SECURITY FEATURES OF CLOUD COMPUTING USING NEW SYMMETRIC KEY ALGORITHM

Saeed Q. Al-Khalidi Al-Maliki, King Khalid University, Abha, Saudi Arabia Email: salkhalidi@yahoo.com Fahad Alfifi, Robert Morris University, Pittsburgh, United States of America Email: faast219@mail.rmu.edu

ABSTRACT Cloud computing platform, deliver critical business applications in large part, because of sales commitment to security and privacy. With the help of cloud computing, large pools of resources can be connected via private or public networks to provide dynamically scalable infrastructures for application, data and file storage. Additionally, the costs of computing, application hosting, content storage and delivery can be significantly reduced. The main problem associated with cloud computing are data privacy, security and authenticity. Our research paper is an efficient method for providing data-storage security in cloud computing using the new simple symmetric key algorithm. In this algorithm, some important security services included such as key generation, encryption and decryption that are provided in cloud computing systems. The main scope of this paper to solve the security issues in both cloud providers and cloud consumers using new cryptography methods. Key words: Cloud computing, Data storage, Simple symmetric key algorithm, Encryption/Decryption.

INTRODUCTION Cloud computing have become one of the important new technology in recent days, where integrated all previous technology of computing power to provide new technology innovation that helps organizations to improve and develop their work quality (Hayes, 2008). Cloud computing is general term that can be used in different teams varying meaning. Furthermore, most common definitions agree that cloud computing is distributed computing components over the Internet based to provide services as three different type of services, which are: Software-as-a-Service (SaaS)The SaaS service model offers the services as applications to the consumer, using standardized interfaces. The consumer can only control some of the user-specific application configuration settings (Mithila and Kumar, 2011). Platform-as-aService (PaaS)The PaaS service model offers the services as operation and development platforms to the consumer. The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations (Mithila and Kumar, 2011). Infrastructure-as-a-Service (IaaS) The IaaS service model is offering infrastructure resources as a service, such as raw data storage, processing power and network capacity. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (Mithila and Kumar, 2011). The National Institute of Standards and Technology (NIST, 2012) mentioned cloud computing as innovation that allows the large groups of customers to access a pool of on demand, pay-as-you-go services, such as networks, storage, application services. Furthermore, Users and organization can use cloud computing services by subscribe through many different companies, which provide three levels of cloud types: Public, Private or hybrid cloud. Using cloud computing provide many advantages to organization at all levels, such as lowering cost and improve service quality, simplifies IT complexity, improve IT quality, allowing IT managers to focus in essential

mission, objectives and processes. Cloud computing technology provides unlimited storage capacity, increased data reliability and flexibility (Workday, 2011). Despite cloud, computing is the key driving force in many small, medium and large-sized companies and as many cloud users seek the services of cloud computing, the major concern is the security of their data in the cloud. Securing data is always of vital importance and because of the critical nature of cloud computing and the large amounts of complex data it carries, the need is even more important. Therefore, CIA in different organizations tries to use encryption and decryption technique to solve this problem. Encryption is to convert data into coding, called a ciphertext, which became hard to understand and read by the unauthorized users. There are two meager types of encryption techniques: Symmetric-key and public-key encryption (Goldreich, 2004). In this paper, we attempt to demystify the data-storage security in privet cloud computing environment and clarify issues from a security perspective, by using the new simple symmetric-key algorithm. In this algorithm, some important security services included such as key generation, encryption and decryption that are provided in cloud computing systems. In this paper, we have proposed the new level of data security solution using the Reverse Caesar cipher algorithm with encryption using ASCII full 256 characters, compared other encryption methods, our new encryption algorithm is very secured level. The main goal of this paper is to solve the security issues in both cloud providers and cloud consumers using new cryptography methods.

