SlideShare a Scribd company logo

Cc chap-8

Download as PPTX, PDF
A
ANUSUYA T K

Chapter -8 Secure Distributed Data Storage in Cloud Computing

Education
1 of 26
8-SECURE DISTRIBUTED DATA STORAGE IN CLOUD COMPUTING Cloud Computing Principles and Paradigms Cloud Computing - Part II 1 30th Jan, 2020 1Ms. T.K. Anusuya Ms. T.K. ANUSUYA Department of Computer Science Bon Secours College for Women, Thanjavur
Introduction • Data Storage • Distributed Storage • Considerations • unique issues • specific security requirements not been well-defined • Concerns about data in cloud • Privacy • Integrity Cloud Computing - Part II 2 30th Jan, 2020 2Ms. T.K. Anusuya
Cloud Storage • Distributed Storage • Types • SAN • NAS • Reliability • Security • Integrity • LAN • same authority • WAN • different authorities Cloud Computing - Part II 3 30th Jan, 2020 3Ms. T.K. Anusuya
Amazon’s Web Service Cloud Computing - Part II 4 30th Jan, 2020 4Ms. T.K. Anusuya
Microsoft Windows Azure 3 basic data items-blobs(upto50 GB), TABLES & queues Cloud Computing - Part II 5 30th Jan, 2020 5Ms. T.K. Anusuya
Google App Engine (GAE) SDC-Secure data connector Cloud Computing - Part II 6 30th Jan, 2020 6Ms. T.K. Anusuya
Vulnerabilities • Confidentiality(eve, bob &alice) • Integrity • Repudiation • Missing link between download and upload • Upload-to-Download Integrity • Repudiation Between Users and Service Providers Cloud Computing - Part II 7 30th Jan, 2020 7Ms. T.K. Anusuya
Solutions for missing link • Third authority certified (TAC) • Secret key sharing technique (SKS) • Solutions • Neither TAC nor SKS • With SKS but without TAC • With TAC but without SKS • With Both TAC and SKS Cloud Computing - Part II 8 30th Jan, 2020 8Ms. T.K. Anusuya
Neither TAC nor SKS (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to service provider with MD5 checksum and MD5 Signature by User (MSU). 2. Service Provider: Verifies the data with MD5 checksum, if it is valid, the service provider sends back the MD5 and MD5 Signature by Provider (MSP) to user. 3. MSU is stored at the user side, and MSP is stored at the service provider side. • Downloading Session 1. User: Sends request to service provider with authentication code. 2. Service Provider: Verifies the request identity, if it is valid, the service provider sends back the data with MD5 checksum and MD5 Signature by Provider (MSP) to user. 3. User verifies the data using the MD5 checksum. Cloud Computing - Part II 9 30th Jan, 2020 9Ms. T.K. Anusuya
With SKS but without TAC (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to service provider with MD checksum 5. 2. Service Provider: Verifies the data with MD5 checksum, if it is valid, the service provider sends back the MD5 checksum. 3. The service provider and the user share the MD5 checksum with SKS. • Downloading Session • User: Sends request to the service provider with authentication code. • Service Provider: Verifies the request identity, if it is valid, the service provider sends back the data with MD5 checksum. • User verifies the data through the MD5 checksum. Cloud Computing - Part II 10 30th Jan, 2020 10Ms. T.K. Anusuya
With TAC but without SKS (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to the service provider along with MD5 checksum and MD5 Signature by User (MSU). 2. Service Provider: Verifies the data with MD5 checksum, if it is valid, the service provider sends back the MD5 checksum and MD5 Signature by Provider (MSP) to the user. 3. MSU and MSP are sent to TAC. • Downloading Session 1. User: Sends request to the service provider with authentication code. 2. Service Provider: Verifies the request with identity, if it is valid, the service provider sends back the data with MD5 checksum. 3. User verifies the data through the MD5 checksum. Cloud Computing - Part II 11 30th Jan, 2020 11Ms. T.K. Anusuya
