International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 8, August 2014)
613
SDD-H: Self Data Destruction & Handling Using Active
Storage Object for Improved Outsourced Computing
Dolly Verma
1Department of Computer Science & Engineering, SVCE, Indore (M.P.), India
Abstract-- Web based computing is the getting popularity in business community and normal user due to its wide variety of services. Mainly it includes Cloud Computing, Web 2.0 and Mashups which are based on complete service oriented architectures. It involves handling of multiple platforms to achieve effective service experiences and reduced management loads. It will make the system self dependent and quantifiable in terms of web based computing capabilities and resources management constraints. Along with high performances and efficient computing, these web based must acquire secure data transition characteristics. For making the system secure and robust, stronger confidentiality and integrity policies must be implemented. Such policies generate temporary data which is stored and exchanged between the various entities and actors. After their usages these metadata and objects needs to be removed from the system and networks. Thus to make the exchanges of information more secure, deleting or removing each and every view of information from the networks and systems. But in most of the cases it is not defined with the creation of the objects. Self data removal or destruction is the configured policy of the system which enables the instances of objects to be removed from system automatically after their usage time or lifecycle is over. By implementing such solution the storage capacity is also saved along with improvements in security. Thus this paper proposes self data destruction and handling (SDD-H) based on active storage for improving the security aspects of web based computing and service architectures. At the analytical evaluation and measurement, the approach is serving the user’s needs for improved security and optimized storage. The work had also focused of specific designed synchronous operations.
Index Terms-- Cloud Computing, Web 2.0, Service Oriented Architecture (SOA), Data Destruction, Active Storage Object (ASO), Deletion policies, Self Data Destruction and Handling (SDD-H);
I. Introduction
Web based outsourced computing is getting popularity day by day because of its increasing users and service demands. It provides the various application and other computing capabilities as a service to the end user. Some of the examples of web based computing are cloud computing, Web 2.0, Mashups etc. These technologies are core of application development which involves the integration of various newly developed computing paradigms. Here the aim is towards making the software things available to users with lesser loads of managing those applications and data.
For using these services, the provider and users must agree on some defined conditions known as service level agreements (SLA’s) [1]. For using the services some platform is required which could be the browser for highly demanded services and fewer configurations. Heavy application could be processed and supplied effectively using browsers and web based media.
The computing could be one of the most demanded services on the internet and hence requires the management of instances for individual users. Each service usages must be isolated from the other in terms of their service usage policies and the kind of setting they are demanded. It is a kind of intellectual collaborated evolution for organizations by which the load of managing server based technologies and capital cost are reduced and focus on their core business operations can be increased. Such effective services are based on layered and multi-tenancy models with dynamic scalability and virtualized environment. So many firms are collaborating themselves for better service delivery and mitigating the associated risk of data privacy and security. Only a certain change in the behaviour of this system causes overall degradation in security controls and attackers or fabricates gets insight into the system. Even if a small view of data or its instances are mistakenly leaved unprotected after usages, it could be used for attacking or distorting the normal working. Thus the probability of occurring attacks or data modification through some unauthenticated entity is very high.
One should always focuses on the lifecycle of the data means when the overall of living period of data is over then it needs to be removed completely with all its local and permanent copies. Most of the organizations have the several policies for this data destructions based on the fixed time interval. But as of now the copies or replicas of data is getting multiplicatively increased so deleting all in a single go is very difficult. Also the deletion is not complete and some residues metadata remains at the location of the files from which the recreation of data can be performed.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 8, August 2014)
614
The removal of data is quite a complicated task before which the total number of copies which is generated has to be identified. Whenever a file is replicated some information needs to be attached there in its replica about its previous file location and total number of replications applied by which all the same existing copies is located and deleted. Most of the organizations are unable to perform such forensic deletion or destruction of data from the storage and always have vulnerability of data regeneration attacks. Thus this work gives a brief study of such issues and provides a solution to overcome the existing data destruction issues.
