Data Storage and Synchronization in Private Cloud



Similar documents
The Security Behind Sticky Password

A.Prof. Dr. Markus Hagenbuchner CSCI319 A Brief Introduction to Cloud Computing. CSCI319 Page: 1

Security Considerations for Public Mobile Cloud Computing

Cloud Computing; What is it, How long has it been here, and Where is it going?

WhitePaper. Private Cloud Computing Essentials

How To Understand Cloud Usability

FileCloud Security FAQ

CLOUD COMPUTING SECURITY CONCERNS

Cloud Computing Security Issues And Methods to Overcome

Freedom for Servers, Drives & Desktops

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

Cloud Computing Services and its Application

How To Understand Cloud Computing

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS

Cloud Infrastructure Pattern

Transporter from Connected Data Date: February 2015 Author: Kerry Dolan, Lab Analyst and Vinny Choinski, Sr. Lab Analyst

Security Architecture Whitepaper

SSL VPN vs. IPSec VPN

How To Use Attix5 Pro For A Fraction Of The Cost Of A Backup

Security Issues In Cloud Computing and Countermeasures

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

Data Protection Simple. Compliant. Secure. CONTACT US Call: Visit:

LESSON 13 VIRTUALIZATION AND CLOUD COMPUTING

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Cloud Backup and Recovery for Endpoint Devices

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Vs Encryption Suites

A Survey on Cloud Security Issues and Techniques

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

Windows Web Based VPN Connectivity Details & Instructions


1. Scope of Service. 1.1 About Boxcryptor Classic

Data Integrity Check using Hash Functions in Cloud environment

SCADA Cloud Computing

APPLICATION OF CLOUD COMPUTING IN ACADEMIC INSTITUTION

Uni Vault. An Introduction to Uni Systems Hybrid Cloud Data Protection as a Service. White Paper Solution Brief

Enterprise Resource Planning in Cloud Computing Bhakti C Thorat 1 Siddhesh P Patil 2 Prof.Anil Chhangani 3

An Approach Towards Customized Multi- Tenancy

owncloud Architecture Overview

Injazat s Managed Services Portfolio

Security Framework for Cloud Computing Environment: A Review Ayesha Malik, Muhammad Mohsin Nazir

Flexible Identity Federation

Service Overview CloudCare Online Backup

Managing Cloud Computing Risk

activecho Driving Secure Enterprise File Sharing and Syncing

Virtualization Support - Real Backups of Virtual Environments

CBIO Security White Paper

NetSupport Manager v11

AirWatch Solution Overview

Data Security using Encryption in SwiftStack

White Paper on CLOUD COMPUTING

Cloud Computing Submitted By : Fahim Ilyas ( ) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

How To Protect Your Data From Harm

Outline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages

SA Series SSL VPN Virtual Appliances

owncloud Architecture Overview

The All-in-One Support Solution. Easy & Secure. Secure Advisor

An Intelligent Approach for Data Fortification in Cloud Computing

Cloud Computing Architecture and Forensic Investigation Challenges

The High Availability and Resiliency of the Pertino Cloud Network Engine

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments

Performance Analysis of Client Side Encryption Tools

EMC SYNCPLICITY FILE SYNC AND SHARE SOLUTION

CHAPTER 8 CLOUD COMPUTING

Daymark DPS Enterprise - Agentless Cloud Backup and Recovery Software

About me & Submission details

MAC Web Based VPN Connectivity Details and Instructions

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

Cloud Computing. Course: Designing and Implementing Service Oriented Business Processes

White Paper. BD Assurity Linc Software Security. Overview

DEFINING CLOUD COMPUTING: AN ATTEMPT AT GIVING THE CLOUD AN IDENTITY.

[Sudhagar*, 5(5): May, 2016] ISSN: Impact Factor: 3.785

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Mobile Cloud Computing Security Considerations

The NIST Definition of Cloud Computing

How cloud computing can transform your business landscape.

