Direct User Data Authentication in Cloud



Similar documents
An Efficient Data Correctness Approach over Cloud Architectures

Security Issues In Cloud Computing And Their Solutions

A VIEW OF CLOUD COMPUTING ADOPTION IN JORDANIAN BUSINESSES

A Survey and a Data Integrity Proofs In Cloud Storage

Research Paper Available online at: A COMPARATIVE STUDY OF CLOUD COMPUTING SERVICE PROVIDERS

Verifying Correctness of Trusted data in Clouds

Ensuring Data Storage Security in Cloud Computing

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

Index Terms: Cloud Computing, Third Party Auditor, Threats In Cloud Computing, Dynamic Encryption.

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

How To Check If A Data File Is Safe In A Cloud Archive

How To Design A Cloud Data Storage Service For A Cloud Computer System

Near Sheltered and Loyal storage Space Navigating in Cloud

Dynamic Data Storage for Trustworthy Cloud

Grid Computing Vs. Cloud Computing

CLOUD COMPUTING SECURITY ISSUES

Applications' of Cloud Computing in Academic Institutions

Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System

Outline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages

Security Considerations for Public Mobile Cloud Computing

CLOUD COMPUTING IN HIGHER EDUCATION

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

Chapter 1 Introduction

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments

PRIVACY PRESERVING PUBLIC AUDITING FOR SECURED DATA STORAGE IN CLOUD USING BLOCK AUTHENTICATION CODE

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

Cloud Computing. What is Cloud Computing?

Abstract 1. INTRODUCTION

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

White Paper on CLOUD COMPUTING

SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

ISSN: (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Enable Public Audit ability for Secure Cloud Storage

PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

How To Ensure Correctness Of Data In The Cloud

Cloud Computing Submitted By : Fahim Ilyas ( ) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

Monitoring Data Integrity while using TPA in Cloud Environment

Architectural Implications of Cloud Computing

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE

A Study of Infrastructure Clouds

RSA BASED CPDP WITH ENCHANCED CLUSTER FOR DISTRUBED CLOUD STORAGE SERVICES

FEDERATED CLOUD: A DEVELOPMENT IN CLOUD COMPUTING AND A SOLUTION TO EDUCATIONAL NEEDS

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing. Karan Saxena * & Kritika Agarwal**

Index Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.

How To Secure Cloud Computing, Public Auditing, Security, And Access Control In A Cloud Storage System

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

Cloud Data Storage Services Considering Public Audit for Security

DATA SECURITY MODEL FOR CLOUD COMPUTING

Customer Security Issues in Cloud Computing

CLOUD COMPUTING. Keywords: Cloud Computing, Data Centers, Utility Computing, Virtualization, IAAS, PAAS, SAAS.

Trusted Public Auditing Process for Secure Cloud Storage

Module 1: Facilitated e-learning

Improving data integrity on cloud storage services


Contents. What is Cloud Computing? Why Cloud computing? Cloud Anatomy Cloud computing technology Cloud computing products and market

Cloud Computing - Architecture, Applications and Advantages

Secure Cloud Computing through IT Auditing

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens.

Security Analysis of Cloud Computing: A Survey

Quick guide: Using the Cloud to support your business

Dynamic Query Updation for User Authentication in cloud Environment

Cloud Computing and Records Management

Cloud Computing-A Tool For Future

Analysis of Privacy Challenges and Security Concerns in Cloud Computing Varun Shukla Department of EC, PSIT

Data Storage Security in Cloud Computing

CHAPTER 8 CLOUD COMPUTING

What Cloud computing means in real life

International Journal of Advanced Research in Computer Science and Software Engineering

International Journal of Innovative Technology & Adaptive Management (IJITAM) ISSN: , Volume-1, Issue-5, February 2014

Overview. The Cloud. Characteristics and usage of the cloud Realities and risks of the cloud

Cloud Computing. Bringing the Cloud into Focus

Technical aspects of Cloud computing. Luís Ferreira Pires University of Twente Meeting of the NVvIR, 17 June 2010

A survey on cost effective multi-cloud storage in cloud computing

Cloud Computing Architecture: A Survey

Mobile Cloud Computing Security Considerations

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government

East African Information Conference th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

Keywords : audit, cloud, integrity, station to station protocol, SHA-2, third party auditor, XOR. GJCST-B Classification : C.2.4, H.2.

