DATA STORAGE SECURITY IN CLOUD COMPUTING USING THIRD PARTY AUDITOR (TPA)
Journal Title: International Journal of Engineering Sciences & Research Technology - Year 30, Vol 5, Issue 7
Abstract
Cloud Computing is evolving and considered next generation architecture for computing. Typically cloud computing is a combination of computing recourses accessible via internet. Historically the client or organisations store data in data centres with firewall and other security techniques used to protect data against intrudes to access the data. Since the data was confined to data centres in limits of organisation, the control over the data was more and well defined procedures could be used for accessing its own data. However in cloud computing, since the data is stored anywhere across the globe, the client organisations have less control over the stored data. To built the trust for the growth of cloud computing the cloud providers must protect the user data from unauthorised access and disclosure. One technique could be encrypting the data on client side before storing it in cloud storage, however this technique has too much burden from client perspective in terms of key management, maintainence perspective etc. Other way could be this kind of security service like computing hash of data and verifying integrity of data, encryption/decryption service if provided by same cloud storage provider, the data compromise cannot be ruled out since same provider has access to both storage and security service. Divide and rule can be one of the techniques, meaning dividing the responsibilities amongst different cloud services providers can benefit the client. A trusted 3rd party cloud provider be used to provide security services, while the other cloud provider would be data storage provider. The trusted 3rd party security service provider would not store any data at its end, and its only confined to providing security service. The application or software will provide data integrity verification by using hashing algorithm like SHA-1,provide encryption/decryption using symmetric algorithm like ES, and defining band of people who can access the shared data securely can be achieved by defining access list. The Software is only resonsible for encryption/decryption, computing/verifying the hash of the data and does not store any data in trusted 3rd party security system server. The encrypted data along and original data hash are stored in Separate Cloud (Security Cloud), therefore even if the storage cloud system administrator has access user data, since the data is encrypted it will be difficult for the system administrator to understand the encrypted data. While the user downloads the data from Storage Cloud, it is decrypted first and then new hash is calculated which is then compared with hash of original data stored in Security Cloud. Finally, this software/application provides the user with the ability to store the encrypted data in Storage cloud and hash and encryption/decryption keys in security cloud service, and no single cloud service provider has access to both. Other benefit of delegating responsibility to trusted 3rd party is that it reliefs the client from any kind of key management or over head is maintainance of any key information related to data on it device, because of which it allows the client to use any browser enabled devices to access such service.
Authors and Affiliations
Rahul K. Morghade
Prediction and simulation of Chromium (VI) ions removal efficiency by riverbed sand adsorbent using Artificial Neural Networks
In the present work removal of chromium from aqueous solution using riverbed sand as adsorbent was studied. The initial Cr (VI) concentration was varied from 10 mg/L to 100 mg/L with varying amount of riverbed sa...
A Review on Current Scenario in the Field of Nanorobotics
This paper focusses on the contemporary development of nano-robotics by describing various design models, potential applications and associated issues. Nanorobots are devices at nano (10-9) meters that are compos...
FEASIBILITY STUDY OF A GRID CONNECTED SOLAR PV SYSTEM FOR A RESIDENTIAL LOAD IN JABALPUR
This paper focuses on the optimal designing of grid connected solar photovoltaic power system for a residential building of Jabalpur city, Madhya Pradesh, India (latitude and longitude of 23 10’N and 79 54’E respectively...
A Survey on Enabling Privacy for Secure Cloud Storage by Batch Auditing
The Cloud computing is a newest technology which Provides various services through internet. Where users can remotely store their data into the cloud, User can upload their data on cloud and can access those data...
THERMAL ANALYSIS OF EARTH AIR HEAT EXCHANGER USING CFD
This project focuses on Earth Air Heat Exchanger which is reducing energy consumption in a building. The air is passing through the buried tubes and heat exchange takes place between air a...