Upload
bishwanth-konathala
View
29
Download
0
Embed Size (px)
Citation preview
Secure and Practical Outsourcing of Linear Programming in Cloud Computing
Presented by KONATHALA BISHWANTH
310506403026 Integrated dual degree (B.tech+M.tech)
CS&SE Dept, Andhra university
1
Guided by Kunjam Nageswara Rao Asst.Professor,CS&SE Dept, Andhra university
Agenda ▪ Introduction ▪What is cloud computing? ▪Why we need cloud
computing ? ▪What is security ? ▪Why we need security in
cloud computing ? ▪ Introduction to linear
programming ▪Why linear programming in
cloud computing?
2
▪ Existing System ▪Disadvantages ▪ Proposed System ▪ Advantage ▪Mechanism ▪Hardware Requirements ▪ Software Requirements ▪ Implementation ▪ Sample screens
Introduction ✦Cloud compu*ng enables customers with limited computa*onal resources to outsource their large
computa*on workloads to the cloud, and economically enjoy the massive computa*onal power,
bandwidth, storage, and even appropriate so;ware that can be shared in a pay-‐per-‐use manner.
✦Security is the primary obstacle that prevents the wide adop*on of this promising compu*ng
model, especially for customers when their confiden*al data are consumed and produced during
the computa*on.
✦Trea*ng the cloud as an intrinsically insecure compu*ng plaBorm from the viewpoint of the cloud
customers,
✦Focusing on engineering compu*ng and op*misa*on tasks, the secure outsourcing of widely
applicable linear programming (LP) computa*ons.
✦The resul*ng flexibility allows us to explore appropriate security/ efficiency trade off via higher-‐level
abstrac*on of LP computa*ons than the general circuit representa*on.
✦Formula*ng private data owned by the customer for LP problem as a set of matrices and vectors, we
are able to develop a set of efficient privacy-‐preserving problem transforma*on techniques, which
allow customers to transform original LP problem into some arbitrary one while protec*ng sensi*ve
input/output informa*on.
3
What is Cloud Computing ? ✦Cloud computing provides a variety of computing resources ,
from servers and storage to enterprise applications such as email, security, backup/DR, voice, all delivered over the Internet. The Cloud delivers a hosting environment that is • Immediate, •Flexible, •Scalable, •Secure, Available while saving corporations money, time and resources.
4
Why cloud computing ?✦Cloud Computing is very much useful to a smaller companies to
generate similar savings and capabilities on its own.
✦Many of the issues blamed on the cloud in large enterprises - security, integration, compliance and so on - often cause fewer problems in small companies that can't properly deal with them anyway.
Main Reasons why cloud computing is even better for small businesses
• Economies of scale. • Enterprise-class functionality. •Money Matters. • Infrastructure vs. Applications. • The Legacy Issue. • Security Problems. • Compliance. • Reliability.
6
7
1. Economies of scale: This one's obvious. The larger the company, the easier it can generate economies of scale on its own. Small companies, by definition, have more limited resources. Anything that can give them access to scale in purchasing and pricing is a big win!
2. Enterprise-class functionality. Big companies have the heft to create the custom functionality they need. Small companies simply don't have the resources to do that. In the cloud, though, they can leverage development, maintenance and upgrades across many, many small businesses... And, increasingly, consumers as well.
3. Money Matters. Startups and small companies are often under capitalized and pay-as-you-go cloud computing solutions typically don't require lots of upfront cash. Even if they don't end up saving much as the monthly fees add up over the long run, avoiding capital expenditures can be a make-or-break issue for cash-strapped small businesses.
4. Infrastructure vs. Applications. For the enterprise, cloud computing often means complex Infrastructure as a Service (IaaS) projects that have to be installed and integrated into a company's existing systems. For smaller companies, cloud computing often means complete cloud-based Software as a Service (SaaS) applications and application suites. No IT required.
Reasons why cloud computing
5. The Legacy Issue. A common enterprise objection to cloud computing is how will it work with the company's legacy applications. Small businesses - and especially new businesses - typically have fewer and less complex legacy apps. Taken a step farther, that means startups and small businesses have less installed infrastructure they'd need to throw out to move into the cloud. As for new businesses, why would you actually buy anything you could "rent" instead?
6. Security Problems. I'm not saying security isn't important to small businesses (though many don't take it as seriously as they should). I'm saying that while security in the cloud may still be shaky by enterprise standards, it's almost always far better than what small businesses are able to provide for themselves.
7. Compliance. Because you don't necessarily know where your data is stored in the cloud, IaaS can cause confusion as to whether it complies with local, national and international regulations. That's a huge issue for multinational corporations, less so for most small businesses.
8. Reliability. The cloud is more reliable than most people think. When widely used cloud services and applications have outages, it makes national news. When an individual company - large or small - has a similar problem, they work hard to make sure you never even hear about it. The bottom line, though, is that even accounting for network connectivity hiccups, the cloud is probably a lot more reliable than what small businesses can afford to provide for themselves.