II. Background
Computing capabilities can be delivered as a service by using some phenomenons of distributed, grid and elastic nature introduced in cloud technology. This computing makes the load reduction along with improve computing experiences on browser rather than some stand alone host machines. It is made feasible by using virtualizations and resource pooling. Data is the most valuable asset and the rest of the things are supportive actors for making the data transitions or exchanges, more efficient and secure. All it needs data to be processed by various nodes, has to traverse through various networks, stored on different devices, work simultaneously on multiple copies of data. After the usage period of data is over along with its lifecycle, it should be removed from each and every entity. Normally the lifecycle management includes the production, transfer, use, share, archive and deleted. The information which is mainly used and public will stays for longer phase and the data with fewer use will detached more recurrently. But in contemporary scenarios there are no such guidelines obtainable for effective data demolition. It could be named in several ways by different authors like destruction, deletion, removal, decommissioning, sanitizing, vanishing, disposal etc.
Removing the complete copy of data is a destruction activity and is based on the futuristic aspects and time which defines the scope of its usability. Also during the fault tolerant procedure the system normally replicates the copy of data to several locations and after the recovery these temporary or permanent copies needs to be removed. At the time point of deletion points, some files and their metadata residues are remains at the different locations which later be used for some attack initiations or might compromises the security of the system. Such issues are not taken over in the current data destruction in lifecycle management or storage schemes.
Even though, the cloud computing and other web based computing are adapted very rapidly, there are some factors which are crossing the juridical limits of information processing. Mainly they are affecting the confidentiality and integrity of data.
These pre-empt data regeneration from its residues from some forensic means likewise given in act of enforcement in [3]. Some more guidelines are available with ISO standards like 270001 and NIST standards of demolishing data completely after usability period is over [4].
Some solution of the above mentioned problem has to be provided for improved security and the trust over the system. For making the improvements in the security of remaining copies of the data some policies related to the data removal and its metadata structure usages needs to be defined [5]. The policy should consider the time as a primary factor for deleting the file according to its lifecycles. The solution should sustain some behaviour before replicating to itself. Also, the solution is of like, instead of replicating the complete data, its object is created for defined lifecycle usages and will be destroyed automatically. Performing task by using these onetime defined objects is known as active objects of storage as mentioned in [6]. The instances of same work are presented using the distributed hash table in [7]. Some papers had also focuses with an encryption schemes for this active objects.
III. Literature Survey
Cloud computing environment supports portability of data and services with reliable behaviour. Serving this reliable behaviour of the user, aims to get secure application and data storage always while the usage and removing the less usable and other components. So due to privacy reasons the data and the user information needs to be removed completely from the storage provider locations after the terminations of SLA’s. Removing this data effectively and purely comes under the data destruction activity. During the last few years, various approaches provide the different solutions for the above mentioned issues of self and complete data destructions. Among them, few approaches show their strong presence is covered here as the surveyed literature and given as:
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 8, August 2014)
615
Some of the authors focus on the encryption mechanism for securing the users data and metadata. Likewise suggested in the paper [9], in which a formal cryptographic based model for secure deletion is given. According to it the deletion or removal can be monitored by several policies of data removal from storage systems whose security totally relies on some of the cryptographic functions and keys. The work regularly maintains some of the deletion class in which the members are regularly updating their entries and those who required complete removal can be erased automatically with all its related entries. A prototype implementation of the approach is proving its efficiency through Linux based file system.
Some of the authors also focused their intentions towards the deletion of less important data or used data from the P2P systems. In such systems the type of attacks occurred due to remaining residues of the deleted files is very high. Specifically the copies related to the data have to be taken over specifically because their locations are different from the actual copies. In the paper [10] a Vanish system is proposed for completely removing the data using a global scale cryptographic technique and distributed hash table (DHT). The approach had also implemented a prototype for the suggested mechanism in OpenDHT Vuze Bit Torrents application online. Practical evaluations of the approach can be applied by adding a plug-in for different browsers.
Carrying forward the above approach of Vanish and updated model Safe Vanish is proposed in [11]. This is an improved mechanism by which the data can be able to destruct itself after the end of use and increases the privacy parameter. The approach implements a threshold function k for generating the composite key. It sustains the self destructing nature by limiting the attacker's prone zone and sniffing the attacks in real systems. At the primary work stages and implementation prototypes is proving the efficiency of the suggested approach.
