The aim of this project is to secure the sensitive outsourced data with encryption and data fragmentation within the cloud provider. The major requirements for achieving security in outsourced cloud databases are confidentiality, privacy, availability and integrity. While achieving the requirements various data confidentiality mechanisms of fragmentation and encryption of data are used. This project presents a method for secure and confidential storage of data in the cloud environment based on fragmentation. Applying encryption and obfuscation techniques on the cloud data will provide more protection against unauthorized access of sensitive data of a private user.
2. What is Cloud?
Cloud computing involves deploying groups of remote servers and
software networked that allow centralized data storage and online
access to computer services or resources.
Cloud computing continues to be one of the most hyped subjects in
IT, but it is becoming more and more an integral concept in IT
overall.
Cloud computing providers offer their services according to several
fundamental models.
3. Cloud Services
Cloud infrastructure services, known as Infrastructure as a Service
(IaaS), are self-service models for accessing, monitoring, and
managing remote data center infrastructures, such as compute,
storage, networking, and networking services.
Cloud platform services, or Platform as a Service (PaaS), are used for
applications, and other development, while providing cloud
components to software.
Cloud application services, or Software as a Service (SaaS), uses the
web to deliver applications that are managed by a third-party
vendor and whose interface is accessed on the clients’ side.
4. Cloud Computing Types
A cloud is called a "public cloud" when the services are rendered
over a network that is open for public use. They may be free or
offered on a pay-per-usage model.
Private cloud is cloud infrastructure operated solely for a single
organization, whether managed internally or by a third-party, and
hosted either internally or externally.
Hybrid cloud is a composition of two or more clouds (private,
community or public) that remain distinct entities but are bound
together, offering the benefits of multiple deployment models.
5. Why did I chose Private Cloud?
In case of public cloud you may not know where your data is stored,
if or how it is backed up, and whether unauthorized users can get to
it.
Public cloud vendors provide their own services, so you can’t
control them or modify them.
Your business is your data and your applications. Therefore, control
and security are paramount.
You have to abide by the privacy policy, terms and conditions of
the vendor of public cloud.
6. What have I used?
I have used Ubuntu Server OS for my private cloud as Ubuntu is most
preferred OS worldwide.
For cloud deployment I have used OpenStack, which is a free and
open-source cloud computing software platform.
I have used two-node architecture with legacy networking (nova-
network) having primarily Controller node and Compute node.
8. My Project
Clouds are sometimes used to manage sensitive information, the
aim of my project is to secure that sensitive data within the cloud.
This is known as Data Confidentiality.
It can be defined as, Data Confidentiality is whether the information
stored on a system is protected against unintended or unauthorized
access.
Data Confidentiality is often a measure of the ability of the system to
protect its data. Accordingly, this is an integral component of
Security.
9. What are the threats?
Unauthorized users
Operating system break-in
Unauthorized access to data
Data mining is a threat to privacy
Eavesdropping on communications
10. Solutions are many
Data obfuscation
Data Fragmentation
Protecting Data with Encryption
Intrusion Protection Against Malicious Traffic
Authentication, Authorization, and Access Control
11. My Contribution
In this project I have proposed the idea of two level security of data
on cloud.
Firstly, fragmentation of data into sensitive and non-sensitive part.
On second level data encryption and obfuscation.
Finally saving this data on different servers.
12. User Interface
Get unclassified
Data
K-NN Classification
Algorithm
Sensitive
Data
Blowfish Encryption
Yes
Non
Sensitive
Data
Yes
No
Obfuscation
VM1 VM2
Flow Diagram of the Project
13. Conclusion
Data security in the cloud is ensured by the confidentiality of
sensitive data.
That can be done with the help of storing encrypted data on
storage servers.
Along with encryption, storage of data in the cloud environment is
based on fragmentation.