484
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
Volume-5, Issue-2, April-2015
International Journal of Engineering and Management Research
Page Number: 484-490
Hide in Cloud – Securing the Media Cloud
A Feasibility Study of the Security Methods for the Media Files in a Cloud
Environment
Divya K.V1, Sumitha Kader2
1
Assistant Professor, VAST, Computer Science and Engineering, INDIA M. Tech, VAST, Computer Science and Engineering, INDIA
ABSTRACT
In our day to day life mobile devices has great importance .According to the users its usage is also getting differed. But for some complex tasks its is inefficient due to the limitations in resources. For further processing it should be transmitted to the mobile media cloud. But the issue is how can a user trust the services provided by the Cloud Services Providers (CSP).Existing situations make the security provided by the CSP to fail like, error prone wireless environment, the mobile devices are limited in resources they are not capable of supporting the security methods which are not light in weight. And since there is no consistency in resolution of the images or the data it is hard to follow the traditional security methods. So the data of a cloud user is vulnerable to any external attack. To address these problems ,this paper proposes some techniques to provide security to the cloud users. Its main aim is to develop our own security measures to protect our media data uploaded to the cloud ,not on the security methods provided by cloud Service Providers. It mainly utilizes the concept of digital image processing for the authentication and secrecy of the data in meda cloud. For the data integrity ,paper makes use of the idea of Shamir’s secret sharing algorithm. To reduce the multi transmission errors the paper proposes a new method hand to hand with the Reed-Solomon codes. It provide secrecy as well the media quality and reduces transmission difficulties.
Keywords—Cloud Service Providers, Reed-Solomon code, Shamir secret sharing algorithm.
I.
INTRODUCTION
With the growth of internet technology Cloud is one of the most popular data storage centre. Digital data can easily be sent through the internet to the cloud media. It helps the cloud users to save the device memory and as a
back up the data can be stored in the cloud media. A lot of users trusts and depends the cloud media. But now the security of the multimedia data is a major concern. At any cost the securityn of the data in the cloud media should be ensured. When a user downloads a data from the media cloud, how a user can ensure the integrity of the downloaded data and How to make sure that the data is not modified by others. Even though the Cloud System provides many security methods we cant trust them since they are managed by the third parties - CSP. Users should trust themselves. There comes the idea user-oriented security solutions to provide secrecy to data in media cloud.
485
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
To provide integrity to the uploaded data ,the principle of the secret sharing algorithm of the Shamir is used. The data is divided in to many pieces (shares) which are unreadable and also smaller than the original image. Then uploading them to many different clouds. Even if any one of the share is disclosed ,the complete information wouldn’t be revealed. The shared image can be recovered if and only if a threshold number of shares - r is obtained ,known as the (r,n) secret sharing threshold.
As a user it is every ones responsibility to ensure the strength and feasibility of the proposed system. The paper also aims to make a feasibility study of the proposed methods.
II.
EXISTING SYSTEM DRAWBACK
Cloud Computing is a computer model that provides services in the form of on demand services, its accessible for everyone, everywhere and every time , including clouds referring to the internet and the web. Cloud computing is a concept still young but not so new that. Its early years in 1990, when the when the predicted mass adoption of grid computing, beyond only scientific computing applications. Basically, the principle is the same: it is thanks to technology virtualization pool of computing resources geographically dispersed to form a common virtual resource use ”on demand”. Found in cloud services, applications, processes all types, at least more customizable and that you can subscribe for free, without the need for other hardware resources that terminal (PC, phone or game console...) connected to the internet. This new technology suffers like all computer systems a serious problem that reduces between the client and the provider is the security[1]
Security issues in cloud environment
Currently, security in information technology is considered as a key element. Hackers or the number of attackers are increased in order to address important data on the new technologies. Among them cloud computing, the technology that is being adopted by many companies due to industrial and commercial profits of cloud but the main concern about these companies is the security of their data. We classify security issues according to four
categories of security:
Data Security
• Security of data storage on a hard disk of another person, the loss of data and the problem of piracy ; if hackers use the cloud services, they would offer free or at a cheaper price to fulfill their attacks.
