Cloud Computing
Security From Single to
Multi-Clouds

By
Kiran Kumar
ABSTRACT
• Dealing with “single cloud” providers is
predicted to become less popular with
customers due to risks of servic...
What is Cloud Computing ?
• Cloud computing is a model for enabling
ubiquitous(present), convenient, on-demand
network acc...
Cloud Computing
Deployment Models
Delivery Models
Difference
Finally…….
Moving to Clouds
• Data is moving to the cloud

• Main reason: costs (pay-per-use model)
Everything Connected to Cloud
What about Cloud Security?
EXISTING SYSTEM
• Cloud providers should address privacy and
security issues as a matter of high and urgent
priority. Deal...
If It Fails…?
DISADVANTAGES OF EXISTING
SYSTEM
• Cloud providers should address privacy and
security issues as a matter of high and urge...
PROPOSED SYSTEM
• This Project focuses on the issues related to
the data security aspect of cloud computing.
• Moving towa...
Multi Clouds
ADVANTAGES OF PROPOSED SYSTEM
• Data Integrity
• Service Availability.
• The user runs custom applications using the
servi...
ARCHITECTURE
DepSKy System Model
The DepSky system model contains three
parts: readers, writers, and four cloud storage
providers, wher...
DepSKy System Model
DepSky Design Principles
1. No trust on individual cloud providers
Distributed trust is built by using multiple clouds
2. ...
Data Model Implementation
DepSky Write
DepSky Read
DepSky Confidentiality
HARDWARE REQUIREMENTS
•
•
•
•
•
•
•

Processor
Speed
RAM
Hard Disk
Floppy Drive
Key Board
Monitor

-

Pentium –III
1.1 GHz...
SOFTWARE REQUIREMENTS
•
•
•
•
•
•

Operating System
Application Server
Front End
Script
Server side Script
Database

: Win...
Implémentations
• Data Integrity
• Data Intrusion
• Service Availability
Data Integrity
• One of the most important issues related to
cloud security risks is data integrity. The data
stored in th...
Data Intrusion
• Another security risk that may occur with a cloud provider,
such as the Amazon cloud service, is a hacked...
Service Availability
• Another major concern in cloud services is service
availability.
• Amazon mentions in its licensing...
code #1 getting User Details
try {
conn = (Connection) DbConnector.getConnection();
sql = "select * from user where userid...
code #2 for Encryption
public static String encryptString(String str,String key) {
StringBuffer sb = new StringBuffer(str)...
code #3 for FileUpload
public synchronized boolean uploadFile(InputStream is) {
try {
BufferedInputStream bis = new Buffer...
code #4 for FileDownload
public synchronized boolean downloadFile(String localfilename) {
try {
InputStream is = m_client....
Class Diagram
File Upload

Registration
ID
OwnerID
Password
Gender
Mobile
EMail
Date

FileID
FileName
FileSize
FilePath
Fi...
Use Case Diagram

CLOUD
CREATION

CLOUD
MAINTENANCE

ADMIN
MEMBER
CREATION

FILE
UPLOAD

FILE
DOWNLOAD

USER

CLOUD
STATUS...
Sequence Diagram
CLOUD
CREATION

CLOUD
MAINTAINANCE

Cloud
details

MEMBER
CREATION

FILE
UPLOAD

REPORTS

Credintials
Fil...
Data Flow Diagram
LOGIN

ADMIN

USER

CLOUD CREATION

NEW?

CLOUD
MAINTENANCE

UPLOAD
DATA

MEMBER
CREATION

CLOUD
STATUS
...
Activity
Diagram
CONCLUSION
• It is clear that although the use of cloud
computing has rapidly increased, cloud
computing security is still...
CONCLUSION (cont…)
• Furthermore, data intrusion leads to many
problems for the users of cloud computing.
• We support the...
FUTURE ENHANCEMENTS
• For future work, we aim to provide a
framework to supply a secure cloud database
that will guarantee...
FUTURE ENHANCEMENTS (cont…)
• In relation to data intrusion and data integrity,
assume we want to distribute the data into...
REFERENCES
•

[1] (NIST), http://www.nist.gov/itl/cloud/.

•

[2] I. Abraham, G. Chockler, I. Keidar and D. Malkhi, "Byzan...
Thankyou

By
Kiran Kumar
Cloud computing security from single to multiple
Upcoming SlideShare
Loading in...5
×

Cloud computing security from single to multiple

4,654

Published on

Cloud computing security from single to multiple

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
4,654
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
606
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • Integrity(unity)
  • Dependable and secure storage in cloud of clouds
  • Dependable and secure storage in cloud of clouds
  • Dependable and secure storage in cloud of clouds
  • Dependable and secure storage in cloud of clouds
  • Dependable and secure storage in cloud of clouds
  • Dependable and secure storage in cloud of clouds
  • Dependable and secure storage in cloud of clouds
  • Composition(own a strong relation Ex. Duck to Pond )Aggression (has-a relation )
  • Cloud computing security from single to multiple

