A Threshold Secure Data Sharing Scheme for Federated Clouds

478 views

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
478
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
9
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

A Threshold Secure Data Sharing Scheme for Federated Clouds

  1. 1. International Journal of Research in Computer Science eISSN 2249-8265 Volume 2 Issue 5 (2012) pp. 21-28 www.ijorcs.org, A Unit of White Globe Publications doi: 10.7815/ijorcs.25.2012.044 A THRESHOLD SECURE DATA SHARING SCHEME FOR FEDERATED CLOUDS K.Venkataramana1, Dr.M.Padmavathamma2 1 Research Scholar, Department of Computer Science, S.V.University, Tirupati, A.P, India Email: ramanakv4@gmail.com 2 Research Supervisor & Head, Department of Computer Science, S.V.University, Tirupati, A.P, India Email: prof.padma@yahoo.comAbstract: Cloud computing allows users to view forms like Software as a Service-SaaS (e.g. Googlecomputing in a new direction, as it uses the existing apps, 2011), Platform as a Service-PaaS (e.g. Googletechnologies to provide better IT services at low-cost. app engine (2011), Microsoft’s Azure (Azure servicesTo offer high QOS to customers according SLA, cloud platform, 2011)) and Infrastructure as Service-IaaSservices broker or cloud service provider uses (e.g. Amazon web services, 2011(AWS); Eucalyptus,individual cloud providers that work collaboratively to 2011; Open Nebula (OpenNebula, 2011).To deliverform a federation of clouds. It is required in the services efficiently cloud should possess theapplications like Real-time online interactive characteristics like Resource pooling, Virtualization,applications, weather research and forecasting etc., in Multi-tenancy, On-demand self-service, Rapidwhich the data and applications are complex and elasticity ,metered service etc., as show in Fig-1.distributed. In these applications secret data should beshared, so secure data sharing mechanism is requiredin Federated clouds to reduce the risk of dataintrusion, the loss of service availability and to ensuredata integrity. So In this paper we have proposed zeroknowledge data sharing scheme where Trusted CloudAuthority (TCA) will control federated clouds for datasharing where the secret to be exchanged forcomputation is encrypted and retrieved by individualcloud at the end. Our scheme is based on the difficultyof solving the Discrete Logarithm problem (DLOG) ina finite abelian group of large prime order which isNP-Hard. So our proposed scheme provides dataintegrity in transit, data availability when one of hostproviders are not available during the computation.Keywords: Cloud computing, Federated clouds,Secure Data sharing, SMC, WRF, Encrypted secret,primitive polynomial, primitive number. I. INTRODUCTION Cloud computing can be viewed as a new paradigmfor dynamic and controlled provisioning of sharablecomputing resources, maintained by state-of-the-artdata centers based on network of Virtual Machines Figure 1: Cloud Computing Modelrunning on high powered physical machines. NIST[1]defines Cloud computing whose main design aim is to Slow access to data, applications, and Web pagesprovide convenient, on-demand, network access to a frustrates employees and customers alike, and someshared pool of configurable computing resources (e.g. performance problems and bottlenecks can even causenetworks, servers, storage, applications, and services), application crashes and data losses. So as to improvewhich can be rapidly provisioned and released with the performance, providers has to increase computingminimal management effort or service provider resources by their aggregated capabilities to provideinteractions. Cloud can be deployed in public, private infinite computing services through federation andor hybrid models which provides services in various interoperability. www.ijorcs.org
