Cloud Computing Protection for Outsourced Record in Cloud ... ? Cloud Computing Protection for Outsourced

  • Published on

  • View

  • Download


WWW.IJITECH.ORG ISSN 2321-8665 Vol.04,Issue.08, July-2016, Pages:1303-1306 Copyright @ 2016 IJIT. All rights reserved. Cloud Computing Protection for Outsourced Record in Cloud Computing P. RAMADEVI1, N. SIDDAIAH2 1PG Scholar, Dept of CSE, SRES, Tirupathi, AP, India, E-mail: 2Assistant Professor, Dept of CSE, SRES, Tirupathi, AP, India, E-mail: Abstract: For this reason, the efficiency of question processing algorithm can fluctuate relying on the tree depth. To clear up these issues, we advocate a density-mindful information encryption scheme and a query processing algorithm for database outsourcing. Our density-conscious knowledge encryption scheme makes use of a grid index to generate clusters and transforms the customary knowledge know-how right into a bitmap. To furnish effective question processing, we use an algebraic coding headquartered hash index to minimize the information retrieval time. Eventually, in efficiency analysis, we show their question processing performance and ensures the privacy of customers, compared with the existing schemes. Coping with single cloud providers is anticipated to end up much less preferred with patrons due to risks of service availability failure and the probability of malicious insiders within the single cloud. A motion toward multi-clouds, or in other phrases, Inter clouds or cloud-of-clouds has emerged not too long ago. This paper surveys up to date research related to single and multi-cloud safety and addresses viable options. It's discovered that the study into the use of multi-cloud vendors to preserve protection has acquired much less awareness from the study group than has using single clouds. These work objectives to promote the use of multi-clouds due to its potential to slash safety dangers that influence the cloud computing consumer. Keywords: Cloud Computing, Single Cloud, Multi-Clouds, Cloud Storage, Data Integrity, Data Intrusion, Service Availability. I. INTRODUCTION To get to the bottom of these issues, we endorse a new density aware knowledge encryption scheme for spatial database Outsourcing. In our data scheme POIs are selected as anchor nodes to assemble clusters by way of utilising a histogram. The histogram can decide upon anchor nodes uniformly with the aid of due to the fact the information distribution. It implies that many anchors will also be chosen in dense subject, while relatively less number of anchors will likely be chosen in sparse field. If required, our scheme re-constructs the clusters uniformly founded on the a grid index to split or merge a cluster area with a given threshold. When a cluster has more POIs than the edge, it is split into two clusters. However, when a cluster with much less POIs than the brink can be merged with its nearest cluster. Therefore an attacker cannot infer the true knowledge distribution based on the cluster knowledge. For efficient question processing, we endorse a new question processing algorithm founded on a hash index with an algebraic coding. Our contributions may also be summarized as follows: We present a framework for delivering the confidentiality of spatial data that's outsourced to cloud computing environment. We furnish a brand new density-founded data encryption scheme to guard normal database and its distribution from an attacker and propose a k-NN question processing algorithm for the converted data. We additionally reward an broad experimental analysis of our scheme by way of making use of an actual knowledge set (e.g., North East america). This paper specializes in the disorders regarding the data protection part of cloud computing. As data and know-how will be shared with a 3rd gets together, cloud computing users wish to prevent an untrusted cloud provider. Defending personal and main knowledge, comparable to credit card details or a patients scientific records from attackers or malicious insiders is of critical importance. Furthermore, the abilities for migration from a single cloud to a multi-cloud atmosphere is examined and research involving safety issues in single and multi-clouds in cloud computing are surveyed. II. DENSITY AWARE DATA ENCRYPTION SCHEME On this section, we propose a density-aware knowledge encryption and a