LITERATURE REVIEW Cloud computing is an upcoming paradigm that offers tremendous advantages in economic aspects, such as reduced time to market, flexible computing capabilities, and limitless computing power. To use the full potential of cloud computing, data is transferred, processed and stored by external cloud providers. However, data owners are very skeptical to place their data outside their own control sphere (Mithila & Kumar 2011). The proposed solutions for network security come with concepts like cryptography in which distribution of keys has been done. Encryption and key generation became a vital tool for preventing the threats to data sharing and tool to preserve the data integrity, so we are focusing on security enhancing by enhancing the level of encryption in the network. In their research, they proposed a modular 37 and select any number and calculate inverse of the selected integer using modular 37 (Kuppuswamy, Al-Khalidi, 2012). The proposed research paper aims to give the cloud data storage models and data security in a cloud computing systems. Here we propose an efficient method for providing data-storage security in cloud computing using RSA algorithm. In this algorithm, some important security services included such as key generation, encryption and decryption that are provided in a cloud computing systems (Sunitha & Prashanth, 2013). The main scope of this paper to solve the security issues in both cloud providers and cloud consumers using cryptography encryption methods. It is complicated to understand the cipher text compared with the other methods (Padmapriya, 2013). Singla & Singh (2013) descried cloud being as the most vulnerable next-generation architecture consists of two major design elements, i.e. the Cloud Service Provider (CSP) and the Client. Even though the cloud computing is promising and efficient, there are many challenges for data privacy and security. This paper explores the security of data at rest as well as security of data while moving (Padmapriya, 2013). Furthermore, Chavan & Bangare (2013) discussed a Customer Relational Management system a service using RC5 algorithm. In the proposed system, the party that uses cloud storage services must encrypt data before sending it to cloud while the service provider that is responsible for encryption/decryption of the users data and then must delete data once encryption/decryption encryption/decryption process is completed.

PROBLEM STATEMENT Cloud computing security is a very critical issue, where data can be in different physical locations at any data center across the world network. This new technology structure leads to serious issues regarding security, such as authentication, data integrity, account or service Hijacking, hypervisor vulnerabilities, data loss or leakage and confidentiality (Suthar, Kumar, Gupta, Patel, 2012). In addition, the Cloud Security Alliance (CSA) (2013) identified data breaches as the top nine cloud computing threats for the year of 2103, where a hacker are able to use side channel timing information to extract private cryptographic keys in use by other VMs on the same server. How to coordinate appropriate and efficient incident response without impacting continuity of operations for other customers or without violating laws and contractual agreements is not clear today. In addition, the speed with which incidents must be resolved becomes much greater. Researchers of cloud computing security are giving less attention to select and use the right encryption and Encoding algorithms. This paper proposed to implement the developed secure security algorithms that could provide cloud storage security higher performance and security.

PROPOSED WORK A private cloud is one in which the services and infrastructure are maintained on a private network. These clouds offer the greatest level of security and control, but they require the company to still purchase and maintain all the software and infrastructure, which reduces the cost savings. We know that, whatever user ID consists of Alphabets between A to Z and numbers, which is between 0-9. Here, In New symmetric key algorithm, we introduce synthetic data, which is based on the user ID. Normally the synthetic data value consists of equivalent value of alphabets and numbers. Alphabet value A is assigned as integer number 1and B=2 so on. Next we consider integer value 0 assigned as 27 and 1=289=36 also the space value considers as an integer number 37. A) Key generation method (i) Select any natural number say as n (ii) Find the Inverse of the number using modulo 37(key 1) say k. (iii) Again select any negative number (for making secured key) n1. (iv) Find the inverse of negative number using modulo 37(key 2) k1. B) Encryption method (i) Assign synthetic value for user ID (ii) Multiply synthetic value with random selected natural number (iii) Calculate with modulo 37 (iv) Again select random negative number and multiply with it (v) Again calculate with modulo 37 CT = (PT* n*n1) mod 37

C) Decryption method (i) Multiply received text with key1 & key2 (ii) Calculate with modulo 37 (iii) Remainder is Revealed Text or Plain Text PT = (CT*n -1*n1-1) mod 1

IMPLEMENTATION An encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. Contrast this with public-key cryptology, which utilizes two keys - a public key to encrypt messages and a private key to decrypt them. Symmetric-key systems are simpler and faster, but their main drawback is that the two parties must somehow exchange the key in a secure way. Symmetric-key cryptography is sometimes called secret-key cryptography. The most popular symmetric-key system is the Data Encryption Standard (DES), but the drawback of DES encryption and decryption. Key generation timing is very high. The implementation of the proposed algorithm will produce effective encryption/decryption method and suitable for all applications.0

4.1 Key Generation 1) We are selecting random integer number n=3 2) Then inverse of 3=25(verification 3x25 mod 37=1) So, Key1=25 3) Again we are selecting random negative number n1= -8 4) Then inverse of 8 = 23(verify -8 x 23=-184 mod 37 = 1) So, Key2 =23

4.2 Encryption method For encryption purpose we are arranging text in a sequence table and we are selecting random encryption key1 assumed here as n=3 and key2 n1= -8, Then we are using modulation 37 with plain text. The calculation of encrypted text mentioned in the following table. Calculated message known as cipher text or encrypted text. Table 1: Encryption table CT=(M*n) CT=(CT*n1) mod 37 mod 37 20 25 3 13 26 14 12 15 27 6

