Date post: | 22-Oct-2014 |
Category: |
Documents |
Upload: | gurpreet-anant-maan |
View: | 125 times |
Download: | 0 times |
1
SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM
A Dissertation Proposal submitted
By student
mann
to
Department CSE
In partial fulfilment of the Requirement for the
Award of the Degree of
Master of Technology in
Under the guidance of
(Advisor)
Month Year
2
CERTIFICATE
This is to certify that
has completed M.Tech dissertation
proposal titled SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM under my guidance and supervision. To the best of my knowledge, the present work is the result of her original investigation and study. No part of the dissertation p r o p o s a l has ever been submitted for any other degree or diploma.
The dissertation proposal is fit for the submission and the partial fulfilment of the conditions for the award of M.Tech Computer Science & Engg.
Date: Signature of Advisor
Name:
DECLARATION
I hereby declare that the dissertation p roposa l entitled SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM submitted for the M.Tech Degree is entirely my original work and all ideas and references have been duly acknowledged. It does not contain any work for the award of any other degree or diploma.
Date: _
Investigator
Reg No.
INTRODUCTION
In its broadest usage, the term cloud computing refers to the delivery of scalable IT
resources over the Internet, as opposed to hosting and operating those resources
locally, such as on a college or university network. Those resources can include
applications and services, as well as the infrastructure on which they operate. By
deploying IT infrastructure and services over the network, an organization can
purchase these resources on an as-needed basis and avoid the capital costs of software
and hardware. With cloud computing, IT capacity can be adjusted quickly and easily
to accommodate changes in demand.
While remotely hosted, managed services have long been a part of the IT landscape, a
heightened interest in cloud computing is being encouraged by maturing standards, the
rise of hardware and software virtualization, and the push to make IT costs variable
and transparent.
Cloud and cloud-like solutions appear to be widespread and growing in higher
education, though in relatively focused areas, such as student e-mail. E-mail
notwithstanding, higher education institutions are more likely to obtain new services
from the cloud than to transition established services that have long been operated by
the campus. Many colleges and universities see pockets of cloud service usage in
other areas, often led by individual faculty or students looking for the added
flexibility and convenience that the cloud can provide.
Among the drivers that are encouraging more institutions to contemplate cloud
services are budget pressures, calls for increased reliability of and access to IT
systems, and the need for institutions to provide timely access to the latest IT
functionality.
WORKING
In traditional enterprise computing, IT departments forecast demand for
applications and capacity and invest time and money to develop those resources in-
house or purchase them from others and operate them in-house. With cloud
computing, institutions procure IT services from remote providers, and campus
constituents access these resources over the Internet. E-mail, for example, long
considered a support of an institution’s IT operations, can be obtained from a range
of sources, and a growing number of campuses contract with outside suppliers for
this function.
Software is hosted by the provider and does not need to be installed—or maintained
— on individual computers around campus. In some cases, a large university or a
consortium might become a provider of cloud services. Storage and processing
needs can also be met by the cloud. Institutions pay only for the resources used, and
users can access the applications and files they need from virtually any Internet-
connected computer. In a mature cloud computing environment, institutions would
be able to add new IT services or respond to changes in capacity on the fly, saving
capital costs that can be redirected to programs of strategic value to the institution.
The emergence of cloud computing as a viable option for a growing number of IT
services speaks to a level of Internet penetration and infrastructure maturity that did
not exist just a few years ago. Analysts expect cloud computing to see mainstream
adoption in 2–5 years, and some higher education IT leaders believe that cloud
computing programs on campus will increase considerably in the coming years. To
the extent that these efforts are successful, confidence in the model and trust in
providers will grow, and institutions will be more amenable to transferring a larger
number of services to the cloud. Conversely, a breach of trust by a cloud provider
would likely leave institutions uneasy about cloud services.
CLASSIFICATION (SERVICE)
Software as a service (SAAS): SaaS is a new model of how software is delivered. SaaS refers to software that is accessed via a web browser and is paid on a subscription basis (monthly or yearly). Different from the traditional model where a customer buys a license to software and assumes ownership for its maintenance and installation, SaaS presents significant advantages to the customer.