  2. 2. 22 K.Venkataramana, Dr. M. Padmavathamma provisioning of services across different Cloud As cloud computing evolves, the vision of federated providers.clouds across which Communications, data, andservices can move easily within and across several In paper by Subashini and kavitha[5], has discussedcloud infrastructures—adds another layer of various security issues at various service models likecomplexity to security equation. Even though Data security, Network security, Data locality, Datafederated Cloud paradigm aims to provide flexible and integrity, Data segregation, Data access,reliable services composed of a mixture of internal and Authentication and authorization. Cloud computingexternal mini-clouds, but this heterogeneous nature is has significant implications for the privacy of personalalso fuelling the security concerns of the customers. To information as well as for the confidentiality ofallay the fears and deal with the threats associated with business and governmental information. In the case ofoutsourcing data and applications to the Cloud, new federated clouds this becomes more serious issue thatmethods for security assurance are urgently required. is to be addressed. For computation exchange of dataCloud providers should address privacy and security between clouds in federation is necessary so bothissues as a matter of high and urgent priority. In this privacy and integrity of data should be considered.paper among the various security issues we considerthe issue of exchanging of private data between the Even within the cloud provider’s internal network,clouds in federation securely. encryption and secure communication are essential, as the information passes between countless, disparate The purpose of this paper is to provide a new data components through network domains with unknownsharing scheme for federated clouds which comprises security, and these network domains are shared withvarious host providers which ensures privacy and other organizations of unknown reputability[6].Theavailability of data. The remainder of this paper is confidentiality of sensitive data must be protected fromorganized as follows Section-2 summarizes previous mixing with network traffic with other cloud hosts. Ifwork in the area of federated computing and its the data is shared between multiple users or clouds ,security. Section-3 introduces the federation the CSP must ensure data integrity and consistency.computing, technologies and various security issues. The CSP must also protect all of its cloud serviceSection- 4 specifies the proposed model and Section-5 consumers from malicious activities or dataprovides working mechanism of the model. In Section- modification [7-8].6 we have given results for the scheme and finalsection we have given our conclusions along with In [10] Mohammed Abdullatif et.al, has discussedfuture work. about data privacy in DAAS. In their paper Shamir’s secret sharing mechanism has been used for securing II. RELATED WORK data , so that individual data values will not be visible As in [3] Federation is the ability of multiple to the service provider and provider can recover data inindependent resources to act like a single resource. case of data loss. By above literature study we haveCloud computing itself is a federation of resources, so proposed this scheme for secure data sharing inthe many assets, identities, configurations and other federated clouds which ensures that secret data used indetails of a cloud computing solution must be computation is not visible to anyone except to ownerfederated to make cloud computing practical. Also of data ie., one of the cloud host provider whomany issues like trust, Identity access management, participates in computation by sharing data and avoidsSigning-in has been discussed regarding Federation of modification of data due to malicious host.clouds. III. FEDERATION COMPUTING Buyya et al. in [4] suggests a cloud federationoriented, just-in-time, opportunistic and scalable Cloud federation brings together different serviceapplication services provisioning environment called providers and their offered services so that manyInterCloud. As a result Cloud application service Cloud variants can be tailored to match different sets(SaaS) providers will have difficulty in meeting QoS of customer requirements. Cloud provider can provideexpectations for all their consumers. Hence, they resources to satisfy complex application request only ifwould like to make use of services of multiple Cloud he holds infinite resources at his premises. Since this isinfrastructure service providers who can provide better not the