SlideShare uma empresa Scribd logo
1 de 47
Baixar para ler offline
Cloud Computing
Security From Single to
Multi-Clouds

By
Kiran Kumar
ABSTRACT
• Dealing with “single cloud” providers is
predicted to become less popular with
customers due to risks of service availability
failure and the possibility of malicious insiders
in the single cloud.
• A movement towards “multi-clouds”, or in
other words, “interclouds” or “cloud-ofclouds” has emerged recently.
What is Cloud Computing ?
• Cloud computing is a model for enabling
ubiquitous(present), convenient, on-demand
network access to a shared pool of configurable
computing resources (e.g., networks, servers,
storage, applications, and services) that can be
rapidly provisioned and released with minimal
management effort or service provider
interaction. This cloud model is composed of five
essential characteristics, three service models,
and four deployment models.
Cloud Computing
Deployment Models
Delivery Models
Difference
Finally…….
Moving to Clouds
• Data is moving to the cloud

• Main reason: costs (pay-per-use model)
Cloud computing security from single to multiple
Everything Connected to Cloud
What about Cloud Security?
EXISTING SYSTEM
• Cloud providers should address privacy and
security issues as a matter of high and urgent
priority. Dealing with “single cloud” providers
is becoming less popular with customers due
to potential problems such as service
availability failure and the possibility that
there are malicious insiders in the single
cloud.
If It Fails…?
DISADVANTAGES OF EXISTING
SYSTEM
• Cloud providers should address privacy and
security issues as a matter of high and urgent
priority.
• Service availability failure and the possibility
that there are malicious insiders in the single
cloud.
PROPOSED SYSTEM
• This Project focuses on the issues related to
the data security aspect of cloud computing.
• Moving towards “Cloud of clouds “ or multi
clouds technique which improves
Better read performance
Data corruptions'
Reduces Intrusions ….etc
Multi Clouds
ADVANTAGES OF PROPOSED SYSTEM
• Data Integrity
• Service Availability.
• The user runs custom applications using the
service provider’s resources
• Cloud service providers should ensure the
security of their customers’ data and should
be responsible if any security risk affects their
customers’ service infrastructure.
ARCHITECTURE
DepSKy System Model
The DepSky system model contains three
parts: readers, writers, and four cloud storage
providers, where readers and writers are the
client’s tasks.
Readers can fail arbitrarily (for example, they
can fail by crashing, they can fail from time to
time and then display any behavior) whereas,
writers only fail by crashing.
DepSKy System Model
DepSky Design Principles
1. No trust on individual cloud providers
Distributed trust is built by using multiple clouds
2. Use storage clouds as they are
No server-side code on the replication protocols
3. Data is updatable
Replication protocols for consistency
Data Model Implementation
DepSky Write
DepSky Read
DepSky Confidentiality
HARDWARE REQUIREMENTS
•
•
•
•
•
•
•

Processor
Speed
RAM
Hard Disk
Floppy Drive
Key Board
Monitor

-

Pentium –III
1.1 GHz
256 MB(min)
20 GB
1.44 MB
Standard Keyboard
SVGA
SOFTWARE REQUIREMENTS
•
•
•
•
•
•

