How To Secure Data In Cloud Storage



Similar documents
RSA BASED CPDP WITH ENCHANCED CLUSTER FOR DISTRUBED CLOUD STORAGE SERVICES

EFFICIENT DISCOVERY OF INTEGRITY AUTOMATION IN HYBRID CLOUD COMPUTING

Data Security & Availability in Multi-Cloud Storage with Cooperative Provable Data Possession

Enhancing Data Security in Cloud Storage Auditing With Key Abstraction

Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System

Improving data integrity on cloud storage services

-

CLOUD BASED STORAGE SERVICES FOR SECURITY FOLLOWED BY THE DATA AUTHENTICATION

Verifying Correctness of Trusted data in Clouds

Ensuring Data Storage Security in Cloud Computing By IP Address Restriction & Key Authentication

SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

M. Nathiya 2 B.Tech. (IT), M.E. (CSE), Assistant Professor, Shivani Engineering College, Trichy, Tamilnadu, India.

February. ISSN:

RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

A Novel Re-Authentication Scheme on Cloud Based Storage Services T.G.V.V.Srinivas 1, P.Suresh Babu 2 1 Final M.Tech Student, 2 Associate professor

Near Sheltered and Loyal storage Space Navigating in Cloud

Integrity Verification In Multiple Cloud Storage Using Cooperative PDP Method

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

DESIGN AND IMPLEMENTATION OF A SECURE MULTI-CLOUD DATA STORAGE USING ENCRYPTION

Identifying Data Integrity in the Cloud Storage

Energy Efficiency in Secure and Dynamic Cloud Storage

A Secure and Dependable Cloud Storage Service in Cloud Computing

Secure Way of Storing Data in Cloud Using Third Party Auditor

Index Terms : cloud computing, Distributed Storage, error detection, data recovery, SHA, dynamic block operations

Analysis of Secure Cloud Data Sharing Within a Group

How To Ensure Data Integrity In Clouds

Secrecy Maintaining Public Inspecting For Secure Cloud Storage

SECURED DATA STORAGE IN CLOUD

OVERVIEW OF SECURITY ISSUES IN CLOUD COMPUTING

IMPLEMENTATION OF RESPONSIBLE DATA STORAGE IN CONSISTENT CLOUD ENVIRONMENT

Selective dependable storage services for providing security in cloud computing

AN EXPOSURE TO RELIABLE STORAGE SERVICES IN CLOUD COMPUTING

International Journal of Infinite Innovations in Engineering and Technology. ISSN (Online): , ISSN (Print):

CONSIDERATION OF DYNAMIC STORAGE ATTRIBUTES IN CLOUD

Keywords: Cloud Computing, Data Dynamics, Data Integrity, Error Localization, Third Party Auditor.

IJCSIET-ISSUE4-VOLUME2-SERIES1 Page 1

Remote Data Integrity Checking for Public Clouds

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

Trusted Public Auditing Process for Secure Cloud Storage

Erasure correcting to enhance data security in cloud data storage

SHARED DATA & INDENTITY PRIVACY PRESERVING IN CLOUD AND PUBLIC AUDITING

Securing Cloud Data Storage

Secure Storage Services and Erasure Code Implementation in Cloud Servers

Insuring Security for Outsourced Data Stored in Cloud Environment

A Survey on Data Integrity of Cloud Storage in Cloud Computing

ISSN Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability

Privacy-Preserving Public Auditing & Data Intrgrity for Secure Cloud Storage

An Integrated Approach of Data storage and Security in Cloud Computing

A Proxy-Based Data Security Solution in Mobile Cloud

Data Storage Security in Cloud Computing

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

Secure Distribution of File on Cloud

To Assure Factual Information Storage Security in Cloud Computing

Survey Paper on Integrity Auditing of Storage

Index Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.