bitmap-based hashing scheme for processing ok nearest neighbor (NN) query. To unravel the problems of the prevailing schemes, we use a histogram to uniformly pick anchor nodes for cluster development. Then our scheme re-constructs the clusters to retailer the information into clusters uniformly. For this, we use a grid index to split or merge a cluster subject with a given threshold. When a cluster has extra aspects of interest (POIs) than the brink, it is break up into two clusters. However, for a cluster with less POIs than the threshold, it can be merged with its nearest cluster. Consequently an attacker cannot infer the distribution of actual dataset. The fundamental abilities of the proposed scheme is that our scheme constantly returns a constantsized candidate set in one communication circular. This section describes our query processing algorithm to increase the satisfactory of service (QoS) in terms of query processing time and overheads. Indicates an total query processing algorithm. First, a consumer transforms a question right into a bitmap by means of making use of the given encryption key P. RAMADEVI, N. SIDDAIAH International Journal of Innovative Technologies Volume.04, Issue No.08, July-2016, Pages: 1303-1306 from DO. Then, the consumer sends the converted query to the SP. 2nd, our algorithm retrieves distances between clusters to find the nearest cluster. If a cluster does not have enough POIs to fulfill k, then our algorithm expands the hunt subject by way of selecting the subsequent nearest anchor from the query When okay is satisfied, our algorithm calculates the hash deal with of the query and retrieves all anchors saved in the question deal with. 1/3, with a purpose to find the nearest knowledge point, we calculate the hamming distances between the modified question and candidates anchors. The Hamming distance measures the minimum number of substitutions required to alter one string into the other. III. SECURITY RISKS IN CLOUD COMPUTING Despite the fact that cloud service providers can present advantages to users, protection dangers play a main function in the cloud computing atmosphere [53]. Customers of online knowledge sharing or network amenities are aware of the abilities loss of privateness [12]. According to a latest IDC survey [16], the top assignment for 74% of CIOs in the case of cloud computing is safety. Defending exclusive and main know-how akin to credit card important points or patients clinical files from attackers or malicious insiders is of principal significance [34]. Moving databases to a large data centre entails many security challenges [55] such as virtualization vulnerability, accessibility vulnerability, privacy and manipulate problems regarding data accessed from a third occasion, integrity, confidentiality, and information loss or theft. Subashini and Kavitha [49] present some foremost security challenges, which might be knowledge storage safety, utility security, knowledge transmission security, and protection involving 1/3-party resources. Because the cloud offerings have been developed over the web, any challenge that is concerning web security will even have an impact on cloud offerings. Resources within the cloud are accessed by way of the web; consequently even supposing the cloud provider specializes in safety in the cloud infrastructure, the data continues to be transmitted to the customers via networks which may be insecure. For that reason, internet protection problems will have an impact on the cloud, with higher risks due to priceless assets saved within the cloud and cloud vulnerability. The science used in the cloud is just like the technological know-how used within the internet. Encryption techniques and secure protocols aren't ample to defend information transmission within the cloud. Knowledge intrusion of the cloud via the web by way of hackers and cybercriminals needs to be addressed and the cloud environment desires to be comfortable and private for clients [49]. Cachinet al.