Operating System
Application Server
Front End
Script
Server side Script
Database

: Windows XP
: Tomcat5.0/6.X
: HTML, Java, JSP
: JavaScript.
: Java Server Pages.
: MYSQL
Implémentations
• Data Integrity
• Data Intrusion
• Service Availability
Data Integrity
• One of the most important issues related to
cloud security risks is data integrity. The data
stored in the cloud may suffer from damage
during transition operations from or to the
cloud storage provider.
Data Intrusion
• Another security risk that may occur with a cloud provider,
such as the Amazon cloud service, is a hacked password or
data intrusion.
• If someone gains access to an Amazon account password,
they will be able to access all of the account’s instances and
resources.
• Thus the stolen password allows the hacker to erase all the
information inside any virtual machine instance for the
stolen user account, modify it, or even disable its services.
Furthermore, there is a possibility for the user’s
email(Amazon user name) to be hacked, and since Amazon
allows a lost password to be reset by email, the hacker may
still be able to log in to the account after receiving the new
reset password.
Service Availability
• Another major concern in cloud services is service
availability.
• Amazon mentions in its licensing agreement that it is
possible that the service might be unavailable from
time to time.
• The user’s web service may terminate for any reason at
any time if any user’s files break the cloud storage
policy. In addition, if any damage occurs to any Amazon
web service and the service fails, in this case there will
be no charge to the Amazon Company for this failure.
Companies seeking to protect services from such
failure need measures such as backups or use of
multiple providers.
code #1 getting User Details
try {
conn = (Connection) DbConnector.getConnection();
sql = "select * from user where userid= '" + userid + "' and
password= '" + password+"'";
pst = (PreparedStatement) conn.prepareStatement(sql);
ResultSet rs = pst.executeQuery();
if (rs.next()) {
available = true;
} else {
available = false;
}
} catch (Exception e) {
e.printStackTrace();
}
code #2 for Encryption
public static String encryptString(String str,String key) {
StringBuffer sb = new StringBuffer(str);
int lenStr = str.length();
int lenKey = key.length();
// For each character in our string, encrypt it...
for (int i = 0, j = 0; i < lenStr; i++, j++) {
if (j >= lenKey) {
j = 0; // Wrap 'round to beginning of key string.
}
// XOR the chars together. Must cast back to char to avoid compile
error.
sb.setCharAt(i, (char) (str.charAt(i) ^ key.charAt(j)));
}
return sb.toString();
}
code #3 for FileUpload
public synchronized boolean uploadFile(InputStream is) {
try {
BufferedInputStream bis = new BufferedInputStream(is);
OutputStream os = m_client.getOutputStream();
BufferedOutputStream bos = new BufferedOutputStream(os);
byte[] buffer = new byte[1024];
int readCount;
while ((readCount = bis.read(buffer)) > 0) {
bos.write(buffer, 0, readCount);
}
bos.close();
this.succMesg = "Uploaded!";
return true;
} catch (Exception ex) {
ex.printStackTrace();
return false;
}
}
code #4 for FileDownload
public synchronized boolean downloadFile(String localfilename) {
try {
InputStream is = m_client.getInputStream();
BufferedInputStream bis = new BufferedInputStream(is);
System.out.println(">>>>>>>>>>>"+localfilename);
OutputStream os = new FileOutputStream(localfilename);
BufferedOutputStream bos = new BufferedOutputStream(os);
byte[] buffer = new byte[1024];
int readCount;
while ((readCount = bis.read(buffer)) > 0) {
bos.write(buffer, 0, readCount);
}
bos.close();
is.close(); // close the FTP inputstream
this.succMesg = "Downloaded!";
return true;
} catch (Exception ex) {
ex.printStackTrace();
return false;
}
}
Class Diagram
File Upload

Registration
ID
OwnerID
Password
Gender
Mobile
EMail
Date

FileID
FileName
FileSize
FilePath
FileOwner
MetaData
KeyRequest
DownloadStatus
ModifyStatus
VerifyStatus

Loginidgenration()
CreateAccount()

metadatagenration()
fileupload()

File Download
FileID
FileName
FileSize
FilePath
FileOwner
MetaData
KeyRequest
VerifyStatus

comparemetadata()
fileupload()
Use Case Diagram

CLOUD
CREATION

CLOUD
MAINTENANCE

ADMIN
MEMBER
CREATION

FILE
UPLOAD

FILE
DOWNLOAD

USER

CLOUD
STATUS

REPORTS
Sequence Diagram
CLOUD
CREATION

CLOUD
MAINTAINANCE

Cloud
details

MEMBER
CREATION

FILE
UPLOAD

REPORTS

Credintials
File Details
File Report
Data Flow Diagram
LOGIN

ADMIN

USER

CLOUD CREATION

NEW?

