Anshu Singh, Prachi Gupta, Rashmi Lonare, RahulKrSharma
Department of Computer Technoloy,
Priyadarshini College of Engineering,
Prof. N A Ghodichor
Department of Computer technology,
Priyadarshini College of Engineering,
Cloud computing has quickly become one of the most significant field due to its evolutionary services provided model of computing not only in the IT industry but also in the software and hardware industry. This mechanism came up with increasing flexibility, scalability and reliability; while decreasing the operational and support cost. Due to the cloud computing, it becomes easy for managing the stuffs related as well as provides many features which cannot be replaced by anyone. It is a way difficult as well as effective in its own. As even the moon has the dark spots, then how can the cloud be clear without any spot. Providing security is a major concern as the cloud data are stored and accessed in a remote server with the help of by the cloud service provider. This paper presents an overview and study of cloud computing with some security issues, technologies and security solutions.
Keywords: Cloud computing, cloud architecture, services, security issues, data security techniques.
As we all know, every industry either the smaller ones or the large ones, all of them have the large amount of data that they need to manages, want it to secure and have privacy means they do not want their data to get accessed by any other third party or unauthorized user. Previously for this purpose, these industry store that data in their personal computers or small servers. But by the time their data became unmanagable by them due to less space as well as time and people and they felt difficult in managing their data. Then the concept of cloud was introduced. Some of the organizations who have got more space means server started giving their server on rent for their profit. They started giving their space as well as they started providing the facility or services of managing their data for those organizations or individual. As per the requirement of the companies there are four types of cloud which got introduced. These cloud types are actually known as deployment model of cloud.
1.1 Deployment Model: The Deployment Model is represents the cloud of different category and their shape and size. It does tells about the nature and the purpose of the cloud. There are four cloud according to the deployment model:
A. Public Cloud: It is the most known cloud in all because it is easily usable any anyone. It is kind of straight forward cloud computing. Public cloud is accessible by more than one organization. We just need to have the email address and then the work can be deploy on the cloud. It can easily be connected to the internet server to access the cloud from anywhere, it shows its flexibility. Literally it is operated and managed by the third party and it is pay per use model. You have to pay for it if you want to have your access in the public cloud.
B. Private Cloud: It has some similar features to public cloud like scalability and self-service. The private cloud are generally owned by the large organization because it costs very much for accessing and managing. Private cloud is accessed by single organization. It has more security and privacy than other clouds because a single organization is controlling the data then it will share its data or documents only with whom it wanted to be. In this cloud more control is on the side of the client side. It has faster speed because less no of organization work load is there.
C. Hybrid Cloud: It has the infrastructure which is made of the combination of the segments of public cloud which is the third party and the private cloud that is the client side. It has the security and it is flexible. It is simply like any organization which is having a private cloud and then that organization sign ups with a public cloud then it integrates both the clouds to provide services to any other organization. This is what a hybrid cloud is.
D. Community Cloud: Community simply means a group of anything to work together for a particular task.When two or more organizations or service providers wants to work together with their different cloud structure and provide services to any consumer then it is quite beneficial because the work is done in less time, more resources are available, every organization maintain their responsibility and they use to share their burden among all. This cloud is more secure than public as well as there is less fund required.
2. ARCHITECTURE OF CLOUD:
Cloud computing is divided into two part first one is the front end which is shown in the user side, and second is the back end which is the “cloud” .Both the are connected to each other through INTERNET. Client’s computer and the application request to access the cloud computing system are include in front end .The back end of the system are the various computer server and data storage system that create the “cloud” of computing system. A third party control the flow of both ends, monitoring traffic and client demand called as a central server administrators. A special kind of software use to flow a set of rules and protocols called as the middleware which is cloud operating system.
3. SERVICESOF CLOUD COMPUTING:
A. “Software as a Service” (SaaS): SaaS model are provided with the access to the application software which are often referred as the “On-demand software”. SaaS uses the Web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients’ side. Most SaaS applications can be run directly from a Web browser, without any downloads or installations required. SaaS eliminates the need to install and run applications on individual computers. With SaaS, it’s easy for enterprises to streamline their maintenance and support, because everything can be managed by vendors: applications, runtime, data, middleware, O/S, virtualization, servers, storage, and networking. Example: Google app, Microsoft Office 365.
B. “Platform as a Service” (PaaS): It provides the platform which typically includes operating system, programming language execution environment, databases, web server, etc. PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective, eliminating the need to buy the underlying layers of hardware and software. One comparison between SaaS vs. PaaS has to do with what aspects must be managed by users, rather than providers: With PaaS, vendors still manage runtime, middleware, O/S, virtualization, servers, storage, and networking, but users manage applications and data. Example: Windows Azure.
C. “Infrastructure as a Service” (IaaS): This base layer provides the computing infrastructure, physical or virtual machines and other resources like virtual disk image library, block and file based storage, firewalls, load balances, IP addresses, virtual local area networks, etc. Instead of having to purchase software, servers, or network equipment, users can buy these as a fully outsourced service that is usually billed according to the amount of resources consumed. Basically, in exchange for a rental fee, a third party allows you to install a virtual server on their IT infrastructure. IaaS users are responsible for managing more: applications, data, runtime, middleware, and O/S. Vendors still manage virtualization, servers, hard drives, storage, and networking. What users gain with IaaS is infrastructure on top of which they can install any required platforms. Users are responsible for updating these if new versions are released. Example: Windows azure, Amazon EC2, Google compute engine.
4. CHALLENGES IN CLOUD COMPUTING:
There is security concern because of the malicious insider and this is one of the biggest problem because the person who is actually trying to access the data is one of the authorized one. Data security is one of the biggest concern in cloud computing. While sharing or transmitting the data between two organization there are chances that some unauthorized user is actually trying to access the data. And if proper security is not provided to the data then it may lead to the misuse of data.
Let the scenario be like a sender is sending its data to the receiver but the receiver didn’t get the data but the sender get its data sent then this is a kind of problem which is known as the data loss and the data leakage. Like the data is not on either side. Then the data can be misused by any user who have that.
When any private organization is taking any cloud services then it is losing its confidentiality over that service provider. Because they have no other option of sharing its data to the cloud service providers.
There is an another problem of integrity or interoperability where two organization wants to work on the same platform but are unable to do so because their data will not be shared between them so they will not work with each other.
Availability of data is must in cloud. There are chances that the client is searching for the data in the cloud where it has stored it but is unable to find the data in cloud. That is the reason why the client or user should know the accurate location of the data in the cloud.
The concept of multi-tenancy can also become a problem to cloud because in this there are multiple tenants means a group of user who uses common access with specific priviledge to the software instance.
5.SECURITY SOLUTION / ALGORITHM:
A. Encryption: Data encryption is one of the techniques where we can protect or secure our data from getting misused by the unauthorized user. Generally there are three encryption algorithms which have been used for securing the data in cloud computing.
- RSA Algorithm
- AES Algorithm
- DES Algorithm
A. RSA Algorithm: It is the algorithm which was publically described in 1978 by Ron Rivest, Adi Shamir and Leonard Adleman. On the name of these three scientist this algorithm was named as RSA Algorithm. It is one of the key-cryptography algorithm which is widely used for encrypting the data. It is asymmetric. This algorithm is mentioned as one of the useful algorithm as well as the powerful algorithm amongst all. The speed of this algorithm is quite good. In this algorithm there are two keys which is generated through the RSA algorithm, one is the public key and another key is the private key. The plaintext is encrypted with the help of the public key. And the receiver will generate the private key. The public key is known to everyone and also the cipher text. But the sender and receiver will only know the private key. So that there will not be any concern about the security.
B. AES Algorithm: The algorithm was developed by two Belgian cryptographer Joan Daemen and Vincent Rijmen. It was first published in 1998. The AES stands for Advanced Encryption Standard. It is also known as rijndael algorithm. It is symmetric key algorithm. It was first adopted by the U.S government and now is being used in the whole world.it is having various ciphers with different keys and the block sizes. In this the plain text is encrypted with the help of AES and then the cipher text which we have got will again encrypted likewise there will be various round like the AES algorithm includes 10, 12 and 14 round with the 128, 192 and 256 key bits. As there are various rounds in this algorithm the plain text is encrypted many times and this helps the data to have the security.
C. DES Algorithm: This algorithm was developed in the early 1970s at IBM and based on an earlier design by Horst Feistel. This stands for Data Encryption Standard. It is believed that it not that much secure because of its size being too small that is 56 bits. And the time taken to break a DES encryption taken is 22 hours and 15 minutes approximately that is the reason why the single DES is not secure, as it is fast. So in the place of simple des it is believed that we can use triple des more efficiently.
Auditing in cloud computing: Auditing simply Checks accuracy and regularity. Also gives report, in that report alter and specify the account are properly made or not where the account presents a true and fair value or not.
In terms of cloud, Cloud audit is a specification for the presentation of information about how a cloud computing services provider addresses control frameworks. The goal of cloud audit is to provide cloud service providers with a way to make their performance and security data readily available for potential customers. The specification provides a standard way to present and share detailed automated statistics about performance and security.
Example: – With cloud audit, vendors can provide information once and only update when there are changes.
Auditing in cloud computing: Auditing cloud computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among other aspects, are addressed for cloud based resources.
In cloud computing IT auditing also refer:
The process of collecting and evaluating evidence to determine whether a computer system safeguards assets, maintains data integrity, achieves organizational goals effectively and consumes resources efficiently.
Framework: The term “framework” is used to loosely describe collections of anything from development tools to middleware to database services that ease the creation, deployment and management of cloud applications. Those that work at the level of servers, storage and networks are infrastructure-as-a-service (IaaS) frameworks. Those that operate at the higher level of applications are platform-as-a-service (PaaS) frameworks.
Among the most popular IaaS frameworks are Open Stack, Eucalyptus, and the Ubuntu Cloud infrastructure. Citrix recently announced it was making its formerly proprietary Cloud Stack IaaS platform part of the open-source Apache project. Gartner analyst Lydia Leong wrote in her blog that this is “big news” because Cloud Stack is much more stable and production-ready than the “unstable” and “buggy” Open Stack.
Popular PaaS frameworks include Heroku, Cloud Foundry (backed by VMware), and Red Hat’s Open Shift, which is built on a foundation of Red Hat Enterprise Linux with support for a variety of languages and middleware through the use of “cartridges.”
Customers often use multiple frameworks and associated tools. One example is the use of Open Stack to provision virtual machines, and Opscode Chef to create “recipes” describing how servers should be configured, says Opscode co-founder Jesse Robbins. The further up the “stack” a platform operates, the less work the customer must do, but they also have less control over the infrastructure components, says Matt Conway, CTO at online backup vendor Backupify.
Beyond easing cloud creation, most frameworks claim to make it easier to move cloud deployments among public and private clouds to get the lowest cost and best service.
6. LITERATURE SURVEY
From our review, we have concluded that various techniques are used to secure the data those are encryption, auditing and framework. In which, the most preferred way or technique is encryption according to all papers. The pie chart below shows us that encryption is more preferred for cloud data security.
- Vaishali Patil, Priyanka Fulari, S. S. Patil, Nitesh Ghodichor “A Review on an Unobservable Secure Routing Protocol With Wormhole Attack Prevention In Manet” @ ICAET 2014.
- Kire Jakimoski, “Security techniques for Data Protection in Cloud Computing” @International Journal of Grid and Distributed Computing, Vol. 9, No 1, 2016
- R. Velumadhava Rao, K. Selvamani, “Data Security Challenges and Its Solutions in Cloud Computing” @ICCC 2015.
- Changyou Guo and Xuefeng Zheng, “The Research of Data Security Mechanism Based on Cloud Computing” @International journal of Security and its applications 2015.
- Rohit Baja, “Developing framework for secure storage in cloud computing system” @IJNIET, Vol 1 issue 3, February 2013
- Rabi Prasad Padhy, Manas Ranjan Patra, Suresh Chandra Satapathy, “Cloud Computing: Security Issues and Research Challenges” @IRACST 2011.