ABSTRACT

The use of cloud computing has increased rapidly in many

organizations. Cloud computing provides many benefits in terms of low
cost and accessibility of data. Ensuring the security of cloud computing
is a major factor in the cloud computing environment, as users often
store sensitive information with cloud storage providers but these
providers may be untrusted. Dealing with single cloud providers is
predicted to become less popular with customers due to risks of
service availability failure and the possibility of malicious insiders in the
single cloud. A movement towards multi-clouds, or in other words,
interclouds or cloud-of-clouds has emerged recently.
This project surveys recent research related to single and multi-cloud
security and addresses possible solutions. It is found that the research
into the use of multi-cloud providers to maintain security has received
less attention from the research community than has the use of single
clouds. This work aims to promote the use of multi-clouds due to its
ability to reduce security risks that affect the cloud computing user.

CHAPTER 1
INTRODUCTION
Cloud computing is a style of computing in which
dynamically scalable and often virtualized resources are provided as a service
over the Internet. Users need not have knowledge of, expertise in, or control over
the technology infrastructure in the "cloud" that supports them. Cloud computing
is one of today's most exciting technologies due to its ability to reduce costs
associated with computing while increasing flexibility and scalability for
computer processes. During the past few years, cloud computing has grown from
being a promising business idea to one of the fastest growing parts of the IT
industry. Cloud computing others the vision of a virtually infinite pool of
computing, storage and networking resources where applications can be scalable
deployed The use of cloud computing has increased rapidly in many
organizations. Cloud computing provides many benefits in terms of low cost and
accessibility of data. Ensuring the security of cloud computing is a major factor in
the cloud computing environment. In System the development of a technique
through cloud computing in which user will access application on server which is
allocated far away from user system. Cloud computing is a phenomenon of the
21st century, an all-new services delivery model that uses the Internet as a
platform. According to independent technology and market research, cloud
computing is a standardized IT capability, such as software application platform or
infrastructure, delivered via Internet technologies in a pay-per-use and self-service
way.
Cloud Computing the familiar term Cloud Computing also approaches
Software used as a service for consumption over the Internet (the cloud). The
word Cloud Computing is not associated with any particular technology, protocol
or vendor. It allows cloud applications to service the users (usually via websites,
client applications, and so on) assuring that the service will have a single point of
access (i.e. from main server ) and all the scaling, parallel computation,
virtualization and whatever technology is used on the back end will be transparent
to the client. From this perspective, Cloud Computing is a model rather than an
architecture. Not all SOA based applications (like web services) are cloud based.
It is not necessary to host a web service on a cloud using the elasticity concept.
The cloud architecture is probably the best way to efficiently host a web service.
Cloud computing is a network-based environment that focuses on sharing
computations or resources. Actually, clouds are Internet-based and it tries to
disguise complexity for clients. Cloud computing refers to both the applications
delivered as services over the Internet and the hardware and software in the
2

organization that provide those services. Cloud computing provides many

opportunities for enterprises by ordering a range of computing services. In todays
competitive environment, the service dynamism, elasticity, and choices ordered by
this highly scalable technology are too attractive for enterprises to ignore. Our
proposed system in cloud computing user will handle systems in which any client
machine can interact with server machine and can access applications on server
from home or where internet is available.
The use of cloud computing has increased rapidly in many organizations.
Cloud computing provides many benefits in terms of low cost and accessibility of
data. Ensuring the security of cloud computing is a major factor in the cloud
computing environment, as users often store sensitive information with cloud
storage providers but these providers may be untrusted. Dealing with single
cloud providers is predicted to become less popular with customers due
to risks of service availability failure and the possibility of malicious insiders in
the single cloud. A movement towards multi-clouds, or in other words,
interclouds or cloud-of-clouds has emerged recently.

CHAPTER 2
AIM AND OBJECTIVE
AIM:
This work aims to promote the use of multi-clouds due to its ability
to reduce security risks that affect the cloud computing user. This surveys recent
research related to single and multi-cloud security and addresses possible
solutions. It is found that the research into the use of multi-cloud providers to
maintain security has received less attention from the research community than
has the use of single clouds.

OBJECTIVE: Dealing with single cloud providers is becoming less popular

with customers due to potential problems such as service availability failure and
the possibility that there are malicious insiders in the single cloud. In recent years,
there has been a move towards multiclouds, intercloud or cloud-of-clouds
This work focuses on the issues related to the data security aspect of cloud
computing. As data and information will be shared with a third party, cloud
computing users want to avoid an untrusted cloud provider. Protecting private and
important information, such as credit card details or a patients medical
records from attackers or malicious insiders is of critical importance. In addition,
the potential for migration from a single cloud to a multi-cloud environment is
examined and research related to security issues in single and multi-clouds in
cloud computing are surveyed.