CLOUD
MAINTENANCE

UPLOAD
DATA

MEMBER
CREATION

CLOUD
STATUS

REPORTS

REPORTS
Activity
Diagram
CONCLUSION
• It is clear that although the use of cloud
computing has rapidly increased, cloud
computing security is still considered the
major issue in the cloud computing
environment. Customers do not want to lose
their private information as a result of
malicious insiders in the cloud. In addition, the
loss of service availability has caused many
problems for a large number of customers
recently
CONCLUSION (cont…)
• Furthermore, data intrusion leads to many
problems for the users of cloud computing.
• We support the migration to multi-clouds due
to its ability to decrease security risks that
affect the cloud computing user.
FUTURE ENHANCEMENTS
• For future work, we aim to provide a
framework to supply a secure cloud database
that will guarantee to prevent security risks
facing the cloud computing community.
• This framework will apply multi-clouds and
the secret sharing algorithm to reduce the risk
of data intrusion and the loss of service
availability in the cloud and ensure data
integrity.
FUTURE ENHANCEMENTS (cont…)
• In relation to data intrusion and data integrity,
assume we want to distribute the data into
three different cloud providers, and we apply
the secret sharing algorithm on the stored
data in the cloud provider.
• An intruder needs to retrieve at least three
values to be able to find out the real value
that we want to hide from the intruder.
REFERENCES
•

[1] (NIST), http://www.nist.gov/itl/cloud/.

•

[2] I. Abraham, G. Chockler, I. Keidar and D. Malkhi, "Byzantine disk paxos: optimal
resilience with Byzantine shared memory", Distributed Computing, 18(5), 2006, pp. 387408.

•

[3] H. Abu-Libdeh, L. Princehouse and H. Weatherspoon, "RACS: a case for cloud storage
diversity", SoCC'10:Proc. 1st ACM symposium on Cloud computing, 2010, pp. 229-240.

•

[4] D. Agrawal, A. El Abbadi, F. Emekci and A. Metwally, "Database Management as a
Service: Challenges and Opportunities", ICDE'09:Proc.25thIntl. Conf. on Data Engineering,
2009, pp. 1709-1716.

•

[5] M.A. AlZain and E. Pardede, "Using Multi Shares for Ensuring Privacy in Database-as-aService", 44th Hawaii Intl. Conf. on System Sciences (HICSS), 2011, pp. 1-9.
Thankyou

By
Kiran Kumar

Mais conteúdo relacionado

Mais procurados

Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud ComputingKeet Sugathadasa
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Cloud computing risk assesment presentation
Cloud computing risk assesment presentationCloud computing risk assesment presentation
Cloud computing risk assesment presentationAhmad El Tawil
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesSoftware Guru
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security complianceBryan Starbuck
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
Data Center Security
Data Center SecurityData Center Security
Data Center SecurityCisco Canada
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Cloud computing
Cloud computingCloud computing
Cloud computingitsrishre
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 

Mais procurados (20)

Cloud security
Cloud securityCloud security
Cloud security
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
Cloud computing risk assesment presentation
Cloud computing risk assesment presentationCloud computing risk assesment presentation
Cloud computing risk assesment presentation
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application Vulnerabilities
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfee
 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security compliance
 
Fortimanager admin-40-mr3
Fortimanager admin-40-mr3Fortimanager admin-40-mr3
Fortimanager admin-40-mr3
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and Tools
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Cloud security
Cloud security Cloud security
Cloud security
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 

Destaque

Cloud computing security from single to multi clouds
Cloud computing security from single to multi cloudsCloud computing security from single to multi clouds
Cloud computing security from single to multi cloudsCholavaram Sai
 
Representation theory
Representation theoryRepresentation theory
Representation theoryAndy Wallis
 
Cation exchange and it’s role on soil behaviour
Cation exchange and it’s role on soil behaviourCation exchange and it’s role on soil behaviour
Cation exchange and it’s role on soil behaviourShahram Maghami
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
The Ultimate Guide to Creating Visually Appealing Content
The Ultimate Guide to Creating Visually Appealing ContentThe Ultimate Guide to Creating Visually Appealing Content
The Ultimate Guide to Creating Visually Appealing ContentNeil Patel
 
Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.Emiland
 
What I Carry: 10 Tools for Success
What I Carry: 10 Tools for SuccessWhat I Carry: 10 Tools for Success
What I Carry: 10 Tools for SuccessJonathon Colman
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShareSlideShare
 
