A Security Issues and Approaches in Cloud Computing

(1)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, ISO 9001:2008 Certified Journal, Volume 9, Issue 3, March 2019)

147

A Security Issues and Approaches in Cloud Computing

Dr. Shailja Sharma

1

, Sheeba Khan

2

1_{Associate Professor,Department of Computer Science & Engineering, RNTU University, Bhopal, India} 2_{Assistant Professor, IPER College, Bhopal, India}

Abstract— This paper discusses the data security in computing of cloud and also focuses on the study of information in the cloud and all aspects that are related to concerning security. It also discusses the probable fear of data security in the cloud environment and their solutions adopt by an assortment of service providers to defend security of data. Research paper will depart in to details of defense for data rules with approaches used to ensure maximum fortification of data by decreasing risks as well as threats. Data availability in the cloud is advantageous for numerous applications

For the more perspective, research focus on confidentiality of data perpetuation which becomes more complex with flexible data sharing among a vibrant user group. It requires the concealment of outsourced data and a competent sharing of decryption keys between different certified users. For this reason a variety of methods are offered some of them focus on the use of attribute based cryptography ABC with AES.

Keywords— Data Security, Cryptography, Public key, Data Protection, Privacy, Risks and threats.

I. INTRODUCTION

Computing in the cloud paradigm is an emerging and increasingly popular computing paradigm, which provides the users massive computing, storage, and software resources on demand. Resources of system are fundamentally shared by numerous users and applications; an admirable task scheduling plan is significant to utilization of resource and system performance [2]. Computing in the cloud environment is currently getting considerable attention in both scholastic and manufacturing areas. When using cloud-based services, one is entrusting their information to a third-party for storage and security. The biggest obstacle these days in the cloud computing environment is security. Cloud security means that how much our system is secure from hackers. Every user wants privacy of his data should be confidential. It means that data should not be retrieved through any unauthorized person. We should give privacy and security issues on our top priority. In privacy, we also have cloud integrity. It means that all the user data safely stored on cloud server so that no one can change this data. And also all the programs are executed properly. There should be no distortion in execution of programs. If we divide the data into many small chunks then security issue will be significantly resolved.

Because if some hackers access any chunk then hacker will get only a part of that data which is meaningless. So that whole data will secure from unauthorized users. There are many methods and schemes for securing our data [15]. The majority of security common model contains three layers. This model has three layers. Each layer does its task. In first layer we check External Cloud Internal Cloud Privacy Data Protection Access Control that either user is authenticated or not. In second layer, data will be encrypted by using best encryption algorithm. Integration will also be done in this layer. In third

[image:1.612.325.568.379.566.2]

Layer we recover our data. The recovery of our data depends upon the speed of decryption. We have also many encryption algorithms for making our data secure.

Fig 1: Basic Security Model Architecture

Goal of this research paper is to propose a Model for security of data in computing of cloud environment [6].

(2)

International Journal of Emerging Technology and Advanced Engineering

148

II. SECURITY THREATS IN CLOUD

Cloud computing is facing a lot of security issues. Those issues are listed below [6, 10]:

A.Data loss.

B.Malicious insiders.

C.Insecurity of interfaces and APIs. D.Hijacking of account and service. E.Leakage of data.

F.Denial of service. G.Technology sharing risk.

H.Integration of data and protection.

Fig2. Threats of security in computing of cloud

A.Data Loss:

Companies outsource their data on the cloud because of low cost and safety point of view but there is the chance of data loss. There are many possibilities of data loss during out sourcing of data some are given below [5].

1.Malicious attack 2.Server crash

3.Deletion of data by the providers 4.No data backup

5.Loss of encryption key

There are many solutions to avoid loss of data in cloud computing some are.

Use of strong API for access control.

Analysis of data protection at runtime as well as compile time.

Use of strong key generation scheme.

Apply proper backup and retention schemes.

B.Malicious insiders:

Malicious insiders Means the person who have authorization for accessing the information regarding cloud data that can be DBA (Data Base Administrator), employee, partners, etc of the cloud organization. Those people can theft and corrupt the information if any other company paid higher amount

C.Insecurity of interfaces and APIs:

The interaction between cloud service providers and client should be through application programming interface (APIs).So these APIs should be secure for preventing unauthorized access.

D.Hijacking of account and service:

Every cloud user having their account and password for the security. If any of them hijacked their account then this person can access the account and theft all the necessary information after that he can delete all information or sell this information to others who wants that information in the market.