In the paper [12], there are three modifications suggested which includes cascading operation, tide operation and Existing Vanish mechanism. On the basis of above mechanism improvements in the existing destruction phenomenon is measured. According to cascade operation, multiple key storage system is taken as a combined system which increases the attack resistance. Similarly tide is a new key storage phenomenon through apache servers online. Various attacks and their preventions is simulated after applying the suggested approach and measured a performance improvement and applicability generalization by Vuze, OpenDHT and Vanish. The calculated result shows that these defences provide a countable improvement over the original Vuze DHT, which is impractical in most of the situations.
Thus the aim is to remove all the data and its copies completely from the server and storage locations. It makes the data privacy a stronger hand over other security parameters. Most of the existing mechanism is suggesting the approaches based on copies, but none of them focusing on complete deletion. Complete removal and self destruction is the primary aim of the approach SeDas in [13]. It is an active object based approach in which apart from creating the copies of the data some active objects is created which decreases the probability of leaving the data residues after deletions. The approach uses a time field which works as a triggered event after which the automatically destroying the data is initiated. Practical evaluations and implementation of the approach is proving its efficiency from existing approaches in more than 72 % in the case of uploading and downloading.
Carrying forward the approach of active storage, this paper gives a virtualization realization phenomenal of applications running at client ends and the data treated as an object by which the throughput and latency is increased [14]. Here the virtual machines are acting as an active object and generating keys for each of the active partitions. By using this mechanism the encrypted files are uploaded and downloaded from the server using the agent structure. The evaluations and verifications apply in both the cases of uploading and downloading to check the authenticity of process, application and the user.
The article given by [15] presented a disk based erasing mechanism for P2P systems which can be further modified and can be used for cloud and storage technologies also. The mechanism is serving a simple understanding about the complete removal of the data from the servers or storage locations which practically containing some of the disks which needs to be erased. They are dependent on the policies, serving the user’s needs about the self data disposals after a fixed time period of data Lifecycle. User required the clean data removal from the existing medium through these policies. The article also presents issues of simple delete can’t be able to remove all the information from the storage medium and some residues remain. This from this residue data regeneration or attacks can be formed. Thus the security mechanism having complete destruction is always required. The article presents a few of the product specific information about the above issues, solutions and provides the feature oriented compared with existing products.
IV. Problem Statement
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 8, August 2014)
616
They work on reliable trusted third party mechanism for assuring the confidentiality, privacy and fault tolerance by theft, unauthorized access and failures. Here the faults and failures are uncertain activities which might not be defended but their recovery mechanism can be designed. But the data theft is an planned action by some unauthorized user who likes to have control on data access. It comes under the attack category and has to be procured. In recent times the trust on the trusted third location is increased and hence the data and their accesses are more frequently is start operating from these locations. For assuring the data availability at any point of failure, its multiple copies is stored at different locations. These locations and their retrieval policies have various rules for accessing these data securely. Also the data is in use for a specific limit and after this period of usages all the copies including the temporary generated files have to be removed completely. In this removal their meta-data should also be deleted and making the complete footprint free storage. But in some cases these footprints guides the attacker for regenerating the removed files or retrieve that file.
As studied in various research papers there are so many system which are performing the self destruction for data like Vanish and SeDas. But still there are some unsolved issues which the approaches faces while performing these automatic destruction in complete manner. Thus this work had identified few of the working are for operating on such deletion actively. (i) After the deletion the removal of data is not
complete and there exist its residues which might be able to reconstruct the data.
(ii) Lifecycle factors must be added with each data and their removal and migration policy must be operational in such a way that controls the dynamic demand of data.
(iii) Active object based transitional and synchronous operation must be security encrypted and decrypted for better security.
(iv) Distribution records and number of copies and file splits must also be controlled and recorded which is not available in any system.
After considering the above problems, this work suggested a new self data destruction mechanism for zero remnance proof based replica and original file removal.
V. Proposed SDD-H Approach
Data removal is a part of lifecycle management which involves various operations start from migration archive and complete removal. As the computing evolves the storage at different locations and in multiple copies for fault recovery gets increased. Partial or instance based data removal will not work for recent computing such as cloud and web 2.0 because of their redundant nature of information.
