IMPROVING DATA SECURITY IN CLOUD COMPUTING

B.PREAM KUMAR,B.PONSUGANLAL INFORMATION TECHNOLOGY,INFORMATION TECHNOLOGY KONGU ENGINEERING COLLEGE,KONGU ENGINEERING COLLEGE premkumar92kongu@gmail.com,ponsuganlal4@gmail.com 9092437143, 9976169986

ABSTRACT Cloud computing is clearly one of todays most enticing technology areas due, at least in part, to its cost-efficiency and flexibility. Cloud computing providing unlimited infrastructure to store and execute customer data and program. It is having Minimized Capital expenditure, Location and Device independence, Utilization and efficiency improvement, Very high Scalability, High Computing power .But the management of the data and services may not be fully trustworthy. Data security becomes more and more important in cloud computing. We need Security at following levels: Internet access security Database access security Data privacy security Program access Security Server access security Keywords: Cloud computing, Scalability, Flexibility, model, Availability. Data security, Hadoop Integrity, Distributed File System, Mathematical data Confidentiality, This paper analyses the basic problem of cloud computing data security. With the analysis of HDFS ( Hadoop Distributed File System) architecture, we get the data security requirement of cloud computing and implemented a mathematical data model for cloud computing. Finally we build a data security model for cloud computing which satisfy confidentiality, integrity and availability of the three basic principles of data security.

INTRODUCTION Several trends are opening up the era of Cloud Computing, which is an Internetbased development and use of computer technology. As customers you do not need to own the infrastructure, they are merely accessing or renting, they can forego capital expenditure and consume resources as a service, paying instead for what they use. Cloud computing changes how we invent, develop, deploy, scale, update, maintain, and pay for applications and the infrastructure on which they run. . The ever cheaper and more powerful processors, together with the software as a service (SaaS) computing architecture, are transforming data centers into pools of computing service on a huge scale. The increasing network bandwidth and reliable yet flexible network connections make it even possible that users can now subscribe high quality services from data and software that reside solely on remote data centers. Moving data into the cloud offers great convenience to users since they dont have of to care direct about the complexities management. Cloud computing has following segments, SaaS Software as a Service Network-hosted application hardware

PaaS Platform as a Service Network-hosted development platform software

IaaS Infrastructure as a Service Provider hosts customer VMs or provides network storage

DaaS Data as a Service Customer queries against providers database

IPMaaS

Identity

and

Policy

Management as a Service Provider manages identity and/or access control policy for customer NaaS Network as a Service Provider offers virtualized networks (e.g. VPNs)

SURVEY OF EXSISTING WORK

While IDC enterprise panel surveying about cloud computing, we got cloud demand model as shown above .Security (74.6%) is a demanding thing comparing others. While surveying about budget wise, in Jan 2010, an Aberdeen Group study found that disciplined companies achieved on average an 18% reduction in their IT budget from cloud computing and a 16% reduction in data center power costs.

Provider should also make a contractual commitment to obey local privacy requirements on behalf of their customers, Data-centered policies that are generated when a user provides personal or sensitive information, that travels with that information throughout its lifetime to ensure that the information is used only in accordance with the policy.

REQUIREMENT OF DATA SECURITY

We need Security at following levels: DATA LOCATION Server access security Internet access security Database access security Data privacy security Program access Security

At a Broad level, Two major Questions in data security are: When user use the cloud, user probably won't know exactly where your data is hosted, what country it will be stored in? Data should be stored and processed only in specific jurisdictions as define by user. How much secure is the Data? How much secure is the Code?

PRINCIPLE OF DATA SECURITY GOAL All the data security technique is built on confidentiality, integrity and availability of these three basic principles. Confidentiality refers to the so-called hidden the actual data or information, especially in the military and other sensitive areas, the confidentiality of data on the more stringent requirements. For cloud computing, the data are stored in "data center", the security and confidentiality of user data is even more important. The socalled integrity of data in any state is not subject to the need to guarantee or unauthorized deletion, modification INTEGRITY CONFIDENTIALITY Ensuring that information is not decided to unauthorized person. Ensuring that information held in a system is a proper representation of the information intended and that it has not been modified by an unauthorized AVAILABILITY person. Ensuring that information processing resources are not made unavailable by malicious action. DESCRIPTION

damage. The availability of data means that users can have the expectations of the use of data by the use of capacity.

