Cloud - Final Term-report

5/12/2018 Cloud - Final Term-report - slidepdf.com

http://slidepdf.com/reader/full/cloud-final-term-report 1/46

Achieving Secure, Scalable, and Fine-grained Ravi K

Data Access Control in Cloud Computing

Contents

1. Abstract 01

Brief description about the project

2. Introduction 03

i. Core technical area in the project 03

ii. Project area 05

3. Details of the work done 20

4. Details of the proposed work 20

5. Bibliography 21

Page: 1





Abstract

Cloud computing is an emerging computing paradigm in which

resources of the computing infrastructure are provided as services over the

Internet.

This project proposes some services for data security and access

control when users outsource sensitive data for sharing on cloud servers.This project addresses this challenging open issue by, on one hand,

defining and enforcing access policies based on data attributes, and, on the

other hand, allowing the data owner to delegate most of the computation

tasks involved in fine grained data access control to untrusted cloud

servers without disclosing the underlying data contents.

Our proposed scheme enables the data owner to delegate tasks of

data file re-encryption and user secret key update to cloud servers without

disclosing data contents or user access privilege information. We achieve

this goal by exploiting and uniquely combining techniques of attribute-

based encryption (ABE), proxy re-encryption, and lazy re-encryption.

Our proposed scheme also has salient properties of user access

privilege confidentiality and user secret key accountability and achieves

fine - graininess, scalability and data confidentiality for data access control

in cloud computing. Our proposal is to make extensive analysis to prove

that our implementation is highly efficient and provably secures under

existing security models.

Page: 2





1.0 Introduction

1.1 System Reference

Cloud Computing is a commercial extension of computing resources

like computation cycles and storage offered as a metered service similar to

a physical public utility like electricity, water, natural gas, or telephone

network.

Page: 3





It enables a computing system to acquire or release computing

resources on demand in a manner such that the loss of any one

component of the system will not cause total system failure. Cloud

computing also allows the deployment of software applications into an

environment running the necessary technology stack for the purposes of

development, staging, or production of a software application. It does all

this in a way that minimizes the necessary interaction with the underlying

layers of the technology stack. In this way cloud computing obfuscates

much of the complexity that underlies Software as a Service (SaaS) or

batch computing software applications.

Here are the brief definitions used in the cloud computing

technology.

i. Utility Computing- The combination of computing resources as a

metered service in a way similar to a physical public utility.

ii. Scalability- The ability of a computing system to grow relatively

easily in response to increased demand

iii. Elasticity- The ability of a system to dynamically acquire or

release compute resources on-demand

iv. Highly Available- Systems designed such that the loss of any one

component of a system will not result in system failure

v. Deployment- Placing your software application into a technology

stack in a running environment for development, testing, or

production

vi. Software Application- An arrangement of programming code

designed to achieve some specific purpose

vii. Technology Stack - The Hardware and Software layers underlying a

given software application.

Page: 4





More compactly stated, cloud computing is a commercial extension of

utility computing that enables scalable, elastic, highly available deployment

of software applications while minimizing the level of detailed interaction

with the underlying technology stack itself.

Cloud computing has the benefit of flexibility to scale up or down the

IT infrastructure depending on the enterprise needs. This means that the

enterprise do not have to provision for future needs as the IT infrastructurethey need may be set up in minimal time. This also means that the time to

start a business process is not contingent on IT infrastructure

establishment time.

1.2 Overall Description

Cloud computing is also facing many challenges that, if not well

resolved, may impede its fast growth. Data security, as it exists in many

other applications, is among these challenges that would raise great

concerns from users when they store sensitive information on cloud

servers. These concerns originate from the fact that cloud servers are

usually operated by commercial providers which are very likely to be

outside of the trusted domain of the users. Data confidential against cloud

Page: 5





servers is hence frequently desired when users outsource data for storage

in the cloud.