With Both TAC and SKS (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to the service provider with MD5 checksum. 2. Service Provider: verifies the data with MD5 checksum. 3. Both the user and the service provider send MD5 checksum to TAC. 4. TAC verifies the two MD5 checksum values. If they match, the TAC distributes MD5 to the user and the service provider by SKS. • Downloading Session 1. User: Sends request to the service provider with authentication code. 2. Service Provider: Verifies the request identity, if it is valid, the service provider sends back the data with MD5 checksum. 3. User verifies the data through the MD5 checksum Cloud Computing - Part II 12 30th Jan, 2020 12Ms. T.K. Anusuya
TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 13 30th Jan, 2020 13Ms. T.K. Anusuya
TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 14 30th Jan, 2020 14Ms. T.K. Anusuya
Database Outsourcing • Security Concern –tera byte • 2 security concerns are • Data privacy • Hacigumus et al.-to execute sql over encrypted db • Agrawal et al.- encryption scheme for numeric value • Query integrity • Correct and Complete • Merkle hash tree Cloud Computing - Part II 15 30th Jan, 2020 15Ms. T.K. Anusuya
TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 16 30th Jan, 2020 16Ms. T.K. Anusuya
Data Integrity in Untrustworthy Storage • Remote data storage possession checking protocol • Requirements 1. Partial copy of the data 2. Robust protocol 3. High communication overhead 4. Computationally efficient 5. Unlimited verification • Technologies • A PDP-Based Integrity Checking Protocol • An Enhanced Data Possession Checking Protocol Cloud Computing - Part II 17 30th Jan, 2020 17Ms. T.K. Anusuya
A PDP-Based Integrity Checking Protocol Cloud Computing - Part II 18 30th Jan, 2020 18Ms. T.K. Anusuya
A PDP-Based Integrity Checking Protocol Cloud Computing - Part II 19 30th Jan, 2020 19Ms. T.K. Anusuya
An Enhanced Data Possession Checking Protocol • Enhance PDP-based protocol • Satisfy Requirement #2 with 100% probability • Computationally more efficient • Verification time has been shortened • Trade-offs between • the computation times required by the prover • the storage required at the verifier Cloud Computing - Part II 20 30th Jan, 2020 20Ms. T.K. Anusuya
TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 21 30th Jan, 2020 21Ms. T.K. Anusuya
Web-Application-Based Security • Web attack techniques • Authentication • Brute force, Insufficient Authentication, Weak password recovery • Authorization • Insufficient Authorization, Session attacks • Client-Side Attacks • Content Spoofing, XSS, CSRF • Command Execution • Like code injection or denial of service via buffer overflow • Information Disclosure • Path Traversal • Logical Attacks • DoS attack Cloud Computing - Part II 22 30th Jan, 2020 22Ms. T.K. Anusuya
TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 23 30th Jan, 2020 23Ms. T.K. Anusuya
Multimedia Data Security • Protection from Unauthorized Replication • Advantage • improve system performance • Disadvantage • contents copyright • waste of replication cost • extra control overheads • Protection from Unauthorized Replacement • Limited storage capacity • Remove stored content to make space • Protection from Unauthorized Pre-fetching • Just pre-fetch necessary content Cloud Computing - Part II 24 30th Jan, 2020 24Ms. T.K. Anusuya
Concerns at Different Levels • The cloud infrastructure providers (back-end) • The cloud service providers • The cloud consumers (front-end) • Application developer • End user Cloud Computing - Part II 25 30th Jan, 2020 25Ms. T.K. Anusuya
Challenges • Technical • Open security profiling • Remote control • Security compliance with standards • Certificates • Non-Technical • User’s fear of losing control Cloud Computing - Part II 26 30th Jan, 2020 26Ms. T.K. Anusuya

