Journal of Xidian University Doi.org/10.37896/jxu18.

1/011 ISSN No:1001-2400

Applying Different Stenography Techniques in Cloud Computing

Technology to Improve Cloud Data Privacy and Security

1
Muhammad Muhammad SULEIMAN, 2Muhammad Bello ALIYU & 3Zainab Jibril AHMED
1
Kano State Polytechnic, Nigeria, ORCID: (0000-0002-3646-3715),
2
Computer Professionals (Registration Council of Nigeria), Federal Ministry of Education
3
Yusuf Maitama Sule University, Kano, Nigeria

ABSTRACT - The term "cloud computing" describes a broad range of services that let people offshore their data without
worrying about problems with local storage. Instead of depending on dubious service providers, the most urgent problem to be
solved is keeping a safe and dependable data repository. This paper examines how combining stenography techniques with
digital watermarking can significantly enhance system performance and data security when used in cloud computing. Safe
data management in cloud environments is necessary for such systems, where data is exchanged or transmitted between servers
and users. Steganography, or cloud steganography, is one of the best ways to communicate securely. Writing coded messages
such that only the sender and recipient can securely decipher and view the data concealed in the communication channel is
known as steganography. To guarantee data security in cloud computing, this paper introduces a novel text steganography
technique for concealing a loaded hidden English text file inside a cover English text file. The suggested method enhances
time, data hiding capacity, and data protection.

KEYWORDS: Cloud Computing, Steganography, Cloud Storage, Information Hiding, Security.

Through the profitable use of PC system assets for all

I. INTRODUCTION
Sensitive personal information may be transmitted over
the internet and could be intercepted. In addition, there
are a lot of online applications, and a lot of websites ask
users to fill out forms with sensitive personal information
including phone numbers, addresses, and credit card
details. Therefore, secrecy and data uprightness are
required to ensure against unauthorized access and usage.
Clients may need private and secure correspondence for a
variety of reasons, such as protecting their confidential
data from programmers if it disregards an open channel.
Steganography and cryptography are fundamental
methods for obtaining interchanges [1].
A new technology that increases access to sophisticated
computing for both service providers and customers is
cloud computing. Through the use of cloud computing,
users can access limitless processing power. Computer
resources are provided via the cloud data centre. A data
centre facility houses numerous computers and servers
and is open twenty-four hours a day, seven days a week,
to provide the required resources. The majority of small
and medium-sized companies run their operations
primarily on the cloud. Cloud resources consist of
software, platform, and infrastructure components [2].
A common pool of reconfigurable computing assets (such
as networks, servers, storage, apps, and services) that can
be swiftly provisioned and delivered with little
management effort or service provider association is
made available to everyone through the cloud computing
model. Three (3) service models, four (4) deployment
models, and five (5) fundamental qualities make up this
cloud model [3], [4].
clients without the need for direct dynamic management,
cloud computing has come to play a crucial role in data
and data management. As a result, a large population has
turned to cloud computing to exchange data and
information via the platform and profit from the benefit.
Nonetheless, data security is a key consideration in cloud
computing as a way to assure customers of the privacy
and safety of their data as well as data stored and
transferred across the platform. As a result, the necessity
for data security protocols has prompted the creation of
several essential techniques for ensuring the safety of data
and data through the stage that subsequently ensures
functional communication channels. Steganography
techniques are now acknowledged as one of the essential
cloud computing processes for enhancing cloud data
security. Therefore, to address the issue of enhancing
cloud data security, this study explores the application of
the transcribing technique in cloud computing [5], [6].
Two (2) fundamental types of services are provided by
cloud computing: computation and data storage. Users of
cloud services don't have to worry about anything
because they may access their data and complete
computer tasks via the Internet network. The customers
are unaware of where the data are stored or which
machines are doing the computation tasks during the
access to the data and computing. When it comes to data
storage, client confidence and efficient use of cloud
technologies are primarily dependent on data assurance
and security [4], [7], [6]. A few privacy and insurance
protocols have been suggested in the field of cloud
computing examination, and methodologies linked to
data assurance should be further improved [7].