case, so providers need to collaborate to be ablesupport for their specific consumer needs. This kind of to fulfill requests during peak demands and negotiaterequirements often arises in enterprises with global the use of idle resources with other peers. This is theoperations and applications such as Internet service, goal of federation. The main purpose of moving tomedia hosting, and Web 2.0 applications. This federated clouds is to improve what was offered innecessitates building mechanisms for federation of single clouds by distributing reliability, trust, andCloud infrastructure service providers for seamless security among multiple cloud providers. www.ijorcs.org
  3. 3. A Threshold Secure Data Sharing Scheme for Federated Clouds 23 When increasing resources on the cloud to restore compatible interface which can be utilized foror improve application performance, administrators federation at the IaaS layer. CometCloud is ancan scale either horizontally (out) or vertically (up), autonomic computing engine that enables the dynamicdepending on the nature of the resource constraint. and on-demand federation of Clouds as well as theVertical scaling (up) entails adding more resources to deployment and execution of applications on thesethe same computing pool—for example, adding more federated environments. It supports heterogeneous andRAM, disk, or virtual CPU to handle an increased dynamic Cloud infrastructures, enabling theapplication load. Horizontal scaling (out) requires the integration of public/private Clouds and autonomicaddition of more machines or devices to the computing Cloud bursts, i.e., dynamic scale-out to Clouds toplatform to handle the increased demand. Scalability is address dynamic workloads. Conceptually,the inherent feature of cloud computing which has at CometCloud is composed of a programming layer,least two dimensions, namely horizontal cloud service layer, and infrastructure layer.scalability and vertical cloud scalability [2]. Horizontalcloud scalability is the ability to connect and integrate B. Security issues in Federated Cloudsmultiple clouds to work as one logical cloud. All the above technologies does not specify any security related measures for federated environment at For instance, a cloud providing calculation services any service layer, to address the data integrity, data(calculation cloud) can access a cloud providing availability and sharing. Federated clouds posestorage services (storage cloud) to keep intermediate challenges like whether the client or other cloud isresults. Two calculation clouds can also integrate into servicing according to SLA agreements. The diversitya larger calculation cloud. Vertical cloud scalability and flexibility of the capabilities envisioned by Inter-can be used to improve the capacity of a cloud by cloud enabled federated Cloud computing model,enhancing individual existing nodes in the cloud (such combined with the magnitudes and uncertainties of itsas providing a server with more physical memory) or components, pose difficult problems and challenges inimproving the bandwidth that connects two nodes. effective provisioning and delivery of application services in an efficient and secured manner [11]. Security is one of the most important and paramount elements of such a computing environment. In a cross-clouds federated environment, security concerns are even more important and complex. Cloud computing paradigm, in general, will only be adopted by the users, if they are confident that their data and Federated privacy are secured. Cloud computing involves the Clouds sharing or storage by users of their own information on remote servers owned or operated by others and Cloud 1 Cloud 2 Cloud n accesses through the Internet or other connections. Cloud computing services exist in many variations, including data storage sites, video sites, tax preparation sites, personal health record websites and many more. The entire contents of a user’s storage device may be stored with a single cloud provider or with many cloud providers. Whenever an individual, a business, a Figure 2: Federated Clouds government agency, or any other entity shares information in the cloud, privacy or confidentialityA. Cloud Federation Technologies