This document proposes a scheme to enhance security in cloud computing. It discusses how a user's data stored with a cloud provider could be at risk if the provider's internal staff can access the encrypted data. The proposed scheme aims to avoid unauthorized access of user data by sending a message to the user's mobile number when a transaction starts and displaying fake information for unsuccessful login attempts to avoid further trials. It also provides background on cloud computing and common security methods like encryption, authentication, and secure channels. The introduction describes the proposed system's process of requesting access to protected data, authenticating the user, and conditionally providing a fake database in the case of hacking attempts.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
A Survey on Access Control Mechanisms using Attribute Based Encryption in cloudijsrd.com
Cloud computing is an emerging computing technology that enables users to distantly store their data into a cloud so as to enjoy scalable services when required. And user can outsource their resources to server (also called cloud) using Internet. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. Attribute-based encryption (ABE) can be used for log encryption. This survey is more specific to the different security issues on data access in cloud environment.
A novel graphical password approach for accessing cloud & data verificationeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
A Survey on Access Control Mechanisms using Attribute Based Encryption in cloudijsrd.com
Cloud computing is an emerging computing technology that enables users to distantly store their data into a cloud so as to enjoy scalable services when required. And user can outsource their resources to server (also called cloud) using Internet. Security is one of the major issues which reduces the growth of cloud computing and complications with data privacy and data protection continue to plague the market. Attribute-based encryption (ABE) can be used for log encryption. This survey is more specific to the different security issues on data access in cloud environment.
A novel graphical password approach for accessing cloud & data verificationeSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Security and Protection of Enterprise Data in Cloud: Implementation of Deniab...IJERA Editor
Enterprise level cloud data storage is gaining importance in the area of consumer level file hostage services. Cloud storage providers are responsible for availability, accessibility and protection of the user data. A number of encrypting schemes have been proposed for encrypting the user data in cloud storage to protect unauthorized access. Most of the Attribute Based Encryption (ABE) schemes that were proposed assume that the data in cloud storage are secure and are never disclosed. However, in reality, some of the authorities may force the cloud storage providers to disclose the cloud user’s secrets or personal data. In this paper, a new deniable ABE encryption scheme for cloud storage is proposed to ensure user privacy with minimized unauthorized access. A new ranking algorithm assigns a rank to each user at the time of registration based on their personal information. The rank of the user enhances the privacy and provides access control to the data stored on cloud. Each file uploaded to cloud is assigned with a rank and the file downloads only if the rank of the user matches the rank associated with the file. If rank of the user does not match then a fake file will be downloaded. Since authorities who demand for user secret cannot decide if the information they get about the user are legitimate, the cloud storage providers make sure that the individual user privacy is still protected. The ranking algorithm is also used to provide improved cloud access response time to prioritized users
A PRACTICAL CLIENT APPLICATION BASED ON ATTRIBUTE-BASED ACCESS CONTROL FOR UN...cscpconf
One of widely used cryptographic primitives for the cloud application is Attribute Based Encryption (ABE) where users can have their own attributes and a ciphertext encrypted by an access policy. Though ABE provides many benefits, the novelty often only exists in an academic world and it is often difficult to find a practical use of ABE for a real application. In this paper, we discuss the design and implementation of a cloud storage client application which supports the concept of ABE. Our proposed client provides an effective access control mechanism where it allows different types of access policy to be defined thus allowing large datasets to be shared by multiple users. Using different access policy, each user only needs to access only a small part of the big data. The goal of our experiment is to explore the right set of strategies for developing a practical ABE-based system. Through the implementation and evaluation, we have determined the various characteristics and issues associated with developing a practical ABEbased
application.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Messages addressed to specific users can be decrypted by Key Generation Centre (KGC) by generating their private keys. Data owner wants the data to be delivered only to specified user and not to unauthorized person that is the data owner makes their private data accessible only to authorized person. We propose attribute based encryption and escrow problem which means written agreement delivered to a third party to overcome this problem. Attribute based Encryption (ABE) is a type of public-key encryption in which the private key of a user and the cipher text are dependent upon attributes. It is a promising cryptographic approach.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
Key frame extraction is an essential technique in the computer vision field. The extracted key frames should brief the salient events with an excellent feasibility, great efficiency, and with a high-level of robustness. Thus, it is not an easy problem to solve because it is attributed to many visual features.
