An Efficient Technique to provide Security for Data Owners in Cloud Computing

An Efficient Technique to provide Security for Data Owners in Cloud Computing

Nagaram Ramesh	B. Nagaveni	P. Satyavathi
Asst. Professor	Asst. Professor	Asst. Professor
CMR Technical Campus,	BVRIT,	CMR Technical Campus,
Hyderabad, AP, INDIA.	Hyderabad, AP, INDIA.	Hyderabad, AP, INDIA.

ABSTRACT

Cloud computing emerges as a paradigm of Internet computing in which dynamical, scalable and often virtualized resources are highly centralized, and the super-storage center on the Internet provides storage services for users by virtualization technology. And offers diverse services for the public by means of multi- tenancy mode. Although users are enjoying the capabilities of super-computing and mass storage supplied by cloud computing, cloud security still remains as a hot spot problem, which is in essence the trust management between data owners and storage service providers. Cloud security is the security problem of virtual storage in cloud computing. The classic problem of data storage turns into a social problem of the selection on data storage services for data owners, which reflects human social activities onto the Internet in miniature. Data owners care about whether the provider of data storage service will use their data, or reveal to the third party without authorization. Therefore, the trust management between data owners and storage services providers is the essential problem in cloud security, which demands for an effective stipulation of data usage. Hence, we propose a data coloring method based on cloud watermarking to solve the trust management issue between data owners and storage service providers. A data coloring method based on cloud watermarking to recognize and ensure mutual reputations. The experimental results show that the robustness of reverse cloud generator can guarantee users embedded social reputation identifications. Hence, our work provides a reference solution to the critical problem of cloud security.

Keywords —- Cloud computing, cloud security, trust management, cloud watermarking, data coloring.

1. INTRODUCTION

   Cloud computing is Internet-based computing, whereby shared resources, software and information are

   provided to consumers on-demand, similar to the functioning of the electricity grid. It describes a new consumption and delivery model for IT services based on the Internet and typically involves the provisioning of dynamically scalable and often virtualized resources as-a-service over the Internet. Customers do not own or maintain the physical infrastructure and avoid capital expenditure by renting resources from a third-party provider. They consume resources as-a-service and pay only for resources that they consume.

   Cloud computing as a delivery model for IT services is defined by the National Institute of Standards and Technology (NIST) as a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

   NIST specify five characteristics of cloud computing On-demand self-service involves customers using a web site or similar control panel interface to provision computing resources such as additional computers, network bandwidth or user email accounts, without requiring human interaction between customers and the vendor.

   Broad network access enables customers to access computing resources over networks such as the Internet from a broad range of computing devices such as laptops and smart-phones.

   Resource pooling involves vendors using shared computing resources to provide cloud services to multiple customers. Virtualization and multi-tenancy mechanisms are typically used to both segregate and protect each customer and their data from other customers, and to make it appear to customers that they are the only user of a shared computer or software application.

   Rapid elasticity enables the fast and automatic increase and decrease to the amount of available computer processing, storage and network bandwidth as required by customer demand.

   Pay-per-use measured service involves customers only paying for the computing resources that they actually use, and being able to monitor their usage. This is analogous to household use of utilities such as electricity.

   Access from anywhere at anytime

   Flexibility and Scalability High reliability and security.

   Businesses can now start small with lean budgets and yet dream big!

2. BACKGROUND AND RELATED WORK

   1. Overview of business drivers to adopt cloud computing

      Cloud computing has the potential to help agencies leverage modern technologies such as computer virtualization and worldwide Internet connectivity. Some of the key business drivers are:

      Pursuing new business opportunities, such as triall- ing new ideas to reach and interact with customers over the Internet.

      Reducing upfront costs of capital expenditure of computer equipment and related expenses such as a physical data centre and support staff, while reducing the associated financial risk to the agency by replacing upfront costs with reasonably predictable operational expenditure, and only paying for the amount of computing processing and data storage that is actually used.

