In general, the Cloud computing utilization becomes unavoidable in each and every data communication as well as the service sharing center with various applications. Based on the requirements, the clients are performing service selection (such as infrastructure, software or platforms) towards to fulfil their needs in optimized manner. Whenever the data is going to be stored in a third party network, it automatically brings a question mark for secure access along with its storage infrastructure. The security for data transaction between cloud service providers and cloud clients is forever carry with the help of crypto graphic algorithms either it may be an symmetric or asymmetric key generation mechanism with certain limitations . In this research paper implement a new approach for ensure the secure data transaction by using Orthogonal Handshaking Authentication Mechanism under cloud along with a proposed storage authentication protocol. It creates a roadmap for data retrieval progress of authenticated cloud users among the service access in cloud computing. Data on Cloud storage will get an encrypted format by using a symmetric key helps to maintain its security and authentication will provide the cloud data utilization with appropriate cloud users.

1. Implementation of Secure Cloud data Storage –Data Transaction by Using
an Orthogonal Hand Shaking Authentication Mechanism (OHSAM)
Dr.K.Subramanian #1
and M.Mohamed Sirajudeen#2(*)
#1
Department of Computer Science, H.H Raja College, Pudukottai, Tamil Nadu, India. {subjjcit@gmail.com}
#2
(*) Corresponding Author, Department of Computer Science, J.J College of Arts and Science, Pudukottai,
Tamil Nadu, India. {mdsirajudeen1@gmail.com}
ABSTRACT: In general, the Cloud computing utilization becomes unavoidable in each and every data
communication as well as the service sharing center with various applications. Based on the requirements, the
clients are performing service selection (such as infrastructure, software or platforms) towards to fulfil their
needs in optimized manner. Whenever the data is going to be stored in a third party network, it automatically
brings a question mark for secure access along with its storage infrastructure. The security for data transaction
between cloud service providers and cloud clients is forever carry with the help of crypto graphic algorithms
either it may be an symmetric or asymmetric key generation mechanism with certain limitations . In this
research paper implement a new approach for ensure the secure data transaction by using Orthogonal
Handshaking Authentication Mechanism under cloud along with a proposed storage authentication protocol. It
creates a roadmap for data retrieval progress of authenticated cloud users among the service access in cloud
computing. Data on Cloud storage will get an encrypted format by using a symmetric key helps to maintain its
security and authentication will provide the cloud data utilization with appropriate cloud users.
Key words: Security, Orthogonal, Key, Data and Authentication.
I. INTRODUCTION
In most of the circumstances, the data always
resides in the cloud data servers (CDS). It secures
with the help of cryptographic algorithms and
authentication mechanism for sharing among
different users through communication channels.
The functional architecture for each and every
security algorithm is based on its key (K)
management with different authentication
mechanism [1]. If the cloud data storage is
combined with symmetric key crypto algorithms
maintain, the same key for both encryptions (EK)
and decryptions (DK) in order to maintain its
secrecy over the communication channel. In
contrast, the asymmetric key algorithm maintains a
separate encryption (EK) and decryption key (DK)
as well as to make it any one of the key as public.
In most of the cases these secure mechanisms are
not providing any significant impact on its secure
access among the cloud data users [2]. In spite of ,
all the existing security algorithms (Julius Ceaser
Cipher, Transposition Cipher, RSA, DES, MD5),
the RSA (Rivest, Shamir, Aldimer) is used in many
occurrences regarding to ensure the security of
cloud data storage in effective and efficient manner
[3]. Security for the data storage as well as the
utilization of secure cloud storage is a challenging
task either in the public /private cloud
environments for the reason of the service
consumer/clients attempt themselves to do the data
transactions.
In private cloud, the service providers are always
ensure themselves a secure data storage
management or service allocation for the clients by
using any kind of authentication mechanism.
Anyhow, there will be numerous possibilities for
intruders attack on the data transaction by the third
party agents/intruders over the internet [4].
The major issues for the security in existing cloud
data in the cloud server is utilize the service via the
cloud may cause the problem of data loss. In
general, the extracted features for cloud computing
components are as follows:
Software as a Service (SaaS): Instead of
dedicated software applications for an
organization, everyone tries to utilize the
leased software product in cloud service
provisions. Growing demands in industry
push the clients to move towards the
software as a Service (SaaS) over the
communication channel [5].
