Security Analysis of Cloud Computing: A Survey



Similar documents
Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

A NOVEL GRAPHICAL PASSWORD APPROACH FOR ACCESSING CLOUD & DATA VERIFICATION

SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD

A Survey on Cloud Computing

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Dynamic Query Updation for User Authentication in cloud Environment

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

International Journal of Advanced Research in Computer Science and Software Engineering

Authentication. Authorization. Access Control. Cloud Security Concerns. Trust. Data Integrity. Unsecure Communication

ADVANCE SECURITY TO CLOUD DATA STORAGE

International Journal of Advanced Research in Computer Science and Software Engineering

Cloud Computing Security Issues And Methods to Overcome

A Security Integrated Data Storage Model for Cloud Environment

Customer Security Issues in Cloud Computing

EMPOWER DATA PROTECTION AND DATA STORAGE IN CLOUD COMPUTING USING SECURE HASH ALGORITHM (SHA1)

Cryptographic Data Security over Cloud

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

Index Terms: Cloud Computing, Third Party Auditor, Threats In Cloud Computing, Dynamic Encryption.

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

SHARED DATA & INDENTITY PRIVACY PRESERVING IN CLOUD AND PUBLIC AUDITING

Verifying Correctness of Trusted data in Clouds

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

Cloud Security and Algorithms: A Review Divya saraswat 1, Dr. Pooja Tripathi 2 1

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

Improving data integrity on cloud storage services

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

Keywords-- Cloud computing, Encryption, Data integrity, Third Party Auditor (TPA), RC5 Algorithm, privacypreserving,

Data management using Virtualization in Cloud Computing

An Intelligent Approach for Data Fortification in Cloud Computing

Implementing Cloud Data Security by Encryption using Rijndael Algorithm

SURVEY PAPER ON SECURITY IN CLOUD COMPUTING

A Review of Cloud Environment and Recognition of Highly Secure Public Data Verification Architecture using Secure Public Verifier Auditor

ISSN Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability

Cloud SQL Security. Swati Srivastava 1 and Meenu 2. Engineering College., Gorakhpur, U.P. Gorakhpur, U.P. Abstract

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

Information Security: Cloud Computing

Monitoring Data Integrity while using TPA in Cloud Environment

DATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

Tamanna Roy Rayat & Bahra Institute of Engineering & Technology, Punjab, India talk2tamanna@gmail.com

Data Grid Privacy and Secure Storage Service in Cloud Computing

Secrecy Maintaining Public Inspecting For Secure Cloud Storage

Security Considerations for Public Mobile Cloud Computing

Cloud Computing. Karan Saxena * & Kritika Agarwal**

Module 1: Facilitated e-learning

An Efficient data storage security algorithm using RSA Algorithm

Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment

Scientific Journal Impact Factor (SJIF): 1.711

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

Survey on Enhancing Cloud Data Security using EAP with Rijndael Encryption Algorithm

Data Storage Security in Cloud Computing

Keywords : audit, cloud, integrity, station to station protocol, SHA-2, third party auditor, XOR. GJCST-B Classification : C.2.4, H.2.

Research Paper on Data Integrity Checking In Cloud Computing

Development of enhanced Third party Auditing Scheme for Secure Cloud Storage

Dynamic Data Storage for Trustworthy Cloud

N TH THIRD PARTY AUDITING FOR DATA INTEGRITY IN CLOUD. R.K.Ramesh 1, P.Vinoth Kumar 2 and R.Jegadeesan 3 ABSTRACT

Enabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage

Cloud & Security. Dr Debabrata Nayak Debu.nayak@huawei.com

Secure Hybrid Cloud Architecture for cloud computing

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Secure Cloud Computing through IT Auditing

SECURING CLOUD DATA COMMUNICATION USING AUTHENTICATION TECHNIQUE

Security Issues In Cloud Computing and Countermeasures

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Surveying Cloud Storage Correctness using TPA with BLS

Keywords Cloud Computing, CRC, RC4, RSA, Windows Microsoft Azure

Cloud Computing; What is it, How long has it been here, and Where is it going?

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens.

