A Report Based on Cost & Secured Data used Multi Cloud Storage in Cloud Based Resources.

Similar documents
A Secured Cost-effective Multi-Cloud Storage in Cloud Computing

A Proposed Secured Cost-Effective Multi-Cloud Storage in Cloud Computing

Secured Storage of Outsourced Data in Cloud Computing

A Conceptual Framework to analyze UML notations using SaaS : U-Code Generation

Securing the Cloud. A Review of Cloud Computing, Security Implications and Best Practices W H I T E P A P E R

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

ADVANCE SECURITY TO CLOUD DATA STORAGE

A Survey on Cloud Security Issues and Techniques

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Index Terms: Cloud Computing, Third Party Auditor, Threats In Cloud Computing, Dynamic Encryption.

A survey on cost effective multi-cloud storage in cloud computing

CompTIA Cloud+ 9318; 5 Days, Instructor-led

Effective End-to-End Cloud Security

CompTIA Cloud+ Course Content. Length: 5 Days. Who Should Attend:

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Mitigating Information Security Risks of Virtualization Technologies

Cloud Computing and Business Intelligence

VMware vcloud Networking and Security

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

International Journal of Advanced Research in Computer Science and Software Engineering

Network Security Guidelines. e-governance

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER

Secure networks are crucial for IT systems and their

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

CA Cloud Overview Benefits of the Hyper-V Cloud

A Look at the New Converged Data Center

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

1.1.1 Introduction to Cloud Computing

Chapter 1: Introduction

VMware vcloud Powered Services

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

Security & Cloud Services IAN KAYNE

Overcoming Security Challenges to Virtualize Internet-facing Applications

Verifying Correctness of Trusted data in Clouds

SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER

Security Model for VM in Cloud

The cloud - ULTIMATE GAME CHANGER ===========================================

Why You Should Consider Cloud- Based Archiving. A whitepaper by The Radicati Group, Inc.

IMPLEMENTING DATA SECURITY IN MULTI CLOUD

Media Shuttle s Defense-in- Depth Security Strategy

VMware vcloud Networking and Security Overview

The Cloud, Virtualization, and Security

Privacy Preserving Public Auditing for Data in Cloud Storage

Keyword: Cloud computing, service model, deployment model, network layer security.

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

How To Protect Your Cloud From Attack

Appendix C Pricing Index DIR Contract Number DIR-TSO-2724

Keywords: Cloud Storage, Shared Data, Privacy Preserving, Secret Sharing, Authentication, Third Party Auditor(TPA).

N TH THIRD PARTY AUDITING FOR DATA INTEGRITY IN CLOUD. R.K.Ramesh 1, P.Vinoth Kumar 2 and R.Jegadeesan 3 ABSTRACT

Understanding Enterprise Cloud Governance

An Efficient Data Correctness Approach over Cloud Architectures

Security Considerations for Public Mobile Cloud Computing

Identifying Data Integrity in the Cloud Storage

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Mitigating Risks and Monitoring Activity for Database Security

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

PCI Requirements Coverage Summary Table

SPACK FIREWALL RESTRICTION WITH SECURITY IN CLOUD OVER THE VIRTUAL ENVIRONMENT

Sichere Virtualisierung mit VMware

Achieving PCI Compliance Using F5 Products

RSA SecurID Ready Implementation Guide

How To Achieve Pca Compliance With Redhat Enterprise Linux

SINGTEL BUSINESS - PRODUCT FACTSHEET MANAGED CLOUD POWERED BY VMWARE

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered.

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

March

The Hybrid Cloud Approach: CA ARCserve D2D On Demand

CONSIDERATION OF DYNAMIC STORAGE ATTRIBUTES IN CLOUD

GE Measurement & Control. Cyber Security for NEI 08-09

Securing the Service Desk in the Cloud

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Protecting Your Organisation from Targeted Cyber Intrusion

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

A Review on Cloud Data Storage in Virtual Perspective

Mobile Cloud Computing Security Considerations

SECURITY THREATS TO CLOUD COMPUTING

Secure, Scalable and Reliable Cloud Analytics from FusionOps

CloudLink - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds

Cloud Data Storage Services Considering Public Audit for Security

How To Extend Security Policies To Public Clouds

Troux Hosting Options

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government

Successfully Deploying Globalized Applications Requires Application Delivery Controllers

Managing Cloud Computing Risk

F5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access

SANS Top 20 Critical Controls for Effective Cyber Defense

IT Security at the Speed of Business: Security Provisioning with Symantec Data Center Security

JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI

Index Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.