VOLUME 18, ISSUE 1, 2024 96 http://xadzkjdx.cn/

Journal of Xidian University Doi.org/10.37896/jxu18.1/011
II. CONCEPTUAL DEFINITIONS
What is the Cloud?
An Internet or network is referred to as the "cloud." Stated
differently, the cloud might be defined as an entity
existing at a distance. Cloud computing can offer services
via public or private networks, such as WAN, LAN, or
VPN. Cloud-based applications include online
conferencing, email, and customer relationship
management (CRM) [8].
What is Cloud Computing?
The term "cloud computing" refers to managing, creating,
and accessing web applications. It provides internet
foundation, application, and data storage [8].
According to the National Institute for Standards and
Technology (NIST), "Cloud Computing is a model that
empowers helpful on-demand network admittance to a
common pool of configurable computing assets like
(network, server, storage, applications and services) that
can be quickly provisioned and delivered with
insignificant management effort or service supplier
connection" [3], [4]. Typical instances of the technology
mentioned above are:
• Google Docs (make, modify, and share documents
online), Google Search, Web-based Email (email,
including Gmail and Yahoo Mail),
Figure 1: Cloud Computing Architecture
III. ESSENTIAL CHARACTERISTICS:
1) On-Demand Self-Service. A customer can singularly
arrange computing capacities, for example, server time
and network storage, depending on the situation naturally
without requiring human association with each service
supplier [3], [4].
2) Broad Network Access. Capacities are accessible over
the network and get to through standard components that
advance use by heterogeneous thin or thick client
platforms (e.g., mobile telephones, tablets, PCs, and
workstations) [3], [4].
3) Resource Pooling. The supplier's computing assets are
pooled to serve numerous customers utilizing a
multi-inhabitant model, with various physical and virtual
assets progressively doled out and reassigned by
purchaser demand. There is a feeling of area freedom in
that the client, by and large, has no control or information
over the specific area of the given assets however might
have the option to indicate area at a more elevated level of
VOLUME 18, ISSUE 1, 2024 97
ISSN No:1001-2400
deliberation (e.g., nation, state, or datacenter). Instances
of assets incorporate storage, preparation, memory, and
network bandwidth [3], [4], [6].
4) Rapid Elasticity. Capacities can be flexibly
provisioned and delivered, at times consequently,
proportional quickly outward and internally proportionate
with demand. To the customer, the abilities accessible for
provisioning regularly give off an impression of being
limitless and can be appropriated in any amount
whenever [3], [4].
5) Measured Service. Cloud systems consequently
control and improve asset use by utilizing a metering
capability at some degree of deliberation proper to the
kind of service (e.g., storage, handling, bandwidth, and
dynamic client accounts). Asset utilization can be
checked, controlled, and detailed, giving
straightforwardness to both the supplier and purchaser of
the used service [3], [4].
IV. SERVICE MODELS:
Service Models are the reference models on which Cloud
Computing is based. These can be ordered into three
essential service models as recorded below [7], [8];
Figure 2: Cloud Computing Service Model
a) Software-as-a-Service (SaaS): The ability given to
the customer to utilize the supplier's applications running
on a cloud framework [3]. The applications are available
from different client gadgets through either a thin client
interface, like a web browser (e.g., web-based email), or a
program interface[9]. The shopper doesn't oversee or
control the fundamental cloud foundation including
network, servers, working systems, storage, or even
individual application abilities, with the conceivable
exemption of restricted client explicit application setup
settings [3]
b) Platform-as-a-Service (PaaS): The capacity given to
the shopper is to convey onto the cloud foundation
customer-made or gained applications utilizing
programming dialects, libraries, services, and tools
upheld by the supplier. The customer doesn't oversee or
control the hidden cloud framework including network,
servers, working systems, or storage, yet has command
over the conveyed applications and potentially set up
settings for the application-facilitating climate [3].
c) Infrastructure-as-a-Service (IaaS): The capacity
given to the shopper is to arrange handling, storage,
networks, and other essential computing assets where the
buyer can convey and run self-assertive programming,
http://xadzkjdx.cn/
Journal of Xidian University Doi.org/10.37896/jxu18.1/011
which can incorporate working systems and applications.
The customer doesn't oversee or control the fundamental
cloud foundation yet has authority over working systems,
storage, and sent applications; and potentially restricted
control of select networking segments (e.g., have
firewalls) [3].
V. DEPLOYMENT MODELS:
Private Cloud: The cloud foundation is provisioned
for selective use by a solitary association involving
different buyers (e.g., speciality units). It could be