A Survey on Data Integrity of Cloud Storage in Cloud Computing

The Security in Private Cloud Computing

AN INVESTIGATION OF SECURITY THEME FOR CLOUD COMPUTING

M. Nathiya 2 B.Tech. (IT), M.E. (CSE), Assistant Professor, Shivani Engineering College, Trichy, Tamilnadu, India.

Security Issues in Cloud Computing

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA

Near Sheltered and Loyal storage Space Navigating in Cloud

RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

Commercial Software Licensing

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE

Data Integrity by Aes Algorithm ISSN

Third Party Auditing For Secure Data Storage in Cloud through Trusted Third Party Auditor Using RC5

A Survey on Cloud Security Issues and Techniques

SECURITY STORAGE MODEL OF DATA IN CLOUD Sonia Arora 1 Pawan Luthra 2 1,2 Department of Computer Science & Engineering, SBSSTC

IJCSIET-ISSUE5-VOLUME1-SERIES1 Page 1

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments

Research Challenges and Security Issues in Cloud Computing

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

Transcription:

Security Analysis of Cloud Computing: A Survey Kamaljeet Pakhre 1, Navdeep Singh 2, Sanket Mani Tiwari 3 1,2,3 Research Scholar, M. Tech. (CSE), Galgotias University, Greater Noida, India. Abstract Now these days is golden days of computing the internet has changed the computing world in a drastic way. Now computer service is fast with the help of parallel computing, distributed computing grid computing and a new technique is cloud computing. And it is very beneficial for computing. The user wants to access internet to anywhere to any time with respect of time consuming, cost consuming and fast service. The user uses the computer resources with the help of cloud computing and expect to maintain security form the server side. His/her information cannot access any unauthorized person. The basic model of cloud computing is providing the variety of computer resources over the internet. The main role play of cloud computing to make easy access of computer service. There are three types of service that provide cloud computing is software as a service (SaaS), platform as a service (PaaS) and the last one is infrastructure as a service (IaaS), which provide software for service and provide a platform to run any application and provide network and storage capacity for data defined as a computing. The main advantage of cloud computing is that customers do not have to pay for infrastructure, its installation, required manpower to handle such infrastructure and maintenance. In this paper, we will discuss cloud computing and new technique for data integrity. Keywords Cloud security, Data storage, Integrity verification, IaaS, PaaS, SaaS, PDP. I. INTRODUCTION Cloud computing provides the variety of resources over the internet and the definition is produced by U.S National institute of standards and technology (NIST). It define there are five key terms and four deployment models and three services and cloud computing we can define other words Cloud computing is an on-demand network access to a shared pool of computing resources (e. g. Network, servers stage application and service). Which is an internet based technology consider the large size of outsource capacity. The objective of the study is to analyze the security requirement and highlight the existing threats in cloud computing effective security policies for cloud computing systems. It will help the researchers to identify security requirements at multiple levels to recognize the threads in the various cloud computing models posed by both internal and external users and thus will help to clarify cloud security policies that ensure the security of the cloud environment. A. Resources of Cloud Computing Clint Server Platform Software Infrastructure B. Deployment Model Deployment models we can define easily it may be hosted by third party and it make the service effectively. With the help of deployment model we can access service easily and make good relationship between customer and service provider. There are several types the public cloud is a collection of computer resources and private cloud is a limited number of computer resources and hybrid cloud is a combination of public and private cloud. It is called deployment models. 1. Public Cloud Public cloud is based on mainstream and we can say cloud resources shard outside there are no restrictions anyone can use it. 2. Private Cloud The private cloud is that there are limited no of resources to use for people and it is used in any organization. 3. Hybrid Cloud The concept of hybrid cloud is a collection of public and private cloud. Hybrid cloud like a private cloud linked to one or more services. 4. Community Cloud The community cloud is a different type of cloud More than one community shares a cloud to share and reduce the cost of computing system. And is costly and time consuming. C. Service Model A service model is another type of model in cloud computing. The main work of service model has provided service to customers. The service model provides a toolkit for customer use and build software and develop software for future use. The platform as a service is provide a platform to run any type of software and application and also provide programming language for customer use. The infrastructure as a service is providing a network access and storage capacity for the user who want to store his data on the server end and it handles by cloud service providers. The service model plays a main role in cloud computing. There are mainly three types SaaS, PaaS and the last one is IaaS. 677