      Potentially reducing ongoing costs due to the use of infrastructure and technical specialists that are typically shared among many customers to achieve economies of scale, however the cost of applying controls to help address security risks especially associated with shared infrastructure may reduce the potential cost savings of some types of cloud computing.

      Potentially improving business continuity and the availability of computing infrastructure if users have guaranteed available network connectivity, where the infrastructure can rapidly and flexibly scale to meet peaks and troughs in usage demand, and with the computing infrastructure typically located in multiple physical locations for improved disaster recovery; and Potentially reducing carbon footprint due to the more efficient use of computer hardware requiring less electricity and less air conditioning.

      There may be good business reasons to move publicly available data to the public cloud. If properly designed, a vendors spare network bandwidth and spare computing capacity automatically helps to mitigate some types of distributed denial of service your choice of computer applications. This piece of technology prevents wastages in finance, because it

      (DDoS) attacks. Technologies such as anycast and international Content Delivery Networks (CDN) can help to mitigate DDoS attacks by geographically distributing the network traffic and computer processing around the world. These technologies to improve the availability and business continuity of publicly available data are prohibitively expensive for every agency to build themselves, though are relatively inexpensive to rent from vendors. Although the availability of an agencys web site may not be affected by a DDoS attack, the agency may have to pay for the computer processing and network bandwidth consumed by the DDoS attack.

      Agencies using cloud computing to store or process publicly available data such as a public web site may not be concerned about confidentiality. Howver, the agencys risk assessment should consider the availability and integrity of the public data, including reputational and other damage if the agencys system is offline, or is compromised and distributes misleading information or malicious content.

      To enable an agency to focus on their core business, the acquisition and maintenance of specialist IT staff, computing software and hardware used to store and process data can be outsourced to a vendor. However, the agency is still ultimately responsible for the protection of their data.

3. NEED AND IMPORTANCE OF RESEA- RCH PROBLEM

   The cloud is inescapable. Headlines catalog every advance and setback in the as-a-service paradigm with equal fervor. Providers trumpet the model as a panacea for every painful budget cut and desperate business need. And IT professionals scramble to come up with a cloud strategy that will not only help their business slash expenses, but also support the kind of operational agility their enterprise needs to get ahead in the marketplace. Yet today, most businesses are still only using the cloud to support a small percentage of their IT needs.

   Cloud Computing means a remote server that is accessed through the internet which helps in business applications and functionality add-ins along with the usage of computer software. The cloud of services and applications in the internet modem is available from the computer. Cloud computing helps in logging in to the computer applications you desire. With Cloud Computing, one can enjoy web services, sales force or office automation programs, even blog sites, spam filtering, data storage services one simply logs into

   saves money that we spend on other cable services for which we will need to pay monthly annual

   subscriptions. The business people are assisted with better tracking activities and stop any further technological disasters such as the loss of data loss, computer viruses and system crashes.

   The business details saved in a virtual server helps in sharing huge amounts of data between various business offices. It is a Web-based application which can be used easily by any person who is traveling without having facilities and servers to connect back to the office through any kind of virtual private network (VPN). Thus it can cease your frustration by saving a lot of your time. The Cloud computing also is an amazing software that saves a lot of money for you. You can understand this by comparing the prices with different sources available. It is difficult to keep a watch over every device and application in the basis of 7 x 24 x 365, therefore cloud computing provides their valuable services in case of emergency situations to reach the company and monitor the procedures. So the services are never interrupted with this best monitoring applications. Cloud computing assess you faster and quicker to technology solutions and thus reducing the business risks. Since the hosting company usually deals with various business opportunities it offers exciting technology solutions and these programs will surely enhance your business in an appealing way.

4. OBJECTIVES

   The objective focuses on technologies specific to the networked, distributed dimension of software and access to services and data. It will support long-term research on new principles, methods, tools and techniques enabling software developers in the EU to easily create interoperable services based on open standards, with sufficient flexibility and at a reasonable cost. Target outcomes

   1. Cloud Computing

      • Intelligent and autonomic management of cloud resources, ensuring agile elastic scalability. Scalable data management strategies, addressing the issues of heterogeneity, consistency, availability, privacy and supporting security.

