Ensuring Data Storage Security in Cloud Computing
-
Upload
ovesh-sheth -
Category
Documents
-
view
462 -
download
0
Transcript of Ensuring Data Storage Security in Cloud Computing
![Page 1: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/1.jpg)
ENSURING DATA STORAGE SECURITY IN CLOUD COMPUTING
Submitted By:
Sheth M.Ovesh
Under the Guidance of: Asist.Prof. Ajay Kumar Sharma M.Tech
![Page 2: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/2.jpg)
A Working Definition of Cloud Computing
• Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
![Page 3: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/3.jpg)
5 Essential Cloud Characteristics
• On-demand self-service • Broad network access• Resource pooling–Location independence
• Rapid elasticity• Measured service
![Page 4: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/4.jpg)
Cloud Objectives
-Correctness -Integrity -Flexibility -Maintainability -Accessibility -Availability
![Page 5: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/5.jpg)
SYSTEM ARCHITECTURE
![Page 6: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/6.jpg)
Existing System Traditional cryptographic primitives for the purpose of data
security protection can not be directly adopted due to the users’ loss control of data under Cloud Computing.
Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data.
The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance.
None of the distributed schemes is aware of dynamic data
operations. As a result, their applicability in cloud data storage can be drastically limited.
![Page 7: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/7.jpg)
Proposed System we propose an effective and flexible distributed scheme with
explicit dynamic data support to ensure the correctness of users’ data in the cloud.
We rely on ensure correcting code in the file distribution preparation to provide redundancies and guarantee the data dependability.
By utilizing the homomorphic token with distributed verification
of ensure-coded data, our scheme achieves the storage correctness insurance as well as data error localization.
Unlike most prior works for ensuring remote data integrity, the new scheme supports secure and efficient dynamic operations on data blocks, including: update, delete and append.
![Page 8: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/8.jpg)
Windows Azure• Windows Azure is a foundation of Microsoft’s Cloud
Platform for Developers • Operating System for the Cloud
– Runs applications in the cloud– Provides Storage– Application Management– Developer SDK
• Windows Azure ideal for applications needing– Scalability– Availability– Fault Tolerance
![Page 9: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/9.jpg)
Windows Azure Storage• Storage in the Cloud– Scalable, durable, and available– Anywhere at anytime access– Only pay for what the service uses
• Exposed via RESTful Web Services– Use from Windows Azure Compute– Use from anywhere on the internet
• Various storage abstractions– Tables, Blobs, Queues, Drives
![Page 10: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/10.jpg)
Windows Azure Service Architecture
StorageTables
LB
Blobs
Worker Service
Worker Service
Worker Role
Managed Interface Call
Web Site(ASPX, ASMX,
WCF)
Web Site(ASPX, ASMX,
WCF)
Web Role
IIS as Host
Queues
Windows Azure Data Center
LBL
B
The InternetThe Internet via TCP or HTTP
![Page 11: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/11.jpg)
Windows Azure Storage Abstractions
• Blobs – Simple named files along with metadata for the file.
• Tables – Structured storage. A Table is a set of entities; an entity is a set of properties
• Queues – Reliable storage and delivery of messages for an application
![Page 12: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/12.jpg)
Blob Storage Concepts
BlobContainerAccount
user
images
PIC01.JPG
videos VID1.AVI
Pages/Blocks
Block/Page
Block/Page
PIC02.JPG
![Page 13: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/13.jpg)
Table Storage Concepts
EntityTableAccount
user
customers
Name =…Email = …
Name =…EMailAdd= …
photos
Photo ID =…Date =…
Photo ID =…Date =…
![Page 14: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/14.jpg)
Queue Storage Concepts
MessageQueueAccount
order processing
customer ID order ID http://…
customer ID order ID http://…
user
![Page 15: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/15.jpg)
Cloud Computing Security
![Page 16: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/16.jpg)
Security is the Major Issue
![Page 17: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/17.jpg)
Key Server
Server
Message=Message + Key
K1
K2
Msg=Msg-Key
Client
Client
Module1:Ensuring Cloud Data Storage
![Page 18: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/18.jpg)
![Page 19: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/19.jpg)
RC4 Algorithm• RC4 is a stream cipher, symmetric key algorithm. The same algorithm is
used for both encryption and decryption as the data stream is simply XORed with the generated key sequence. The key stream is completely independent of the plaintext used.
• Stream cipher is one of the simplest methods of encrypting data where each bit of the data is sequentially encrypted using one bit of the key
Keystreamgenerator
Kc
Ciphering Key
Kc[i]m[i]
C[i]
One bit of cipher text
One bit of Plain textOne bit of Ciphering Key
![Page 20: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/20.jpg)
The steps for RC4 encryption algorithm is as follows:• Get the data to be encrypted and the selected key.• Create two string arrays.• Initiate one array with numbers from 0 to 255.• Fill the other array with the selected key.• Randomize the first array depending on the array of the key.• Randomize the first array within itself to generate the final
key stream.• XOR the final key stream with the data to be encrypted to
give cipher text.
Steps of RC4 Algorithm
![Page 21: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/21.jpg)
Initial with numberFrom 0 to 255
Fill with chosen key
Sbox1 Sbox2
Systematic Randomization
Final Key Stream
XOR Plain/Cipher TextCipher/Plain Text
Systematic Randomization
![Page 22: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/22.jpg)
Error
ClientServer
Encoding Decoding
Module 2:Correctness Verification and Error Localization
![Page 23: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/23.jpg)
CRC Algorithm for Encoding and Decoding
• The cyclic redundancy check, or CRC, is a technique for detecting errors in digital data, but not for making corrections when errors are detected.
• It is used primarily in data transmission. In the CRC method, a certain number of check bits, often called a checksum, are appended to the message being transmitted. The receiver can determine whether or not the check bits agree with the data, to ascertain with a certain degree of probability whether or not an error occurred in transmission.
• If an error occurred, the receiver sends a “negative acknowledgement” (NAK) back to the sender, requesting that the message be retransmitted.
![Page 24: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/24.jpg)
Encoder and decoder for simple cyclic Redundancy Check
![Page 25: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/25.jpg)
![Page 26: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/26.jpg)
insert
update
view Server
Module3:Providing Dynamic Data Operation Support
![Page 27: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/27.jpg)
CONCLUSION To ensure the correctness of users’ data in cloud data storage,
we proposed an effective and flexible distributed scheme with explicit dynamic data support, including block update, delete, and append.
By utilizing the homomorphic token with distributed verification of erasure coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., whenever data corruption has been detected during the storage correctness verification across the distributed servers, we can almost guarantee the simultaneous identification of the misbehaving server(s).
![Page 28: Ensuring Data Storage Security in Cloud Computing](https://reader034.fdocuments.us/reader034/viewer/2022051413/552b2c534a795911588b45b3/html5/thumbnails/28.jpg)
THANK YOU FOR
YOUR TIME