SlideShare a Scribd company logo

Cloud as Gift

Download as PPT, PDF
surya singh
surya singh

Cloud as a Gift: Effectively Exploiting Personal Cloud Free Accounts via Rest APIs

Engineering
1 of 35
Team: Surya Prakash Singh (2014H112186p) Nishant kumar (2014H112193p) Cloud as a Gift: Effectively Exploiting Personal Cloud Free Accounts via Rest APIs
 Introduction  Problem  Storage Leeching Problem  Rest Architecture in cloud  Problem Motivation  Simple Cost Model  Boxleech  Possible Solutions  Conclusion  References Contents
 Personal Clouds, such as DropBox and Box, provide open REST APIs for developers to create clever applications that make their service even more attractive.  These APIs are a powerful abstraction that makes it possible for applications to transparently manage data from user accounts, blurring the lines between a Personal Cloud service and storage IaaS.  Personal Clouds also offer free accounts to lure new users, that normally include reduced storage space and unlimited transfers Introduction
5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs  Personal Clouds offer free accounts to lure new customers and gain market share  Provide open REST APIs for developers to create clever applications that make their service even more attractive. From a functional viewpoint, these APIs enable an application to upload/download files to/from user account
5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account
5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account BoxBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account
5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account BoxBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account SugarSyncSugarSync REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account
Problem 5 GB free account 5 GB free account DropBoxDropBox 45 Gb45 Gb REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account BoxBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account SugarSyncSugarSync REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account Abusive Application Abusive Application
Storage Leeching Problem
 Provide Software interface to connect and consume services in various ways.  Interface multiple systems.  Service offering to third party clients and allow to build application. Ex: Login By Facebook, Twitter, Sharing on Social Media  Provide support in heterogeneous ecosystems  Abstract away business logic so that ecosystems of services can easily connect and work. Why REST in the cloud??
REST Architecture in cloud
Example: Google REST Services
Step 1: Client Application Originate Request For Resources Step 2: Redirect to “Server” for authorization Step 3: Response is from server domain asking resources owner to authenticate ( Enter credential Username and Password) Step 4: Resources owner authenticate Step 5: Server issue token to client Step 6: Client confirms access and access services through issued token OAuth2.0
Entities OAuth 2.0 User Agent Web Browser Authorization Request Application Token Request Access Request Authorization Server Resources Server
 Economic Impact of Storage Leeching Problem Motivation
 User arrive to the system and start using a certain abusive application that benefits from storage leeching.  Consider discrete time intervals (denoted by n) of duration ∆ .  Let λdenotes the average rate of new user arrivals per time interval.  μDenotes the average rate at which user permanently leaves the system Simple Cost Model
 Number of alive user abusing the system at time n will given as N(n) = N(0) + nλ − nμ, where λ ≥ μ  Where N(0) represents the initial number of users which are already in the system.
 The fraction of users that creates storage accounts of size a when they arrive to the system is defined by fs [0,1]∈  We assumes that once user creates an account, he does not cancel it after he leaves the system.  So the maximum amount of available storage (Sa) at time n is Sa(n)=n·λ·fs ·a
 Storage consumption at time n will be given as:  Where s is the average storage consumption per user at every time interval. Sc(n) = N(i) ∗ si=0 n ∑
 Download traffic is given by:  Where d is the average amount of consumed download traffic per time-slot n by every user . D(n) = N(i) ∗ di=0 n ∑
 So overall monetary cost : C(n)=Sc(n)*cs +D(n)*cd  Where cs represent the monetary cost per storage unit and time interval, and cd the price of downloading a unit of data.
 The number of user arrivals, namely λ, is one of the most important factors re- garding the monetary costs of storage leeching  We observe that a small number of active users (4, 500) illicitly consume an amount of resources equivalent to $2,670 after 90 days  In case of a large-scale abuse, these costs may reach dramatic numbers at short or medium term (e.g. $0.81M)
 Boxleech is a proof-of-concept file-sharing application able to disseminate illegal or copyrighted content by abusing Personal Clouds.  It aggregates free accounts from multiple Personal Clouds into a single storage unit that can be freely accessed by users interested in a certain content Boxleech :an abusive file sharing application