Plan For Today, Grow Into Your Future.

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May ISSN

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

Virtualization Impact on Compliance and Audit

The Advantages of Security as a Service versus On-Premise Security

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Transcription:

A Report Based on Cost & Secured Data used Multi Cloud Storage in Cloud Based Resources. Ms. T.K. Anusuya M.C.A., M.Phil., Head, PG Department of Computer Science Bon Secours College for Women, Thanjavur. shivshreemahathi@gmail.com ABSTRACT After this decade a prototype is shift towards a pay per use service in business in industrial information technology known as cloud computing. The security issues and data store in cloud target on customer outsourced. In this report we can pragmatic from point of customers, relying upon a service provider SP outsourced data is not promising. We can provide a better privacy ensure the data availability by dividing the users data block into data pieces and disburse a number of service provider can take part in the end of this decade is marked by a prototype shift of the industrial information technology towards a pay-per-use service business model known as cloud computing. Cloud data storage redefines the security issues targeted on customer s outsourced data (data that is not stored/retrieved from the costumers own servers). In this work we observed that, from a customer s point of view, relying upon a solo (Service Provider) SP for his outsourced data is not very promising. In addition, providing better privacy as well as ensure data availability, can be achieved by dividing the user s data block into data pieces and distributing them among the available SPs in such a way that no less than a threshold number of SPs can take part in successful retrieval of the whole data block. In this paper, we propose a secured cost-effective multi-cloud storage (SCMCS) model in cloud computing which holds an economical distribution of data among the available SPs in the market, to provide customers with data availability as well as secure storage. Our results show that, our proposed model provides a better decision for customers according to their available budgets. Keywords: Cloud computing, security, storage, cost-effective, cloudservice provider, customer. 1, INTRODUCTION The end of this decade is marked by a paradigm shift of the industrial information technology towards a subscription based or pay-per-use service business model known as cloud computing. This paradigm provides users with a long list of advantages, such as provision computing capabilities; broad, heterogeneous network access; resource pooling and rapid elasticity with measured services [15]. A huge amount of data being retrieved from geographically distributed data sources, and nonlocalized data-handling requirements, creates such a change in technological as well as business model. One of the prominent services offered in cloud computing is the cloud data storage, in which, subscribers do not have to store their own data on their servers, where instead their data will be stored on the cloud service provider s servers. In Page 71

cloud computing, subscribers have to pay the provides for this storage service. This service does not only provides flexibility and scalability data storage, it also provides customers with the benefit of paying only for the amount of data they needs to store for a particular period of time, without any concerns of efficient storage mechanisms and maintainability issues with large amounts of data storage. In addition to these benefits, customers can easily access their data from any geographical region where the Cloud Service Provider s network or Internet can be accessed. An example of the cloud computing is shown in Fig. 1. Along with these unprecedented advantages, cloud data storage also redefines the security issues targeted on customer s outsourced data (data that is not stored/retreived from the costumers own servers). Since cloud service providers (SP) are separate market entities, data integrity and privacy are the most critical issues that need to be addressed in cloud computing. Even though the cloud service providers have standard regulations and powerful infrastructure to ensure customer s data privacy and provide a better availability, the reports of privacy breach and service outage have been apparent in last few years [1] [3] [12] and [13]. Also the political influence might become an issue with the availability of services [8]. In this work we observed that, from a customer s point of view, relying upon a solo SP for his outsourced data is not very promising. In addition, providing better privacy as well as ensure data availability, can be achieved by dividing the user s data block into data pieces and distributing them among the available Ps in such a way that no less than a threshold number of SPs can take part in successful retrieval of the whole data block. To address these issues in this paper, we proposed an economical distribution of data among the available SPs in the market, to provide customers with data availability as well as secure storage. In our model, the customer divides his data among several SPs available in the market, based on his available budget. Also we provide a decision for the customer, to which SPs he must chose to access data, with respect to data access quality of service offered by the SPs at the location of data retrieval. This not only rules out the possibility of a SP misusing the customers data, breaching the privacy of data, but can easily ensure the data availability with a better quality of service. Our proposed approach will provide the cloud computing users a decision model, that provides a better security by distributing the data over multiple cloud service providers in such a way that, none of the SP can successfully retrieve meaningful information from the data pieces allocated at their servers. Also, in addition, we provide the user with better assurance of availability of data, by maintaining redundancy in data distribution. In this case, if a service provider suffers service outage [1] [12] or goes bankrupt, the user still can access his data by retrieving it from other service providers. From the business point of view, since cloud data storage is a subscription service, the higher the data redundancy, the higher will be the cost to be paid by the user. Thus, we provide an optimization scheme to handle the tradeoff between the costs that a cloud computing user is willing to pay to achieve a particular level of security for his data. In other words, we provide a scheme to maximize the security for a given budget for the cloud data. The rest of the paper is organized as follows. The related work is discussed in Section II, followed by the system model and the threat model discussed in Section III. we discussed the Linear Programming model we Page 72

