Date post: | 19-Jan-2016 |
Category: |
Documents |
Upload: | mohammed-nawaz-shaik |
View: | 23 times |
Download: | 0 times |
Security and Privacy-Enhancing in Multi Cloud Architectures
Under the Guidance of Mr .RAMESH BABU , M.Tech Asst.Prof ,CSE Dept Presented by: K .Yamuna (10701A05b3) S .Reshma (10701A0564) N .Swarajitha (10701A0593) E .Sanjeev prem kumar (10701A0569) A .Siddartha (11705A0519)
Abstract Existing System Disadvantages. Proposed System Advantages Module System Requirements Design Result Conclusion
List Of Contents
Abstract:
• Security challenges are still among the biggest obstacles
when considering the adoption of cloud services.
• This triggered a lot of research activities, resulting in a
quantity of proposals targeting the various cloud
security threats.
Cloud computing is a
subscription-based service
where you can obtain network
storage space and computing
resources.
IntroductionWhat is Cloud Computing?
Existing System:
• When considering using a cloud service, the user must be
aware of the fact that all data given to the cloud provider leave
the own control and protection sphere.
• Even more, if deploying data-processing applications to the
cloud (via IaaS or PaaS), a cloud provider gains full control on
these processes.
Disadvantages:
1.Third party auditors are not control the all security risks.
2. Misuse the cloud services
3. Attackers are going to alter and manipulations of data.
Proposed System:
• One idea on reducing the risk for data and applications in a public
cloud is the simultaneous usage of multiple clouds.
• Several approaches employing this paradigm have been proposed
recently.
• It provides four distinct models in the form of abstracted
multicloud architectures.
Advantages:
• Achieves the data integrity.
• Reduce the attacker risks
• It gives the confidentiality
List of the modules:• Replication of applications.
• Partition of application System into tiers.
• Partition of application logic into fragments.
• Partition of application data into fragments.
Modules
• Instead of executing a particular application on one specific
cloud, the same operation is executed by distinct clouds. By
comparing the obtained results, the cloud user gets evidence
on the integrity of the result.
• Instead of trusting one cloud service provider totally, the
cloud user only needs to rely on the assumption that the
cloud providers do not collaborate maliciously against
herself.
Replication of Application
Replication of application system Architecture.
• Allows separating the logic from the data gives
additional protection against data leakage due to flaws in
the application logic.
• It needs to be noted, that the security services provided by this
architecture can only be fully exploited if the execution of the
application logic on the data is performed on the cloud user’s
system.
Partition of application System into tiers
Partition of application system into tiers Architecture.
• Allows distributing the application logic to distinct clouds.
This has two benefits.
o First, no cloud provider learns the complete application
logic.
o Second, no cloud provider learns the overall calculated result
of the application. Thus, this leads to data and application
confidentiality.
Partition of application logic into fragments:
Partition of application logic into fragments Architecture
• Allows distributing fine-grained fragments of the data to
distinct clouds.
• None of the involved cloud providers gains access to all the
data, which safeguards the data’s confidentiality.
Partition of application data into fragments
Partition of application data into fragments
Hardware and Software Requirements
HARDWARE REQUIREMENTS:
System : Any Processor above 500 MHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 15 VGA Color. Mouse : Logitech. RAM : 512 MB.