PRIVACY PRESERVING PUBLIC AUDITING FOR SECURED DATA STORAGE IN CLOUD USING BLOCK AUTHENTICATION CODE

A Secure Decentralized Access Control Scheme for Data stored in Clouds

Currency and Correctness of Content in Object Storage Networks

How To Secure Cloud Data Storage

How To Ensure Data Integrity In Cloud Computing

Performance Evaluation Panda for Data Storage and Sharing Services in Cloud Computing

Cloud Data Service for Issues in Scalable Data Integration Using Multi Authority Attribute Based Encryption

Enhance Data Security in Cloud Computing using Layered Interleaving Approach

Privacy-Preserving Public Auditing For Secure Cloud Storage

ADVANCE SECURITY TO CLOUD DATA STORAGE

DATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION

Surveying Cloud Storage Correctness using TPA with BLS

How To Ensure Correctness Of Data In The Cloud

Data Grid Privacy and Secure Storage Service in Cloud Computing

Improving Audit Service in Cloud for Outsourced Storage Dynamically

Remote Data Integrity Checking in Cloud Computing

AN APPROACH TOWARDS FUNCTIONING OF PUBLIC AUDITABILITY FOR CLOUD ENRICHMENT

Index Terms: Cloud Computing, Third Party Auditor, Threats In Cloud Computing, Dynamic Encryption.

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

PERFORMANCE OF BALANCED STORAGE SERVICES IN CLOUD SYSTEM

Ensuring Data Integrity of Cloud Storage Services In Cloud Computing

Data Integrity and Dynamic Storage Way in Cloud Computing

Australian Journal of Basic and Applied Sciences. Secure and Efficient Dynamic Data Operations in Cloud Computing

IMPLEMENTATION CONCEPT FOR ADVANCED CLIENT REPUDIATION DIVERGE AUDITOR IN PUBLIC CLOUD

Data storage security in Cloud

Authorized Auditing of Big Data Stored on Cloud with Auditability Aware Data Scheduling

SECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE

Towards a compliance audit of SLAs for data replication in Cloud storage

PRIVACY ASSURED IMAGE STACK MANAGEMENT SERVICE IN CLOUD

Enabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

Secure Cloud StorageForPrivacy-Preserving Public Audit

Data Security And Integrity Of Cloud Storage In Cloud Computing

Cloud Data Storage Security and Public Auditing

Efficient and Secure Dynamic Auditing Protocol for Integrity Verification In Cloud Storage

Efficient Remote Data Possession Checking In Critical Information Infrastructures Ensuring Data Storage Security In Cloud Computing

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

Keywords: Cloud Storage, Shared Data, Privacy Preserving, Secret Sharing, Authentication, Third Party Auditor(TPA).

Analysis on Secure Data sharing using ELGamal s Cryptosystem in Cloud

Index Terms: Data integrity, dependable distributed storage, Cloud Computing

A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA

Development of enhanced Third party Auditing Scheme for Secure Cloud Storage

Keywords: - Ring Signature, Homomorphic Authenticable Ring Signature (HARS), Privacy Preserving, Public Auditing, Cloud Computing.

Transcription:

Data Security And Its Techniques In Cloud Storage A Review Priyanka V. Mogre Girish Agarwal Pragati Patil Abstract The purpose of this review paper is to provide information regarding techniques that could be beneficial for the platform cloud computing by providing security in cloud storage. The main issue of cloud storage is that data must be secured, by using various security tools; also the privacy of the data must be maintained. Various researchers researched in the field of security and privacy for data stored in cloud. By referring various researchers work done in the field of data privacy and security, in this paper we will study, analyse and review techniques for data security in cloud storage. Keywords: Cloud storage, Cloud computing, Cloud data storage security, trusted third party (TTR). 1. Introduction The architecture of many IT companies is built up by cloud computing. As large number of people working in enterprise or any such kind of technical field comes across various data which as to be stored for their further use. To store small amount of data within the computer is possible but if the data stored is of large size, it becomes difficult to store such large data within the computer. For providing storage of such large data we require cloud server were the data can be stored as much as user want. Cloud Computing precisely is defined as a service which is delivered over internet (Network) using various computing resources. Most IT companies are forced to spend a significant portion of their time on frustrating implementation, maintenance, and upgrade a project that too often does not add significant value to the company s bottom line. Increasingly, IT teams are turning to cloud computing technology to minimize the time spent on lower-value activities and allow IT to focus on strategic activities with greater impact on business. A cloud can either be a private cloud or a public cloud. Private cloud is the one where there is a data centre that supplies services to the limited number of people. Whereas, public clouds are that which supplies services to anyone on the internet. A virtual private cloud is formed when the service provider uses public cloud resources to create private cloud. The characteristics of cloud computing are, i. It is virtual, which means there are large numbers of servers which are placed along data centre. This server becomes massive pool of resources this pool is divided into various multiple virtual servers which lead to the creation of cloud. ii. It is flexible and scalable, which means it gives whatever the user need within a moment. It also spins up the server in a moment and take it down just as easily. iii. It is open or closed, in open cloud it can be easily moved around without been locked into one provider or a closed, proprietary technology. iv. It can be secured, for maintaining the security there cloud be a creation of private cloud on the working hardware, but an appropriate security measures must be put on these cloud. v. It can be affordable, a good cost saving could be made on public cloud, whereas in virtual servers runs on physical servers that are shared with other customers. The limelight that cloud computing always requires in any IT companies which makes them think what IT always need is a way to increase capacity or add capabilities without investing on any new infrastructure, or licensing new software, or training any new personnel. Cloud computing encompasses pay-per-use service that in real time over the internet. 1

As from above introduction it is clear that cloud computing is all about storing more of the data or material somewhere in the cloud and using whenever required by the user and maintaining PC s or servers with less amount of data which make it easy to access whenever user or client is in a search of data created or stored. The main benefit of cloud computing is being to access data anywhere within an internet connection. Cloud storage is a networked online storage where data is stored in a virtualized pool which is generally hosted by the trusted third party (TTR), TTR operates large data centres. The operation of data centre is played at the background; it virtualizes the resources according to the requirements of the customer and exposes them as a storage pool, which the customer can themselves use to store files or data objects. As per the characteristics of cloud storage with respect to cloud computing, it does not have same characteristics as that of cloud computing regarding in terms of agility, scalability, elasticity and multi-tenancy. Cloud storage is made up of many distributed resources with the potential for the economics of scale. Rather than cost, its benefits are outsourced operations, simple, enterprise feature for smaller users like high availability, security, data protection, privacy, etc. The interface to the cloud storage will be visible to the user and storage manager. This is a sort of software application that runs locally and sends data to the cloud. It look like a network mounted drive which could be integrated into a back up or archive application. As in the way the storage computer is connected to one another there is no limit in storing the large amount of data on cloud computing environment, because as soon as one web server fills up it span across automatically to the next server that is connected in the series so essentially data will be automatically distributed across multiple web server. 2. Structure and strategy of literature review: The sources for literature review are not only limited on references and papers published but also referred online material by using various search engines. For making this review paper we referred various E-books on security and cloud computing along with various survey papers related to my research. 3. DISCUSSION In the following section will be discussing about the terminologies, technology, issues of security and privacy of cloud computing and cloud storage infrastructure. As per the discussion point of view cloud computing and cloud storage as been discussed in the above introductory part. The following terminologies discussed below will help to understand the concept more clearly. 1. Data storage security: storing or recording of the information on the computer or eventually on similar devices is called Data storage (DS). It could also be said as that the information s or data the computer knows or is able to know.ds is trying to combine with storage security to provide more robustness in cloud data storage and forms cloud data storage security(cdss). As many users are unaware of how the data are stored in the cloud because, the recorded information is not visualized by any user hence the risk of security rises. To decrease this risk only service can be provided is cloud data storage service provider (CDSSP). 2. Cloud service provider: The cloud storage provider is a third party company that offers end-users to save data to an off-site storage system. Instead of storing the data to local hard drive or any local storing device the data is stored on a remote data centre. Any authorized person can access these data from anywhere having internet connection. 3. Provable data possession (PDP): Provable data possession is a technique to verify the outsourced data with least computation, communication, and storage overhead. Ateniese et al. have formalized a PDP model. In that model, the data owner Pre-processes the data file to generate some metadata that will be used later for verification purposes through a challenge response protocol with the remote/cloud server. The file is then sent to be stored on an untrusted server and the owner may delete the local copy of the file. Later, the server demonstrates that the data file has not been deleted or tampered with by responding original data owner or other trusted entity that shares some information with the owner[17]. Various researchers undergo different schemes for PDP. The above PDP scheme had one drawback that it only support to PDP schemes that focus on a single copy of the file and provide no proof that the CSP stores multiple copies of the owner s file[17]. 2