[12]argue that after multiple clients use cloud storage or when multiple devices are synchronized with the aid of one user, it is tricky to deal with the information corruption difficulty. One of the vital options that they [12] suggest is to use a Byzantine fault-tolerant replication protocol within the cloud. Hendricks et al. [23] state that this solution can avert information corruption brought on by way of some accessories within the cloud. However, Cachinet al. [12] declare that using the Byzantine fault- tolerant replication protocol within the cloud is unsuitable when you consider that that the servers belonging to cloud providers use the identical approach installations and are bodily placed in the equal place. According to Garfinkel[19], yet another security threat that will arise with a cloud supplier, such as the Amazon cloud provider, is a hacked password or information intrusion. If anyone positive aspects entry to an Amazon account password, they are going to be competent to entry all the accounts situations and resources. As a result the stolen password makes it possible for the hacker to erase the entire knowledge inside of any virtual computer illustration for the stolen user account, regulate it, and even disable its offerings. In addition, there is a probability for the users e-mail(Amazon consumer title) to be hacked (see [18] for a discussion of the knowledge dangers of e-mail), and given that Amazon enables a lost password to be reset by way of email, the hacker should still be ready to log in to the account after receiving the brand new reset password. This section will explain the contemporary work that has been accomplished within the discipline of multi-clouds. Bessani et al. [8] present a virtual storage cloud approach called DepSky which includes a mixture of different clouds to build a cloud-of-clouds. The DepSky system addresses the availability and the confidentiality of information in their storage system through making use of multi-cloud providers, combining Byzantine quorum system protocols, cryptographic secret sharing and erasure codes [8]. As mentioned prior, the lack of availability of service is viewed one of the crucial most important limitations in cloud computing and it has been addressed by using storing the information on a few clouds. The loss of purchaser information has brought about many problems for a lot of users such as the predicament that befell in October 2009 when the contacts, portraits, and many others. Of many users of the Sidekick carrier in Microsoft had been misplaced for several days [44]. Bessani et al. [8] use Byzantine fault-tolerant replication to store information on a number of cloud servers, so if one of the crucial cloud vendors is broken, they are nonetheless competent to retrieve information correctly. Knowledge encryption is viewed the solution with the aid of Bessani et al. [8] to address the trouble of the loss of privacy. They argue that to protect the saved knowledge from a malicious insider, users will have to encrypt data before it is stored within the cloud. As the information can be accessed by way of disbursed purposes, the DepSky approach stores the cryptographic keys in the cloud by way of utilising the secret sharing algorithm to hide the value of the keys from a malicious insider. Within the DepSky method, data is replicated in four commercial storage clouds (Amazon S3, windows Azure, Nirvanix and Rackspace); it's not relayed on a single cloud, as a result, this avoids the crisis of the dominant cloud inflicting the so-known as seller lock-in hindrance [3]. Additionally, storing 1/2 the amount of knowledge in each and every cloud in the DepSky approach is accomplished with the aid of the use of erasure codes. Hence, exchanging data between one supplier to a further will effect Cloud Computing Protection for Outsourced Record in Cloud Computing International Journal of Innovative Technologies Volume.04, Issue No.08, July-2016, Pages: 1303-1306 in a smaller price. The DepSky method goals to cut back the cost of utilizing four clouds(which is 4 instances the overhead) to twice the price of utilising a single cloud, which is a massive competencies [8]. IV. CONCLUSION It is clear that despite the fact that using cloud computing has swiftly multiplied, cloud computing security is still considered the essential challenge within the cloud computing environment. Purchasers don't want to lose their exclusive information as a consequence of malicious insiders in the cloud. Furthermore, the lack of provider availability has prompted many issues for a large number of consumers just lately. Furthermore, data intrusion results in many problems for the users of cloud computing. The cause