Model for Security as a service in Cloud
Neha Gedam, Shafali Gupta
M.E Student, Dept. of Computer Engineering, R.M.DSSOE, University of Pune, Pune, India
Assistant Professor, Dept. of Computer Engineering, R.M.DSSOE, University of Pune, Pune, India
ABSTRACT: Cloud computing is important for providing services and also useful for storage of data in the Internet. But many issues arise while protecting data from different types of attacks. Proposed system works on the security services which are offered by cloud provider as part of its infrastructure to its tenants (customers) to respond these attacks.Proposed system focuses on security architecture which works as a flexible security service model & that a cloud provider can offer to its tenants and customers of its tenants. Proposed model offers a baseline security to the provider to protect its own cloud infrastructure and also provides flexibility to tenants for additional security functionalities which suit their security requirements. The paper describes the design and implementation of the security architecture and discusses how different types of attack are counteracted by the proposed architecture.
KEYWORDS: Cloud security, security architecture, security and privacy.
I. INTRODUCTION
Cloud computing is an important technology where cloud services providers providing computing resources to their customers (tenants) to host their data or perform their computing tasks [1]. Cloud computing can be categorized into different service deliver models such as Software as a Service(SaaS),Platform as aService(PaaS),and Infrastructure as a Service (IaaS). Virtualization is one of the key technologies used in the IaaS cloud infrastructures [2].Many cloud service provider’s uses virtualization for endowment of cloud services. Cloud customers are refereed by tenant. Cloud providers allow this tenant to access services [3]. Tenants use virtual machines to provide services to their own customers.Attacker attacks can be targeted against the cloud infrastructure as well as against other virtual machines belonging to other tenants [4]. However there are several issues that arise when developing security as a service for cloud infrastructures.
In the current environment, the cloud service providers do not generally offer security as a service to their tenants. For example, in Amazon mentions that security of tenant virtual machines is the responsibility of the tenants since they are free to run any of the operating systems or applications (though it claims to secure the underlying infrastructure) [5][6]. Hence tenants need to make their own arrangements for securing their virtual machines that are hosted in the cloud. Although tenants can use different security tools such as anti-virus and host based intrusion detection systems to secure their virtual machines, the limitations arise due to these tools residing in the same system as the one being monitored and hence are vulnerable to attacks. Also some tenants may not be capable of securing their tenant virtual machines. Hence there is a need for the cloud service provider to offer security as a service to such tenants.
II. RELATED WORK
In this section we are presenting the different methods thoseare presented to solve the trust problemssecurity.Cloud-Visor uses nested virtualization to deal with the compromise of the hypervisor. In this technique a secure hypervisor is introduced below the traditional hypervisor and the interactions between the traditional VMM and virtual machines are monitored by the secure hypervisor [7]. However since the resource management is still performed by the traditional VMM, the compromise of VMM can impact the operation of the virtual machines. Compared to CloudVisor the main focus of our work is securing the network interactions of tenant virtual machines. The technique proposed in allocates a separate privileged domain for each tenant [8] [11]. The tenants can use this for the enforcement of VMM based security on their virtual machines. However the model can become more complex as different tenant virtual machines can be hosted on the same physical server. Furthermore, such models cannot deal with the case of malicious tenants that misuse the cloud resources to generate attacks on other hosts. Our architecture considers the case of malicious cloud administrators and malicious tenants [13].There have also been some prior works addressing privacy related issues in the cloud. Butt et al proposed self-service cloud which splits the privileged domain into system wide domain (Sdom0) and privileged client domains. Each tenant has their own privileged domain for enforcement of security policies on their virtual machines. However, since several tenant virtual machines can be implemented on the same physical server, a separate client administrative domain has to be created for each tenant [10] [12]. This makes the model considerably complex. Furthermore, an attacker who has control of Sdom0 can cause resource starvation to tenant virtual machines. In our architecture, we enforce different level of access to the cloud administrators using role based access control.
The virtualization techniques proposed recently cannot be directly applied to the cloud environment due to the semantic gap problem. As the semantic gap increases the number of false alarms increases. This is a major issue as the cloud service provider is not aware of the applications running in the tenant virtual machines and privacy requirements prevent the cloud service provider to use the introspection techniques without the consent of the tenants. In our architecture, there is no need for the cloud provider to have information of the operating system or applications in the tenant virtual machine for enforcing the basic security policies using SPAD. Also, there are no false alarms with the security policies in SPAD [9]. The security policies in TSAD are enforced onlywith the consent of the tenants and hence the cloud service providers are not solely responsible for the false alarms due to security policies in the TSAD. Also in the case of cloud, the virtual machines belong to the tenants and the VMM belongs to the cloud service provider. Hence there is a need for justification for using VMM based security techniques in the cloud. We have provided a strong justification for using our architecture in practice and how our security as a service offers advantages to the cloud provider, tenants and tenant customers [15].