HDFS MODEL

controls access to his client. In this storage system, a file is cut into small pieces of paper, Name node maps the file blocks to Data nodes above. While HDFS does not have the POSIX compatibility, the file system still support the creation, delete, open, close, read, write and other operations on files. By analyzing of HDFS, data security needs of cloud computing can be divided into the following points: The client authentication requirements in login: The vast majority of cloud computing through a browser client, such as IE, and the users identity as a cloud computing applications demand for the primary needs. Name node: If name node is attacked or failure, there will be disastrous So the consequences on the system.

With the analysis of the HDFS (Hadoop Distributed File System), we get the data security model for cloud computing. HDFS is used in large-scale cloud computing in a typical distributed file system architecture, its design goal is to run on commercial hardware, due to the support of Google, and the advantages of open source, it has been applied in the basis of cloud facilities. HDFS is very similar to the existing distributed file system, such as GFS (Google File System); they have the same objectives, performance, availability and stability. HDFS initially used in the Apache Nutch web search engine and become the core of Apache Hadoop project. HDFS used the master/slave backup mode. The master is called Name node, which manages the file system name space and controls access to the client. Other slave nodes is called Data node, Data node

effectiveness of Name node in cloud computing and its efficiency is key to the success of data protection, so to enhance Name nodes security is very important. The rapid recovery of data blocks and r/w rights control: Data node is a data storage node, there is the possibility of failure and cannot guarantee the availability of data. Currently each data storage block in HDFS has at least 3 replicas, which is HDFSs

backup strategy. When comes to how to ensure the safety of reading and writing data, HDFS has not made any detailed explanation, so the needs to ensure rapid recovery and to make reading and writing data operation fully controllable cannot be ignored. In addition to the above three requirements, the other, such as access control, file encryption, such as demand for cloud computing model for data security issues must be taken into account. DATA SECURITY MODEL

another, although quite broad, case of "applied security" and that similar security principles that apply in shared multi-user mainframe security models apply with cloud security. The relative security of cloud computing services is a contentious issue that may be delaying its adoption. Physical control of the Private Cloud equipment is more secure than having the equipment off site and under someone elses control. Physical control and the ability to visually inspect the data links and access ports is required in order to ensure data links are not compromised. Issues barring the adoption of cloud computing are due in large part to the private and public sectors' unease surrounding the external management of security-based services. It is the very nature

As cloud computing is achieving increased popularity, concerns are being voiced about the security issues introduced through adoption protection of this new model. are The being effectiveness and efficiency of traditional mechanisms reconsidered as the characteristics of this innovative deployment model can differ widely from those of traditional architectures. An alternative perspective on the topic of cloud security is that this is but

of cloud computing-based services, private or public, that promote external management of provided services. This delivers great incentive providers services. to to cloud computing service and been prioritize issues bug building have

maintaining strong management of secure Security privacy, console categorized into sensitive data access, data segregation, management exploitation, account recovery, accountability, malicious insiders, security,

control, and multi-tenancy issues. Solutions to various cloud security issues vary, from cryptography, particularly public key infrastructure (PKI), to use of multiple cloud providers, standardization of APIs, and improving virtual machine support and legal support.

[3] Jean-Daniel Cryans,Criteria to Compare Cloud Computing with Current Database Technology 2008. [4] Huan Liu, Dan Orban, GridBatch: Cloud Computing for Large-Scale Data-Intensive Batch Applications IEEE DOI 10.1109/CCGRID.2008.30.

CONCLUSION As the development of cloud computing, security issue has become a top priority. This paper discusses the cloud computing environment with the safety issues through analyzing a cloud computing framework-HDFSs security needs. Finally we conclude a cloud computing model for data security.

[5] Mladen A. Vouk, Cloud Computing Issues, Research and Implementations Journal of Computing and Information Technology - CIT 16, 2008, 4, 235246. [6] Bob Gourley, Cloud Computing and Net Centric Operations Department of Defense Information Management and Information Technology Strategic Plan 2008-2009.

REFERENCES:
[1]Amazon EC2 Crosses the Atlantic. http://aws.amazon.com/about-aws/whats new/2008/12/10/amazon-ec2-crosses-theatlantic/. [2] Rajkumar Buyya Market-Oriented Cloud Computing : Vision ,Hype ,and Reality for Delivering IT Services as Computing Utilities 2008.