claimed, overseen, and worked by the association, an
outsider, or a mix of them, and it might exist on or off
premises [3], [10].
Community Cloud: The cloud foundation is
provisioned for selective use by a particular local area of
customers from associations that have shared concerns
(e.g., mission, security necessities, strategy, and
consistency contemplations). It very well might be
claimed, overseen, and worked by at least one of the
associations locally, an outsider, or a blend of them, and it
might exist on or off premises [3].
Public Cloud: The cloud foundation is provisioned for
open use by the overall population. It very well might be
claimed, overseen, and worked by a business, scholastic,
or government association, or a blend of them. It exists in
the vicinity of the cloud supplier [3].
Hybrid Cloud: The cloud framework is an
organization of at least two unmistakable cloud
foundations (private, local area, or public) that stay
interesting elements, yet are bound together by
standardized or restrictive technology that empowers data
and application convertibility (e.g., cloud blasting for
load-adjusting between clouds [3].
VI. CLOUD COMPUTING SECURITY
REQUIREMENTS
• Audit: It incorporates validations and authorization, to
guarantee the client's character by executing a solid
confirmation measure [11].
• Confidentiality: Protect data put away in the database
from unapproved clients [11].
• Integrity: It is utilized to guarantee data consistency,
and to shield data from emphasis [11].
VII. STEGANOGRAPHY OVERVIEW
In this part, we present an outline of steganography, its
sorts, and its destinations. Steganography is the study of
concealing restricted information in a media record cited
in [11]. Steganography as a word is the blend of two
Greek words "Oregano" and "Graphy", and the meaning
is "cover stating" cited in [11], [12].
Steganography is viewed as the craftsmanship and study
of concealing information in other information. The word
Steganography is derived from the Greek words
"steganos" meaning "impenetrable" and, "grafia"
meaning "expressing" characterizing it as an
"impenetrable composition" [5], [8]. There are two basic
procedures for picture installation in steganography;
VOLUME 18, ISSUE 1, 2024 98
ISSN No:1001-2400
spatial area and transform space [13].
As indicated by spatial space implanting, the messages
are inserted straightforwardly into the Least Significant
Bits (LSBs). The most un-huge pieces (LSB) addition
strategy is viewed as the most widely recognized and
easiest Steganography technique. As indicated by the
transform area installation, the messages are implanted by
adjusting the recurrence coefficients of the cover picture,
for example, the Fourier transform, discrete cosine
transform or the wavelet transform [1].
The picture steganography system includes two
calculations, one for implanting and one for extraction.
The installing interaction conceals a mysterious message
within a cover media (cover picture), and the
consequence of the implanting cycle is the stego picture.
The principal issue is that the mysterious message won't
be undetected if an outsider attempts to capture the cover
media (cover picture). The extraction interaction is
basically because it is the opposite of the installing cycle,
where the mysterious message is uncovered toward the
end [1].
A. APPROACHES OF STEGANOGRAPHY
The steganography approaches can be isolated into three
(3) [1];
a) Pure Steganography: It is a strategy that just uses the
steganography approach without consolidating different
techniques. It is chipping away at concealing information
within the cover transporter [1].
b) Secret Key Steganography: It utilizes the blend of the
mysterious key cryptography procedure and the
steganography approach. This kind can encode the
mysterious message by secret key strategy and then
shroud the scrambled data within the cover transporter
[1].
c) Public Key Steganography: It is the blend of the
public key cryptography approach and the steganography
approach. This sort can scramble the privileged
information utilizing the public key methodology and
then conceal the encoded data within the cover
transporter [1].
B. TYPES OF STEGANOGRAPHY
• Text Steganography: Use a text file to hide secret data
[11].
• Image Steganography: Hide secret data in a cover
image [11].
• Audio Steganography: Use an audio file to conceal
secret data [11].
• Video Steganography: Hide secret data in a video file
[11].
• DNA-Based Steganography: Employ randomness of
DNA to embed secret data [11].
• Protocol Steganography: Hide secret data in network
protocols such as IP, TCP and UDP [11].
C. OBJECTIVES OF STEGANOGRAPHY
o Security: The attacker unable to detect the secret data
http://xadzkjdx.cn/
Journal of Xidian University Doi.org/10.37896/jxu18.1/011
o Payload (Capacity): Allow to hide a large amount of
data in the cover object
o Invisibility (Quality): The changes in the cover object
undetectable by the Human Visual System (HVS)
VIII. JUSTIFICATION
A thorough survey and analysis of the literature reveals
that many research hours have been dedicated to
developing steganography techniques for use with cloud
