Enhancing Data reliability and data security aware
an algorithm in cloud computing.
For the degree of Master of Science in Computer Science
at Southern Connecticut State University
Thesis Advisor: Dr. Hrvoje Podnar
Major-Field Approval – The advisor and department chairperson
Enhancing Data reliability and data security aware algorithm in cloud computing.
B Statement of purpose
Cloud computing is the long-dreamed vision of computing as a utility, where users can remotely store and access their data externally. Cloud computing is the most widely used platform now a day. The advantages of cloud computing include: on-demand self -service, network access, location independent resource pooling, resource elasticity, usage-based pricing, etc. It is defined as (The US National Institute of Standards and Technology), “a model for enabling convenient, on-demand network access to a shared pool of configurable “Computing resources.
Concerns on data security with cloud storage are arising, due to untrusted access of the services and malicious attacks from hackers. Recently, cloud service outages or server corruptions with major cloud infrastructure providers have been reported. 1,2, Moreover the cloud service provider may also voluntarily examine customer’s data for various reasons. Therefore, we argue that the cloud is neither secure nor reliable from the view point of the client. Without providing strong security and reliability guarantees to address these client concerns, like access to confidential and important data managed or handled by cloud service providers at the server side, cloud service provider are failing to protect the user data. But at client side they don’t trust third party providers with data confidentiality, integrity, and reliability. Moreover, nowadays, data storage, technology, and other hardware dramatically increase and improve, but all this improvement is at server side. At client side, there are no developed technologies available which secure the data and can guarantee data reliability. So, to achieve this prime concern in this thesis, we will develop a tool with new technology called “Network coding.”
Network coding is a networking technique in which transmitted data is encoded and decoded to increase network throughput, reduce delays, and make the network robust. 3 Increased adoption of cloud computing for data storage has led to improvements in terms of data reliability and security. While existing solutions address the reliability issue by adding data redundancy to multiple servers, the problem becomes challenging in the “pay-as-you-use” cloud paradigm where we always want to efficiently resolve it for both corruption detection and data repair. Therefore, we are working to develop new secure and reliable storage solutions with efficiency consideration of both data repair and data retrieval entailed in the cloud computing.
In the Propose system, I will develop a tool for data publishing and data retrieval using network coding in which the data owner divides data into chunks and apply the network coding primer on those data. In this encoding, randomly selected data combinations are stored in each other node. If the data is lost or failed, we recover the data from another healthy node. This process is called regeneration. Because of this we can achieve data reliability and integrity. Due to this we can get good throughput and reduce the network traffic as well.
Cloud computing, also known as on-demand computing, is a kind of Internet-based computing, where shared resources, data and information are provided to computers and other devices on-demand.
Cloud computing and storage solutions provide users and enterprises with various capabilities to store and process their data in third-party data centers.
Cloud resources are usually not only shared by multiple users but are also dynamically reallocated per demand.
Fig 1 – Cloud computing
Data Security in Cloud
The main three requirements of data security.
• Data Confidentiality: Confidentiality of data refers to only authorized users are allowed to access the data.
• Data Integrity: It refers to protecting data from unauthorized modifications.
• Data Availability: It ensures that user can access their data from anywhere using network safely.
C Literature Review
Literature review -1
• Title: Three Step Data Security Model for Cloud Computing Based On RSA and Steganography Techniques. 2
• Author: Vinay Kumar Pant, Jyoti Prakash, Amit Asthana
• Year of Publication: 2015
• This paper describes securing the data and information in cloud environment using the three step data security model followed by RSA algorithm for cryptography and steganography technique for secure the data from unauthorized deletion, fabrication, modification.
Confidentiality problem arise due to attack, malicious activity and system failure.
• RSA algorithm with other algorithm provide more security to data.
• Using steganography, the encrypted image looks exactly the same to original image by human eye but differences would be seen when analysis the binary code of image.
• The approach will help to make stronger structure for security of data in cloud. It needs more robustness with other security algorithm.
Fig -3 2 Orignal Image (m.bmp)
Fig-4 2 Generating Encryption Key and Stegano Image
Fig -52 Encrypted Image (e.bmp)
Fig – 6 2 Extract data from image using Symmetric key
Literature review – 2
• Title: Cloud Data Security with Hybrid Symmetric Encryption. 3
• Author: Shweta Kaushik, Charu Gandhi
• Year of Publication: 2016
• This paper proposed a hybrid symmetric cryptography process to protect the sensitive and confidential data stored at cloud server from any malicious activity and unauthorized user access. Use of symmetric cryptography makes this approach much fast and efficient. 3
• By using hybrid symmetric encryption algorithm data owner is ensured that it provides extra security for its data and user is ensured that data retrieved is intact without any access of intruders. But it does not provide the reliability as if the data is lost.
• Use of symmetric encryption make the data stronger against single encryption and make it difficult for attacker to get the original data.
Fig – 7 3
Literature review – 3
• Title: Homomorphic Encryption for Data Security in Cloud Computing. 4
• Author: Kamal Kumar Chauhan, Amit K.S. Sanger, Ajai Verma
• Year of Publication: 2015
• In this paper, author discussed about Homomorphic encryption methods in cloud computing to secure data in processing state. Homomorphic encryption allows user to operate encrypted data directly without decryption.
• This technique allows user to operate cipher text directly.
• Gives the same resultant cipher when user decrypts as if operations are carried out on plaintext.
• It secures the data in all states: Storage, Transmission and processing.
• Paillier Cryptosystem scheme support only addition of operation, RSA cryptosystem scheme support only multiplication and Boneh-Goh-Nissim cryptosystem supports unlimited number of additions but single multiplication.
• Partial Homomorphic encryption scheme such as RSA and Paillier cryptosystem are insufficient for cloud computing.RSA cryptosystem is valunerable to common modulus attack. It violates the confidentiality of the data.
• Fully homomorphic method took long time to operate on encrypted data and problem lead to design efficient and feasible homomorphic encryption algorithms.
Literature review – 4
• Title: Data Security and Integrity in cloud Computing Based on RSA Partial Homomorphic and MD5 Cryptography. 5
• Author: Priyanka Ora, Dr.P.R. Pal
• Year of Publication: 2015
• Data may be lost and misuse by other users on cloud. So for data security and data integrity in cloud environment requires this new approach.
• In this paper, encryption is performed by RSA partial homomorphic before uploading on cloud server. After uploading its hash value is calculated by MD5 hashing scheme and verification step.
• For data security and data integrity, encryption and decryption is done by the RSA partial algorithm whereas MD5 hashing algorithm is used for secure data backup. To achieve the grater effectiveness, the proposed architecture used with different comparison like availability, reliability etc.
Literature review – 5
• Title: Simple Regenerating Codes: Network coding for Cloud Storage. 10
• Author: Dimitris S. Papailiopoulos, Jianqiang Luo., Alexandros G. Dimakis, Cheng Huang, Jin Li
• Year of Publication: 2012
• The design of simple coding schemes that allow exact and low cost repair of failed nodes and high data rates.
• This paper deals with the simple look-up repair and perform exact repair by simple Xoring of packets.
• It shows the significant benefits in both performance and reliability compared to replication. This SRC (Simple regenerating codes) require only a constant number of nodes involved in each repair and can therefore achieve very good storage overhead with good performance.
LITERATURE REVIEW COMPARISON TABLE
Three Step Data Security Model For Cloud Computing Based On RSA and Steganography Techniques.
Three step model, encryption with RSA ,Steganalysis process and decryption with RSA algorithm.
Concept is secure the data with image hiding. Only difference will analyzed when see the binary code.
Cloud Data Security with Hybrid Symmetric Encryption
The key is used for decryption process is shared with authorized user only.
Hybrid symmetric encryption/decryption make the data stronger against attacker.
Homomorphic Encryption for Data Security in Cloud Computing.
Data security in processing step is achieved by homomorphic encryption.
Partial and fully homomorphic encryption method is not feasible and easy.
Data Security and Integrity in cloud Computing Based on RSA Partial Homomorphic and MD5 Cryptography
RSA partial homomorphic for encryption and decryption, MD5 hashing algorithm is used for secure data backup.
The design of simple coding schemes that allow exact and low cost repair of failed nodes and high data rates.
Simple Regenerating Codes: Network coding for Cloud Storage
The design of simple coding schemes that allow exact and low cost repair of failed nodes and high data rates.
Simple look-up repair and perform exact repair by simple Xoring of packets.
• Although people had developed much more concrete sense in data security and hardware had become more powerful, many problems still lie in the reliability of cloud computing.
• Due to the new computation model, traditional solutions to achieving high reliability may not be appropriate for modern applications in cloud computing. According to research study, using network coding reliability can enhanced.
In traditional method, data flow is defined from the source to destination. The transmitted massage first broken in small packets and each data packet contain destination address, after that data packets are transmitted into the network. All packets travel into network and reaches at destination address, at receiver side reassemble those packet into original message. Main problem with this method is that when the overall network traffic is high, then some packet in receiver side comes late because of heavy network traffic. Sometimes packets are lost then we must request again for that packet .
Network coding is a method of optimizing the flow of digital data in a network by transmitting digital evidence about messages. The “digital evidence” is, itself, a composite of two or more messages. When the bits of digital evidence arrive at the destination, the transmitted message is deduced rather than directly reassembled. Therefore, in this method, massage is broken into smaller packets and at sender side process those packet like encoding the packet. In encoding, apply the Xoring on those packet, xoring is nothing but the combine the two massages data into one signal packet. After that packet transmits into the network with destination address. Advantage of the method is that, if the network traffic is high or lost, at that time we can recover the lost packet from another receiving node.
In my work I will build following recommended system for security and reliability in cloud computing.
Step:1 When user send file on Cloud controller (CC), CC asks for the
Step:2 This password is generated with Message Digest (MD5) hash code.
Step:3 The file which is sent on CC is divided in to four parts and each
part of the file is encoded with each of MD5 hash value.
Step:4 After that the compression of the above file segments.
Step:5 This file is encrypted with Rivest–Shamir–Adleman (RSA) public key, apply network
coding and store on cloud.
Figure 1: Architecture of Proposed work
Figure 1 show the upload, stored and download procedure of my proposed work.
In general, user upload their files as it is without any security. Thus, there is always chance to modify the file by hacker or cloud storage provider also periodically check the files. Data security and data management handle by cloud provider but client don’t have their data control once they upload to Cloud. So confidentiality and integrity is the prime concern. The propose work will develop the tool for clients which will help them before uploading the file at Cloud with some security algorithm (encryption). I will use MD5 for integrity and RSA algorithm for confidentially. After that Partitioning of that file in 4 small packet and apply the network encoding, I will use random linear coding algorithm, and will randomly select two packets. Xoring those packet and after that packet will be stored in the Cloud storage. Hence, if any malicious activity occurs at Cloud storage, data will be safe because of the encryption.
At other side User-B pull out the data from the Cloud storage, first data decode those packet if any of those packet is missing or loss or corrupted. Then, we can get those packet from rest of the packet. This will help in regenerating the code and getting the data back or recovering the data. Once we get the all four packets, combine those packet data and apply the decryption to get original data back. And, we will also check and compare the md5 hash value that will check for the integrity.
I will use the java technology as programing language.
For cloud storage: I will use Amazon S3. Amazon S3 is web service offered by amazon web services. For that I will use Amazon Web Service (AWS), Java SDK and AWS S3 Software Development Key (SDK).
Regenerating code Example:
Figure 2 showed, one large file divided into 4 same size small packet. There are four storage node which contains combination of two or more of packets. This combination of packet forwarded into network, at receiver side if one of the node is missing or lost we can recover that node from rest of the node. As you can see in figure 1, downloads one chunk from each node instead of whole file and calculate that node and get the original data back and you can regenerate the node. Applying this methodology, people can save repair traffic around 25%.
1 Wiley India Edition,” Cloud Computing Bible”
2 Vinay Kumar pant, Jyoti Prakash, Amit Asthana, “Three step data security model for cloud computing based on RSA and Steganography Techniques”,IEEE 2015 International Conference on Green Computing and Internet of Things.pp.490-494.
3 Shweta Kaushik, Charu Gandhi, “Cloud data security with hybrid symmetric encryption”,IEEE 2016(ICCTICT).
4Kamal Kumar Chauhan, Amit K.S.Sanger, Ajai Verma,”Homomorphic encryption
for data security in cloud computing.”IEEE 2015 International Conference on
5 Priyanka Ora, Dr.P.R.Pal,”Data Security and Integrity in Cloud computing based on RSA Partial Homomorphic and MD5 Cryptography”IEEE International Conference on Compute Communication and Control.
6 Akshita Bhandari, Ashutosh gupta,Debasis Das”Secure Algorithm for Cloud
Computing and Its Applications”. IEEE 2016 6th International Conference-Cloud
system and Big data Engineering.pp.188-192.
7 William Stalling, “Cryptography and Network Security-Principles and
Practices”, Third Edition, publication-Pearson.
8 Mohammad reza zakirinasab, Mea Wang “An update model for network coding in cloud storage system,”2012 IEEE 50th annual allerton conference on communication ,control and computing.”
9 Yanbo Lu, Jie Hao, Xin-ji Liu,”Network coding for data retrieving in cloud storage system,”IEEE 2015 International symposium on network coding.
10 Dimitris S. Papailiopoulos, Jianqiang Luo., Alexandros G. Dimakis, Cheng Huang, Jin
Li,” Simple Regenerating Codes:Network coding for Cloud Storage 2012 ,IEEE