analysis on data security in cloud computing-a survey

International Conference on Computing and Intelligence Systems Volume: 04, Special Issue: March 2015 Pages: 1281 – 1284 ISSN: 2278-2397

International Journal of Computing Algorithm (IJCOA) 1281

Analysis on Data Security in Cloud Computing-A Survey

S. Periyanatchi1, K. Chitra2

1Research Scholar, Bharathiyar University, Coimbatore. 2Asst. Professor, Dept of Computer Science,Government Arts College, Melur.

Email:[email protected], :[email protected]

Abstract-In Cloud, the data are accessed through Virtual Machines. Security in cloud computing is serious issue as the data centers are located worldwide. Developments efforts to improve Cloud data security have been put forth by both Industry and academia. This paper focuses on statistical analysis of various data security techniques on Cloud Computing as it creates a large number of security issues.

Keywords: Cloud Computing, Virtual Machine, Data security, Encryption

I. INTRODUCTION Cloud computing technology has revolutionized

large volume of data storage and access of data from anywhere around the world.Cloud Computing offers services and resources are accessed and retrieved from web. Cloud computing allows centralized data storage and theresources, applications as utilities are accessed through online by deploying group of remote servers and Networks.Cloud deployments models are categorized as Public Cloud, Private Cloud, Hybrid Cloud and Community Cloud model. Cloud computing defined by the National Institute of Standards and Technology (NIST), is “A model for enabling ubiquitous, convenient, on-demandnetwork access to a shared pool of configurable computingresources (e.g., storage, applications,networks, servers and services) that can be rapidly provisioned andreleased with minimal management effort or service providerinteraction”.[1] Data which is stored in cloud can be accessed from multiple distributed and shared resources. The benefits of cloud storage include better accessible, reliability, protection, backup and recovery. Cloud Computing is widely used for number of reasons either directly or indirectly which includes cost reduction, Flexibility, Universal access. Cloud computing increases the capacity in low cost without any investments on new technology, training new persons. Security issue is the major challenge in Cloud Computing.As the data is sensitive information, the data owners do not move the information to the cloud unless confidentiality and privacy is guaranteed.Data Query services, is an interesting solution for scalability and cost saving during deployment of Public cloud infrastructures [2].

In section 2 Different categories of Cloud storage are discussed. Section3 describes Cloud services delivery model. Section 4 Security issues in Cloud computing. In section 5 Analysis of techniques are

discussed on data security in Cloud computing. Finally it’s concluded by conclusion in section 6.

II. CATEGORIES OF CLOUD STORAGE A different category of cloud storage includes

Public, Private and hybrid cloud storage. 1)Public Cloud Storage

Dynamic sharing of resources over the internet is done on fine-grained, self service. It is through web based from a third party provider who shares the resources. Compared to other Cloud models Public cloud are less secure, since any one can access the data over the web. Also it spaces added load of ensuring data access and applications on the Public Cloud which is not subject to malicious attacks.The services are rendered over the network and can be accessed by the public. Security issues in Public cloud are taken care by service provider. Amazon AWS,Microsoft and Google own are various service providers of Public cloud.

Fig. 1: Types of Cloud Computing 2) Private Cloud Storage

Cloud storage is meant for single organization whether managed internally or by third party. They have infrastructure in enterprise data centre that is typicallymanaged by the storage provider, which provides security and performance. Cloud vendors pool the scalable resources and applications so that in Private Cloud users can flexibility share and use it. They function similar to an intranet within an organization. Unauthorized persons can’t access the data and share the resources. Due to this security the private cloud is more secure when compared the Public cloud.



3) Hybrid Cloud Storage Hybrid Cloud is the combination of Private,

Community and Public cloud services from different service providers. They provide easy file access, remote backup and reduces the costs.All the data over the net is accessed more securely in Hybrid Cloud. Hybrid cloud has complete control of data and portrays configurations of devices which include plug system with Cloud computing services.Data and application portability are permitted by standardized and proprietary technology(e.g., cloud for load balancing between clouds)[1].