CHAPTER 3
CLOUD DEPLOYMENT MODELS

Public cloud
Public cloud applications, storage, and other resources are made
available to the general public by a service provider. These ser-vices are free or o
ered on a pay-per-use model. Generally, public cloud service providers like
Amazon AWS, Microsoft and Google own and operate the infrastructure and
offer access only via Internet (direct connectivity is not offered).

Community cloud
Community cloud shares infrastructure between several organizations from a
special community with common concerns whether managed internally or by a
third-party and hosted internally or externally. The costs are spread over fewer
users than a public cloud.

Hybrid cloud
Hybrid cloud is a composition of two or more clouds (private,
community or public) that remain unique entities but are bound together, offering
the benefits of multiple deployment models.
By utilizing "hybrid cloud" architecture, companies and individuals are able
to obtain degrees of fault tolerance combined with locally immediate usability
without dependency on internet connectivity. Hybrid cloud architecture requires
both on-premises resources and o -site (remote) server-based cloud infrastructure.

Private cloud
Private cloud is cloud infrastructure operated solely for a single
organization, whether managed internally or by a third-party and hosted internally
or externally. Undertaking a private cloud project requires a sign in cant level and
degree of engagement to virtualizes the business environment, and it will require
the organization to re-evaluate decisions about existing resources

Proxy server
The use of proxy server could help provide adequate access and re-sponse
time to large numbers of World Wide Web (WWW) users requesting previously
5

accessed page. While some studies have re-ported performance increase due to the
use of Proxy servers, a study reported performance decrease associated with the
use of proxy server.

2.2.2 Document Processing:

SECURITY
The system needs to log clients information of registration such as IP address
and time for security purpose. Password should be encrypted and store in the
database.

MAINTAINABILITY
The system developing using .NET framework, all les are easy to
modify and make update.

APPROPRIATENESS FOR ORGANIZATION

Availability of the human input, allocation of expertise, and
alignment of team and software structure. The system need to be appropriate as
per customers requirements.
Hence the project is form of technically, economically, operationally, legally
feasible.

Feasibility study
The feasibility study is major factor which contributes to
analysis of system. In earlier stages of S/W development, it is necessary to check
whether system is feasible or not. Detail study was carried out to check
workability of proposed system, so the feasibility study is system proposal
regarding to its workability, impact on organization, ability to meet user
requirements and effective use of resources. Thus, when application progresses it
normally goes through a feasibility study and risk analysis.
Feasibility study was carried out considering the following aspects:-

TECHNICAL FEASIBILITY
6

Technical study is the study of the hardware requirements and software

requirements i.e. technical requirements of our project in order to inform the
management and user that from particular website designing this much technical
resources are required. Considering all below requirements, the project is
technically feasible.
OPERATIONAL FEASIBILITY
The system is operationally feasible because of the benefit of
computerized .The total working capacity will be improved due to this proposed
system i.e. user need not to install each and every soft-ware at client side. client
side is platform independent.

TIME FEASIBILITY
The client that the system must be completed within 5 or 6 months proposed
it. Which is considerable time for development and analysis, so it is also feasible
with respect to time?

LEGAL FEASIBILITY
There is no violation or liability that could be result from the
development. The idea is not copyright/patent of any person or organization. We
shall be using Open source version of various development tools/software
required. Thus this project is legally feasible.

CHAPTER 4
PROBLEM STATEMENT
To develop a system for sharing of software and hardware in cloud from
which user can access applications anytime, anywhere with secure architecture.