    1. 1. Cloud Computing Security From Single to Multi-Clouds By Kiran Kumar
    2. 2. ABSTRACT • Dealing with “single cloud” providers is predicted to become less popular with customers due to risks of service availability failure and the possibility of malicious insiders in the single cloud. • A movement towards “multi-clouds”, or in other words, “interclouds” or “cloud-ofclouds” has emerged recently.
    3. 3. What is Cloud Computing ? • Cloud computing is a model for enabling ubiquitous(present), convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
    4. 4. Cloud Computing
    5. 5. Deployment Models
    6. 6. Delivery Models
    7. 7. Difference
    8. 8. Finally…….
    9. 9. Moving to Clouds • Data is moving to the cloud • Main reason: costs (pay-per-use model)
    10. 10. Everything Connected to Cloud
    11. 11. What about Cloud Security?
    12. 12. EXISTING SYSTEM • Cloud providers should address privacy and security issues as a matter of high and urgent priority. Dealing with “single cloud” providers is becoming less popular with customers due to potential problems such as service availability failure and the possibility that there are malicious insiders in the single cloud.
    13. 13. If It Fails…?
    14. 14. DISADVANTAGES OF EXISTING SYSTEM • Cloud providers should address privacy and security issues as a matter of high and urgent priority. • Service availability failure and the possibility that there are malicious insiders in the single cloud.
    15. 15. PROPOSED SYSTEM • This Project focuses on the issues related to the data security aspect of cloud computing. • Moving towards “Cloud of clouds “ or multi clouds technique which improves Better read performance Data corruptions' Reduces Intrusions ….etc
    16. 16. Multi Clouds
    17. 17. ADVANTAGES OF PROPOSED SYSTEM • Data Integrity • Service Availability. • The user runs custom applications using the service provider’s resources • Cloud service providers should ensure the security of their customers’ data and should be responsible if any security risk affects their customers’ service infrastructure.
    18. 18. ARCHITECTURE
    19. 19. DepSKy System Model The DepSky system model contains three parts: readers, writers, and four cloud storage providers, where readers and writers are the client’s tasks. Readers can fail arbitrarily (for example, they can fail by crashing, they can fail from time to time and then display any behavior) whereas, writers only fail by crashing.
    20. 20. DepSKy System Model
    21. 21. DepSky Design Principles 1. No trust on individual cloud providers Distributed trust is built by using multiple clouds 2. Use storage clouds as they are No server-side code on the replication protocols 3. Data is updatable Replication protocols for consistency
    22. 22. Data Model Implementation
    23. 23. DepSky Write
    24. 24. DepSky Read
    25. 25. DepSky Confidentiality
    26. 26. HARDWARE REQUIREMENTS • • • • • • • Processor Speed RAM Hard Disk Floppy Drive Key Board Monitor - Pentium –III 1.1 GHz 256 MB(min) 20 GB 1.44 MB Standard Keyboard SVGA
    27. 27. SOFTWARE REQUIREMENTS • • • • • • Operating System Application Server Front End Script Server side Script Database : Windows XP : Tomcat5.0/6.X : HTML, Java, JSP : JavaScript. : Java Server Pages. : MYSQL
    28. 28. Implémentations • Data Integrity • Data Intrusion • Service Availability
    29. 29. Data Integrity • One of the most important issues related to cloud security risks is data integrity. The data stored in the cloud may suffer from damage during transition operations from or to the cloud storage provider.
    30. 30. Data Intrusion • Another security risk that may occur with a cloud provider, such as the Amazon cloud service, is a hacked password or data intrusion. • If someone gains access to an Amazon account password, they will be able to access all of the account’s instances and resources. • Thus the stolen password allows the hacker to erase all the information inside any virtual machine instance for the stolen user account, modify it, or even disable its services. Furthermore, there is a possibility for the user’s email(Amazon user name) to be hacked, and since Amazon allows a lost password to be reset by email, the hacker may still be able to log in to the account after receiving the new reset password.
    31. 31. Service Availability • Another major concern in cloud services is service availability. • Amazon mentions in its licensing agreement that it is possible that the service might be unavailable from time to time. • The user’s web service may terminate for any reason at any time if any user’s files break the cloud storage policy. In addition, if any damage occurs to any Amazon web service and the service fails, in this case there will be no charge to the Amazon Company for this failure. Companies seeking to protect services from such failure need measures such as backups or use of multiple providers.