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

Multi Tenancy Access Control Using Cloud Service in MVC

Cloud Computing: A Brief Introduction

Cloud Computing. Cloud computing:

Cloud Computing An Elephant In The Dark

Transcription:

International Journal of Electronics and Computer Science Engineering 1954 Available Online at www.ijecse.org ISSN- 2277-1956 Direct User Data Authentication in Cloud P. N. karthikayan 1, C. B. Selvalakshmi 2, Mallikarjuna Nandi 3 (Department of Computer Science & Engg, Velammal college of Engineering and Technology, Maduari) Karthikayan.it@gmail.com 1, cbselak08@gmail.com 2,nandimalliap@gmail.com 3 Abstract- Cloud computing is the long dreamed vision of computing as a utility, where data owners can remotely store their data in the cloud to enjoy on-demand high-quality applications and services from a shared pool of configurable computing resources. While data outsourcing relieves the owners of the burden of local data storage and maintenance, it also eliminates their physical control of storage dependability and security, which traditionally has been expected by both enterprises and individuals with high service-level requirements. In order to facilitate rapid deployment of cloud data storage service and regain security assurances with outsourced data dependability, efficient methods that enable ondemand data correctness verification on behalf of cloud data owners have to be designed. In this article we propose that publicly auditable cloud data storage is able to help this nascent cloud economy become fully established. With public audit ability, a trusted entity with expertise and capabilities data owners do not possess can be delegated as an external audit party to assess the risk of outsourced data when needed. Such an auditing service not only helps save data owners computation resources but also provides a transparent yet cost-effective method for data owners to gain trust in the cloud. We describe approaches and system requirements that should be brought into consideration, and outline challenges that need to be resolved for such a publicly auditable secure cloud storage service to become a reality. Keywords Data Authenticating, Third party audit, Ubiquitous computing 1. CLOUD COMPUTING I. INTRODUCTION Cloud computing has been envisioned as the next generation architecture of the IT enterprise due to its long list of unprecedented advantages in IT: on demand self-service, ubiquitous network access, location-independent resource pooling, rapid resource elasticity, usage-based pricing, and transference of risk. One fundamental aspect of this new computing model is that data is being centralized or outsourced into the cloud. From the data owners perspective, including both individuals and IT enterprises, storing data remotely in a cloud in a flexible on-demand manner brings appealing benefits: relief of the burden of storage management, universal data access with independent geographical locations, and avoidance of capital expenditure on hardware, software, personnel maintenance, and so on. While cloud computing makes these advantages more appealing than ever, it also brings new and challenging security threats to the outsourced data. Since cloud service providers (CSP) are separate administrative entities, data outsourcing actually relinquishes the owner s ultimate control over the fate of their data. As a result, the correctness of the data in the cloud is put at risk due to the following reasons. First of all, although the infrastructures under the cloud are much more powerful and reliable than personal computing devices, they still face a broad range of both internal and external threats to data integrity. Outages and security breaches of noteworthy cloud services appear from time to time. Amazon S3 s recent downtime, Gmail s mass email deletion incident, and Apple mobile ME s post-launch downtime are all such examples. Second, for benefits of their own, there are various motivations for CSPs to behave unfaithfully toward cloud customers regarding the status of their outsourced data. Examples include CSPs, for monetary reasons, reclaiming storage by discarding data that has not been or is rarely accessed or even hiding data loss incidents to maintain a reputation In short, although outsourcing data into the cloud is economically attractive for the cost and complexity of long-term large-scale data storage, it does not offer any guarantee on data integrity and availability. This problem, if not properly addressed, may impede successful deployment of the cloud architecture. 1.1 CLOUD COMPUTING SERVICES Cloud computing providers offer their services according to three fundamental models: Infrastructure As A Service (IAAS), Platform As A Service (PAAS), and Software As A Service (SAAS) where IAAS is the most basic and each higher model abstracts from the details of the lower models. ISSN 2277-1956/V1N4-1954-1956