This paper intends to solve this problem by investigating the relationship between these features detection and the accuracy of key frames extraction techniques using TRIZ. An improved algorithm for key frame extraction was then proposed based on an accumulative optical flow with a self-adaptive threshold (AOF_ST) as recommended in TRIZ inventive principles. Several video shots including original and forgery videos with complex conditions are used to verify the experimental results. The comparison of our results with the-state-of-the-art algorithms results showed that the proposed extraction algorithm can accurately brief the videos and generated a meaningful compact count number of key frames. On top of that, our proposed algorithm achieves 124.4 and 31.4 for best and worst case in KTH dataset extracted key frames in terms of compression rate, while the-state-of-the-art algorithms achieved 8.90 in the best case.
Control Cloud Data Access Using Attribute-Based Encryptionpaperpublications3
Abstract: Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. Those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed recently. Data access control is an effective way to ensure the data security in the cloud. However, due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Data security is the key concern in the distributed system. Various schemes based on the attribute-based encryption have been proposed to secure the cloud storage. However, most work focuses on the data contents privacy and the access control, while less attention is paid to the privilege control and the identity privacy. In this paper, we present a semianonymous privilege control scheme AnonyControl to address not only the data privacy, but also the user identity privacy in existing access control schemes. AnonyControl decentralizes the central authority to limit the identity leakage and thus achieves semianonymity. Besides, it also generalizes the file access control to the privilege control, by which privileges of all operations on the cloud data can be managed in a fine-grained manner. Subsequently, we present the AnonyControl-F, which fully prevents the identity leakage and achieve the full anonymity. Our security analysis shows that both AnonyControl and AnonyControl-F are secure under the decisional bilinear Diffie–Hellman assumption, and our performance evaluation exhibits the feasibility of our schemes.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Cloud Auditing With Zero Knowledge PrivacyIJERA Editor
The Cloud computing is a latest technology which provides various services through internet. The Cloud server allows user to store their data on a cloud without worrying about correctness & integrity of data. Cloud data storage has many advantages over local data storage. User can upload their data on cloud and can access those data anytime anywhere without any additional burden. The User doesn’t have to worry about storage and maintenance of cloud data. But as data is stored at the remote place how users will get the confirmation about stored data. Hence Cloud data storage should have some mechanism which will specify storage correctness and integrity of data stored on a cloud. The major problem of cloud data storage is security .Many researchers have proposed their work or new algorithms to achieve security or to resolve this security problem. In this paper, we proposed a Shamir’s Secrete sharing algorithm for Privacy Preservation for data Storage security in cloud computing. We can achieve confidentiality, integrity and availability of the data. It supports data dynamics where the user can perform various operations on data like insert, update and delete as well as batch auditing where multiple user requests for storage correctness will be handled simultaneously which reduce communication and computing cost.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Cloud computing is the emerging trend in todays world. Cloud computing is not a separate technology, it is platform which provides platform as a service, Infrastructure as a service and Software as a service. The most important thing with cloud is that we hire everything from a third party or store our important datas in a third parties place .Here comes the major issue of how our datas are secured. In this paper, we discuss about how to protect our datas in the cloud with various cryptographic techniques. Padmapriya I | Ragini H "Cloud Cryptography" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-2 , February 2019, URL: https://www.ijtsrd.com/papers/ijtsrd21547.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-network/21547/cloud-cryptography/padmapriya-i
