Research Article
July
2017
International Journals of Advanced Research in
Computer Science and Software Engineering
ISSN: 2277-128X (Volume-7, Issue-7)
A Review on Multiple Layer Security of Cloud Server
Sanjeev Kumar, Dr. Mukesh Kumar
Department of Computer Science and Engineering, Technological Institute of Textile and Sciences, Haryana, India
DOI: 10.23956/ijarcsse/V7I5/0181
Abstract— Cloud services[1] are offering flexible & scalable services. But there is always issue of security. When data is transferred from centrally located server storage to different cloud compromise of person & private data would increase. There is always risk to confidentiality & availability of data prior to selecting a cloud vender or choosing own cloud & cloud service migration. Cloud services usually have their security concerns that must be addressed. In this paper we have discussed threats to cloud service & data in case of conventional security system & modern security system & proposed an idea to secure data on cloud using multiple layers of security.
Keywords— Cloud computing, Multiple Layer, Server, Security, Network.
I. INTRODUCTION[1]
Cloud may be network or internet & it is something that is available at remote place. It provides services over network that are public & private.
Fig 1 Cloud based solution [21]
They are used in wide area network, local area network or virtual private network. Several application like email & web based conferencing executes on cloud. Platform independency is offered by cloud computing because there is no need to install software on personal computer. So we can say that our business applications[13] are mobile & collaborative due to cloud computing.
Some significant statistical information related to cloud computing is
Usage of Cloud computing is increasing day by day industry experts are using it to promote business.
1. Snow made staff shortages for seventy three percent & thirty nine percent was able to work remotely. 2. It is expected by 2020 that Cloud computing market rise from $40.7 billion to $241 billion.
3. Cloud computing is expected to save 85 million tons net CO₂ by same year that would shows green effect. 4. Cloud computing is reducing cost of IT labour by 50% according to Chief Technology Officer of IBM. 5. Cloud computing is able to save 90% cost of small business energy.
6. For 80% small business is significant to purchase cloud computing. 7. It is agreed by 58% that the cloud provide better control of data.
8. By 2014, 41% of profit oriented business owners have planned to invest in cloud. 9. 63% Industry are using of Cloud Computing for financial Services.
Sanjeev et al., International Journal of Advanced Research in Computer Science and Software Engineering7(7) ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483 11. 59% Industry are using of Cloud Computing for Healthcare Services.
12. 51% Industry are using of Cloud Computing for Transportation Services.
13. It is agreed by 50% that business agility is considered the main reason to adopt cloud applications.
14. Improvement of end-user experience has been made by 72% of organisations that are using private cloud servers. Following is the details of percentage of industry that are using cloud computing services
Table 1 Percentage of industry using cloud computing services
Cloud computing services used by Intudustires
0 10 20 30 40 50 60 70 F in a n c ia l S e rv ic e M a n u fa c tu ri n g S e rv ic e H e a lth c a re S e rv ic e s T ra n s p o rt a tio n S e rv ic e s Services P e rc e n ta g e Financial Service Manufacturing Service Healthcare Services Transportation Services
Fig 2 Cloud computing services used by Industries
There are several services that are making cloud computing more feasible & easily accessible to users.
Cloud computing is providing number of advantages but there are several risks associated with this technology. Following table represents the use of cloud computing services in enterprises.
Table 2 Use of cloud computing services in enterprises
Country Uses Email Storage CRM
Belgium 28 65 62 33
Germany 16 49 63 18
Ireland 36 70 75 30
Greece 9 68 58 23
Spain 18 69 69 29
France 17 61 69 29
Italy 22 85 41 19
Poland 8 69 57 26
Austria 17 55 61 26
Romania 7 68 52 19
Finland 57 74 63 34
United kingdom 35 62 69 31
SCOPE OF CLOUD COMPUTING [3]
Cloud computing provides several benefits. User on internet could access remote applications in form of utilities. User at any time could change & configure application online. Online development tools are offered by cloud computing.
Type of Services Percentage
Financial Service 63
Manufacturing Service 62
Healthcare Services 59
ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483
Fig 3 Scope of Cloud Computing [20]
Online deployment tools are provided by cloud computing. Clients are provided platform independent access of cloud resources that are available on internet. On-demand self services are offered by cloud computing & there is no need of interaction with cloud service provider. Cloud computing operates at high efficiency & it does optimum utilization so it is highly cost effective. Load Balancing feature of cloud computing represent that it is more reliable.