Direct User Data Authentication in Cloud 1955 Infrastructure as a Service (Iaas) Platform as a Service(Paas) Software as a Service(Saas) Cloud computing is a general term for anything that involves delivering hosted services over the Internet. These services are broadly divided into three categories: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). The name cloud computing was inspired by the cloud symbol that's often used to represent the Internet in flowcharts and diagrams. A cloud service has three distinct characteristics that differentiate it from traditional hosting. It is sold on demand, typically by the minute or the hour; it is elastic -- a user can have as much or as little of a service as they want at any given time; and the service is fully managed by the provider (the consumer needs nothing but a personal computer and Internet access). Significant innovations in virtualization and distributed computing, as well as improved access to high-speed Internet and a weak economy, have accelerated interest in cloud computing. A cloud can be private or public. A public cloud sells services to anyone on the Internet. (Currently, Amazon Web Services is the largest public cloud provider.) A private cloud is a proprietary network or a data center that supplies hosted services to a limited number of people. When a service provider uses public cloud resources to create their private cloud, the result is called a virtual private cloud. Private or public, the goal of cloud computing is to provide easy, scalable access to computing resources and IT services. Infrastructure-as-a-Service like Amazon Web Services provides virtual server instance API) to start, stop, access and configure their virtual servers and storage. In the enterprise, cloud computing allows a company to pay for only as much capacity as is needed, and bring more online as soon as required. Because this pay-for-what-you-use model resembles the way electricity, fuel and water are consumed, it's sometimes referred to as utility computing. Platform-as-a-service in the cloud is defined as a set of software and product development tools hosted on the provider's infrastructure. Developers create applications on the provider's platform over the Internet. PaaS providers may use APIs, website portals or gateway software installed on the customer's computer. Force.com, (an outgrowth of Salesforce.com) and Google Apps are examples of PaaS. Developers need to know that currently, there are not standards for interoperability or data portability in the cloud. Some providers will not allow software created by their customers to be moved off the provider's platform. In the software-as-a-service cloud model, the vendor supplies the hardware infrastructure, the software product and interacts with the user through a front-end portal. SaaS is a very broad market. Services can be anything from Webbased email to inventory control and database processing. Because the service provider hosts both the application and the data, the end user is free to use the service from anywhere. PRIVATE CLOUD Private cloud (also called internal cloud or corporate cloud) is a marketing term for a proprietary computing architecture that provides hosted services to a limited number of people behind a firewall.advances in virtualization and distributed computing have allowed corporate network and datacenter administrators to effectively become service providers that meet the needs of their "customers" within the corporation. Marketing media that uses the words "private cloud" is designed to appeal to an organization that needs or wants more control over their data than they can get by using a third-party hosted service such as Amazon's Elastic Compute Cloud (EC2) or Simple Storage Service (S3). The goal of constructing a private cloud can be acquiring IaaS, PaaS, or SaaS. Based on the objectives, an organization, for example, may simply seek the ability to efficiently deploy/manage servers to provide maximal flexibility for developing and testing applications, and in this case IaaS is what and all the organization needs.