data. Nevertheless, it appears that these techniques are all
focused on a single field. Simultaneously, numerous
scholars have emphasized the significance of cloud
computing and the utilization of steganography
techniques to conceal data throughout the cloud. Without
further explanation, cloud-computing technology
provides customers with several advantages. One of the
greatest advantages of cloud computing is that businesses
can concentrate on their core competencies rather than
juggling the costs of licenses, servers, and storage instead
of focusing on IT requirements to suit business needs.
IX. RESEARCH GAP
Since most data is maintained and stored on third-party
infrastructures, the current cloud data storage system will
not offer the highest level of security for organizational
data resources. For the reasons listed above, it is
imperative that multiple security measures be applied to
the data, and stenography techniques will ensure tight
data privacy and security across all layers [7].
X. OBJECTIVES
The main aim of the present study is to provide more
security and privacy in cloud data, below are the
objectives;
i) To provide more security to the cloud data travel across
all layers
ii) To improve the privacy of cloud data
iii) To improve the use of cloud technology in
organizations
XI. REVIEW OF THE RELATED LITERATURE
Numerous strategies have been utilized to give data
security whether by utilizing encryption, steganography
or a blend between them. The high-level encryption
standard (AES) strategy, otherwise called Rijndael, is a
symmetric key square code [1]. In contrast to the DES
strategy, the AES technique is a non-feistel figure that
scrambles and decodes a data square of 128 pieces. It
utilizes 10, 12, or 14 rounds [1]. The primary point of the
current investigation is to give greater security and [1].
The key size, which can be 128, 192, or 256 pieces, and
the number of rounds rely upon the key size since it
permits the mysterious key to be expanded to deliver a
subkey for each round [1]. In this part, we audit a few
works proposed for cloud data security utilizing
steganography strategies.
Ebrahim et al. [14], [11] consolidated encryption and
steganography to forestall unapproved admittance to
cloud data. In the proposed model, there are three stages.
In the main stage, process the hash estimation of
VOLUME 18, ISSUE 1, 2024 99
ISSN No:1001-2400
privileged information utilizing SHA-256, at that point
use RSA to scramble the hash worth and meeting key. In
the subsequent stage, use AES256 to encode the restricted
information. The third stage utilizes a high-level LSB
calculation to conceal encoded data in a cover picture.
The creators have assessed the proposed model and
contrasted it and different models. The outcome shows
this model gives protection from cryptanalysis and
steganalysis assaults and measurable changes and
delivers a stego picture with top calibre.
Rahman et al. [15], [11] proposed another blend of
encryption and steganography to get cloud data. They
utilized the blowfish calculation to scramble privileged
information, to implant encoded data in a cover picture
E-LSB calculation, and to protect the respectability of the
delivered stego picture they utilized SHA-256. The
examination of the proposed model presents the model
that gives protection from measurable and visual assaults.
Shanthakumari and Malliga [16], [11] proposed a mix of
the International Data Encryption Standard Algorithm
(IDEA) and Least Significant Bit Grouping (LSBG)
calculation to improve security and limit data implanting
to the cover picture. In the implanting stage, the IDEA
calculation is performed to encode restricted information,
at that point, LSBG is applied to install the scrambled data
into the cover picture and produce a stego picture which is
transferred to the cloud. In the separating stage, download
the stego picture from the cloud and use LSBG to
extricate the restricted information, at that point perform
IDEA unscrambling to decode the privileged information.
The creators have assessed the proposed strategy and
contrasted it and different strategies. The outcome shows
this strategy gives great security to restricted information
produces a stego picture with the top caliber and
increments the installing limit.
XII. SECURITY AND PRIVACY CHALLENGES
Cloud computing environments are multi-domain settings
where distinct processes, interfaces, and semantics may
be used by each domain, each of which may have
different security, privacy, and trust requirements. These
domains might stand for additional application or
infrastructure components, or they could represent
independently enabled services. Service-oriented
architectures, which enable service composition and
orchestration, are a technologically appropriate means of
enabling such multi-domain formation. Utilizing current
research on secure-service composition and multi-domain
policy integration is crucial for developing an
all-encompassing policy-based management framework
in cloud computing settings [6], [17].
XIII. DATA-CENTRIC SECURITY AND
PRIVACY
Cloud data usually lives in a shared environment, but the
owner of the data should be in complete control of who
