Ensuring data storage security in cloud computing Submitted By: ShethM.Ovesh Under the Guidance of: Asist.Prof. Ajay Kumar Sharma M.Tech
A Working Definition of Cloud Computing • Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
5 Essential Cloud Characteristics • On-demand self-service • Broad network access • Resource pooling • Location independence • Rapid elasticity • Measured service
Cloud Objectives -Correctness -Integrity -Flexibility -Maintainability -Accessibility -Availability
Existing System • Traditional cryptographic primitives for the purpose of data security protection can not be directly adopted due to the users’ loss control of data under Cloud Computing. • Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. • The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. • None of the distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited.
Proposed System • we propose an effective and flexible distributed scheme with explicit dynamic data support to ensure the correctness of users’ data in the cloud. • We rely on ensure correcting code in the file distribution preparation to provide redundancies and guarantee the data dependability. • By utilizing the homomorphic token with distributed verification of ensure-coded data, our scheme achieves the storage correctness insurance as well as data error localization. • Unlike most prior works for ensuring remote data integrity, the new scheme supports secure and efficient dynamic operations on data blocks, including: update, delete and append.
Windows Azure • Windows Azure is a foundation of Microsoft’s Cloud Platform for Developers • Operating System for the Cloud • Runs applications in the cloud • Provides Storage • Application Management • Developer SDK • Windows Azure ideal for applications needing • Scalability • Availability • Fault Tolerance
Windows Azure Storage • Storage in the Cloud • Scalable, durable, and available • Anywhere at anytime access • Only pay for what the service uses • Exposed via RESTful Web Services • Use from Windows Azure Compute • Use from anywhere on the internet • Various storage abstractions • Tables, Blobs, Queues, Drives
Windows Azure Service Architecture The Internet The Internet via TCP or HTTP Tables LB LB LB Storage Queues Web Site (ASPX, ASMX, WCF) Worker Service Web Site (ASPX, ASMX, WCF) Worker Service Web Role IIS as Host Worker Role Managed Interface Call Blobs Windows Azure Data Center
Windows Azure Storage Abstractions • Blobs – Simple named files along with metadata for the file. • Tables – Structured storage. A Table is a set of entities; an entity is a set of properties • Queues – Reliable storage and delivery of messages for an application
Account Container • Blob • Pages/ • Blocks Blob Storage Concepts • PIC01.JPG • Block/Page • images • VID1.AVI • PIC02.JPG • user • Block/Page • videos
Table Storage Concepts Account Table Entity Name =… Email = … customers Name =… EMailAdd= … user Photo ID =… Date =… photos Photo ID =… Date =…
Queue Storage Concepts Message Queue Account customer ID order ID http://… order processing user customer ID order ID http://…
Module1:Ensuring Cloud Data Storage Key Server K1 Msg=Msg-Key Message=Message + Key Server Client K2 Client
RC4 Algorithm • RC4 is a stream cipher, symmetric key algorithm. The same algorithm is used for both encryption and decryption as the data stream is simply XORed with the generated key sequence. The key stream is completely independent of the plaintext used. • Stream cipher is one of the simplest methods of encrypting data where each bit of the data is sequentially encrypted using one bit of the key One bit of Plain text One bit of Ciphering Key m[i] Kc[i] Keystream generator Kc C[i] Ciphering Key One bit of cipher text
Steps of RC4 Algorithm The steps for RC4 encryption algorithm is as follows: • Get the data to be encrypted and the selected key. • Create two string arrays. • Initiate one array with numbers from 0 to 255. • Fill the other array with the selected key. • Randomize the first array depending on the array of the key. • Randomize the first array within itself to generate the final key stream. • XOR the final key stream with the data to be encrypted to give cipher text.
Initial with number From 0 to 255 Fill with chosen key Sbox1 Sbox2 Systematic Randomization Systematic Randomization Final Key Stream XOR Plain/Cipher Text Cipher/Plain Text
Module 2:Correctness Verification and Error Localization Error Encoding Decoding Client Server
CRC Algorithm for Encoding and Decoding • The cyclic redundancy check, or CRC, is a technique for detecting errors in digital data, but not for making corrections when errors are detected. • It is used primarily in data transmission. In the CRC method, a certain number of check bits, often called a checksum, are appended to the message being transmitted. The receiver can determine whether or not the check bits agree with the data, to ascertain with a certain degree of probability whether or not an error occurred in transmission. • If an error occurred, the receiver sends a “negative acknowledgement” (NAK) back to the sender, requesting that the message be retransmitted.
Module3:Providing Dynamic Data Operation Support insert update view Server
CONCLUSION • To ensure the correctness of users’ data in cloud data storage, we proposed an effective and flexible distributed scheme with explicit dynamic data support, including block update, delete, and append. • By utilizing the homomorphic token with distributed verification of erasure coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., whenever data corruption has been detected during the storage correctness verification across the distributed servers, we can almost guarantee the simultaneous identification of the misbehaving server(s).
THANK YOU FOR YOUR TIME