| Date post: | 17-Nov-2015 |
| Category: |
Documents |
| Upload: | bhavyadesai |
| View: | 220 times |
| Download: | 3 times |
Cloud Computing Security
ENSURING DISTRIBUTED ACCOUNTABILITY FOR DATA SHARING IN THE CLOUD
Guided By: Ms.K.praveena,Asst.Prof
K.O.R.M COLLEGE OF ENGINEERING ,KADAPA. (Department Of Computer Science& Engineering.)YEAR: 2012-13
1Group ID - 01
Project MemberRoll NoV.S.Sharma09BC1A0556B.Vinod Kumar09BC1A0508V.Pitchiah09BC1A0554P.Nagendra09BC1A0539
What Is Cloud computing ?
Cloud computingis the use ofcomputingresources (hardware and software) that are delivered as a service over anetwork(typically theInternet). The name comes from the use of acloud-shaped symbol as an abstraction for the complex infrastructure it contains in system diagrams. Cloud computing entrusts remote services with a user's data, software and computation.
2
3 cloud service modelsCloud Software as a Service (SaaS)
Cloud Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
3
Introduction To ProjectCloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that users data are usually processed remotely in unknown machines that users do not own or operate.While enjoying the convenience brought by this new emerging technology, users fears of losing control of their own data (particularly, financial and health data) can become a significant barrier to the wide adoption of cloud services. To address this problem, here, we propose a novel highly decentralized information accountability framework to keep track of the actual usage of the users data in the cloud. In particular, we propose an object-centered approach that enables enclosing our logging mechanism together with users data and policies.
Cloud Computing Security: From Single to Multi-clouds4
Existing SystemTo allay users concerns, it is essential to provide an effective mechanism for users to monitor the usage of their data in the cloud.
For example, users need to be able to ensure that their data are handled according to the servicelevel agreements made at the time they sign on for services in the cloud.
Conventional access control approaches developed for closed domains such as databases and operating systems, or approaches using a centralized server in distributed environments, are not suitable.
5
Drawbacks of Existing SystemFirst, data handling can be outsourced by the direct cloud service provider (CSP) to other entities in the cloud and theses entities can also delegate the tasks to others, and so on.
Second, entities are allowed to join and leave the cloud in a flexible manner.
6
Proposed systemWe propose a novel approach, namely Cloud Information Accountability (CIA) framework, based on the notion of information accountability.
Our proposed CIA framework provides end-toend accountability in a highly distributed fashion. One of the main innovative features of the CIA framework lies in its ability of maintaining lightweight and powerful accountability.
The push mode refers to logs being periodically sent to the data owner or stakeholder while the pull mode refers to an alternative approach whereby the user (or another authorized party) can retrieve the logs as needed.
7
Department Of Computer Engineering
Hardware RequirementsProcessor - Pentium IVRAM - 512 MBHard Disk - 80 GB
8
Software RequirementsOperating System :Windows2000Application Server : Tomcat5.0/6.X Front End : HTML, Java, Jsp Scripts : JavaScript.Server side Script : Java Server Pages.Database : Mysql 5.0Database Connectivity : JDBC.
9
ModulesCloud Information Accountability (CIA) Framework:Distinct mode for auditingLogging and auditing TechniquesMajor components of CIA
10
1. Cloud Information Accountability (CIA) Framework:
CIA framework lies in its ability of maintaining lightweight and powerful accountability that combines aspects of access control, usage control and authentication.
By means of the CIA, data owners can track not only whether or not the service-level agreements are being honored, but also enforce access and usage control rules as needed.
11
2. Distinct mode for auditing
Push mode:The push mode refers to logs being periodically sent to the data owner or stakeholder.Pull mode: Pull mode refers to an alternative approach whereby the user(Or another authorized party) can retrieve the logs as needed.
Cloud Computing Security: From Single to Multi-clouds12
3. Logging and auditing Techniques:
The logging should be decentralized in order to adapt to the dynamic nature of the cloud. Every access to the users data should be correctly and automatically logged. Log files should be reliable and tamper proof to avoid illegal insertion, deletion, and modification by malicious parties.Log files should be sent back to their data owners periodically to inform them of the current usage of their data. The proposed technique should not intrusively monitor data recipients systems, nor it should introduce heavy communication and computation overhead, which otherwise will hinder its feasibility and adoption in practice.
Cloud Computing Security: From Single to Multi-clouds13
4. Major components of CIA
There are two major components of the CIA, the first being the logger, and the second being the log harmonizer.
The logger is strongly coupled with users data (either single or multiple data items).
It may also be configured to ensure that access and usage control policies associated with the data are honored.
The logger will control the data access even after it is downloaded by user X.
Cloud Computing Security: From Single to Multi-clouds14
Architecture15
(Owner)
Cloud Computing Security: From Single to Multi-clouds16
(User)Cloud Computing Security: From Single to Multi-clouds17
Component DiagramAdmin
18
(CSP- Customer Service Provider)
Cloud Computing Security: From Single to Multi-clouds19
TestingUnit TestingIntegrated TestingFunctional TestingSystem TestingWhite Box TestingBlack Box TestingAcceptance Testing20
SCREEN SHOTSCloud Computing Security: From Single to Multi-clouds21
Home PageCloud Computing Security: From Single to Multi-clouds22
User page
Cloud Computing Security: From Single to Multi-clouds23
View account PageCloud Computing Security: From Single to Multi-clouds24
Send request to CIA for download:
Cloud Computing Security: From Single to Multi-clouds25
Download ListCloud Computing Security: From Single to Multi-clouds26
Owner PageCloud Computing Security: From Single to Multi-clouds27
File Upload Cloud Computing Security: From Single to Multi-clouds28
ALL User & Owner RecordsCloud Computing Security: From Single to Multi-clouds29
Reference papers1. P. Ammann and S. Jajodia, Distributed Timestamp Generation in Planar Lattice Networks, ACM Trans. Computer Systems, vol. 11, pp. 205-225, Aug. 1993.2.G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, Provable Data Possession at Untrusted Stores, Proc. ACM Conf. Computer and Comm. Security, pp. 598- 609, 2007.3. E. Barka and A. Lakas, Integrating Usage Control with SIP-Based Communications, J. Computer Systems, Networks, and Comm., vol. 2008, pp. 1-8, 2008.
30
Any Queries ?
31Thank You