Recommended

Data Storage in Cloud computing
Data Storage in Cloud computingData Storage in Cloud computing
Data Storage in Cloud computingANUSUYA T K
 
IRJET - Providing High Securtiy for Encrypted Data in Cloud
IRJET - Providing High Securtiy for Encrypted Data in CloudIRJET - Providing High Securtiy for Encrypted Data in Cloud
IRJET - Providing High Securtiy for Encrypted Data in CloudIRJET Journal
 
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
 
IRJET- Efficient Data Access Control for Multi-authority Cloud Storage
IRJET- Efficient Data Access Control for Multi-authority Cloud StorageIRJET- Efficient Data Access Control for Multi-authority Cloud Storage
IRJET- Efficient Data Access Control for Multi-authority Cloud StorageIRJET Journal
 
IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...
IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...
IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...IRJET Journal
 
B381521
B381521B381521
B381521International Advance Journal of Engineering Research
 
PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO...
PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO... PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO...
PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO...Nexgen Technology
 
Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Shakas Technologies
 

Recommended

Data Storage in Cloud computing
Data Storage in Cloud computingData Storage in Cloud computing
Data Storage in Cloud computingANUSUYA T K
 
IRJET - Providing High Securtiy for Encrypted Data in Cloud
IRJET - Providing High Securtiy for Encrypted Data in CloudIRJET - Providing High Securtiy for Encrypted Data in Cloud
IRJET - Providing High Securtiy for Encrypted Data in CloudIRJET Journal
 
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
 
IRJET- Efficient Data Access Control for Multi-authority Cloud Storage
IRJET- Efficient Data Access Control for Multi-authority Cloud StorageIRJET- Efficient Data Access Control for Multi-authority Cloud Storage
IRJET- Efficient Data Access Control for Multi-authority Cloud StorageIRJET Journal
 
IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...
IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...
IRJET- Continuous Auditing Approach to the Cloud Service Addressing Attri...IRJET Journal
 
B381521
B381521B381521
B381521International Advance Journal of Engineering Research
 
PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO...
PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO... PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO...
PUBLIC INTEGRITY AUDITING FOR SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVO...Nexgen Technology
 
Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Shakas Technologies
 
8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computingMajid Hajibaba
 
Blockchain-based multiple AAA system in edge computing for IoT networks
Blockchain-based multiple AAA system in edge computing for IoT networksBlockchain-based multiple AAA system in edge computing for IoT networks
Blockchain-based multiple AAA system in edge computing for IoT networksNam Yong Kim
 
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...Robert Parker
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingIJERA Editor
 
J0423066069
J0423066069J0423066069
J0423066069ijceronline
 
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STSSECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STSManoj Kumar K.M
 
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...IRJET Journal
 
A New Mode to Ensure Security in Cloud Computing Services
A New Mode to Ensure Security in Cloud Computing ServicesA New Mode to Ensure Security in Cloud Computing Services
A New Mode to Ensure Security in Cloud Computing ServicesMahmuda Rahman
 
Paper id 212014106
Paper id 212014106Paper id 212014106
Paper id 212014106IJRAT
 
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentInsuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentEditor IJCATR
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2Ankit Gupta
 
Integrity for join queries in the cloud
Integrity for join queries in the cloudIntegrity for join queries in the cloud
Integrity for join queries in the cloudPapitha Velumani
 
Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Editor IJARCET
 
Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Editor IJARCET
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersGokul Alex
 
Privacy preserving public auditing
Privacy preserving public auditingPrivacy preserving public auditing
Privacy preserving public auditingvmshimavm
 
Decentralized cloud firewall framework with resources provisioning cost optim...
Decentralized cloud firewall framework with resources provisioning cost optim...Decentralized cloud firewall framework with resources provisioning cost optim...
Decentralized cloud firewall framework with resources provisioning cost optim...aish006
 
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...RahulJain989779
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...David Wallom
 
A study on security issues in cloud based e learning
A study on security issues in cloud based e learningA study on security issues in cloud based e learning
A study on security issues in cloud based e learningManimaran A
 
Chap3 Device Technology
Chap3 Device TechnologyChap3 Device Technology
Chap3 Device TechnologyANUSUYA T K
 
Data preprocessing PPT
Data preprocessing PPTData preprocessing PPT
Data preprocessing PPTANUSUYA T K
 