CHAPTER 5
8

PROJECT PLAN
The Implementation Plan describes how the information
system will be deployed, installed and transitioned into an operational system. The
plan is developed during the Design Phase and is updated during the Development
Phase; the final version is provided in the Integration and Test Phase and is used
for guidance during the Implementation Phase.
SYSTEM ARCHITECTURE
Design is concerned with identifying software
components specifying relationships among components. Specifying software
structure and providing blue print for the document phase. Modularity is one of
the desirable properties of large systems. It implies that the system is divided into
several parts. In such a manner, the interaction between parts is minimal clearly
specified. Design will explain software components in detail. This will help the
implementation of the system. Moreover, this will guide the further changes in the
system to satisfy the future requirements
The DepSky architecture consists of four clouds and each
cloud uses its own particular interface. The DepSky algorithm exists in the clients
machines as software library to communicate with each cloud These four clouds
are storage clouds, so there are no codes to be executed. The DepSky library
permits reading and writing operations with the storage clouds.with different
cloud providers, the DepSky library deals with different cloud interface providers
and consequently, the data format is accepted by eachcloud. The DepSky data
model consists of three abstraction levels: the conceptual data unit, a generic
data unit, and the data unit implementation.
DepSKy System model. The DepSky system model
contains three parts readers, writers, and four cloud storage providers, where
readers and writers are the clients tasks. Reader can fail arbitrarily (for example,
they can fail by crashing, they can fail from time to time and then display any
behavior) whereas, writers only fail by crashing. Cloud storage providers in the
DepSky system model. The Byzantine protocols involve a set of storage clouds
(n) where n = 3 f +1, and f is maximum number of clouds which could be faulty.
In addition, any subset of (n f) storage cloud creates byzantine quorum
protocols
.

CHAPTER 6

PROJECT METHODOLOGY
This protocol uses secret sharing and erasure code techniques to replicate
the data in a cloud-of-clouds. The image below show how this is donne. First is
generated an encryption key, and after that the original data block is encrypted.
Then the encrypted data block is erasure coded and are computed key shares of
the encryption key. In this case we get four erasure coded blocks and four key
shares because we use four clouds. Lastly, is stored in each cloud a different coded
block together with a diffenret key share.

10

11

Functional Requirement:I] Authentication with the system: The functionality is to authenticate the user .
II] Distributed Database on server: SQL SERVER 2008 is used to store that
data.
III] Web service integration Integrity: create the web services as middle wear
architecture it will same as scalable transactions.

EXTERNAL INTERFACE REQUIREMENTS

User Interfaces
Admin: admin all authorities to access services. Admin can add,
delete update services for client.
Teacher:-Teacher have authorities more than student and less than
admin like adding and removing services. Teachers can view some more
applications than students which cant be viewed by student. Teaches can
comment on programs which are made by students.
Student: Students have less authority than teacher and admin.
Hardware Interfaces

Client system with low configuration User and server must connected throw
cloud via internet.
Software Interfaces
This project requires Microsoft Visual studio version for
.NET development. The system shall run on a Microsoft Windows based system.
No extra software is needed for accessing service, cloud is platform in-dependent.
Communication Interfaces
For communicating to server, client only need web-browser and
internet connection.
12

CHAPTER 8
EXPECTED OUTCOME
Number of services available by category wise It can be used in college campus It
can be used in huge cloud also. It provide secured cloud. In system server side
program can be access and can be modified as per as your need and teacher can
able to comment on it.
Load balancing will be provide to avoid any system clash and Dividing
the traffic between servers, data can be sent and received without major delay
Multi cloud computing service availability Http and SOAP protocol is used, for
two way communication Minimum response time required when worker processor
is busy i.e. proxy server can reply. Secret sharing algorithm provides security.
13

Performance Requirements:The product should be able to function 24x7. The client experience
should be good and page loads should not take excessive time to display except on
noisy dialup connections. System should be developed with min response time.

Client and server should connect in minimum time i.e. application

response time must be less. After connection access time must be minimum.
The system should be built on such foundations that the system is
easy to extend. It should be built using such design and development practices that
it is interoperable by using standard protocols and products. The system
availability requirement is 24x7.
User must get reply from server which actually has to give reply not
from any other server. Client must get proper from any application which he/she is
using. If server is busy proxy must reply with uninterrupted communication.

Hardware Requirements:The selection of hardware is very important in the existence and

proper working of any software. In the selection of hardware, the size and the
capacity requirements are also important.
The Software can be efficiently run on Pentium system with
minimum 256 MB RAM and Hard disk drive having 40 GB for Server.
Pentium processor
: 233 MHZ or above
RAM Capacity
: 512MB
Hard Disk
: 40GB
CD-ROM Drive
: 32HZ
Software Requirements:One of the most difficult tasks is that, the selection of the software,
once system requirement is known is determining whether a particular software
package fits the requirements. After initial selection further security is needed to
determine the desirability of particular software compared with other candidates.
This section first summarizes the application requirement question and then
suggests more detailed comparisons.
Operating System
: Windows 97/98/XP/2000
Database Server
: SQL 2008
Language
: JAVA
14

Other Tools & Technologies

(Framework4.0)

: Microsoft Visual Studio2010

. Project Scope:-

Number of services available by category wise It can be used in college campus It

can be used in huge cloud also. It provide secured cloud. In system server side
program can be access and can be modified as per as your need and teacher can
able to comment on it.
Load balancing will be provide to avoid any system clash and Dividing the traffic
between servers, data can be sent and received without major delay
Multi cloud computing service availability Http and SOAP protocol is used, for two
way communication Minimum response time required when worker processor is
busy i.e. proxy server can reply. Secret sharing algorithm provides security.