SaaS is faster and a cost effective way to getting implemented. There are no hardware, implementation or acquisition costs involved to run the application from the customer's side. Unlike traditional software’s where upgrades would happen once a year or once in 6 months (with the vendor coming to your office with a CD), the SaaS vendor continuously pushes new updates, fixes to the application, which is immediately accessible by the customer. This reduces the length of time it takes a customer to recognize value from the software.
Example: Google Apps (Google Docs), SalesForce.com are among the providers of
this kind of cloud computing.
Product as a Service (PAAS):-Provides the entire infrastructure needed to run applications over the Internet. It is delivered in the same way as a utility like electricity or water. Users simply “tap in” and take what they need without
worrying about the complexity behind the scenes. And like a utility, PaaS is based on a metering or subscription model so users only pay for what they use.
With PaaS, corporate IT departments can focus on innovation instead of complex infrastructure. By leveraging the PaaS, organizations can redirect a significant portion of their budgets from “keeping the lights on” to creating applications that provide real business value.
This model is driving a new era of mass innovation. For the first time, developers around the world can access unlimited computing power. Now, anyone with an Internet connection can build powerful applications and easily deploy them to users wherever they’re located.
.
Example: Google App Engine, Microsoft’s Windows Azure platform, Amazon EC2
(Amazon Elastic Compute Cloud) , etc are among the providers of this kind of
cloud computing
Infrastructure as a Service (IAAS) is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the
equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis.
Characteristics and components of IaaS include:
Utility computing service and billing model. Automation of administrative tasks.
Dynamic scaling.
Desktop virtualization .
Policy-based services.
Internet connectivity.
Infrastructure as a Service is sometimes referred to as Hardware as a Service
(HaaS).
Example: Amazon Web Services, Rackspace Cloud, Go Grid , etc are among the
providers of this kind of cloud computing.
CLASSFICATION (LOCATION)
Public Cloud: Computing infrastructure is hosted at the vendor’s premises. The customer has no visibility over the location of the cloud computing infrastructure. The computing infrastructure is shared between organizations.
Private Cloud: Computing architecture is dedicated to the customer and is not shared with other organisations. They are expensive and are considered more secure than Public Clouds. Private clouds may be externally hosted ones as well as in premise hosted clouds.
Hybrid Cloud: Organisations host some critical, secure applications in private
clouds. The not so critical applications are hosted in the public cloud. The
combination is known as Hybrid Cloud. Cloud bursting is the term used to
define a system where the organisation uses its own infrastructure for normal
usage, but cloud is used for peak loads. Cloud computing describes a new
supplement, consumption, and delivery
model for IT services based on Internet
protocols, and it typically involves
provisioning of dynamically scalable and
often virtualised resources.
It is ay product and consequence of the
ease-of-access to remote computing sites
provided by the Internet. This may take the form of web-based tools or
applications that users can access and use through a web browser as if the
programs were installed locally on their own computers.
Cloud computing providers deliver applications via the internet, which are
accessed from web browsers and desktop and mobile apps, while the
business software and data are stored on servers at a remote location .
Review of literature
1 )Xuan Zhang, Nattapong Wuwong , Hao Li,Xuejie Zhang “Information Security
Risk Management Framework for the Cloud Computing Environments” Risk
management framework is one of security assessment tool to reduction of
threats and vulnerabilities and mitigates security risks. The goal of this paper is to
present information risk management framework for better understanding critical
areas of focus in cloud computing environment, to identifying a threat and
identifying vulnerability. This framework is covering all of cloud service models
and cloud deployment models. Cloud provider can be applied this framework to
organizations to do risk mitigation. Key to the successful adoption and transition
of information systems to a cloud computing environment is the implementation
or modification of a strategic proactive information security risk management
framework for cloud computing environment. They developed a framework that
implemented in logistics Software as a Service (SaaS) . Then they are apply this
framework to Infrastructure as a Service (IaaS) environment and Platform as a
Service(IaaS) to testing this framework.