RSS Cloud Solution COMMON QUESTIONS

The NIST Definition of Cloud Computing (Draft)

Deployment Options for Microsoft Hyper-V Server

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

How to Turn the Promise of the Cloud into an Operational Reality

NCTA Cloud Architecture

Cloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad

AskAvanade: Answering the Burning Questions around Cloud Computing

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

Maximize your Remote Desktop Services

Transcription:

Data Storage and Synchronization in Private Cloud D. Hodanić, N.Vrkić and M. Tomić University of Rijeka, Faculty of Engineering, Department of Computer Engineering, Rijeka, Croatia {dhodanic, nvrkic, mtomic}@riteh.hr Abstract - Usage of cloud systems for data storage has many advantages over the traditional approaches. It is already widely used and its popularity is still fast-growing. The systems must be implemented and maintained in a way that not only satisfies the performance and resource availability requirements, but also fully addresses the questions of security, privacy and data ownership. However, concerns related to those questions very often lead to considerations of a private cloud implementation. In this paper, we explore a private cloud implementation suitable for small to medium businesses. We introduce main types of cloud computing as basic service models and analyze private cloud systems features. Advantages and disadvantages in comparison to public cloud services are considered. Implementation of private cloud solutions in a lab environment allowed us to examine the ease of the setup and maintenance as well as the usability of the chosen solutions and their applicability for the target user group. I. INTRODUCTION Cloud technologies have infiltrated society in many aspects. Our culture is currently built around mobile devices, social media, cloud platforms, intelligent systems and many more. There is a lot of personal and business information that has to be stored. Cloud storage and synchronization are highly popular for personal use. In contrast, organizations are still cautious with moving their businesses into the cloud. Privacy and security are the main concerns when considering cloud solutions. Most of the popular cloud services offer public cloud service model. Public cloud platforms opened the cloud concept to personal users. There is no doubt that these systems earned their popularity, but for some user groups more private solutions are potentially a more viable and acceptable option. Although cloud platforms extended possibilities in terms of storage and synchronization for organizations, they also produced some uncertainties. With enterprises and cloud services, trust issues were bound to come up. Trust is depicted as a complex factor formed of control over assets, data ownership, failure prevention and security. Khan et al. showed in [1] that building trust in cloud services comes with time, good performances, security, more client control and transparency. Therefore, private clouds found their way into many organizations and application areas where trust is of great concern. For instance, Doelitzscher et al. in [2] presented a case for building a private cloud for collaboration and e-learning services in HFU University. Architecture and software aspects were analyzed in detail, with conclusions about private cloud benefits at the university and its IT department. A more general comparison of several cloud computing platforms has been given in [3] to provide better understanding and useful details for choosing the best cloud solution given a specific case. The authors focused on private and hybrid clouds, namely OpenNebula and Nimbus and considered OpenNebula solution to be suitable for building a highly scalable cloud computing environment. In [4], the Eucalyptus was considered in details. Eucalyptus is an open source private and hybrid cloud software representative, suitable for the use in enterprises. It is compatible with Amazon Web Services (AWS) cloud interface, allowing interaction between a private and a public cloud. Atefi et al. presented in [5] the use of open source private cloud for digital forensics. Seafile was chosen due to its advanced features for preserving privacy, file syncing, and collaboration. In a prototype research from Mościcki et al. [6], a private cloud solution for internal use by the CERN employees has been analyzed in depth, as an alternative to the public cloud services. The authors chose owncloud as a viable platform for an open source private cloud solution for file sharing and synchronization on a very large scale. OwnCloud competitors, such as Pydio, Seafile, SparkleShare and Syncany were discarded because of feature incompleteness, usability issues or failing to support necessary file formats. They found that only owncloud satisfied most of their demands for building an open source cloud solution which can compare well to commercial solutions. Private cloud systems are highly adjustable to user s needs and offer great flexibility in terms of the number of active users and feature implementations. There are several solutions, but also many different concepts for custom usage within organizations. In this paper, we explore how private cloud solutions may benefit small to medium businesses (SMB). A deployment of an open source private cloud system with software solutions such as owncloud, provides business users with internal control of privacy and sole data ownership. We also consider questions of security, scalability and cost. MIPRO 2015/CTI 541