IJECSE,Volume1,Number 4 P. N. karthikayan et al. 1956 1.2 INFORMATION SECURITY THREATS & VULNERABILITIES E-Government security requirements can be studied by examining the overall process, beginning with the consumer and ending with the e-gov Server. The asset that must be protected to ensure e-gov include client computers, the messages travelling on the communication channel, and the and the Web and e-gov servers including any hardware attached to the servers. Client Threats: Until the introduction of executable Web content, Web pages were mainly static. Confidentiality Threats: Confidentiality is the prevention of unauthorized information disclosure. Use of Internet definitely poses confidentiality threats to the messages sent. Malicious Codes: Computer viruses, worms and Trojan Horses are examples of malicious code. People are aware but may not be prepared to deal with such adversaries. Integrity Threats: An integrity threat exists when an unauthorized party can alter a message stream of information. Unauthorized changes and defacing of web-pages may put any e-gov project into jeopardy. Availability Threats: The purpose of availability threats, also known as delay or denial of service threats, is to disrupt normal computer processing or to deny processing entirely. Slowing any Internet service will detract citizens from using egov services. 1.3 INFORMATION SECURITY REQUIREMENTS These needs are governed by the necessity to protect the following security attributes: Authentication: This is the ability to say that an electronic communication (whether via email or web) does genuinely come from who it purports to. Forging the "From" field in an email header is a trivial matter, and far more sophisticated attacks are standard fare for hackers. The traditional method of using passwords alone is no more secure. Privacy: Privacy is the ability to ensure that information is accessed and changed only by authorized parties. Typically this is achieved by enforcing strong security controls in the server systems and via encryption. Authorization: Authorization allows a person or computer system to determine if someone has the authority to request or approve an action or information. Authorization is tied with Authentication. Integrity: The Integrity of information means ensuring that a communication received has not been altered or tampered with.

Direct User Data Authentication in Cloud 1957 Trust: Trust is one of the most vital factors that determine the quality of a cloud organization. There must be a mutual understanding and complete trust between the cloud user and the cloud provider while accessing the cloud data. II. PROBLEM DEFINATION Data outsourcing to cloud storage servers is raising trend among many firms and users owing to its economic advantages. This essentially means that the owner (client) of the data moves its data to a third party cloud storage server which is supposed to - presumably for a fee - faithfully store the data with it and provide it back to the owner whenever required. As data generation is far outpacing data storage it proves costly for small firms to frequently update their hardware whenever additional data is created. Also maintaining the storages can be a difficult task. Storage outsourcing of data to a cloud storage helps such firms by reducing the costs of storage, maintenance and personnel. It can also assure a reliable storage of important data by keeping multiple copies of the data thereby reducing the chance of losing data by hardware failures. Storing of user data in the cloud despite its advantages has many interesting security concerns which need to be extensively investigated for making it a reliable solution to the problem of avoiding local storage of data. Many problems like data authentication and integrity (i.e., how to efficiently and securely ensure that the cloud storage server returns correct and complete results in response to its clients queries [1]), outsourcing encrypted data and associated difficult problems dealing with querying over encrypted domain [2] were discussed in research literature. In this paper we deal with the problem of implementing a protocol for obtaining a proof of data possession in the cloud sometimes referred to as Proof of retrievability (POR).This problem tries to obtain and verify a proof that the data that is stored by a user at a remote data storage in the cloud (called cloud storage archives or simply archives) is not modified by the archive and thereby the integrity of the data is assured. Such kinds of proofs are very much helpful in peer-to-peer storage systems, network file systems, long term archives, web-service object stores, and database systems. Such verification systems prevent the cloud storage archives from misrepresenting or modifying the data stored at it without the consent of the data owner by using frequent checks on the storage archives. Such checks must allow the data owner to efficiently, frequently, quickly and securely verify that the cloud archive is not cheating the owner. Cheating, in this context, means that the storage archive might delete some of the data or may modify some of the data. It must be noted that the storage server might not be malicious; instead, it might be simply unreliable and lose or inadvertently corrupt the hosted data. But the data integrity schemes that are to be developed need to be equally applicable for malicious as well as unreliable cloud storage servers. Any such proofs of data possession schemes do not, by itself, protect the data from corruption by the archive. It just allows detection of tampering or deletion of a remotely located file at an unreliable cloud storage server. To ensure file robustness other kind of techniques like data redundancy across multiple systems can be maintained.

