SlideShare a Scribd company logo
1 of 21
Download to read offline
S.CHANAKYA
MVSR Engineering college
What is cloud computing?
 We see Cloud Computing as a computing
model, not a technology. In this model
“customers” plug into the “cloud” to access
IT resources which are priced and provided
“on-demand”.
 Cloud computing provides computation, software, data
access, and storage services that do not require end-user
knowledge of the physical location and configuration of
the system that delivers the services
There are different types of clouds that you can subscribe to depending on
   your needs. As a home user or small business owner, you will most likely
   use public cloud services.

1. Public Cloud - A public cloud can be accessed by any subscriber with an
   internet connection and access to the cloud space.

2. Private Cloud - A private cloud is established for a specific group or
    organization and limits access to just that group.

3. Community Cloud - A community cloud is shared among two or more
   organizations that have similar cloud requirements.

4. Hybrid Cloud - A hybrid cloud is essentially a combination of at least two
    clouds, where the clouds included are a mixture of public, private, or
    community.
Distributed accountability for data sharing in cloud
 Cloud computing enables highly scalable services to be easily
  consumed over the Internet on an as-needed basis. A major feature of
  the cloud services is that users’ data are usually processed remotely in
  unknown machines that users do not own or operate.
 While enjoying the convenience brought by this new emerging
  technology, users’ fears of losing control of their own data (particularly,
  financial and health data) can become a significant barrier to the wide
  adoption of cloud services. To address this problem, here, we propose a
  novel highly decentralized information accountability framework to
  keep track of the actual usage of the users’ data in the cloud.
 There are a number of notable commercial and individual cloud
  computing services, including Amazon, Google, Microsoft, Yahoo, and
  Sales force. Details of the services provided are abstracted from the
  users who no longer need to be experts of technology infrastructure.
This can be explained by an example:
Consider a photographer who wants to sell her photos
using cloud.She has the following requirements:
 Her photographs are downloaded only by users who
  have paid for her services.
 Potential buyers are allowed to view her pictures
  first before they make the payment to obtain the
  download right.
 Due to the nature of some of her works, only users
  from certain countries can view or download some
  sets of photographs.
 For some of her works, users are allowed to only
view them for a limited time, so that the users cannot
reproduce her work easily.
 In case any dispute arises with a client, she wants to
have all the access information of that client.
 She wants to ensure that the cloud service providers
 do not share her data with other service
providers, so that the accountability provided for
individual users can also be expected from the cloud
service providers.
  These requirements are achieved using various modules.
• Data owners do not have the control over their
  data.
• First, data handling can be outsourced by the
  direct cloud service provider (CSP) to other
  entities in the cloud and theses entities can also
  delegate the tasks to others, and so on.
• Moreover, users may not know the machines
  which actually process and host their data.
• We propose a novel approach, namely Cloud Information
  Accountability (CIA) framework, based on the notion of information
  accountability.
• Our proposed CIA framework provides end-toend accountability in a
  highly distributed fashion. One of the main innovative features of the
  CIA framework lies in its ability of maintaining lightweight and
  powerful accountability that combines aspects of access control,
  usage control and authentication.
• By means of the CIA, data owners can track not only whether or not
  the service-level agreements are being honored, but also enforce
  access and usage control rules as needed.
• Associated with the accountability feature, we also develop two
  distinct modes for auditing: push mode and pull mode.
 Cloud Information Accountability(CIA)
  framework
 Distinct mode for Auditing
 Logging and Auditing techniques
 Major components of CIA
• CIA framework lies in its ability of maintaining
  lightweight and powerful accountability that
  combines aspects of access control, usage control
  and authentication.
• By means of the CIA, data owners can track not
  only whether or not the service-level agreements
  are being honored, but also enforce access and
  usage control rules as needed.
 The overall CIA framework, combining data, users,
  logger and harmonizer is shown in the framework.
 At the beginning, each user creates a pair of public and
  private keys based on Identity based encryption.(IBE)
 Using the generated key, the user will create a logger
  component which is a JARfile, to store its data items.
 The JAR file includes a set of simple access control rules
  specifying whether and how the cloud servers, and
  possibly other data stakeholders (users, companies) are
  authorized to access the content itself.
 Then, he sends the JAR file to thecloud service provider that he
  subscribes to. To authenticate the CSP to the JAR we use
  OpenSSLbased certificates, wherein a trusted certificate
  authority certifies the CSP.
 Once the authentication succeeds, the service provider will be
  allowed to access the data enclosed in the JAR.
 As for the logging, each time there is an access to the data, the
  JAR will automatically generate a log record,encrypt it using
  the public key distributed by the data owner,and store it along
  with the data.
 In addition,some error correction information will be sent to
  the log harmonizer to handle possible log file corruption .
 The encrypted log files can later be decrypted and their
  integrity can be verified.
Distributed accountability for data sharing in cloud
• Push mode:
       The push mode refers to logs being
  periodically sent to the data owner or
  stakeholder.
• Pull mode:
        Pull mode refers to an alternative approach
  whereby the user(Or another authorized party)
  can retrieve the logs as needed.
• The logging should be decentralized in order to adapt to the
  dynamic nature of the cloud.
• Every access to the user’s data should be correctly and
  automatically logged.
• Log files should be reliable and tamper proof to avoid illegal
  insertion, deletion, and modification by malicious parties.
• Log files should be sent back to their data owners
  periodically to inform them of the current usage of their
  data.
• The proposed technique should not intrusively monitor data
  recipients’ systems, nor it should introduce heavy
  communication and computation overhead, which otherwise
  will hinder its feasibility and adoption in practice.
• There are two major components of the CIA, the first
  being the logger, and the second being the log
  harmonizer.
• The logger is strongly coupled with user’s data (either
  single or multiple data items). Its main tasks include
  automatically logging access to data items that it
  contains, encrypting the log record using the public key
  of the content owner, and periodically sending them to
  the log harmonizer.
• It may also be configured to ensure that access and
  usage control policies associated with the data are
  honored.
   Processor      - Pentium –III
   Speed          - 1.1 Ghz
   RAM            - 256 MB(min)
   Hard Disk       - 20 GB
   Floppy Drive    - 1.44 MB
   Key Board      - Standard WindowsKeyboard
   Mouse           - Two or Three Button Mouse
   Monitor         - SVGA
• Operating System         : Windows95/98/2000/ XP
• Application Server       : Tomcat5.0/6.X

