Upload
hoangkiet
View
221
Download
0
Embed Size (px)
Citation preview
WWW.IJITECH.ORG
ISSN 2321-8665
Vol.04,Issue.08,
July-2016,
Pages:1303-1306
Copyright @ 2016 IJIT. All rights reserved.
Cloud Computing Protection for Outsourced Record in Cloud Computing P. RAMADEVI
1, N. SIDDAIAH
2
1PG Scholar, Dept of CSE, SRES, Tirupathi, AP, India, E-mail: [email protected].
2Assistant Professor, Dept of CSE, SRES, Tirupathi, AP, India, E-mail: [email protected].
Abstract: For this reason, the efficiency of question
processing algorithm can fluctuate relying on the tree depth.
To clear up these issues, we advocate a density-mindful
information encryption scheme and a query processing
algorithm for database outsourcing. Our density-conscious
knowledge encryption scheme makes use of a grid index to
generate clusters and transforms the customary knowledge
know-how right into a bitmap. To furnish effective question
processing, we use an algebraic coding headquartered hash
index to minimize the information retrieval time. Eventually,
in efficiency analysis, we show their question processing
performance and ensures the privacy of customers, compared
with the existing schemes. Coping with “single cloud”
providers is anticipated to end up much less preferred with
patrons due to risks of service availability failure and the
probability of malicious insiders within the single cloud. A
motion toward “multi-clouds”, or in other phrases, “Inter
clouds” or “cloud-of-clouds” has emerged not too long ago.
This paper surveys up to date research related to single and
multi-cloud safety and addresses viable options. It's
discovered that the study into the use of multi-cloud vendors
to preserve protection has acquired much less awareness from
the study group than has using single clouds. These work
objectives to promote the use of multi-clouds due to its
potential to slash safety dangers that influence the cloud
computing consumer.
Keywords: Cloud Computing, Single Cloud, Multi-Clouds,
Cloud Storage, Data Integrity, Data Intrusion, Service
Availability.
I. INTRODUCTION
To get to the bottom of these issues, we endorse a new
density aware knowledge encryption scheme for spatial
database Outsourcing. In our data scheme POIs are selected as
anchor nodes to assemble clusters by way of utilising a
histogram. The histogram can decide upon anchor nodes
uniformly with the aid of due to the fact the information
distribution. It implies that many anchors will also be chosen
in dense subject, while relatively less number of anchors will
likely be chosen in sparse field. If required, our scheme re-
constructs the clusters uniformly founded on the a grid index
to split or merge a cluster area with a given threshold. When a
cluster has more POIs than the edge, it is split into two
clusters. However, when a cluster with much less POIs than
the brink can be merged with its nearest cluster. Therefore an
attacker cannot infer the true knowledge distribution based on
the cluster knowledge. For efficient question processing, we
endorse a new question processing algorithm founded on a
hash index with an algebraic coding. Our contributions may
also be summarized as follows: We present a framework for
delivering the confidentiality of spatial data that's outsourced
to cloud computing environment. We furnish a brand new
density-founded data encryption scheme to guard normal
database and its distribution from an attacker and propose a k-
NN question processing algorithm for the converted data. We
additionally reward an broad experimental analysis of our
scheme by way of making use of an actual knowledge set
(e.g., North East america). This paper specializes in the
disorders regarding the data protection part of cloud
computing. As data and know-how will be shared with a 3rd
gets together, cloud computing users wish to prevent an
untrusted cloud provider. Defending personal and main
knowledge, comparable to credit card details or a patient’s
scientific records from attackers or malicious insiders is of
critical importance. Furthermore, the abilities for migration
from a single cloud to a multi-cloud atmosphere is examined
and research involving safety issues in single and multi-clouds
in cloud computing are surveyed.
II. DENSITY AWARE DATA ENCRYPTION SCHEME
On this section, we propose a density-aware knowledge
encryption and a bitmap-based hashing scheme for processing
ok nearest neighbor (NN) query. To unravel the problems of
the prevailing schemes, we use a histogram to uniformly pick
anchor nodes for cluster development. Then our scheme re-
constructs the clusters to retailer the information into clusters
uniformly. For this, we use a grid index to split or merge a
cluster subject with a given threshold. When a cluster has
extra aspects of interest (POIs) than the brink, it is break up
into two clusters. However, for a cluster with less POIs than
the threshold, it can be merged with its nearest cluster.
