You are on page 1of 11

Ensuring data storage security in cloud computing

INTRODUCTION
Cloud computing is the delivery of computing as a service rather than a product, where by shared resources, software and information are provided to computer and other devices as a utility (like the electricity grid) over the network(typically the internet). Cloud computing provides computation, software, data access and storage services that do not require the end user knowledge of the physical location and configuration of the system that delivers the services. The concept of cloud computing fills a perpetual need of IT, a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel on licensing new software. Cloud computing has been envisioned as the next generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper, physical, logical and personnel controls, cloud computing moves the application software and data bases to the large data centres, where the management of data and services may not be fully trustworthy. This unique attribute, however, poses many security challenges, In this project, we focus on cloud data storage security which has been an important aspect of quality of services.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

Several trends are opening up the era of cloud computing which is an internet based development and use of computer technology. The ever cheaper and more powerful processors together with the software as a service (SaaS) computing architecture are transforming data centres into pools of computing service on a huge scale. Moving data into the cloud offers great convenience to the users since they dont have to care about complexities of hardware management. The pioneers of cloud computing vendors, Amazon Simple Storage Service and Amazon Elastic Compute Cloud are well known examples, while these Internet based online services do provide huge amounts of storage space and customizable computing resources, this computing platform shift, however, is eliminating the responsibility of local machines for the data maintenance at the same time. As a result, users are at the mercy of their cloud services providers for the availability and the integrity of the data.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

LITERATURE SURVEY

Understanding the concept of security systems in cloud computing, which is an important aspect of Quality of Service. 1. Cloud Computing and lessons from the past: The skyrocketing demand for a new generation of cloud-based consumer and business applications is driving the need for next generation of data centres that must be massively scalable, efficient, agile, reliable and secure. We see a parallel between the state of the data centers today and the evolution of the Intelligent Network (IN) infrastructure in telecommunication. The telecommunications networks have for many years, demonstrated their ability to reliably enable network (voice) services creation, assurance and delivery on a massive scale. Based on an analysis of the Intelligent Networks in telecommunications to identify proven concepts and key lessons that can be applied to enable next generation IT In order to scale cloud services reliably to millions of service developers and billions of end users the next generation cloud computing and datacenter infrastructure will have to follow an evolution similar to the one that led to the creation of scalable telecommunication networks. In the future network-based cloud service providers will leverage virtualization technologies to be able to allocate just the right levels of virtualized compute, network and storage resources to individual applications based on real-time business demand while also providing full service level assurance of availability, performance and security at a reasonable cost. A key component - identified in this paper as the Virtual Resource Mediation Layer (VRML), must be developed through industry collaboration to enable interoperability of various public and private clouds. This layer will form the basis for ensuring massive scalability of cloud infrastructure by enabling distributed service creation, service delivery and service assurance without any single vendor domination.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

The next generation virtualization technologies must allow applications to dynamically access CPU, memory, bandwidth and storage (capacity, I/O and throughput) in a manner similar to that of the telecommunications 800 Service Call Model1 with one level of indirection and mediation. The next generation cloud evolution is a fundamental transformation and not just an evolutionary stack of XaaS implementations, which will enable global service collaboration networks utilizing optimally distributed and managed computing, network and storage resources driven in realtime by business priorities. In this paper, current trend in cloud computing has been analysed and compared with telecommunications intelligent network. Our survey confirms that businesses are indeed challenged most by the need to effectively manage the increased complexity in todays data centres, where at the same time keeping network running smoothly and power consumption costs down. 2. Ensuring data storage security in cloud computing : Cloud Computing has been envisioned as the next generation architecture of IT Enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, Cloud Computing moves the application software and databases to the large data centres where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users data in the cloud, we propose an effective and flexible distributed scheme with two salient features, opposing to its predecessors. By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server(s). Unlike most prior works, the new scheme further supports secure and efficient dynamic operations on data blocks, including: data update, delete

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

and append. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks. In this paper, we investigated the problem of data security in cloud data storage which is essential in a distributed storage system. We believe that the data security in cloud computing, an area full of challenges and of paramount importance, is still in its infancy now and many research problems are yet to be identified. 3. Security storage in cloud computing : A RSA based assumption , data integrity check without original data : Data integrity is the data that has a complete or whole structure. All characteristics of the data including business rules, rules for how the pieces of data relate, dates, and definitions of the data must be correct for data to be complete. Data integrity check is an important way to ensure data integrity. In cloud computing, the management of the data and the services may not be fully trustworthy. It brings in many security challenges, such that it has become crucial for an archive service to be capable of providing evidence to demonstrate the integrity of the data stored in it. In this paper we study the problem of ensuring the integrity of data storage in cloud computing, and a new data integrity check scheme is proposed based on the well known RSA security assumption. The obvious advantage of our scheme is that client need not to keep the copy of the data so, it indeed relieves the storage burden in the client. This scheme cannot realize the dynamics data for remote data integrity check.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