 The design of Boxleech can be divided into three main blocks: data management, metadata and, chunk assignment.
 Boxleech splits every file into chunks of up to 100MB in size  There were three good reasons for this:  To surpass the file size limitations commonly imposed in the REST API access to free accounts  To exploit storage diversity by allocating chunks of the same file to different Personal Clouds and  To make it impossible for a single provider to store an entire copy of an illicit content.  Locally Boxleech maintain an index. Data Management
index table id Storage Provider 1 Storage Provider 2 Storage Provider 3 … File 1 Chunk_11, Chunk_1 2 -------- ------ File 2 ------- Chunk_2 1 Chunk_2 2 File 1File 1 Chunk_1 1Chunk_1 1 Chunk_2 2Chunk_2 2 Chunk_1 2Chunk_1 2 Chunk_2 1Chunk_2 1 Storage Provider 1 Storage Provider 1 Storage Provider 2 Storage Provider 2 Storage Provider 3 Storage Provider 3 File 2File 2
 The objective of Boxleech metadata files (.boxleech) is to map a set of chunks corresponding to the same content to their location in diverse Personal Cloud accounts.  A metadata file is formed by a set of rows . Metadata chunk id order provider access credentials
 Round Robin (RR)  Upload/Download Proportional (UP, DP) Chunk Assignment
 Enforce accountable user identities Introduce filters in the creation of free account such as phone number, Human Intervention  Expiration time for developer applications To discourage malicious users to exploit open APIs as a durable storage substrate, we believe that introducing expiration mechanisms to both developer applications and the related free accounts could be an effective countermeasure.  Identify anomalous workloads Personal Clouds could benefit from research efforts focused on identifying fraudulent resource consumption to detect abuse in storage accounts related to developer applications Possible Solutions
To lure customers and developers, Personal Clouds provide open REST APIs to create new applications that make their service even more attractive. However, the unintended consequence of this strategy is that it is very easy for a user to abuse the service by aggregating free accounts, from one or several providers, to obtain a high-quality storage service, what we term as the storage leeching problem. Conclusions
 [1] F. Research, “The personal cloud: Transforming personal  computing, mobile, and web markets,” 2011. [Online]. Available:  http://www.forrester.com/rb/Research/personal cloud transforming personal computing%2C mobile %2C and/q/id/57403/t/2  [2] [Online]. Available: http://en.wikipedia.org/wiki/Dropbox (service)  [3] M. Jensen, N. Gruschka, and R. Herkenh¨oner, “A survey of attacks on web services,” Computer Science - Research and Development, vol. 24, pp. 185–197, 2009.  [4] “A survey on security issues in service delivery models of cloud computing,” Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1–11, 2011.  [5] J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “All your clouds are belong to us: security analysis of cloud management interfaces,” in ACM CCSW’11, 2011, pp. 3–14.  [6] L. Vaquero, L. Rodero-Merino, and D. Mor´an, “Locking the sky: asurvey on iaas cloud security,” Computing, vol. 91, pp. 93–118, 2011.  [7] J. Idziorek and M. Tannian, “Exploiting cloud utility models for profit and ruin,” in IEEE CLOUD’11, july 2011, pp. 33–40.  [8] J. Idziorek, M. Tannian, and D. Jacobson, “Attribution of fraudulent resource consumption in the cloud,” in IEEE CLOUD’12, 2012, pp. 99–106. References:
 [9] M. Mulazzani, S. Schrittwieser, M. Leithner, M. Huber, and E.Weippl., “Dark clouds on the horizon: Using cloud storage as attack vector and online slack space,” in USENIX Security, 2011, pp. 5–8.  [10] J. Srinivasan, W. Wei, X. Ma, and T. Yu, “Emfs: Email-based personal cloud storage,” in NAS’11, 2011, pp. 248–257.  [11] A. Traeger, N. Joukov, J. Sipek, and E. Zadok, “Using free web storage for data backup,” in StorageSS’06, 2006, pp. 73–78.  [12] H.-C. Chao, T.-J. Liu, K.-H. Chen, and C.-R. Dow, “A seamless and reliable distributed network file system utilizing webspace,” in WSE’08, 2008, pp. 65–68.  [13] E. Hammer-Lahav, “The OAuth 1.0 Protocol,” http://tools.ietf.org/html/ rfc5849, 2010.  [14] J. R. Douceur, “The sybil attack,” in IPTPS’01, 2002, pp. 251–260.  [15] R. Gracia-Tinedo, M. S´anchez-Artigas, A. Moreno-Mart´ınez, and P. Garc´ıa-L´opez, “FRIENDBOX: A Hybrid F2F Personal Storage Application,” in IEEE CLOUD’12, 2012, pp. 131–138.  [16] B. Cohen, “Incentives build robustness in bittorrent,” in Workshop on  Economics of Peer-to-Peer systems, vol. 6, 2003, pp. 68–72.  [17] D. Karger, E. Lehman, T. Leighton, R. Panigrahy, M. Levine, and D. Lewin, “Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the world wide web,” in ACM STOC’97, 1997, pp. 654–663. References:
Thank You