• The protection of data and that these data should mainly refer to the
confidentiality, integrity and availability. identified problems of access users, the location and transmission of data which
is secured by using IPSec (IP Security), SSL (Secure Socket Layer), but there still are some issues such as the speed and complexity of the input encoding.
• Problems related to data security from unauthorized access to data sourcesin an enterprise because the data is spread across different systems and they can be accessed by unauthorized persons
• The traditional approach of security (explicit), whose data are stored on a single server and access to these data by a password, which is generally simple and memorable for most users, facilitated the attacks and intrusions on these data sources
• Multi - tenancy can cause problems in data security . This intrusion can be done either by hacking through the loop holes in the application or by injecting client code into the SaaS system. A client can write a masked code and inject into the application. If the application executes this code without verification, then there is a high potential of intrusion into others data . They also spoke about data access and they considered that d ata access issue is mainly related to security policies provided to the users while accessing the data
Logical Security
• Virtualization is one of the main components of a cloud. But this poses major security risks ensuring that different instances running on the same physical machine are isolated from each other is a major task of virtualization which is not met completely into days scenario. The other issue is the control of administrator on host and guest operating systems. Current VMMs (Virtual Machine Monitor) does not offer perfect isolation. Some vulnerability has been found in all virtualization software which can be exploited by malicious and local users to bypass certain security restrictions or gain privileges
486
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
compromised virtual machine. Intrusion detection and prevention systems must be able to detect malicious activity at the level of virtual machines, regardless of the location of the virtual machine virtualized cloud within the environment.
• The entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users. There are multifarious security and privacy challenges that need to be understood and taken care ; they showed several risks that threaten the security of data in the cloud as SQL injection attacks , hidden field manipulation and distributed denial of service attacks
Administrative Security
We mean by administrative problems all cases that affect the type of provider and the type of contract. There are certain authors who have spoken on this kind of problems. There may be a case that some cloud providers are not the authorized provider. They may be duplication of a Web page that already exists in order to trick and entice users into giving private or financial particulars or their passwords.
problems that threaten the security of cloud computing on an unauthorized access to stored data, the risk of intrusion, loss of data, lack of trust between customer and supplier concern at confidentiality and availability of stored data, the poor use of services provided by malicious people, attacks on virtual machines and the type of provider and conditions of the signed contract
.
III.
PRIOR APPROACH
In recent years, media cloud applications are growing with widely deployment of smartphones. A survey in media cloud is presented in [1] to overview trends in cloud mobile media (CMM) services, and opportunities and benefits for new CMM services. It is reported that developing scalable cloud media applications and cloud user experience measurement techniques are essential for future CMM. In [2] the authors present a novel concept of cloud-based mobile media service delivery, which is designed based on the localized media public cloud. The authors argue that the service quality is related to the location of the cloud. In [3] the authors focus on the studies of mobile cloud computing for multimedia applications. In the [4] authors conclude that mobile cloud computing can enable ubiquitous cloud mobile media (CMM) applications. One key issue for realizing the mobile media cloud application is concerns about data security and privacy. In the literature[5], the security issues within the cloud have been well studied and many
solutions have been provided. However, there are only a few studies on the methods of securing the services between the mobile device and the cloud
Multimedia has its own characteristics, and the traditional security methods for the mobile cloud have limitations such as higher computational and communication overhead. On the other hand, many researchers are aware of the issues of copyright protection, image authentication, proof of ownership, and so on. There are still several important research challenges for applying watermarking in the cloud. First, the embedded watermark should not degrade the quality of the image and should be perceptually invisible to users in order to maintain its protective secrecy. Second, the watermark must be robust enough and not easily removable. Third, the blind watermarking technique has to be adopted since sometimes it is not easy to obtain the original image or original watermark during extraction
.