The replicas will sustain at distributed locations at different data centres. Multiple copies management and their removal will not be performed by traditional solutions and it requires some additional methods drafted for specific purposes. This work proposes a novel SDD-H (Self data destruction and SDD-Handling). The approach is capable of handling the identified problems in existing approaches. The proposed model has an active object based data retrieval and modification which later on be deleted and removed completely without any residues. With each and every request for data access an object is created as a mirrored image of data and will be modified and control the changes on main file. As the request is not on direct primary copy so data theft will be handled. The changes can be made to first copy object and which later on be applied to all replicas. When this active object is created the approach assures its usage duration in terms of count or time limit after which the objects gets destructed automatically and reduces the risk of compromised security. The detailed view of overall process of suggested SDD-H is given in figure 1.
The suggested approach works with following components:
(i) Active Object Generation with Self Destruction (ii) Handling Object Security
(iii) Lifecycle Handling
(iv) Replica Changes Management
Description: The user starts system by requesting the data from the storage location or storing the data with lifecycle factors on the data centres. Whenever a user request for data, an active object for each request is created with object name, ID, data and it’s destroy time. All these fields are taken to assure its safe usage. User will always works for object rather than original file of data. This request will further processed by the application server with a recorded monitoring of total number of object created and destroyed after usages. The demand is satisfied for a single copy of data rather than some simultaneous operations on multiple files. This record of active object is managed by the system with an active object table and operations details. For secure transition this object further encrypted and then transferred to the data center for request processing.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 8, August 2014)
617
The full secure version of object is stored at the storage location with fixed destroying time so the copies can’t be created from this and if it occurs than it destroy the object copy also.
Active object is the dynamic object which works for working on temporary files rather than the original files for controlling the changes and parallel execution of files. Here for each data request an object is generated where the user can works for its operations. Replica Change Management is a component suggested with the work whose aim is towards managing the changes by a specified scheme.
The changes made by user instead of directly write on the primary copies will follows a certain process which assures the complete changes in each replicated copies. The scheme works as changes reflection in a controlled manner. Hence the lifecycle period of the object is over the destruction mechanism call itself and destroys the data. The change management is managed by four steps of local data copy, revert changes to local machine, update changes to master copy and modification of changes to all replicated copies at distributed locations. The above steps is achieved by different steps of commands suggested is network storages. These are CheckIn, CheckOut, Commit and UpdateAll.
Benefits of Approach:
(i) Consistent operation and simultaneous read write into a single file.
(ii) Better management of replicated copies their distribution and retrieval records, changes detection and monitoring
(iii)Self destruction and lifecycle based data sustainability for optimize storage
(iv)Zero remnance proof based removal to assure complete removal.
(v) Centrally controlled mechanism with management console
(vi)Object based data handling for instances based execution
(vii)Automatic scheduled destruction after completion of lifetime
(viii)Reduced vulnerability from attack planned to destruct the privacy and security of the systems. (ix)Synchronous operations
Cloud computing based trusted outsourced environment requires effective handling of storage and maintains the record of operation performed on the data. It assures the security and privacy of data and prevents its unauthorized access. The data file is not directly modified and for each operation some active objects is created for allowing the instances based changes.
Realistic performance of solution can be achieved by applying the above method for both HDD and SDD storages. In the networked storage such as SAN and NAS improved performance is analytically measured.
Applications
Sybil Attack Detection
Self Destructive mechanism automatically manages the memory utilizations.
In social networking and messaging services the data removal improves the privacy factors. It is used to improve online document handling
and modifications managements
FIGURE 1:PROPOSED SDD-HSCHEME FOR CLOUD COMPUTING
Parallel Handling of Multiple Active Objects
Reverse Decryption
Process
Active Object Table (AOT) Exit
Encryption Algorithm Application
Server
Key Encrypted Active
Objects Active
Object
Data
Destroy Time
Destroy Time ObjID User
User User
User
Local Storage Pool
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 8, August 2014)
618
It cloud be utilized for an ERP and businessintelligence software’s.
Cloud computing, Web services, Web 2.0 based all application must requires such system for managing their heavy storage structures.