After the drawbacks of the schemes author worked on other schemes and proposed two schemes for PDP. Two Efficient Multi-Copy Provable Data Possession (EMC-PDP) protocols, and prove the security (correctness and soundness) of our protocols against colluding servers. Extensive performance analysis which is validated through implementation and experimental results illustrates the efficiency of our protocols. Curtmola et al. [15] proposed a Multiple- Replica PDP (MR-PDP) scheme, which is the only attempt in the literature that creates multiple replicas of owner s file and audit them [17]. 6. Service Security: In these scenarios most of the security threats are possible at the point of service provision and this could include the actual device security at the cloud provider and the storage security used by the provider. Though due to the business nature of the service providers they would be able to provide robust security with the use of state of the art IDS, firewalls and malware protection. Moreover the use of virtualization technology further helps the providers in securing each of the individual users from each other [1]. 4. Cooperative provable data possession (CPDP): In order to prove the integrity of data stored in a multi-cloud environment, we define a framework for CPDP based on interactive proof system (IPS) and multi prover zeroknowledge proof system (MPZKPS). Homomorphic verifiable response is the key technique of CPDP because it not only reduces the communication bandwidth, but also conceals the location of outsourced data in the distributed cloud storage environment [2]. 5. Security and Privacy: The best part for maintaining security is cryptography. Cryptography provides various secure techniques in presence of third party for communication purpose. It analysis the protocol that overcomes the influences of adversaries which are related to various aspect in securing information such as data confidentiality, data integrity, and authentication. In this technique the information in converted with the help of Encryption technique in an unreadable format so that only the authorized person can access these information with the help of private key provided by encryption technique. With the help of these private key the encrypted data is converted to the readable form of data this technique is called decryption, which makes the data in the readable format. It is beneficial if these techniques are used in cloud storages services where the data are stored from various resources. To maintain the security of these data cryptography plays major roles. The other way of using cryptography is, it is easy to use and understand. 4. Architecture of cloud storage: The architecture presented in fig 1. Illustrate how data is stored by the application users or the client in the cloud. Application users or clients stores the data in the cloud and depends on the cloud for computation of data. The client could either be an individual or an organization or an enterprise. Cloud service provider D D Secure data Applications/ Owner Secure data flow Fig.1: Architecture of Cloud Storage. TTR Application can be any technological devices which are connected via internet and stores data in remote location. By using cloud service provider (CSP) the owners or the users stores the data in cloud where there are sets of cloud server. Here, to maintain data redundancy a technique is been used called as erasure correcting code which could be further extended to 3