Several watermarking techniques were proposed in [5],[6] based on discrete cosine transform (DCT). Kwon et al.[7] embedded the watermark in the variable DCT blocks. The DCT block size is determined according to the characteristics of the region in the spatial domain. Some watermarking methods were proposed based on the DWT . In these methods,[8] the watermark is embedded in the significant coefficient, which is selected from the wavelet coefficient. [9]Huang and Yang proposed a watermarking algorithm based on the DWT. The watermark is embedded in to the wavelet coefficients in the middle and low subbands of a block of each image. A watermarking method based on the qualified significant wavelet tree (QSWT) was proposed in [10]. The issue of security in the multimedia cloud has become an major concern for data storage and access control over wireless networks. Reference [11] presents a strong user authentication framework for cloud computing, where users legitimacy is strongly verified. The proposed framework provides multiple functions such as identity management, mutual authentication, and session key establishment between the users and the cloud server. A detail review of authentication in the clouds with its application to mobile users is presented [12] . The mutual authentication between users and between user and end of cloud storage system is critical in ensuring data security. The research works related to security frameworks for wireless networks [13], [14] also contribute to the security between users and the media cloud.
487
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
multimedia would still waste many resources. Naor and Shamir extended the secret sharing concept into image research. The approach is not applicable for image transmissions and recovery for resource limited mobile devices since the transmission load is significantly increased. An improved image secret sharing approach was presented by Then and Lin[15] . It significantly reduces the size of the image shares to 1/r of the original secret image (r is a bounded number of shares for information to be disclosed), and the secret images can be reconstructed conveniently. However, it requires that the image be permutated by a key before the image shares can be computed, which causes severe drawbacks and challenges to an image compression algorithm. In this article, we propose DCT-based secret sharing for protecting users data to the media cloud.
IV.
PROPOSED METHOD
A. Scalable Water marking for the media Cloud
scalable watermarking which builds a bridge between lossy and lossless watermarking is presented. As like other lossy watermark schemes, the scalable watermarking scheme binds the watermarks with the most significant components of the content. so that if one wants to destroy the embedded watermarks, one may also have to seriously destroy the content to be protected. In the meantime, it also owns the nice property from lossless schemes the original content can be exactly re- covered from the incorrupt watermarked content. [16]
B. DWT based watermarking technique
In the frequency domain, the common well - known methods for data hiding are discrete cosine transformation (DCT) - based, discrete wavelet transformation (DWT) based on similar mechanisms. Joint photographic expert - group (JPEG) is a famous file for images.DCT is a widely used tool for frequency transformation. JPEG images are routinely used in Steganographic algorithms due to the most popular lossy image compression method. JPEG domain to embed the secret message into the medium - frequency coefficients of the DCT - transformed cover image
A blind watermarking algorithm based on a qualified significant wavelet tree (QSWT) is proposed. The construction of QSWT is illustrated in fig below. In this method, the image is transformed into wavelet coefficients using three-level DWT, and the LH3 subband is considered to embed the watermark as it is more significant than the HL3, HH3, and LL3 subbands. This technique is mainly based on the significant difference of wavelet coefficient quantization in which every seven non-overlapping wavelet coefficients of the host image are grouped into a block.
C. Blind Water marking Technique
Our proposed watermark embedding method is illustrated in fig a and watermark embedding algorithm based on QSWT and its method is illustrated in b .
Fig. a
After a three-level DWT is applied in the input image frame n, wavelet subbands LH2 and LH3 are generated. The next step is to convert LH2 and LH3 to a set of smaller subblocks. T1 and T2 are acquired by calculating the mean of these subblocks in LH3 and LH2, respectively. For each coefficient at location LH3(i,j, m) in subblock m, if it is greater than the threshold T1(m) + D1, the system will check if at least three of its child coefficients (LH1(2i 1, 2j 1, m), LH1(2i 1, 2j,m), LH2(2i 1, 2j 1, m), and LH2(2i, 2j, m) are greater than the threshold (T2 (m) + D2). If they are, LH3(i, j) will be set as one of the QSWTs (m).
