Skip to main content

Data Storage Security In Cloud Computing

Image
By

Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible distributed scheme with two salient features, opposing to its predecessors. By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server (s). Unlike most prior works, the new scheme further supports secure and efficient dynamic operations on data blocks, including: data update, delete and append. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks.

System Architecture:


From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons.
1 . Firstly, traditional cryptographic primitives for the purpose of data security protection can not be directly adopted due to the users? loss control of data under Cloud Computing. Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the cloud and the demand of long term continuous assurance of their data safety, the problem of verifying correctness of data storage in the cloud becomes even more challenging.
2 . Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance.
These techniques, while can be useful to ensure the storage correctness without having users possessing data, can not address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As an complementary approach, researchers have also proposed distributed protocols? for ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited.

Modules:

1. Client Module:In this module, the client sends the query to the server. Based on the query the server sends the corresponding file to the client. Before this process, the client authorization step is involved.In the server side, it checks the client name and its password for security process. If it is satisfied and then received the queries form the client and search the corresponding files in the database. Finally, find that file and send to the client. If the server finds the intruder means, it set the alternative Path to those intruder.


2. System Module:
Representative network architecture for cloud data storage is illustrated in Figure 1. Three different network entities can be identified as follows:
User:
Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual consumers and organizations.
Cloud Service Provider (CSP):
A CSP, who has significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live Cloud Computing systems,.
Third Party Auditor (TPA):
An optional TPA, who has expertise and capabilities that users may not have, is
Trusted to assess and expose risk of cloud storage services on behalf of the users upon request.
3. Cloud data storage Module:Cloud data storage, a user stores his data through a CSP into a set of cloud servers, which are running in a simultaneous, the user interacts with the cloud servers via CSP to access or retrieve his data. In some cases, the user may need to perform block level operations on his data.. users should be equipped with security means so that they can make continuous correctness assurance of their stored data even without the existence of local copies. In case that users do not necessarily have the time, feasibility or resources to monitor their data, they can delegate the tasks to an optional trusted TPA of their respective choices. In our model, we assume that the point-to-point communication channels between each cloud server and the user is authenticated and reliable, which can be achieved in practice with little overhead.
4. Cloud Authentication Server:The Authentication Server (AS) functions as any AS would with a few additional behaviors added to the typical client-authentication protocol. The first addition is the sending of the client authentication information to the masquerading router. The AS in this model also functions as a ticketing authority, controlling permissions on the application network. The other optional function that should be supported by the AS is the updating of client lists, causing a reduction in authentication time or even the removal of the client as a valid client depending upon the request
5. Unauthorized data modification and corruption module:One of the key issues is to effectively detect any unauthorized data modification and corruption, possibly due to server compromise and/or random Byzantine failures. Besides, in the distributed case when such inconsistencies are successfully detected, to find which server the data error lies in is also of great significance
6. Adversary Module:
Security threats faced by cloud data storage can come from two different sources. On the one hand, a CSP can be self-interested, untrusted and possibly malicious. Not only does it desire to move data that has not been or is rarely accessed to a lower tier of storage than agreed for monetary reasons, but it may also attempt to hide a data loss incident due to management errors, Byzantine failures and so on.
On the other hand, there may also exist an economicallymotivated adversary, who has the capability to compromise a number of cloud data storage servers in different time intervals and subsequently is able to modify or delete users? data while remaining undetected by CSPs for a certain period. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Team Work - Meaning and Tips for better Team Work

By
A single brain is not always capable of making key decisions on its own. To come up with an efficient solution, an individual requires the help and advice of others. A team is established when individuals get together on a common platform with the common goal of completing a task. To guarantee optimum compatibility, team members should ideally come from similar backgrounds and have a single aim. To provide their best, the team members must complement each other and function as a single unit in tight cooperation. "There is no I in Team Work," as the saying goes, and each member must put the needs of his team first. Personal interests must take a second seat. Any team's performance is directly proportionate to the relationship between its members and their combined efforts. What is the definition of teamwork? Teamwork is defined as the sum of each team member's efforts toward the fulfilment of the team's goal. In other words, any team's backbone is its ability t
Post a Comment
Read more

Scientists discover a new theory / The fundamental property of light – 150 years after Maxwell

By
Light plays a vital role in our everyday lives and technologies based on light are all around us. So we might expect that our understanding of light is pretty settled. But scientists have just uncovered a new fundamental property of light that gives new insight into the 150-year-old classical theory of electromagnetism and which could lead to applications manipulating light at the nanoscale. It is unusual for a pure-theory physics paper to make it into the journal Science. So when one does, it’s worth a closer look. In the new study, researchers bring together one of physics' most venerable set of equations – those of James Clerk’s Maxwell’s famous theory of light – with one of the hot topics in modern solid-state physics: the quantum spin Hall effect and topological insulators . To understand what the fuss is about, let’s first consider the behaviour of electrons in the quantum spin Hall effect. Electrons possess an intrinsic spin as if they were tiny spinning-tops,
Post a Comment
Read more

19 Types Of Content Writing Services For Your Business

By
  It’s hard to know which type of content writing service is the best for your business.  There are so many  different types of content writing services  out there that it’s easy to get confused. You end up wondering if you’re choosing the right one for you. In this post, we’ll get rid of this confusion, once and for all. I’m going to list out the different kinds of writing services you could use.  By the end of this article, you’ll know whether you need a copywriter, a content writer, or a social media marketer and how they can help you achieve your business goals. This post is also useful for writers who want to hone their writing skills in a specific area. Let’s dive in and learn what types of content writing services exist and when you should use them. (Bonus – if you want to  hire the top 1%  of writers, go to the bottom to learn how). Types of Content Writing Services As we go through the list of content writing services, you will find that many of them overlap. That’s perfectly
Post a Comment
Read more