Recommended

Cloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIs
Cloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIsCloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIs
Cloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIsNishant Kumar
 
F01113945
F01113945F01113945
F01113945IOSR Journals
 
Ieeepro techno solutions 2014 ieee java project - query services in cost ef...
Ieeepro techno solutions 2014 ieee java project - query services in cost ef...Ieeepro techno solutions 2014 ieee java project - query services in cost ef...
Ieeepro techno solutions 2014 ieee java project - query services in cost ef...hemanthbbc
 
Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...
Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...
Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...rahulmonikasharma
 
Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...
Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...
Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...hemanthbbc
 
Improving Efficiency of Security in Multi-Cloud
Improving Efficiency of Security in Multi-CloudImproving Efficiency of Security in Multi-Cloud
Improving Efficiency of Security in Multi-CloudIJTET Journal
 
Cc unit 2 updated
Cc unit 2 updatedCc unit 2 updated
Cc unit 2 updatedDr. Radhey Shyam
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 

Recommended

Cloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIs
Cloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIsCloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIs
Cloud as a GIFT: Exploiting Personal Cloud Free Accounts via Rest APIsNishant Kumar
 
F01113945
F01113945F01113945
F01113945IOSR Journals
 
Ieeepro techno solutions 2014 ieee java project - query services in cost ef...
Ieeepro techno solutions 2014 ieee java project - query services in cost ef...Ieeepro techno solutions 2014 ieee java project - query services in cost ef...
Ieeepro techno solutions 2014 ieee java project - query services in cost ef...hemanthbbc
 
Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...
Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...
Secure Data Sharing in Cloud Computing using Revocable Storage Identity- Base...rahulmonikasharma
 
Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...
Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...
Ieeepro techno solutions 2014 ieee java project -key-aggregate cryptosystem...hemanthbbc
 
Improving Efficiency of Security in Multi-Cloud
Improving Efficiency of Security in Multi-CloudImproving Efficiency of Security in Multi-Cloud
Improving Efficiency of Security in Multi-CloudIJTET Journal
 
Cc unit 2 updated
Cc unit 2 updatedCc unit 2 updated
Cc unit 2 updatedDr. Radhey Shyam
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 
Fast Synchronization In IVR Using REST API For HTML5 And AJAX
Fast Synchronization In IVR Using REST API For HTML5 And AJAXFast Synchronization In IVR Using REST API For HTML5 And AJAX
Fast Synchronization In IVR Using REST API For HTML5 And AJAXIJERA Editor
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMijsrd.com
 
Cc unit 3 updated version
Cc unit 3 updated versionCc unit 3 updated version
Cc unit 3 updated versionDr. Radhey Shyam
 
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...dbpublications
 
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET Journal
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET Journal
 
Cc unit 1 updated
Cc unit 1 updatedCc unit 1 updated
Cc unit 1 updatedDr. Radhey Shyam
 