56 bit key 1. SaaS International Journal of Emerging Technology and Advanced Engineering SaaS model offers the as service as an application to the consumer using standard interfaces. These services run on top of cloud infrastructure and consumer cannot see. The software as a service which provides software and application, and manages on demand user software requirement for need application run. And cloud provider manages all thinks application, operating system and infrastructure. SaaS provides the services according to user requirement. 2. PaaS Platform as a service which provide a platform for any type of application and it, Platform as a Service (PaaS) brings the benefits that SaaS bought for applications, the platform as a service offers the service as an an operational development platform for consumer. And but over to the software development world. PaaS can be defined as a computing platform that allows the creation of web applications quickly and easily and without the complexity of buying and maintaining the software and infrastructure underneath it. Clients are provided platforms access, which enables them to put their own customized software s and other applications on the clouds. 3. IaaS Infrastructure as a Service (IaaS) is a way of delivering Cloud Computing infrastructure servers, storage, network and operating systems as an ondemand service. Rather than purchasing servers, software, data canter space or network equipment, clients instead buy those resources as a fully outsourced service on demand. A. Comparison between DES and RSA algorithm Table 1 Comparison between DES and RSA Features DES RSA Key used The same key is used for encryption and decryption purpose Scalability It is a scalable algorithm due to varying the key size and block size Avalanche No more effected effect Power Low consumption Difference keys are used for encryption and decryption purpose No scalability occurs More effected High Throughput Very high Low B. We can define easily that DES is better than RSA DES uses a single key instead of two keys. The key size of des algorithm is 56 bits. The DES key use for both encryption and decryption. 64 bit plain text II. RELATED WORK Nam Yem Li highlights PDP scheme use for verification to avoid public verification. This paper proposed initial PDP solution to RSA based Hash function to authenticate the remote server storage data. However, due to RSA based cryptography, the entire computing speed is slow. Similarly Qian Wang et al, Proposed a protocol for Integrity verification in Multi cloud that is provided by improving the existing proof of storage models by manipulating the classic Merkle Hash Tree construction for block tag authentication. 64 bit Cipher text Figure 1: key diagram for DES algorithm 678

III. International Journal of Emerging Technology and Advanced Engineering INFORMATION SECURITY REQUIREMENTS A. Identification & authentication In Cloud computing, identified the user who access cloud computing services respect of cloud computing models and it should be allows the authorized user. B. Authorization Authorization is an important for security and it play a main role in maintaining integrity in cloud computing. Authorization is maintained by the system administrator in a Private cloud. C. Confidentiality The concept has been introduced confidentiality is made secure information and any unauthorized user cannot access your information without your permission because the cloud computing uses the multiple distributed database. D. Integrity The concept of integrity is to play a good role in security analysis and it makes your data secure and cannot manipulate user your data any unauthorized user. And now these days we use the RSA algorithm in PDP schemas ACID (atomicity, consistency, isolation and durability) properties of the cloud s data should without a doubt be robustly imposed across all Cloud computing deliver models. E. Non-repudiation Non-repudiation in Cloud computing can be obtained by applying the traditional e-commerce security protocols and token provisioning to data transmission within cloud applications such as digital signatures, timestamps and confirmation receipts services (digital receipting of messages confirming data sent/received). F. Availability Availability is one of the most critical information security requirements in Cloud computing because it is a key decision factor when deciding among private, public or hybrid cloud vendors as well as in the delivery models. The service level agreement is the most important document which highlights the trepidation of availability. IV. THE SECURITY CHALLENGES A. Privileged User Access The means of privileged user access are that it processed Sensitive data outside the enterprise brings with it an inherent level of risk, because the services of outsourced is passing through the physical, logical and personnel controls IT departments exert over in-house programs. Put simply, outsiders users are now insiders. B. Regulatory Compliance The regulatory compliance is the main challenges for cloud computing. The whole Organizations are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider. The ability to demonstrate to auditors that their data is secure despite a lack of physical control over systems, hinges in part on educating them, and in part on providing them with the necessary visibility into all activity. C. Data Location When we use cloud we don t know where your data is hosted data location is an important challenge of cloud computing. D. Data Segregation Data segregation in cloud computing is typically in a shared environment on the data server from other customers. So we segregate data for maintaining cloud security. E. Recovery Recovery is also the main challenge for cloud computing because you don't know where your data is, and cloud service provider should maintain your data and service in case of disaster. F. Investigative Support The cloud service provider provides investigative support for data and service of cloud computing. With the help of it make more effective and efficient. Investigating inappropriate or illegal activity may be impossible in cloud computing, because logging and data may be co-located and spread across ever-changing sets of hosts and data centers. G. Long-term Viability The concept of long-term viability is the data is secure for a long time that helpful for decision making, recovery and future prediction. And it also support for maintaining good relationships for business purpose. V. ADVANTAGES OF CLOUD COMPUTING A. Less Maintenance The advantage of cloud computing is less maintenance because the hardware application and bandwidth are managed by the cloud service provider. B. Continuous Availability The continuous availability means you can access cloud services to anywhere to any time because the public and cloud services are available wherever you are located. 679