SOFTWARE REQUIREMENTS
Language : JDK (1.7.0)
Frontend : JSP, Servlets
Backend : Oracle10g
IDE : my eclipse 8.6
Operating System : windows XP
Functional Requirements Owner Login idPasswordUpdate files UserLogin id PasswordDownload
Spiral Model
Class Diagram
Sequence Diagram for owner
Owner Logincheck Home Profile UploadFiles UploadFileStatus Queries Security Logout
1 : Logincheck()
2 : if valid()
3 : not valid4 : ViewProfile()
5 : Uploadfiles()
6 : ViewAllUploadedFiles()
7 : filestatus8 : ViewQueries()
9 : GiveSolution
10 : ChangePassword()
11 : Logout()
12 : AgainLogin()
Sequence Diagram for userUser Logincheck Home Profile AccessFilefromCloudAccessFiles Queries Security Logout
1 : Logincheck()
2 : if valid()
3 : ViewProfile()
4 : not valid
5 : UpdateProfile
6 : ViewAllUploadedFilesfromserver()
7 : GetKey()
8 : DownloadFiles
9 : filestatus
10 : PostQueries()
11 : ViewSolution
12 : ChangePassword()
13 : Logout()
14 : AgainLogin()
Activity Diagram for owner
Owner
Authentication
Home ProfileUploadfiles
UploadFileStatus
ViewAllUpdatedFiles FileStaus
Queries
ViewQueriesGiveSolutions
ChangePassword Logout
if fails
if success
Activity Diagram for user
User
Authentication
Home ProfileAccessDetails
AccesssFileFromCloud
GetKey DownloadFile
Queries
PostQueriesViewSolutions
ChangePassword Logout
if fails
if success
owner
Home
Profile ViewProfile
Uploadfiles
UploadFileStatusViewAllUploadedFiles
FileStatusViewQueries
GiveSolution
ChangePassword
Logout
<<include>>
<<include>>
Usecase diagram for owner
User
Home
Profile
ViewProfile
AccessFilesFromCloud
GetKey
DownloadFiles
Queries
ViewSolutionChangePassword
Logout
UpdateProfile
PostQuery
AccessDetails
ViewAllFilesFromServer
Usecase diagram for user
Unit Testing Integration Testing System Testing Black Box Testing White Box Testing
Testing Methods
Test Case Name Test Case Description
Test Steps
Step Expected Actual
Login Validate Login To verify that Login name on login page must
be greater than 1 characters
enter login name less than 1 chars (say a) and
password and click Submit button
an error message “Login not less than 1
characters” must be displayed
enter login name 1 chars (say a) and password
and click Submit button
Login success full or an error message
“Invalid Login or Password” must be
displayed
Pwd Validate Password To verify that Password on login page must be
greater than 1 characters
enter Password less than 1 chars (say nothing)
and Login Name and click Submit button
an error message “Password not less
than 1 characters” must be displayed
Login Page Test Case
Pwd02 Validate Password
To verify that
Password on login
page must be allow
special characters
enter Password with special
characters(say !@hi&*P)
Login Name and click
Submit button
Login success full or an
error message “Invalid
Login or Password”
must be displayed
Llnk Verify Hyperlinks To Verify the Hyper
Links available at left
side on login page
working or not
Click Sign Up Link Home Page must be
displayed
Click Sign Up Link Sign Up page must be
displayed
Click New Users Link New Users Registration
Form must be
displayed
Test Case Name Test Case Description
Test Steps
Step Expected Actual
Registration Validate User Name To verify that User name on Registration page
must be Declared
enter User name click Submit button an error message User Name Must be
Declared
Validate Password To verify that Password on Registration page
must be Declared
enter Password click Submit button an error message Password Must be
Declared
Validate First Name To verify that First Name on Registration page
must be Declared
enter First Name click Submit button an error message First Name Must be
Declared
Validate Last Name To verify that Last Name on Registration page
must be Declared
enter Last Name click Submit button an error message Last Name Must be
Declared
Registration Page Test Case
The use of multiple cloud providers for gaining security and
privacy benefits is nontrivial.
For instance, using the n clouds approach (and its integrity
guarantees) in combination with sound data encryption (and
its confidentiality guarantees) may result in approaches that
suffice for both technical and regulatory requirements.
Conclusion
[1] P. Mell and T. Grance, “The NIST Definition of Cloud Computing, Version 15,” Nat’l Inst. of Standards and Technology, Information Technology Laboratory, vol. 53, p. 50, http://csrc.nist.gov/groups/ SNS/cloud-computing/, 2010. [2] F. Gens, “IT Cloud Services User Survey, pt.2: Top Benefits & Challenges,” blog, http://blogs.idc.com/ie/?p=210, 2008. [3] Gartner, “Gartner Says Cloud Adoption in Europe Will Trail U.S. by at Least Two Years,” http://www.gartner.com/it/page. jsp?id=2032215, May 2012. [4] J.-M. Bohli, M. Jensen, N. Gruschka, J. Schwenk, and L.L.L. Iacono, “Security Prospects through Cloud Computing by Adopting Multiple Clouds,” Proc. IEEE Fourth Int’l Conf. Cloud Computing (CLOUD), 2011. [5] D. Hubbard and M. Sutton, “Top Threats to Cloud Computing V1.0,” Cloud Security Alliance, http://www. cloudsecurityalliance.org/topthreats, 2010. [6] M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “On Technical Security Issues in Cloud Computing,” Proc. IEEE Int’l Conf. Cloud Computing (CLOUD-II), 2009. [7] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third- Party Compute
References
…………
…………
Any Queries..