of this work is to survey the latest study on single clouds and multi-clouds to handle the protection risks and options. We now have found that a lot research has been performed to be certain the security of the single cloud and cloud storage whereas multi clouds have bought less concentration within the discipline of protection. We help the migration to multi-clouds as a result of its potential to curb protection risks that affect the cloud computing consumer. V. REFERENCES [1](NIST), [2]I. Abraham, G. Chockler, I. Keidar and D. Malkhi, "Byzantine disk paxos: optimal resilience with Byzantine shared memory", Distributed Computing, 18(5), 2006, pp. 387-408. [3]H. Abu-Libdeh, L. Princehouse and H.Weatherspoon, "RACS: a case for cloud storage diversity", SoCC'10:Proc. 1st ACM symposium on Cloud computing, 2010, pp. 229-240. [4]D. Agrawal, A. El Abbadi, F. Emekci and A. Metwally, "Database Management as a Service: Challenges and Opportunities", ICDE'09:Proc.25th Intl. Conf. on Data Engineering, 2009, pp. 1709-1716. [5]M.A. AlZain and E. Pardede, "Using Multi Shares for Ensuring Privacy in Database-as-a-Service", 44th Hawaii Intl. Conf. on System Sciences (HICSS), 2011, pp. 1-9. [6]Amazon, Amazon Web Services. Web services licensing agreement, October3,2006. [7]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson and D. Song, "Provable data possession at untrusted stores", Proc. 14th ACM Conf. on Computer and communications security, 2007, pp. 598-609. [8]A. Bessani, M. Correia, B. Quaresma, F. Andr and P. Sousa, "DepSky: dependable and secure storage in a cloud-of-clouds", EuroSys'11:Proc. 6 th Conf. on Computer systems, 2011, pp. 31-46. [9]K. Birman, G. Chockler and R. van Renesse,"Toward a cloud computing research agenda", SIGACT News, 40, 2009, pp. 68-80. [10]K.D. Bowers, A. Juels and A. Oprea, "HAIL: A high-availability and integrity layer for cloud storage", CCS'09: Proc. 16Th ACM Conf. on Computer and communications security, 2009, pp. 187-198. [11]C. Cachin, R. Haas and M. Vukolic, "Dependable storage in the Intercloud", Research Report RZ, 3783, 2010. [12]C. Cachin, I. Keidar and A. Shraer, "Trusting the cloud", ACM SIGACT News, 40, 2009, pp. 81-86. [13]C. Cachin and S. Tessaro, "Optimal resilience for erasure-coded Byzantine distributed storage", DISC:Proc. 19th Intl.Conf. on Distributed Computing, 2005, pp. 497-498. [14]M. Castro and B. Liskov, "Practical Byzantine fault tolerance", Operating Systems Review, 33, 1998, pp. 173-186. [15]G. Chockler, R. Guerraoui, I. Keidar and M. Vukolic, "Reliable distributed storage", Computer, 42, 2009, pp. 60-67. [16]Clavister, "Security in the cloud", Clavister White Paper, 2008. [17]A.J. Feldman, W.P. Zeller, M.J. Freedman and E.W. Felten, "SPORC: Group collaboration using untrusted cloud resources", OSDI, October2010, pp. 1-14. [18]S.L. Garfinkel, "Email-based identification and authentication: An alternative to PKI?", IEEE Security and Privacy, 1(6), 2003, pp. 20-26. Security and Privacy, 1(6), 2003, pp. 20-26. [19]S.L. Garfinkel, "An evaluation of amazons grid computing services: EC2, S3, and SQS", Technical Report TR-08-07, Computer Science Group, Harvard University, Citeseer, 2007, pp. 1-15. [20]E. . Goh, H. Shacham, N. Modadugu and D. Boneh, "SiRiUS: Securing remote untrusted storage",NDSS: Proc. Network and Distributed System Security Symposium, 2003, pp. 131145. [21]G.R. Goodson, J.J. Wylie, G.R. Ganger and M.K. Reiter, "Efficient Byzantine-tolerant erasure-coded storage",DSN'04: Proc.Intl. Conf. on Dependable Systems and Networks,2004, pp.1-22. [22]E. Grosse, J. Howie, J. Ransome, J. Reavis and S. Schmidt, "Cloud computing roundtable", IEEE Security & Privacy, 8(6), 2010, pp. 17-23. [23]J. Hendricks, G.R. Ganger and M.K. Reiter, "Lowoverhead byzantine fault-tolerant storage", ACM SIGOPS symposium on Operating systems principles, 2007, pp. 73-86. [24]A. Juels and B.S. Kaliski Jr, "PORs: Proofs of retrievability for large files", CCS '07: Proc. 14th ACM Conf. on Computer and communications security, 2007, pp. 584-597. [25]S. Kamara and K. Lauter, "Cryptographic cloud storage", FC'10: Proc. 14 th Intl.Conf. on Financial cryptograpy and data security,2010, pp. 136-149. [26]H. Krawczyk, M. Bellare and R. Canetti, "HMAC: Keyed-hashing for message authentication", Citeseer, 1997, pp. 1-11. [27]P. Kuznetsov and R. Rodrigues, "BFTW 3: why? when? where? workshop