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...dbpublications
 
Improved Data Integrity Protection Regenerating-Coding Based Cloud Storage
Improved Data Integrity Protection Regenerating-Coding Based Cloud StorageImproved Data Integrity Protection Regenerating-Coding Based Cloud Storage
Improved Data Integrity Protection Regenerating-Coding Based Cloud StorageIJSRD
 
Improving security for data migration in cloud computing using randomized enc...
Improving security for data migration in cloud computing using randomized enc...Improving security for data migration in cloud computing using randomized enc...
Improving security for data migration in cloud computing using randomized enc...IOSR Journals
 
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGSURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGEditor IJMTER
 
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIESijcsit
 
Secure Outsourcing Mechanism for Linear Programming in Cloud Computing
Secure Outsourcing Mechanism for Linear Programming in Cloud ComputingSecure Outsourcing Mechanism for Linear Programming in Cloud Computing
Secure Outsourcing Mechanism for Linear Programming in Cloud ComputingIJMER
 
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...Shakas Technologies
 
Implementing security groups in open stack
Implementing security groups in open stackImplementing security groups in open stack
Implementing security groups in open stackRishabh Agarwal
 
Cyber forensics in cloud computing
Cyber forensics in cloud computingCyber forensics in cloud computing
Cyber forensics in cloud computingAlexander Decker
 
Cloud Computing:An Economic Solution for Libraries
Cloud Computing:An Economic Solution for LibrariesCloud Computing:An Economic Solution for Libraries
Cloud Computing:An Economic Solution for LibrariesAmit Shaw
 
Colloquium Report
Colloquium ReportColloquium Report
Colloquium ReportDeepak Kumar
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET Journal
 
Ijetcas14 424
Ijetcas14 424Ijetcas14 424
Ijetcas14 424Iasir Journals
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 
Cloud computing white paper
Cloud computing white paperCloud computing white paper
Cloud computing white paperVaneesh Bahl
 

More Related Content

What's hot

Fast Synchronization In IVR Using REST API For HTML5 And AJAX
Fast Synchronization In IVR Using REST API For HTML5 And AJAXFast Synchronization In IVR Using REST API For HTML5 And AJAX
Fast Synchronization In IVR Using REST API For HTML5 And AJAXIJERA Editor
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMijsrd.com
 
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...dbpublications
 
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET Journal
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET Journal
 
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...dbpublications
 
Improved Data Integrity Protection Regenerating-Coding Based Cloud Storage
Improved Data Integrity Protection Regenerating-Coding Based Cloud StorageImproved Data Integrity Protection Regenerating-Coding Based Cloud Storage
Improved Data Integrity Protection Regenerating-Coding Based Cloud StorageIJSRD
 
Improving security for data migration in cloud computing using randomized enc...
Improving security for data migration in cloud computing using randomized enc...Improving security for data migration in cloud computing using randomized enc...
Improving security for data migration in cloud computing using randomized enc...IOSR Journals
 
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGSURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGEditor IJMTER
 
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIESijcsit
 
Secure Outsourcing Mechanism for Linear Programming in Cloud Computing
Secure Outsourcing Mechanism for Linear Programming in Cloud ComputingSecure Outsourcing Mechanism for Linear Programming in Cloud Computing
Secure Outsourcing Mechanism for Linear Programming in Cloud ComputingIJMER
 
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...Shakas Technologies
 
Implementing security groups in open stack
Implementing security groups in open stackImplementing security groups in open stack
Implementing security groups in open stackRishabh Agarwal
 
Cyber forensics in cloud computing
Cyber forensics in cloud computingCyber forensics in cloud computing
Cyber forensics in cloud computingAlexander Decker
 

What's hot (16)

Fast Synchronization In IVR Using REST API For HTML5 And AJAX
Fast Synchronization In IVR Using REST API For HTML5 And AJAXFast Synchronization In IVR Using REST API For HTML5 And AJAX
Fast Synchronization In IVR Using REST API For HTML5 And AJAX
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
 
Cc unit 3 updated version
Cc unit 3 updated versionCc unit 3 updated version
Cc unit 3 updated version
 
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
 
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud Storage
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
 
Cc unit 1 updated
Cc unit 1 updatedCc unit 1 updated
Cc unit 1 updated
 
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...
A Survey: Hybrid Job-Driven Meta Data Scheduling for Data storage with Intern...
 