may access the data and what can be done with it once
they have access. A standard-based heterogeneous
data-centric security method is a necessary component
that moves data protection from systems and apps to give
this data management in the cloud [6]. This method
requires all papers, regardless of their settings, to be
http://xadzkjdx.cn/
Journal of Xidian University Doi.org/10.37896/jxu18.1/011
self-descriptive and defensive. It is necessary to take
usage policies and cryptographic techniques into account.
The system should verify its policy rules whenever
someone requests access to data, and it should only reveal
the data if those criteria are met. Data security can be
achieved through the use of existing cryptographic
techniques, but privacy protection and outsourcing
computing require a great deal of attention as they are
relatively new research areas. The literature has just
recently started to address data provenance issues. In
certain situations, a piece of data needs to be linked to
information about a specific hardware element (storage,
processing, or communication) [6], [17].
XIV. FUTURE WORK
For future work during the association, I plan to improve
proficient arrangements that fulfil the goals of
steganography. These arrangements ought to permit to
concealment of a lot of data, produce a stego picture with
the top calibre and the secret data should be undertable.
XV. CONCLUSION
On the cloud, maintaining data security is more
challenging. When it comes to cloud computing, there is
no end to what can be accomplished with this enormous
infrastructure. Users' wants are the basis for creating
virtual resources and services. Concerns regarding data
security in the cloud are reducing users' willingness to use
the cloud. Although cloud computing has many benefits
for users, there are security issues. Steganography is a
method for securing sensitive data on cloud servers by
masking sensitive data with a cover photo. As a result of
this paper, a hybrid cloud security paradigm has been
suggested that is successful. The cloud service for
steganography, encryption, and storage is isolated from
the rest of the service. Three methods are included in the
steganography service for storing data in the public,
private, and hybrid clouds. Cloud computing is used to
evaluate the effectiveness of the strategies. A hybrid
cloud system is more efficient when data is stored using
the described strategies.
XVI. ACKNOWLEDGMENT
We appreciate the effort of Tertiary Education Trust Fund
(TETFund) for funding this research. We also grateful to
Kano State Polytechnic, Nigeria, my teachers, senior
colleagues, editorial board and reviewers of the
prestigious JXU who are helping us in one way or another
to make an effort to create this piece of the manuscript.
REFERENCES
[1] M. A. A. Pujari and M. S. S. Shinde, “Data
Security using Cryptography and
Steganography,” IOSR J. Comput. Eng., vol. 18,
no. 04, pp. 130–139, 2016, doi:
10.9790/0661-180405130139.
[2] A. A. Fairosebanu and A. C. N. Jebaseeli,
“Data Security in Cloud Environment Using
Cryptographic Mechanism,” Bull. Electr. Eng.
VOLUME 18, ISSUE 1, 2024 100
ISSN No:1001-2400
Informatics, vol. 12, no. 1, pp. 462–471, 2023,
doi: 10.11591/eei.v12i1.4590.
[3] G. Peter, Mell Timothy, “The NIST
Definition of Cloud Computing,” in NIST
National Institute of Standards And Technology
U.S Department of Commerce, Special
Publication 800-145, vol. 728, 2011, pp. 269–
274.
[4] M. M. Suleiman, Z. I. Matinja, Z. M. Aliyu,
and Z. Abdulkadir, “Cloud Computing Is An
Integral Tool For E-Government: Challenges
And Prospects,” Mukt Shabd J., vol. 9, no. 6, pp.
2824–2836, 2020, [Online]. Available:
http://shabdbooks.com
[5] N. K. V Islam, “Review on benefits and
security challenges of cloud computing,” Int. J.
Comput. Sci. Inf. Technol., vol. 8, no. 2, pp.
224–228, 2017, [Online]. Available:
http://ijcsit.com/docs/Volume
8/vol8issue2/ijcsit2017080219.pdf
[6] Security and Privacy Challenges in Cloud
Computing Environments, vol. 8, no. 2. 2008,
pp. 55–55. doi: 10.1109/mitp.2006.47.
[7] S. Yadav, "Development of process
framework to Migrate Legacy Application to
Cloud Across Layers," Jayoti Vidyapeeth
Women's University, Jaipur, Rajasthan, India,
2015. doi: 10.31826/9781463235017-toc.
[8] E. L. Tutorials Point Simply, Cloud
Computing Tutorial. 2014, p. 88. [Online].
Available:
http://www.tutorialspoint.com/cloud_computin
g/cloud_computing_overview.htm
[9] D. Shuleski, A. Birsan, C. V. Cristea, and I.
Radu, “Impact of Cloud Computing
Technology Implementation in Public Sector,”
Int. Manag. Conf., pp. 5–7, 2016.
[10]S. Tabassam, “Security and Privacy Issues
in Cloud Computing Environment,” J. Inf.
Technol. Softw. Eng., vol. 07, no. 05, 2017, doi:
10.4172/2165-7866.1000216.
[11]A. Albalawi and N. Hamza, “A Survey on
Cloud Data Security using Image
Steganography,” vol. 11, no. 1, pp. 645–649,
2020.
[12]N. R. K. Kesa, “Steganography - A Data
Hiding Technique,” in 2019 International
Conference on Computational Intelligence and
Knowledge Economy (ICCIKE), 2019, pp. 1–
91. [Online]. Available:
http://xadzkjdx.cn/
Journal of Xidian University Doi.org/10.37896/jxu18.1/011 ISSN No:1001-2400

