Cloud Computing Security
ENSURING DISTRIBUTED ACCOUNTABILITY FOR DATA SHARING IN THE
CLOUD
Guided By: Ms.K.praveena,Asst.Prof
K.O.R.M COLLEGE OF ENGINEERING ,KADAPA. (Department Of Computer
Science& Engineering.)YEAR: 2012-13
1Group ID - 01
Project MemberRoll NoV.S.Sharma09BC1A0556B.Vinod
Kumar09BC1A0508V.Pitchiah09BC1A0554P.Nagendra09BC1A0539
What Is Cloud computing ?
Cloud computingis the use ofcomputingresources (hardware and
software) that are delivered as a service over anetwork(typically
theInternet). The name comes from the use of acloud-shaped symbol
as an abstraction for the complex infrastructure it contains in
system diagrams. Cloud computing entrusts remote services with a
user's data, software and computation.
2
3 cloud service modelsCloud Software as a Service (SaaS)
Cloud Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
3
Introduction To ProjectCloud computing enables highly scalable
services to be easily consumed over the Internet on an as-needed
basis. A major feature of the cloud services is that users data are
usually processed remotely in unknown machines that users do not
own or operate.While enjoying the convenience brought by this new
emerging technology, users fears of losing control of their own
data (particularly, financial and health data) can become a
significant barrier to the wide adoption of cloud services. To
address this problem, here, we propose a novel highly decentralized
information accountability framework to keep track of the actual
usage of the users data in the cloud. In particular, we propose an
object-centered approach that enables enclosing our logging
mechanism together with users data and policies.
Cloud Computing Security: From Single to Multi-clouds4
Existing SystemTo allay users concerns, it is essential to
provide an effective mechanism for users to monitor the usage of
their data in the cloud.
For example, users need to be able to ensure that their data are
handled according to the servicelevel agreements made at the time
they sign on for services in the cloud.
Conventional access control approaches developed for closed
domains such as databases and operating systems, or approaches
using a centralized server in distributed environments, are not
suitable.
5
Drawbacks of Existing SystemFirst, data handling can be
outsourced by the direct cloud service provider (CSP) to other
entities in the cloud and theses entities can also delegate the
tasks to others, and so on.
Second, entities are allowed to join and leave the cloud in a
flexible manner.
6
Proposed systemWe propose a novel approach, namely Cloud
Information Accountability (CIA) framework, based on the notion of
information accountability.
Our proposed CIA framework provides end-toend accountability in
a highly distributed fashion. One of the main innovative features
of the CIA framework lies in its ability of maintaining lightweight
and powerful accountability.
The push mode refers to logs being periodically sent to the data
owner or stakeholder while the pull mode refers to an alternative
approach whereby the user (or another authorized party) can
retrieve the logs as needed.
7
Department Of Computer Engineering
Hardware RequirementsProcessor - Pentium IVRAM - 512 MBHard Disk
- 80 GB
8
Software RequirementsOperating System :Windows2000Application
Server : Tomcat5.0/6.X Front End : HTML, Java, Jsp Scripts :
JavaScript.Server side Script : Java Server Pages.Database : Mysql
5.0Database Connectivity : JDBC.
9
ModulesCloud Information Accountability (CIA) Framework:Distinct
mode for auditingLogging and auditing TechniquesMajor components of
CIA
10
1. Cloud Information Accountability (CIA) Framework:
CIA framework lies in its ability of maintaining lightweight and
powerful accountability that combines aspects of access control,
usage control and authentication.
By means of the CIA, data owners can track not only whether or
not the service-level agreements are being honored, but also
enforce access and usage control rules as needed.
11
2. Distinct mode for auditing
Push mode:The push mode refers to logs being periodically sent
to the data owner or stakeholder.Pull mode: Pull mode refers to an
alternative approach whereby the user(Or another authorized party)
can retrieve the logs as needed.
Cloud Computing Security: From Single to Multi-clouds12
3. Logging and auditing Techniques:
The logging should be decentralized in order to adapt to the
dynamic nature of the cloud. Every access to the users data should
be correctly and automatically logged. Log files should be reliable
and tamper proof to avoid illegal insertion, deletion, and
modification by malicious parties.Log files should be sent back to
their data owners periodically to inform them of the current usage
of their data. The proposed technique should not intrusively
monitor data recipients systems, nor it should introduce heavy
communication and computation overhead, which otherwise will hinder
its feasibility and adoption in practice.
Cloud Computing Security: From Single to Multi-clouds13
4. Major components of CIA
There are two major components of the CIA, the first being the
logger, and the second being the log harmonizer.
The logger is strongly coupled with users data (either single or
multiple data items).
It may also be configured to ensure that access and usage
control policies associated with the data are honored.
The logger will control the data access even after it is
downloaded by user X.
Cloud Computing Security: From Single to Multi-clouds14
Architecture15
(Owner)
Cloud Computing Security: From Single to Multi-clouds16
(User)Cloud Computing Security: From Single to
Multi-clouds17
Component DiagramAdmin
18
(CSP- Customer Service Provider)
Cloud Computing Security: From Single to Multi-clouds19
TestingUnit TestingIntegrated TestingFunctional TestingSystem
TestingWhite Box TestingBlack Box TestingAcceptance Testing20
SCREEN SHOTSCloud Computing Security: From Single to
Multi-clouds21
Home PageCloud Computing Security: From Single to
Multi-clouds22
User page
Cloud Computing Security: From Single to Multi-clouds23
View account PageCloud Computing Security: From Single to
Multi-clouds24
Send request to CIA for download:
Cloud Computing Security: From Single to Multi-clouds25
Download ListCloud Computing Security: From Single to
Multi-clouds26
Owner PageCloud Computing Security: From Single to
Multi-clouds27
File Upload Cloud Computing Security: From Single to
Multi-clouds28
ALL User & Owner RecordsCloud Computing Security: From
Single to Multi-clouds29
Reference papers1. P. Ammann and S. Jajodia, Distributed
Timestamp Generation in Planar Lattice Networks, ACM Trans.
Computer Systems, vol. 11, pp. 205-225, Aug. 1993.2.G. Ateniese, R.
Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D.
Song, Provable Data Possession at Untrusted Stores, Proc. ACM Conf.
Computer and Comm. Security, pp. 598- 609, 2007.3. E. Barka and A.
Lakas, Integrating Usage Control with SIP-Based Communications, J.
Computer Systems, Networks, and Comm., vol. 2008, pp. 1-8,
2008.
30
Any Queries ?
31Thank You