III. CLOUD SERVICES DELIVERY MODEL Cloud computing is a formto enable ondemand

access to public pool of compute resources e.g. server, application andservice. Server is not directly connected , the needed resources are retrieved from the Internet though web-based tools and applications. The Cloud services are categorized into three delivery models as follows A) Infrastructure as a service (IaaS)

Cloud services that deliverinfrastructure resources as service is known as Infrastructure as a Service.Manages the OS, storage, apps, selected network component. They do not manage or control the infrastructure, consumer can get access to the infrastructure. It is also referred as resource cloud.They allow various degrees of economic and functional flexibility where the adding and releasing of resources are computed quickly and cost effectively than the internal data center or with collocation service [3]. B)Software as a Service (SaaS)

SaaS Services includes software, Hardware and support. SaaS implements business apps and hosted in cloud infrastructure. SaaS providers convey domainspecific applications or services over the Internet and charge end users on a payperusage basis.SaaS support web services, Service oriented architecture and other new development tools. Architecture is mainly designed to support concurrent users[3]. C) Platform as a Service (PaaS) PaaS is a set of software and improvement tools hosted on the providers servers. PaaS may be a set of programming pack and change instruments encouraged on the supplier'sServers. It lies upon IaaS layer on the stack and summarizes Software engineering lifecycle. The use of virtual machines act as a channel in the PaaS layer.In Cloud computing,Severe malicious attacks occurs, hence Virtual machines must be protected fromsuch attacks[3].Hence secure authentication must be maintained while transferring data through the data in networking channelis a significant method.

Fig. 2: Cloud Services Delivery Model

IV. SECURITY ISSUES IN CLOUD COMPUTING

A. Data Security Could compute do come with the pitfalls.

Different Cloud providers store the data in different ways. The creation of distributed cloud has more challenges to be solved. 1) Confidentiality

Confidentiality is concerned with user’s confidential data which should not be accessed by unauthorized persons. As the data access from cloud is done by service providers, it depends on the users concern whether to disclose the information to the service provider or not. Possibility of datathreat compromise incloud increases access points due to the increased number of users, devices and applications.User authentication is associated with Data confidentiality. For the overall security of the Cloud software confidentiality is as significant as Data confidentiality 2) Privacy

Disclosing the personal information is controlled by the person for privacy. Organizations dealing with personal data are required to obey to a country’s legal framework that ensures appropriate privacy and confidentiality protection. 3) Integrity

A key aspect of Information Security is integrity.Protecting data from unauthorized person, deletion and modification is called Data Integrity.A cloud computing provider is trusted to maintain data integrity and accuracy.Protecting the software from unauthorized manipulations such as deletion, modification and theft are known as software Integrity. 4) Availability

Availability refers access and usage of system based on users requirement. System need to store process the data and ensures that it prevents denial of attack services.



V. DATA SECURITY TECHNIQUES A. Random Space Perturbation

Huiqi Xu et al.[3] proposes the random space perturbation (RASP) method to provide protected and resourceful range query and kNN query services for protected data in the cloud. In order to provide resilience to attack on the data and queries the proposed algorithm RASP combines order preserving encryption, dimensionality expansion, random noise injection, and random projection. B. Two Round Searchable Encryption

Jiadi Yu et al.[4]proposes Security necessities of multikeyword top-k retrieval over the encrypted cloud data are fulfilled by Homomorphic encryption by using Two round searchable Encryption.The experimental results prove that evaluation over the real data set provides better andpractical efficiency. The proposed TRSE algorithm guarantees data privacy. C. Cipher text policy attribute-based encryption

Junbeom Hur[5]Cipher text policy attribute-based encryption (CP-ABE) anefficient cryptographic solution todata sharing system is the enforcement of updates for access policies and the support policies. When the data is to be distributed on the network the data vendor can describe their own access policies over attributes and data.