propose as a part of our cost-effective security model. A statistical model is implemented using our approach in section. Finally we conclude the paper. 2, RELATED WORKS Privacy preservation and data integrity are two of the most critical security issues related to user data [4]. In conventional paradigm, the organizations had the physical possession of their data, and thus have an ease of implementing better data security policies. But in case of cloud computing, the data is stored on an autonomous business party, that provides data storage as a subscription service. The users have to trust the cloud service provider (SP) with security of their data. In [7], the author discussed the criticality of the privacy issues in cloud computing, and pointed out that obtaining an information from a third party is much more easier than from the creator himself. Following the pattern of paradigm shift, the security policies also evolved from the conventional cryptographic schemes applied in centralized and distributed data storage, for enabling the data privacy. Many of the cryptographic approaches have been proposed for hiding the data from the storage provider and hence preserving data privacy [18] [19] [5]. In [19], the authors proposed a scheme in which, the user s identity is also detached from the data, and claim to provide public auditing of data. These approaches concentrate on one single cloud service provider that can easily become a bottleneck for such services. In [14], the authors studied and proved that sole cryptographic measures are insufficient for ensuring data privacy in cloud computing. They also argued that the security in cloud storage needs a hybrid model of privacy enforcement, distributed computing and complex trust ecosystems. One more bigger concern that arises in such schemes of cloud storage services, is that, there is no full-proof way to be certain that the service provider doe not retains the user data, even after the user opts out of the subscription. With enormous amount of time, such data can be decrypted and meaningful information can be retrieved and user privacy can easily be breached. Since, the user might not be availing the storage services from that service provider; he will have no clue of such a passive attack. The better the cryptographic scheme, the more complex will be It s implementation and hence the service provider will ask for higher cost. This could also lead to a monopoly over cloud services in the market. To provide users with better and fair chances to avail efficient security services for their cloud storage at affordable costs, our model distributes the data pieces among more than one service providers, in such a way that no one of the SPs can retrieve any meaningful information from the pieces of data stored on its servers, without getting some more pieces of data from other service providers. Therefore, the conventional single service provider based cryptographic techniques does not seem too much promising. In [16], the authors discussed distributing the data over multiple clouds or networks in such a way that if an adversary is able to intrude in one network, still he can not retrieve any meaningful data, because its complementary pieces are stored in the other network. Our approach is similar to this approach, because both aim to remove the centralized distribution of cloud data. Although, in their approach, if the adversary causes a service outage even in one of the data networks, the user data can not be retrieved at all. This is why in our model, we propose to use a redundant distribution scheme, such as in [17], in which at least a threshold number of pieces of the data are required out of the entire distribution range, for successful retrieval. Page 73