Improved Data Integrity Protection Regenerating-Coding Based Cloud Storage
Improved Data Integrity Protection Regenerating-Coding Based Cloud StorageImproved Data Integrity Protection Regenerating-Coding Based Cloud Storage
Improved Data Integrity Protection Regenerating-Coding Based Cloud Storage
 
Improving security for data migration in cloud computing using randomized enc...
Improving security for data migration in cloud computing using randomized enc...Improving security for data migration in cloud computing using randomized enc...
Improving security for data migration in cloud computing using randomized enc...
 
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGSURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
 
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES
SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES
 
Secure Outsourcing Mechanism for Linear Programming in Cloud Computing
Secure Outsourcing Mechanism for Linear Programming in Cloud ComputingSecure Outsourcing Mechanism for Linear Programming in Cloud Computing
Secure Outsourcing Mechanism for Linear Programming in Cloud Computing
 
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...
SECURE OPTIMIZATION COMPUTATION OUTSOURCING IN CLOUD COMPUTING: A CASE STUDY ...
 
Implementing security groups in open stack
Implementing security groups in open stackImplementing security groups in open stack
Implementing security groups in open stack
 
Cyber forensics in cloud computing
Cyber forensics in cloud computingCyber forensics in cloud computing
Cyber forensics in cloud computing
 

Similar to Cloud as Gift

Cloud Computing:An Economic Solution for Libraries
Cloud Computing:An Economic Solution for LibrariesCloud Computing:An Economic Solution for Libraries
Cloud Computing:An Economic Solution for LibrariesAmit Shaw
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET Journal
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 
Cloud computing white paper
Cloud computing white paperCloud computing white paper
Cloud computing white paperVaneesh Bahl
 
Current services in cloud computing a survey
Current services in cloud computing a surveyCurrent services in cloud computing a survey
Current services in cloud computing a surveyijcseit
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computingkevnikool
 
Review and Classification of Cloud Computing Research
Review and Classification of Cloud Computing ResearchReview and Classification of Cloud Computing Research
Review and Classification of Cloud Computing Researchiosrjce
 
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
 
Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...
Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...
Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...IJIR JOURNALS IJIRUSA
 
International Journal of Computer Science, Engineering and Information Techno...
International Journal of Computer Science, Engineering and Information Techno...International Journal of Computer Science, Engineering and Information Techno...
International Journal of Computer Science, Engineering and Information Techno...ijcseit
 
CURRENT SERVICES IN CLOUD COMPUTING: A SURVEY
CURRENT SERVICES IN CLOUD COMPUTING: A SURVEYCURRENT SERVICES IN CLOUD COMPUTING: A SURVEY
CURRENT SERVICES IN CLOUD COMPUTING: A SURVEYijcseit
 
Managing Large Flask Applications On Google App Engine (GAE)
Managing Large Flask Applications On Google App Engine (GAE)Managing Large Flask Applications On Google App Engine (GAE)
Managing Large Flask Applications On Google App Engine (GAE)Emmanuel Olowosulu
 
The Cloud Computing Strategy Of Xyz Manufacturing
The Cloud Computing Strategy Of Xyz ManufacturingThe Cloud Computing Strategy Of Xyz Manufacturing
The Cloud Computing Strategy Of Xyz ManufacturingMindi Schneider
 
11.cyber forensics in cloud computing
11.cyber forensics in cloud computing11.cyber forensics in cloud computing
11.cyber forensics in cloud computingAlexander Decker
 
Introduction to aneka cloud
Introduction to aneka cloudIntroduction to aneka cloud
Introduction to aneka cloudssuser84183f
 

Similar to Cloud as Gift (20)