E.Leakage of data:

The cloud service provides the facility to the every user for transferring and accessing data of any location in the world so there is the chance of data leakage. This will shows the weakness in the security of cloud and physical transport system of cloud.

F.Denial of service:

Availability is the important parameter in the computing of cloud for this many of the company need their system to be available all the time. One more thing in computing in cloud is resource sharing among the users. If any attacker use all the resources of computing in the cloud then no one can use his desired resources this is called denial of service. When this is occur user will access their resource very slow and this will also effect on the availability of cloud.

G.Technology sharing risk:

Infrastructure as a service is based upon shared infrastructure .this service has not been designed with multi tenant architecture so this architecture is important for removing this risk.

H.Integration of data and protection :

(3)

International Journal of Emerging Technology and Advanced Engineering

149

III. REQUIREMENTS FOR SECURITY IN CLOUD COMPUTING.

[image:3.612.53.285.225.440.2]

ISO (International standard organization), Information Security should cover a number of recommended substance. Computing of cloud security should besides guided in this regard in order to become an impressive and secure technology solution.

Fig 3: Security requirements in computing of cloud

Figure 3, represents the security requirements in information tightly joined with the deployment model of cloud and delivery models. [7]. In Figure 3, the different cloud delivery models and deployment models are matched up against the security requirement for information where “N” represents necessary requirements and “o” represents the optional requirements.

However future task is needed in investigating of the optimal balance required in securing Cloud computing. Figure 3 should be viewed in context as a guideline in assessing the security level. The cloud requirements of security will be highlighted below in context of Cloud computing.

A. Identification B. Authentication C. Anonymity

D. Authorization E. Confidentiality F. Integrity G. Non-repudiation H. Availability

IV. SECURITY ALGORITHMS AND ITS PARAMETERS

In cloud computation, data security is not only concerned with encryption but also many other processes. Risk of data loss depends upon the following parameters.

A.Rest of data B.Transit of data

A. Reset of data:

When cloud user accesses their data from the cloud with the help of internet this is referred as Reset of data. This process works with live data where as backups of data.

Fig4. Data at Reset and transit

B. Transit of data:

Moment of data in the process of in and out in the cloud is referred as transit of data. When user upload their information on the cloud at that time it refereed as transit of data. So this is the time for the hacker to hijacking user’s data, to prevent this Encryption and Decryption process should be adopted [8].

Encryption [11] and decryption has an important role in cryptography techniques. Now day’s two types of cryptography methods used for encryption and decryption of data those are:

(4)

International Journal of Emerging Technology and Advanced Engineering

[image:4.612.50.288.142.289.2]

150

Fig 5 A Basic Cryptography Approach

Researcher concludes that Encryption with Asymmetric key is the most excellent technique for the data security. In this technique two keys specifically private and public will be used between sender and receiver to encrypt and decrypt the data.

Now a day’s Different cryptography techniques are used for data encryption. By means of the use of Cryptography level of security will be improved the same as some important parameters also is increased these are:

1.Level of data protection 2.Integrity of contents 3.User authentication 4.Availability.

Cryptography is the process for hiding original content at the time of sending plain text. The Process of cryptography as follows:

1.By use of encryption method cipher text will be encrypted.

2.Assign encrypted key with this encrypted text at the sender end.

3.Send this encrypted text with key to the other end. 4.Decry pt this message at receiver end with the help of

decryption key.

There are three basic algorithm and function used of cryptography

A.Ciphers Block B.Ciphers Stream C.Hash Functions

A. Cipher Block:

Cipher block is an algorithm for encryption of data. This algorithm create block of data which are required for the user. So this algorithm applied on whole bock instead of every bit of data with the use of block mechanism this is called cipher block.

[image:4.612.325.563.188.351.2]

If any one used this method for security of data then firstly plain text divided into form of block the size of these blocks will be 64 bits. Data of this block should be encrypted with the help of encryption key.

Fig 6: Cipher Block

B. Cipher stream:

Cipher stream technique [9] also known as state cipher because it is depending upon the cipher current state. This is not used block for encryption like cipher block. Basically this is the stream dependent method so here encryption will be applied on each data bit as well as encryption key also is applied on each data bit one at a time. Same procedure adopted at the time of decryption.