      • Technologies for infrastructure virtualization, cross platforms execution as needed for service composition across multiple, heterogeneous environments, autonomous management of hardware and software resources.

      • Interoperability amongst different clouds, portability, protection of data in cloud environments, control of data distribution and latency.

      • Seamless support of mobile, context-aware applications.

      • Energy efficiency and sustainability for software and services on the cloud.

      • Architectures and technologies supporting integration of computing and networking environments; implications of Cloud Computing paradigm on networks

      • Open Source implementations of a software stack for Clouds

   2. Internet of Services

      • Service engineering principles, methods and tools supporting development for the Internet of Services, including languages and tools to model parallelism.

      • Services enabled by technologies for seamless integration of real and virtual worlds, through the convergence with Internet of Things and Internet of Contents.

      • Massive scalability, self-management, verification, validation and fault localization for software-based services.

      • Methods and tools to manage life cycle of secure and resilient Internet-scale applications from requirements to run-time and their adaptive evolution over time.

   3. Advanced software engineering

      • Advanced engineering for software, architectures and front ends spanning across all abstraction levels.

      • Quality measure and assurance techniques which adapt to changing requirements and contexts, to flexibly deal with the complexity and openness of the Future Internet.

   4. Coordination and support actions

      • Support for standardization and collaboration in software and services technologies.

      • Support for the uptake of open source development models in Europe and beyond.

      • Collaboration with Japanese entities on: cloud computing, particularly on common standards for data portability and on interoperability; services having more efficient energy usage.

5. SECURITY PROBLEM OF CLOUD COMPUTING

   In cloud computing, resources are highly centralized, and the super-storage center on the Internet provides storage services for users by virtualization

   technology. On the other hand, data owners care about whether the provider of data storage service will use

   their data, or reveal to the third party without authorization. The trust management between data owners and storage services providers is the essential problem in cloud security, which demands for an effective stipulation of data usage.

   The proposed a data coloring method based on cloud watermarking to solve the trust management issue between data owners and storage service providers. Protecting datacenters must first secure cloud resources and uphold user privacy and data integrity. Trust overlay networks could be applied to build reputation systems for establishing the trust among interactive datacenters.

   A watermarking technique is suggested to protect shared data objects and massively distributed software modules. These techniques safeguard user authentication and tighten the data access-control in public clouds. The new approach could be more cost- effective than using the traditional encryption and firewalls to secure the clouds.

6. METHODOLOGY

   Digital watermarking is a technology of copyright protection, which embeds the copyright information into digital production to avoid, being tampered, peculated, and illegally copied. The main idea of watermarking is to introduce small images or patterns into the data to be watermarked without affecting the data subject to normal use. If an illegal copy occurs, the owner of the data can therefore get watermarks from the illegal data to verify his ownership of the data. Cloud watermarking is a digital watermarking technology based on cloud model, which has widely been applied in text and relation database. Cloud model is a transform model betwen qualitative concepts and quantitative data. The formatted definition is given as follows:

   1. Cloud model

      Let U be a universal set described by precise numbers, and let C be the qualitative concept related to

      U. If there is a number x U, which randomly realizes the concept C, and the certainty degree of x for C,

      i.e., (x) [0, 1], is a random value:

      : U[0, 1], x U x (x)

      The distribution of x on U is defined as a cloud, and every x is defined as a cloud drop.

      In the cloud model, the overall property of cloud drops can be represented by three numerical characters (the expected value Ex, the entropy En, and the hyper-

      entropy He), corresponding to a qualitative concept. Ex is a mathematical expectation of cloud drops of a concept. In other words, a cloud drop located at the Ex point is the most representative value of the qualitative concept. En is a granular measurement of the qualitative concept, which connects both the randomness and the fuzziness of the concept. He is an uncertainty measurement of the entropy, i.e., the entropy of the entropy, showing to what degree a number of cloud drops form a common concept. That is, if He is greater than En, a concept cannot be formed any longer. The uncertainty of a concept can be represented by multiple numerical characters.