Key is issued in the method which removes the escrow during key generation.Private keys cannot be derived. Separately as the secret keys are generated through two party computation. Thus, the privacy and confidentiality are developed in the datasharing system against the unauthorized persons. D. key-Policy attribute-based encryption with time-

specified attributes Jinbo Xiong et al. [6] Access control becomes a

challenging task as full lifecycle privacy security is notpossible to implement.Issue arises when we share sensitive data’s on cloud servers. Hence a key-policy attribute-based encryption with time-specified attributes (KP-TSABE) a newprotected data self-destructing scheme in cloud computing.Using l-bilinear Diffie-Hellman inversion its been proved that data is more secured. E.Key-Policy Attribute Based Encryption

Goyal, V et al. [7]KP-ABE technique is proposed which is modified version of Attribute Based Encryption. Attribute policies and data are associated with keysand attributes respectively. Most of the computational overheads are reduced when an enhanced version of ABE is used. KP-ABE is particularly implemented for one to many communications with public key encryption technique.

After the message encryption using a symmetric data encryption key, once again the message is encrypted using public key with a set of attributes. This attributes for the message is stored in the cloud satisfy the access and finally they are decrypted.

F. RSA Algorithm Parsi Kalpana ,et al. [8].To ensure the security of

data, they proposed a method by implementing RSAalgorithm. Since it is a block cipher, in which every message islinked to an integer. RSA consists of Public-Key and Private-Key.

Public key is common key and any one can access the key where as private key is known only to the data owner. Once the encryption is done with public key, then decryption is done by the user who owns the private key. Hence the authorized person only can access the data in the cloud environment using RSA algorithm G.AROcrypt Algorithm

Arockiam,et al.[9] paper proposed a new cryptographic technique named AROcrypt to address thesecurity problems in cloud storage. This AROcrypt technique is provided through SEaaS model. Encrypted data are stored on storage server while secret keys are retained by data owner and access to the user is granted by issuing the corresponding decryption keys. AROcrypt technique is based on a symmetric encryption technique. The data are encrypted before they are forwarded to the cloud storage. Hence, in this paper a new confidentiality technique has been proposed and implemented.

H.AES, Blowfish, DES, RSA Algorithm Rachna Arora et al. [10] proposes a comparison between AES, Blowfish, DES and RSA algorithm with respect to time, memory requirement, encryption time and memory size.AES algorithm uses least time to execute cloud data. Blowfish algorithm has least memory requirement. DES algorithm consumes least encryption time. RSA consumes longest memory size and encryption time.

I. ASIF Encryption Algorithm Asif Mushtaqueet al. [11] proposes a Hybrid approach for data security in Cloud computing. ASIF EncryptionAlgorithm is best because it provides better security and reduces space complexity in comparison to related algorithms. The most important feature of thisencryption algorithm is that it is impossible to crack thisalgorithm without knowledge of original key value because the internal key generation function is based on key entered by user.For compression the existing method is used and to encrypt we used our own encryption algorithm. All these existing algorithms require extra space for encrypted data but ASIFEA does not require any extra space.



TABLE 1: SCOPE AND ADVANTAGES OF EXISTING METHODS

METHOD SCOPE ADVANTAGES

RASP

Provide secure and efficient

range query and kNN query services for

protected data.

Data efficiency and security

TRSE

To employ vector space and Homomorphic

Encryption

Information leakage is eliminated and data security is

ensured

CP-ABE

Key issuingmechanism that removes

key escrow during thekey

generation.Private keyscannot be

derived by curious key

generation and data storing

centre.

Enhances data privacy and

confidentiality in the datasharing system

KP-TSABE

A privacy security to be implemented,

by using l-bilinear Diffie-

Hellman inversion

Self-Destructing scheme to secure

data

KP-ABE

A public key encryption methodis

designed for one-to-many

communications

Reduce most of the computational over-

head to cloud servers.