II. NEED OF CLOUD COMPUTING[14]
1. Its provides 24x7 Support 2. Cloud computing pay as we use 3. It has lower Total Cost of owner ship
4. Cloud computing provides Reliability, scalability, sustainability. 5. It provides Secure Storage Management Expenditure.
6. It is capable to Free up Internal Resources. 7. Such systems are Highly Automated. 8. These Systems are Utility Based. 9. It allows Easy & Agile Deployments.
10. Such systems are Device & Location Independent.
Sanjeev et al., International Journal of Advanced Research in Computer Science and Software Engineering7(7) ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483
III. CLOUD SERVER MODEL[12]
Type of access to cloud has been defined by Deployment model. There are four types of accessibility in cloud that are public access, private access, Hybrid access & Community access.
Public Cloud
Access to general public is allowed by public cloud. Due to openness public cloud is less secure
Fig 5 Cloud server model[19]
Private Cloud [17]
Due to its private nature private cloud is considered more safe & secure.
Community Cloud[14]
Accessibility to a particular group is allowed by community cloud.
Hybrid Cloud[16]
A Hybrid Cloud could be considered as combination of public cloud & private cloud where private cloud does critical tasks & public cloud does tasks that are not considered critical.
The Service Models[14]
We have three main service models in the cloud computing. First can be taken Infrastructure like a Service, the Second is Platform like a Service and the last one can be Software like a Service.
IV. SECURITY ISSUES IN CLOUD COMPUTING [3]
Third party provides data & infrastructure management in cloud computing so security of cloud is biggest concern. There is a risk in providing sensitive data to cloud service provider. Any security breach could result in customer or business loss so venders provide protection to accounts.
Fig 6. Security in Hybrid Cloud[18]
Customer cannot switch from one cloud service provider to another quickly so he is dependent on cloud service provider for service. Customer management interface is usually accessible on network in case of various public cloud service providers.
ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483
Fig 7 Data Security on cloud
The statistical data related to security threats related to cloud computing:
1. Average enterprise are usually facing 23.2 threats related to cloud every month. 2. It represents 18.4 % increase in previous year.
3. Every organization is facing minimum one threat per month.
4. Average enterprise are facing 10.9 insider threats related to cloud every month.
5. 93.5 % of organizations are facing at least one insider threats that are malicious each month. 6. Data security and privacy requirements of enterprises of 8.1% are met only.
7. There are 31.3 percent blocked cloud services at enterprises as there are considered risky. 8. Pirate Bay is most commonly blocked cloud service.
V. CRYPTOGRAPHY[4]
Cryptography [4] is process of hiding plan data or information in form of cipher text. It is process used to keep information safe & hidden. Modern Cryptography is combination of computer science, mathematics & electrical engineering.
It is used in computer passwords & ATM Cards & e-commerce sites. During data transmission data is encrypted before data is transferred.
The encrypted data is known as cipher text. This modification makes data non readable. To understand this data user have to decrypt data. Cryptanalysis is process of studying cipher text in order to find hidden data.
Encryption Decryption
Fig 8 Encryption & Decryption process
DES BASED ENCRYPTION
Data Encryption Standard is considered as symmetric-key block cipher. It was developed by National Institute of Standards & Technology. Data Encryption Standard is considered as implementation of a Feistel Cipher. DES uses 16 round Feistel structure. Block size is 64-bit.
Plain
text
Cipher
Text
Plain
text
Sanjeev et al., International Journal of Advanced Research in Computer Science and Software Engineering7(7) ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483
Fig 9 DES Based Encryption [23]
AES BASED ENCRYPTION
Advanced Encryption Standard is known as symmetric encryption algorithm. Belgian cryptographer Joan Daemen and Vincent Rijmen wrote this Algorithm. AES has been developed for hardware and software. It is supporting block length of 128 bits. The Key length of 128, 192, and 256 bits is supported by it.
Fig 10 AES Based Encryption [22]
Algorithm for Encoding to make Encryption in AES
Step 1: Set array of tlb to
'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o ','p','q','r','s','t','u','v', 'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+','/'
Step 2 take a string buffer Step 3 pad = 0;
Step 4 i = 0
Step 5: increase I by 3 until i is less than length of data and repeat step 6 to Step 15 Step 6: perform And operation on data[i] with 0XFF store in k1
Step 7: Perform Left Shift k1 with 16 and store in k2
ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483 Perform And Operation on data[i+1] with 0xFF and store in k3
Perform Left Shift with 8 and store in k4.