      We construct forward cloud generator using second- order normal distribution, and produce a lot of drops that have useful mathematical property[4] based on probability measure space, as illustrated in Algorithm 1.

      On the other hand, based on probability theory, we construct reverse cloud generator to cope with the cloud drops and revert Ex, En, and He, as illustrated in Algorithm 2.

      Algorithm 1: Forward cloud generator. Step 1. Generate a normally distributed random number

      Step 2. Generate a normally distributed random number

      Step 3.

      Step 4. xi with certainty degree of i is a cloud drop in the domain.

      Step 5. Repeat Steps 1 to 4, and generate drops.

      Algorithm 2: Reverse cloud generator

      Step 1. Calculate Mean and variance

      Step 2.

      Step 3.

      Step 4.

      Cloud model can describe the basic determinacy in the uncertain phenomenon [6], and the method accords with the Essential features [11] of digital watermarking technology: 1) Invisibility. Users cannot feel the change of the data embedded with watermarks, i.e., the normal usability of a database should be kept.2) Robustness. The watermark embedded should be able to resist the attack from being deleted, i.e., the watermark still exists when suffering assailant attacks.

      3) Detection ability. It is easy to detect the watermark embedded in suspicious database by checking part of data.

   2. Data coloring based on cloud water-marking

      Compared with traditional digital watermarking, data coloring based on cloud watermarking not just embeds users copyright into data, but colors all of user data. That is to say, not only the whole data is embedded with watermarks, but a fragment is branded. Each user is specified with a special color, which is able to protect copyright and should not affect the normal use of data. The procedure of data coloring based on cloud

      watermarking is expectation (Ex) is provided by data owner; entropy (En) and hyper entropy (He) are produced by negotiation of data owner and service provider. Then, a lot of cloud drops will form by forward cloud generator and are used to color the user data. When the data are used, the cloud drops are extracted from colored data, and Ex, En, and He will be produced by reverse cloud generator. Final color matching will complete the confirmation.

      Fig 1: Flow chart for data coloring based on cloud watermarking

   3. Data coloring parameters

      A cloud watermark is a logo recognized by the society, which is deemed as the sign of user credit and copyright (Ex). It can be an image, a print, a series of chars, etc. Data owner and storage service provider negotiate together En and He can be used to transform a certain print to uncertain print drops, which will also affect the discernment of the paint. Fig.2 shows different paint drops according to different En (set He = 0). It is apparent in Fig.2 that the paint is relatively clear when En0.1; on the contrary, the paint becomes unclear with atomization. We also compute the entropy of each cloud drop (En) and compare the difference between En and En.

      Fig 2: Paint drops with different En

   4. Data coloring

      Forward cloud generator is used to produce a drop of each pixel of a pixel matrix, and a new paint will be formed after traversing the matrix (see Fig. 3). The paint taking the type of a drop could be embedded into any location of a fragment of data. Moreover, all user data are embedded with cloud drops of user watermarks which reflect the expectation, entropy, and hyper entropy of the watermark information. Interestingly, there is no conventional encryption and decryption in the process of data coloring.

      Fig 3: Nine paint drops(En=0.1, He=0)

      In the process of data coloring, the location of the watermark to be embedded and the algorithm for embedding are decided by a users requested security strength and allowable expense. Security strength will determine extra storage space, and algorithm complexity will decide time expense of data accessing.

      At present, most of the watermarking algorithms focus on multimedia data, especially on digital images. The common digital watermark embedding algorithms include airspace algorithm, patchwork algorithm, nippon electric company (NEC) algorithm, physiological model algorithm, etc. According to the different data source type (such as image, video, audio, and text), different embedding methods will be adopted. In our view, the colored data is also usable, so the watermarking changes the original data only with a subtler granularity. The granularity is decided by data source type. For a group climate data, in order to ensure the usability of data, we can embed watermarks by adding tails into data that only change the precision rather than the correctness.

