Download
ensuring data storage security in cloud computing n.
Skip this Video
Loading SlideShow in 5 Seconds..
Ensuring data storage security in cloud computing PowerPoint Presentation
Download Presentation
Ensuring data storage security in cloud computing

Ensuring data storage security in cloud computing

254 Views Download Presentation
Download Presentation

Ensuring data storage security in cloud computing

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Ensuring data storage security in cloud computing Submitted By: ShethM.Ovesh Under the Guidance of: Asist.Prof. Ajay Kumar Sharma M.Tech

  2. A Working Definition of Cloud Computing • Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

  3. 5 Essential Cloud Characteristics • On-demand self-service • Broad network access • Resource pooling • Location independence • Rapid elasticity • Measured service

  4. Cloud Objectives -Correctness -Integrity -Flexibility -Maintainability -Accessibility -Availability

  5. SYSTEM ARCHITECTURE

  6. Existing System • Traditional cryptographic primitives for the purpose of data security protection can not be directly adopted due to the users’ loss control of data under Cloud Computing. • Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. • The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. • None of the distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited.

  7. Proposed System • we propose an effective and flexible distributed scheme with explicit dynamic data support to ensure the correctness of users’ data in the cloud. • We rely on ensure correcting code in the file distribution preparation to provide redundancies and guarantee the data dependability. • By utilizing the homomorphic token with distributed verification of ensure-coded data, our scheme achieves the storage correctness insurance as well as data error localization. • Unlike most prior works for ensuring remote data integrity, the new scheme supports secure and efficient dynamic operations on data blocks, including: update, delete and append.

  8. Windows Azure • Windows Azure is a foundation of Microsoft’s Cloud Platform for Developers • Operating System for the Cloud • Runs applications in the cloud • Provides Storage • Application Management • Developer SDK • Windows Azure ideal for applications needing • Scalability • Availability • Fault Tolerance

  9. Windows Azure Storage • Storage in the Cloud • Scalable, durable, and available • Anywhere at anytime access • Only pay for what the service uses • Exposed via RESTful Web Services • Use from Windows Azure Compute • Use from anywhere on the internet • Various storage abstractions • Tables, Blobs, Queues, Drives

  10. Windows Azure Service Architecture The Internet The Internet via TCP or HTTP Tables LB LB LB Storage Queues Web Site (ASPX, ASMX, WCF) Worker Service Web Site (ASPX, ASMX, WCF) Worker Service Web Role IIS as Host Worker Role Managed Interface Call Blobs Windows Azure Data Center

  11. Windows Azure Storage Abstractions • Blobs – Simple named files along with metadata for the file. • Tables – Structured storage. A Table is a set of entities; an entity is a set of properties • Queues – Reliable storage and delivery of messages for an application

  12. Account Container • Blob • Pages/ • Blocks Blob Storage Concepts • PIC01.JPG • Block/Page • images • VID1.AVI • PIC02.JPG • user • Block/Page • videos

  13. Table Storage Concepts Account Table Entity Name =… Email = … customers Name =… EMailAdd= … user Photo ID =… Date =… photos Photo ID =… Date =…

  14. Queue Storage Concepts Message Queue Account customer ID order ID http://… order processing user customer ID order ID http://…

  15. Cloud Computing Security

  16. Security is the Major Issue

  17. Module1:Ensuring Cloud Data Storage Key Server K1 Msg=Msg-Key Message=Message + Key Server Client K2 Client

  18. RC4 Algorithm • RC4 is a stream cipher, symmetric key algorithm. The same algorithm is used for both encryption and decryption as the data stream is simply XORed with the generated key sequence. The key stream is completely independent of the plaintext used. • Stream cipher is one of the simplest methods of encrypting data where each bit of the data is sequentially encrypted using one bit of the key One bit of Plain text One bit of Ciphering Key m[i] Kc[i] Keystream generator Kc C[i] Ciphering Key One bit of cipher text

  19. Steps of RC4 Algorithm The steps for RC4 encryption algorithm is as follows: • Get the data to be encrypted and the selected key. • Create two string arrays. • Initiate one array with numbers from 0 to 255. • Fill the other array with the selected key. • Randomize the first array depending on the array of the key. • Randomize the first array within itself to generate the final key stream. • XOR the final key stream with the data to be encrypted to give cipher text.

  20. Initial with number From 0 to 255 Fill with chosen key Sbox1 Sbox2 Systematic Randomization Systematic Randomization Final Key Stream XOR Plain/Cipher Text Cipher/Plain Text

  21. Module 2:Correctness Verification and Error Localization Error Encoding Decoding Client Server

  22. CRC Algorithm for Encoding and Decoding • The cyclic redundancy check, or CRC, is a technique for detecting errors in digital data, but not for making corrections when errors are detected. • It is used primarily in data transmission. In the CRC method, a certain number of check bits, often called a checksum, are appended to the message being transmitted. The receiver can determine whether or not the check bits agree with the data, to ascertain with a certain degree of probability whether or not an error occurred in transmission. • If an error occurred, the receiver sends a “negative acknowledgement” (NAK) back to the sender, requesting that the message be retransmitted.

  23. Encoder and decoder for simple cyclic Redundancy Check

  24. Module3:Providing Dynamic Data Operation Support insert update view Server

  25. CONCLUSION • To ensure the correctness of users’ data in cloud data storage, we proposed an effective and flexible distributed scheme with explicit dynamic data support, including block update, delete, and append. • By utilizing the homomorphic token with distributed verification of erasure coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., whenever data corruption has been detected during the storage correctness verification across the distributed servers, we can almost guarantee the simultaneous identification of the misbehaving server(s).

  26. THANK YOU FOR YOUR TIME 