In some practical application systems, data confidentiality is not only

a security/privacy issue, but also of juristic concerns. For example, in

health care application scenarios use and disclosure of protected health

information (PHI) should meet the requirements of Health Insurance

Portability and Accountability Act (HIPAA), and keeping user data

confidential against the storage servers is not just an option, but a

requirement.

Furthermore, we observe that there are also cases in which cloud

users themselves are content providers. They publish data on cloud servers

for sharing and need fine-grained data access control in terms of which

user (data consumer) has the access privilege to which types of data. In

the health care case, for example, a medical center would be the data

owner who stores millions of health care records in the cloud. It would

allow data consumers such as doctors, patients, researchers and etc, to

access various types of health care records under policies admitted byHIPAA. To enforce these access policies, the data owners on one hand

would like to take advantage of the abundant resources that the cloud

provides for efficiency and economy; on the other hand, they may want to

keep the data contents confidential against cloud servers.

We address this open issue and propose a secure and scalable fine-

grained data access control scheme for cloud computing. Our proposed

scheme is partially based on our observation that, in practical applicationscenarios each data file can be associated with a set of attributes which are

meaningful in the context of interest. The access structure of each user can

thus be defined as a unique logical expression over these attributes to

reflect the scope of data files that the user is allowed to access.

As the logical expression can represent any desired data file set, fine-

Page: 6





grained ness of data access control is achieved. To enforce these access

structures, we define a public key component for each attribute. Data files

are encrypted using public key components corresponding to their

attributes. User secret keys are defined to reflect their access structures so

that a user is able to decrypt a cipher text if and only if the data file

attributes satisfy his access structure. Such a design also brings about the

efficiency benefit, as compared to previous works, in that,

• The complexity of encryption is just related the number of attributes

associated to the data file, and is independent to the number of users in

the system; and

• Data file creation/deletion and new user grant operations just affect

current file/user without involving system-wide data file update or re-

keying.

One extremely challenging issue with this design is the

implementation of user revocation, which would inevitably require re-

encryption of data files accessible to the leaving user, and may needupdate of secret keys for all the remaining users. If all these tasks are

performed by the data owner himself/herself, it would introduce a heavy

computation overhead on him/her and may also require the data owner to

be always online.

To resolve this challenging issue, our proposed scheme enables the

data owner to delegate tasks of data file re-encryption and user secret key

update to cloud servers without disclosing data contents or user accessprivilege information. We achieve our design goals by exploiting a novel

cryptographic primitive, namely key policy attribute-based encryption

Page: 7





1.2.1 System Analysis

Existing System:

Our existing solution applies cryptographic methods by disclosing

data decryption keys only to authorized users. These solutions inevitably

introduce a heavy computation overhead on the data owner for key

distribution and data management when fine grained data access control is

desired, and thus do not scale well.

Proposed System:

In order to achieve secure, scalable and fine-grained access

control on outsourced data in the cloud, we utilize and uniquely combine

the following three advanced cryptographic techniques:

• Key Policy Attribute-Based Encryption (KP-ABE).

• Proxy Re-Encryption (PRE)

• Lazy re-encryption

Page: 8





1.2.3 General Description

1.1 Product Functions

The Product provides database application and functionality to use the

database. Functionalities provided in the product are:

1. Create account.

2. Login

3. Upload files

4. Search files

5. Generate Secret Keys

6. Maintain Secret Keys.

7. Secure files

8. Display required data Content stored in the server.

Page: 9





1.2 Users

The Cloud service has several users using online services like shared database

server application. The Late Re-Encryption of the private keys happens on the cloud

server at leisure.

1.3 General Constraints

The Cloud computing software requires cloud server and large number of users for

testing. This cloud infrastructure is difficult to simulate so the concept is implemented

on Microsoft Database Server on the Desktop with support for limited users. The

simulation is done for multiple users accessing the database simultaneously.