Text S A U D I

Integer Value 19 1 21 4 9

Encrypted text Y M N O F

4.3 Decryption method For encryption purpose we are arranging text in a sequence table and we are selecting random encryption key1 assumed here as n=3 and key2 n1= -8, Then we are using modulation 37 with plain text. The calculation of encrypted text mentioned in the following table. Calculated message known as cipher text or encrypted text. Table 2: Decryption table Integer PT=(CT*25*23) Value mod 37 25 19 13 1 14 21 15 4 6 9

Text Y M N O F

Encrypted text S A U D I

RESULT DISCUSSION Private cloud service offers a number of advantages that make it a more viable cloud solution instead of a public cloud service option. Our proposed symmetric key algorithm is more suitable to private cloud services. It is dedicated to a single organization, the hardware, data storage, and network can be designed to assure high levels of security that cannot be accessed by other clients in the same data center. To be clear, this is not said that public cloud service is not secure. Its just that certain companies will feel the data is more secure by having it reside in-house. Another reason that a private cloud would be desirable has to do with country regulatory issues. In certain countries, the data center hosting a public cloud service must reside within the country where its users reside as well. When there is no public cloud option that can be provided from country, a private cloud is the only option that can be used. The private cloud is deployed inside the firewall on an organization's intranet, meaning that transfer rates are dramatically increased versus using the Internet. In addition, theres no worry of slow page access times that may happen with using a public cloud service. Hardware performance, network performance, and storage performance can be specified and customized in the private cloud since its owned by the company.

CONCLUSION Data security has become the most important issue for cloud computing security. Though many solutions have been proposed, many of them only consider 26 alphabets only. It depends upon the way Cloud Service Provider (CSP) allows its client to get registered with his cloud network. In our survey, we analyze how security is provided to the data at rest, i.e. encryption is done by the cloud service provider. In this paper study of the symmetric key algorithm, it's effectively and efficiently recognized security laws in the secure cloud management application. It proposes of separation of secure storage and independent secure services into different cloud service providers. Storage of the data is taken place at one cloud server and security service has taken another server. When a user sends unencrypted data from the secure cloud service providers to the independent secure cloud service system, then after independent secure cloud service encrypted data and then after sending it to secure storage cloud system. For the data decryption in the cloud is the exactly reverse process of the encryption system. In this system, the independent secure cloud service uses a simple symmetric encryption/decryption algorithm. This system will be beneficial for the end user and enhancing data security in cloud computing.

REFERENCE Goldreich, Oded. (2004). Foundations of Cryptography: Volume 2, Basic Applications. Vol.2. Cambridge university press Hayes, B. (2008), Cloud computing, Communications of the ACM, Vol. 51, pp. 9-11 Mithila S., Kumar P. (2011). Data Security through Confidentiality in Cloud Computing Environment , (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 2 (5), 1836-1840. Rich Maggiani. (2009). Cloud Computing Is Changing How We Communicate, In IEEE 978-1-42444358-1/09. Sachindra K. Chavan, M. L. Bangare. (2013). Secure CRM Cloud Service using RC5 Algorithm, International Journal of Computer Trends and Technology- volume4, Issue3 Samson T. (2013). 9 top threats to cloud computing security: Data breaches and cloud service abuse rank among the greatest cloud security threats, according to Cloud Security Alliance. InfoWorld Tech Watch. [Online], [Retrieved February 20, 2013], http://www.infoworld.com/t/cloud-security/9-top-threats-cloudcomputing-security-213428 Subhasri P., Padmapriya. (2013). Implementation of Reverse Caesar Cipher Algorithm for Cloud Computing, International Journal for Advance Research in Engineering and Technology, Vol. 1, Issue VI, ISSN 2320-6802. Sunitha K., Prashanth S.K. (2013). Enhancing Privacy in Cloud Service Provider Using Cryptographic Algorithm, IOSR Journal of Computer Engineering (IOSR-JCE), e-ISSN: 2278-0661, p- ISSN: 22788727 Volume 12, Issue 5, PP 62-64. Singla S. & Singh J. (2013). Survey on Enhancing Cloud Data Security using EAP with Rijndael Encryption Algorithm, Global Journal of Computer Science and Technology Software & Data Engineering Volume 13 Issue 5 Version 1.0. Suthar K., Kumar P., Gupta H., Patel H. (2012). "Analytical comparison of symmetric encryption and encoding techniques for cloud environment", in International Journal of Computer Applications, Volume 60, Number 19, ISBN : 973-93-80871-99-1. Verma H. K., Singh R. K. (2012). Performance Analysis of RC5, Blowfish and DES Block Cipher Algorithms, International Journal of Computer Applications (0975 8887) Volume 42 No.16.