Your SlideShare is downloading. ×
0
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Presentation on cloud computing security issues using HADOOP and HDFS ARCHITECTURE

1,144

Published on

we discuss security issues for cloud computing and present a layered framework for secure clouds and then focus on two of the layers, i.e., the storage layer and the data layer. In particular, we …

we discuss security issues for cloud computing and present a layered framework for secure clouds and then focus on two of the layers, i.e., the storage layer and the data layer. In particular, we discuss a scheme for secure third party publications of documents in a cloud. Next, we will converse secure federated query processing with map Reduce and Hadoop, and discuss the use of secure co-processors for cloud computing. Finally, we discuss XACML implementation for Hadoop and discuss their beliefs that building trusted applications from untrusted components will be a major aspect of secure
cloud computing.

Published in: Education
1 Comment
0 Likes
Statistics
Notes
  • nice....could u tell me which encryption algorithm will be suitable for this ?
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total Views
1,144
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
174
Comments
1
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. TECHNICAL SEMINAR REPORT ONSECURITY ISSUES FOR CLOUD COMPUTING Presented by E.PUSHPA PRIYADARSHINI COLLEGE OF ENGINEERING & TECHNOLOGY [Affiliated to Jawaharlal Nehru technological university, Ananthapur] Kanupartipadu, Nellore-524004 2012-2013
  • 2. Overview1. Introduction2. Security Issues3. Third Party Secure Data Publication Applied to CLOUD4. Encrypted Data Storage for Cloud5. Secure Query Processing with Hadoop 5.1 Overview of Hadoop 5.2 Inadequacies of Hadoop i)No facility to handle encrypted sensitive ii)Semantic Web Data Management
  • 3. iii)No fine-grained access control iv)No strong authentication 5.3 System Design i)Jena ii)Pellet iii)Pig Latin iv)Mahout, Hama v)Pre-processing 5.3.3 Query Execution and Optimization 5.4 Integrate SUN XACML Implementation into HDFS 5.5 Strong Authentication6. Conclusion7. References
  • 4. ABSTRACT We discuss security issues for cloud computing and present a layered framework for secure clouds and then focus on two of the layers, i.e., the storage layer and the data layer. we discuss a scheme for secure third party publications of documents in a cloud. Next, we will converse secure federated query processing with map Reduce and Hadoop, and discuss the use of secure co-processors for cloud computing. Finally, the we discuss XACML implementation for Hadoop and discuss their beliefs that building trusted applications from untrusted components will be a major aspect of secure cloud computing.
  • 5. INTRODUCTIONThere is a critical need to securely store,manage,share and analyze massive amounts ofcomplex data to determine patterns and trends Because of the critical nature of theapplications, it is important that clouds be secureGoogle has now introduced the MapReduceframework for processing large amounts of data oncommodity hardwareApache’s Hadoop distributed file system(HDFS) is emerging as a superior softwarecomponent for cloud computing combined withintegrated parts such as MapReduce
  • 6. Due to the extensive complexity of thecloud, we contend that it will be difficult toprovide a holistic solution to securing thecloudOur cloud system will:(a)support efficient storageof encrypted sensitive data,(b) store, manage and query massive amounts of data,(c) support fine-grained access control and(d) support strong authentication
  • 7. 2.SECURITY ISSUES There are numerous security issues for cloudcomputing as it encompasses many technologiesincluding networks, databases, operating systemsData security involves encrypting the data aswell as ensuring that appropriate policies areenforced for data sharingWe describe ways of efficiently storing the datain foreign machinesQuerying encrypted data, as much of the data onthe cloud may be encrypted
  • 8. Data mining techniques may be applicable tomalware detection in clouds We are using Hadoop distributed file system forvirtualization at the storage level and applying securityfor Hadoop which includes an XACML implementation Resource allocation and memory managementalgorithmsWe are investigating secure federated queryprocessing on clouds over Hadoop
  • 9. 3.THIRD PARTY SECURE DATAPUBLICATION APPLIED TO CLOUD►We have developed techniques for third party publicationof data in a secure manner►security policy is specified depending on user roles andcredentialsFigure : Access control framework
  • 10. ►Users must possess the credentials to access XMLdocuments►For example, a professor has access to all of the details ofstudents while a secretary only has access to administrativeinformation►If access is granted to the root, it does not necessarilymean access is granted to all the children►When the subject requests a document, the publisherwill apply the policies relevant to the subject and giveportions of the documents to the subject.►Owner will encrypt various combinations of documentsand policies with his/her private key
  • 11. ►Using Merkle signature and the encryption techniques,the subject can verify the authenticity and completenessof the document►In the cloud environment,the third party publisher is themachine that stored thesensitive data in the cloud