Platform as a Service (PaaS): The cloud
computing progress take account of the
leased platforms for its concerns regarding
to utilize the internet based services over
the cloud service provision in the
communication channel. The PaaS service
model creates all of the conveniences
required to maintain the complete web
applications and services consumption [5].
Infrastructure as a Service (IaaS): The
competence makes available to the clients
in the provision of cluster servers ( Cloud
Service Providers) , processing units ,
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
221 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

2. storage infrastructures , communication
channel (Intranet or Internet) , and other
fundamental computing resources related
with build an Infrastructures residues
under Infrastructure as a Service (IaaS)
[5].
The general layered architecture for cloud data
storage comprises two major components are:
Application Interface and Access Layer. The access
layer acts an interface between the security
algorithms and cloud data storage. Simultaneously,
the application interface creates a bridge between
the data as well as the crypto-key mechanism with
the security algorithms. In general, the aspect of
data storage into the cloud servers or service
providers follow certain storage mechanism such as
sequential number generations , block allocations
and the corresponding link address to indicate the
succeeding memory locations [3]. Whenever the
data transfer from data owner into the cloud server
is always resides in the encryption format. If it is
required by cloud users/clients need to confirm its
authentication by using authentication mechanism.
The following diagram (Figure 1), illustrate cloud
memory storage architectural framework layout for
3x3 and every block is assigned by sequential
number in order to retrieve the required content
among the clients.
Figure 1 Cloud memory storage frame work for 3x3 CSP
Enterprise cloud data storage (Figure 2) is
comprised with the components of Data Processor,
Data Verifier and Pseudo-Random Number
generator between the client and cloud service
provider [6].
Figure 2 an enterprise Cloud Storage Architecture.
II. RELATED WORK
The cloud service users or clients send their request
to the cloud service providers (CSP) in order to get
service for either one of the service offered by
cloud such as: IaaS, PaaS and SaaS. The service
approval is required to get an authentication from
the Data owners in private cloud regarding to
ensure its secure data communication over the
network with the help of authentication protocols
[6]. The specified architectural framework (figure
3), the third party component (Authentication
Protocols) is act an interface between the cloud
service providers (CSP) and the data owners in
order to maintain the Block Allocation Sequential
Link Table (BASLT) and security control flow
towards the CSP. The BALST comprising the
following components:
Physical address: Used to specify the
location identification for cloud servers.
Index : An indication for
type of services is required by the cloud
clients.
Data : User original data in
textual format.
Link Address : The location for
succeeding or proceeding data location in
Cloud servers.
Figure 3 CSP Internal Storage Architecture with BALST
In most of the cloud storage architectural
specification with crypto algorithms includes the
major components such as: Storage Attached
Network (SAN), Network Attached Storage (NAS)
and Direct Attached Storage (DAS) [7]. All the
three technologies focus on only the secure concern
and not for cloud storage allocation mechanism [8].
Most of the storage allocation designed to maintain
the crypto form data on the cloud with different
geographical location and it’s utilized by varieties
of end users or cloud clients with the help of any
kind of authentication mechanism [9][10]. In order
to make a proper allotment of data store on cloud
server is a significant factor to determine the secure
cloud data transmission over the communication
channel and it includes the following
characteristics,
Error free data on cloud storage: It
provides the appropriate data block
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
222 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

3. allocation and carry on that error free data
service among all types of cloud service
users such as private, public and hybrid.
Easiest way to localize the misbehave on
cloud server: It powerfully modifies the
cloud server even if the cloud service is
not provoked in a proper manner by the
client’s infrastructure over the
communication channel. The link address
and physical location of cloud data is must
be a location transparency for cloud data.
Data Dependency: This attribute helps to
maintain a healthier data link among the
existing cloud data in the cloud service
provider.
Figure 4 Data Access via Clients from Cloud Service
Provider
In addition with the above researchers quote, the
following design goals are play an important role to
establish secure cloud data storage on CSP [9][10].