Security and Protection of Enterprise Data in Cloud: Implementation of Deniab...IJERA Editor
Enterprise level cloud data storage is gaining importance in the area of consumer level file hostage services. Cloud storage providers are responsible for availability, accessibility and protection of the user data. A number of encrypting schemes have been proposed for encrypting the user data in cloud storage to protect unauthorized access. Most of the Attribute Based Encryption (ABE) schemes that were proposed assume that the data in cloud storage are secure and are never disclosed. However, in reality, some of the authorities may force the cloud storage providers to disclose the cloud user’s secrets or personal data. In this paper, a new deniable ABE encryption scheme for cloud storage is proposed to ensure user privacy with minimized unauthorized access. A new ranking algorithm assigns a rank to each user at the time of registration based on their personal information. The rank of the user enhances the privacy and provides access control to the data stored on cloud. Each file uploaded to cloud is assigned with a rank and the file downloads only if the rank of the user matches the rank associated with the file. If rank of the user does not match then a fake file will be downloaded. Since authorities who demand for user secret cannot decide if the information they get about the user are legitimate, the cloud storage providers make sure that the individual user privacy is still protected. The ranking algorithm is also used to provide improved cloud access response time to prioritized users
A PRACTICAL CLIENT APPLICATION BASED ON ATTRIBUTE-BASED ACCESS CONTROL FOR UN...cscpconf
One of widely used cryptographic primitives for the cloud application is Attribute Based Encryption (ABE) where users can have their own attributes and a ciphertext encrypted by an access policy. Though ABE provides many benefits, the novelty often only exists in an academic world and it is often difficult to find a practical use of ABE for a real application. In this paper, we discuss the design and implementation of a cloud storage client application which supports the concept of ABE. Our proposed client provides an effective access control mechanism where it allows different types of access policy to be defined thus allowing large datasets to be shared by multiple users. Using different access policy, each user only needs to access only a small part of the big data. The goal of our experiment is to explore the right set of strategies for developing a practical ABE-based system. Through the implementation and evaluation, we have determined the various characteristics and issues associated with developing a practical ABEbased
application.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Messages addressed to specific users can be decrypted by Key Generation Centre (KGC) by generating their private keys. Data owner wants the data to be delivered only to specified user and not to unauthorized person that is the data owner makes their private data accessible only to authorized person. We propose attribute based encryption and escrow problem which means written agreement delivered to a third party to overcome this problem. Attribute based Encryption (ABE) is a type of public-key encryption in which the private key of a user and the cipher text are dependent upon attributes. It is a promising cryptographic approach.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
Key frame extraction is an essential technique in the computer vision field. The extracted key frames should brief the salient events with an excellent feasibility, great efficiency, and with a high-level of robustness. Thus, it is not an easy problem to solve because it is attributed to many visual features.
This paper intends to solve this problem by investigating the relationship between these features detection and the accuracy of key frames extraction techniques using TRIZ. An improved algorithm for key frame extraction was then proposed based on an accumulative optical flow with a self-adaptive threshold (AOF_ST) as recommended in TRIZ inventive principles. Several video shots including original and forgery videos with complex conditions are used to verify the experimental results. The comparison of our results with the-state-of-the-art algorithms results showed that the proposed extraction algorithm can accurately brief the videos and generated a meaningful compact count number of key frames. On top of that, our proposed algorithm achieves 124.4 and 31.4 for best and worst case in KTH dataset extracted key frames in terms of compression rate, while the-state-of-the-art algorithms achieved 8.90 in the best case.
