The document proposes a Cloud Information Accountability (CIA) framework to address issues of lack of trust and compliance in cloud computing. The CIA framework uses a decentralized, object-centered approach to automatically log all access to user data in the cloud. Logs are sent periodically to data owners to provide transparency into how their data is being used. The proposed system aims to give data owners greater control and visibility over their data when stored in the cloud.

1. IINNTTRROODDUUCCTTIIOONN::
 CLOUD computing presents a new way to supplement the current
consumption and delivery model for IT services based on the
Internet.
 While enjoying the convenience brought by this new technology,
users also start worrying about losing control of their own data.
 In the context of cloud, accountability is a set of approaches to
addresses two key problems:
 Lack of consumer trust in cloud service providers
 Difficulty faced by cloud service providers with compliance
across geographic boundaries
 Emphasis is on data protection, but the notion of accountability
encompasses more than just privacy

2. AABBSSTTRRAACCTT::
 Though the Cloud Service Provider (CSP) gives the privacy and
integrity of the data, this tracks the actual usage of the user’s data
in the cloud by using novel highly decentralized framework data
and policies
 An object-centered approach that enables enclosing our logging
mechanism together with users’ data and policies.
 By leverageing the JAR programmable capabilities to both create a
dynamic and traveling object.
 To strengthen user’s control, also provide distributed auditing
mechanisms.

3. EEXXIISSTTIINNGG SSYYSSTTEEMM::
 Data handling can be outsourced by the direct cloud service
provider (CSP) to other entities in the cloud and theses entities can
also delegate the tasks to others, and so on.
 Entities are allowed to join and leave the cloud in a flexible manner.
As a result, data handling in the cloud goes through a complex and
dynamic hierarchical service chain which does not exist in
conventional environments
 No log and JAR files created for this system
 Data in the cloud may be of encrypted form

4. PPRROOPPOOSSEEDD SSYYSSTTEEMM::
 As the cloud provider gives the access of the resources to the
cloud user’s, the data owner keeps track of usage of their
resources.
 It also provides authenticated usage of data in the cloud.
 Proposed CIA framework provides end-to end accountability in a
highly distributed fashion..
 By means of the CIA, data owners can track not only whether or
not the service-level agreements.

5. Advantage Of Proposed System:
 Novel automatic and enforceable logging mechanism in the cloud.
 Proposed architecture is platform independent and highly
decentralized, in that it does not require any dedicated
authentication or storage system in place.
 Provide a certain degree of usage control for the protected data
after these are delivered to the receiver
 The results demonstrate the efficiency, scalability, and granularity
of our approach. We also provide a detailed security analysis and
discuss the reliability and strength of our architecture.

6. Literature Survey
1.Toward Publicly Auditable Secure Cloud Data Storage
Services
The authors propose that publicly auditable cloud data storage is
able to help this nascent cloud economy become fully established.
With public auditability, a trusted entity with expertise and
capabilities data owners do not possess can be delegated as an
external audit party to assess the risk of outsourced data when
needed.
 Such an auditing service not only helps save data owners’
computation resources but also provides a transparent yet cost-effective
method for data owners to gain trust in the cloud. The
author describe approaches and system requirements that should
be brought into consideration, and outline challenges that need to
be resolved for such a publicly auditable secure cloud storage
service to become a reality

7. 2.Identity-Based Authentication for Cloud Computing
The authors propose an identity-based encryption (IBE) and
decryption and identity-based signature (IBS) schemes for
IBHMCC. based on the former IBE and IBS schemes, an
identitybased authentication for cloud computing (IBACC) is
proposed.The author presented an identity based authentication
for cloudcomputing, based on the identity-based hierarchical
model for cloud computing (IBHMCC) and corresponding
encryption and signature schemes
3.Online data storage using implicit security
The authors have described an implicit security architecture
suited for the application of online storage. In this scheme data is
partitioned in such a way that each partition is implicitly secure and
does not need to be encrypted. These partitions are stored on
different servers on the network which are known only to the
user. Reconstruction of the data requires access to each server
and the knowledge as to which servers the data partitions are
stored..

8. HHAARRDDWWAARREE RREEQQUUIIRREEMMEENNTTSS::
 System : Pentium IV 2.4 GHz.
 Hard Disk : 40 GB.
 Floppy Drive : 1.44 Mb.
 Mouse : Logitech.
 Ram : 512 Mb.
SSOOFFTTWWAARREE RREEQQUUIIRREEMMEENNTTSS::
 Operating System : Windows95/98/2000/XP
 Application Server : Tomcat5.0/6.X
 Front End : HTML, Java, Jsp
 Scripts : JavaScript.
 Server side Script : Java Server Pages.
 Database : Mysql 5.0
 Database Connectivity : JDBC.

9. AARRCCHHIITTEECCTTUURREE DDIIAAGGRRAAMM::

10. MMOODDUULLEESS::
1. Cloud Information Accountability (CIA) Framework
2. Distinct mode for auditing:
3. Logging and auditing Techniques .
4. Components of CIA

11. MMOODDUULLEESS::
1. Cloud Information Accountability (CIA)
Framework:
 CIA framework lies in its ability of maintaining lightweight and
powerful accountability.
 By means of the CIA, data owners can track not only whether or
not the service-level agreements are being honored, but also
enforce access and usage control rules as needed.

12. 2. Distinct mode for auditing:
Push mode:
 The push mode refers to logs being periodically sent to the data
owner or stakeholder.
Pull mode:
 Pull mode refers to an alternative approach whereby the user
 (Or another authorized party) can retrieve the logs as needed.

13. 3. Logging and auditing Techniques:
1. The logging should be decentralized in order to adapt to the
dynamic nature of the cloud..
2. Every access to the user’s data should be correctly and
automatically logged.
3. Log files should be reliable and tamper proof to avoid illegal
insertion, deletion, and modification by malicious parties.
4. Log files should be sent back to their data owners periodically to
inform them of the current usage of their data.
5. The proposed technique should not intrusively monitor data
recipients’ systems.

14. 4. Major components of CIA:
 There are two major components of the CIA, the first being the
logger, and the second being the log harmonizer.
 The logger is strongly coupled with user’s data (either single or
multiple data items).
 It may also be configured to ensure that access and usage control
policies associated with the data are honored.

15. CCOONNCCLLUUSSIIOONN
 Innovative approaches for automatically logging any access to the
data in the cloud together with an auditing mechanism is proposed.
 Approach allows the data owner to not only audit his content but
also enforce strong back-end protection if needed. Moreover, one
of the main features of our work is that it enables the data owner
to audit even those copies of its data that were made without his
knowledge.
 In the future, planed to refine our approach to verify the integrity
and the authentication of JARs

16. Thank You!