Figure 1. Basic cloud computing service models II. CLOUD COMPUTING CONCEPTS AND CLOUD STORAGE MODELS A. Definition of the cloud There is more than one definition of cloud computing, but most of them have a similar meaning using computer resources on demand. This is a model for delivering information technology services where resources are retrieved from the Internet using web-based tools. Applications can communicate with servers where all data and software packages are stored. Cloud computing model allows access to information as long as a client s device has access to the web. Companies may find that the cloud computing allows them to reduce the cost of information management, since they are not required to use their own infrastructure, but instead lease it from service providers [7]. B. Cloud service models There are three basic cloud computing service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), as shown in Fig. 1. Infrastructure as a Service (IaaS) is a service model where cloud computing service providers share their storage, network, and other computing resources with their clients. Clients are able to run their own software. A user does not operate or control fundamental physical infrastructure of a cloud but has control over operating systems, storage, deployed applications, and possibly limited control of selected networking components. Service providers give their users access to multiple virtual server instances, so different users access the same infrastructure at the same time. They have flexible access, meaning they can reach the infrastructure from any location and any device that has a network connection. With regards to security problems, many IaaS providers offer a private cloud environment for cloud hosting [8]. Platform as a Service (PaaS) is a service model similar to IaaS but it provides an additional level of functionality. It is a model for running applications without the need to maintain the hardware and the software infrastructure at organizations. PaaS service providers allow customers to deploy, run or develop applications on their cloud infrastructure. A user does not manage nor control the underlying cloud infrastructure (including network, servers, operating systems), nor storage, but has control over the deployed applications and possibly over configuration settings for the application-hosting environment. PaaS offers software developers several advantages including cost savings, reduced technical maintenance and increased mobility. Costs for purchasing servers, other hardware or required software licenses are reduced or eliminated [8] [9]. Software as a Service (SaaS) cloud model operates on a virtualized and a pay-per-use billing model. In this model, software applications are rented to contracted customers by SaaS service providers. The applications are accessible from various client devices through a client interface, such as a web browser. The client does not operate nor control the fundamental cloud infrastructure including servers, storage, network, operating systems, nor individual application features, with the possible exception of application configuration settings, as specified by the service provider. Applications on providers cloud infrastructure are always up-to-date, preinstalled and configured. This reduces the time spent for installation and configuration of software on local machines. It also allows SMBs to use a software that would otherwise be too costly due to a high licensing fees. Maintenance costs are reduced as well, as the SaaS provider owns the environment and the cost is split among all customers using that solution [8] [9]. C. Cloud deployment models A public cloud is a model that provides users access to the cloud over the Internet, using client interfaces, such as common web browsers. It is typically based on a payper-use model. This helps cloud clients to better match their IT expenditure at an operational level by decreasing its capital expenditure on IT infrastructure. Public clouds are less secure than other cloud models because they place an additional burden of ensuring all applications and data accessed on the public cloud are protected from malicious attacks [8]. Security is a very challenging problem in the public cloud model. Service providers are responsible not only for storing data, but also for securing it. Moreover, many organizations and private users are sharing the same resources [7], which means the provider must also implement isolation between different customers. A private cloud is set up for organization s internal use. Service provider is no longer a third party associate, but the organization itself. There are several variations in a private cloud setup. Software components are always run privately. However, hardware modules may be owned by the organization, but also hosted elsewhere. A private cloud approach provides more control over the data ownership and privacy. However, it also implies the organization s own responsibility for setting up both the infrastructure and a software environment, as well as security measures implementation and, later on, the maintenance of each system component. Fig. 2 542 MIPRO 2015/CTI

Figure 2. Differences between private and public cloud solutions summarizes advantages and disadvantages of private and public cloud solutions. A hybrid cloud model combines benefits of both private and public cloud. It is composed of two or more different cloud infrastructures that are bound together [9]. III. PRIVATE CLOUD A private cloud may be set up in-house or hosted with a third party service provider. Typically, a private cloud is owned by the organization itself. Organizations may benefit from a private cloud in many ways. When internal infrastructure is used, organization is the sole owner of its data and the only entity having access to it. This reduces or eliminates several potential public cloud service problems, such as sharing platform with other users, possible unauthorized access to the data, changes of providers privacy policy, unexpected service outages, data content restrictions, dependence on a third party organization, control over the equipment and flexibility in a form of cloud bursting. On the other hand, disadvantages of the private cloud model also have to be taken into consideration. Since an organization is running the entire cloud platform, planning and preparation is essential. Initial investment in hardware and software sometimes proves to be a serious obstacle, although, using existing hardware resources with several equipment upgrades, implementation of virtualization techniques and open source software, may significantly reduce the initial cost. After the infrastructure is set up, an organization needs to deploy a private cloud system, implement security measures and enable seamless remote access. The cloud also needs to be maintained and monitored for security and performance. This requires skilled personnel whom not all organizations can afford. Some authors suggest private clouds can obtain some of the public cloud benefits by merging into a hybrid cloud approach [10]. IV. Figure 3. OwnCloud architecture components in an organization IMPLEMENTATION, SECURITY AND FEATURES OF A PRIVATE CLOUD SOLUTION A. Demo environment In this section we explore setup and security aspects of a full-featured open source system for a private cloud implementation. Demo environment was built using virtualized servers on own infrastructure. As an underlying OS, a Linux server distribution was chosen. OwnCloud server was installed on top of the virtualized server. In a typical organization, the cloud would only be connected to the organization's internal network. To gain access to the cloud, remote clients would first need to access organization s LAN, usually by means of a VPN connection. Then, they would be able to access the cloud in the same manner as if they were physically present at the organization's premises. Fig. 3 illustrates components of a private cloud setup in an organization using owncloud. Lab setting allowed us to explore the system in a real everyday use-case scenario. Testing was done on a smaller scale environment, but interpretation of results is applicable to larger deployments. OwnCloud was chosen as a cloud solution, being the most popular open source solution for SMBs at the moment. B. OwnCloud implementation and security Currently, owncloud supports Linux and Windows servers as a system base. Installation of server-side owncloud is supported in different scenarios. In a lab environment, we used Linux packages as a preferred installation method. One of the most important system configuration steps is to implement basic security measures. Using the Secure sockets layer (SSL) and the Transport layer security (TLS) for protected access is highly recommended. SSL/TLS provide both data confidentiality and integrity for TCP/IP transmissions. Client-server communication using TLS protocol should be safe from many security attacks. End-to-end authentication and data confidentiality are provided by cryptographic algorithms in SSL/TLS. It provides a one way authentication, as the servers identity is already known to the client, whereas the client rests MIPRO 2015/CTI 543