2) Xue Jing ,Zhang Jian-jun2, 2007 “A Brief Survey on the Security Model of Cloud
Computing” This paper surveys the security problems of current cloud
computing that based on the architecture of cloud computing, a security model is
proposed. In cloud computing environment, they introduce the concept of
Security Access Control Service (SACS).SACS includes Access Authorization,
Security API, cloud connection Security. Access Authorization is used to authorize
to users who want to request cloud service. Security API keeps users use specific
services safely after accessing to the cloud connection security to ensure
Combining the SACS with the existing architecture of cloud computing, A security
model of cloud computing is
Constituted they can see that no attacks in the first 10 minutes, the system
performance which no using security model is better than the using one, the
reason is the using one needs some system resources to carry out safety testing.
After attack, the performance is rapidly increasing. So the cloud computing with
the proposed security model has the more stable performance when facing the
attack threat a variety of stacks at the same time.
3) Richard Chow, Philippe Golle, Markus Jakobsson, Ryusuke Masuoka, Jesus
Molina,
“Controlling Data in the Cloud : Outsourcing Computation without Outsourcing
Control “Laboratories of America. In this paper, they characterize the problems
and their impact on adoption. They describe how the combination of existing
research thrusts has the potential to alleviate many of the concerns impeding
adoption. In particular, they argue that with continued research advances in
trusted computing and computation-supporting encryption, life in the cloud can
be advantageous from a business intelligence standpoint over the isolated
alternative that is more common today.
4) Uma Somani, Kanika Lakhani, Manish Mundra ”Implementing Digital Signature
with RSA Encryption Algorithm to Enhance the Data Security of Cloud in Cloud
Computing” The cloud is a next generation platform that provides dynamic
resource pools, virtualization, and high availability. In this Research Paper, they
have tried to assess Cloud Storage Methodology and Data Security in cloud by the
Implementation of digital signature with RSA algorithm. in this paper propose ,
Digital Signature with RSA encryption algorithm to enhance data Security in Cloud
.A digital signature or digital signature scheme is a mathematical scheme for
demonstrating the authenticity of a digital message or document. A valid digital
signature gives a recipient reason to believe that the message was created by a
known sender, and that it was not altered in transit.
They proposed digital signature with RSA algorithm scheme to ensure the security
of
data in cloud. RSA is probably the most recognizable asymmetric algorithm.
5) Xin Zhou , Harbin, China “Research and Implementation of RSA Algorithm for
Encryption and Decryption” In this paper proposed an implementation of a
complete and practical RSA encrypt/decrypt solution based on the study of RSA
public key algorithm. In addition, the encrypt procedure and code
implementation is provided in details. Cryptographic technique is one of the
principal means to protect information security the encryption and decryption
solution can ensure the confidentiality of the information, as well as the integrity
of information and certainty, to prevent information from tampering, forgery and
counterfeiting. Encryption and decryption algorithm's security depends on the
algorithm while the internal structure of the rigor of mathematics, it also depends
on the key confidentiality RSA algorithm has been used as a possible
authentication methods in ISAKMP / Oakley framework. Diffie-Hellman key
exchange algorithm is a key component of the framework. a key agreement
session, participants communicate by using Diffie-Hellman algorithm and create
shared keys which will be used for key agreement protocol of follow-up steps in
order to achieve the optimal efficiency, the symmetric key algorithms and public
key cryptography algorithms are always combined together. That is using a
symmetric key cryptosystem to encrypt the confidential information needed to be
sent, while using the RSA asymmetric key cryptosystem to send the DES key.
6) Jayalatchumy ,Ram kumar,Kadhirvelu “Preserving Privacy through Data Control
in a Cloud Computing Architecture using Discretion Algorithm”India.Cloud
computing is an On-demand self-service Internet infrastructure where a customer
can pay and use only what is needed, managed by an API. The SP plays an active
role in transmitting information across the cloud. Providing security requires more
than user authentication with passwords or digital certificates. The discretion
algorithm has been designed and the IDS provide passive security solution. In this
paper define working of cloud computing cloud computing system is divided it
into two sections: the front end and the back end. They connect to each other
through a network, usually the Internet. The front end is the side the computer
user, or client, sees. The back end is the "cloud" section of the system. The front
end includes the client's computer and the application required to access the
cloud computing system. On the back end of the system are the various
computers, servers and data storage systems that create the “cloud" of
computing services
.
SIGNIFICANCE
Cloud computing presents IT organizations with a fundamentally different model of
operation, one that takes advantage of the maturity of web applications and
networks and the rising interoperability of computing systems to provide IT services.
