At present, data security and privacy has been regarded as one of the biggest concerns in cloud computing. Data stored remotely is vulnerable and susceptible to threats. Due to this, users do not trust their data over the cloud. Cloud consumers want an assurance that they can access their data wherever they want without anyone else’s manipulation. Moreover, authentication of users over the cloud is another important factor to consider. After conducting surveys and studying various research papers it is found that the major security concerns of cloud computing includes Data leakage, Distributed Denial of Service (DDOS). The data security can be improvised by implementing various symmetric key algorithms so that data on the server is stored in such a manner that even if a person can access the data, they can't view the original data, as it needs to be decrypted. Including storage security, authorized access of users also helps in avoiding DDOS as only genuine users will have access to the cloud. A hybrid model, a mixture between elliptical curve cryptography and symmetric key algorithm in which ECC is used for user verification and to keep the private data secure while AES algorithm is used to allow the user to store and access their data securely in the cloud by encrypting the data on the client side and decrypting the data after downloading from the cloud. Since the private key is owned by the user of the data, none can decrypt the data, even if hackers get their hands on the data. Moreover, the user will securely authenticate themselves by using various input parameters at the time of login to the cloud server. The whole prototype of the proposed solution would benefit by enabling a proper access mechanism to avoid unauthorized access to the information system and secure storage to allow access of data.

Full text: IJEIR_2479_FINAL.pdf