tolerate fault or server crash these is due to growth in user data and the importance. To retrieve data hereafter the client or the user interact or communicate with cloud server via cloud service provider. As user/client are storing there data/information in a virtual mode i.e. a cloud server and not on the local disk which is visible to the user. As data is stored in the cloud and is not visible to the user the risk of security increases and to maintain the integrity of data becomes difficult. In such situation user can rely on an optional TTP of their respective choice and can access the data stored in the cloud. Trusted third party (TTP) is an entity which creates an interaction between two parties. As TTP creates secure zone between two parties it plays its best role in cryptography where with the help of secure key information between only two authorized parties can be maintain and the other person apart from these two people who want to communicate with each other should not be able to know about the information or the data. Here, only the TTP who knows both people can communicate with each other. Hence, it establishes the security to the user and its data stored in the cloud. Here both user and the cloud can trust the TTR model for accessing there data. [1] Anup Mathew Survey Paper on Security & Privacy Issues in Cloud Storage Systems, EECE 571B, TERM SURVEY PAPER, APRIL 2012. [2] Yan Zhu, Hongxin Hu, Gail-Joon Ahn, Senior Member, IEEE, Mengyang Yu Cooperative Provable Data Possession for Integrity Verification in Multi-Cloud Storage, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS. [3] G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, and D. X. Song, Provable data possession at untrusted stores, in ACM Conference on Computer and Communications Security, P. Ning, S. D. C. di Vimercati, and P. F. Syverson, Eds. ACM, 2007, pp. 598 609. [4] Amir Mohamed Talib Security Framework of Cloud Data Storage Based on Multi Agent System Architecture: Semantic Literature Review, www.ccsenet.org/cis Vol. 3, No. 4; November 2010. [5] Y. Dodis, S. Vadhan, and D. Wichs, Proofs of retrievability via hardness amplification, in TCC'09: Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography, Berlin,Heidelberg, 2009, pp. 109 127. [6] K. D. Bowers, A. Juels, and A. Oprea, Proofs of retrievability: theory and implementation, in CCSW '09: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, New York, NY,USA, 2009, pp. 43 54. 5. Conclusion: In this paper, we focused on how the data is stored in cloud. Also, understood what cloud computing is. What exactly does data stored in cloud means? Along with the introduction to cloud computing and cloud storage, also referred to the characteristics of cloud computing. Here-by also presented how the structure of our literature survey was built-in. We also discussed various terminologies used by cloud storage along with the technologies including PDP, CPDP for maintaining the data more secure and available. The architecture of cloud storage provided clarity how via CSP information is stored in cloud server and with the use of TTP the interaction between the user and cloud is been secured. [7] J. Li, M. Krohn, D. Mazi`eres, and D. Shasha. Secure untrusted data repository (SUNDR). OSDI, 2004. [8] B. Sotomayor, R. S. Montero, I. M. Llorente, and I. T. Foster, Virtual infrastructure management in private and hybrid clouds, IEEE Internet Computing, vol. 13, no. 5, pp. 14 22,2009. [9] Blaze, M. A cryptographic file system for unix. In ACM CCS (1993). [10] Bindel, D., Chew, M., And Wells, C. Extended cryptographic filesystem. In Unpublished manuscript (1999). [11] G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, Scalable and Efficient Provable Data Possession, Proc. of SecureComm 08, pp. 1 10, 2008. [12] Li, J., Krohn, M., Maziered, D., AND Shasha, D. Sundr: Secure untrusted data repository. In OSDI (2004). References 4

[13] J. Hendricks, G. Ganger, and M. Reiter, Verifying Distributed Erasurecoded Data, Proc. 26th ACM Symposium on Principles of Distributed Computing, pp. 139 146, 2007. [14] Farkas, C. Huhns, M.N. (2002). Making agents secure on the semantic web, IEEE Internet Computing (6) (2002)76 79. [15] Filsinger, J and Lubbes, H. O. (1996). System security approach for the High Level Architecture (HLA). In Proceedings of the 14th Workshop on Standards for Interoperability of Distributed Simulation (winter). [16] R. O. Weichao Wang, Zhiwei Li and B. Bhargava, Secure and efficient access to outsourced data, in CCSW '09: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, New York,NY, USA, 2009, pp. 55 66. [17] Ayad F.Barsoum and M.Anwar Hasan, Provable Possession and Replication of Data over Cloud Servers 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information