IJECSE,Volume1,Number 4 P. N. karthikayan et al. 1958 OUR CONTRIBUTION We present a scheme which does not involve the encryption of the whole data. We encrypt only few bits of data per data block thus reducing the computational overhead on the clients. Fig. 2. A data file F with 6 data blocks The client storage overhead is also minimized as it does not store any data with it. Hence our scheme suits well for thin clients. In this paper we have worked to facilitate the client in getting a proof of integrity of the data which he wishes to store in the cloud storage servers with bare minimum costs and efforts. Our scheme was developed to reduce the computational and storage overhead of the client as well as to minimize the computational overhead of the cloud storage server. We also minimized the size of the proof of data integrity so as to reduce the network bandwidth consumption. Current data processing frameworks like Google s Map Reduce or Microsoft s Dryad engine have been designed for cluster environments. This is reflected in a number of assumptions they make which are not necessarily valid in cloud environments. In this section we discuss how abandoning these assumptions raises new opportunities but also challenges for efficient parallel data processing in clouds. Storage and computational process. network bandwidth consumption Parallel Data Processing in the Cloud performance degrade and high bandwidth consumption That is higher than the actual cost. Setting the right price for a service is a non-trivial problem, because when there is competition the demand for services grows inversely but not proportionally to the price. There are two major challenges when trying to define an optimal pricing scheme for the cloud caching service. The first is to define a simplified enough model of the price demand dependency, to achieve a feasible pricing solution, but not oversimplified model that is not representative. For example, a static pricing scheme cannot be optimal if the demand for services has deterministic seasonal fluctuations. The cloud caching service can maximize its profit using an optimal pricing scheme. This work proposes a pricing scheme along the insight that it is sufficient to use a simplified price-demand model which can be re-evaluated in order to adapt to model mismatches, external disturbances and errors, employing feedback from the real system behavior and performing refinement of the optimization procedure. Overall, optimal pricing necessitates an appropriately simplified price-demand model that incorporates the correlations of structures in the cache services. The pricing scheme should be adaptable to time changes.simple but not simplistic price-demand modeling. We model the price-demand dependency employing second order differential equations with constant parameters. This modeling is flexible enough to represent a wide variety of demands as a function of price. The simplification of using constant parameters allows their easy estimation based on given price-demand data sets. The model takes into account that structures can be available in the cache or can be discarded if there is not enough respective demand. Optional structure availability allows for optimal scheduling

Direct User Data Authentication in Cloud 1959 of structure availability, such that the cloud profit is maximized.the model of price-demand dependency for a set of structures incorporates their correlation in query execution. CONCLUSION AND FUTURE WORKS: The data can be directly accessed in the database by the user successfully The network bandwidth is also minimized as the size of the proof is comparatively very less(k+1 bits for one proof). It should be noted that our scheme applies only to static storage of data. It cannot handle to case when the data need to be dynamically changed. Hence developing on this will be a future challenge. Also the number of queries that can be asked by the client is fixed apriori. But this number is quite large and can be sufficient if the period of data storage is short. It will be a challenge to increase the number of queries using this scheme. REFERENCES [1] E. Mykletun, M. Narasimha, and G. Tsudik, Authentication and integrity in outsourced databases, Trans. Storage, vol. 2, no. 2, pp. 107 138, 2006. [2] D. X. Song, D. Wagner, and A. Perrig, Practical techniques for searches on encrypted data, published in Security and Privacy, 2000. Proceedings. 2000 at IEEE Symposium., Page(s): 44-55, Publication Year: 2000. [3]Socie Y. Zhao, M. Hategan, B. Clifford, I. Foster, G. von Laszewski, V. Nefedova, I. Raicu, T. Stef-Praun, and M. Wilde. Swift: Fast, Reliable, Loosely Coupled Parallel Computation. In Services, 2007 IEEE Congress on, pages 199 206, July 2007. [4] I. Foster and C. Kesselman. Globus: A Metacomputing Infrastructure Toolkit. Intl. Journal of Supercomputer Applications, 11(2):115 128, 1997. [5] J. Frey, T. Tannenbaum, M. Livny, I. Foster, and S. Tuecke. Condor- G: A Computation Management Agent for Multi- Institutional Grids. Cluster Computing, 5(3):237 246, 2002.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information