Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security in cloud computing


Published on

As per IEEE paper conducted a detailed study on data security in cloud computing

Published in: Internet
  • Be the first to comment

Security in cloud computing

  2. 2. What is Cloud Computing ? What are the benefits of cloud computing ?
  3. 3. VIDEO
  4. 4. Cloud security 4 / 30Cloud Security19th October 2015 Currently there is an increasing trend in outsourcing data to remote cloud… Cloud service providers Offers huge storage space with low cost Reduce the maintenance and burden of local data storage
  5. 5. Cloud security Cloud Security 5 / 3019th October 2015
  6. 6. Cloud security Cloud Security 6 / 3019th October 2015
  7. 7. Cloud security Cloud Security Threats in cloud data storage The cloud service provider intentionally hide data loss. The malicious cloud service provider might delete some data or obtain all the information and sell it to others. An attacker who intercepts can capture sensitive information such as business secrets, client details etc. 7 / 3019th October 2015
  8. 8. Cloud security Cloud Security Existing protocols  Does not support both confidentiality and integrity issues.  Dynamic scalability of data is not possible – modification, insertion and deletion of data blocks.  All the existing protocols are unable to provide strong security assurance to users. 8 / 3019th October 2015
  9. 9. Cloud security Cloud Security Proposed protocol An Efficient & Secure Protocol for Data Storage Security in Cloud Computing 9 / 3019th October 2015
  10. 10. Cloud security Cloud Security Steps :- User encrypts data to ensure confidentiality. Compute metadata over encrypted data Later the verifier can use remote data integrity checking to verify the integrity 10 / 3019th October 2015
  11. 11. Cloud security Cloud Security System model The cloud data storage model considering here consisting of 3 main components : Cloud user : An individual or an organization storing their data in cloud and accessing the data Cloud Service Provider(CSP) : The organization who manages cloud servers and provides a paid storage on its infrastructure to users as service. Third Party Auditor(TPA) : The verifier who has expertise and capabilities to verify the integrity of outsourced data as per the instruction of the user. 11 / 3019th October 2015
  12. 12. Cloud security Cloud Security Efficient & Secure Storage Protocol The protocol consists of 3 phases : Dynamic data operation and verification Verification Setup 12 / 3019th October 2015
  13. 13. Cloud security Cloud Security  Setup In this phase, the user pre-processes the file before storing in cloud. The Setup phase consists of three stages, those are: KeyGen Encryption MetadataGen. 13 / 3019th October 2015
  14. 14. Cloud security Cloud Security  KeyGen: In this phase, the user generates private key and public key pair. The user chooses two large primes p and q of size k .Then compute n=pq and Nn =lcm (p+1, q+1). b is a randomly chosen integer such that gcd(b, n)=1. It outputs public key PK= {b, n, p} and private key PR ={ Nn }. 14 / 3019th October 2015
  15. 15. Cloud security Cloud Security  Encryption: To ensure the confidentiality of data, the file F is divided into n equal sized data blocks and encrypt them: F = {m1, m2 ,} = {mi }1 ≤i≤n F’ m i='=mi + fk (s) where s is random of size l. 15 / 3019th October 2015
  16. 16. Cloud security Cloud Security  MetadataGen: After encrypting the data, the user computes a metadata over encrypted data to verify the integrity of data, which takes m'i, public key and private key as inputs and produce metadata as output After computation of metadata, the user sends metadata, public key to the TPA for later verification and sends file F' to cloud servers for storage. 16 / 3019th October 2015
  17. 17. Cloud security Cloud Security  Verification To verify the integrity of data after storing into cloud, the verifier first creates a challenge and sends to the server. Upon receiving a challenge from the verifier, the server computes a response as integrity proof and return to the verifier. It consists of 3 steps : Challenge ProofGen CheckProof 17 / 3019th October 2015
  18. 18. Cloud security Cloud Security  Challenge: The verifier creates a challenge text by taking inputs public key and random values. For each data block challenge text is created, then combined together and send. 18 / 3019th October 2015
  19. 19. Cloud security Cloud Security  ProofGen: Upon receiving the challenge from the verifier, the server computes a response as integrity proof using the following steps, it takes encrypted data m'i, challenge chal as inputs and produce response R as output 19 / 3019th October 2015