RSA

To provide data security

Intruder can’t decrypt the original

data

AROCrpyt

Symmetric Encryption

algorithm uses ASCII values to

process the plain text to cipher text

Maximum security and better

performance than DES,3DES and

Blowfish

AES,Blowfish, DES,RSA

Data loss, segregation and

privacy are eliminated

during accessing web

application

AES-Least execution time, Blowfish-least

memory requirement,DES-

least encryption time and RSA-Consumes

longest time

ASIF

Data compression to

reduce the original size

and encrypt the data

Space complexity

VI. CONCLUSION

Cloud computing is recent emerged technology that has revolutionized the storage of large volume of data. Security issues are the major challenging issue in Cloud computing. Various data security algorithms are discussed in the above section. Examining the major security challenges for cloud providers and their clients, and this paper further is extended by guidelines for the implementation of data security ontrols that are based on recognized security frameworks and industry best practices.

REFERENCES [1] Chitra.K, Jeevarani.B, Study on Basically Available, Scalable

and Eventually Consistent NOSQL Databases, International Journal of Advanced Research in Computer Science and Software Engineering 3 (4), July - 2013, pp. 1-5.

[2] http://www.ijarcsse.com/docs/papers/Volume_3/7_July2013/V3I7-0173.pdf.

[3] Chitra.K, Jeevarani.B,DES: Dynamic and Elastic Scalability in Cloud Computing Database Architecture, (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 5, No. 1, 2014, http://thesai.org/Downloads/Volume5No1/Paper_24-DES_Dynamic_and_Elastic_Scalability_in_Cloud%20_Computing_Database_Architecture.pdf.

[4] Mell P, Grance T,” The NIST definition of Cloud Computing. NIST, Special Publication”, 2011.

[5] Kuyoro S. O., Ibikunle F. & Awodele O, “Cloud Computing Security Issues and Challenges”, International Journal of Computer Networks (IJCN), Vol 3: 2011

[6] Huiqi Xu, Shumin Guo, Keke Chen, “Building Confidential and Efficient Query Services in the Cloud with RASP Data Perturbation” IEEE Transactions on Knowledge and Data Engineering, vol.26,pp.322–335, 2014.

[7] Jiadi Yu, Peng Lu, Yanmin Zhu, Guangtao Xue, Minglu,” Toward Secure Multikeyword Top-kRetrieval over Encrypted Cloud Data”,IEEETransactions on Dependable and Secure Computing, Vol. 10, No. 4, pp. 239-250,2013.

[8] Junbeom Hur,” Improving Security and Efficiency in Attribute-Based Data Sharing”, IEEE Transactions on Knowledge and Data Engineering, vol. 25, pp 2271-2282, 2013.

[9] Jinbo Xiong, Ximeng Liu, Zhiqiang Yao, Jianfeng Ma, Qi Li, Kui Geng, and Patrick S. Chen, ” A Secure Data Self-Destructing Schemein cloud computing”,IEEE Transactions On Cloud Computing, vol. 2, 2014.

[10] V. Goyal ,O. Pandey, A. Sahai and B. Waters,” Attribute Based Encryption for fine- Grained Access Control of Encrypted Data”, ACM Conf. Computer and comm. Security(CCS),pp. 89-98,2006.

[11] Parsi Kalpana, Sudha singaraju,“Data Data Security in CloudComputing using RSA Algorithm “International Journal of Research in Computer and Communication technology, Vol 1, 2012.

[12] Arockiam, L, Monikandan, S,” A Security Service Algorithm to Ensure the Confidentiality of Data in Cloud Storage”, International Journal of Engineering Research & Technology, Vol. 3, 2014

[13] Rachna Arora, Anshu Parashar,”Secure User Data in CloudComputing Using Encryption Algorithms”, International Journal of Engineering Research and Applications ,Vol. 3,2013, pp.1922-1926.

[14] Asif Mushtaque Md, Harsh Dhiman, ShahnawazHussain,” A Hybrid Approach and Implementation of a NewEncryption Algorithm for Data Security in CloudComputing”, International Journal of Electronic and Electrical Engineering. Vol 7, pp. 669-675, 2014.

analysis on data security in cloud computing-a survey

Documents