on the theory and practice of byzantine fault tolerance", ACM SIGACT News, 40(4),2009, pp. 82-86. [28]L. Lamport, R. Shostak and M. Pease, "The Byzantine generals problem", ACM Transactions on Programming Languages and Systems, 4(3), 1982, pp. 382-401. [29]P.A. Loscocco, S.D. Smalley, P.A. Muckelbauer, R.C. Taylor, S.J. Turner and J.F. Farrell, "The inevitability of P. RAMADEVI, N. SIDDAIAH International Journal of Innovative Technologies Volume.04, Issue No.08, July-2016, Pages: 1303-1306 failure: The flawed assumption of security in modern computing environments", Citeseer, 1998, pp. 303-314. [30]P. Mahajan, S. Setty, S. Lee, A. Clement, L. Alvisi, M. Dahlin and M. Walfish, "Depot: Cloud storagewith minimal trust", OSDI'10: Proc. of the 9th USENIX Conf. on Operating systems design and implementation, 2010, pp. 1-16. [31]U. Maheshwari, R. Vingralek and W. Shapiro, "How to build a trusted database system on untrusted storage", OSDI'00: Proc. 4thConf. On Symposium on Operating System Design &Implementation, 2000, p. 10. [32]D. Malkhi and M. Reiter, "Byzantine quorumsystems", Distributed Computing, 11(4),1998, pp.203-213. [33]J.-P. Martin, L. Alvisi and M. Dahlin, "Minimalbyzantine storage", DISC '02: Proc. of the 16Intl.Conf. on Distributed Computing, 2002, pp. 311325. [34]H.Mei, J. Dawei, L. Guoliang and Z. Yuan,"Supporting Database Applications as a Service", ICDE'09:Proc. 25thIntl.Conf. on Data Engineering,2009, pp. 832-843. th [35]R.C. Merkle, "Protocols for public key cryptosystems", IEEE Symposium on Security andPrivacy, 1980, pp. 122-134. [36]E.Mykletun, M.Narasimha and G. Tsudik,"Authentication and integrity in outsourceddatabases", ACM Transactions on Storage (TOS),2,2006, pp. 107-138. [37]C. Papamanthou, R. Tamassia and N.Triandopoulos, "Authenticated hash tables", CCS'08: Proc. 15th ACM Conf. on Computer andcommunications security, 2008, pp. 437-448. [38]M.Pease, R.Shostak and L. Lamport, "Reachingagreement in the presence of faults", Journal of theACM, 27(2), 1980, pp. 228-234. [39]R. Perez, R. Sailer and L. van Doorn, "vTPM:virtualizing the trusted platform module", Proc.15th Conf. on USENIX Security Symposium,2006,pp. 305-320. [40]RedHat, [41]T. Ristenpart, E. Tromer, H. Shacham and S.Savage, "Hey, you, get off of my cloud: exploringinformation leakage in third-party computeclouds", CCS'09: Proc. 16thACM Conf. onComputer and communications security, 2009, pp.199-212. [42]F. Rocha and M. Correia, "Lucy in the Sky without Diamonds: Stealing Confidential Data in the Cloud", Proc. 1stIntl. Workshop of Dependability of Clouds, Data Centers and Virtual ComputingEnvironments, 2011, pp. 1-6. [43]N. Santos, K.P. Gummadi and R. Rodrigues, "Towards trusted cloud computing", USENIX Association, 2009,pp.3-3. [44]D. Sarno, "Microsoft says lost sidekick data will be restored to users", Los Angeles Times, October 2009. [45]F. Schneider and L. Zhou, "Implementing trustworthy services using replicated state machines", IEEE Security and Privacy, 3(5),2010, pp. 151-167. [46]G. Brunette and R. Mogull (eds), "Security guidance for critical areas of focus in cloud computing", CloudSecurityAlliance, 2009. [47]A. Shamir, "How to share a secret", Communications of the ACM, 22(11), 1979, pp. 612-613. [48]A.Shraer, C. Cachin, A. Cidon, I. Keidar, Y. Michalevsky and D. Shaket, "Venus: Verification for untrusted cloud storage", CCSW'10: Proc. ACM workshop on Cloud computing security workshop, 2010, pp. 19-30. [49]S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing", Journal of Network and Computer Applications, 34(1), 2011, pp 1-11. [50]Sun, s3_silent _data_corruption. [51]H. Takabi, J.B.D. Joshi and G.-J. Ahn, "Security and Privacy Challenges in Cloud Computing Environments", IEEE Security & Privacy, 8(6), 2010, pp. 24-31. [52]M. Van Dijk and A. Juels, "On the impossibility of cryptography alone for privacy-preserving cloud computing", HotSec'10: Proc. 5thUSENIX Conf. onHot topics in security, 2010, pp.1-8. [53]J. Viega, "Cloud computing and the common man", Computer, 42, 2009, pp. 106-108. [54]M. Vukolic,"The Byzantine empire in the intercloud", ACM SIGACT News, 41,2010, pp.105-111. [55]C. Wang, Q. Wang, K. Ren and W. Lou, "Ensuring data storage security in cloud computing", ARTCOM'10: Proc. Intl. Conf. on Advances in Recent Technologies in Communication and Computing, 2010, pp. 1-9.


View more >