15

PROPOSED SYSTEM :

The term multi-clouds is similar to the terms interclouds or cloudof-clouds that were introduced by Vukolic [54]. These terms suggest
that cloud computing should not end with a single cloud. Using their
illustration, a cloudy sky incorporates different colors and shapes of
clouds which leads to different implementations and administrative
domains. Recent research has focused on the multi-cloud environment
[3],[8],[10],[11] which control several clouds and avoids dependency
on any one individual cloud. Cachin et al. [11] identify two layers in the
multicloud environment: the bottom layer is the inner-cloud, while the
second layer is the inter-cloud. In the intercloud, the Byzantine fault
tolerance finds its place. We will first summarize the previous
Byzantine protocols over the last three Decades. This section will
explain the recent work that has been done in the area of multi clouds.
Bessani et al. [8] present a virtual storage cloud system called DepSky
which consists of a combination of different clouds to build a cloud-ofclouds. The DepSky system addresses the availability and the
confidentiality of data in their storage system by using multi-cloud
providers, combining Byzantine quorum system protocols,
cryptographic secret sharing and erasure codes [8].

EXSISTING SYSTEM :

RACS (Redundant Array of Cloud Storage) for instance, utilizes RAID-like

techniques that are normally used by disks and file systems, but for
multiple cloud storage. Abu-Libdeh et al. assume that to avoid vender
lock-in, distributing a users data among multiple clouds is a helpful
16

solution. This replication also decreases the cost of switching providers

and offers better fault tolerance. Therefore, the storage load will be
spread among several providers as a result of the RACS proxy.
HAIL (High Availability and Integrity Layer) is another example of a
protocol that controls multiple clouds. HAIL is a distributed
cryptographic system that permits a set of servers to ensure that the
clients stored data is retrievable and integral. HAIL provides a software
layer to address availability and integrity of the stored data in an
intercloud.
Cachin et al. present a design for intercloud storage (ICStore), which is
a step closer than RACS and HAIL as a dependable service in multiple
clouds. Cachin et al. develop theories and protocols to address the
CIRC attributes (confidentiality, integrity, reliability and consistency) of
the data stored in clouds. As mentioned before, Bessani et al. present a
virtual storage cloud system called DepSky consisting of a combination
of different clouds to build a cloudof- clouds. Bessani et al. [8] discuss
some limitations of the HAIL protocol and RACS system when compared
with DepSky. HAIL does not guarantee data confidentiality, it needs
code execution in their servers, and it does not deal with multiple
versions of data. None of these limitations are found in DepSky ,
whereas the RACS system differs from the DepSky system in that it
deals with economic failures and vendor lock-in and does not address
the issue of cloud storage security problems. In addition, it also does
not provide any mechanism to ensure data confidentiality or to provide
updates of the stored data. Finally, the DepSky system presents an
experimental evaluation with several clouds, which is different from
other previous work on multi clouds. There are a number of studies on
gaining constancy from untrusted clouds. For instance, similar to
DepSky, Depot improves the flexibility of cloud storage, as Mahajan et
al. believe that cloud storages face many risks. However, Depot
provides a solution that is cheaper due to using single clouds, but it
does not tolerate losses of data and its service availability depends on
17

cloud availability. Other work which implements services on top of

untrusted clouds are studies such as SPORC and Venus . These studies
are different from the DepSky system because they consider a single
cloud (not a cloud-of-clouds). In addition, they need code execution in
their servers. Furthermore, they offer limited support for the
unavailability of cloud services in contrast to DepSky.

Customers can use cryptographic methods to protect the

stored data in the cloud.

Using a hash function is a good solution for data integrity.

The loss of availability of service is considered one of the
main limitations in cloud computing and it has been
addressed by storing the data on several clouds.

If the data is processed from different clients, data

encryption cannot ensure privacy in the cloud.

Cloud can be attacked by the Third-party

This system provides a secure storage cloud, but does not
provide security of data in the cloud model

Disadvantages:
1. Cloud providers should address privacy and security issues as a
matter of high and urgent priority.
2. Dealing with single cloud providers is becoming less popular with
customers due to potential problems such as service availability failure
and the possibility that there are malicious insiders in the single cloud.

18