Encryption: The Encryption process is
used to secure the cloud data transmit over
the open communication channel. The
encryption is carried with any one of the
symmetric or asymmetric crypto
algorithms.
Updations on web server: In this
component relate with the web server
make proper updations brings an
uninterrupted cloud service over the
network.
Decryption: The Decryption is the reverse
process foe the data encryption work with
the help of key. The fetching key is done
by using a procedure for Data
Verification.
Data Verification: This procedure helps to
perform data store or retrieval on cloud
storage by using authentication or data
verification mechanism.
In general, most of the researchers contribute their
work regarding to secure the data storage on cloud
server or cloud service provider by using different
cryptographic algorithms (Symmetric Key and
Asymmetric Key). The principle of these cloud
data storage mechanism focus encrypted data (ED)
along with its key (EK) [7][8] is stored on same
server. Whenever the data is required by another
client or cloud user, it may access via
authentication [9]. The following figure 5
illustrates, the way of key authentication with the
server.
Figure 5 Key Authentications
Few research articles propose, a one-time session
key is generated by a Key Distribution mechanism
(KDM) for use in symmetric key encryption of a
single session between two parties. By using the
one-time session keys from the KDM, a user is
freed from having to establish a priori its own
shared key for each and every network entity with
whom it wishes to communicate. Instead, a user
need only have one shared secret key for
communicating with the KDM, and will receive
one-time session keys from the KDC for all of its
communication with other network entities [10].
Initially, the entire message or data is divided into a
number of discrete blocks (B). Instead of
authenticating each and every individual data or
message packets over the communication channel,
this approach is used to perform a group of certain
bit length messages or data together in to a block
(B).
At the moment, every block using certain
authentication procedure in order to provide a
cloud service as secure manner through the
network (Figure 6). The outline of authentication
algorithm by using block structure is given below
[14][15][16],
Figure 6 Existing Block storage in Cloud server
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
223 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

4. A. Auditing Algorithm Shell (AAS) :
Step 1 : Start with the initial message or
information.
Step 2 : Fake stream generation.
Step 3 : Merge the fake stream with
original message.
Step 4 : Store in to the cloud server.
Step 5 : Just reverse it to get original
text by using Decryption.
B. Matrix Encryption Algorithm(MEA):
Step 1 : Count the No. of character (N)
in the plain text without space.
Step 2 : Convert the plain text into
equivalent ASCII code. And form a square
matrix (S X S >=N).
Step 3 : Apply the converted ASCII
code value from left to right in the matrix.
Divide matrix into three part namely
upper, diagonal and lower matrix.
Step 4 : Read the value from right to left
in each matrix.
Step 5 : Each matrix uses three different
key K=K1, K2, K3 for encryption. Do the
encryption.
Step 6 : Apply the encrypted value into
the matrix in the same order of upper,
diagonal and lower.
Step 7 : Read the message b y column
by column. Here the order in the columns
read from the matrix is the key K4.
Step 8 : Convert the ASCII code into
character value.
C. Procedure Block_Authetication
Algorithm(PBAA) :
Step 1: Divide the original data or
message (M) into fixed size of Packets
(S).
Step 2: Group the specified number of
packets into a Block (B) as a fixed size or
variable –length size.
Step 3: Assign the authentication code
from any one of cryptographic algorithms.
Step 4: Do the authentication process by
using the key (K) at the time of receive
any request from cloud clients or users.
Step 5: If the Authentication process is
success, then provide the service,
otherwise to terminate from the request.
Limitations :
The followings major limitations are identified
from existing works related with secure the cloud
data storage and listed as follows,
The encrypted text and key is stored in same
cloud server [11].
There is no standardized mechanism for key
storage in existing cloud servers [13].
Every cloud storage concentrate on cloud crypto
format data storage only, not focus on the storage
mechanism [14].
The way of cloud encrypted data and its
appropriate will always stored on consecutive
locations over the communication channel [13].
The time consumption for authentication
mechanism will take longer time in order to
provide required data to the cloud users [15][16].