The coefficient values of the parent and all its children are summed. Then QSWT (m) will be sorted in decreasing order, and these trees are output. All coefficients that do not meet these two adaptive thresholds are discarded. The original image is transformed using three-level DWT. From the 10 bands obtained, LH3 is used to embed the watermark. The watermark is embedded in the calculated
488
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
Fig .bD. Joint Design of Watermark Authentication and Error Correction for Media Cloud
The number of parity/redundant symbols that must be added to the message is determined by the amount of required capability of error corrections. The parity symbols must contain enough information to detect the values of the erroneous information symbols. While there are several forward error correction (FEC) techniques available, Reed-Solomon (RS) codes provide powerful correction with high channel efficiency. With the advent of very large-scale integration (VLSI) techniques, RS codes can be useful in both high and low data rate systems at low cost. The efficiency of RS codes is almost as the same as that of Hamming codes, except that RS codes deal with multibit symbols rather than individual bits. The main idea behind this work is to detect and extract the watermark data in which the watermarked data is subjected to noise caused by transmission. These noises might result in failure to detect watermarked data from the media cloud. The joint design mechanism could also extract more watermarking bits (higher robustness) than the general extraction algorithm. In the design, RS code plays an important role, extracting the watermarked bits, due to its ability to correct errors. For the joint design of RS and watermarking, two approaches have been considered. In the first method, the full watermarked image is given as input to an RS encoder. In the second method, only the LH3 band is given as input to the RS encoder. After the process of detecting and correcting errors, we replace the LH3 obtained from the RS code in the original image, and apply inverse DWT to reconstruct the image. In this scheme, packets are discarded if they cannot be corrected due to the bit errors caused by the noise. There is a trade-off between the quality and RS code protection in general.
For example, having more RS protection will improve the quality with increased redundancy.
E. Secret Sharing for Media Cloud
Sensitive information with cloud storage providers may be entrusted. But single cloud providers is a less popular with customers due to risks service availability failure an d possibly of malicious insiders in the single cloud. A towards movement of multi clouds or multiple clouds or cloud - of - clouds has emerged currently using Shamirs Secret Sharing Algorithm.
Data stored in the cloud can be compromised or lost. So, we have to come up with a way to secure those files. We can encrypt them before storing them in the cloud, which sorts out the disclosure aspects .However, what if the data is lost due to some catastrophe befal ling the cloud service provider? We could store it on more than one cloud service and encrypt it before we send it off. Each of them will have the same file. What if we use an insecure, easily guessable password to protect the 2012 45th Hawaii International Conference on System Sciences file, or the same one to protect all files? I have often thought that secret sharing algorithms could be employed to good effect in these circumstances instead
.
a. Mathematical Definition
Our goal is to divide some data D (e.g., the safe combination) into pieces D1,D2...,Dn in such a way that:
• The Knowledge of any k or more Di pieces makes D easily computable.
• The Knowledge of any k or fewer Di pieces leaves D completely undetermined(in the sense that all its possible values are equally likely). This scheme is called (k,n) threshold scheme. If k=n then all participants are required to reconstruct the secret original data. The essential idea of Adi Shamir’s threshold scheme is t hat 2 points are sufficient to define a line,3 points are sufficient to define a parabola, 4 points to define a cubic curve and so forth. That is, it takes k points to define a polynomial of degree (k-1).
b. Preparation
We use a low-complexity DCT-JPEG-based compression algorithm for mobile media cloud so that the transmission load can be effectively reduced. In the JPEG standard, each tile (i.e., every 8 8 pixel block) is converted to frequency space using a two-dimensional forward discrete cosine transform. Our secret sharing method is inspired by the (r, n) threshold scheme proposed by Shamir et al. Specifically, we divide secret data D into n shadows (D1, , Dn), and the goal is that secret data D cannot be revealed without any r shadows. To split D into n shadows, a prime number p and an r 1 polynomial function are selected,
f(x) = (a0 + a1x + ar1xr1)mod P, (1)
489
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
are
(D1 = f(1), , Di = f(i), , Dn = f(n)).