III. PROBLEM STATEMENT
IV. PROPOSED WORK
Figure1.System Design
The proposed application will include multiple roles as listed below; Cloud Server
Cloud Server Representative Tenant
Client Internet
In order to provide customers with secure storage, three level security approaches is proposed. Three levels of security are cloud representative, Tenant and its client. Client of tenant was not able to access any data or file directly until tenant give permission. At each level authentication is performed. Access to file or data stored at cloud is given to only authorize client. Concept of encapsulation is also taken into consideration according to which cloud infrastructure is hidden from tenant and client. A cloud user will communicate with client and tenant also at each stage authentication is performed.Cloud Domain is nothing but the online infrastructure which provides the cloud as storage service. Such that it is a storage service provider where tenant and hence its client can store data. Cloud data storage service provider is generally used for data storage. In our application, this is hidden from end client. Such that, no tenants or its clients never comes to know anything about cloud server. Most probably we are going to build our own cloud data storage server. Another part of cloud domain is cloud representative. Its act as an application which deals with directly with tenants and its client.Basically it’s a web based application. It provides the virtual machine such that hosting for its tenants. TVM is enabled with HBST, host based security tools. HBST for each tenant virtual machines are worked separately. Internet is an external world of this entire infrastructure. Attacker from internet are also try to attack on tenant domain or on cloud domain. consider t In proposed application, attack detection for DDoS is implemented in domains, cloud domain and tenant domain. Hence, the SPAD, Server Provider Attack Detection and Tenant Specific Attack Detection, both components of security are covered.In diagram red arrows will indicate the attack. The arrow direction represents the attack target.
A. Proposed algorithm
Proposed algorithm steps are as below: 1)Data owner
if (user == authorized) Allow access upload file
2)Data user
Allow access
search& download file
3)Authority: CR authenticate users
encryption decryption
AES Algorithm:
1.The 128-bit version of the encryption algorithm proceeds in ten rounds.
2. Each round performs an invertible transformation on a 128-bit array, called state.
3. The initial state X
0 is the XOR of the plaintext P with the key K 4. Round i (i = 1, …, 10) receives state X
i-1 as input and produces state Xi. 5.Theciphertext C is the output of the final round C=X10
6. Each round is built from four basic steps a) Perform byte substitution.
b) Shifting row of the state array
c)Mix data within colm of state array
d)Round key add to state array
B.Attack handling Module 1. Begin
2. Invoke method on new request from client 3. Read the IP address of client IP[client] 4. Check IP address in database
5. Check_result = Check(IP[client])
6. If check_result = true then block ip address and jump to step 17 7. If check_result = false
8. Then count requests from same IP address Tot_Req = count (IP[client]) 9. If total requests are equal or more than 10 If Tot_Req> 10
10. Then block ip address BLOCK(IP[client])
11. If total requests are more than 0 but less than 10 0 <Tot_Req< 10 12. Then increment request count by one Tot_Req{IP[client]} +=1 13. If total requests are zero or ip address not present
14. Then save IP address in temp session Temp_Session = IP[client] 15. And initiate Tot_Req = 0
16. Jump to step 2 for check new request 17. End Session
C.Mathematical Model
Let Al1= {al1, al2, al3} Where, ‘Algo’ is main set of algorithms al1, al2, al3 i.e {Authentication, AES Enc, AES Dec} al1: Authentication This algorithm is used to authenticate tenant once and client twice
Output: Access status (1 for valid user and 0 for invalid user)
Let P (Auth) be the process to authenticate client / tenant For tenant P (Auth) = 1
if (t1C T C CR) = 0 else
For client P (Auth) = 1 if (c1 C CT C T C CR) = 0 else
al2: AES Enc This algorithm is used to encrypt the uploaded business data file using AES encryption algorithm Input: • Set of uploaded business data files F
Output: • Encrypted file , Encryption key
al3: AES Dec ThisalgorithmisusedtodecryptthefileselectedbyusertodownloadusingAESdecryption algorithm
Input: • File name , Encryption key , Security key
Output: • Decrypted file as an attachment to user mail
Identify the encryption key and security key Kes = set of encryption and security key) Let P(Dec) be the process to decrypt the file using
Identify the Processes as P. P= {p1, p2, p3, p4...} Where P is the main set of Processes p1, p2, p3, p4... P1 = {e1, e2, e3, e4}
Where{e1=Tenant registration to cloud representative} {e2=Client add by tenant}
{e3=Tenantauthentication} {e4=Client authentication} P2 = {e1, e2, e3, e4}
Where {e1=check upload file}
{e2=Encrypt file using AES algorithm} {e3=Send part of encryption key to tenant} {e4=Store encrypted file to cloud}
P3 = {e1, e2, e3, e4}
Where {e1=check download file}
{e2=Check encryption key by user and part of key by CR} {e3=Decrypt file using AES algorithm}
{e4=Send decrypted file to user as an attachment} Functional Dependencies
a) User have to initiate the algorithms b)Database will be maintained at central.