Control Cloud Data Access Using Attribute-Based Encryptionpaperpublications3
Abstract: Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. Those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed recently. Data access control is an effective way to ensure the data security in the cloud. However, due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Data security is the key concern in the distributed system. Various schemes based on the attribute-based encryption have been proposed to secure the cloud storage. However, most work focuses on the data contents privacy and the access control, while less attention is paid to the privilege control and the identity privacy. In this paper, we present a semianonymous privilege control scheme AnonyControl to address not only the data privacy, but also the user identity privacy in existing access control schemes. AnonyControl decentralizes the central authority to limit the identity leakage and thus achieves semianonymity. Besides, it also generalizes the file access control to the privilege control, by which privileges of all operations on the cloud data can be managed in a fine-grained manner. Subsequently, we present the AnonyControl-F, which fully prevents the identity leakage and achieve the full anonymity. Our security analysis shows that both AnonyControl and AnonyControl-F are secure under the decisional bilinear Diffie–Hellman assumption, and our performance evaluation exhibits the feasibility of our schemes.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Cloud Auditing With Zero Knowledge PrivacyIJERA Editor
The Cloud computing is a latest technology which provides various services through internet. The Cloud server allows user to store their data on a cloud without worrying about correctness & integrity of data. Cloud data storage has many advantages over local data storage. User can upload their data on cloud and can access those data anytime anywhere without any additional burden. The User doesn’t have to worry about storage and maintenance of cloud data. But as data is stored at the remote place how users will get the confirmation about stored data. Hence Cloud data storage should have some mechanism which will specify storage correctness and integrity of data stored on a cloud. The major problem of cloud data storage is security .Many researchers have proposed their work or new algorithms to achieve security or to resolve this security problem. In this paper, we proposed a Shamir’s Secrete sharing algorithm for Privacy Preservation for data Storage security in cloud computing. We can achieve confidentiality, integrity and availability of the data. It supports data dynamics where the user can perform various operations on data like insert, update and delete as well as batch auditing where multiple user requests for storage correctness will be handled simultaneously which reduce communication and computing cost.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
Cloud computing is the emerging trend in todays world. Cloud computing is not a separate technology, it is platform which provides platform as a service, Infrastructure as a service and Software as a service. The most important thing with cloud is that we hire everything from a third party or store our important datas in a third parties place .Here comes the major issue of how our datas are secured. In this paper, we discuss about how to protect our datas in the cloud with various cryptographic techniques. Padmapriya I | Ragini H "Cloud Cryptography" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-2 , February 2019, URL: https://www.ijtsrd.com/papers/ijtsrd21547.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-network/21547/cloud-cryptography/padmapriya-i
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Secure One Time Password OTP Generation for user Authentication in Cloud Envi...ijtsrd
Cloud computing is one of today's most exciting technologies due to its ability to reduce cost associated with computing. This technology worldwide used to improve the business infrastructure and performance. The major threat that the cloud is facing now is security. So, the user authentication is very important step in cloud environment. The traditional authentication user name and static password or PIN code can be easily broken by the skillful attacker. An Unauthorized user can easily enter into the system if he knows the user credentials. Encryption algorithms play a main role in information security systems. Efficient password generation for user authentication is an important problem in secure Cloud communications. In the paper, the One Time Password OTP approach is used to authenticate the cloud users. The generated OPT is encrypted by RSA public key encryption to be more secure for the cloud user authentication. So the third party is not required to generate OPT in the proposed paper. This paper can help to solve the user authentication problem in Cloud environment. Kyaw Swar Hlaing | Nay Aung Aung "Secure One Time Password (OTP) Generation for user Authentication in Cloud Environment" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd28037.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/28037/secure-one-time-password-otp-generation-for-user-authentication-in-cloud-environment/kyaw-swar-hlaing
The adoption of cloud environment for various application uses has led to security and privacy concern of user’s data. To protect user data and privacy on such platform is an area of concern. Many cryptography strategy has been presented to provide secure sharing of resource on cloud platform. These methods tries to achieve a secure authentication strategy to realize feature such as self-blindable access tickets, group signatures, anonymous access tickets, minimal disclosure of tickets and revocation but each one varies in realization of these features. Each feature requires different cryptography mechanism for realization. Due to this it induces computation complexity which affects the deployment of these models in practical application. Most of these techniques are designed for a particular application environment and adopt public key cryptography which incurs high cost due to computation complexity. To address these issues this work present an secure and efficient privacy preserving of mining data on public cloud platform by adopting party and key based authentication strategy. The proposed SCPPDM (Secure Cloud Privacy Preserving Data Mining) is deployed on Microsoft azure cloud platform. Experiment is conducted to evaluate computation complexity. The outcome shows the proposed model achieves significant performance interm of computation overhead and cost.
