SECURITY OF CLOUD STORAGE AND CLOUD COMPUTING ECE 646 Final Presentation George Mason University GIRI PRANEETH KOMMALAPATI VENKAT RAMAN SRIPERUMBUDUR
Introduction Save and access the files online. Data stored in the cloud can be accessed from anywhere. There are many security threats faced by the User and the Cloud Service Provider. This cloud storage can be trusted when there is enough security from the server side. There are many security issues with the cloud computing. These security concerns are faced by both the providers and the consumers. In order to protect the data, the providers/organizations must ensure that the infrastructure is secure and the data of the consumers must be protected. The consumers must also be careful in selecting their passwords.
MOTIVATION There is a huge amount of data that is stored in the cloud. Over the years many popular cloud services like Dropbox, Amazon cloud service, icloud, etc. have been attacked by the hackers. Hackers attack the cloud and steal the information of many users. Although there are many attacks on the cloud, it is very important to store the sensitive data due to its huge advantages. Reducing or eliminating the problem of loosing sensitive data through reliable security at the client side. Fundamental services like confidentiality, availability, integrity and reliability are required for the consumers which are rendered by the CSP.
Hypothesis Main focus is on the analytical assessment of deployment of cryptools to safeguard the data. Some services a CSP must render are- Confidentiality: The data stored by the consumer must not be accessed by any other person including the service provider. Availability: The data must be accessible from anywhere from any computer/mobile phones, etc. Integrity: The data must not be modified by anyone other than the consumer by maintaining data integrity. Reliability: Data backup is a reliable task.
CRYPTOOLS The tools which we are using out of many for encryption are: SharedSafe Launcher for Windows Cloudfogger for Mac BoxCryptor for Windows Viivo SecretSync for Android AES Crypt for Windows Disk Cryptor for Windows
BASIC BLOCK DIAGRAM CLIENT Encryption& Decryption Tools Cloud Storage Key
SHAREDSAFE LAUNCHER simple way to share files on our FTP, e-mail, Dropbox with friends & co-workers. encrypts files with the well known AES-256 (Advanced Encryption Standard) and is an Open Source with client side encryption. protects files and file names before uploading. automatically shares files in the background and is available to operate offline. Encryption key is sent to receiver safely.
Sharedsafe installed and run Step-1
Step-2 Password created and safekey generated. Folder syncs automatically Client-side encryption
Fast and easy Encryption BOXCRYPTOR available for all the cloud storage providers like Dropbox, Sky drive, Google Drive, etc. supports all the clouds that use the WebDAV standard such as Cubby, Strato HiDrive and Owncloud. PGP can be used for sharing the files. It creates a Virtual Drive on our computer that allows us to encrypt our files locally before uploading them to the cloud. Boxcryptor uses the AES-256 and RSA-4096 encryption algorithms.
BOX CRYPTOR ENCRYPTION (CLIENT SIDE) RSA PRIVATE KEY KEY ENCRYPTION ENCRYPTED A PRIVATE KEY PASS KEY
BOX CRYPTOR ENCRYPTION (SERVER SIDE) CLOUD FILE AES-256 KEY ENCRYPTION ENCRYPTED FILE --------------------- A ENCRYPTED KEY ENCRYPTION With RSA public key
BOX CRYPTOR DECRYPTION PASSWORD RSA KEY DECRYPTION CLOUD PRIVATE KEY AES 256 A DECRYPTION ENCRYPTED FILE --------------------- ENCRYPTED KEY AKEY DECRYPTION FILE
DROP BOX BOXCRYPTOR
DROP BOX BOXCRYPTOR
DROP BOX BOXCRYPTOR
VIIVO VIIVO is a client side encryption tool used in android operating system. uses RSA 2048 and AES 256 algorithms to encrypt the data by creating an RSA key pair. The private key is secured with the password using PBKDF2 (Password-Based Key Derivation Function 2). The files are encrypted using AES-256 before they are uploaded in to the cloud. Most widely used by accountants, attorneys and Govt. & Health Care in the country.
VIIVO ENCRYPTION RSA PRIVATE KEY FILE PASSWORD (PBKDF2) ENCRYPTED KEY (USING AES-256) ENCRYPTED FILE CLOUD
AES CRYPT AES encrypts files using AES encryption. Files encrypted on one platform can be decrypted in other platforms. After encrypting the files locally we have to upload them to the cloud.
DISKCRYPTOR It offers encryption for all disk partitions. It uses AES-256, Twofish, Serpent and also their combinations. By cascading the algorithms, even if one algorithms is broken the data will be safe.
CLOUDFOGGER Cloudfogger for MAC allows manual encryption and decryption of files. Uses AES-256 and RSA-4096 algorithm for the encryption of files. Private key is encrypted using the RSA-4096 algorithm. Files are encrypted using AES-256 algorithm.
Observations BoxCryptor secures the file that are uploaded into dropbox by encrypting them with a safe key. SharedSafe is used for sharing the files and file names securely using safe key. SharedSafe when a file is uploaded, it s then encrypted and sent to a folder called My Safes. All the cryptools uses RSA-4096 and AES-256 algorithms for encryption of keys and files respectively. Cloud Fogger also uses same encryption algorithms at the client side. AES Crypt can be used to encrypt the files locally. Security mechanisms of all the tools are identical. Data can be shared using all the tools except AES Crypt and Disk Cryptor.
TOOL ENCRYPTION ALGORITHM USED SHARING PLATFORM Boxcryptor Client Side RSA 4096 AES 256 YES Windows, MAC, ios, Android Viivo Client Side RSA 4096 AES 256 Sharedsafe Client Side RSA 4096 AES 256 YES YES Windows, MAC, ios, Android Windows, MAC Cloudfogger Client Side RSA 4096 AES 256 AES Crypt DiskCryptor Single file encryption Tool Local drive encryption Tool Yes Windows, MAC, ios, Android AES NO Windows, MAC, Linux AES-256, Twofish, NO Windows
CONCLUSIONS Client side encryption is important before uploading data to the cloud. Through the analytical assessment of the cryptools, we found boxcryptor to better for encryption in various terms of confidentiality, availability, reliability and ease of use. All the cryptools have the same algoriths in common, i.e., the RSA for key encryprion and AES for file encryption.