1.4 Models and Assumptions

System Models

Similar to other commercial systems, we assume that the system is

composed of the following parties: the Data Owner, many Data

Consumers, many Cloud Servers, and a Third Party Auditor if necessary. Toaccess data files shared by the data owner, Data Consumers, or users for

brevity, download data files of their interest from Cloud Servers and then

decrypt. Neither the data owner nor users will be always online. They come

online just on the necessity basis.

For simplicity, we assume that the only access privilege for users is

data file reading. Extending our proposed scheme to support data file

writing is trivial by asking the data writer to sign the new data file on each

update as does. From now on, we will also call data files by files for

brevity.

Page: 10





Cloud Servers are always online and operated by the Cloud Service

Provider (CSP). They are assumed to have abundant storage capacity and

computation power. The Third Party Auditor is also an online party which is

used for auditing every file access event.

In addition, we also assume that the data owner can not only store

data files but also run his own code on Cloud Servers to manage its data

files. This assumption coincides with the unified ontology of cloud

computing

B. Security Models

In this work, we just consider Honest but Curious Cloud Servers as

does. That is to say, Cloud Servers will follow our proposed protocol in

general, but try to find out as much secret information as possible based

on their inputs. More specifically, we assume Cloud Servers are more

interested in file contents and user access privilege information than other

secret information.

Cloud Servers might collude with a small number of malicious users

for the purpose of harvesting file contents when it is highly beneficial.

Communication channel between the data owner/users and Cloud Servers

are assumed to be secured under existing security protocols such as SSL.

Users would try to access files either within or outside the scope of their

access privileges.

To achieve this goal, unauthorized users may work independently or

cooperatively. In addition, each party is pre-loaded with a public/private

key pair and the public key can be easily obtained by other parties when

necessary.

Page: 11





Design Goals

Our main design goal is to help the data owner achieve fine-grained

access control on files stored by Cloud Servers. Specifically, we want to

enable the data owner to enforce a unique access structure on each user,

which precisely designates the set of files that the user is allowed to

access.

We also want to prevent Cloud Servers from being able to learn both

the data file contents and user access privilege information. In addition,the proposed scheme should be able to achieve security goals like user

accountability and support basic operations such as user grant/revocation

as a general one-to-many communication system would require. All these

design goals should be achieved efficiently in the sense that the system is

scalable.

C. Approach to Input Design

The input design is the link between the information system and the

user. It comprises the developing specification and procedures for data

preparation and those steps are necessary to put transaction data in to a

usable form for processing can be achieved by inspecting the computer to

read data from a written or printed document or it can occur by having

people keying the data directly into the system.

The design of input focuses on controlling the amount of input

required, controlling the errors, avoiding delay, avoiding extra steps and

keeping the process simple. The input is designed in such a way so that it

provides security and ease of use with retaining the privacy. Input Design

considered the following things:

Page: 12





• What data should be given as input?

• How the data should be arranged or coded?

• The dialog to guide the operating personnel in providing input.

• Methods for preparing input validations and steps to follow when

error occur.

D. Objectives

1. Input Design is the process of converting a user-oriented description

of the input into a computer-based system. This design is important to

avoid errors in the data input process and show the correct direction to the

management for getting correct information from the computerized

system.

2. It is achieved by creating user-friendly screens for the data entry to

handle large volume of data. The goal of designing input is to make data

entry easier and to be free from errors. The data entry screen is designed

in such a way that all the data manipulates can be performed. It also

provides record viewing facilities.

3. When the data is entered it will check for its validity. Data can be

entered with the help of screens. Appropriate messages are provided as

when needed so that the user will not be in amazed at that moment. Thus

the objective of input design is to create an input layout that is easy to

follow.

Page: 13





E. Approach to Output Design

A quality output is one, which meets the requirements of the end user

and presents the information clearly. In any system results of processing

are communicated to the users and to other system through outputs. In

output design it is determined how the information is to be displaced for

immediate need and also the hard copy output. It is the most important

and direct source information to the user. Efficient and intelligent output

design improves the system’s relationship to help user decision-making.

