International Journal of JOURNAL OF and Technology (IJCET), ISSN 0976INTERNATIONALComputer EngineeringCOMPUTER ENGINEERING 6367(Print), ISSN 0976 6375(Online) Volume

e 4, Issue 1, January- February (2013), IAEME & TECHNOLOGY (IJCET)

ISSN 0976 6367(Print) ISSN 0976 6375(Online) Volume 4, Issue 1, January- February (2013), pp. 178-181 IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2012): 3.9580 (Calculated by GISI) www.jifactor.com

IJCET
IAEME

DATA SECURITY FRAMEWORK FOR CLOUD COMPUTING NETWORKS

ABHISHEK PANDEY1, R.M.TUGNAYAT2, A.K.TIWARI3
1

(Computer Science and Engineering, Dr.C.V.Raman University, Kota Road Bilaspur Chhattisgarh, India, abhishekpandey2007@gmail.com) 2 (Information Technology, Jawaharlal Darda Institute of Engineering & Technology, Yavatmal Maharashtra,INDIA, rmtugnayat@gmail.com) 3 (Information Technology, Disha College Raipur, Chhattisgarh,INDIA, anil1969_rpr@yahoo.com

ABSTRACT Cloud Computing is used for management of resources applications and information as services over the cloud. The resources used in Cloud Computing are the resources that are usually distributed as services. The cloud allows its services as a utility and because of the flexibility in its architecture, exposes it to various security threats. Cloud allows the flow of data to different environments which may not be trustworthy and hence opens up to various security challenges. In this work we concentrate on the security issues related to cloud data storage and provide an efficient way to secure the same. Keywords : Cloud, Encryption, Security Model, Storage. I. INTRODUCTION The Cloud computing is highly scalable, dynamic and easily configurable more over it can handle multitenant request simultaneously. The existence of the cloud environment has provided an ease of deployment of large scale distributed systems for utilization of various resources and services. The services in cloud (Service Models) is classified as Software as Service (SaaS) where in the user is provided with an application or service that exists in the cloud, secondly Platform as Service (PaaS) which provides the user an access to the platform and third is Infrastructure as Service (IaaS) which leases the processing storage and other computing resources to the user[1]. The primary ways in which the cloud can be deployed
178

International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 1, January- February (2013), IAEME

(Deployment Models) are Public Cloud, which allows the user to utilize all the resources (service and applications) available. The second way of deployment is Private cloud wherein the user has complete control over the data and security. The third is Hybrid cloud which is a combination of Private and Public cloud . The cloud environment allocates the resources dynamically in response to the users request and predesigned quality of service (QoS). With the adoptability of various technologies by the cloud which includes various networks, operating systems, and databases opens it up to various security threats. These issues can be abuse, malicious insiders, data loss and risk profile [2,3]. II. THREATS TO CLOUD COMPUTING Information security is a critical issue in cloud computing environments. Clouds have no borders and the data can be physically located anywhere in any data centre across the network geographically distributed. So the nature of cloud computing raises serious issues regarding user authentication, information integrity and confidentiality. Applications deployed on cloud undergo same kind of attacks as that on client-server model. SaaS based applications are vulnerable to the virus . SaaS applications depend on web services and web browser to deliver their services to user. They face security challenges arising out of network infrastructure and web services .IaaS and PaaS services are hardware dependent and face more, challenges arising out of characteristics of cloud computing, than SasS applications. To handle these issues related with the security we can use Public key cryptography. Our major concern in this work is deal with the security of the data storage in cloud. The basic idea in cloud data storage is to protect the information/data from an unauthorized access which may raise the possibility of various threats to it. The data stored in the cloud in many ways is exposed to various threats which may result to data loss, corrupt data and also there is a possibility that it may be disclosed. The scheme proposed focuses on these issues and with the help of various cryptographic techniques we will try to secure the data in cloud environment. This can be achieved by securing the storage when the data is in secured environment before transferring it to an unsecured environment. This can be achieved by various encryption algorithms available like asymmetric and symmetric algorithms but as the performance of asymmetric is slow as compared to the later symmetric algorithms are mostly preferred for the same [4]. The usage of encryption as a technique to secure data guarantees the confidentiality of data and helps to detect any corruption in data [10,11,12].The existing solution provided to overcome these issues either lack in scalability or generality [3]. III. DATA SECURITY MODEL To overcome the problems stated above we propose a multi tier cloud architecture where in we deploy two/more clouds for securing the data stored in an effective manner. In this approach one cloud is deployed as a Secured Cloud which will be responsible for all the security concerns and the operations related to it whether it be encrypting the data or providing a secured access to the data stored. The data stored in the Secured Cloud is then moved to an unsecured environment where it is open for access to all. This 2-tier architecture will help us to achieve enhanced performance in less computational power that a cloud offers.