Perform Or operation with b and k4 and store in b Otherwise increment in pad by 1.
Step 10: if (i+2) is less than length of data than
Perform And Operation on data[i+2] with 0xFF and store in k5 Perform Or operation with b and k5 and store in b
Otherwise increment in pad by 1.
Step 11: set j to 0 and repeat until j is less than 4-pad, increment j by 1 Step 12: perform And operation b and 0XFC0000 and store result in k6 Step 13: perform 18 bit shifting on k6 and store in c
Step 14: Append buffer with tbl[c] Step 15: Perform 6 bit right shift on b.
Step 16: set j to 0 and make increment in j by until j is less than pad variable , append “=” in buffer variable Step 17: Return the value of buffer variable
Step 18: Algorithm of encode ends here
Algorithm for Decoding to make decryption in AES
Step 1: Set matrix tbl = { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, 62, --1, --1, --1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 6-1, --1, --1, --1, --1, --1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30,31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, --1, -1 }
Step 2: Get Bytes from data and set bytes in bytes array.
Step 3 Set i=0 and repeat following until i is less than length of bytes Set b = 0
Step 4: if tbl[bytes[i]] is not equal to -1
Step 5: Perform And operation with tbl[bytes[i]] and 0Xff and set in k1 and shift 18 bit and store in b Other wise
Increment i by 1 and continue Step 6: Set num = 0;
Step 7: if (i + 1 < bytes.length && tbl[bytes[i+1]] != -1) Perform b= b | ((tbl[bytes[i+1]] & 0xFF) << 12) Increment num by 1
Step 8: if (i + 2 < bytes.length && tbl[bytes[i+2]] != -1)
Perform calculation b = b | ((tbl[bytes[i+2]] & 0xFF) << 6); Increment num by 1
Step 9: if (i + 3 < bytes.length && tbl[bytes[i+3]] != -1) Set b = b | (tbl[bytes[i+3]] & 0xFF)
Increment num by 1
Step 10: Repeat step 11,12,13 until num > 0 Step 11: Set c = (b & 0xFF0000) >> 16; Step 12: Write c in buffer
Step 13: shift 8 bit in b Step 14: Decrement num by 1
Step 14: Increment 4 by i and store in i Step 15: Return value of buffer
VI. TOOLS AND TECHNOLOGY Hardware Requirement
1. CPU (1Ghz & above) 2. RAM (1 GB)
3. HARDDISK (10 GB FREE SPACE) 4. MONITOR
5. KEY BOARD AND MOUSE
Software Requirement
Sanjeev et al., International Journal of Advanced Research in Computer Science and Software Engineering7(7) ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483
MATLAB
Matlab is known as Language of Technical Computing. It is considered as a high-level language with interactive environment. Matlab makes us able to perform on a computation based tasks quicker compared to the other programming languages like C, C++, and Fortran.
Matrix is a rectangular array of numbers in MATLAB environment. Its Meaning is attached to 1x1 matrices. These are scalars. In order to matrices with one row or column there are vectors. The MATLAB has different ways to store numeric & nonnumeric data. To consider everything as a matrix in beginning will be best. Operations in the MATLAB have designed to make it natural. Other Programming languages than Matlab work with the numbers one at one time but MATLAB works with th complete matrices very quickly and easily.
Characteristics of the Matlab
1. It is a High-level language for the technical computing
2. This has a development environment for the managing code, data and files.
3. It has many Interactive tools for various purposes like iterative exploration, to design and to solve the problem. 4. The Matlab consists of Fourier analysis, optimization, filtering, Mathematical functions for the linear algebra,
numerical integration and statistics.
5. These two dimensional & three dimensional graphics functions have been used to visualize data 6. Matlab is tools to build custom graphical user interfaces
7. There are lot of Functions to integrate the MATLAB based algorithms which have external applications with the languages like C, C++, Java, Fortran, Microsoft Excel and COM.
VII. OBJECTIVE OF RESEARCH
The objective of research is to provide security to cloud environment by providing additional security layer. In this research we would
1. Establish cloud based data transmission environment. 2. Perform data transmission in cloud server & clients.
3. Investigate security loop holes to existing security mechanisms.
4. Providing better security to cloud environment using cryptography to secure data from cryptanalyst. 5. Provide data transmission security using socket & port based programming.