More Related Content

Similar to Cc chap-8

8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computingMajid Hajibaba
 
Blockchain-based multiple AAA system in edge computing for IoT networks
Blockchain-based multiple AAA system in edge computing for IoT networksBlockchain-based multiple AAA system in edge computing for IoT networks
Blockchain-based multiple AAA system in edge computing for IoT networksNam Yong Kim
 
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...Robert Parker
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingIJERA Editor
 
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STSSECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STSManoj Kumar K.M
 
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...IRJET Journal
 
A New Mode to Ensure Security in Cloud Computing Services
A New Mode to Ensure Security in Cloud Computing ServicesA New Mode to Ensure Security in Cloud Computing Services
A New Mode to Ensure Security in Cloud Computing ServicesMahmuda Rahman
 
Paper id 212014106
Paper id 212014106Paper id 212014106
Paper id 212014106IJRAT
 
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentInsuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentEditor IJCATR
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2Ankit Gupta
 
Integrity for join queries in the cloud
Integrity for join queries in the cloudIntegrity for join queries in the cloud
Integrity for join queries in the cloudPapitha Velumani
 
Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Editor IJARCET
 
Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Editor IJARCET
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersGokul Alex
 
Privacy preserving public auditing
Privacy preserving public auditingPrivacy preserving public auditing
Privacy preserving public auditingvmshimavm
 
Decentralized cloud firewall framework with resources provisioning cost optim...
Decentralized cloud firewall framework with resources provisioning cost optim...Decentralized cloud firewall framework with resources provisioning cost optim...
Decentralized cloud firewall framework with resources provisioning cost optim...aish006
 
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...RahulJain989779
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...David Wallom
 
A study on security issues in cloud based e learning
A study on security issues in cloud based e learningA study on security issues in cloud based e learning
A study on security issues in cloud based e learningManimaran A
 

Similar to Cc chap-8 (20)

8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing
 
Blockchain-based multiple AAA system in edge computing for IoT networks
Blockchain-based multiple AAA system in edge computing for IoT networksBlockchain-based multiple AAA system in edge computing for IoT networks
Blockchain-based multiple AAA system in edge computing for IoT networks
 
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...
Interconnect 2017: 6893 Keep out the bad guys by securing your MQ messaging e...
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud Computing
 
J0423066069
J0423066069J0423066069
J0423066069
 
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STSSECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
SECURITY MECHANISM FOR WEBSERVICE USING SECURITY TOKEN SERVICE(STS
 
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...
IRJET- Accomplishing Secure, Widespread, and Fine-Grained Question Results Ch...
 
A New Mode to Ensure Security in Cloud Computing Services
A New Mode to Ensure Security in Cloud Computing ServicesA New Mode to Ensure Security in Cloud Computing Services
A New Mode to Ensure Security in Cloud Computing Services
 
Paper id 212014106
Paper id 212014106Paper id 212014106
Paper id 212014106
 
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentInsuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud Environment
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
 
Integrity for join queries in the cloud
Integrity for join queries in the cloudIntegrity for join queries in the cloud
Integrity for join queries in the cloud
 
Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240
 
Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240Ijarcet vol-2-issue-7-2236-2240
Ijarcet vol-2-issue-7-2236-2240
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
 
Privacy preserving public auditing
Privacy preserving public auditingPrivacy preserving public auditing
Privacy preserving public auditing
 
Decentralized cloud firewall framework with resources provisioning cost optim...
Decentralized cloud firewall framework with resources provisioning cost optim...Decentralized cloud firewall framework with resources provisioning cost optim...
Decentralized cloud firewall framework with resources provisioning cost optim...
 
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...
12-Dynamic Resource Provisioning, Security Aspects, Module-5-Cognitive comput...
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...
 