•   Front End               :     HTML, Java, Jsp
•   Scripts               :      JavaScript.
•   Server side Script    :      Java Server Pages.
•   Database              :     Mysql 5.0
•   Database Connectivity :     JDBC.
 We proposed innovative approaches for
  automatically logging any access to the data in
  the cloud together with an auditing mechanism.
 Our approach allows the data owner to not only
  audit his content but also enforce strong back-
  end protection if needed.
 Moreover, one of the main features of our work is
  that it enables the data owner to audit even
  those copies of its data that were made without
  his knowledge.
Distributed accountability for data sharing in cloud

More Related Content

What's hot

Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storageShakas Technologies
 
Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 reportsuthi
 
Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storageMustaq Syed
 
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGESECURITY IN CLOUD COMPUTINGPRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGESECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTINGKayalvizhi Selvaraj
 
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloudNag Nani
 
Volume 2-issue-6-1939-1944
Volume 2-issue-6-1939-1944Volume 2-issue-6-1939-1944
Volume 2-issue-6-1939-1944Editor IJARCET
 

What's hot (8)

Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storage
 
Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 report
 
Ppt 1
Ppt 1Ppt 1
Ppt 1
 
Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storage
 
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGESECURITY IN CLOUD COMPUTINGPRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGESECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
 
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
 
Volume 2-issue-6-1939-1944
Volume 2-issue-6-1939-1944Volume 2-issue-6-1939-1944
Volume 2-issue-6-1939-1944
 
Final review presentation
Final review presentationFinal review presentation
Final review presentation
 

Viewers also liked

Ensuring distributed accountability for data sharing in the cloud
Ensuring distributed accountability for data sharing in the cloudEnsuring distributed accountability for data sharing in the cloud
Ensuring distributed accountability for data sharing in the cloudSathya Moorthy
 
Ensuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudEnsuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudSwapnil Salunke
 
Data Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudData Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudSuraj Mehta
 
Dealing with concept drifts in process mining
Dealing with concept drifts in process mining Dealing with concept drifts in process mining
Dealing with concept drifts in process mining Adz91 Digital Ads Pvt Ltd
 
Dealing with concept drifts in process mining
Dealing with concept drifts in process miningDealing with concept drifts in process mining
Dealing with concept drifts in process miningIGEEKS TECHNOLOGIES
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptGirish Chandra
 
2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShareSlideShare
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShareSlideShare
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShareSlideShare
 