4. Enabling public audibility and data dynamics for storage security in cloud computing : Cloud Computing has been envisioned as the next-generation architecture of IT Enterprise. It moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. This unique paradigm brings about many new security challenges, which have not been well understood. This work studies the problem of ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the dynamic data stored in the cloud. The introduction of TPA eliminates the involvement of the client through the auditing of whether his data stored in the cloud are indeed intact, which can be important in achieving economies of scale for Cloud Computing. The support for data dynamics via the most general forms of data operation, such as block modification, insertion, and deletion, is also a significant step toward practicality, since services in Cloud Computing are not limited to archive or backup data only. While prior works on ensuring remote data integrity often lacks the support of either public auditibility or dynamic data operations, this paper achieves both. We first identify the difficulties and potential security problems of direct extensions with fully dynamic data updates from prior works and then show how to construct an elegant verification scheme for the seamless integration of these two salient features in our protocol design. In particular, to achieve efficient data dynamics, we improve the existing proof of storage models by manipulating the classic Merkle Hash Tree construction for block tag authentication. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multiuser setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis show that the proposed schemes are highly efficient and provably secure.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

In this paper, we explored the problem of providing simultaneous public audibility and data dynamics for remote data integrity check in cloud computing. Our construction is deliberately designed to meet the above two important goals, while efficiency being kept closely in mind. Existing system : From the perspective of data security which is always been an important aspect of quality of service, cloud computing inevitably poses new challenging security threats for number of reasons.

Firstly, traditional cryptographic primitives for the purpose of data security protection cannot be directly adopted due to the users loss of control over the data under cloud computing. Therefore, the verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the cloud and demand of the long term assurance of their data safety, the problem of verifying correctness becomes even more challenging.

Secondly, cloud computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering etc.. To ensure storage correctness under dynamic data update is of paramount importance. These techniques which can be useful to ensure the storage

correctness without having users possessing the data, cannot address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As a complementary approach, researchers have also proposed distributed protocols for ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

PROPOSED METHOD
In this scheme, we propose an effective and flexible distributed scheme with the explicit dynamic data support to ensure the correctness of users data in the cloud. We rely on the erasure correcting code in the file distribution preparation to provide the redundancies and guarantee the data dependability. This construction drastically reduces the communication and the storage overhead as compared to the traditional replication based file distribution techniques. By utilizing the homomorphic token with the distributed verification of erasure coded data, our scheme achieves the storage correctness as well as data error localization, whenever data corruption has been detected during the storage correctness verification, our scheme can almost guarantee the simultaneous localization of data errors, i.e. identification of misbehaving servers.

Compared to many of its predecessors, which only provide binary results about the storage state across the distributed servers, the challenge response protocols in our work further provides localization of data errors. Unlike most prior works for ensuring remote data integrity, the new scheme supports secure and efficient dynamic operations on data blocks including update, delete and append. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against byzantine failure, malicious data modification attack and even server colluding attacks.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

System Architecture:

A representative network architecture for cloud data storage is illustrated in the above figure, Three different entities can be identified as follows, User: User who have data to be stored in the cloud and rely on cloud for the data computation, consists of both individual customers and organizations.

Cloud Service Provider (CSP): A CSP who has a significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live cloud computing systems. Third Party Auditor (TPA): An additional TPA who has expertise and capabilities that users may not have, is trusted to asses and expose risk of cloud storage services upon request.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

APPLICATIONS

Clients would be able to access their applications and data from


anywhere at any time. They could access the cloud computing system using any computer linked to the Internet. The concept of cloud computing fills the perpetual needs of IT, a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel on licensing new software. Data protection and integrity : Enterprises want transparent solutions that protect their data while making it accessible, cloud providers can respond with a strong governance process, operational security process and security solutions that preserve confidentiality, integrity and availability during data storage. Prevent targeted attacks : Cloud providers have to respond with technologies and human screening tactics that can defend against all attacks. Security consulting and threat analysis can help cloud providers ensure that security solutions and operational tools are in place to help customers detect the targeted attacks. Corporations that rely on computers have to make sure they have the right software in place to achieve goals. Cloud computing systems give these organizations company-wide access to computer applications. The companies don't have to buy a set of software or software licenses for every employee. Instead, the company could pay a metered fee to a cloud computing company. Uninterrupted attacks : When it comes to cloud computing security, enterprises and cloud providers share the same base expectation: that no threat will damage their respective businesses. Cloud providers that work with enterprises and to understand their security requirements, and can automate orchestrate security management monitoring

capabilities, create meaningful secure and safe place to do business.

Department of Information Science & Engineering

Ensuring data storage security in cloud computing

REFERENCES
[1] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing, Proc. 14th European Symp. Research in Computer Security (ESORICS 09), pp. 355-370, 2009. [2] C. Wang, Q. Wang, K. Ren, and W. Lou, Ensuring Data Storage Security in Cloud Computing, Proc. 17th Intl Workshop Quality of Service (IWQoS 09), 2009. [3] Dr.Rao mikkilineni and vijay sarathyi, Cloud computing and the Lessons from the past at 2009 18th IEEE International workshop on Enabling technologies : Infrastructure for collaborative enterprises. [4] Zhang jianhong and chen hua , Security storage in cloud computing : A RSA based assumption data integrity check without original data at 2010 International conference on educational and informational technology.

Department of Information Science & Engineering

You might also like