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. The occupier need not be concerned with how the Paas system achieves expansion under high load.MAC systems differ as security policy is defined for the entire system, typically by administrators. Information flow control (IFC) is a MAC approach, developed originally from military information management methodologies. IFC can be used to enforce more general policies, using appropriate labeling and checking schemes. The labels can be used to manage both confidentiality and integrity concerns, tracking “secrecy†and “quality†of data, respectively. Decentralized Information Flow Control (DIFC) is an approach to security that allows application writers to control how data flow between the pieces of application and the outside world. As applied to privacy DIFC allows un trusted software to compute with private data while trusted security code controls the release of that data. As applied to integrity DIFC allows trusted code to protect un trusted software from unexpected inputs.
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
The Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and
flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts
such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set
of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other
words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the
other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in
a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also
describe other application of our schemes. In particular, our schemes give the first public-key patient controlled encryption for flexible
hierarchy, which was yet to be known.
In recent days Cloud computing is a rising technique
which offers data sharing with more efficient, effective and
economical approaches between group members. To create an
authentic and anonymous data sharing, IDentity based Ring
Signature (ID-RS) is one of the promising technique between
the groups. Ring signature scheme permits the manager or data
owner to authenticate into the system in anonymous manner.
In conventional Public Key Infrastructure (PKI) data sharing
scheme contains certificate authentication process, which is a
bottleneck because of its high cost. To avoid this problem, we
proposed Cost Optimized Identity based Ring Signature with
forward secrecy (COIRS) scheme. This scheme helps to remove
the traditional certificate verification process. Only once the user
needs to be verified by the manager giving his public details. The
cost and time required for this process is comparatively less than
traditional public key infrastructure. If the secret key holder has
been compromised, all early generated signatures remains valid
(Forward Secrecy). This paper discuss about how to optimize the
time and cost when sharing the files to the cloud. We provide a
protection from collision attack, which means revoked users will
not get the original documents. In general better efficiency and
secrecy can be provided for group sharing by applying above
approaches.
Security Check in Cloud Computing through Third Party Auditorijsrd.com
In cloud computing, data owners crowd their data on cloud servers and users (data consumers) can access the data from cloud servers. Due to the data outsourcing, however, it requires an independent auditing service to check the data integrity in the cloud. Some existing remote integrity checking method scan only serve for static records data. Thus, cannot be used in the auditing service since the data in the cloud can be animatedly updated. Thus, an efficient and secure dynamic auditing protocol is required to convince data owners that the data are correctly stored in the cloud. In this paper, we first design an auditing framework for cloud storage systems for privacy-preserving auditing protocol. Then, we extend our auditing protocol to support the data dynamic operations, which is efficient to secure the random model.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
5.[40 44]enhancing security in cloud computing
1. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol 1, No.1, 2011
Enhancing Security in Cloud Computing
Joshi Ashay Mukundrao (Corresponding author)
D.Y. Patil College Of Engineering, Akurdi, Pune University of Pune, Maharashtra, India
Tel: +918446356591 E-mail: ashay016@gmail.com
Galande Prakash Vikram
D.Y. Patil College Of Engineering, Akurdi, Pune, University of Pune, Maharashtra, India
Tel: +919422962961 E-mail: prakashgalande21@gmail.com
Abstract
Cloud computing is emerging field because of its performance, high availability, least cost and many others. In
cloud computing, the data will be stored in storage provided by service providers. But still many business
companies are not willing to adopt cloud computing technology due to lack of proper security control policy and
weakness in safeguard which lead to many vulnerability in cloud computing.
This paper has been written to focus on the problem of data security. Service providers must have a viable way
to protect their clients’ data, especially to prevent the data from disclosure by unauthorized insiders. To ensure
the security of users’ data in the cloud, we propose an effective and flexible scheme with two salient features,
opposing to its predecessors. Avoiding unauthorized access to user’s data by signaling user by sending message
to his/her mobile number at the start of transaction. Displaying fake information in case of unsuccessful login
for avoiding further login trials by intrusion (Honeypot).