Pythonによる機械学習入門 ~Deep Learningに挑戦~
Pythonによる機械学習入門 ~Deep Learningに挑戦~Pythonによる機械学習入門 ~Deep Learningに挑戦~
Pythonによる機械学習入門 ~Deep Learningに挑戦~Yasutomo Kawanishi
 
Carton packaging wikipedia
Carton packaging wikipediaCarton packaging wikipedia
Carton packaging wikipediaAlex Xiao
 
What Do Real Women Look Like? 100 Stock Photos of Real Women
What Do Real Women Look Like? 100 Stock Photos of Real WomenWhat Do Real Women Look Like? 100 Stock Photos of Real Women
What Do Real Women Look Like? 100 Stock Photos of Real WomenTwenty20 Inc.
 
Research and Development
Research and DevelopmentResearch and Development
Research and DevelopmentShameem Ali
 
Asean quiz championship_2012
Asean quiz championship_2012Asean quiz championship_2012
Asean quiz championship_2012Movin Miranda
 
Web Trends to Watch in 2014
Web Trends to Watch in 2014Web Trends to Watch in 2014
Web Trends to Watch in 2014David King
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShareSlideShare
 
Masters of SlideShare
Masters of SlideShareMasters of SlideShare
Masters of SlideShareKapost
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareSTOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareEmpowered Presentations
 

Destaque (20)

Breast feeding
Breast feedingBreast feeding
Breast feeding
 
Cloud computing security from single to multi clouds
Cloud computing security from single to multi cloudsCloud computing security from single to multi clouds
Cloud computing security from single to multi clouds
 
Representation theory
Representation theoryRepresentation theory
Representation theory
 
Cation exchange and it’s role on soil behaviour
Cation exchange and it’s role on soil behaviourCation exchange and it’s role on soil behaviour
Cation exchange and it’s role on soil behaviour
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Automobiles
AutomobilesAutomobiles
Automobiles
 
The Ultimate Guide to Creating Visually Appealing Content
The Ultimate Guide to Creating Visually Appealing ContentThe Ultimate Guide to Creating Visually Appealing Content
The Ultimate Guide to Creating Visually Appealing Content
 
Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.Dear NSA, let me take care of your slides.
Dear NSA, let me take care of your slides.
 
What I Carry: 10 Tools for Success
What I Carry: 10 Tools for SuccessWhat I Carry: 10 Tools for Success
What I Carry: 10 Tools for Success
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShare
 
Pythonによる機械学習入門 ~Deep Learningに挑戦~
Pythonによる機械学習入門 ~Deep Learningに挑戦~Pythonによる機械学習入門 ~Deep Learningに挑戦~
Pythonによる機械学習入門 ~Deep Learningに挑戦~
 
Carton packaging wikipedia
Carton packaging wikipediaCarton packaging wikipedia
Carton packaging wikipedia
 
What Do Real Women Look Like? 100 Stock Photos of Real Women
What Do Real Women Look Like? 100 Stock Photos of Real WomenWhat Do Real Women Look Like? 100 Stock Photos of Real Women
What Do Real Women Look Like? 100 Stock Photos of Real Women
 
Research and Development
Research and DevelopmentResearch and Development
Research and Development
 
Asean quiz championship_2012
Asean quiz championship_2012Asean quiz championship_2012
Asean quiz championship_2012
 
Web Trends to Watch in 2014
Web Trends to Watch in 2014Web Trends to Watch in 2014
Web Trends to Watch in 2014
 
⼤企業で実現するイマドキの内製開発
⼤企業で実現するイマドキの内製開発⼤企業で実現するイマドキの内製開発
⼤企業で実現するイマドキの内製開発
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShare
 
Masters of SlideShare
Masters of SlideShareMasters of SlideShare
Masters of SlideShare
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareSTOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
 

Semelhante a Cloud computing security from single to multiple

Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01Shivananda Rai
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET Journal
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET-  	  Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET-  	  Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET Journal
 
