SYSTEM TO SECURE CLOUD DATA

VENKATA AKULA CHANDRAKANTH CHINTAGARI

OUTLINE
Introduction to cloud computing Architecture of cloud computing system Security modules for cloud computing Problems associated System analysis System design Advantages Conclusion References

INTRODUCTION
Cloud computing is known as Internet based computing, with shared resources, software and information are provided to computers and other devices based on requirement. Cloud computing is a simple concept , software and services are delivered over the web and through a browser, with no server or client software to install. Cloud Computing is a technology used to access services offered on the Internet cloud.

HOW IT WORKS

ARCHITECTURE OF CLOUD COMPUTING SYSTEM

SECURITY MODULES FOR CLOUD COMPUTING

Various security aspects and modules are integrated in to the cloud computing which provides security to the cloud. This system contains the following modules to provide security for our cloud computing system.

i)Authentication ii) Access control iii) Data security iv) Mechanism to trace user behavior in the cloud

AUTHENTICATION:
- The Service provider(administrator) of Cloud computing
System provide security for the cloud resources and cloud users. - The service provider can generate the master id to the users to become cloud users and provide role. So that cloud users have an authentication to utilize cloud resources. - He can trace out the users information, cloud history along with session information. - Also he can interact with the cloud users through mail.

ACCESS CONTROL:
- Cloud users can use the cloud resources based on their access control. Cloud users may have accessibility like read and write. - The cloud user who has read accessibility can only use the resources which are available in the cloud and the cloud user who has write accessibility can have permissions to upload files into cloud and also he can utilize the already available resources. - These cloud users can interact with cloud service provider to get change of their accessibility.

DATA SECURITY:
The Service provider can provide security to the data (resources of cloud and cloud users). Encryption key and session keys are used for encryption of data to sustain the security of data for a session. Cloud users can provide security through their private master id.

TRACING USER BEHAVIOR:

Service provider can view users profile and he can trace out the cloud users behavior through Cloud history. Service provider can also view the session information.

PROBLEM ASSOCIATED
EXISTING SYSTEM: In the existing system, the authentication and confidentiality was not provided in a better way. PROPOSED SYSTEM: Here a method to provide the security for cloud computing system by integrating the several security aspects into cloud computing system. We propose a model system in which cloud computing system is secured in several stages.

ANALYSIS OF SYSTEM
To provide flexibility to the users, the interfaces have been developed that are accessible through a browser. The GUIS at the top level have been categorized as 1)Administrative user interface 2)The operational or generic user interface

SYSTEM DESIGN ( CLASS DIAGRAM)

ReadUser userid password masterid name email role phno viewFiles()

CloudServiceProvider usreid password uploadFiles() traceUserBehavior() generateMasterKey() viewSessionInfo()

WriteUser userid password masterid name email role phno viewFiles() uploadFiles()

SEQUENCE DIAGRAM
CloudService Provider Generate Key UploadFiles CloudHistory SessionInfo ChangeRole

Generating MasterKey

Uploading Files into Cloud

Maintaining Cloud History Viewing Session Information Changing the Role of User

Admin Home page

Generating Key

Key Generation

Upload a file

Change of Role

Registration

User Login Page

Upload File

View Users in Admin Side:

Checking no of user in Cloud Area:

Cloud History Page in Admin:

Changing the Read or Write permition:

SYSTEM DESIGN 1)Administrative user interface:

The administrative user interface concentrates on the consistent information that is practically, part of the organizational activities and which needs proper authentication for the data collection.

These interfaces help the administrators with all the transactional states like Data insertion, Data deletion and Date updation along with the extensive data search capabilities.

2)operational or generic user interface:

The operational or generic user interface helps the end users of the system in transactions through the existing data and required services. The operational user interface also helps the ordinary users in managing their own information in a customized manner as per the included flexibilities.

ADVANTAGES
Flexible scaling of resources (resource optimization) Lower computer cost Improve performance Reduce software cost Unlimited storage capacity Universal Document access Easier group collaboration Easy to access Portable and secured service provider Predictable any time, anywhere access to IT resources Rapid, request-driven provisioning

CONCLUSION
Here, we analyzed the various security aspects of the cloud computing systems at various stages and security threats of the cloud computing system. We analyzed the various kinds of accessing control and authentication and tracing the behavior of the users Mechanism to trace user behavior in the cloud and data security.

REFERENCES
1. Balachandra Reddy Kandukuri, Ramacrishna PaturiV, Atanu Rakshi, Cloud Security Issues, 2009 IEEE International Conference on Services Computing, pages(s):517-520. 2. Martn Abadi, "Logic in Access Control", Proceedings of the 18th Annual IEEE Symposium on Logic in Com-puter Science (LICS'03), 2003. 3. Tal Garfinkel, Mendel Rosenblum, and Dan Boneh, "Flexible OS Support and Applications for Trusted Computing", the 9th Workshop on Hot Topics in Operating Systems (HotOS IX), USENIX, 2003.

4. Frank E. Gillett, Future View: The new technology ecosystems of cloud, cloud services and cloud computing Forrester Report, August 2008. 5. Zhidong Shen , Qiang Tong , The Security of Cloud Computing System enabled by Trusted Computing Technology 2010 2nd International Conference on Signal Processing Systems (ICSPS) 6. Algirds Avizienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr, Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE transactions on dependable and secure computing, vol.1, No.1, January-March, 2004. 7. Dr.Rao Mikkilineni, Vijay Sarathy, Cloud Computing and the Lessons from the Past, the 18th IEEE international Workshops on Enabling Technologies: Infrasturctures for olloaborative Enterises, on page(s):57-62, 2009

8.W. Kim, Cloud computing: Today Technology,8,2009

and Tomorrow, Journal of Object

9. Zhang et al., Securing elastic applications on mobile devices for cloud computing," Proceedings of the 2009 ACM workshop on Cloud computing security, 2009. 10. C. Wang, Q. Wang, K. Ren, and W. Lou, Privacy-preserving public auditing for data storage security in cloud computing, in INFOCOM, 2010, pp. 525533. 11.Cloud Security Alliance, Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 12. S. Pearson, Taking Account of Privacy when Designing Cloud Computing Services, CLOUD09, May 23, 2009,Vancouver, Canada. 13. C. Wang, Q. Wang, K. Ren, and W. Lou, Privacy-preserving public auditing for data storage security in cloud computing, in INFOCOM, 2010, pp. 525533.