Keywords: Cloud Computing, Authentication, Honeypot
1. Introduction to system
Refer Figure 1
A common approach to protect user data is that user data is encrypted before it is stored. In a cloud computing
environment, a user’s data can also be stored following additional encryption, but if the storage and encryption
of a given user’s data is performed by the same service provider, the service provider’s internal staff (e.g.,
system administrators and authorized staff) can use their decryption keys and internal access privileges to access
user data. From the user’s perspective, this could put his stored data at risk of unauthorized disclosure.
In which if a user (either employee or anonymous) want to access the data if it belongs to protection then user
have to register itself (if he is already registered need not require further registration Now suppose the user
registered itself for accessing data, Organization will provide username and password for authentication. At the
same time organization sends the username to cloud provider. Request for access data
1. Request for access data
2. Send the signal to redirect person
3. Redirects
Now when user sends request along with username to access the data to cloud provider, the cloud provider first
check in which ring requested data belong. If authentication is required, it first checks the username in its own
directory for existence, if the username does not exist it ask the user to register itself. If the username matches it
redirect the request to company for authentication.
(1) Send password for authentication
(2) Redirect to access resource
(3) Request redirected
Now the user sends password for authentication, and after authentication it redirect the request to cloud provider
to access resource .If user-name and password doesn’t match then user is not allow to access their account. And
also in some case if hacker wants to hack the account of a perticular user then in that case hacker gets only the
fake database of the account i.e concept of Honeypot in which certain limit is there to access the account by
hitting the user-name and password, if limit become cross then hacker get’s the fake database.
40 | P a g e
www.iiste.org
2. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol 1, No.1, 2011
2. Literature Survey
The Internet began to grow rapidly in the 1990s and the increasingly sophisticated network infrastructure and
increased bandwidth developed in recent years has dramatically enhanced the stability of various application
services available to users through the Internet, thus marking the beginning of cloud computing network
services.
Previously many organizations tried to enhance their security for their security constraints, for their secure
database, for their secure web applications but they had not got success to achieve a high-level security for their
organizations.
Example- A commonwealth games website- It did not got the success to achieve the high security level as per
the user’s requests. it was totally failed down to handle the many requests at a once. it was failed down to
provide the online ticket booking facility to the user’s because of the hitting of many requests at a one time. So
that’s why there is need to provide the high level of security over the computing network, we have to use the
cloud computing .and provide better security over it.
Cloud computing services use the Internet as a transmission medium and transform information technology
resources into services for end-users, including software services, computing platform services, development
platform services, and basic infrastructure leasing. As a concept, cloud computing primary significance lies in
allowing the end user to access computation resources through the Internet. Vaquero, Rodero-Merino, Caceres,
and Lindner suggested that cloud computing could be defined as the integration of virtual resources according to
user requirements, flexibly combining resources including hardware, development platforms and various
applications to create services. The special features of cloud computing include the storage of user data in the
cloud and the lack of any need for software installation on the client side. As long as the user is able to connect
to the Internet, all of the hardware resources in the cloud can be used as client-side infrastructure. Generally
speaking, cloud computing applications are demand-driven, providing various services according to user
requirements, and service providers charge by metered time, instances of use, or defined period.