VI. Conclusion
Distributed computing raises the clients trust on restrictive stockpiling at outsider areas for third party data centres location. This condition gives the client trust over the claimed information implies for any progressions the alteration will be uniform and will redesign to the all current duplicate of the same information. Indeed with destruction all the duplicates have to be evacuated totally. At the same time the current system is not able to attain this objective. In the wake of considering the different examination articles, this work displays a novel SDD-H approach for enhanced self information pulverization instrument fulfilling the gimmick of complete cancellation in limited time variable. Here, recommended approach adequately utilizes the dynamic stockpiling item move and controlled alteration with consistency in nature. By this system, progressions connected will be reflected to each one duplicate with synchronous operations even with the cancellation or evacuation additionally. Proposed methodology will serve to fulfill the client necessities for security and respectability based information get to and gives the complete cancellation of information. It works even with the conveyed structures likewise in the same way and will doubtlessly demonstrate its productivity in not so distant future prototypic executions.
REFERENCES
[1] Deyan Chen and Hong Zhao, “Data Security and Privacy Protection Issues in Cloud Computing”, in International Conference on Computer Science and Electronics Engineering, IEEE Computer Society, DOI 10.1109/ICCSEE.2012.193, 2012. [2] Frank Simorjay, Ariel Siverstone and Aaron Weller, “The
Microsoft approach to cloud transparency”, at www.microsoft.com/twcnext, 2012.
[3] Josiah Dykstra, “Seizing Electronic Evidence from Cloud Computing Environments”, in IGI Global, Chapter 7, DOI: 10.4018/978-1-4666-2662-1.ch007, 2013.
[4] Product Description Amazon Web Services: “Overview of Security Processes”, at http://aws.amazon.com/security/, June 2013.
[5] M. Nandhini and S. Jenila, “Time Constrained Data Destruction in Cloud”, in International Journal of Innovative Research in Computer and Communication Engineering, ISSN (Online): 2320-9801, Vol.2, Special Issue 1, March 2014.
[6] Yulai Xie, Kiran Kumar Muniswamy-Reddy, Dan Feng and Others, “Design and Evaluation of Oasis: An Active Storage Framework Based on T10 OSD Standard”, a presentation on Storage System Research Centre, 2012.
[7] Prashant Pilla, “Enhancing Data Security by Making Data Disappear in a P2P Systems”, in Computer Science Department, Oklahoma State University, Stillwater.
[8] Mithun Paul and Ashutosh Saxena, “Zero Data Remnance in Cloud Storage”, in International Journal of Network Security & Its Applications (IJNSA), DOI : 10.5121/ijnsa.2010.2419, Vol.2, No.4, October 2010
[9] Christian Cachin, Kristiyan Haralambie and Hsu-Chun Hsiao, “Policy-based Secure Deletion”, at IBM Research, Zurich, Aug 2013.
[10] Roxana Geambasu, Tadayoshi Kohno, Amit A. Levy and Henry M. Levy, “Vanish: Increasing Data Privacy with Self-Destructing Data”, in University of Washington, Supported work of Grant NSF-0846065, NSF-0627367, and NSF-614975,
[11] Lingfang Zeng, Zhan Shi, Shengjie Xu and Dan Feng, “SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy”, Presentation at CloudCom, Dec 2013.
[12] Roxana Geambasu, Tadayoshi Kohno, Arvind Krishnamurthy, Amit Levy and Henry Levy, “New Directions for Self-Destructing Data Systems”, in University of Washington, 2010
[13] Lingfang Zeng, Shibin Chen, Qingsong Wei and Dan Feng, “SeDas: A Self-Destructing Data System Based on Active Storage Framework”, in IEEE Transaction on Knowledge and Data Engineering, DOI: 10.1109/TMAG.2013.2248138, 2013. [14] Backya S and Palraj K, “Declaring Time Parameter to Data in
Active Storage Framework”, in International Journal of Advanced Research in Computer Engineering & Technology (IJARCET), ISSN: 2278 – 1323, Volume 2, Issue 12, December 2013. [15] David Logue and Kroll Ontrack, “SSDs: Flash Technology with
