Abstract With the development of cloud computing, Data security becomes more and more important in cloud computing. This paper analyses the basic problem of cloud computing data security. . Cloud Computing provides the way to share distributed resources and services that belong to different organizations or sites. Since Cloud Computing share distributed resources via network in the open environment thus it makes security problems In this method some important security services including authentication, encryption and decryption and compression are provided in Cloud Computing system
Existing system: User an entity, who has data to be stored in the cloud and relies on the cloud for data storage and computation, can be either enterprise or individual customers. Data redundancy can be employed with a technique of erasure correcting code to further tolerate faults or server crash as user’s data grow in size and importance. The existing system user to audit the cloud storage for very high communication and cost.
Proposed system: The proposed design allows users to audit the cloud storage with very lightweight communication and computation cost. The proposed design further supports secure and efficient dynamic operations on outsourced data, including managed control such as, Block modification. Deletion. Append. security
What is cloud computing: “Cloud computing is an emerging computing technology that uses the internet and central remote servers to maintain data and applications. Cloud computing is internet based technology that enables small business and organizations to use highly sophisticated computer applications.Definition: Cloud computing refers to applications and services offered over the Internet. These services are offered from data centers all over the world, which collectively are referred to as the "cloud."
Platform as a service approach (PaaS):•The offering also includes a software execution environment.As for example, there could be a PaaS application server thatenables the lone developers to deploy web-based applications•Example database,webservers, development toolsCharacteristics of PaaS: No need of downloading and installing operating SystemIt saves Customers money It mainly deals for delivering operating systems overInternetSoftware can be developed, tested and deployed
Infrastructure as a service (IaaS):•Refers to the sharing of hardware resources forexecuting services, typically using Virtualizationtechnology. Infrastructure as a Service is an equipmentwhich is used to support hardware, software, storage,servers and mainly used for delivering softwareapplication environmentsexample of IaaS are Amazon, Microsoft, VMWare andRed Hat.Characteristics of IaaS: Policy based Services Utility computing ServicesDynamic ScalingInternet Connectivity
Software as a Service (SaaS) :Software as a Service is nothing but a softwaredistribution model which are made available tocustomers over a network such as server or InternetThe example of SaaS are Google Apps, Cisco‟s WebEx,Salesforce CRMCharacteristics of SaaS: Its easy to work under administration It can be globally accessThe software can be updated automaticallyAll license holder user will have same version ofsoftware
Architecture: Cloud architecture: The systems architecture of the software systems involved in the delivery of cloud computing, typically involves multiple cloud components communicating with each other over a loose coupling mechanism such as a messaging queue. Elastic provision implies intelligence in the use of tight or loose coupling as applied to mechanisms
DATA SECURITY IN CLOUD COMPUTING:Data outsourcing: users are relieved from the burden of datastorage and maintenanceWhen users put their data (of large size) on the cloud, the dataintegrity protection is challengingEnabling public audit for cloud data storage security isimportant useruser data user External Audit party Cloud network
cloud computing is built on top ofvirtualization, if there are security issues withvirtualization, then there will also security issueswith cloud computing. Data segregation. Data in the cloud is typically ina shared environment alongside data from othercustomers. Encryption is effective but isnt a cure-all. The cloud provider should provide evidence thatencryption schemes were designed and tested byexperienced specialists.
A data center full of servers supporting cloudcomputing is internally and externallyindistinguishable from a data center full of "regular"servers. In each case, it will be important for the datacenter to be physically secure against unauthorizedaccess Computer and network security is fundamentallyabout three goals/objectives:-- confidentiality (C)-- integrity (I), and-- availability (A).
Confidentiality refers to keeping data private. Privacy is ofthe amount importance as data leaves the borders of theorganization. Not only must internal secrets and sensitive personaldata be safeguarded, but metadata and transactional data can alsoleak important details about firms or individuals. Confidentiality issupported by, among other things, technical tools such asencryption and access control, as well as legal protections Integrity is a degree confidence that the data in the cloud iswhat is supposed to be there, and is protected against accidental orintentional alteration without authorization. It also extends to thehurdles of synchronizing multiple databases. Integrity is supportedby well audited code, well-designed distributed systems, androbust access control mechanisms.