Aws training in bangalore
Aws training in bangalore Aws training in bangalore
Aws training in bangalore apponix123
 
Security Issues in Cloud Computing
Security Issues in Cloud ComputingSecurity Issues in Cloud Computing
Security Issues in Cloud ComputingJyotika Pandey
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Secure Access to Outsourced Databases
Secure Access to Outsourced DatabasesSecure Access to Outsourced Databases
Secure Access to Outsourced DatabasesIOSR Journals
 
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...Patel Dasharathbhai
 
An Auditing Protocol for Protected Data Storage in Cloud Computing
An Auditing Protocol for Protected Data Storage in Cloud ComputingAn Auditing Protocol for Protected Data Storage in Cloud Computing
An Auditing Protocol for Protected Data Storage in Cloud Computingijceronline
 
Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud  Computing Towards Secure and Dependable Storage Services in Cloud  Computing
Towards Secure and Dependable Storage Services in Cloud Computing IJMER
 
Introduction to Cloud ppt which is fir engineering
Introduction to Cloud ppt which is fir engineeringIntroduction to Cloud ppt which is fir engineering
Introduction to Cloud ppt which is fir engineeringpremsingh371678
 

Semelhante a Cloud computing security from single to multiple (20)

Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
Cloud computing-security-from-single-to-multiple-140211071429-phpapp01
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
 
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET-  	  Improving Data Spillage in Multi-Cloud Capacity AdministrationIRJET-  	  Improving Data Spillage in Multi-Cloud Capacity Administration
IRJET- Improving Data Spillage in Multi-Cloud Capacity Administration
 
Aws training in bangalore
Aws training in bangalore Aws training in bangalore
Aws training in bangalore
 
Dn35636640
Dn35636640Dn35636640
Dn35636640
 
J0423066069
J0423066069J0423066069
J0423066069
 
Security Issues in Cloud Computing
Security Issues in Cloud ComputingSecurity Issues in Cloud Computing
Security Issues in Cloud Computing
 
Cloud ppt
Cloud pptCloud ppt
Cloud ppt
 
Cloud Computing Amazon
Cloud Computing AmazonCloud Computing Amazon
Cloud Computing Amazon
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Understanding Cloud Computing
Understanding Cloud ComputingUnderstanding Cloud Computing
Understanding Cloud Computing
 
Secure Access to Outsourced Databases
Secure Access to Outsourced DatabasesSecure Access to Outsourced Databases
Secure Access to Outsourced Databases
 
50120130406006
5012013040600650120130406006
50120130406006
 
CLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGECLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGE
 
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
 
An Auditing Protocol for Protected Data Storage in Cloud Computing
An Auditing Protocol for Protected Data Storage in Cloud ComputingAn Auditing Protocol for Protected Data Storage in Cloud Computing
An Auditing Protocol for Protected Data Storage in Cloud Computing
 
Cc unit 1 updated
Cc unit 1 updatedCc unit 1 updated
Cc unit 1 updated
 
Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud  Computing Towards Secure and Dependable Storage Services in Cloud  Computing
Towards Secure and Dependable Storage Services in Cloud Computing
 
Introduction to Cloud ppt which is fir engineering
Introduction to Cloud ppt which is fir engineeringIntroduction to Cloud ppt which is fir engineering
Introduction to Cloud ppt which is fir engineering
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Último

Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 

Último (20)

Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 

Cloud computing security from single to multiple

  • 1. Cloud Computing Security From Single to Multi-Clouds By Kiran Kumar
  • 2. ABSTRACT • Dealing with “single cloud” providers is predicted to become less popular with customers due to risks of service availability failure and the possibility of malicious insiders in the single cloud. • A movement towards “multi-clouds”, or in other words, “interclouds” or “cloud-ofclouds” has emerged recently.
  • 3. What is Cloud Computing ? • Cloud computing is a model for enabling ubiquitous(present), convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
  • 9. Moving to Clouds • Data is moving to the cloud • Main reason: costs (pay-per-use model)
  • 12. What about Cloud Security?
  • 13. EXISTING SYSTEM • Cloud providers should address privacy and security issues as a matter of high and urgent priority. Dealing with “single cloud” providers is becoming less popular with customers due to potential problems such as service availability failure and the possibility that there are malicious insiders in the single cloud.
  • 15. DISADVANTAGES OF EXISTING SYSTEM • Cloud providers should address privacy and security issues as a matter of high and urgent priority. • Service availability failure and the possibility that there are malicious insiders in the single cloud.
  • 16. PROPOSED SYSTEM • This Project focuses on the issues related to the data security aspect of cloud computing. • Moving towards “Cloud of clouds “ or multi clouds technique which improves Better read performance Data corruptions' Reduces Intrusions ….etc
  • 18. ADVANTAGES OF PROPOSED SYSTEM • Data Integrity • Service Availability. • The user runs custom applications using the service provider’s resources • Cloud service providers should ensure the security of their customers’ data and should be responsible if any security risk affects their customers’ service infrastructure.
  • 20. DepSKy System Model The DepSky system model contains three parts: readers, writers, and four cloud storage providers, where readers and writers are the client’s tasks. Readers can fail arbitrarily (for example, they can fail by crashing, they can fail from time to time and then display any behavior) whereas, writers only fail by crashing.
  • 22. DepSky Design Principles 1. No trust on individual cloud providers Distributed trust is built by using multiple clouds 2. Use storage clouds as they are No server-side code on the replication protocols 3. Data is updatable Replication protocols for consistency
  • 27. HARDWARE REQUIREMENTS • • • • • • • Processor Speed RAM Hard Disk Floppy Drive Key Board Monitor - Pentium –III 1.1 GHz 256 MB(min) 20 GB 1.44 MB Standard Keyboard SVGA
  • 28. SOFTWARE REQUIREMENTS • • • • • • Operating System Application Server Front End Script Server side Script Database : Windows XP : Tomcat5.0/6.X : HTML, Java, JSP : JavaScript. : Java Server Pages. : MYSQL
  • 29. Implémentations • Data Integrity • Data Intrusion • Service Availability
  • 30. Data Integrity • One of the most important issues related to cloud security risks is data integrity. The data stored in the cloud may suffer from damage during transition operations from or to the cloud storage provider.
  • 31. Data Intrusion • Another security risk that may occur with a cloud provider, such as the Amazon cloud service, is a hacked password or data intrusion. • If someone gains access to an Amazon account password, they will be able to access all of the account’s instances and resources. • Thus the stolen password allows the hacker to erase all the information inside any virtual machine instance for the stolen user account, modify it, or even disable its services. Furthermore, there is a possibility for the user’s email(Amazon user name) to be hacked, and since Amazon allows a lost password to be reset by email, the hacker may still be able to log in to the account after receiving the new reset password.
  • 32. Service Availability • Another major concern in cloud services is service availability. • Amazon mentions in its licensing agreement that it is possible that the service might be unavailable from time to time. • The user’s web service may terminate for any reason at any time if any user’s files break the cloud storage policy. In addition, if any damage occurs to any Amazon web service and the service fails, in this case there will be no charge to the Amazon Company for this failure. Companies seeking to protect services from such failure need measures such as backups or use of multiple providers.