Cloud Computing:An Economic Solution for Libraries
Cloud Computing:An Economic Solution for LibrariesCloud Computing:An Economic Solution for Libraries
Cloud Computing:An Economic Solution for Libraries
 
Colloquium Report
Colloquium ReportColloquium Report
Colloquium Report
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
 
Ijetcas14 424
Ijetcas14 424Ijetcas14 424
Ijetcas14 424
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)
 
Cloud computing white paper
Cloud computing white paperCloud computing white paper
Cloud computing white paper
 
Current services in cloud computing a survey
Current services in cloud computing a surveyCurrent services in cloud computing a survey
Current services in cloud computing a survey
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computing
 
Review and Classification of Cloud Computing Research
Review and Classification of Cloud Computing ResearchReview and Classification of Cloud Computing Research
Review and Classification of Cloud Computing Research
 
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
 
A017620123
A017620123A017620123
A017620123
 
Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...
Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...
Ijirsm choudhari-priyanka-backup-and-restore-in-smartphone-using-mobile-cloud...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
International Journal of Computer Science, Engineering and Information Techno...
International Journal of Computer Science, Engineering and Information Techno...International Journal of Computer Science, Engineering and Information Techno...
International Journal of Computer Science, Engineering and Information Techno...
 
CURRENT SERVICES IN CLOUD COMPUTING: A SURVEY
CURRENT SERVICES IN CLOUD COMPUTING: A SURVEYCURRENT SERVICES IN CLOUD COMPUTING: A SURVEY
CURRENT SERVICES IN CLOUD COMPUTING: A SURVEY
 
Managing Large Flask Applications On Google App Engine (GAE)
Managing Large Flask Applications On Google App Engine (GAE)Managing Large Flask Applications On Google App Engine (GAE)
Managing Large Flask Applications On Google App Engine (GAE)
 
The Cloud Computing Strategy Of Xyz Manufacturing
The Cloud Computing Strategy Of Xyz ManufacturingThe Cloud Computing Strategy Of Xyz Manufacturing
The Cloud Computing Strategy Of Xyz Manufacturing
 
11.cyber forensics in cloud computing
11.cyber forensics in cloud computing11.cyber forensics in cloud computing
11.cyber forensics in cloud computing
 
CLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxCLOUD COMPUTING.pptx
CLOUD COMPUTING.pptx
 
Introduction to aneka cloud
Introduction to aneka cloudIntroduction to aneka cloud
Introduction to aneka cloud
 

Recently uploaded

Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2RajaP95
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and usesDevarapalliHaritha
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxvipinkmenon1
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingjaychoudhary37
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 

Recently uploaded (20)

Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and uses
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptx
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacing
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 