179

International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 1, January- February (2013), IAEME

Secured Cloud

Client

Unsecured Cloud

Fig.1- Two Tier Cloud Architecture In the proposed scenario we use a fully Homomorphic encryption scheme as it allows any party to publicly transform ciphertexts for some plaintexts 1,..n into a ciphertext for some function f(1, n) of the plaintexts, without the party being aware of the plaintexts. These schemes are useful for constructing privacy-preserving protocols which is the basic requirement in cloud environment where in a user can store encrypted data on a server, and allow the server to process the encrypted data without revealing the data to the server. Homomorphic encryption schemes supported only a limited set of functions f, which restricted their applicability. The theoretical problem of constructing a fully homomorphic encryption scheme supporting arbitrary functions f, was only recently solved by the breakthrough work of homomorphic Gentry [5,6,7,8]. A homomorphic encryption scheme Hom consists of four algorithms: KeyGen: Given security parameter , returns a secret key sk and a public key pk. Encryption(Enc): Given plaintext f{0, 1} and public key pk, returns ciphertext . Decryption(Dec): Given ciphertext and secret key sk, returns plaintext . Eval: Given public key pk, a t-input circuit C (consisting of addition and multiplication gates modulo 2), and a tuple of ciphertexts (1.. t) (corresponding to the t input bits of C), returns a ciphertext (corresponding to the output bit of C). Hom is said correct for a family C of circuits with t = Poly() input bits if for any C C and input bits (i)it, the following holds with overwhelming probability over the randomness of KeyGen and Enc:Dec(sk; Eval(pk;C; (1 t))) = C(1 t),where (sk, pk) = KeyGen() and i = Enc(pk, i) for i = 1.. t. Hom is said compact if for any circuit C with t = Poly() input bits, the bit-size of the ciphertext Eval(pk,C,(1.t)) is bounded by a fixed polynomial b(). While using an encryption technique, the key issue is that related to the systematic management and usage of an encryption key generated to protect the data. These keys are the vital part of the data being protected. The keys generated to protect the data are generally stored with the data which provides an opportunity for the attacker to have an access both to the key and the data being protected. The other approach used is to allow the user to have an access to these data from any location till they are in trusted environment which again raises the possibility to security being compromised as here the keys can be shared with the multiple users [10,13]. In this approach, any existing Managed Private Cloud solution can be used, but there is no consistency concerning the authenticity and correctness of the result. The later approach aims to fill bridge this gap which relies on the less computational power that cloud offers. In place of using only one cloud architecture to render a given service, two or more clouds are deployed and used so as to verify the correctness of the result and to identify an incorrect output[14].
180

International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 1, January- February (2013), IAEME

IV. CONCLUSION With the latest development in cloud computing, security issue has become an area of great concern. This paper discusses the cloud computing environment safety issues through analyzing a cloud computing framework i:e a cloud computing model for data security. As we have shown in the paper, most cryptographic primitives are ready to be deployed for the security. As a direct generalization of the problem of secure outsourcing one can look at the case where a group of clients, that trust each other, want to use a cloud based computation service that they do not fully trust. In this scenario, the proposed fully homomorphic encryption schemes can be used. It is clear that the design of secure outsourcing computation schemes is a very challenging research area. REFERENCES
[1] Peter Mell and Tim Grance, The NIST Definition of Security Alliance (CSA). Cloud computing, October 7, 2009, version 15, National Institute of Standards and Technology (NIST). [2] Jamil,Danish.Zaki ,Hassan. Cloud Computing Security. In International Journal of Engineering Science and Technology.Vol.3 No.4April2011. [3] Gens, F.New IDC IT Cloud Services Survey: Top Benefits and Challenges. In: IDC eXchange (2009), http://blogs.idc.com/ie/?p=730. [4] Narpat,S.Sekhawat et.al. Cloud Computing Security through Cryptography for Banking Sector.In Proc. 2011 5th National Conference.INDIACom-2011. [5] N. Gama and P. Q. Nguyen. Finding short lattice vectors within Mordell's inequality. In Proc. of STOC, pages 207_216. ACM, 2008. [6] N. Gama and P. Q. Nguyen. Predicting lattice reduction. In Proc. of Eurocrypt,volume 4965 of LNCS, pages 31_51. Springer, 2008. [7] C. Gentry. A fully homomorphic encryption scheme. PhD thesis, Stanford University,2009. Manuscript available at http://crypto.stanford.edu/craig. [8] C. Gentry. Fully homomorphic encryption using ideal lattices. In Proc. of STOC,pages 169_178. ACM, 2009. [9] Yanpei Chen, Vern Paxson and Randy H. Katz, Whats New About Cloud Computing Security? Technical Report No. UCB/EECS-2010-5, http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.html, Jan. 20, 2010. [10] RSA, The Role of Security in Trustworthy Cloud Computing. [11] Ebenezer A. Oladimeji, Security threat Modeling and Analysis: A goal-oriented approach, 2006. [12] Ristenpart, Thomas and Tromer, Eran and Shacham, Hovav and Savage, Stefan, Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds, 2009. [13] Shamir, Adi, How to share a secret Communication. ACM, 1979, 612613. [14] J. S. Plank and J. Luo and C. D. Schuman and L. Xu and Z. Wilcox-O'Hearn, A Performance Evaluation and Examination of Open-Source Erasure Coding Libraries For Storage, 2009 . [15] Suresh Kumar RG, S.Saravanan and Soumik Mukherjee, Recommendations For Implementing Cloud Computing Management Platforms Using Open Source International journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 3, 2012, pp. 83 - 93, Published by IAEME [16] Gurudatt Kulkarni, Jayant Gambhir and Amruta Dongare, Security In Cloud Computing International journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 1, 2012, pp. 258 - 265, Published by IAEME

181