Common methods for protecting user data include encryption prior to storage, user authentication procedures
prior to storage or retrieval, and building secure channels for data transmission. These protection methods
normally require cryptography algorithms and digital signature techniques, as explained below. Common data
encryption methods include symmetric and asymmetric cryptography algorithms. Symmetric cryptography is
used in the U.S. Federal Information Processing Standard’s (FIPS) Triple Data Encryption Algorithm (TDEA,
also known as Triple-DES or 3DES) or 197 Advanced Encryption Standard (AES) and others. This type of
encryption and decryption process uses a secret key. Asymmetric cryptography, on the other hand, uses two
different keys, a “public key” for encryption, and a “private key” for decryption. Examples include RSA
cryptography and Elliptic Curve Cryptography (ECC). Generally speaking, symmetric cryptography is more
efficient, and is suitable for encrypting large volumes of data. Asymmetric cryptography requires more
computation time and is used for the decryption keys required for symmetric cryptography. The use of
passwords as an authentication process is more familiar to general users, but messages sent by the user are
vulnerable to surreptitious recording by hackers who can then use the data in the message to log into the service
as the user. In more advanced authentication systems, the system side will generate a random number to send the
user a challenge message, requesting the user to transmit an encrypted response message in reply to the
challenge message, thus authenticating that the user has the correct encryption key. Without this key, the user
will not be allowed access. In the process of challenge and response the client’s encrypted key uses the client’s
password to convert a derived value and. In this program, each communication between the client and server is
unique, and a hacker using an old message would fail to access the system. In addition, the One-Time Password
(OTP) authentication system differs from most peoples’ conception of a password[13]. Most people understand
a password to be a password chosen by the user to be meaningful, and can be used again and again. The
emphasis of OTP, however is the single-use nature of the password. After receiving authentication from the user,
the system side must create a secure transmission channel to exchange information with the user. The Secure
Sockets Layer (SSL) is a common method of building secure channels[14], primarily using RSA encryption to
transmit the secret keys needed for the both sides to encrypt and decrypt data transmitted between them.
3. Cloud Computing
41 | P a g e
www.iiste.org
3. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol 1, No.1, 2011
Cloud computing provides computation, software, data access, and storage services that do not require end-user
knowledge of the physical location and configuration of the system that delivers the services. Parallels to this
concept can be drawn with the electricity grid, wherein end-users consume power without needing to understand
the component devices or infrastructure required to provide the service.
Cloud computing describes a new supplement, consumption, and delivery model for IT services based on
Internet protocols, and it typically involves provisioning of dynamically scalable and often virtualized resources.
It is a byproduct and consequence of the ease-of-access to remote computing sites provided by the Internet. This
may take the form of web-based tools or applications that users can access and use through a web browser as if
the programs were installed locally on their own computers.
Cloud computing providers deliver applications via the internet, which are accessed from a web browser, while
the business software and data are stored on servers at a remote location. In some cases, legacy applications
(line of business applications that until now have been prevalent in thin client Windows computing) are
delivered via a screen-sharing technology, while the computing resources are consolidated at a remote data
center location. Most cloud computing infrastructures consist of services delivered through shared data-centers
and appearing as a single point of access for consumers' computing needs. Commercial offerings may be
required to meet service-level agreements (SLAs), but specific terms are less often negotiated by smaller
companies.
4. Essential Characteristics of system
4.1 On-demand self-service
A consumer can unilaterally provision computing capabilities, such as server time and network storage, as
needed automatically without requiring human interaction with each service’s provider.
4.2 Broad network access
Capabilities are available over the network and accessed through standard mechanisms that promote use by
heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and personal digital assistants
(PDAs)).
4.3 Resource pooling
The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with
different physical and virtual resources dynamically assigned and reassigned according to consumer demand.
There is a sense of location independence in that the subscriber generally has no control or knowledge over the
exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g.,
country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth,
and virtual machines.
4.4 Rapid elasticity
Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and
rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to
be unlimited and can be purchased in any quantity at any time.
4.5 Measured Service
Cloud systems automatically control and optimize resource use by leveraging a metering capability at some
level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user
accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the
provider and consumer of the utilized service.
5. Software Quality Attributes of system
42 | P a g e
www.iiste.org
4. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol 1, No.1, 2011
5.1 Information security
Information security pertains to protecting the confidentiality and integrity of data and ensuring data availability.
An organization that owns and runs its IT operations will normally take the following types of measures for its
data security:
• Organizational/Administrative controls specifying who can perform data related operations such
as creation, access, disclosure, transport, and destruction.
• Physical Controls relating to protecting storage media and the facilities housing storage devices.
• Technical Controls for Identity and Access Management (IAM), Encryption of data at rest and in
transit, and other data audit-handling compliance requirements.