1. Designing computer output should proceed in an organized, well thought

out manner; the right output must be developed while ensuring that each

output element is designed so that people will find the system can use

easily and effectively. When analysis design computer output, they should

Identify the specific output that is needed to meet the requirements.

2. Select methods for presenting information.

3. Create document, report, or other formats that contain information

produced by the system. The output form of an information system should

accomplish one or more of the following objectives.

• Convey information about past activities, current status or

projections of the future.

• Signal important events, opportunities, problems, or warnings.

• Trigger an action.

• Confirm an action.

Page: 14





1.3 Specific Requirements

3.1 Functional Requirements

3.1.1 Create Account

3.1.1.1 Introduction

Creating an account page requires Login ID and password

And sending an update email to authenticate registration.

3.1.1.2 Inputs

User provides the information for creating an account in the UI

3.1.1.3 Processing

User account information is stored in the database table.

3.1.1.4 Outputs

Display screen to show slots for login and password.

3.1.2 Login Page


Login page has fields Login and password

3.1.2.2 Inputs

Login ID and password from the user

3.1.2.3 ProcessingThe Login ID and Password is compared with the stored data.

3.1.2.4 Outputs

Authentication is successful, then ‘match found - success’

information is displayed.

3.1.3 Upload Files


Upload the files from the client to the server. The files can be of

any type. It has to be protected with encryption algorithm.

3.1.3.2 Inputs

The User files to be protected.

3.1.3.3 Processing

The files are encrypted using the public and private keys based

upon the user authentication.

Page: 15





3.1.3.4 Outputs

Files stored on the server and notification page after authentication

‘Successful’.

3.1.4 Search Files


3.1.4.2 Inputs

3.1.4.3 Processing

3.1.4.4 Outputs

3.1.5 Generate Search Keys


3.1.5.2 Inputs

3.1.5.3 Processing

3.1.5.4 Outputs

3.1.6 Maintain Search Keys


3.1.6.2 Inputs

3.1.6.3 Processing

3.1.6.4 Outputs

3.1.7 Secure Files


3.1.7.2 Inputs

3.1.7.3 Processing

3.1.7.4 Outputs

3.1.8 Display required data contents stored on the server


3.1.8.2 Inputs

3.1.8.3 Processing3.1.8.4 Outputs

1.3 Implementation

Page: 16





Implementation is the stage of the project when the theoretical

design is turned out into a working system. Thus it can be considered to be

the most critical stage in achieving a successful new system and in giving

the user, confidence that the new system will work and be effective.

The implementation stage involves careful planning, investigation of

the existing system and it’s constraints on implementation, designing of

methods to achieve changeover and evaluation of changeover methods.

Module Description:

1) Key Policy Attribute-Based Encryption (KP-ABE):

KP-ABE is a public key cryptography primitive for one-to-many

communications. In KP-ABE, data are associated with attributes for each of

which a public key component is defined. User secret key is defined to

reflect the access structure so that the user is able to decrypt a cipher textif and only if the data attributes satisfy his access structure. A KP-ABE

scheme is composed of four algorithms which can be defined as follows:

• Setup Attributes

• Encryption

• Secret key generation

• Decryption

Setup Attributes:

This algorithm is used to set attributes for users. From these attributes

public key and master key for each user can be determined. The attributes,

public key and master key are denoted as

Page: 17





Attributes- U = { 1 , 2. . . N}

Public key- PK = (Y, T 1 , T 2 , . . . , TN )

Master key- MK = (y, t 1 , t 2 , . . . , tN )

Encryption:

This algorithm takes a message M , the public key PK , and a set of attribute

I as input. It outputs the cipher text E with the following format:

E = (I, ˜ E, {Ei}i )

Where ˜E = MY , Ei = Ti.

Secret key generation:

This algorithm takes as input an access tree T , the master key MK , and the

public key PK . It outputs a user secret key SK as follows.

SK = {ski}

Decryption:

This algorithm takes as input the cipher text E encrypted under theattribute set U, the user’s secret key SK for access tree T , and the public

key PK .