questions arise which should be properly addressed to As discussed in [9] the following technologies tap the market among various cloud players.provide mechanisms which support Cloud services andeven federation. Such as, Open Nebula provides an IV. PROPOSED SCHEMEopen-source and extensible architecture that can be Our secure data sharing scheme for Federated cloudmodified to fit an individual Cloud. It can be leveraged contains various cloud instances belonging to sameby adding APIs and plug-ins to the existing Cloud host or different hosts that participate inarchitecture in order to facilitate inter-Cloud computation to get overall benefit which is notcommunication at different layers of the service stack. possible with a single cloud. Each cloud instance willEucalyptus is also an open-source framework that uses share their data secretly without knowing other hostsstorage and computational infrastructure to provide a data thus ensuring privacy and achieve the final result.Cloud computing platform. Eucalyptus provides a Cloud host providers Exchanges data to solve the n2modular, extensible framework with an Amazon EC2 www.ijorcs.org
  4. 4. 24 K.Venkataramana, Dr. M. Padmavathamma 1 Credentials 2 Private Key giproblem by facilitating as mediators for enabling 3 Generation of Secret Primitive Polynomialconnectivity among disparate cloud environments. 4 SMC implementation to compute Sum In our proposed scheme whenever customer Polynomialrequests cloud host provider for service, also if it is ancomplex application request and the computation 5 Public keys hi, ti for individual verification anddepends on other cloud hosts values then it is required δ for secret recoveryto form into federation of clouds as shown in figure-2 6 Malicious Cloud Verificationabove. Among the cloud one will act as Trusted Cloudauthority (TCA) which will control and coordinate 7 Report Malicious Cloudentire computation. TCA will request will accepts 8 Recover Secret from SUM Polynomialcredential / if already contains credentials of eachcloud it will use it to initialize the secure data sharingscheme by giving secret keys and initiate the process.The various phases of working in our proposed scheme Figure 3: Proposed secure data sharing in Federatedare described in the next section and outlined Cloudsdiagrammatically in the given figure-3. V. WORKING OF PROPOSED SCHEME Upon request from client/application TCA willcreates a Session for that particular instance of The proposed scheme is used to secure secret datacomputation and session-id’s are dynamically created when shared during computation between federatedfor each host participating in computation. Session-id’s clouds. In this scheme the secret data is encrypted andare sent to all the cloud hosts in federation privately. decrypted by the each cloud to retrieve original value.Session-id can be used for authentication when each of We assume that following assumptions hold good atthem exchange data during computation. Internally initialization phase.cloud hosts will have co-coordinators to coordinate the 1. That TCA and cloud hosts providers exchangecomputation which will work according to SLA. Our data securelyscheme uses SMC[12] mechanism but the secret value 2. All Cloud providers are honest without maliciousused in data sharing is encrypted which is difficult to in nature.know as we have used DL technique and finally eachcloud can decrypt the final value by using their secret The data sharing scheme works in following phases askeys. In our scheme secret value will not be known to 1. Initialization Phasethe TCA also, as it is encrypted by hosts with their 2. Distribution Phaseown keys. 3. Verification Phase 4. Recovery Phase A. Initialization Phase In this phase TCA will starts session and session id’s are sent to all clouds secretly that participate in Customer computation. Then TCA by using their credentials computes and sends private and public keys for cloud hosts in federation for computation. Let C1,C2,C3,………………..Cn are the cloudsFederated involved in computation. Clouds 7 7 5 5 1. The credentials of each cloud Ci are sent to TCA by 1 5 1 2 7 C1,C2….Cn 2 Cloud 1 2 Cloud 2 1 Cloud n 2. TCA generates large primes CPi from credentials of 6 6 6 each cloud Ci. 8 3. TCA computes NPi=2*CPi 3 8 3 8 3 4 4 4. For each cloud Ci, TCA generates a primitive root ‘gi’ from NPi. 5. TCA sends gi securely which is private to each cloud Ci, and NPi is public to all the clouds.B. Generation of Polynomial 1. Each cloud Ci generates a group ZNpi* with the generator gi and Npi. www.ijorcs.org