A study on security issues in cloud based e learning
A study on security issues in cloud based e learningA study on security issues in cloud based e learning
A study on security issues in cloud based e learning
 

More from ANUSUYA T K

Chap3 Device Technology
Chap3 Device TechnologyChap3 Device Technology
Chap3 Device TechnologyANUSUYA T K
 
Data preprocessing PPT
Data preprocessing PPTData preprocessing PPT
Data preprocessing PPTANUSUYA T K
 
Introduction to Corel Draw
Introduction to Corel DrawIntroduction to Corel Draw
Introduction to Corel DrawANUSUYA T K
 
Introduction to dm and dw
Introduction to dm and dwIntroduction to dm and dw
Introduction to dm and dwANUSUYA T K
 
Chap 2-pc applications examples
Chap 2-pc applications examplesChap 2-pc applications examples
Chap 2-pc applications examplesANUSUYA T K
 
Chap1 introduction to Pervasive Computing
Chap1 introduction to Pervasive ComputingChap1 introduction to Pervasive Computing
Chap1 introduction to Pervasive ComputingANUSUYA T K
 
Pagemaker7.0 layout
Pagemaker7.0 layoutPagemaker7.0 layout
Pagemaker7.0 layoutANUSUYA T K
 
Mail merge in page maker 7
Mail merge in page maker 7Mail merge in page maker 7
Mail merge in page maker 7ANUSUYA T K
 
Layers and types of cloud
Layers and types of cloudLayers and types of cloud
Layers and types of cloudANUSUYA T K
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsANUSUYA T K
 
Virtual Machine provisioning and migration services
Virtual Machine provisioning and migration servicesVirtual Machine provisioning and migration services
Virtual Machine provisioning and migration servicesANUSUYA T K
 
VM for cloud infrastructure
VM for cloud infrastructureVM for cloud infrastructure
VM for cloud infrastructureANUSUYA T K
 
Cloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceCloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceANUSUYA T K
 
Migrating into a cloud
Migrating into a cloudMigrating into a cloud
Migrating into a cloudANUSUYA T K
 
Cloud computing introduction
Cloud computing introductionCloud computing introduction
Cloud computing introductionANUSUYA T K
 

More from ANUSUYA T K (15)

Chap3 Device Technology
Chap3 Device TechnologyChap3 Device Technology
Chap3 Device Technology
 
Data preprocessing PPT
Data preprocessing PPTData preprocessing PPT
Data preprocessing PPT
 
Introduction to Corel Draw
Introduction to Corel DrawIntroduction to Corel Draw
Introduction to Corel Draw
 
Introduction to dm and dw
Introduction to dm and dwIntroduction to dm and dw
Introduction to dm and dw
 
Chap 2-pc applications examples
Chap 2-pc applications examplesChap 2-pc applications examples
Chap 2-pc applications examples
 
Chap1 introduction to Pervasive Computing
Chap1 introduction to Pervasive ComputingChap1 introduction to Pervasive Computing
Chap1 introduction to Pervasive Computing
 
Pagemaker7.0 layout
Pagemaker7.0 layoutPagemaker7.0 layout
Pagemaker7.0 layout
 
Mail merge in page maker 7
Mail merge in page maker 7Mail merge in page maker 7
Mail merge in page maker 7
 
Layers and types of cloud
Layers and types of cloudLayers and types of cloud
Layers and types of cloud
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment models
 
Virtual Machine provisioning and migration services
Virtual Machine provisioning and migration servicesVirtual Machine provisioning and migration services
Virtual Machine provisioning and migration services
 
VM for cloud infrastructure
VM for cloud infrastructureVM for cloud infrastructure
VM for cloud infrastructure
 
Cloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceCloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a service
 
Migrating into a cloud
Migrating into a cloudMigrating into a cloud
Migrating into a cloud
 
Cloud computing introduction
Cloud computing introductionCloud computing introduction
Cloud computing introduction
 

Recently uploaded

URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Recently uploaded (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 