III. IMPLEMENTATION
The cloud data storage and secure mechanism for
cloud service utilization is carrying with the help of
Orthogonal Handshaking Authentication
Mechanism (OHSAM) (figure 5). In general, the
term “orthoganality” is generally referred to as
“Perpendicular with each other” working principles
on cloud data storage set.
Whenever the cloud services (SaaS, PaaS or IaaS)
is required by the cloud clients or user is initiated
with the steps for registration on the trusted third
party network. The registration process is
illustrated with the following diagram (figure 6).
The new cloud client or user before to initiate the
service utilization, must be register on the relevant
cloud service provider and get an ID for
authentication purpose through the random ID
creation module.
The proposed work includes the following working
Steps:
Step 1: Registration in the cloud service providers
(CSP).
Step 2: Encryption or Decryption Mechanism
Step 3: Key Distribution
Step 4: Authentication – Handshaking
Step 5: Retrieval or Response
Most of the cloud data encryption security
algorithm’s key (EK) is stored in the same cloud
server (Figure 7, 8). But, in the proposed
mechanism encrypted data is stored into one cloud
server and its relevant key will store in another
cloud server based on the orthogonal selection in
the clustered cloud server infrastructure over the
communication channel. The content or service
(SaaS, PaaS or IaaS) availability during the
retrieval process is carried out with the help of
handshaking –authentication mechanism. In order
to secure and create a cloud data storage block
allocation for encrypted user’s data is linked with
data store in the cloud service provider by
symmetric key generation.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
224 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

5. Figure 5 Cloud Storage by using Orthogonal Principle
The data or information in textual format initiated
by cloud users or clients interacts with the modules
of encryption or decryption process along with
registering in the cloud service providers (CSP).
The registration process provides a sequential
number for verification regarding the cloud clients
over the internet. At the same moment, the
encryption or decryption process is carried out with
the help of crypto graphic algorithms such as
symmetric or asymmetric mechanism.
Figure 6 Registration in the cloud service providers (CSP)
The encrypted key for original data (For example ,
if consider Cloud client-1 send its own data to the
cloud service provider based on the orthogonal
selection, the relevant key will store another CSP)
will occupy in one CSP and its data will available
in another CSP based on the orthogonal selection
mechanism. One of the fields in original data
segment includes the link address for its key
distribution cloud server over the network.
The authentication for registered users will ensure
with the help of orthogonal handshaking
mechanism and it will carry out as a continuation
of this research work in consecutive publication.
The source code for data store relevant with secure
cloud data storage in order to generate key is
specified as follows,
Figure 7 Source code for Orthogonal Key
generation
The basic principle of the proposed architectural
framework mainly focuses on the storage of
encrypt and decrypt message in private cloud.
There are different mechanism of secure data
transmission is proposed by different cryptographic
algorithms for example Auditing Algorithm Shell
(AAS), Matrix Encryption Algorithm (MEA) and
procedure Block Authentication Algorithm(PBAA)
.
The cloud client’s registration ensures the secure
cloud service utilization over the communication
channel by using authentication process. Without
registering the cloud service access brings in secure
data access and data store on the cloud servers. The
given chart analysis (figure 9) depicts the analysis
of performance among the existing algorithms. The
relevant procedure in order to perform the
authentication /handshaking on secure cloud data
storage access mechanism by using orthogonal
handshaking mechanism continues as a future
work. Based on the following factors, the
performance evaluation will be listed as follows
with the implemented OHASM (Table 2) and the
figure 10.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
225 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

6. Figure 8 Encryption and Decryption by using OHSAM
Table 2. Performance comparison
Evaluation
Factors
AAS MEA PBAA OHASM
Storage Space(KB) 10.2 15.0 13.3 7.5
Retrieval time(mS) 72 56 81 34
Key generation
Speed(mS)
8.2 4.5 4.1 2.0
Encryption Speed
(mS)
36 23 19 16
Decryption
Speed(mS)
12 10.5 8.4 2.0
Authentication (%) 56 45 67 72.3
Figure 9. Comparison with Existing mechanism
IV.CONCLUSION AND FUTURE
WORK
In general, most of the cloud computing secure data
transaction or cloud data storage is always carried
out by using a standalone crypto graphic algorithm
either in symmetric or asymmetric mechanism. It
never focuses on its internal storage infrastructure
reading to ensure its secure cloud data access over
the communication channel. In this research work
and its previous relevant publications are
concentrating to eliminate such drawbacks with a
novelty approach on secure cloud data storage
management by using “Orthogonal Handshaking
Authentication mechanism”. In reality, the
practical implementation of this research work
includes different modules and herewith to show
the relevancy of empirical analysis shows except
the key distribution and authentication mechanism.