  5. 5. A Threshold Secure Data Sharing Scheme for Federated Clouds 252. Ci builds Galois field (GF) consisting of primitive ie. Xritj ≠ 1(mod F(x),gpi) elements with the group ZNpi* ie., Galois E. Recovery Phase field(ie.,GF(gibi) has Ф(gibi – 1) primitive elements where bi Є ZNpi*. In this phase after verification by each cloud Ci , the3. Each cloud Ci generates a polynomial fi(x) with secret is recovered by using following steps by each coefficients in GF and hence fi(x) is a primitive party . Secret can be recovered even if there exists a polynomial. malicious party m(m<n/2). [ie. fi(x) = a0 x+ a1x1+ a2x2+………+an-1xn-1] S=∑(Sidi) where di=(gbi)δi where δi Є Znpi* such that where fi(0)=a0 gibi δi≡ 1 mod npi S = S1(g1b1)δ1+S2(g2b2)δ2+……………..+Sn(gnbn)δn.C. Distribution Phase =S1g1b1.δ1+ S2g2b2.δ2+……………………..+ In this phase each cloud host in federation exchange +Sngnbn.δnsecrets for computation to achieve final polynomial =S1(g1b1* g1-b1 mod np1)+ S2(g2b2* g2-b2 modwith secret value in encrypted form np2)+…………..+ Sn(gnbn* gn-bn mod npn)1. Each Coefficient ai in primitive polynomial fi(x) is = S1 (g10 mod np1)+ S2 (g20 mod np2) the primitive number in GF(gibi) where 0<i≤ n-1 +………………………+ Sn (gn0 mod npn) and a0 is secret value of Ci. = S1*1+ S2*1+…………….+ Sn*12. Each Ci computes, a0= Sidi where di=(gibi)δI = S1+S2+…………….+Sn where δi Є ZNpi* such that gibi δi≡ 1 mod NpI Further in recovery phase SMC can be applied to here Si is the secret that is to be shared between the following three cases in recovering secret if clouds during computation. malicious cloud host exists during data sharing or data3. Each Cloud Ci implements Secure Multiparty recovery when it is distributed among multiple or Computation (SMC) scheme and computes final federated clouds. ∑ n i =1 fi ( x ) Case 1: Assume All ‘n’ clouds hosts in federation are sum polynomial F(x)= and coefficients are in GF sends it to TCA for verification. Honest for ‘n’ honest clouds, The co-efficient of xo in sum polynomial F(x) is the sum of secret shares of all Ci and it is valid for each Ci iff Xriti≡1(mod F(x),gpi)D. Verification Phase Case 2: Assume that n-1 cloud hosts in a Federation In this phase each cloud host in federation verifies are Honest with some are maliciousthe secret value by decrypting and finds the malicioushost if exists and reports to TCA or rejects its value. For ‘n-1’ honest clouds, If any cloud is dishonest among ‘n’ clouds the ‘n-1’ clouds together obtains theNote: Any polynomial f(x) with co-efficient of GF(P) sum of secret shares as sum of secret shares assatisfies the Identity, F(xP)≡[f(x)]P (since gi=P andGF(P)=GF(gi)) For n-1 parties we reconstruct secret S as1. TCA randomly selects a prime gpi that satisfies the Sn-1=(S1g1b1)δ1+(S2g2b2)δ2+……………..+(Sn-1gn-1bn-1)δn-1. identity stated above. In the sum Polynomial, the sum of the secrets obtained hence F(xgpi)≡F(x)gpi by each cloud is ,2. Then TCA chooses a small random number ti Є Z+. ∀ ∃hi Є Z+ ∋hiti≡1 (mod gpi). ti S=∑(Sidi) where di=(gbi)δi where δi Є ZNpi* such that3. TCA sends gpi, hi,ti to the corresponding clouds Ci gibi δi≡ 1 mod Npi and announces as public to all the clouds. S = S1(g1b1)δ1+S2(g2b2)δ2+……………..+Sn(gnbn)δn.4. Each cloud Ci chooses a secret element ri∈GF(gibi) =S1g1b1.δ1+ S2g2b2.δ2+…………………….. such that Xri≡hi(mod F(x), gpi) + Sngnbn.δn5. Each cloud Ci verifies Cj as Xritj≡(Xri)tj≡hjtj S= Sn-1+ Sngnbn.δn ≡1(mod ( F(x),gpj)) ie., Sngnbn.δn =S-Sn-16. If any cloud Ci is malicious then the above congruence dissatisfies, since the Sum Polynomial F(x) sent from Ci to Cj is wrong. If n/2 are malicious clouds thenCase 3: Assuming that there are >=n/2 cloud hosts aremalicious in federation. S = S1(g1b1)δ1+S2(g2b2)δ2+………+ www.ijorcs.org