Figure 4. File encryption in a private cloud system unauthenticated. Two endpoints using TLS connection can be certain that communication is indeed between those two devices, without the presence of a third party [11]. Another strongly advised feature is usage of the owncloud provided Encryption app for the server-side encryption. In this case, after client data arrives over a secure SSL/TLS connection to the server side, the Encryption app executes automatic creation of a 4096-bit private and public key pair for each user. Private keys are encrypted using users login credentials with AES 256 algorithm [12]. Using the keys, the data is encrypted and protected from theft. In case of lost user credentials, administrator may access protected data to recover information. This encryption model is claimed in [12] to be highly secure and optimized to perform well with a larger amount of data, large file sizes and a great number of users. OwnCloud administrators have full control over the encryption keys. Using this encryption model, stored files should be protected from unauthorized access. If absolute confidentiality is required, client-side encryption must be implemented. The client side encryption refers to encryption of data on a client s own device, before sending it through a secure connection towards the server. This way, the data never leaves a user s device unencrypted and not even an administrator can gain access to it. Although neither of owncloud editions offer a client-side encryption, it can be implemented using a third party software, such as Credeon. Fig. 4 shows the aforementioned file encryption scenarios. C. OwnCloud client and features OwnCloud offers data access, synchronization and data sharing across devices, everything in a controlled environment. Its architecture is extensible and works with any storage [13]. Synchronizing owncloud with various devices is reinforced with client applications. Desktop clients are supported for multiple operating systems: Windows, Mac, different Linux distributions and versions, as well as Android and ios for mobile clients. When stored in the owncloud, user s files, folders, contacts, calendars and images are accessible from PCs, laptops, smartphones and other mobile devices at any given time or location. From a user s point of view, only a network connection is needed for data synchronization among devices. Previously synchronized data on desktop devices are accessible without a network connection, since the data are also stored locally. OwnCloud web server acts as a main repository of users data. When a client connects to the server, a system automatically updates two lists of data: the list of data that has remained unchanged, and the list of data that has changed since the last synchronization. In this manner, a client is able to download and send only a list of files that have been changed. This speeds up the process of scanning and analyzing which files need to be updated. Storing and synchronizing is different with mobile devices, as their limited memory is not well-suited for keeping gigabytes of data. Consequently, mobile clients require network connection for data access. D. OwnCloud scalability Both owncloud editions, the owncloud Community and the owncloud Enterprise, were designed to accommodate whole range of application areas [13], and for that they needed a scalable architecture. Scalability issues were analyzed in detail in [14]. SMBs that invest in a dedicated infrastructure for owncloud should have no need to implement anything beyond the simple owncloud setup. However, in case that owncloud is accommodated on an existing infrastructure or an organization grows significantly, a performance or storage bottlenecks could occur. A standard approach to building a scalable solution is to have separate servers for each of the private cloud service tiers, such as database, data storage or application tiers. As this setup is unnecessarily complex and too costly for SMBs, a more adequate solution would be to use a model with collapsed tiers. In a consolidated configuration, shown in Fig. 5, a single computing node can be used to host a web server, the owncloud software, a storage server and a MySQL server. Having two or more such computing nodes behind a load balancer enables the clients requests to be served by each of the nodes in a round-robin manner. OwnCloud allows scaleout of each component to be performed while running, thus providing continuous service - keeping the data accessible and applications uninterrupted. Figure 5. OwnCloud scalable deployment model 544 MIPRO 2015/CTI