Finally it output the message M if and only if U satisfies T.

2) Proxy Re-Encryption (PRE):

Proxy Re-Encryption (PRE) is a cryptographic primitive in which a

semi-trusted proxy is able to convert a cipher text encrypted under Alice’s

public key into another cipher text that can be opened by Bob’s private key

Page: 18





without seeing the underlying plaintext. A PRE scheme allows the proxy,

given the proxy re-encryption key

rka↔b,

to translate cipher texts under public key pk1 into cipher texts under

public key pk2 and vise versa.

3) Lazy re-encryption:

The lazy re-encryption technique and allow Cloud Servers to

aggregate computation tasks of multiple operations. The operations such

as

Update secret keys

Update user attributes.

1.4 Implementation Details

The idea evaluation entails simulating cloud server on the machine

and access the data from multiple users and test the algorithm presentedhere as solution to the problem.

The application must support various kinds of user. End-user of application,

Cloud user and administrators.

The use cases that we have to support in the applications are:

1. The user account must be setup in the application to upload and

download files from the server.

2. Generate the keys for encryption and decryption of the files.

3. Maintain and manage secret keys.

4. Search for the files on server.

5. Display the data of the server.

6. Duplicate and send the data to the user.

7. Deny access to the data file with invalid user / hacker.

Page: 19





The details of the use cases are listed in the diagram below.

User

Data owner

Cloud server

Login

Upload files

Search files

Generate secret key

Maintain secret keys

Create account

Secure files

Displays required datas

Fig: Use case for data-access control for cloud computing.

Page: 20





User Data owner

Cloud server

Upload files

Create

account

Generate Keys

Search files

Ask secret key

Send secret key

Send required files

Send duplicate datas

If secret key matchesIf secret key does not matches

Maintain file details

Fig: Sequence diagram for data-access control for cloud computing.

Page: 21





5. Data Design

5.1 Data Objects or Data Structures

U s e r a c c o u n t

N a m eU s e r n a m eP a s s w o r d

D a t e o f b i r t hA d d r e s sC o n t a c t n u m b e r

E m a i l i d

c r e a t e a c c o u n t ( )g e n e r a t e k e y s ( )

U p l o a d f i l e s

F i l e i dF i l e n a m e

u p l o a d e d d a t ed o w n l o a d e d d a t e

s e n d t o c l o u d ( )v i e w f i l e d e t a i l s ( )

S e a r c h f i l e s

F i l e i dF i l e n a m e

U s e r d a t a

d o w n l o a d f i l e s ( )

s h o w d u p l i c a t e s ( )

S e c u r e

U s e r d a t aU s e r i d

E n c r y p t e d d a t aD e c r y p t e d d a t ap u b l i c k e yp r i v a t e k e y

e n c r y p t i o n ( )d e c r y p t i o n ( )

Figure: Class diagram of the cloud server.

5.2 Files and Database Structures

5.2.1 Logical File Structure

5.2.2 Logical Record Description

5.2.3 Access Methods

5.3 Global Data

Page: 22





6. Procedural Design

For each major module or component

6.1 Module Name

6.2 Processing Narrative

6.3 Algorithm Description

Page: 23





U p l o a d f i l e s t o c l o u d s e r v e r

O p e n f i l e

M a i n t a i n a n c e o f f i l e s a n d u s e r s

L o g i n

C h e c kO w n e r

E n d

U s e r

E x i s t s

C r e a t e a c c o u n t

n o

E n t e r d a t a t o s e a r c h

y e s

E n c r y p t a n d d e c r y p t t h e d a t a

S e n d t o c l o u d s e r v e r

I f f i l e s e x i s t s f o r d a t a

y e s n o

L i s t o u t t h e f i l e s D i s p l a y s n o d a t a s i n s e r v e r

O p e n t h e r e q u i r e d f i l e

E n t e r s e c r e t k e y C h e c k

C o r r e c t

D i s p l a y s d u p l i c a t e d a t aW r o n g

D i s p l a y s o r i g i n a l f i l e

E n d

Figure: Data Flow Diagram of the project

Page: 24





6.4 Modules Used

6.5 Comments/Restrictions/Limitations

Page: 25





L o g i n

C h e c k

U p l o a d f i l e s

E x i s t s

O w n e r U s e r

M a i n t a i n f i le s a n d u s e r d e t a i l sS e n d d a t a t oc l o u d s e r v e r