Key benefits of Cloud Computing Management Insight, NH, USA, which is a dedicated market research consulting firm, conducted a study (6) on the impact of Cloud services in the market. This study was sponsored by CA Technologies, New York, USA. The statistical data (given in Fig.4 & 5) has revealed the following facts. IT personnel attitude towards the Cloud. Usage of Cloud services in the market Cloud computing offers the following advantages to the enterprises: Lower costs: All resources, including expensive networking equipment, servers, IT personnel, etc. are shared, resulting in reduced costs, especially for small to mid-sized applications. Shifting Capital Expenses to Operational Expenses: Cloud computing enables companies to shift money Page 74

from capital expenses to operating expenses, which ultimately allows the enterprise to focus their m oney and resources on innovation. Agility: Provisioning on - demand enables faster setup on an as -needed basis. When a project is funded, customer can initiate service, and then if the project is over, they can simply terminate the cloud contract. Scalability: Many cloud services can smoothly and efficiently scale to handle the growing nature of the business with a more cost effective pay- as-you-go model. This is also known as elasticity. Simplified maintenance: Patches and upgrades are rapidly deployed across the shared infrastructure, as well as the backups. Diverse platform support: Many cloud computing services offer built-in support for a rich collection of client platforms including browsers, mobile, and more. This diverse platform support enables applications to reach a broader category of users. Faster development: Cloud computing platforms provide many of the core services that, under traditional development models, would normally be built in house. These services, plus templates and other tools can significantly accelerate the development cycle. Large scale prototyping / Testing: Cloud computing makes large scale prototyping and load testing much easier. A client can easily spawn 1,000 servers in the cloud to load test your application and then release them as soon as they are done, and then try doing that with owned or corporate servers. 3, CLOUD STORAGE Rapid data growth and the need to keep it safer and longer will require organizations to integrate how they manage and use their data, from creation to end of life. Now there is an opportunity to store all our data in the internet. Those off-site storages are provided and maintained by the third parties through the Internet which is represented in Fig. 6. Cloud storage offers a large pool of storage was available for use, with three significant attributes: access via Web services APIs on a non persistent network connection, immediate availability of very large quantities of storage, and pay for what you use. It supports rapid scalability [2]. Evolution of Cloud Storage Cloud storage is an offering of cloud computing. Fig. 7 shows the evolution of Cloud Storage based on traditional network storage and hosted storage. Benefit of cloud storage is the access of your data from anywhere. Cloud storage providers provide storage varying from small amount of Page 75

data to even the entire warehouse of an organization. Subscriber can pay to the cloud storage provider for what they are using and how much they are transferring to the cloud storage. Cloud Security reference architecture Reference architectures are useful for understanding how various recommendations come together to provide a complete solution. Enterprises that are interested in cloud computing models should consider the following reference architecture to ensure adequate security and optimal functionality. Diagram Key: 1) Security profile per compute profile 2) Security DMZ per vapp 3) OS Management 4) Resource Management 5) Security profile per network 6) Data Security 7) Security Authentication, Authorization, and Auditing 8) Identity Management 1) Security profile per compute profile Administrators should communicate enterprise corporate security policy and server tier firewall rules that are defined within a vapp to the service provider. This should include corporate server security patch levels, anti-virus status and file-level access restrictions. The VMware vcloud reference architecture provides a method to communicate the policies and server tier firewall rules for the vapp. 2) Security DMZ for vapp : The service provider needs to validate the patch level and security level prior to bringing a vapp into the production environment. The VMware vcloud reference architecture should include a DMZ area for validating the vapp and miti-gating any security violations according to each enterprise s security profile. Page 76

2) OS management: It is important to understand the security hardening performed around the service provider s library of OSs and patching policies. Administrators should update traditional security policies that govern the service provider s hosting environment to ensure that virtual machines are hardened and patched within the standard enterprise policies. Administrators should update virtual machines that are not at the correct patch level to the correct patch level through a DMZ, for example. 4) Resource management: The service provider needs to separate and isolate the resources each customer virtual machine uses from other customers virtual machine resources to prevent DDoS attacks. These attacks are usually caused by log files not having limits or CPU or memory utilization increasing on a single virtual machine through memory leaks or poorly behaving applications. 5) Security profile per network: In addition to the vapp having a compute security profile, there should also be a network security profile to ensure perimeter and Web access security. This includes functionality like switch and router Access Control Lists (ACLs), perimeter firewall rules, or Web application security (Application Firewall, URL Filtering, whitelist and blacklists). The VMware vcloud reference architecture provides a method to communicate the network security profile. A critical component of the reference architecture is the isolation of networks; enterprises need to ensure that service providers implement separate management networks and data networks per customer. In other words, there needs to be complete isolation between each customer s virtual machine and the data traffic connecting to their virtual machines. In addition, service providers should have a separate network for VMware VMotion and VMware VMsafe. Enterprises should request that service providers encrypt all management traffic, including VMware VMotion events. Many enterprises will require encryption of data packets via SSL/IPSec, or management connectivity via SSL or SSH. Some service providers offer only shared or open connectivity. At a minimum, all management connectivity should be provided via SSL. 6) Data security: Enterprises should request service providers provide access paths to only the physical servers that must have access to maintain the desired functionality. Service providers should accomplish this through the use of zoning via SAN N-Port ID virtualization (NPIV), LUN masking, access lists and permission configurations. 7) Security authentication, authorization and auditing: Cloud service provider environments require tight integration with enterprise policies around individual and group access, authentication and auditing (AAA). This involves integrating corporate directories and group policies with the service provider s policies.. Service providers should offer stronger authentication methods to enterprises, such as 2-factor hard or soft tokens or certificates. The enterprise should require a user access report, including administrative access as well as authentication failures, through the service provider portal or via a method that pulls this data back to the enterprise. The VMware vcloud reference architecture provides a method to communicate the access controls and authentication needs to the service provider. Page 77