VIII. FUTURE SCOPE AND CONCLUSION
Cloud has provided flexible & scalable services. But there would issue of security due to data transfer from one cloud server storage to another cloud. This research would reduce risk to confidentiality & availability of data prior to selecting a cloud vender or choosing own cloud. security concerns of cloud services have been addressed in our research. In this research we would provide modern security system & proposed an idea to secure data on cloud using multiple layers of security.
REFERENCE
[1] Peter mill & Tim grance, The NIST Definition of Cloud Computing, 2011, National Institute of Standards & Technology, Gaitherbsburg, MD 20899-8930, NIST.
[2] In April 2001 by Ben Y. Zhao, Anthony Joseph and John Kubiatowicz. Tapestry: The infrastructure for fault tolerant and wide-area location and routing.
[3] Ellen Messmer New security demands arising for virtualization, cloud computing, 2011,security demands arising for the purpose of virtualization cloud computing.html
[4] Sumedha Kaushik & Ankur Singhal, Network Security Using Cryptographic Techniques 2012, volume 2, Issue 12.
[5] Charles Miers & Marcos Simplicio, A quantitative analysis of current security concerns & solutions for cloud computing in 2012.
[6] Nelson Gonzalez. , A quantitative analysis with 7s of the current security concerns & solutions in case of cloud computing in 2012, The Journal of Cloud Computing: Advances, Systems & Applications, The electronic version of this article is complete one & could be found online
[7] Security Guidance for Critical Areas of Focus in Cloud Computing in 2009, Tech. rep., Cloud Security Alliance. [8] In June 1997 by Andrea W. Richa Rajmohan Rajaraman C. Greg Plaxton,. To Access the nearby copies of
replicated objects in the distributed environment.
[9] In July2001 M. Frans Kaashoek ,Stefan Saroiu Steven D. Gribble and , P. Krishna Gummadi . The Measurement Study of the Peer-to- Peer File Sharing
[10] Hu, Tung-Hui (2015). A Prehistory of the Cloud. MIT Press. ISBN 978-0-262-02951-3.
[11] Dario Bruneo, Francesco Longo, Antonio Puliafito, Salvatore Distefano, Marco Scarpa: Workload-Based Software Rejuvenation in Cloud Systems. IEEE Trans: 1072–1085 in 2013
ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I5/0181, pp. 475-483 [13] Marston, Sean; Bandyopadhyay, Li, Zhi; Subhajyoti; Ghalsasi, Anand; Zhang, Juheng. Cloud computing : The
business perspective. Decision Support Systems. 51: 176–189. [14] Evolution of Cloud Computing. Retrieved 22 Apr 2015.
[15] Disadvantages of Cloud Computing (Part 1) - Limited control and flexibility. www.cloudacademy.com. Retrieved 3 Nov 2013
[16] Dario Bruneo, Salvatore Distefano,Francesco Longo, Antonio Puliafito, Marco Scarpa: Workload Based Software Rejuvenation in Cloud Systems. IEEE Trans. Computers: 1072–1085 (2013)
[17] King, Rachael. Cloud Computing: Small Companies Take Flight. Bloomberg BusinessWeek. Retrieved 22 August 2010.
[18] http://www.infoexchangeja.com/uploads/blog_thumbs/secure_hybrid_cloud.jpg
[19] http://surfcloudtech.com/wp-content/uploads/2017/01/Cloud-Computing-Deployment-Models.png [20] https://grupodigitexblog.files.wordpress.com/2016/07/cloud-computing.jpg
[21] https://lauriemccabe.files.wordpress.com/2012/09/slide3.png [22] https://i.stack.imgur.com/SnHH2.png
![Fig 1 Cloud based solution [21]](https://thumb-us.123doks.com/thumbv2/123dok_us/7818488.2087172/1.595.187.406.336.585/fig-cloud-based-solution.webp)
![Fig 3 Scope of Cloud Computing [20]](https://thumb-us.123doks.com/thumbv2/123dok_us/7818488.2087172/3.595.201.393.561.767/fig-scope-cloud-computing.webp)
![Fig 5 Cloud server model[19]](https://thumb-us.123doks.com/thumbv2/123dok_us/7818488.2087172/4.595.148.451.526.715/fig-cloud-server-model.webp)
![Fig 9 DES Based Encryption [23]](https://thumb-us.123doks.com/thumbv2/123dok_us/7818488.2087172/6.595.152.449.347.623/fig-des-based-encryption.webp)
