Secure decentralised storage networks

Paul, Greig

Thesis

Secure decentralised storage networks

Download PDF

Creator

Paul, Greig.

Rights statement

Strathclyde Thesis Copyright

Awarding institution

University of Strathclyde

Date of award

2017

Thesis identifier

T14754

Person Identifier (Local)

201360163

Qualification Level

Doctoral (Postgraduate)

Qualification Name

Doctor of Philosophy (PhD)

Department, School or Faculty

Department of Electronic and Electrical Engineering.

Abstract

In recent years, cloud-based computing and storage have become increasingly popular,as they remove the need for users and developers to buy or rent expensive dedicated hardware on an ongoing basis. This has led to the increasing centralisation of both services and storage, where users are reliant upon a small number of cloud-based providers to hold their data, and provide them with services they use. Recent events have shown that security breaches of centralised data stores can lead to significant quantities of personal data being revealed. This centralisation can also result in inconvenience in the event of the failure of the service provider, resulting in potential data loss or a loss of utility of the service.In contrast, a decentralised service and storage architecture removes the single point of failure from a network, and allows users to remove their dependency on a single company or service provider. In addition, by preventing storage providers from having access to user data, as is inherently needed in a decentralised network to preserve confidentiality,it is possible for users to protect their data from theft or unauthorised access,giving rise to data security and privacy benefits.This thesis explores the the challenges encountered in implementing a secure decentralised network, based around storage, and presents solutions to some of these problems.A security analysis of the MaidSafe network is firstly given, setting the context of the work, and investigating the state-of-the-art. Potential uses for decentralised services are considered, including for use on mobile devices. The importance of client device security is also considered, and a number of vulnerabilities affecting the security of client-based software are identified and explored. A practical design of decentralised architecture for preserving user privacy when discovering users is also contributed, to illustrate how decentralised service design can be used to enhance privacy of existing systems, and solve otherwise unsolved problems. A review and analysis of the privacy policies of popular web-based services then shows the extent to which user privacy is at risk from centralised web services. Finally, the concepts of identity and authentication within decentralised networks are considered, with a novel smartcard-based approach to securing user credentials within a decentralised network demonstrated.

Resource Type

Doctoral thesis

DOI

10.48730/pftn-tp56

Date Created

2017

Former identifier

9912569792202996

Relations

Items

Thumbnail	Title	Date Uploaded	Visibility	Actions
	PDF of Thesis T14754	2021-07-02	Public	Download

Secure decentralised storage networks

Downloadable Content

Relations

Items