C r e a t e a c c o u n t

Y e s

N o

E n t e r s e c r e t k e y

C h e c k

R e c e i v e d u p l i c a t ed a t a

A

D o w n l o a do r i g i n a l

f i l e s

Figure: Activity Diagram

Page: 26





2.0 Details of the work done

Research and Understanding the concept behind cloud computing.

Technology training to acquire the skill to execute the project. The

project concept is evaluated using the Microsoft technologies - .Net,

C#.Net, ASP.Net

Implement basic use cases. The use cases mentioned above must be

implemented in the project.

The contribution towards implementation thus far:

o The user account creation with encryption key generation for

every user.

o Generation of public key and private key is completed.

o Secret Key management and sharing with the user.

o Creation of user kinds of users in the system like End users,

Administrators.

o Implementation Cloud server (database server) on the local

machine.

3.0 Details of the proposed work

Implementation of file storage and database management.

Implementation of file upload and encryption of the file with the user

key.

Page: 27





Implementation of searching for the files uploaded by user and

present them to user based upon user credentials.

File exchange with user/ download/ duplicate the files from the

server.

Depending upon user credentials.

Testing all the features and improve these functionalities.

7. Interface Design

7.1 User-machine Interfaces

UI Screen: Login Page

Page: 28





UI Screen: Admin

Page: 29





Page: 30





UI Screen: New User File

Page: 31





Page: 32





UI Screen: User File Management:

Page: 33





UI Screen: File Management:

Page: 34





Page: 35





UI Screen: User File:

Page: 36





8. Test Provision

8.1 Test Guidelines

8.2 Module Testing

Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test phase of the

software lifecycle, although it is not uncommon for coding and unit testing to be

conducted as two distinct phases.

Test strategy and approach

Field testing will be performed manually and functional tests will be written in detail.

Test objectives

All field entries must work properly.

Pages must be activated from the identified link.

The entry screen, messages and responses must not be delayed.

Features to be tested

• Verify that the entries are of the correct format

• No duplicate entries should be allowed

• All links should take the user to the correct page.

Page: 37





6.2 Integration Testing

Software integration testing is the incremental integration testing of two or more

integrated software components on a single platform to produce failures caused by

interface defects.

The task of the integration test is to check that components or software applications,

e.g. components in a software system or – one step up – software applications at the

company level – interact without error.

Test Results: All the test cases mentioned above passed successfully. No defectsencountered.

6.3 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires significant

participation by the end user. It also ensures that the system meets the functional

requirements.

Test Results: All the test cases mentioned above passed successfully. No defects

encountered.

For each major module of component

8.2.1 Module Name

8.2.2 Test Case

8.3 Integration Strategy

Page: 38





Conclusion and scope for future work.

This project aims at fine-grained data access control in cloud

computing. One challenge in this context is to achieve fine grained ness,

Page: 39





data confidentiality, and scalability simultaneously, which is not provided

by current work. In this paper we propose a scheme to achieve this goal by

exploiting KPABE and uniquely combining it with techniques of proxy re-

encryption and lazy re-encryption. Moreover, our proposed scheme can

enable the data owner to delegate most of computation overhead to

powerful cloud servers. Confidentiality of user access privilege and user

secret key accountability can be achieved. Formal security proofs show

that our proposed scheme is secure under standard cryptographic models.

4.0 Bibliography

1. [Matthew MacDonald 2002] Matthew MacDonald, “User Interfaces in

C#: Windows Forms and Custom Controls”

2. [Jeffrey Richter 2002] Jeffrey Richter, “Applied Microsoft® .NET

Framework Programming (Pro-Developer).”