Viewers also liked (10)

Ensuring distributed accountability for data sharing in the cloud
Ensuring distributed accountability for data sharing in the cloudEnsuring distributed accountability for data sharing in the cloud
Ensuring distributed accountability for data sharing in the cloud
 
Ensuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudEnsuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the Cloud
 
Data Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudData Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the Cloud
 
Spyromitros ijcai2011slides
Spyromitros ijcai2011slidesSpyromitros ijcai2011slides
Spyromitros ijcai2011slides
 
Dealing with concept drifts in process mining
Dealing with concept drifts in process mining Dealing with concept drifts in process mining
Dealing with concept drifts in process mining
 
Dealing with concept drifts in process mining
Dealing with concept drifts in process miningDealing with concept drifts in process mining
Dealing with concept drifts in process mining
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
 
2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShare
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShare
 

Similar to Distributed accountability for data sharing in cloud

Similar to Distributed accountability for data sharing in cloud (20)

Accountability in Distributed Environment For Data Sharing in the Cloud
Accountability in Distributed Environment For Data Sharing in the CloudAccountability in Distributed Environment For Data Sharing in the Cloud
Accountability in Distributed Environment For Data Sharing in the Cloud
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Test
TestTest
Test
 
Dont look at this
Dont look at thisDont look at this
Dont look at this
 

Recently uploaded

Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.raviapr7
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17Celine George
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17Celine George
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICESayali Powar
 
How to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using CodeHow to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using CodeCeline George
 
Optical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptxOptical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptxPurva Nikam
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfYu Kanazawa / Osaka University
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapitolTechU
 
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Dr. Asif Anas
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 
Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.EnglishCEIPdeSigeiro
 
Over the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptxOver the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptxraviapr7
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptxSandy Millin
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17Celine George
 
Work Experience for psp3 portfolio sasha
Work Experience for psp3 portfolio sashaWork Experience for psp3 portfolio sasha
Work Experience for psp3 portfolio sashasashalaycock03
 

Recently uploaded (20)

Finals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quizFinals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quiz
 
Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICE
 
How to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using CodeHow to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using Code
 
Optical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptxOptical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptx
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptx
 
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 
Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.
 
Over the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptxOver the counter (OTC)- Sale, rational use.pptx
Over the counter (OTC)- Sale, rational use.pptx
 
Prelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quizPrelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quiz
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17
 
Work Experience for psp3 portfolio sasha
Work Experience for psp3 portfolio sashaWork Experience for psp3 portfolio sasha
Work Experience for psp3 portfolio sasha
 