Consequently an attacker cannot infer the distribution of
actual dataset. The fundamental abilities of the proposed
scheme is that our scheme constantly returns a constantsized
candidate set in one communication circular. This section
describes our query processing algorithm to increase the
satisfactory of service (QoS) in terms of query processing
time and overheads. Indicates an total query processing
algorithm. First, a consumer transforms a question right into a
bitmap by means of making use of the given encryption key
P. RAMADEVI, N. SIDDAIAH
International Journal of Innovative Technologies
Volume.04, Issue No.08, July-2016, Pages: 1303-1306
from DO. Then, the consumer sends the converted query to
the SP. 2nd, our algorithm retrieves distances between clusters
to find the nearest cluster. If a cluster does not have enough
POIs to fulfill k, then our algorithm expands the hunt subject
by way of selecting the subsequent nearest anchor from the
query When okay is satisfied, our algorithm calculates the
hash deal with of the query and retrieves all anchors saved in
the question deal with. 1/3, with a purpose to find the nearest
knowledge point, we calculate the hamming distances
between the modified question and candidates anchors. The
Hamming distance measures the minimum number of
substitutions required to alter one string into the other.
III. SECURITY RISKS IN CLOUD COMPUTING
Despite the fact that cloud service providers can present
advantages to users, protection dangers play a main function
in the cloud computing atmosphere [53]. Customers of online
knowledge sharing or network amenities are aware of the
abilities loss of privateness [12]. According to a latest IDC
survey [16], the top assignment for 74% of CIOs in the case
of cloud computing is safety. Defending exclusive and main
know-how akin to credit card important points or patients’
clinical files from attackers or malicious insiders is of
principal significance [34]. Moving databases to a large data
centre entails many security challenges [55] such as
virtualization vulnerability, accessibility vulnerability, privacy
and manipulate problems regarding data accessed from a third
occasion, integrity, confidentiality, and information loss or
theft. Subashini and Kavitha [49] present some foremost
security challenges, which might be knowledge storage safety,
utility security, knowledge transmission security, and
protection involving 1/3-party resources. Because the cloud
offerings have been developed over the web, any challenge
that is concerning web security will even have an impact on
cloud offerings. Resources within the cloud are accessed by
way of the web; consequently even supposing the cloud
provider specializes in safety in the cloud infrastructure, the
data continues to be transmitted to the customers via networks
which may be insecure. For that reason, internet protection
problems will have an impact on the cloud, with higher risks
due to priceless assets saved within the cloud and cloud
vulnerability. The science used in the cloud is just like the
technological know-how used within the internet. Encryption
techniques and secure protocols aren't ample to defend
information transmission within the cloud. Knowledge
intrusion of the cloud via the web by way of hackers and
cybercriminals needs to be addressed and the cloud
environment desires to be comfortable and private for clients
[49]. Cachinet al.[12]argue that after multiple clients use
cloud storage or when multiple devices are synchronized with
the aid of one user, it is tricky to deal with the information
corruption difficulty.
One of the vital options that they [12] suggest is to use a
Byzantine fault-tolerant replication protocol within the cloud.
Hendricks et al. [23] state that this solution can avert
information corruption brought on by way of some
accessories within the cloud. However, Cachinet al. [12]
declare that using the Byzantine fault- tolerant replication
protocol within the cloud is unsuitable when you consider that
that the servers belonging to cloud providers use the identical
approach installations and are bodily placed in the equal
place. According to Garfinkel[19], yet another security threat
that will arise with a cloud supplier, such as the Amazon
cloud provider, is a hacked password or information intrusion.
If anyone positive aspects entry to an Amazon account
password, they are going to be competent to entry all the
account’s situations and resources. As a result the stolen
password makes it possible for the hacker to erase the entire
knowledge inside of any virtual computer illustration for the
stolen user account, regulate it, and even disable its offerings.
In addition, there is a probability for the user’s e-
mail(Amazon consumer title) to be hacked (see [18] for a
discussion of the knowledge dangers of e-mail), and given
that Amazon enables a lost password to be reset by way of
email, the hacker should still be ready to log in to the account
after receiving the brand new reset password. This section will
explain the contemporary work that has been accomplished
within the discipline of multi-clouds. Bessani et al. [8] present
a virtual storage cloud approach called DepSky which
includes a mixture of different clouds to build a cloud-of-
clouds. The DepSky system addresses the availability and the
confidentiality of information in their storage system through
making use of multi-cloud providers, combining Byzantine
quorum system protocols, cryptographic secret sharing and
erasure codes [8].