Cc chap-8

  • 1. 8-SECURE DISTRIBUTED DATA STORAGE IN CLOUD COMPUTING Cloud Computing Principles and Paradigms Cloud Computing - Part II 1 30th Jan, 2020 1Ms. T.K. Anusuya Ms. T.K. ANUSUYA Department of Computer Science Bon Secours College for Women, Thanjavur
  • 2. Introduction • Data Storage • Distributed Storage • Considerations • unique issues • specific security requirements not been well-defined • Concerns about data in cloud • Privacy • Integrity Cloud Computing - Part II 2 30th Jan, 2020 2Ms. T.K. Anusuya
  • 3. Cloud Storage • Distributed Storage • Types • SAN • NAS • Reliability • Security • Integrity • LAN • same authority • WAN • different authorities Cloud Computing - Part II 3 30th Jan, 2020 3Ms. T.K. Anusuya
  • 4. Amazon’s Web Service Cloud Computing - Part II 4 30th Jan, 2020 4Ms. T.K. Anusuya
  • 5. Microsoft Windows Azure 3 basic data items-blobs(upto50 GB), TABLES & queues Cloud Computing - Part II 5 30th Jan, 2020 5Ms. T.K. Anusuya
  • 6. Google App Engine (GAE) SDC-Secure data connector Cloud Computing - Part II 6 30th Jan, 2020 6Ms. T.K. Anusuya
  • 7. Vulnerabilities • Confidentiality(eve, bob &alice) • Integrity • Repudiation • Missing link between download and upload • Upload-to-Download Integrity • Repudiation Between Users and Service Providers Cloud Computing - Part II 7 30th Jan, 2020 7Ms. T.K. Anusuya
  • 8. Solutions for missing link • Third authority certified (TAC) • Secret key sharing technique (SKS) • Solutions • Neither TAC nor SKS • With SKS but without TAC • With TAC but without SKS • With Both TAC and SKS Cloud Computing - Part II 8 30th Jan, 2020 8Ms. T.K. Anusuya
  • 9. Neither TAC nor SKS (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to service provider with MD5 checksum and MD5 Signature by User (MSU). 2. Service Provider: Verifies the data with MD5 checksum, if it is valid, the service provider sends back the MD5 and MD5 Signature by Provider (MSP) to user. 3. MSU is stored at the user side, and MSP is stored at the service provider side. • Downloading Session 1. User: Sends request to service provider with authentication code. 2. Service Provider: Verifies the request identity, if it is valid, the service provider sends back the data with MD5 checksum and MD5 Signature by Provider (MSP) to user. 3. User verifies the data using the MD5 checksum. Cloud Computing - Part II 9 30th Jan, 2020 9Ms. T.K. Anusuya
  • 10. With SKS but without TAC (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to service provider with MD checksum 5. 2. Service Provider: Verifies the data with MD5 checksum, if it is valid, the service provider sends back the MD5 checksum. 3. The service provider and the user share the MD5 checksum with SKS. • Downloading Session • User: Sends request to the service provider with authentication code. • Service Provider: Verifies the request identity, if it is valid, the service provider sends back the data with MD5 checksum. • User verifies the data through the MD5 checksum. Cloud Computing - Part II 10 30th Jan, 2020 10Ms. T.K. Anusuya
  • 11. With TAC but without SKS (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to the service provider along with MD5 checksum and MD5 Signature by User (MSU). 2. Service Provider: Verifies the data with MD5 checksum, if it is valid, the service provider sends back the MD5 checksum and MD5 Signature by Provider (MSP) to the user. 3. MSU and MSP are sent to TAC. • Downloading Session 1. User: Sends request to the service provider with authentication code. 2. Service Provider: Verifies the request with identity, if it is valid, the service provider sends back the data with MD5 checksum. 3. User verifies the data through the MD5 checksum. Cloud Computing - Part II 11 30th Jan, 2020 11Ms. T.K. Anusuya