REFERENCES
[1] R.Vaishali, M.Menaka"Attribute based
Encryption and Key Distribution for Secure
Storage in Clouds ", © 2014 IJEDR | Conference
Proceeding (NCISECT 2015) ISSN: 2321-9939.
[2]. Prof. Dr.K.Subramanian, M. Mohamed
Sirajudeen, “Enhancement of the Private Cloud
Data Transaction by using an Orthogonal
0 10 20 30 40 50 60 70 80 90
Storage Space(KB)
Key generation Speed(mS)
(mS)
Authentication (%)
OHASM
PBAA
MEA
AAS
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
226 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

7. Handshaking Authentication Protocol (OHSAP)”,
International Journal of Computer Applications
(0975 – 8887) Volume 96 – No.23, June 2014.
[3] Guigang Zhang, Chao Li, Yong Zhang,
Chunxiao Xing. Research on Cloud Storage Model
based on Mass Information Processing. Beijing:
Computer Research and Development, vol.
49(suppl), pp.32-36, 2012.
[4]. National Institute of Science and Technology.
"The NIST Definition of Cloud Computing",
Page.7, Retrieved July 24, 2011.
[5] Ngongang Guy Mollet, "Cloud Computing
Security" Thesis, p. 34 + 2 appendices Published
April 11, 2011.
[6]. EMC, and EMC Education Services.
Information Storage and Management: Storing,
Managing, and Protecting Digital Information.
Libre Digital, 2010.
[7]. Armbrust, M., Fox, A., Griffith, R., Joseph, A.
D., Katz, R., Konwinski, A., &Zaharia, M. (2010).
A view of cloud computing. Communications of
the ACM,53(4), 50-58.
[8]. Chunhua, ZHOU Ke WANG Hua LI. "Cloud
Storage Technology and Its Application” ZTE
Communications 4 (2010): 013.
[9].Wu, Jiyi, et al. "Recent Advances in Cloud
Storage." Proceedings of the Third International
Symposium on Computer Science and
Computational Technology (ISCSCT’10). 2010.
[10] De Li, Report of the Cloud Computing
Technology Development (2012). Beijing: Science
Press, 2012.
[11] Liang Liu. Research on Cloud Storage based
on Virtualization and Distributed Technology.
Anhui: Computer Knowledge and Technology, vol.
8, pp. 2641-2642.2012.
[12] Gantz John, Reinsel David. Digital Universe
Study -"Extracting Value from Chaos". 2011.
http://idcdocserv.com/1142.
[13] Jiyi Wu, Lingdi Ping, Xiaoping Ge, Ya Wang,
Jianqing Fu. Cloud Storage as the Infrastructure of
Cloud Computing. International Conference on
Intelligent Computing and Cognitive Informatics,
pp. 380-383. 2010.
[14]. An Efficient Framework for Information
Security in Cloud Computing Using Auditing
Algorithm Shell (AAS), M. Omer Mushtaq,
Furrakh Shahzad, M. Owais Tariq, Mahina Riaz,,
Bushra Majeed, “International Journal of Computer
Science and Information Security (IJCSIS, Volume
4,Novembe 7, 2016), ISSN:1947-5500.
[15]. “Encryption algorithm for Data Security and
privacy cloud storage”, Manish a R. Shinde and
Rahul D. Taur, “American Journal of Computer
Science and Engineering Survey, ISSN 2349 –
7238.
[16]. Access Control for Cloud Computing
Through Secure OTP Logging as Services Priyanka
Patel Nirmal Gaud, “International Journal of
Computer Applications” (0975 – 8887), Volume
141 – No.14, May 2016.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
227 https://sites.google.com/site/ijcsis/
ISSN 1947-5500