As mentioned prior, the lack of availability of service is
viewed one of the crucial most important limitations in cloud
computing and it has been addressed by using storing the
information on a few clouds. The loss of purchaser
information has brought about many problems for a lot of
users such as the predicament that befell in October 2009
when the contacts, portraits, and many others. Of many users
of the Sidekick carrier in Microsoft had been misplaced for
several days [44]. Bessani et al. [8] use Byzantine fault-
tolerant replication to store information on a number of cloud
servers, so if one of the crucial cloud vendors is broken, they
are nonetheless competent to retrieve information correctly.
Knowledge encryption is viewed the solution with the aid of
Bessani et al. [8] to address the trouble of the loss of privacy.
They argue that to protect the saved knowledge from a
malicious insider, users will have to encrypt data before it is
stored within the cloud. As the information can be accessed
by way of disbursed purposes, the DepSky approach stores
the cryptographic keys in the cloud by way of utilising the
secret sharing algorithm to hide the value of the keys from a
malicious insider. Within the DepSky method, data is
replicated in four commercial storage clouds (Amazon S3,
windows Azure, Nirvanix and Rackspace); it's not relayed on
a single cloud, as a result, this avoids the crisis of the
dominant cloud inflicting the so-known as seller lock-in
hindrance [3]. Additionally, storing 1/2 the amount of
knowledge in each and every cloud in the DepSky approach is
accomplished with the aid of the use of erasure codes. Hence,
exchanging data between one supplier to a further will effect
Cloud Computing Protection for Outsourced Record in Cloud Computing
International Journal of Innovative Technologies
Volume.04, Issue No.08, July-2016, Pages: 1303-1306
in a smaller price. The DepSky method goals to cut back the
cost of utilizing four clouds(which is 4 instances the
overhead) to twice the price of utilising a single cloud, which
is a massive competencies [8].
IV. CONCLUSION
It is clear that despite the fact that using cloud computing has
swiftly multiplied, cloud computing security is still considered
the essential challenge within the cloud computing
environment. Purchasers don't want to lose their exclusive
information as a consequence of malicious insiders in the
cloud. Furthermore, the lack of provider availability has
prompted many issues for a large number of consumers just
lately. Furthermore, data intrusion results in many problems
for the users of cloud computing. The cause of this work is to
survey the latest study on single clouds and multi-clouds to
handle the protection risks and options. We now have found
that a lot research has been performed to be certain the
security of the single cloud and cloud storage whereas multi
clouds have bought less concentration within the discipline of
protection. We help the migration to multi-clouds as a result
of its potential to curb protection risks that affect the cloud
computing consumer.
V. REFERENCES
[1](NIST), http://www.nist.gov/itl/cloud/.
[2]I. Abraham, G. Chockler, I. Keidar and D. Malkhi,
"Byzantine disk paxos: optimal resilience with Byzantine
shared memory", Distributed Computing, 18(5), 2006, pp.
387-408.
[3]H. Abu-Libdeh, L. Princehouse and H.Weatherspoon,
"RACS: a case for cloud storage diversity", SoCC'10:Proc. 1st
ACM symposium on Cloud computing, 2010, pp. 229-240.
[4]D. Agrawal, A. El Abbadi, F. Emekci and A. Metwally,
"Database Management as a Service: Challenges and
Opportunities", ICDE'09:Proc.25th
Intl. Conf. on Data
Engineering, 2009, pp. 1709-1716.
[5]M.A. AlZain and E. Pardede, "Using Multi Shares for
Ensuring Privacy in Database-as-a-Service", 44th Hawaii Intl.
Conf. on System Sciences (HICSS), 2011, pp. 1-9.
[6]Amazon, Amazon Web Services. Web services licensing
agreement, October3,2006.
[7]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner,
Z. Peterson and D. Song, "Provable data possession at
untrusted stores", Proc. 14th ACM Conf. on Computer and
communications security, 2007, pp. 598-609.
[8]A. Bessani, M. Correia, B. Quaresma, F. André and P.
Sousa, "DepSky: dependable and secure storage in a cloud-of-
clouds", EuroSys'11:Proc. 6 th Conf. on Computer systems,
2011, pp. 31-46.
[9]K. Birman, G. Chockler and R. van Renesse,"Toward a
cloud computing research agenda", SIGACT News, 40, 2009,
pp. 68-80.
[10]K.D. Bowers, A. Juels and A. Oprea, "HAIL: A high-
availability and integrity layer for cloud storage", CCS'09:
Proc. 16Th ACM Conf. on Computer and communications
security, 2009, pp. 187-198.