  20. 20. Cloud security Cloud Security  Check proof: After receiving a response from the server, the verifier checks the integrity using the steps, it takes public key pk, challenge query chal, and proof R as inputs and return output. If response is valid, then it returns 1 otherwise 0. 20 / 3019th October 2015
  21. 21. Cloud security Cloud Security  Dynamic data operation & Verification The proposed scheme also supports dynamic data operations at block level while maintaining same security assurance, such as Block Modification (BM), Block Insertion (BI) and Block Deletion (BD). These operations are performed by the server based on the user request. The parameter j indicates the particular block to be updated and m*i is the new block. In order to update data in cloud, the user creates a request and sends to the server. Upon receiving an update request from the user, the server performs the particular update operation (modification/insert/delete). 21 / 3019th October 2015
  22. 22. Cloud security Cloud Security  Block modification: Data modification is one of the frequently used operations in cloud data storage. Suppose, the user wants to modify the block mj with m'i, then the user runs the steps to do the following:  Create a new block mj  Encrypt the new block  Compute the new metadata  Create update request and sends to the server.  The Metadata sends to TPA for later verification 22 / 3019th October 2015
  23. 23. Cloud security Cloud Security  Block insertion: To perform an insertion of a new block m* after position j in a file, the user runs the following:  Create a new block m*j  Encrypt the new block  Compute the new metadata  Create update request and sends to the server.  The Metadata sends to TPA for later verification 23 / 3019th October 2015
  24. 24. Cloud security Cloud Security  Block deletion: Suppose the user want to delete a specific data block at position j from file F’  Create delete request (BD,j) and sends to the server.  Send request to TPA to delete corresponding metadata. Server and TPA deletes the corresponding block from the file. 24 / 3019th October 2015
  25. 25. Cloud security Cloud Security  Verification: To ensure the security of dynamic data operations, the user verifies the integrity of updated block immediately after updating as follows:  The user challenges the server immediately for the proof of update operation  Upon receiving a request from the user, the server computes a response for updated block and returns to the user  After receiving an update response from the server, the user verifies whether response is matched with metadata of particular block by running algorithm, if it returns true, server has been updated data successfully otherwise not. 25 / 3019th October 2015
  26. 26. Cloud security Cloud Security Advantages  It should detect all data corruption if anybody deletes or modifies the data in cloud storage  The scheme achieves confidentiality of data  It is efficient in terms of computation, storage because its key size is less compared to RSA based solutions.  This protocol supports public verifiability and dynamic data operations such as modification, insertion and deletion 26 / 3019th October 2015
  27. 27. Cloud security Cloud Security CONCLUSION The proposed protocol is mainly suitable for thin users who have less resources and limited computing capability The method satisfies all security and performance requirements of cloud data storage It also supports public verifiability that enables TPA to verify the integrity of data without retrieving original data from the server The scheme also supports dynamic data operations 27 / 3019th October 2015
  28. 28. Cloud Security • Introduction to Cloud Computing , Prof. Yeh-Ching Chung, - IntroductiontoCloudComputing.pdf?attredirects=0&d=1 • NIST (National Institute of Standards and Technology). • M. Armbrust et. al., “Above the Clouds: A Berkeley View of Cloud Computing,” Technical Report No. UCB/EECS-2009-28, University of California at Berkeley, 2009. • R. Buyya et. al., “Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility,” Future Generation Computer Systems, 2009. • Cloud Computing Explained. • From Wikipedia, the free encyclopedia • “An Efficient and secure protocol for Ensuring Data Storage Security in Cloud Computing” - International journal of Computer Science Issues ,by Syam kumar P, Subramanian R BIBLIOGRAPHY 28 / 3019th October 2015
  29. 29. Cloud security Cloud Security 29 / 3019th October 2015
  30. 30. Cloud security Cloud Security Thank you all… 30 / 3019th October 2015