  • 33. code #1 getting User Details try { conn = (Connection) DbConnector.getConnection(); sql = "select * from user where userid= '" + userid + "' and password= '" + password+"'"; pst = (PreparedStatement) conn.prepareStatement(sql); ResultSet rs = pst.executeQuery(); if (rs.next()) { available = true; } else { available = false; } } catch (Exception e) { e.printStackTrace(); }
  • 34. code #2 for Encryption public static String encryptString(String str,String key) { StringBuffer sb = new StringBuffer(str); int lenStr = str.length(); int lenKey = key.length(); // For each character in our string, encrypt it... for (int i = 0, j = 0; i < lenStr; i++, j++) { if (j >= lenKey) { j = 0; // Wrap 'round to beginning of key string. } // XOR the chars together. Must cast back to char to avoid compile error. sb.setCharAt(i, (char) (str.charAt(i) ^ key.charAt(j))); } return sb.toString(); }
  • 35. code #3 for FileUpload public synchronized boolean uploadFile(InputStream is) { try { BufferedInputStream bis = new BufferedInputStream(is); OutputStream os = m_client.getOutputStream(); BufferedOutputStream bos = new BufferedOutputStream(os); byte[] buffer = new byte[1024]; int readCount; while ((readCount = bis.read(buffer)) > 0) { bos.write(buffer, 0, readCount); } bos.close(); this.succMesg = "Uploaded!"; return true; } catch (Exception ex) { ex.printStackTrace(); return false; } }
  • 36. code #4 for FileDownload public synchronized boolean downloadFile(String localfilename) { try { InputStream is = m_client.getInputStream(); BufferedInputStream bis = new BufferedInputStream(is); System.out.println(">>>>>>>>>>>"+localfilename); OutputStream os = new FileOutputStream(localfilename); BufferedOutputStream bos = new BufferedOutputStream(os); byte[] buffer = new byte[1024]; int readCount; while ((readCount = bis.read(buffer)) > 0) { bos.write(buffer, 0, readCount); } bos.close(); is.close(); // close the FTP inputstream this.succMesg = "Downloaded!"; return true; } catch (Exception ex) { ex.printStackTrace(); return false; } }
  • 40. Data Flow Diagram LOGIN ADMIN USER CLOUD CREATION NEW? CLOUD MAINTENANCE UPLOAD DATA MEMBER CREATION CLOUD STATUS REPORTS REPORTS
  • 42. CONCLUSION • It is clear that although the use of cloud computing has rapidly increased, cloud computing security is still considered the major issue in the cloud computing environment. Customers do not want to lose their private information as a result of malicious insiders in the cloud. In addition, the loss of service availability has caused many problems for a large number of customers recently
  • 43. CONCLUSION (cont…) • Furthermore, data intrusion leads to many problems for the users of cloud computing. • We support the migration to multi-clouds due to its ability to decrease security risks that affect the cloud computing user.
  • 44. FUTURE ENHANCEMENTS • For future work, we aim to provide a framework to supply a secure cloud database that will guarantee to prevent security risks facing the cloud computing community. • This framework will apply multi-clouds and the secret sharing algorithm to reduce the risk of data intrusion and the loss of service availability in the cloud and ensure data integrity.
  • 45. FUTURE ENHANCEMENTS (cont…) • In relation to data intrusion and data integrity, assume we want to distribute the data into three different cloud providers, and we apply the secret sharing algorithm on the stored data in the cloud provider. • An intruder needs to retrieve at least three values to be able to find out the real value that we want to hide from the intruder.
  • 46. REFERENCES • [1] (NIST), http://www.nist.gov/itl/cloud/. • [2] I. Abraham, G. Chockler, I. Keidar and D. Malkhi, "Byzantine disk paxos: optimal resilience with Byzantine shared memory", Distributed Computing, 18(5), 2006, pp. 387408. • [3] H. Abu-Libdeh, L. Princehouse and H. Weatherspoon, "RACS: a case for cloud storage diversity", SoCC'10:Proc. 1st ACM symposium on Cloud computing, 2010, pp. 229-240. • [4] D. Agrawal, A. El Abbadi, F. Emekci and A. Metwally, "Database Management as a Service: Challenges and Opportunities", ICDE'09:Proc.25thIntl. Conf. on Data Engineering, 2009, pp. 1709-1716. • [5] M.A. AlZain and E. Pardede, "Using Multi Shares for Ensuring Privacy in Database-as-aService", 44th Hawaii Intl. Conf. on System Sciences (HICSS), 2011, pp. 1-9.

Notas do Editor

  1. Integrity(unity)
  2. Dependable and secure storage in cloud of clouds
  3. Dependable and secure storage in cloud of clouds
  4. Dependable and secure storage in cloud of clouds
  5. Dependable and secure storage in cloud of clouds
  6. Dependable and secure storage in cloud of clouds
  7. Dependable and secure storage in cloud of clouds
  8. Dependable and secure storage in cloud of clouds
  9. Composition(own a strong relation Ex. Duck to Pond )Aggression (has-a relation )