Page: 40





3. [Patrick Smacchia 2006] Patrick Smacchia, “Practical .Net2 and C#2:

Harness the Platform, the Language, and the Framework”

4. [Behrouz A Forouzan 2003] Behrouz A Forouzan , “Data

Communications and Networking”

5. [James F. Kurose, 2010] James F. Kurose , “Computer Networking: A

Top-Down Approach”.

6. [Abraham Silberschatz ‘06] Abraham Silberschatz, “Operating System

Concepts”.

7. [M. Armbrust 2009 ], M. Armbrust, A. Fox, R. Griffith, A. D. Joseph,

R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I.

Stoica, and M. Zaharia, “Above the clouds: A berkeley view of cloud

computing,” University of California, Berkeley, Tech. Rep. USB-

EECS-2009-28, Feb 2009.

8. Amazon Web Services (AWS), Online at http://aws. amazon.com.

9. Google App Engine, Online at http://code.google.com/appengine/.

10. Microsoft Azure, http://www.microsoft.com/azure/.

11. 104th United States Congress, “Health Insurance Portability andAccountability Act of 1996 (HIPPA),” Online at http://aspe.hhs.gov/

admnsimp/pl104191.htm, 1996.

12. [H. Harney, 2001] H. Harney, A. Colgrove, and P. D. McDaniel,

“Principles of policy in secure groups,” in Proc. of NDSS’01, 2001.

13. [P. D. McDaniel, 2002] P. D. McDaniel and A. Prakash, “Methods

and limitations of security policy reconciliation,” in Proc. of SP’02,

2002

14. [T. Yu 2003] T. Yu and M. Winslett, “A unified scheme for resource

protection in automated trust negotiation,” in Proc. of SP’03, 2003.

15. [J. Li 2005] J. Li, N. Li, and W. H. Winsborough, “Automated trust

negotiation using cryptographic credentials,” in Proc. of CCS’05,

2005.

Page: 41

http://code.google.com/appengine/

http://www.microsoft.com/azure/

http://aspe.hhs.gov/

http://code.google.com/appengine/

http://www.microsoft.com/azure/

http://aspe.hhs.gov/





16. [J. Anderson 1972] J. Anderson, “Computer Security Technology

Planning Study,” Air Force Electronic Systems Division, Report ESD-

TR-73-51, 1972, http: //seclab.cs.ucdavis.edu/projects/history/.

17. [M. Kallahalla] M. Kallahalla, E. Riedel, R. Swaminathan, Q.

Wang, and K. Fu

18. “Scalable secure file sharing on untrusted storage,” in Proc. of

FAST’03, 2003.

19. [E. 2003 Goh] E. Goh, H. Shacham, N. Modadugu, and D. Boneh,

“Sirius: Securing remote untrusted storage,” in Proc. of NDSS’03,

2003.

20. [ G. Ateniese 2005] G. Ateniese, K. Fu, M. Green, and S.

Hohenberger, “Improved proxy re-encryption schemes with

applications to secure distributed storage,” in Proc. of NDSS’05,

2005

Websites referred:

1. http://www.sourcefordgde.com2. http://www.networkcomputing.com/

3. http://www.ieee.org

4. http://www.almaden.ibm.com/software/quest/Resources/

5. http://www.computer.org/publications/dlib

6. http://www.ceur-ws.org/Vol-90/

7. http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

12. Literature Survey

Literature survey is the most important step in software development process.