https://repository.stcloudstate.edu/msia_etds/75
[13]K. Kumar and V. Singh, “REVERSE
WATERMARKING TECHNIQUE,” no.
August, 2019.
[16]R. Shanthakumari and S. Malliga,
[14]M. A. Ebrahim, I. A. M. El-Maddah, and H. “Dual-layer security of image steganography
K. Mohamed, “Hybrid model for cloud data based on IDEA and LSBG algorithm in the
security using steganography,” Proc. ICCES cloud environment,” Sadhana - Acad. Proc.
2017 12th Int. Conf. Comput. Eng. Syst., vol. Eng. Sci., vol. 44, no. 5, pp. 1–12, 2019, doi:
2018-Janua, no. March 2018, pp. 135–140, 10.1007/s12046-019-1106-0.
2018, doi: 10.1109/ICCES.2017.8275292.
[17]M. Ali, S. U. Khan, and A. V. Vasilakos,
[15]M. O. Rahman, M. K. Hossen, G. Morsad, “Security in cloud computing: Opportunities
and A. Chandra, “An Approach for Enhancing and challenges,” Inf. Sci. (Ny)., vol. 305, pp.
Security of Cloud Data using Cryptography and 357–383, 2015, doi: 10.1016/j.ins.2015.01.025.
Steganography with E-LSB Encoding
Technique,” IJCSNS Int. J. Comput. Sci. Netw.
Secure., vol. 18, no. 9, pp. 85–93, 2018.

VOLUME 18, ISSUE 1, 2024 101 http://xadzkjdx.cn/