Input: Request of business data file upload/download
D.Practical work
Figure2.Homepage
Figure3.Homepage for attack
Figure 5. Client Page
Figure 6.DDos Attack
E.Results
Fig 7 shows graph for system require time forfile transfer (i.e for uploading)at various security level in this fig x-axis show the file size and y-axis show the time required to file upload.`
Fig9.shows graph for process validation time, in this figure x-axis define number of tenant virtual machines and y-axis define time in millisecond for process validation.
Number of TVM
Figure8. Process validation time
V.CONCLUSION AND FUTURESCOPE
In this paper we have discussed architecture for security which provides a security as a service model. By applying powerful encryption algorithm data storing on cloud provide more secured storage.Proposed system works on the security services which are offered by cloud provider as part of its infrastructure to its tenants (customers) to respond these attacks.Our main contribution is the design and implementation of the security architecture and discusses how attack are counteracted by the proposed architecture. The results confirmeffectiveness and efficiency of solution.In future we are trying to extend our policy to encrypt multiple file with multiple location.Security problems cannot be solve completely, In future we are trying to use better and powerful security measures to provide max security which can gain the trust of client to store and access their data from cloud.
REFERENCES
[1] L. Youseff,M.Butrico, and D. Da Silva, “Towards a unified ontology of cloud computing,” in Proc. 2008 Grid Computing EnvironmentsWorkshop.
[2] Amazon Inc., “Amazon elastic compute cloud (Amazon EC2),” 2011.
[3] J. E. Smith and R. Nair, “The architecture of virtual machines,” IEEE Internet Comput., May 2005..
[4] T. Garfinkel and M. Rosenblum, “A virtual machine introspection based architecture for intrusion detection,” in Proc. 2003 Netw.Distrib.Syst.Security Symp.
[5] “Xen security advisory 19 (CVE-2012-4411)–guest administrator can access QEMU monitor console.”
[6] V. Varadarajan, et al., “Resource-freeing attacks: improve your cloud performance (at your neighbor’s expense),” in Proc. 2012 ACM Comput.Commun. Security Conf.
[7] J. Somorovsky, et al., “All your clouds belong to us—security analysis of cloud management interfaces,” in 2011 ACM Comput.Commun.SecurityConf.
[8] P. Barham, et al., “Xen and the art of virtualization,” in Proc. 2003 ACM Symp.Operating Syst. Principles.
[9] Y. Zhang, et al., “Cross-VM side channels and their use to extract private keys,” in 2012 ACM Comput.Commun.Security Conf. [10] J. Idziorek, M. F. Tannian, and D. Jacobson, “The insecurity of cloud utility models,” IEEE Cloud Comput., pp. 14–18, May–June 2013. [11] R. Beverly, R. Koga, and K. C Claffy, “Initial longitudinal analysis of IP source spoofing capability on the Internet,” July 2013. [12] B. Balacheff, et al., Trusted Computing Platforms — TCPA Technology in Context. Hewlett-Packard Books, 2003.
[13] J. Idziorek, M. F. Tannian, and D. Jacobson, “The insecurity of cloud utility models,” IEEE Cloud Comput., pp. 14–18, May–June 2013. [14] R. Beverly, R. Koga, and K. C Claffy, “Initial longitudinal analysis of IP source spoofing capability on the Internet,” July 2013.
BIOGRAPHY
Neha Gedam Research Scholar RMD Sinhgad School of Engineering Warje, Pune, University of Pune.Received B.E. in Computer science and engineering from Computer Department of G.H.Raisoni College of Engineering, Nagpur from RTMNU. University, Nagpur. Currently persuing M.E.in computer engineering from RMD Sinhgad School Of Engineering Warje, Pune, India.