Cloud as Gift

  • 1. Team: Surya Prakash Singh (2014H112186p) Nishant kumar (2014H112193p) Cloud as a Gift: Effectively Exploiting Personal Cloud Free Accounts via Rest APIs
  • 2.  Introduction  Problem  Storage Leeching Problem  Rest Architecture in cloud  Problem Motivation  Simple Cost Model  Boxleech  Possible Solutions  Conclusion  References Contents
  • 3.  Personal Clouds, such as DropBox and Box, provide open REST APIs for developers to create clever applications that make their service even more attractive.  These APIs are a powerful abstraction that makes it possible for applications to transparently manage data from user accounts, blurring the lines between a Personal Cloud service and storage IaaS.  Personal Clouds also offer free accounts to lure new users, that normally include reduced storage space and unlimited transfers Introduction
  • 4. 5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs  Personal Clouds offer free accounts to lure new customers and gain market share  Provide open REST APIs for developers to create clever applications that make their service even more attractive. From a functional viewpoint, these APIs enable an application to upload/download files to/from user account
  • 5. 5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account
  • 6. 5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account BoxBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account
  • 7. 5 GB free account 5 GB free account DropBoxDropBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account BoxBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account SugarSyncSugarSync REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account
  • 8. Problem 5 GB free account 5 GB free account DropBoxDropBox 45 Gb45 Gb REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account BoxBox REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account 5 GB free account SugarSyncSugarSync REST APIsREST APIs 5 GB free account 5 GB free account 5 GB free account 5 GB free account Abusive Application Abusive Application
  • 10.  Provide Software interface to connect and consume services in various ways.  Interface multiple systems.  Service offering to third party clients and allow to build application. Ex: Login By Facebook, Twitter, Sharing on Social Media  Provide support in heterogeneous ecosystems  Abstract away business logic so that ecosystems of services can easily connect and work. Why REST in the cloud??
  • 13. Step 1: Client Application Originate Request For Resources Step 2: Redirect to “Server” for authorization Step 3: Response is from server domain asking resources owner to authenticate ( Enter credential Username and Password) Step 4: Resources owner authenticate Step 5: Server issue token to client Step 6: Client confirms access and access services through issued token OAuth2.0
  • 14. Entities OAuth 2.0 User Agent Web Browser Authorization Request Application Token Request Access Request Authorization Server Resources Server
  • 15.  Economic Impact of Storage Leeching Problem Motivation
  • 16.  User arrive to the system and start using a certain abusive application that benefits from storage leeching.  Consider discrete time intervals (denoted by n) of duration ∆ .  Let λdenotes the average rate of new user arrivals per time interval.  μDenotes the average rate at which user permanently leaves the system Simple Cost Model
  • 17.  Number of alive user abusing the system at time n will given as N(n) = N(0) + nλ − nμ, where λ ≥ μ  Where N(0) represents the initial number of users which are already in the system.
  • 18.  The fraction of users that creates storage accounts of size a when they arrive to the system is defined by fs [0,1]∈  We assumes that once user creates an account, he does not cancel it after he leaves the system.  So the maximum amount of available storage (Sa) at time n is Sa(n)=n·λ·fs ·a
  • 19.  Storage consumption at time n will be given as:  Where s is the average storage consumption per user at every time interval. Sc(n) = N(i) ∗ si=0 n ∑
  • 20.  Download traffic is given by:  Where d is the average amount of consumed download traffic per time-slot n by every user . D(n) = N(i) ∗ di=0 n ∑
  • 21.  So overall monetary cost : C(n)=Sc(n)*cs +D(n)*cd  Where cs represent the monetary cost per storage unit and time interval, and cd the price of downloading a unit of data.
  • 22.  The number of user arrivals, namely λ, is one of the most important factors re- garding the monetary costs of storage leeching  We observe that a small number of active users (4, 500) illicitly consume an amount of resources equivalent to $2,670 after 90 days  In case of a large-scale abuse, these costs may reach dramatic numbers at short or medium term (e.g. $0.81M)
  • 23.
  • 24.  Boxleech is a proof-of-concept file-sharing application able to disseminate illegal or copyrighted content by abusing Personal Clouds.  It aggregates free accounts from multiple Personal Clouds into a single storage unit that can be freely accessed by users interested in a certain content Boxleech :an abusive file sharing application