[11]C. Cachin, R. Haas and M. Vukolic, "Dependable storage
in the Intercloud", Research Report RZ, 3783, 2010.
[12]C. Cachin, I. Keidar and A. Shraer, "Trusting the cloud",
ACM SIGACT News, 40, 2009, pp. 81-86.
[13]C. Cachin and S. Tessaro, "Optimal resilience for erasure-
coded Byzantine distributed storage", DISC:Proc. 19th
Intl.Conf. on Distributed
Computing, 2005, pp. 497-498.
[14]M. Castro and B. Liskov, "Practical Byzantine fault
tolerance", Operating Systems Review, 33, 1998, pp. 173-186.
[15]G. Chockler, R. Guerraoui, I. Keidar and M. Vukolic,
"Reliable distributed storage", Computer, 42, 2009, pp. 60-67.
[16]Clavister, "Security in the cloud", Clavister White Paper,
2008.
[17]A.J. Feldman, W.P. Zeller, M.J. Freedman and E.W.
Felten, "SPORC: Group collaboration using untrusted cloud
resources", OSDI, October2010, pp. 1-14.
[18]S.L. Garfinkel, "Email-based identification and
authentication: An alternative to PKI?", IEEE Security and
Privacy, 1(6), 2003, pp. 20-26. Security and Privacy, 1(6),
2003, pp. 20-26.
[19]S.L. Garfinkel, "An evaluation of amazon’s grid
computing services: EC2, S3, and SQS", Technical Report
TR-08-07, Computer Science Group, Harvard University,
Citeseer, 2007, pp. 1-15.
[20]E. . Goh, H. Shacham, N. Modadugu and D. Boneh,
"SiRiUS: Securing remote untrusted storage",NDSS: Proc.
Network and Distributed System Security Symposium, 2003,
pp. 131–145.
[21]G.R. Goodson, J.J. Wylie, G.R. Ganger and M.K. Reiter,
"Efficient Byzantine-tolerant erasure-coded storage",DSN'04:
Proc.Intl. Conf. on Dependable Systems and Networks,2004,
pp.1-22.
[22]E. Grosse, J. Howie, J. Ransome, J. Reavis and S.
Schmidt, "Cloud computing roundtable", IEEE Security &
Privacy, 8(6), 2010, pp. 17-23.
[23]J. Hendricks, G.R. Ganger and M.K. Reiter,
"Lowoverhead byzantine fault-tolerant storage", ACM
SIGOPS symposium on Operating systems principles, 2007,
pp. 73-86.
[24]A. Juels and B.S. Kaliski Jr, "PORs: Proofs of
retrievability for large files", CCS '07: Proc. 14th
ACM Conf.
on Computer and communications security, 2007, pp. 584-
597.
[25]S. Kamara and K. Lauter, "Cryptographic cloud storage",
FC'10: Proc. 14 th Intl.Conf. on Financial cryptograpy and
data security,2010, pp. 136-149.
[26]H. Krawczyk, M. Bellare and R. Canetti, "HMAC:
Keyed-hashing for message authentication", Citeseer, 1997,
pp. 1-11.
[27]P. Kuznetsov and R. Rodrigues, "BFTW 3: why? when?
where? workshop on the theory and practice of byzantine fault
tolerance", ACM SIGACT News, 40(4),2009, pp. 82-86.
[28]L. Lamport, R. Shostak and M. Pease, "The Byzantine
generals problem", ACM Transactions on Programming
Languages and Systems, 4(3), 1982, pp. 382-401.
[29]P.A. Loscocco, S.D. Smalley, P.A. Muckelbauer, R.C.
Taylor, S.J. Turner and J.F. Farrell, "The inevitability of
P. RAMADEVI, N. SIDDAIAH
International Journal of Innovative Technologies
Volume.04, Issue No.08, July-2016, Pages: 1303-1306
failure: The flawed assumption of security in modern
computing environments", Citeseer, 1998, pp. 303-314.
[30]P. Mahajan, S. Setty, S. Lee, A. Clement, L. Alvisi, M.
Dahlin and M. Walfish, "Depot: Cloud storagewith minimal
trust", OSDI'10: Proc. of the 9th
USENIX Conf. on Operating
systems design and implementation, 2010, pp. 1-16.
[31]U. Maheshwari, R. Vingralek and W. Shapiro, "How to
build a trusted database system on untrusted storage",
OSDI'00: Proc. 4thConf. On Symposium on Operating
System Design &Implementation, 2000, p. 10.