  • 12. With Both TAC and SKS (thirdauthoritycertified,secretkeysharingtech) • Uploading Session 1. User: Sends data to the service provider with MD5 checksum. 2. Service Provider: verifies the data with MD5 checksum. 3. Both the user and the service provider send MD5 checksum to TAC. 4. TAC verifies the two MD5 checksum values. If they match, the TAC distributes MD5 to the user and the service provider by SKS. • Downloading Session 1. User: Sends request to the service provider with authentication code. 2. Service Provider: Verifies the request identity, if it is valid, the service provider sends back the data with MD5 checksum. 3. User verifies the data through the MD5 checksum Cloud Computing - Part II 12 30th Jan, 2020 12Ms. T.K. Anusuya
  • 13. TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 13 30th Jan, 2020 13Ms. T.K. Anusuya
  • 14. TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 14 30th Jan, 2020 14Ms. T.K. Anusuya
  • 15. Database Outsourcing • Security Concern –tera byte • 2 security concerns are • Data privacy • Hacigumus et al.-to execute sql over encrypted db • Agrawal et al.- encryption scheme for numeric value • Query integrity • Correct and Complete • Merkle hash tree Cloud Computing - Part II 15 30th Jan, 2020 15Ms. T.K. Anusuya
  • 16. TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 16 30th Jan, 2020 16Ms. T.K. Anusuya
  • 17. Data Integrity in Untrustworthy Storage • Remote data storage possession checking protocol • Requirements 1. Partial copy of the data 2. Robust protocol 3. High communication overhead 4. Computationally efficient 5. Unlimited verification • Technologies • A PDP-Based Integrity Checking Protocol • An Enhanced Data Possession Checking Protocol Cloud Computing - Part II 17 30th Jan, 2020 17Ms. T.K. Anusuya
  • 18. A PDP-Based Integrity Checking Protocol Cloud Computing - Part II 18 30th Jan, 2020 18Ms. T.K. Anusuya
  • 19. A PDP-Based Integrity Checking Protocol Cloud Computing - Part II 19 30th Jan, 2020 19Ms. T.K. Anusuya
  • 20. An Enhanced Data Possession Checking Protocol • Enhance PDP-based protocol • Satisfy Requirement #2 with 100% probability • Computationally more efficient • Verification time has been shortened • Trade-offs between • the computation times required by the prover • the storage required at the verifier Cloud Computing - Part II 20 30th Jan, 2020 20Ms. T.K. Anusuya
  • 21. TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 21 30th Jan, 2020 21Ms. T.K. Anusuya
  • 22. Web-Application-Based Security • Web attack techniques • Authentication • Brute force, Insufficient Authentication, Weak password recovery • Authorization • Insufficient Authorization, Session attacks • Client-Side Attacks • Content Spoofing, XSS, CSRF • Command Execution • Like code injection or denial of service via buffer overflow • Information Disclosure • Path Traversal • Logical Attacks • DoS attack Cloud Computing - Part II 22 30th Jan, 2020 22Ms. T.K. Anusuya
  • 23. TECHNOLOGIES FOR DATA SECURITY IN CLOUD COMPUTING • Database Outsourcing and Query Integrity Assurance • Data Integrity in Untrustworthy Storage • Web-Application-Based Security • Multimedia Data Security Cloud Computing - Part II 23 30th Jan, 2020 23Ms. T.K. Anusuya
  • 24. Multimedia Data Security • Protection from Unauthorized Replication • Advantage • improve system performance • Disadvantage • contents copyright • waste of replication cost • extra control overheads • Protection from Unauthorized Replacement • Limited storage capacity • Remove stored content to make space • Protection from Unauthorized Pre-fetching • Just pre-fetch necessary content Cloud Computing - Part II 24 30th Jan, 2020 24Ms. T.K. Anusuya
  • 25. Concerns at Different Levels • The cloud infrastructure providers (back-end) • The cloud service providers • The cloud consumers (front-end) • Application developer • End user Cloud Computing - Part II 25 30th Jan, 2020 25Ms. T.K. Anusuya
  • 26. Challenges • Technical • Open security profiling • Remote control • Security compliance with standards • Certificates • Non-Technical • User’s fear of losing control Cloud Computing - Part II 26 30th Jan, 2020 26Ms. T.K. Anusuya