8
9Evolution of cloud computing
Isp-Internet service provider Asp-Application service provider SaaS-software as a service IaaS-infrastructure as a service PaaS-Platform as a Service
What is security ?Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organisation.
✦Cryptography ✦Redundancy ✦Disposal ✦Transfer security ✦Firewalling What exactly firewall does is.✦ It isolates the virtual machines ✦ Brilliantly filters addresses and ports ✦ Prevents Denial-of-Service (DoS) ✦ Detects external security assessment measures
10
Why security is need in cloud computing ?"The Notorious Nine," the top nine cloud computing threats has been identified by the CSA (Cloud Security Alliance).The report reflects the current consensus among industry experts surveyed by CSA, focusing on threats specifically related to the shared, on-demand nature of cloud computing.
The top most threats to the cloud computing are :
11
✦Data Breaches✦Data Loss✦Account or Service Traffic Hijacking✦Insecure Interfaces and APIs✦Denial of service✦Malicious insiders✦Abuse,✦Insufficient due diligence✦Pegged shared technology vulnerabilities
Software and Hardware Specifications
SOFTWARE SPECIFICATION:
Operating System : Windows XP
Software : JAVA (JDK 1.6.0)
Protocol : TCP/IP
IDE : NetBeans,Xampp
12
HARDWARE SPECIFICATION:
Processor : Pentium-IV
Speed : 1.1GHz
RAM : 512MB
Hard Disk : 40GB
General : Keyboard,
. Monitor, Mouse.
13
Outsourcing computation to the commercial public cloud is also depriving customers’ direct control over the systems that consume and produce their data during the computation, which inevitably brings in new security concerns and challenges towards this promising computing model.
The outsourced computation workloads often contain sensitive information, such as ✦The business financial records, ✦Proprietary research data, ✦Personally identifiable health information etc.
Existing System
★End to end data confidentiality - ✦unauthorised information leakage ✦sensitive data have to be encrypted before outsourcing
How ever,Ordinary data encryption techniques in essence prevent cloud from performing any meaningful operation of the underlying plaintext data making the computation over encrypted data a very hard problem.
There are huge financial incentives for the cloud to be “lazy” if the customers cannot tell ✦ The correctness of the output ✦Possible software bugs ✦Hardware failures, even outsider attacks might also affect the quality of the computed results.
14Dis-advantages
Proposed System
Our Linear Programming outsourcing scheme which
provides a complete outsourcing solution for not only
the privacy protection of problem input/output, but also its
efficient result checking. We start from a secure LP
outsourcing design framework.
15
✦Optimal solution using LP problems. ✦Better security on both uploading and downloading. ✦Integrating mathematical implementation in encryption
Advantages:
16
Mechanism Design Framework
• KeyGen(1k ) → {K }.
• ProbEnc(K, Φ) → {ΦK }.
• ProofGen(ΦK ) → {(y, Γ)}
• Result Dec (K, Φ, y, Γ) → {x, ⊥}
16
Mechanism Design Framework
These four algorithms are summarised below :
• KeyGen(1k ) → {K }. This is a randomized key generation algorithm which takes a system security
parameter k, and returns a secret key K that is used later by customer to encrypt the target LP problem.
• ProbEnc(K, Φ) → {ΦK }. This algorithm encrypts the input tuple Φ into ΦK with the secret key
K. According to problem transformation, the encrypted input ΦK has the same form as Φ, and
thus defines the problem to be solved in the cloud.
• ProofGen(ΦK ) → {(y, Γ)}. This algorithm augments a generic solver that solves the
problem ΦK to produce both the output y and a proof Γ. The output y later decrypts to x, and
Γ is used later by the customer to verify the correctness of y or x.
• Result Dec (K, Φ, y, Γ) → {x, ⊥}. This algorithm may choose to verify either y or x via the
proof Γ. In any case, a correct output x is produced by decrypting y using the secret K. The algorithm
outputs ⊥ when the validation fails, indicating the cloud server was not performing the computation
faithfully.
17
18Architecture of secure outsourcing linear
programming problems in Cloud Computing .
Finding File
Encrypt the File
Send to Cloud Server
Decrypt the File
Give Solution / Verification key
Response to Customer
IMPLEMENTTION
✦Finding File
✦Encrypt the File
✦Send to Cloud Server
✦Decrypt the File
✦Give Solution / Verification key
✦Response to Customer
19
22Give Solution / Verification key
Linear programming process where the optimal solution gets solved and verified
Conclusion✦The problem of securely outsourcing LP computations in cloud computing, and
provide such a practical mechanism design which fulfils input/output privacy, cheating
resilience, and efficiency.
✦By explicitly decomposing LP computation outsourcing into public LP solvers and
private data, our mechanism design is able to explore appropriate security/efficiency
trade offs via higher level LP computation than the general circuit representation.
✦This develops problem transformation techniques that enable customers to secretly
transform the original LP into some arbitrary one while protecting sensitive input/
output information.
✦One can also investigate duality theorem and derive a set of necessary and sufficient
condition for result verification.
25