  6. 6. 26 K.Venkataramana, Dr. M. PadmavathammaS2(gn/2bn/2)δn/2+……..+Sn(gnbn)δn Cp = 5843 Np4 = 11686 g4 = 11681S = S1(g1b1)δ1+S2(g2b2)δ2+………+ B. Generation of Polynomials:S2(g n/2bn/2)δn/2+……..+Sn(gnbn)δn +Sn(gnbn)δn∴ S≠Sn/2 (7)X^3 + (26)X^2 + (6)X^1 + (2)X^0S = 4*(n/2) unknowns+……………….+Sn-1+Sn (19)X^3 + (16)X^2 + (12)X^1 + (4)X^0 (10)X^3 + (13)X^2 + (3)X^1 + (6)X^0The unknowns in the sum polynomial are 2n, so it is (24)X^3 + (15)X^2 + (19)X^1 + (8)X^0not possible to get S from 2n unknowns. C. Distribution of Secret: VI. EXPERIMENTAL ANALYSIS OF PROPOSED s1=2 (original secret) SCHEME s2=4 (original secret) We have verified the only the base scheme used in a0= s1d1= 646541456023 (E)encrypted)data sharing between the clouds by using Java 1.7 on a0= s2d2= 1636831633111541 (E)encrypted)Intel Core-i3 processor with 4 GB RAM. We have s3=6 (original secret)taken only small values as credentials due to s4=8 (original secret)computation resource constraint which has given a0= s3d3= 293280735995777662001(E)following results, here number of clouds in federationis taken as 4. a0= s4d4= 2540271545712591010246081(E)Enter how many Clouds involve in Federation for where di=(gibi)δi where δi Є ZNpi* such that gibi δi≡ 1Communication: 4 mod Npi ==> δi= gi-bi mod NpiA. Generation of Parameters: The revised polynomials are:Enter the grant type: Client (24)X^3 + (4)X^2 + (20)X^1 + (8368306130700080)X^0Enter the service type: Application (3)X^3 + (18)X^2 + (23)X^1 +Enter the client name: Amazon (2076343186244444682973568)X^0Enter the client region: Asia (18)X^3 + (24)X^2 + (20)X^1 +Enter the client location: India (21783804456699014989946336906386176)X^0Enter the service payment: 250000000 (11)X^3 + (4)X^2 + (24)X^1 +Enter the service expiry date: 31-Dec-2025 (16408063398992467575067769015170019871641600)XCp = 4327 Np1 = 8654 g1 = 8647 ^0Enter the grant type: Client The Sum of the Polynomials obtained at each party isEnter the service type: Application (56)X^3 + (50)X^2 + (87)X^1 +Enter the client name: Google Docs 16408063420776272031766784005116356778027776Enter the client region: America )X^0 (encrypted value) original values is (20)Enter the client location: Mexico CityEnter the service payment: 3000000000Enter the service expiry date: 31-Dec-2030 D. Recovery of Secret:Cp = 5669 Np2 = 11338 g2 = 11311 Case 1: Assuming there are no malicious cloud host in Federation of cloudsEnter the grant type: ClientEnter the service type: Application S= ∑(Sidi) i=1,2,3,4Enter the client name: Google Cloud Services S= s1d1+ s2d2+ s3d3+ s4d4Enter the client region: Asia S= S1(g1b1)δ1+S2(g2b2)δ2+ S3(g3b3)δ3+S4(g4b4)δ4.Enter the client location: Pakistan = S1g1b1.δ1+ S2g2b2.δ2+ S3g3b3.δ3+ S4g4b4.δ4Enter the service payment: 300000000000 = S1(g1b1* g1-b1 mod np1)+ S2(g2b2* g2-b2 mod np2)+Enter the service expiry date: 31-Dec-2025 S3(g3b3* g3-b3 mod np3)+ S4(g4b4* g4-b4 mod np4)Cp = 6203 Np3 = 12406 g3 = 12401 = S1 (g10 mod np1)+ S2 (g20 mod np2)+Enter the grant type: Client S2 (g30 mod np3)+ S4 (g40 mod np4)Enter the service type: Application = S1*1+ S2*1+ S3*1+ S4*1Enter the client name: HP Cloud Provider = S1+S2+ S3+S4Enter the client region: Asia S = 2+4+6+8Enter the client location: Bangladesh S = 20Enter the service payment: 3600000000Enter the service expiry date: 31-Dec-2035Case 2: Assuming honest clouds in federation are <=n- S0 = ∑(Sidi) i=1,2,3 1 S0 = s1d1+ s2d2+ s3d3 www.ijorcs.org
  7. 7. A Threshold Secure Data Sharing Scheme for Federated Clouds 27S0 = S1(g1b1)δ1+S2(g2b2)δ2+ S3(g3b3)δ3 of resources between institutions to provide elasticity= S1g1b1.δ1+ S2g2b2.δ2+ S3g3b3.δ3 and dynamic capacity in extreme situations is key.= S1(g1b1* g1-b1 mod np1)+ Sn(g2b2* g2-b2 mod np2)+ The applications like Online Voting or Online S3(g3b3* g3-b3 mod np3) Bidding or Real time Game playing stations when= S1 (g10 mod np1)+ S2 (g20 mod np2)+ deployed on clouds uses multiple hosts at located at S2 (g30 mod np3) different geographical areas will demands data to have= S1*1+ S2*1+ S3*1 privacy and secure.