    32. 32. code #1 getting User Details try { conn = (Connection) DbConnector.getConnection(); sql = "select * from user where userid= '" + userid + "' and password= '" + password+"'"; pst = (PreparedStatement) conn.prepareStatement(sql); ResultSet rs = pst.executeQuery(); if (rs.next()) { available = true; } else { available = false; } } catch (Exception e) { e.printStackTrace(); }
    33. 33. code #2 for Encryption public static String encryptString(String str,String key) { StringBuffer sb = new StringBuffer(str); int lenStr = str.length(); int lenKey = key.length(); // For each character in our string, encrypt it... for (int i = 0, j = 0; i < lenStr; i++, j++) { if (j >= lenKey) { j = 0; // Wrap 'round to beginning of key string. } // XOR the chars together. Must cast back to char to avoid compile error. sb.setCharAt(i, (char) (str.charAt(i) ^ key.charAt(j))); } return sb.toString(); }
    34. 34. code #3 for FileUpload public synchronized boolean uploadFile(InputStream is) { try { BufferedInputStream bis = new BufferedInputStream(is); OutputStream os = m_client.getOutputStream(); BufferedOutputStream bos = new BufferedOutputStream(os); byte[] buffer = new byte[1024]; int readCount; while ((readCount = bis.read(buffer)) > 0) { bos.write(buffer, 0, readCount); } bos.close(); this.succMesg = "Uploaded!"; return true; } catch (Exception ex) { ex.printStackTrace(); return false; } }
    35. 35. code #4 for FileDownload public synchronized boolean downloadFile(String localfilename) { try { InputStream is = m_client.getInputStream(); BufferedInputStream bis = new BufferedInputStream(is); System.out.println(">>>>>>>>>>>"+localfilename); OutputStream os = new FileOutputStream(localfilename); BufferedOutputStream bos = new BufferedOutputStream(os); byte[] buffer = new byte[1024]; int readCount; while ((readCount = bis.read(buffer)) > 0) { bos.write(buffer, 0, readCount); } bos.close(); is.close(); // close the FTP inputstream this.succMesg = "Downloaded!"; return true; } catch (Exception ex) { ex.printStackTrace(); return false; } }
    36. 36. Class Diagram File Upload Registration ID OwnerID Password Gender Mobile EMail Date FileID FileName FileSize FilePath FileOwner MetaData KeyRequest DownloadStatus ModifyStatus VerifyStatus Loginidgenration() CreateAccount() metadatagenration() fileupload() File Download FileID FileName FileSize FilePath FileOwner MetaData KeyRequest VerifyStatus comparemetadata() fileupload()
    37. 37. Use Case Diagram CLOUD CREATION CLOUD MAINTENANCE ADMIN MEMBER CREATION FILE UPLOAD FILE DOWNLOAD USER CLOUD STATUS REPORTS
    38. 38. Sequence Diagram CLOUD CREATION CLOUD MAINTAINANCE Cloud details MEMBER CREATION FILE UPLOAD REPORTS Credintials File Details File Report
    39. 39. Data Flow Diagram LOGIN ADMIN USER CLOUD CREATION NEW? CLOUD MAINTENANCE UPLOAD DATA MEMBER CREATION CLOUD STATUS REPORTS REPORTS
    40. 40. Activity Diagram
    41. 41. CONCLUSION • It is clear that although the use of cloud computing has rapidly increased, cloud computing security is still considered the major issue in the cloud computing environment. Customers do not want to lose their private information as a result of malicious insiders in the cloud. In addition, the loss of service availability has caused many problems for a large number of customers recently
    42. 42. CONCLUSION (cont…) • Furthermore, data intrusion leads to many problems for the users of cloud computing. • We support the migration to multi-clouds due to its ability to decrease security risks that affect the cloud computing user.
    43. 43. FUTURE ENHANCEMENTS • For future work, we aim to provide a framework to supply a secure cloud database that will guarantee to prevent security risks facing the cloud computing community. • This framework will apply multi-clouds and the secret sharing algorithm to reduce the risk of data intrusion and the loss of service availability in the cloud and ensure data integrity.
    44. 44. FUTURE ENHANCEMENTS (cont…) • In relation to data intrusion and data integrity, assume we want to distribute the data into three different cloud providers, and we apply the secret sharing algorithm on the stored data in the cloud provider. • An intruder needs to retrieve at least three values to be able to find out the real value that we want to hide from the intruder.
    45. 45. REFERENCES • [1] (NIST), http://www.nist.gov/itl/cloud/. • [2] I. Abraham, G. Chockler, I. Keidar and D. Malkhi, "Byzantine disk paxos: optimal resilience with Byzantine shared memory", Distributed Computing, 18(5), 2006, pp. 387408. • [3] H. Abu-Libdeh, L. Princehouse and H. Weatherspoon, "RACS: a case for cloud storage diversity", SoCC'10:Proc. 1st ACM symposium on Cloud computing, 2010, pp. 229-240. • [4] D. Agrawal, A. El Abbadi, F. Emekci and A. Metwally, "Database Management as a Service: Challenges and Opportunities", ICDE'09:Proc.25thIntl. Conf. on Data Engineering, 2009, pp. 1709-1716. • [5] M.A. AlZain and E. Pardede, "Using Multi Shares for Ensuring Privacy in Database-as-aService", 44th Hawaii Intl. Conf. on System Sciences (HICSS), 2011, pp. 1-9.
    46. 46. Thankyou By Kiran Kumar
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×