Professional Documents
Culture Documents
I. INTRODUCTION Cloud Computing lets us use Files or Applications over Internet from anywhere. Its main feature is its ability to scale up to serve as many as millions of simultaneous users or scale down to very few users. This feature enables small organisations to compete with giants in terms of quality of service and cost. It has reduced a major part of their Fixed Capital. Another feature of cloud is Virtualization. This leads to abstraction of details from users. Particularly in Cloud Storage the whereabouts of data remains secret to users. And outsourcing of data processing is also common. Cloud Storage is an emerging service model for remote data backup and synchronization. The data here is spread across multiple cloud servers and has no geographical barrier. The details of who can access the data and its physical location remains unknown. Storing sensitive data on such a virtualised and outsourced environment brings inherent loss of control to users data. To alleviate the users concern we proposed Image Security Framework. It focuses on the security of the image data. In particular it focuses on protecting sensitive images where its loss would incur huge financial loss or render a creative work pirated. To date there has been very little work done for securing images on cloud. The images could be Photographs or digitalised Art work.
There are different kinds of cloud storage available for photographers/Artists today. Popular websites like Smugmug and Flickr use Public Web-based cloud Storage where the images are uploaded via browser and the files become available through Web Interface. Services like Dropbox and LiveMesh uses local folder synchronization method that monitors content change on a configured folder to initiate synchronization. Differing from the approaches of many of those websites we use the concept of Self Defending Object (SDO) to secure the image. SDO is an extension to the Object-Oriented Programming Paradigm. It is used to enhance the security provided by OOP approach. As defined by John Holford SDO can be any object in an Object-Oriented program that encapsulates securitysensitive resources, made aware of, and take responsibility of defending those resources from access by unauthorised entity. We support distributed Access Control List to specify which group of users can access the image and the level of access. We maintain 3 levels of access. Restricted, Free and Paid Access. Images with restricted access will be available only to certain countries. Free access will be given to anyone who registers. Paid access will be given only to paid users and resized quality reduced image will be displayed before buying. We also log the usage of the data for auditing purpose. II. RELATED WORK PeerReview: In a related paper an author has described Peer Review, a system that provides accountability in distributed system. PeerReview ensures that Byzantine faults whose effects are observed by a correct node are eventually deleted and irrefutably linked to a faulty node. At the same time, PeerReview ensures that a correct node can always defend itself against false accusations. Another author has proposed Privacy Manager for cloud, reduces the risk to the cloud computing user of their private data being stolen or misused, and also assists the cloud service
ISSN: 2231-2803
http://www.internationaljournalssrg.org
Page 387
ISSN: 2231-2803
http://www.internationaljournalssrg.org
Page 388
V. CONCLUSIONS Security is never a destination it is a continuous journey. Every day we find a huge amount of data go missing around the globe. With the advent of Cloud, more sensitive data have started to come out of personal desktops and gets stored in a relatively untrusted environment. In this paper, we have presented a solution to safeguard the images on cloud and how the Self Defending Object can be used to enhance the existing security models. SDO remains immune against a wide range of attacks and provides comprehensive protection. It can be used in a wide range of security sensitive applications. A good amount of time invested on researching SDOs can bring a lot more to the field of information security. REFERENCES
[1] R. Bose and J. Frew, Lineage Retrieval for Scientific Data Processing: A Survey, ACM Computing Surveys, vol. 37, pp. 128, Mar. 2005 P.T. Jaeger, J. Lin, and J.M. Grimes, Cloud Computing and Information Policy: Computing in a Policy Cloud?, J. Information Technology and Politics, vol. 5, no. 3, pp. 269-283, 2009. R. Jagadeesan, A. Jeffrey, C. Pitcher, and J. Riely, Towards a Theory of Accountability and Audit, Proc. 14th European Conf. Research in Computer Security (ESORICS), pp. 152-167, 2009. J. Park and R. Sandhu, Towards Usage Control Models: Beyond Traditional Access Control, SACMAT 02: Proc. Seventh ACM Symp. Access Control Models and Technologies, pp. 57-64, 2002.
To store the Image Information, Authentication Data and Access Log a centralized database is used. However, the password required to decrypt the image requires information from Database as well as the users Password. The password is not saved anywhere. We use JAAS to improve overall security of the SDO. JAAS is a pluggable security framework best suited for Self Defending Object in a distributed environment such as cloud.
[2]
[3]
[4]
ISSN: 2231-2803
http://www.internationaljournalssrg.org
Page 389
[6]
[10]
[7]
[11]
[8]
D.J. Weitzner, H. Abelson, T. Berners-Lee, J. Feigen-baum, J. Hendler, and G.J. Sussman, Information Accountability, Comm.ACM, vol. 51, no. 6, pp. 82-87, 2008. [12] M.C. Mont, S. Pearson, and P. Bramhall, Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services, Proc. Intl Workshop Database and Expert Systems Applications (DEXA), pp. 377-382, 2003. [13] F. Martinelli and P. Mori, On Usage Control for Grid Systems, Future Generation Computer Systems, vol. 26, no. 7, pp. 1032-1042,2010. [14] JAR Files Revealed http://www.ibm.com/developerworks/library/jjar/ [15] The Conept of Self-Defending Objects and the Development of Security Aware Applications. By John William Holford. [16] Radha Jagadeesan, Alan Jeffrey, Corin Pitcher, James Riely. "Towards a theory of accountability and audit".School of Computing, DePaul University Bell Labs, AlcatelLucent. [17] [18] Anne Anderson, "Java Access Control Mechanisms". Xinyu Feng, Zhaozhong Ni, Zhong Shao, Yu Guo, "An Open Framework for Foundational Proof-Carrying Code".
[19] Flickr, http://www.flickr.com/, 2012. [20] J.W. Holford, W.J. Caelli, and A.W. Rhodes, Using SelfDefending Objects to Develop Security Aware Applications in Java, Proc. 27th Australasian Conf. Computer Science, vol. 26,pp. 341-349, 2004. [21] R. Corin, S. Etalle, J.I. den Hartog, G. Lenzini, and I. Staicu, A Logic for Auditing Accountability in Decentralized Systems, Proc. IFIP TC1 WG1.7 Workshop Formal Aspects in Security and Trust,pp. 187-201, 2005. [22] R. Kailar, Accountability in Electronic Commerce Protocols, IEEE Trans. Software Eng., vol. 22, no. 5, pp. 313-328, May 1996.
ISSN: 2231-2803
http://www.internationaljournalssrg.org
Page 390