Security: A Need for Cloud Computing

-H.Kunaa l Khilnani [B.TECH IT] -S.Dhyan eshwaran[B.E ECE]

INTRODUCTION: With the enhancement of the internet & the field of cloud computing more and more personal data is being stored in the cloud and many user operations are being performed through the cloud. The future of it architecture solely depends on it architecture, this is in great contrast to the method being followed in the IT world today. CLOUD COMPUTING has achieved in moving the application softwares and databases to large data centres, which promises the ease of distribution of data & resources, but the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this document, we focus on cloud data storage security, which has always been an important aspect of quality of service. This document achieves the integration of storage correctness insurance and data-error localization, i.e., the identification of misbehaving servers by utilizing the specialized tokens with distributed verification of erasure-coded data. The concept supports secure and efficient dynamic operations on data blocks, including: data update, delete and append. The purpose of this document is to provide needed context to assist organizations in making educated risk management decisions regarding their cloud adaptation strategies and helps eliminating Byzantine failure, malicious data modification attack, and even server colluding attacks. In fact, this threat document should be seen as a companion to Security Guidance for areas in Cloud Computing.

SYNOPSIS: Security as Centerpiece Benefits of Better Security Threats to the Cloud Identifying Threats Design Goals Different Data Models to Achieve Data Security How to Resolve Threats ?? Algorithms Conclusion

SECURITY AS CENTERPIECE:

Despite security being the number one concern, 25.8% of the cloud users will deploy data in a public cloud. [ 2010,Netcraft survey] While infrastructure, platform and application providers have their own security controls, it is ultimately the responsibility of the end-customer yo manage their own security exposure. Reducing Security Vulnerability is directly linked to Threat Analysis and implementing countermeasures. OLD threats are far more common than NEW .For example, the largest number of security incidents are caused by unsuspecting users opening malicious email attachments. Best practices and training are as important as creating security controls.

BENEFITS OF BETTER SECURITY: Security because of large scale. Increase reliability and better planned Disaster Recovery. Security as a Market demand. More chances of Standardization & Collaboration. Improved Scaling of Resources. Advantage of Concentrated Resources. Evidence-gathering and Investigation. Better customer confidence. Lower operational expenses. Reduce downtime. Reduce business liability.

THREATS TO THE CLOUD: The cloud is vulnerable to many threats that can inflict various types of damage resulting in significant losses. This damage can range from errors harming database integrity to fires destroying entire cloud .For instance, the amazon catastrophe. TOP SEVEN THREATS:

IDENTIFYING THREATS:

DESIGN GOALS: Our initial goal is to design efficient mechanisms for dynamic data verification and operation and achieve the following : (1) Storage correctness: to ensure users that their data are indeed stored appropriately and kept intact all the time in the cloud. (2) Fast localization of data error: to effectively locate the malfunctioning server when data corruption has been detected. (3) Dynamic data support: to maintain the same level of storage correctness assurance even if users modify, delete or append their data files in the cloud. (4) Dependability: to enhance data availability against Byzantine failures, malicious data modification and server colluding attacks, i.e. minimizing the effect brought by data errors or server failures. (5) Lightweight: to enable users to perform storage correctness checks with minimum overhead.

DIFFERENT DATA MODELS TO ACHIEVE DATA SECURITY: System Model

In cloud data storage, a user stores his data through a Cloud Service Provider (CSP) into a set of cloud servers, which are running in a simultaneous, cooperated and distributed manner. Data redundancy can be employed with technique of erasurecorrecting code to further tolerate faults or server crash as users data grows in size and importance. Thereafter, for application purposes, the user interacts with the cloud servers via CSP to access or retrieve his data. In some cases, the user may need to perform block level operations on his data. The most general forms of these operations we are considering are block update, delete, insert and append.

Adversary Model

Security threats faced by cloud data storage can come from two different sources. On the one hand, a CSP can be self-interested, un-trusted and possibly malicious. Not only does it desire to move data that has not been or is rarely accessed to a lower tier of storage than agreed for monetary reasons, but it may also attempt to hide a data loss incident due to management errors, Byzantine failures and so on. On the other hand, there may also exist an economically motivated adversary, who has the capability to compromise a number of cloud data storage servers in different time intervals and subsequently is able to modify or

delete users data while remaining undetected by CSPs for a certain period.

HOW TO RESOLVE THREATS ??

ALGORITHMS: 1. For pre-computation of Tokens:

2. For correctness verification and error localisation:

3.For error recovery:

Conclusion: The above paper helps us realize that Security is one of the most important essentials for Cloud Computing. The paper gives us a brief essence on the threats and some of the methodology to prevent them. We believe that data storage security in Cloud Computing, an area full of challenges and of paramount importance, is still in its infancy now, and many research problems are yet to be identified. We envision several possible directions for future research on this area.