It has more advantage in comparison block cipher because it required less hardware complexity but user can face serious security issue when this is not applied properly on data.

[image:4.612.327.560.521.674.2]

(5)

International Journal of Emerging Technology and Advanced Engineering

151

C. Hash function:

Hash function is the mathematical function .Hash function replaces the input text value to string of alphanumeric. This technique also ensures that no two strings can have same string of alphanumeric as an output. Hash function is very simple mathematical function shown as below [9]

F(x) = x mod 10... (1)

All of these above mentioned methods and techniques are widely used for encrypting the data in the cloud to ensure security of data. These techniques may vary from one scenario to another. Whatever technique is used. These are highly recommended techniques to ensure the data security in both private and public clouds.

V. COMPARISON OF CRYPTOGRAPHIC ALGORITHMS

The table 1 gives the comparison between all algorithms that are previously discussed from the reference section. On the basis of these comparison following parameters is compared for finding best suitable security algorithm these parameters are:

1.Name of algorithm

2.Size of Key and block that are used in Algorithm 3.Round

4.Structure 5.Flexibility

6.Features of security

Table1:

Security algorithms comparison.

Name of Algorithm Size of key Size of block Ro un d

Structure Fle xib le

Features of Security

DES 64 bits

64bit s

16 Festiel function(F )

No Not Strong Enough

E-DES 1024 bits

128 bits

16 Festiel function(F )

Good Security and fast Speed

T-DES 112 or

168 64 bits

48 Festiel function(F ) YE S Adequate Security and Fast

RSA 1024 to

128 bits

1 Public Key Algorithm

No Excellent Security and Low Speed 4096 BLOWFI SH 32-448 64 bits

16 Festiel function

Yes Fast Cipher in SSL

DSA Varia ble

Public Key Algorithm

Yes Good Security and fast Speed

RC6 128 bits to 256 bits 128 bits

20 Festiel function

Yes Good Security

AES 128, 192, 256 Bits 128 bits 10, 12, 14 Substitutio n Permutatio n

Yes Security is excellent. It is

best in security and Encryption performance

One more algorithm in the aspect of cloud is Attribute based encryption algorithm (ABE). It has access polices for the attribute set to identifying the owner who want to share their data and one more this that is good for security is encrypted data and key are stored on the servers of cloud. Hence to enhance the security of the data on the servers AES algorithm is used. First data is encrypted using AES algorithm and later it is encrypted using ABE.

VI. RESULT AND DISCUSSION

From the above, the comparisons of the algorithms are based upon the following factor to find out which security algorithm is best in providing security in computing of cloud:

1. Key size 2. Size of block 3. Round 4. Structure 5. Flexibility

(6)

International Journal of Emerging Technology and Advanced Engineering

152

[image:6.612.48.291.213.366.2]

Cloud environment required more security so researcher decides that AES with ABE Algorithms is best suitable for the future work [13] because this concept provide double encryption to providing the best security in computing of cloud paradigms. The overall encryption process by using AES with ABE shown below [18].

Fig 8: Encryption process of files with use of AES and ABE algorithm.

VII. CONCLUSION

This paper presents brief introduction and functionality of the mainly significant cryptography algorithms with the process and also describes the threats inside the security of cloud. These cryptography algorithms are premeditated and analyzed well in order to help in increasing the performance of the existing cryptography methods. The outcome shows the techniques that are useful for real-time encryption. All encryption methods have proven to have their advantages and setbacks and have proven to be appropriate for different applications. The comparison between Symmetric and Asymmetric algorithms shows that Symmetric algorithms are faster than their Asymmetric counterparts. Through the previous studies and the comparison of possible outcomes, researcher find that the most reliable algorithm is AES in term of speed encryption, decoding, complexity, the length of the key, structure and flexibility. If researcher will use AES with ABE (Attribute based encryption). It will give best outcome in the aspect of security in the computing of cloud paradigms.

REFERENCES

[1] Shoaib Hassan, Asim Abbas kamboh, Dr. Farooque Azam, “Analysis of Cloud Computing Performance, Scalability, Availability & Security”, In the Proceedings of the 2014 International Conference on Information Science & Applications (ICISA), Seoul, South Korea, 978-1-4799-4441-5/14/$31.00 ©2014 IEEE.

[2] Chao YANG, Weiwei LIN, Mingqi LIU “A Novel Triple Encryption Scheme for Hadoop-based Cloud Data Security”, In the Proceedings of the 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies, Xi'an, China, pp.437-442, 2013, 978-0-7695-5044-2/13 $26.00 © 2013 IEEE.