[32]D. Malkhi and M. Reiter, "Byzantine quorumsystems",
Distributed Computing, 11(4),1998, pp.203-213.
[33]J.-P. Martin, L. Alvisi and M. Dahlin, "Minimalbyzantine
storage", DISC '02: Proc. of the 16Intl.Conf. on Distributed
Computing, 2002, pp. 311325.
[34]H.Mei, J. Dawei, L. Guoliang and Z. Yuan,"Supporting
Database Applications as a Service", ICDE'09:Proc.
25thIntl.Conf. on Data Engineering,2009, pp. 832-843. th
[35]R.C. Merkle, "Protocols for public key cryptosystems",
IEEE Symposium on Security andPrivacy, 1980, pp. 122-134.
[36]E.Mykletun, M.Narasimha and G. Tsudik,"Authentication
and integrity in outsourceddatabases", ACM Transactions on
Storage (TOS),2,2006, pp. 107-138.
[37]C. Papamanthou, R. Tamassia and N.Triandopoulos,
"Authenticated hash tables", CCS'08: Proc. 15th ACM Conf.
on Computer andcommunications security, 2008, pp. 437-448.
[38]M.Pease, R.Shostak and L. Lamport, "Reachingagreement
in the presence of faults", Journal of theACM, 27(2), 1980,
pp. 228-234.
[39]R. Perez, R. Sailer and L. van Doorn, "vTPM:virtualizing
the trusted platform module", Proc.15th Conf. on USENIX
Security Symposium,2006,pp. 305-320.
[40]RedHat,https://rhn.redhat.com/errata/RHSA20080855.ht
ml.
[41]T. Ristenpart, E. Tromer, H. Shacham and S.Savage,
"Hey, you, get off of my cloud: exploringinformation leakage
in third-party computeclouds", CCS'09: Proc. 16thACM Conf.
onComputer and communications security, 2009, pp.199-212.
[42]F. Rocha and M. Correia, "Lucy in the Sky without
Diamonds: Stealing Confidential Data in the Cloud", Proc.
1stIntl. Workshop of Dependability of Clouds, Data Centers
and Virtual ComputingEnvironments, 2011, pp. 1-6.
[43]N. Santos, K.P. Gummadi and R. Rodrigues, "Towards
trusted cloud computing", USENIX Association, 2009,pp.3-3.
[44]D. Sarno, "Microsoft says lost sidekick data will be
restored to users", Los Angeles Times, October 2009.
[45]F. Schneider and L. Zhou, "Implementing trustworthy
services using replicated state machines", IEEE Security and
Privacy, 3(5),2010, pp. 151-167.
[46]G. Brunette and R. Mogull (eds), "Security guidance for
critical areas of focus in cloud computing",
CloudSecurityAlliance, 2009.
[47]A. Shamir, "How to share a secret", Communications of
the ACM, 22(11), 1979, pp. 612-613.
[48]A.Shraer, C. Cachin, A. Cidon, I. Keidar, Y. Michalevsky
and D. Shaket, "Venus: Verification for untrusted cloud
storage", CCSW'10: Proc. ACM workshop on Cloud
computing security workshop, 2010, pp. 19-30.
[49]S. Subashini and V. Kavitha, "A survey on security issues
in service delivery models of cloud computing", Journal of
Network and Computer Applications, 34(1), 2011, pp 1-11.
[50]Sun,http://blogs.sun.com/gbrunett/entry/amazon s3_silent
_data_corruption.
[51]H. Takabi, J.B.D. Joshi and G.-J. Ahn, "Security and
Privacy Challenges in Cloud Computing Environments",
IEEE Security & Privacy, 8(6), 2010, pp. 24-31.
[52]M. Van Dijk and A. Juels, "On the impossibility of
cryptography alone for privacy-preserving cloud computing",
HotSec'10: Proc. 5thUSENIX Conf. onHot topics in security,
2010, pp.1-8.
[53]J. Viega, "Cloud computing and the common man",
Computer, 42, 2009, pp. 106-108.
[54]M. Vukolic,"The Byzantine empire in the intercloud",
ACM SIGACT News, 41,2010, pp.105-111.
[55]C. Wang, Q. Wang, K. Ren and W. Lou, "Ensuring data
storage security in cloud computing", ARTCOM'10: Proc.
Intl. Conf. on Advances in Recent Technologies in
Communication and Computing, 2010, pp. 1-9.