10-10-2012, 05:07 PM
Enhancing Security in Cloud Computing
Enhancing Security.pdf (Size: 404.09 KB / Downloads: 50)
Abstract
Cloud computing is emerging field because of its performance, high availability, least cost and many others. In
cloud computing, the data will be stored in storage provided by service providers. But still many business
companies are not willing to adopt cloud computing technology due to lack of proper security control policy and
weakness in safeguard which lead to many vulnerability in cloud computing.
This paper has been written to focus on the problem of data security. Service providers must have a viable way
to protect their clients’ data, especially to prevent the data from disclosure by unauthorized insiders. To ensure
the security of users’ data in the cloud, we propose an effective and flexible scheme with two salient features,
opposing to its predecessors. Avoiding unauthorized access to user’s data by signaling user by sending message
to his/her mobile number at the start of transaction. Displaying fake information in case of unsuccessful login
for avoiding further login trials by intrusion (Honeypot).
Introduction to system
Refer Figure 1
A common approach to protect user data is that user data is encrypted before it is stored. In a cloud computing
environment, a user’s data can also be stored following additional encryption, but if the storage and encryption
of a given user’s data is performed by the same service provider, the service provider’s internal staff (e.g.,
system administrators and authorized staff) can use their decryption keys and internal access privileges to access
user data. From the user’s perspective, this could put his stored data at risk of unauthorized disclosure.
In which if a user (either employee or anonymous) want to access the data if it belongs to protection then user
have to register itself (if he is already registered need not require further registration Now suppose the user
registered itself for accessing data, Organization will provide username and password for authentication. At the
same time organization sends the username to cloud provider. Request for access data
Literature Survey
The Internet began to grow rapidly in the 1990s and the increasingly sophisticated network infrastructure and
increased bandwidth developed in recent years has dramatically enhanced the stability of various application
services available to users through the Internet, thus marking the beginning of cloud computing network
services.
Previously many organizations tried to enhance their security for their security constraints, for their secure
database, for their secure web applications but they had not got success to achieve a high-level security for their
organizations.
Example- A commonwealth games website- It did not got the success to achieve the high security level as per
the user’s requests. it was totally failed down to handle the many requests at a once. it was failed down to
provide the online ticket booking facility to the user’s because of the hitting of many requests at a one time. So
that’s why there is need to provide the high level of security over the computing network, we have to use the
cloud computing .and provide better security over it.
Cloud computing services use the Internet as a transmission medium and transform information technology
resources into services for end-users, including software services, computing platform services, development
platform services, and basic infrastructure leasing. As a concept, cloud computing primary significance lies in
allowing the end user to access computation resources through the Internet. Vaquero, Rodero-Merino, Caceres,
and Lindner suggested that cloud computing could be defined as the integration of virtual resources according to
user requirements, flexibly combining resources including hardware, development platforms and various
applications to create services. The special features of cloud computing include the storage of user data in the
cloud and the lack of any need for software installation on the client side. As long as the user is able to connect
to the Internet, all of the hardware resources in the cloud can be used as client-side infrastructure. Generally
speaking, cloud computing applications are demand-driven, providing various services according to user
requirements, and service providers charge by metered time, instances of use, or defined period.
Information security
Information security pertains to protecting the confidentiality and integrity of data and ensuring data availability.
An organization that owns and runs its IT operations will normally take the following types of measures for its
data security:
· Organizational/Administrative controls specifying who can perform data related operations such
as creation, access, disclosure, transport, and destruction.
· Physical Controls relating to protecting storage media and the facilities housing storage devices.
· Technical Controls for Identity and Access Management (IAM), Encryption of data at rest and in
transit, and other data audit-handling compliance requirements.
Conclusion
This paper proposes a more effective and flexible distributed verification scheme to address the data storage
security issue in cloud computing. As it rely on the cryptography algorithms [RSA] and digital signature
techniques, for protecting user data include encryption prior to storage, user authentication procedures prior to
storage or retrieval, and building secure channels for data transmission.
This method achieves the availability, reliability and integrity of erasure coded data and simultaneously
identifies misbehaving servers i.e. whenever data corruptions will occur during the storage correctness
verification, this method should
Identifies the misbehaving servers, Through detailed performance analysis, it show that the scheme should
provide more security to user’s data in cloud computing against failure, unauthorized data modification attacks
and even server colluding attacks