In a secret image sharing scenario based on Shamirs (r, n) threshold scheme, a0 is taken as the gray value of the first pixel, and then the corresponding output f(1) f(n) is obtained. After that, a0 is replaced by the gray value of the second pixel, and the process repeats until all pixels of the secret image are processed. However, in our proposed scheme, the size of each shadow image is 1/r of the secret image. The essential idea is to use a polynomial function of order (r 1) to construct n image shares from a DCT-based transformation matrix with l l pixels of the secret image being transformed; S dct(i, j) denotes the coefficient value at the (i, j) position after the original secret image is transformed by DCT function. fx dct(i, j) denotes the coefficient value of shadow image shares. This method reduces the size of image shares to become 1/r of the size of the secret image. Note that any r image shares can be used to reconstruct every pixel value in the secret image. As shown in fig below, the image is separated into multiple shares, which are uploaded to different media clouds. Thus, any one of the clouds cannot disclose the whole information. The user only downloads a certain number of shares from multiple clouds and can recover all of the information.
Studies says that with the increased noise level, the PSNR of the extracted watermark is gradually decreased. However, with RS code, the extracted watermark quality and correlation are tolerable. In our studies, the NC values are obtained when LH3 is an input to RS code
.
From the studies, it can be concluded that the computation time when LH3 band as input to RS code is less compared to the computation time when the full image is given as input to RS code. By using LH3 band in the extraction process, the scheme reduces computation time and also decreases transmission overheads. Compared the approaches with and without RS. The results indicate that with RS code, the extracted watermark has better correlation with the original watermark. method concludes that the joint design of watermark and RS code can achieve better authentication performance.
V.
FEASIBILITY OF PROPOSED
SYSTEM
It is important to study the feasibility of the proposed system before implementing, since most of the Cloud Service Providers (CSP) does not provide user oriented security solutions .Different CSP’s exibhits different architectre. It is not sure about the compatibility of the proposed system towards each cloud architecture
.
A. Scalable Watermarking• According to working domain, type of document, human perception (visible or invisible),
application the frequency domain scalable watermarking will get altered.
• Embedding the water marks in LL subband can provide higher robustness but may degrade the image quality .
• If the watermarked image is rotated or altered it is difficult to extract the watermark (PSNR value will increase)
B. Blind Watermarking
• Alters luminance level or brightness , but not actual color value of pixels.
• Helping tool in preventing the illegal copying.
• Not able to be identified, computationally extractable
Reed-Solomon codes
• Short burst errors would not affect the reed Solomon codes
• They also accommodates the symbol error probabilities
C. Secret Sharing
• In a multi-cloud sharing scheme the physical location of information can become an issue.
• Dynamic nature of the cloud computing may result in confusion as to where information actually resides
•
Algorithm used to compress and divide the image must be flexible with theselected cloud providers• Secret sharing scheme was easily attacked:- r colluding shadows can recover all secrets ,even when a and P are kept secret
VI.
STRENGTHENING THE
PROPOSED SYSTEM
The weakness of the proposed system can be overcome by adding some extra techniques and removing some errors in the proposed system. Some of the corrections which can strengthen the proposed systems are;
• Security should be enabled to every service layer of a cloud
490
Copyright © 2011-15. Vandana Publications. All Rights Reserved.
changes in these bands .So embedding watermarks in these sub bands can provide higher imperceptibility . so should work on these bands for more security.
• The effect of PSNR value should be removed from scalable watermarking
• A relation is existing between the watermark detection algorithm and number of bit planes discarded and this knowledge should considered during embedding blind watermarking
• For more error correction reed Solomon codes can be concatenated with convolution codes
• Error correction range can be increased for more performance
• More and more decoding algorithm can be utilized
VII. CONCLUSION
Security protection between users and the mobile media cloud is critical for future multimedia applications. In this article, the present a joint design of watermarking technique based on the significant difference of wavelet quantization with the Reed-Solomon error correcting code. The watermarking technique authenticates multimedia data from the media cloud, and the Reed-Solomon code guarantees that data trans- mission is reliable for multimedia data between mobile users and the media cloud. In addition, we propose the use of secret sharing schemes to maintain users data security and privacy. The studies show that the proposed approach can effectively improve the security performance level between users and the media cloud if the suggested advancement is done to the proposed system .