= S1+S2+S3 VIII. CONCLUSIONS0= 2+4+6 Cloud computing key role in IT sector in deliveringS0 = 12 services at low cost and in an effective manner. CloudsThe original Sum of Secrets is, S=20 should form into federation in order to perform S=S0+ S4d4 computation collectively to achieve a result. At the 20=12+ S4d4 same time the security threats like data should be S4d4=20-12c addressed with by using novel techniques. In this paper S4d4=8 we have used threshold data sharing technique to beTherefore, S=S0+ S4d4 used in federation of clouds which allows data privacy S=12+8 and security in transit between them. We have S=20 analyzed the base scheme and results are noted. The same technique can be used to recover data when The Sum of the Polynomials after recovering the distributed between multiple clouds and one of thesecret at each party is :: cloud host was not available due to natural disaster or(56)X^3 + (50)X^2 + (87)X^1 + (20)X^0 technical problem thus provides solution to data availability in cloud computing. In future we try to implement this technique on real time cloud and alsoCase 3: Assuming we are having n/2 or (n-1)/2 are for authenticating automated applications running on malicious clouds clouds.S= S1(g1b1)δ1+S2(g2b2)δ2+………+ S2(g IX. REFERENCES b b n/2 n/2)δn/2+……..+Sn(gn n)δn [1] Recommendations of National Institute of StandardsS= S1(g1b1)δ1+S2(g2b2)δ2+………+ S2(g and Technology [online]. Available b b b n/2 n/2)δn/2+……..+Sn(gn n)δn +Sn(gn n)δn http://csrc.nist.gov/publications/nistpubs/800- ∴ S≠Sn/2S= 4*(n/2) unknowns+……………….+Sn-1+Sn 145/SP800-145.pdf [2] Cloud computing. Wikipedia. [online]. Available at http://en.wikipedia.org/wiki/Cloud_computing. [3] July 2010,Cloud Computing Use Cases, A white paperThe unknowns in the sum polynomial are 2n, so it is produced by the Cloud Computing Use Case Discussionnot possible to get S from 2n unknowns. Group, Version 4.0 .[online].Available. http://cloudusecases.org. VII. USE CASES [4] Rajkumar Buyya, Rajiv Ranjan, and Rodrigo N. In Weather Research and Forecasting application Calheiros,”InterCloud: Utility-Oriented Federation ofused for Agriculture or for any governmental purposes Cloud Computing Environments for Scaling of Application Services”, ICA3PP,2010,Part I, LNCSuses values from different cloud host stations at 6081, Springer, 2010, pp. 13–31. doi: 10.1007/978-3-different locations to analyses the final result which 642-13119-6_2works in federation. Here data should be correct and [5] S. Subashini and V. Kavitha, “A survey on securitysecure so that it may not give wrong results which may issues in service delivery models of cloud computing”,lead to disaster. Journal of Network and Computer Applications (2011), pp. 1-11. doi: 10.1016/j.jnca.2010.07.006 For forecasting stations, due to the nature of certain [6] Cloud Security Alliance, “Security Guidance forweather phenomena such as hurricanes or tornadoes, Critical Areas of Focus in Cloud Computing”,performing accurate predictions in very short time V2.1, 2009.spans is vital to make appropriate preparations [7] Dec, 2011,”Federated identity management”,[Online],involving business operations management and [Available],http://en.wikipedia.org/wiki/Federated_idengovernment and human related logistics. Thus, sharing tity_management [8] Xiao Zhang; Hong-tao Du; Jian-quan Chen; Yi Lin; Lei-jie Zeng,"Ensure Data Security in Cloud Storage", www.ijorcs.org
  8. 8. 28 K.Venkataramana, Dr. M. Padmavathamma Network Computing and Information Security (NCIS), International Conference (IEEE),vol.1,14-15 May,2011 pp.284- 287. doi: 10.1109/NCIS.2011.64[9] David Villegas, Norman Boboroff, Ivan Rodero, Javier Delgado, yanbin Liu, Aditya.D, Liana Fong, S.Masoud Sajadi, ManishP ,“Cloud federation in a layered service model”,Journal of Computer and System sciences, Elsevier, 2012. doi: 10.1016/j.jcss.2011.12.017[10] M. A. AlZain and E. Pardede, “Using Multi Shares for Ensuring Privacy in Database-as-a-Service”, 44th Hawaii, International Conference on System Sciences (HICSS),2011,pp 1-9. doi: 10.1109/HICSS.2011.478[11] David Bernstein, DeepakVij, “Intercloud Security Considerations”, 2nd IEEE International Conference on Cloud Computing Technology and Science, doi: 10.1109/ CloudCom.2010.82. doi: 10.1109/ CloudCom. 2010.82[12] A. Shamir, “How to share a secret”, Communication. ACM, 22 (1979), pp. 612-613. doi: 10.1145/359168.359176 How to cite K.Venkataramana, Dr.M.Padmavathamma, "A Threshold Secure Data Sharing Scheme for Federated Clouds". International Journal of Research in Computer Science, 2 (5): pp. 21-28, September 2012. doi:10.7815/ijorcs.25.2012.044 www.ijorcs.org

×