Cloud providers specialize in particular applications and services, and this expertise
allows them to efficiently manage upgrades and maintenance, backups, disaster
recovery, and failover functions. As a result, consumers of cloud services may see
increased reliability, even as costs decline due to economies of scale and other
production factors.
With cloud computing, organizations can monitor current needs and make on-the-
fly adjustments to increase or decrease capacity, accommodating spikes in demand
without paying for unused capacity during slower times. Aside from the potential to
lower costs, colleges and universities gain the flexibility of being able to respond
quickly to requests for new services by purchasing them from the cloud. Cloud
computing encourages IT organizations and providers to increase standardization of
protocols and processes so that the many pieces of the cloud computing model can
interoperate properly and efficiently.
Cloud computing scalability is another key benefit to higher education, particularly
for research projects that require vast amounts of storage or processing capacity for
a limited time. Some companies have built data centres near sources of renewable
energy, such as wind farms and hydroelectric facilities, and cloud computing affords
access to these providers of “green IT.” Finally, cloud computing allows college and
university IT providers to make IT costs transparent and thus match consumption of
IT services to those who pay for such services.
OBJECTIVE
Understanding basic of cloud computing.
Implementing Cloud computing using Microsoft Azure in .NET Framework.
Implementation of CAESAR CIPHER algorithm of Encryption and
Decryption.
Implementing the RSA algorithm of Encryption and Decryption.
Providing data security to data using both of the above algorithms.
METHODOLOGY
In this research method we be experimenting with the given data ,and try to
secure this data from unauthorized access .Method of data security is Caesar
Cipher and RSA algorithm for providing data security ,Firstly data will be
encrypted using Caesar Cipher method which is further encrypted using RSA
method . And this data then can only be decrypted by authorized person by using
his private key.
FORMULATION OF HYPOTHESES
In all emerging areas of engineering science, there is normally a lack of knowledge
about their underlying processes, and technologies. Knowledge can be built if the
experiences are gathered and organized in the proper manner. This acquired
knowledge can be reused in many useful ways. Taking the above point into
consideration, they will be devising a mechanism or a way of storing and reusing
the past valuable experiences gained by the people during project development.
So the problem can be stated as SECURITY IN CLOUD USING CAESER CIPHER AND RSA
ALGORTHIM
SOURCES OF DATA
Data will be provided by the user when the application is run, qualitative data is
considered for that purposes.
RESEARCH DESIGN
It consists of using .Net framework for implementing the interface of the
application deployed in cloud .Application will have basic layout and will
implement Caesar Cipher and RSA algorithm for creating working layout.
TOOL
VISUAL STUDIO -2010 with cloud computing add in will be used to implement the
flow of the cloud computing application.
REFERENCES
http://searchcloudcomputing.techtarget.com/definition/public-cloud
http://microreviews.org/types-of-cloud-computing/
http://searchcloudcomputing.techtarget.com/sDefinition/0,
sid201_gci1287881,00.html
http://searchsecurity.techtarget.com/definition/RSA
http://www.boingboing.net/2009/09/02/cloudcomputing-skep.html
uan Zhang, Nattapong Wuwong, Hao Li 2”Information Security Risk Management
Framework for the Cloud”
Xue Jing, China Zhang Jian-jun2,(2007) “A Brief Survey on the Security Model of
Cloud Computing”
Richard Chow, Philippe Golle, Markus Jakobsson, Ryusuke Masuoka, Jesus Molina
Elaine Shi,” Controlling Data in the Cloud: Outsourcing Computation without
Outsourcing Control “
Uma Somani, Kanika Lakhani, Manish Mundra ”Implementing Digital Signature
with RSA EncryptionAlgorithm to Enhance the Data Security of Cloud”
Jayalatchumy, . Kadhirvelu “Preserving Privacy through Data Control in a Cloud
Computing Architecture using Discretion Algorithm”India.
Prashant Srivastava1, Satyam Singh2, Ashwin Alfred Pinto3, Shvetank Verma4,
Vijay K. Chaurasiya5, Rahul Gupta “An architecture based on proactive model for
security in cloud computing”
Xin Zhou , Teclmology Harbin “Implementation of RSA Algorithm for Encryption
and Decryption” China