VIII.
ACKNOWLEDGEMENT
I would like to thank Asst. Prof .Divya K..V. for helping me in this work and also all the other people who have encouraged me for this research.
REFERENCES
[1] S. Dey, Cloud Mobile Media: Opportunities, Chal- lenges, and Directions, Proc. Intl. Conf. Computing, Networking and Commun. , 2012, pp. 92933.
[2] F. Sardis et al. , On the Investigation of Cloud-Based Mobile Media Environments with Service-Populating and QoS-Aware Mechanisms,, IEEE Trans. Multimedia vol. 15, no. 4, June 2013, pp. 76977
[3] Y. Xu and S. Mao, A Survey of Mobile Cloud Comput- ing for Rich Media Applications, IEEE Wireless Com- mun. , vol. 20, no. 3, June 2013
[4] S. Wang and S. Dey, Adaptive Mobile Cloud Computing to Enable Rich Mobile Multimedia
Applications, IEEE Trans Multimedia , vol. 15, no. 4, June 2013, pp. 87083.
[5] R. G. van Schyndel, A. Z. Tirkel, and C. F. Osborne, A Digital Watermark, Proc.IEEE Intl. Conf. Image Processing , vol. 2, 1994, pp.8690
[6] C. F. Wu and W. S. Hsieh, Image Refining Technique Using Digital Watermarking, IEEE Trans. Consumer Electronics , vol. 46, no. 1, Feb. 2000, pp. 15
[7] O. H. Kwon, Y. S. Kim, and R. H. Park, A Variable Block-Size DotbasedWatermarking method, IEEE Trans. Consumer Electronics , vol. 45, no. 4, Nov. 1999, pp. 122129
[8] G. C. Langelaar and R. L. Lagendijk, Optimal Differen- tial Energy Watermarking of DCT Encoded Images and Video, IEEE Trans. Image Processing , vol. 10, no. 1, Jan. 2001, pp. 14858
[9] J. Huang and C. Yang, “Image Digital Watermarking Algorithm Using Multi-Resolution Wavelet Ttansform,” Proc. IEEE Int’l. Conf. Systems, Man and Cybernetics, 2004, pp. 2977–82.
[10] M.-S. Hsieh, D.-C. Tseng, and Y.-H. Huang, “Hiding Digital Watermarks using Multiresolution Wavelet Transform,” IEEE Trans. Industrial Electronics, vol. 48, no. 5, Oct. 2001, pp. 875–82.
[11] A.J. Choudhury et al., “A Strong User Authentication Framework for Cloud Computing,” Proc. IEEE Asia- Pacific Services Computing Conf., 2011, 12–15 Dec. 2011, pp. 110–15.
[12] R. Chow et al., “Authentication in the Clouds: A Framework and Its Application to Mobile Users,” Proc. ACM Cloud Computing Security Wksp., 2010, Chicago, IL.
[13] K. Lu, Y. Qian, and H.-H. Chen, “A Secure and Service-
Oriented Network Control Framework for WiMAX Networks,” IEEE Commun.Mag., vol. 45, no. 5, May 2007, pp. 124–30.
[14] B. Rong et al., “A Pyramidal Security Model for Large- Scale Group-Oriented Computing in Mobile Ad Hoc Networks: The Key Management Study,” IEEE Trans. Vehic. Tech., vol. 58, no. 1, Jan. 2009, pp. 398–408. [15] H.-T. Yeh, B.-C. Chen, and Y.-C. Wu, “Mobile User Authentication System in Cloud Environment,” Security Comm. Networks.