Before developing the tool it is necessary to determine the time factor, economy n

company strength. Once these things are satisfied, then next steps is to determine

Page: 42

http://www.sourcefordgde.com/

http://www.networkcomputing.com/

http://www.ieee.org/

http://www.almaden.ibm.com/software/quest/Resources/

http://www.computer.org/publications/dlib

http://www.ceur-ws.org/Vol-90/

http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

http://www.sourcefordgde.com/

http://www.networkcomputing.com/

http://www.ieee.org/

http://www.almaden.ibm.com/software/quest/Resources/

http://www.computer.org/publications/dlib

http://www.ceur-ws.org/Vol-90/

http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome





which operating system and language can be used for developing the tool. Once

the programmers start building the tool the programmers need lot of external

support. This support can be obtained from senior programmers, from book or

from websites. Before building the system the above consideration are taken into

account for developing the proposed system.

Cloud Computing:

Cloud computing providing unlimited infrastructure to store and execute customer

data and program. As customers you do not need to own the infrastructure, they

are merely accessing or renting; they can forego capital expenditure and consume

resources as a service, paying instead for what they use.

Benefits of Cloud Computing:

• Minimized Capital expenditure

• Location and Device independence

• Utilization and efficiency improvement

• Very high Scalability

•

High Computing power

Security a major Concern:

• Security concerns arising because both customer data and program are

residing in Provider Premises.

• Security is always a major concern in Open System Architectures

Data centre Security?

• Professional Security staff utilizing video surveillance, state of the art

intrusion detection systems, and other electronic means.

Page: 43





• When an employee no longer has a business need to access datacenter

his privileges to access datacenter should be immediately revoked.

• All physical and electronic access to data centers by employees should be

logged and audited routinely.

• Audit tools so that users can easily determine how their data is stored,

protected, used, and verify policy enforcement.

Data Location:

• When user uses the cloud, user probably won't know exactly where your

data is hosted, what country it will be stored in?

• Data should be stored and processed only in specific jurisdictions as define

by user.

• Provider should also make a contractual commitment to obey local privacy

requirements on behalf of their customers,

• Data-centered policies that are generated when a user provides personal

or sensitive information, that travels with that information throughout its lifetime to

ensure that the information is used only in accordance with the policy

Backups of Data:

• Data store in database of provider should be redundantly store in multiple

physical locations.

• Data that is generated during running of program on instances is all

customer data and therefore provider should not perform backups.

• Control of Administrator on Databases.

Data Sanitization:

• Sanitization is the process of removing sensitive information from a storage

device.

Page: 44





• What happens to data stored in a cloud computing environment once it has

passed its user’s “use by date”

• What data sanitization practices does the cloud computing service provider

propose to implement for redundant and retiring data storage devices as and when

these devices are retired or taken out of service.

Network Security:

• Denial of Service: where servers and networks are brought down by a huge

amount of network traffic and users are denied the access to a certain Internet

based service.

• Like DNS Hacking, Routing Table “Poisoning”, XDoS attacks

• QoS Violation: through congestion, delaying or dropping packets, or

through resource hacking.

• Man in the Middle Attack: To overcome it always use SSL

• IP Spoofing: Spoofing is the creation of TCP/IP packets using somebody

else's IP address.

• Solution: Infrastructure will not permit an instance to send traffic with a

source IP or MAC address other than its own.

How secure is encryption Scheme:

• Is it possible for all of my data to be fully encrypted?

• What algorithms are used?

• Who holds, maintains and issues the keys? Problem:

• Encryption accidents can make data totally unusable.

• Encryption can complicate availability Solution

• The cloud provider should provide evidence that encryption schemes were

designed and tested by experienced specialists.

Information Security:

Page: 45





• Security related to the information exchanged between different hosts or

between hosts and users.

• This issues pertaining to secure communication, authentication, and issues

concerning single sign on and delegation.

• Secure communication issues include those security concerns that arise

during the communication between two entities.

• These include confidentiality and integrity issues. Confidentiality indicates

that all data sent by users should be accessible to only “legitimate” receivers, and

integrity indicates that all data received should only be sent/modified by

“legitimate” senders.• Solution: public key encryption, X.509 certificates, and the Secure Sockets

Layer (SSL) enables secure authentication and communication over computer

networks.

Page: 46

Documents

Cloud - Final Term-report