8) Identity management: Cloud environments require control over user access. Cloud providers must define a virtual machine identity that ties each virtual machine to an asset identity within the provider s infrastructure. Based on this identity, service providers are able to assign user, role and privilege access within the extended infrastructure to provide role-based access controls.enterprises also want to prevent unauthorized data cloning or copying from a virtual machine to a USB device or CD. Service providers can prevent cloning and copying of virtual machines using a combination of virtual machine identity and server configuration management policies. CONCLUSION Enterprises that are looking for ways to streamline internal IT operations, to expand on-premise infrastructure and add capacity on demand, or to fully outsource the infrastructure are all investigating the many advantages of cloud computing. While cloud computing offers a fundamentally new way to cost-effectively and quickly deploy new services and augment existing capabilities, it s not without its challenges. Chief among these challenges is security. IT staff can readily address security concerns by deploying the appropriate solutions and following best practices as they relate to each company s unique business requirements. REFERENCES [1]N. Gruschka, M. Jensen, Attack surfaces: A taxonomy for attacks on cloud services, Cloud Computing (CLOUD ), 2010 IEEE 3rd International Conference on, 5-10 July 2010. [2] W. Itani, A. Kayssi, A. Chehab, Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures, Eighth IEEE International Conference on Dependable, Autonomic and SecureComputing, Dec 2009. [3] M. Jensen, J. Schwenk, N. Gruschka, L.L. Iacono, On Technical Security Issues in Cloud Computing, IEEE International Conference on Cloud Computing, (CLOUD II 2009), Banglore, India, September 2009, 109-116. [4]Securing the Clouds :A review of cloud computing, security implications [5] J. Kincaid, MediaMax/TheLinkup Closes Its Doors, Onlineathttp://www.techcrunch.com/2008//10/mediamaxthelinkup-closes-itsdorrs/,July 2008. [6] B. Krebs, Payment Processor Breach May Be Largest Ever,Onlineathttp://voices.washingtonpost.com/securityfix/2009/01/payment processor breach may b.html, Jan, 2009. [7]M. Dijk, A. Juels, On the Impossibility of Cryptography Alone forprivacy-preserving Cloud Computing, HotSec 2010. [8]P. Mell, T. Grance, Draft NIST working definition of cloud computing, Referenced on June. 3rd, 2009, Online athttp://csrc.nist.gov/groups/sns/cloudcomputing/index.html, 2009. [9] P. F. Oliveira, L. Lima, T. T. V. Vinhoza, J. Barros, M. M edard, Trustedstorage over untrusted networks, IEEE GLOBECOM 2010, Miami, FL.USA. [10] A. Shamir, How to share a secret, Commun. ACM 22, 11(November1979). [11] S. H. Shin, K. Kobara, Towards secure cloud storage, Demo forcloudcom2010, Dec 2010. Page 78

Powered by TCPDF (www.tcpdf.org) ISR NATIONAL Journal of Advanced Research in [12] C. Wang, Sherman S.-M. Chow, Q. Wang, K. Ren, W. Lou, Privacypreservingpublic auditing for secure cloud storage, in InfoCom2010, IEEE,March 2010. Page 79

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information