When an organization subscribes to a cloud, all the data generated and processed will physically reside in
premises owned and operated by a provider. In this context, the fundamental issue is whether a subscriber can
obtain an assurance that a provider is implementing the same or equivalent controls as to what the subscriber
would have implemented. The following issues arise when a subscriber is trying to ensure coverage for these
controls:
• Compliance requirements, with regard to data that a subscriber is intending to move to a cloud,
may call for specific levels and granularities of audit logging, generation of alerts, activity
reporting, and data retention.
• For encryption of data at rest, the strength of the encryption algorithm suite, the key
management schemes a provider supports, and the number of keys for each data owner
(individual or shared keys) should be known by the data owners. Data processed in a public
cloud and applications running in a public cloud may experience different security exposures
than would be the case in an onsite hosted environment.
5.2 Data Privacy
Privacy addresses the confidentiality of data for specific entities, such as subscribers or others whose
information is processed in a system. Privacy carries legal and liability concerns, and should be viewed not only
as a technical challenge but also as a legal and ethical concern. Protecting privacy in any computing system is a
technical challenge; in a cloud setting this challenge is complicated by the distributed nature of clouds and the
possible lack of subscriber awareness over where data is stored and who has or can have access.
5.3 System Integrity
Clouds require protection against intentional subversion or sabotage of the functionality of a cloud. Within a
cloud there are stakeholders: subscribers, providers, and a variety of administrators. The ability to partition
access rights to each of these groups, while keeping malicious attacks at bay, is a key attribute of maintaining
cloud integrity. In a cloud setting, any lack of visibility into a cloud's mechanisms makes it more difficult for
subscribers to check the integrity of cloud-hosted applications.
6. System Features
6.1 Web Service
Creating web service that facilitates Encryption & Decryption of data using specified algorithm.
6.2 Client side console
The user can access functionality of Cryptography services through client console.
6.3 Server Console
Software’s installation & s/w functionalities are executed on server side.
7. Advantages of system
• Scalability
• Remote Accessibility
43 | P a g e
www.iiste.org
5. Information and Knowledge Management www.iiste.org
ISSN 2224-5758 (Paper) ISSN 2224-896X (Online)
Vol 1, No.1, 2011
• Quality of Service
• Security & Backup
• Cost & Efficiency
8. Conclusion
This paper proposes a more effective and flexible distributed verification scheme to address the data storage
security issue in cloud computing. As it rely on the cryptography algorithms [RSA] and digital signature
techniques, for protecting user data include encryption prior to storage, user authentication procedures prior to
storage or retrieval, and building secure channels for data transmission.
This method achieves the availability, reliability and integrity of erasure coded data and simultaneously
identifies misbehaving servers i.e. whenever data corruptions will occur during the storage correctness
verification, this method should
Identifies the misbehaving servers, Through detailed performance analysis, it show that the scheme should
provide more security to user’s data in cloud computing against failure, unauthorized data modification attacks
and even server colluding attacks
9. References
"AWS Security Whitepaper," http://s3.amazonaws.com/
aws_blog/AWS_Security_Whitepaper_2008_09.pdf
"Cloud Computing Security: Raining On The Trendy New Parade," Black Hat USA 2009,
www.isecpartners.com/files/Cloud.BlackHat2009-iSEC.pdf
“ENISACloudComputingRiskAssessment,”November20th,2009,
www.enisa.europa.eu/act/rm/files/deliverables/
cloud-computing-risk-assessment/at_download/fullReport
"Encrypted Storage and Key Management for the cloud". Cryptoclarity.com. 2009-07-30. Retrieved 2010-08-
22. http://www.csrc.nist.gov/groups/SNS/cloud-computing/
Cloud-computing-v26.ppt
http://www.amazon.com/Enterprise-Cloud-Computing-Architecture Applications/
On technical security issues in cloud computing, Meiko Jensen etal, 2009
Van Brussel, H., Wyns, J., Valckenaers, P., Bongaerts, L. & Peters, P. (1998), “Reference Architecture for
Holonic Manufacturing Systems: PROSA”, Computers in Industry 37(3), 255-274.
Figure no.1
44 | P a g e
www.iiste.org