, it discusses practical challenges such as key management complexity, encryption and signing overhead, revocation difficulty when users keep old keys, and metadata leakage through file names, sizes, access patterns, upload times, and sharing relationships. The study concludes that secure cloud sharing should not be understood as simply uploading encrypted files. Instead, it should be designed as a complete security framework that balances privacy, usability, performance, access control, revocation, and trust.

pdf.preview

Download PDF
Loading Bilal Abdulhadi