Availability means being able to use the system asanticipated. Cloud technologies can increase availability throughwidespread internet-enabled access, but the client is dependent onthe timely and robust provision of resources. Availability issupported by capacity building and good architecture by theprovider, as well as well-defined contracts and terms of agreementReduces the exposure of sensitive dataSimplifies security auditing & testingEnables automated security managementImproves redundancy & disaster recovery.
Latest technologies used in data security in cloudcomputing:•Latest Training Program on Cloud Computing and WindowsAzure In order to address the aforementioned challenges,Fujitsu Laboratories developed new cloud informationgateway technology that can flexibly control data, includingdata content, transmitted from the inside of a company to acloud and between multiple clouds.•In addition to the option of blocking confidential data, thedata gateway also includes the following three features.
Data Masking TechnologySecure Logic Migration and Execution TechnologyData Traceability TechnologyData Masking Technology :• Using masking technology, when data passes through theinformation gateway, confidential parts of the data can bedeleted or changed before the data are transmitted to anexternal cloud.
Secure Logic Migration and Execution Technology:• For confidential data that cannot be released outside of thecompany, even formed by concealing certain aspects of thedata, by simply defining the security level of data, theinformation gateway can transfer the cloud-based applicationto the in-house sandbox for execution.• The sandbox will block access to data or networks that lackpre-authorized access, so even applications transferred fromthe cloud can be safely executed.
Data Traceability Technology :• The information gateway tracks all information flowinginto and out of the cloud, so these flows and their content canbe checked.• Data traceability technology uses the logs obtained on datatraffic as well as the characteristics of the related text tomake visible the data used in the cloud.
Latest techniques used data security in cloud computing:Authentication and Identity:• Maintaining confidentiality, integrity, and availability fordata security is a function of the correct application andconfiguration of familiar network, system, and applicationsecurity mechanisms at various levels in the cloudinfrastructure.• Authentication of users takes several forms, but all arebased on a combination of authentication factors: somethingan individual knows (such as a password), something theypossess (such as a security token), or some measurablequality that is intrinsic to them (such as a fingerprint).
Application of Encryption for Data in Motion:•Encryption is used to assure that if there was a breach ofcommunication integrity between the two parties that thedata remains confidential.•Authentication is used to assure that the partiescommunicating data are who they say they are.• Common means of authentication themselves employcryptography in various ways.
Data Masking:•Data masking is a technique that is intended to remove allidentifiable and distinguishing characteristics from data inorder to render it anonymous and yet still be operable.•This technique is aimed at reducing the risk of exposingsensitive information.•Data masking has also been known by such names as dataobfuscation, de-identification, or depersonalization.
Advantages:•Reduces the exposure of sensitive data•Simplifies security auditing & testing•Enables automated security management•Improves redundancy & disaster recovery•Access to highly qualified IT security personnel• Prevent or curtail viruses and malware infection• Secure sensitive or confidential information in motion• Achieve compliance with leading self-regulatory frameworks• Conduct training and awareness for all system users• In contrast, cloud providers are least confident about the followingsecurity requirements:• Identify and authenticate users before granting access• Secure vendor relationships before sharing information assets• Prevent or curtail external attacks• Encrypt sensitive or confidential information assets wheneverfeasible• Determine the root cause of cyber attacks
Platforms:Amazons Elastic Compute Cloud, or EC2, is probably themost generalized and best-known of the cloud computingservice offerings.IBM Computing on Demand or Blue Cloud is a highlyenterprise-focused cloud computing offering that, because it isrelated to and built with the same technology sold toenterprises, can cross over between public and private cloudapplications.Microsofts Azure cloud computing, based on Microsoft Vistaand .NET technology, includes both cloud computing andcloud-hosted extension
REFERENCES•Rajkumar Buyya Market-Oriented Cloud Computing:Vision,Hype,andReality for Delivering IT Services as Computing Utilities 2008•Jean-Daniel Cryans,Criteria to Compare Cloud Computing with CurrentDatabase Technology 2008