issue. It preserves data ownership and can improve both privacy and security. The solution we explored is scalable and is suitable not only for SMBs but also for larger deployments. For organizations which do not have enough resources to invest into their own infrastructure or to maintain it, we suggest a hybrid cloud solutions. In this case, a private cloud is hosted on a public cloud infrastructure, making a tradeoff between security and privacy on one side and cost on the other. It allows even SMBs with very limited resources to leverage benefits of the private cloud solutions. Figure 6. Hybrid approach to owncloud deployment E. OwnCloud in a cloud By now, we only discussed deployment of owncloud on a private infrastructure, i.e. within the organization. Another option could be a hybrid approach, in which the infrastructure is provided by an outer cloud service provider [1]. In this configuration, a private cloud system is hosted in a public cloud using leased infrastructure. The approach could be very interesting for businesses looking to minimize initial infrastructure investment and, later on, maintenance costs. Although the infrastructure is leased, with careful cloud implementation, data security should not be significantly impacted. Some organizations may be reluctant to invest in their own infrastructure and this approach might be a compromise which would allow them to have enough benefits of private clouds to alleviate concerns they might have with public cloud systems. Another advantage of a hybrid cloud is flexibility in terms of changing capacity. With a pay-per-use model, an organization can momentarily scale-up or scale-down as necessary, something that is not always possible, especially in the case of SMBs, with own infrastructure. Therefore, a hybrid cloud in some cases may be a better option and a more cost efficient solution, easier and quicker to deploy than a private cloud, but also more secure than public cloud. Running owncloud on an external infrastructure is shown in Fig. 6. V. CONCLUSION Public cloud services are very popular, however, organizations are still cautious with moving their businesses into the cloud. In case of trust or data security being a serious concern, we suggest using private cloud solutions. A private cloud approach eliminates the trust ACKNOWLEDGMENT The work presented in this paper is supported by the University of Rijeka research grant Grant 13.09.2.2.16. REFERENCES [1] K. Khan, Q. Malluhi, Establishing trust in cloud computing, in IT Pro, September/October 2010, pp. 20-26. [2] F. Doelitzscher, A. Sulistio, C. Reich, H. Kuijs, D. Wolf, Private cloud for collaboration and e-learning services: from IaaS to SaaS, Hochschule Furtwangen University, Germany [3] J. Peng, X. Zhang, Z. Lei, B. Zhang, W. Zhang, Q. Li, Comparison of several cloud computing platforms, in Information Science and Engineering (ISISE), 2009 Second International Symposium, pp. 23-27. [4] R. Giordanelli, C. Mastroianni, The cloud computing paradigm: Characteristics, opportunities and research issues, Istituto di Calcolo e Reti ad Alte Prestazioni (ICAR), 2010. [5] K. Atefi, Y. Saadiah, A. Atefi, A survey on digital forensics investigation of Seafile as a cloud storage, in International Journal of Engineering Research And Management (IJERM), vol. 01, October 2014. [6] J. Mościcki, M. Lamanna, Prototyping a file sharing and synchronization service with Owncloud, in Journal of Physics: Conference Series, vol. 513, no.4, IOP Publishing, 2014. [7] R. Grossman, The Case for Cloud Computing, in ITpro, pp. 23 27, March/April 2009. [8] S. Ramgovind, M. M. Elof, E. Smith, The management of security in cloud computing, IEEE 978-1-4244-5495-2/10, University of South Africa, Pretoria, South Africa [9] P. Mell, T. Grance, The NIST definition of cloud computing, NIST special publication 800-145, National institute of standards and technology, September 2011. [10] M. Armbrust, A. Fox, et al, A View of Cloud Computing, Comunications of the ACM, vol. 53., April 2010, pp.50 58. [11] L.Ertaul, S.Singhal, G.Saldamli, Security challenges in cloud computing, CSU East Bay, Hayward, CA, USA [12] OwnCloud, OwnCloud s data encryption model" [13] Official owncloud web page [14] Scale out file sync and share: Deploying owncloud and Red Hat Storage Server on HP ProLiant SL4540 Servers, OwnCloud whitepaper MIPRO 2015/CTI 545

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information