Vendor lock-in occurs when a customer is heavily reliant on a single cloud vendor, making switching to another provider costly or complex. This situation often arises due to staffing constraints or to avoid business disruptions. To counter this issue, the multi-cloud approach, known for its high availability and mobility, is often used. However, it comes with challenges such as increased time consumption, security concerns, and higher costs. To address these challenges, a novel lightweight encryption model integrated with Kerberos authentication is proposed. In this approach, datasets are first tagged with unique identifiers for efficient management. The tagged documents are then hashed using the Keccak hashing method and encrypted using a Lightweight Cryptographic Algorithm (LCA). These encrypted documents are stored across multiple Cloud Service Providers (CSPs) independently. Authentication in this system is handled through the Kerberos protocol. During the access process, a user’s file details and secret key are submitted to a cloud organizer, where they are verified by a Third-Party Auditor (TPA). If the details are right, the users access the data; otherwise, it will be rejected. The proposed model was validated using a Kaggle dataset and compared to existing models, including the Data Encryption Standard and Elliptic Curve Block (DES-ECB), Policy-Based Deployment Control (PBDC), and Advanced Encryption Standard 128 — Cipher Block Chaining (AES-128 CBC). It demonstrated a proof verification time of 0.9 s, a security level of 94%, encryption time of 0.5 ms, decryption time of 0.7 ms, and key generation time of 0.2 ms. Comparative results show that this model outperforms other existing solutions in securely storing data across multiple CSPs, effectively reducing the vendor lock-in problem.
Gayathri et al. (Thu,) studied this question.