  • 12. 4.ENCRYPTED DATA STORAGE FOR CLOUD►Data in the cloud will be placed anywhere►We are using secure co-processor as part of the cloudinfrastructure to enable efficient encrypted storage ofsensitive data.► Open Cirrus provides limited access based on theireconomic model►Open Cirrus doesnot provide the hardware supportwe need (e.g., secure co-processors).
  • 13. ►By embedding a secure co-processor (SCP)into the cloudinfrastructure, the system can handle encrypted dataefficiently►SCP is a tamper resistant hardware capable of limitedgeneral-purpose computation►Secure coprocessor is tamper-resistant, one could betempted to run the entire sensitive data storage server onthe secure coprocessor.►Due to the tamper-resistant shell, secure co-processorshave usually limited memory .
  • 14. ►Another issue is that the software running on the SCPmust be totally trusted and verified►Framework will facilitate(a)secure data storage and(b) assured informationsharing►We have conductedresearch on queryingencrypted data as well assecure multipartcomputation (SMC)►One drawback of SMC is the high computation costs
  • 15. 5.SECURE QUERY PROCESSING WITH HADOOP 5.1 Overview of HadoopA major part of our system is HDFS which is adistributed Java-based file system with the capacity tohandle a large number of nodes storing petabytes of dataHDFS architectureis based on theMaster- Slaveapproach
  • 16. 5.3 SYSTEM DESIGNWe are using several software tools that are availableto help us in the processi)Jena: Jena is a framework which is widely usedfor solving SPARQL queries over RDF dataii)Pellet: We use Pellet to reason at various stages.We do real-time query reasoning using pellet libraries(Pellet) coupled with Hadoop’s map-reduce functionalitiesiii)Pig Latin: Pig Latin is a scripting language whichruns on top of Hadoop.
  • 17.  It comes with many built-in functions, but we can also create our own user-defined functions to do special- purpose processing.iv)Mahout, Hama: These are open source data miningand machine learning packages that already augmentHadoop. Our approach consists of processing SPARQL queriessecurely over Hadoop. SPARQL is a query language used toquery RDF datav)Pre-processing: Generally, RDF data is in XML formatIn order to execute a SPARQL query, we propose some datapre-processing steps and store the pre-processed data intoHDFS.
  • 18. 5.3.3 Query Execution and OptimizationWe are developing a SPARQL query execution andoptimization module for Hadoop.As our storage strategy is based on predicate splitsFirst, we will look at the predicates present in the query. Second, rather than looking at all of the input files, wewill look at a subset of the input files that are matched withpredicates.Third, SPARQL queries generally have many joins in themand all of these joins may not be possible to perform in asingle Hadoop job.
  • 19. 5.4 Integrate SUN XACML Implementation into HDFS Current Hadoop implementations enforce a very coarse-grained access control policy that permits or denies aprincipal access to essentially all system resources as agroup without distinguishing amongst resources. For example, users who are granted access to theNamenode may execute any program on any clientmachine, and all client machines have read and writeaccess to all files stored on all clients We are enforcing more flexible and fine-grainedaccess control policies on Hadoop by designing an In-lined Reference Monitor implementation of SunXACML.
  • 20. Untrusted processes in the framework accesssecurityrelevant resources by submitting a request to theresource’s Policy Enforcement Point (PEP) PEP reformulates therequest as a policy queryand submits it to aPolicy Decision Point(PDP)IRM has advantagethat the policy can beenforced withoutmodifying theoperating system
  • 21. 5.5 Strong Authentication♦Open source community is actively working to integratekerberos protocols with hadoop♦On top of the proposed Kerboros protocol, for someassured information applications, there may be a needfor adding simple authentication protocols toauthenticate with secure co-processors♦We can add a simple public key infrastructure to oursystem so that users can independently authenticate withsecure coprocessors to retrieve secret keys used forencrypting sensitive data
  • 22. 6.ConclusionThe main goal is to securely store and manage data thatis not controlled by the owner of the dataIt will be difficult to achieve end-to-end security.However, the challenge we have is to ensure more secureoperations even if some parts of the cloud failBuilding trust applications from untrusted componentswill be a major aspect with respect to cloud security
  • 23. 7. ReferencesW3C. (n.d.). SPARQL. Retrieved from http://www. w3.org/TR/rdf-sparql-queryBertino, E. (2002). Access Control for XML Documents.Data & Knowledge Engineering, 43(3).Bertino, E. (2004).Selective and Authentic Third Party Distribution of XML Documents. IEEETransactions on Knowledge and Data Engineering,16(10). doi:10.1109/TKDE.2004.63DeVries, B. W., Gupta, G., Hamlen, K. W., Moore, S.,& Sridhar, M. (2009).ActionScript Bytecode Verificationwith Co-Logic Programming. In Proceedingsof the ACM SIGPLAN Workshop on ProgrammingLanguages and Analysis for Security (PLAS).Gates, F., Natkovich, O., Chopra, S., Kamath, S. M.,
  • 24. THANK YOU

×