C. Scalability The means of scalable is you can pay only for application and data storage that you need. D. Elasticity The means of elasticity is you can scale your system on your demands. That is a very good advantage of cloud computing. Private clouds can be scaled to meet your changing IT system demands. E. Expert service The expert service is the services are monitored by experts who related to cloud computing and has lots of experience. And they maintain and monitored your data canter staff and technicians. VI. CLOUD COMPUTING DISADVANTAGES A. More elasticity means less control The disadvantage of cloud computing of more elastic means less control. In the case of cloud computing there are several factors, including that make less control of cloud computing, e.g. openness, scalability, elasticity, distributed data store on server ends of cloud computing. These are disadvantages of cloud computing. B. Not everything fit into cloud computing Not the everything fits into the cloud in the case cloud computing is ever think is not fit in cloud computing is that the main reason is the openness and infrastructure of cloud computing depend on cloud computing application, operating system and it s so we easily called has not ever thought fit into the cloud. VII. FUTURE EXPECTATION In future work, the security of cloud computing is main issues in terms of data storage security on server ends of cloud computing. Through the cryptography, which use public and private keys the public key encrypts the data and private keys decrypt data. With the help of cryptography we solve exiting problem. And we can use cooperative provable data possession scheme which reduces data block access and also reduce the amount of computation on the server ends. The cloud computing model is one of the promising computing models for both cloud providers and cloud consumers. Data privacy: the important term of data privacy in cloud computing any unauthorized person cannot access your data that is more important for you Key management: it also plays a good role in cloud computing the key management in which it's clear who is controlling encryption /decryption key. Data Integrity: Data integrity in the case of data integrity any unauthorized user cannot manipulate your data and your data is safe from danger VIII. CONCLUSION In this paper, we investigated the problem of data integrity of cloud computing for security analysis. And provide the data security for cloud data storage and it also ensures the correctness of user data storage. With the help of several algorithm use want to solve exiting problem we want to establish the good relationship between client and server. We use the comparative provable data possession with the help of we make the cloud computing more effective and more efficient and we use the DES algorithm in PDP schemas for it take low consumption. We want to secure our data with the help of cryptography and we use public and private key for encryption and decryption of data. In future work we want to implement in DES algorithm for PDP schemas in cloud computing. The concept of data security for cloud computing there are several reasons for making secure cloud computing server ends. The openness, scalability, elasticity, distributed and several factors. In this paper, we investigated the security challenges and the implementation of exiting problem with respect to security of cloud computing. The question arises why we want the secure data storage on server ends? The answer is very simple suppose we store the file on the server and one local copy is also stored on my PC in future suppose the file is corrupt and we access file from the server end is that the file is correct? In the sense there is no manipulate in the file. So we want to make our system secure. REFERENCES [1] Mohemed Almorsy, John Grundy and Amani S. Ibrahim, Collaboration-Based Cloud Computing Security Management Framework, IEEE 4th International Conference on Cloud Computing, 2011. [2] Shubhashis Sengupta, Vikrant Kaulgud and Vibhu Saujanya Sharma, Cloud Computing Security - Trends and Research Directions, IEEE World Congress on Services, 2011. [3] Xiang Tan and Bo Ai, The Issues of Cloud Computing Security in High-speed Railway, IEEE International Conference on Electronic & Mechanical Engineering and Information Technology, 2011. [4] Zhong S., Yang Z. and Wright R., Privacy-Enhancing anonymization of Customer Data, Proceedings of the 24 th ACM Symposium on Principles of Databases, 2005. [5] Deyan Chen and Hong Zhao, Data Security and Privacy Protection Issues in Cloud Computing, International Conference on Computer Science and Electronics Engineering, 2012. [6] Issa M. Khalil and Abdallah Khreishah, Security Concerns in Cloud Computing, 10th International Conference on Information Technology, New Generations, 2013. 680

[7] Neha Jain and Gurpreet Kaur, Implementing DES Algorithm in Cloud for Data Security VSRD-IJCSIT, Volume 2, 2012. [8] Aman Kumar, Dr. Sudesh Jakhar and Mr. Sunil Makkar, Comparative Analysis between DES and RSA Algorithm, International Journal of Advanced Research in Computer Science and Software Engineering, Volume 2, Issue7, July 2012. [9] Rajkumar Chalse and Ashwin Selokar, Arun Katara, A New Technique of Data Integrity for Analysis of the Cloud Computing Security,5th International Conference on Computational Intelligence and Communication Networks, 2013 681

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information