Distributed accountability for data sharing in cloud

  • 2. What is cloud computing?  We see Cloud Computing as a computing model, not a technology. In this model “customers” plug into the “cloud” to access IT resources which are priced and provided “on-demand”.  Cloud computing provides computation, software, data access, and storage services that do not require end-user knowledge of the physical location and configuration of the system that delivers the services
  • 3. There are different types of clouds that you can subscribe to depending on your needs. As a home user or small business owner, you will most likely use public cloud services. 1. Public Cloud - A public cloud can be accessed by any subscriber with an internet connection and access to the cloud space. 2. Private Cloud - A private cloud is established for a specific group or organization and limits access to just that group. 3. Community Cloud - A community cloud is shared among two or more organizations that have similar cloud requirements. 4. Hybrid Cloud - A hybrid cloud is essentially a combination of at least two clouds, where the clouds included are a mixture of public, private, or community.
  • 5.  Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that users’ data are usually processed remotely in unknown machines that users do not own or operate.  While enjoying the convenience brought by this new emerging technology, users’ fears of losing control of their own data (particularly, financial and health data) can become a significant barrier to the wide adoption of cloud services. To address this problem, here, we propose a novel highly decentralized information accountability framework to keep track of the actual usage of the users’ data in the cloud.  There are a number of notable commercial and individual cloud computing services, including Amazon, Google, Microsoft, Yahoo, and Sales force. Details of the services provided are abstracted from the users who no longer need to be experts of technology infrastructure.
  • 6. This can be explained by an example: Consider a photographer who wants to sell her photos using cloud.She has the following requirements:  Her photographs are downloaded only by users who have paid for her services.  Potential buyers are allowed to view her pictures first before they make the payment to obtain the download right.  Due to the nature of some of her works, only users from certain countries can view or download some sets of photographs.
  • 7.  For some of her works, users are allowed to only view them for a limited time, so that the users cannot reproduce her work easily.  In case any dispute arises with a client, she wants to have all the access information of that client.  She wants to ensure that the cloud service providers do not share her data with other service providers, so that the accountability provided for individual users can also be expected from the cloud service providers. These requirements are achieved using various modules.
  • 8. • Data owners do not have the control over their data. • First, data handling can be outsourced by the direct cloud service provider (CSP) to other entities in the cloud and theses entities can also delegate the tasks to others, and so on. • Moreover, users may not know the machines which actually process and host their data.
  • 9. • We propose a novel approach, namely Cloud Information Accountability (CIA) framework, based on the notion of information accountability. • Our proposed CIA framework provides end-toend accountability in a highly distributed fashion. One of the main innovative features of the CIA framework lies in its ability of maintaining lightweight and powerful accountability that combines aspects of access control, usage control and authentication. • By means of the CIA, data owners can track not only whether or not the service-level agreements are being honored, but also enforce access and usage control rules as needed. • Associated with the accountability feature, we also develop two distinct modes for auditing: push mode and pull mode.
  • 10.  Cloud Information Accountability(CIA) framework  Distinct mode for Auditing  Logging and Auditing techniques  Major components of CIA
  • 11. • CIA framework lies in its ability of maintaining lightweight and powerful accountability that combines aspects of access control, usage control and authentication. • By means of the CIA, data owners can track not only whether or not the service-level agreements are being honored, but also enforce access and usage control rules as needed.
  • 12.  The overall CIA framework, combining data, users, logger and harmonizer is shown in the framework.  At the beginning, each user creates a pair of public and private keys based on Identity based encryption.(IBE)  Using the generated key, the user will create a logger component which is a JARfile, to store its data items.  The JAR file includes a set of simple access control rules specifying whether and how the cloud servers, and possibly other data stakeholders (users, companies) are authorized to access the content itself.
  • 13.  Then, he sends the JAR file to thecloud service provider that he subscribes to. To authenticate the CSP to the JAR we use OpenSSLbased certificates, wherein a trusted certificate authority certifies the CSP.  Once the authentication succeeds, the service provider will be allowed to access the data enclosed in the JAR.  As for the logging, each time there is an access to the data, the JAR will automatically generate a log record,encrypt it using the public key distributed by the data owner,and store it along with the data.  In addition,some error correction information will be sent to the log harmonizer to handle possible log file corruption .  The encrypted log files can later be decrypted and their integrity can be verified.
  • 15. • Push mode: The push mode refers to logs being periodically sent to the data owner or stakeholder. • Pull mode: Pull mode refers to an alternative approach whereby the user(Or another authorized party) can retrieve the logs as needed.
  • 16. • The logging should be decentralized in order to adapt to the dynamic nature of the cloud. • Every access to the user’s data should be correctly and automatically logged. • Log files should be reliable and tamper proof to avoid illegal insertion, deletion, and modification by malicious parties. • Log files should be sent back to their data owners periodically to inform them of the current usage of their data. • The proposed technique should not intrusively monitor data recipients’ systems, nor it should introduce heavy communication and computation overhead, which otherwise will hinder its feasibility and adoption in practice.
  • 17. • There are two major components of the CIA, the first being the logger, and the second being the log harmonizer. • The logger is strongly coupled with user’s data (either single or multiple data items). Its main tasks include automatically logging access to data items that it contains, encrypting the log record using the public key of the content owner, and periodically sending them to the log harmonizer. • It may also be configured to ensure that access and usage control policies associated with the data are honored.
  • 18. Processor - Pentium –III  Speed - 1.1 Ghz  RAM - 256 MB(min)  Hard Disk - 20 GB  Floppy Drive - 1.44 MB  Key Board - Standard WindowsKeyboard  Mouse - Two or Three Button Mouse  Monitor - SVGA
  • 19. • Operating System : Windows95/98/2000/ XP • Application Server : Tomcat5.0/6.X • Front End : HTML, Java, Jsp • Scripts : JavaScript. • Server side Script : Java Server Pages. • Database : Mysql 5.0 • Database Connectivity : JDBC.
  • 20.  We proposed innovative approaches for automatically logging any access to the data in the cloud together with an auditing mechanism.  Our approach allows the data owner to not only audit his content but also enforce strong back- end protection if needed.  Moreover, one of the main features of our work is that it enables the data owner to audit even those copies of its data that were made without his knowledge.