[3] J.Srinivas, K. Reddy, and A. Qyser, “Cloud Computing Basics”, International Journal of Advanced Research in Computer and Communication Engineering, Vol. 1, Issue. 5, pp. 3–22, 2012. [4] Eman M.Mohamed, Hatem S. Abdelkader, Sherif EI-Etriby

“Enhanced Data Security Model for Cloud Computing”, In Proceeding of the 2012 8th International Conference. On Informatics and Systems (INFOS2012), Cairo, Egypt, pp. 12–17, 2012. [5] Pankaj Gehaloach, Rohit Mahajan, “Cloud Computing Security

Issues and Challenges: A Review,” International Journals of Advanced Research in Computer Science and Software Engineering, Volume-8, Issue-1, pp.60-66, 2018.

[6] Sultan Aldossary, William Allen, “Data Security, Privacy, Availability and Integrity in Cloud Computing: Issues and Current Solutions”, International Journal of Advanced Computer Science and Applications, Vol. 7, No. 4, pp.485-498, 2016.

[7] Shivlal Mewada, Umesh Kumar Singh, Pradeep Sharma, “ Security Enhancement in Cloud Computing “International Journal of Scientific Research in Computer Science and Engineering, Volume-1, Issue-Volume-1, pp.31-37,2013.

[8] E. Poonguzhali, Suhas Rao M V, Shanth GK, Mujasem Khanum “Protection and Security of Data in Cloud Computing”, International Journal of Engineering Research & Technology (IJERT), Volume 5, Issue 19, pp.1-4,2017.

[9] Ahmed Albugmi, Madini O. Alassafi, Robert Walters, Gary Wills, “Data Security in Cloud Computing, ”In Proceeding of 2016 5th International conference on Future generation communication technologies(FGCT), Luton , pp. 55–59, 2016.

[10] Ravindra Sandaruwan Ranaweera, Eiji Oki, Nattapong Kitsuwan,” Non-local Data Fetch Scheme Based on Delay Distribution for Hadoop Clusters in Public Cloud “,In Proceeding of 2018 4th IEEE International Conference on Big Data Security on Cloud, Omaha, NE, USA, pp.188-193, 2018.

[11] Bih-Hwang Lee, Ervin Kusuma Dewi, Muhammad Farid Wajdi,” Data Security in Cloud Computing Using AES Under HEROKU Cloud”, In proceeding of 2018 The 27th Wireless and Optical Communications Conference (WOCC2018), Hualien, Taiwan, 978-1-5386-4959-6/18/$31.00 ©2018 IEEE.

[12] Bo Mao, Suzhen Wu, Hong Jiang” Exploiting Workload Characteristics and Service Diversity to Improve the Availability of Cloud Storage Systems”, IEEE Transactions on Parallel and Distributed Systems, VOL. 27, NO. 7, 2016, pp.2010-2021, 2016. [13] Steve Moffat, Mohammad Hammoudeh, Robert Hegarty,” A Survey

on Cipher text-Policy Attribute-based Encryption (CP-ABE) Approaches to Data Security on Mobile Devices and its Application to IoT”,In proceeding of 2017 ICFNDS, ACM, Cambridge, United Kingdom, 978-1-4503-4844-7/17/07.

(7)

International Journal of Emerging Technology and Advanced Engineering

153

[15] Madini O. Alassafi, Abdulrahman Alharthi, Robert J. Walters, Gary B. Wills,” A framework for critical security factors that influence the decision of cloud adoption by Saudi government agencies”, TelematInformat.(2017),http://dx.doi.org/10.1016/j.tele.2017.04.010, Published by ElsevierLtd.2017.

[16] Farhan Bashir Shaikh, Sajjad Haider,“ Security Threats in Cloud Computing “In the proceeding of 2011 6th International Conference on Internet Technology and Secured Transactions, Abu Dhabi, United Arab Emirates,IEEE, pp.214-219,2011.

[17] B. Sri Varsha, P.S. Suryateja, “Using Attribute-Based Encryption with Advanced Encryption Standard for Secure and Scalable Sharing of Personal Health Records in Cloud”, International Journal of Computer Science and Information Technologies (IJCSIT), Vol. 5 (5), pp. 6395-6399, 2014.