  • 25.  The design of Boxleech can be divided into three main blocks: data management, metadata and, chunk assignment.
  • 26.  Boxleech splits every file into chunks of up to 100MB in size  There were three good reasons for this:  To surpass the file size limitations commonly imposed in the REST API access to free accounts  To exploit storage diversity by allocating chunks of the same file to different Personal Clouds and  To make it impossible for a single provider to store an entire copy of an illicit content.  Locally Boxleech maintain an index. Data Management
  • 27. index table id Storage Provider 1 Storage Provider 2 Storage Provider 3 … File 1 Chunk_11, Chunk_1 2 -------- ------ File 2 ------- Chunk_2 1 Chunk_2 2 File 1File 1 Chunk_1 1Chunk_1 1 Chunk_2 2Chunk_2 2 Chunk_1 2Chunk_1 2 Chunk_2 1Chunk_2 1 Storage Provider 1 Storage Provider 1 Storage Provider 2 Storage Provider 2 Storage Provider 3 Storage Provider 3 File 2File 2
  • 28.  The objective of Boxleech metadata files (.boxleech) is to map a set of chunks corresponding to the same content to their location in diverse Personal Cloud accounts.  A metadata file is formed by a set of rows . Metadata chunk id order provider access credentials
  • 29.  Round Robin (RR)  Upload/Download Proportional (UP, DP) Chunk Assignment
  • 30.
  • 31.  Enforce accountable user identities Introduce filters in the creation of free account such as phone number, Human Intervention  Expiration time for developer applications To discourage malicious users to exploit open APIs as a durable storage substrate, we believe that introducing expiration mechanisms to both developer applications and the related free accounts could be an effective countermeasure.  Identify anomalous workloads Personal Clouds could benefit from research efforts focused on identifying fraudulent resource consumption to detect abuse in storage accounts related to developer applications Possible Solutions
  • 32. To lure customers and developers, Personal Clouds provide open REST APIs to create new applications that make their service even more attractive. However, the unintended consequence of this strategy is that it is very easy for a user to abuse the service by aggregating free accounts, from one or several providers, to obtain a high-quality storage service, what we term as the storage leeching problem. Conclusions
  • 33.  [1] F. Research, “The personal cloud: Transforming personal  computing, mobile, and web markets,” 2011. [Online]. Available:  http://www.forrester.com/rb/Research/personal cloud transforming personal computing%2C mobile %2C and/q/id/57403/t/2  [2] [Online]. Available: http://en.wikipedia.org/wiki/Dropbox (service)  [3] M. Jensen, N. Gruschka, and R. Herkenh¨oner, “A survey of attacks on web services,” Computer Science - Research and Development, vol. 24, pp. 185–197, 2009.  [4] “A survey on security issues in service delivery models of cloud computing,” Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1–11, 2011.  [5] J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “All your clouds are belong to us: security analysis of cloud management interfaces,” in ACM CCSW’11, 2011, pp. 3–14.  [6] L. Vaquero, L. Rodero-Merino, and D. Mor´an, “Locking the sky: asurvey on iaas cloud security,” Computing, vol. 91, pp. 93–118, 2011.  [7] J. Idziorek and M. Tannian, “Exploiting cloud utility models for profit and ruin,” in IEEE CLOUD’11, july 2011, pp. 33–40.  [8] J. Idziorek, M. Tannian, and D. Jacobson, “Attribution of fraudulent resource consumption in the cloud,” in IEEE CLOUD’12, 2012, pp. 99–106. References:
  • 34.  [9] M. Mulazzani, S. Schrittwieser, M. Leithner, M. Huber, and E.Weippl., “Dark clouds on the horizon: Using cloud storage as attack vector and online slack space,” in USENIX Security, 2011, pp. 5–8.  [10] J. Srinivasan, W. Wei, X. Ma, and T. Yu, “Emfs: Email-based personal cloud storage,” in NAS’11, 2011, pp. 248–257.  [11] A. Traeger, N. Joukov, J. Sipek, and E. Zadok, “Using free web storage for data backup,” in StorageSS’06, 2006, pp. 73–78.  [12] H.-C. Chao, T.-J. Liu, K.-H. Chen, and C.-R. Dow, “A seamless and reliable distributed network file system utilizing webspace,” in WSE’08, 2008, pp. 65–68.  [13] E. Hammer-Lahav, “The OAuth 1.0 Protocol,” http://tools.ietf.org/html/ rfc5849, 2010.  [14] J. R. Douceur, “The sybil attack,” in IPTPS’01, 2002, pp. 251–260.  [15] R. Gracia-Tinedo, M. S´anchez-Artigas, A. Moreno-Mart´ınez, and P. Garc´ıa-L´opez, “FRIENDBOX: A Hybrid F2F Personal Storage Application,” in IEEE CLOUD’12, 2012, pp. 131–138.  [16] B. Cohen, “Incentives build robustness in bittorrent,” in Workshop on  Economics of Peer-to-Peer systems, vol. 6, 2003, pp. 68–72.  [17] D. Karger, E. Lehman, T. Leighton, R. Panigrahy, M. Levine, and D. Lewin, “Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the world wide web,” in ACM STOC’97, 1997, pp. 654–663. References: