DATA STORAGE SECURITY IN CLOUD COMPUTING USING THIRD PARTY AUDITOR (TPA)
Journal Title: International Journal of Engineering Sciences & Research Technology - Year 30, Vol 5, Issue 7
Abstract
Cloud Computing is evolving and considered next generation architecture for computing. Typically cloud computing is a combination of computing recourses accessible via internet. Historically the client or organisations store data in data centres with firewall and other security techniques used to protect data against intrudes to access the data. Since the data was confined to data centres in limits of organisation, the control over the data was more and well defined procedures could be used for accessing its own data. However in cloud computing, since the data is stored anywhere across the globe, the client organisations have less control over the stored data. To built the trust for the growth of cloud computing the cloud providers must protect the user data from unauthorised access and disclosure. One technique could be encrypting the data on client side before storing it in cloud storage, however this technique has too much burden from client perspective in terms of key management, maintainence perspective etc. Other way could be this kind of security service like computing hash of data and verifying integrity of data, encryption/decryption service if provided by same cloud storage provider, the data compromise cannot be ruled out since same provider has access to both storage and security service. Divide and rule can be one of the techniques, meaning dividing the responsibilities amongst different cloud services providers can benefit the client. A trusted 3rd party cloud provider be used to provide security services, while the other cloud provider would be data storage provider. The trusted 3rd party security service provider would not store any data at its end, and its only confined to providing security service. The application or software will provide data integrity verification by using hashing algorithm like SHA-1,provide encryption/decryption using symmetric algorithm like ES, and defining band of people who can access the shared data securely can be achieved by defining access list. The Software is only resonsible for encryption/decryption, computing/verifying the hash of the data and does not store any data in trusted 3rd party security system server. The encrypted data along and original data hash are stored in Separate Cloud (Security Cloud), therefore even if the storage cloud system administrator has access user data, since the data is encrypted it will be difficult for the system administrator to understand the encrypted data. While the user downloads the data from Storage Cloud, it is decrypted first and then new hash is calculated which is then compared with hash of original data stored in Security Cloud. Finally, this software/application provides the user with the ability to store the encrypted data in Storage cloud and hash and encryption/decryption keys in security cloud service, and no single cloud service provider has access to both. Other benefit of delegating responsibility to trusted 3rd party is that it reliefs the client from any kind of key management or over head is maintainance of any key information related to data on it device, because of which it allows the client to use any browser enabled devices to access such service.
Authors and Affiliations
Rahul K. Morghade
Keywords
Related Articles
- EP ID EP96224
- DOI -
- Views 123
- Downloads 0
Formulate a Hit Item Replacement and Propose Cluster Ensembling (CE) Algorithm for Data Compression
In this paper, we first propose an efficient distributed mining algorithm to jointly identify a group of moving objects and discover their movement patterns in wireless sensor networks. Afterward, we propose a co...
CO-DIAGNOSABILITY APPROACH OF DISCRETE EVENT SYSTEMS WITHOUT GLOBAL MODEL BASED ON PETRI NETWORKS AND INTERNAL SUCCESSION EVENTS
Diagnosability ensures that the global model of a centralized system, will always be able to diagnose a predetermined set of faults previously listed unambiguously. However co-diagnosability guarantee that these&n...
STUDY AND ANALYSIS ON PACKET SNIFFING TOOL CAIN AND ABEL- A REVIEW
Packet sniffing is a process which uses software or hardware devices to monitor and capture all data packets that are passing through any given network. Packet sniffing is a kind of wiretap which overseer telephon...
Vehicle Security and Accident Information System
The main aim of this project is to offer an advance security system in CAR, which consists of a face detection subsystem, a GPS module, a GSM module and a control platform. The face detection subsystem can detect...
PRETEND DESIGN OF A 9-LEVEL & 27-LEVEL MLI-DSTATCOM FOR REACTIVE POWER COMPENSATION IN PS
This article deals with the look and implementation of a construction voltage supply convertor (VSC) primarily based Distribution static synchronous compensator (DSTATCOM) and using an efficient modulation man...