   5. Watermark detection

      When users coloring data are used illegally, paint drops could be extracted from the data according to the selected embedding algorithm. Then, Ex, En, and He of these paint drops are computed by reverse cloud generator. When Ex is compared with the original user paint, the confirmation is completed. Because of the universality of data coloring and the basic certainty hiding in the uncertainty represented by cloud model, the process can be applied even to part of users data. When En = 0:1, the result of the experiment is illustrated in Fig. 4. The difference of watermark features decides different demands on sampling data. In this experiment, when the ratio of sampling data exceeds 50%, the paint watermark can still be distinguished.

      Fig 4: Experiment result

      Digital watermarking technology is mainly composed of three parts: watermark producing, watermark embedding, and watermark detection. Most of the algorithms are certain, and the whole process is reversible. Thus, the attacker can seek the vulnerability from multiple angles. Once the content of embedded watermark is open, the attacker will make use of it to

      crack the embedding algorithm. However, the watermark should be open and recognized by people as the users logo and credit. Encrypting of watermark will increase extra expenses on encryption and decryption, and the encrypting algorithm is also certain and reversible. Cloud watermarking turns a certain watermark into uncertain watermark drops. Cloud drops are produced randomly, but a large number of drops can guarantee the basic certainty of a watermark. Cloud watermarking utilizes the robustness of human discrimination, and transforms user logo (Ex) into a series of random realization by means of normal

      distribution. The process is uncertain and irreversible. Combining the mature embedding algoithm, it can protect user copyright more efficiently in cloud computing.

7. EXPERIMENTAL EVALUATION

   We also compute the entropy of each cloud drop (En) and compare the difference between En and En. The experiment result is illustrated in Table 1, and the curve of average error is shown in Fig .5.

   Table 1: Experimental result

   Fig 5: Error curve

8. SCOPE OF WORK

   With arrival of cloud computing the conventional way of computing has gone for a sea change. And this new addition in the computing is not a flash in the pan as it is going to rule the roost in the future. As per some expert opinions, it is going to be the face of future cloud computing. And hence, the future of cloud computing seems very promising.

   As per some surveys conducted by leading organizations, 70% of Americans will be getting benefited from cloud and it various applications in next

   decades for official and personal use. And this is not an overestimate or exaggeration, as we are already using cloud and its applications in one form or another. Using email and connecting to social media through smart phones, watching movies over smart phones and uploading and accessing pictures from websites like Flicker are common examples of cloud computing in our day-to-day life.

   Let us have a look on what makes the future of cloud computing so bright.

   Presence of Internet will boost its future: The cloud computing will becomes all the more important with the omnipresence of high-speed, broadband Internet. Slowly but steadily we are getting closer. Even airlines are offering satellite based Wi-Fi services in flights. In a mass drive to connect every village with Internet wireless Internet services are offered through the help of satellite, although speed is a bit slow. This increasing presence of Internet is opening new vistas in educations and healthcare. With the help of cloud computing we can use these services at a little cost.

   No more software updates: Most of the computer professionals loose lots of their time and efforts downloading different versions of software so that they can access the various programs and data with little efforts. Most of the softwares are on the cloud servers

   so you don't need to down and install for little use. So, whether you want to access emails or go through spreadsheet, it has become fun with the arrival of cloud computing. As per some estimates a sizable number of softwares will be delivered through the Internet.

   Hardware optional: With the arrival of cloud computing it is no longer necessary to purchase hard drives with large storage capacity, as it can be stored on cloud. So keep the fear of loosing your data away. All your data with complete back up can be stored on the cloud. So with rising popularity the computers will act as an interface to communicate with cloud Computing. Entertainment unlimited: As hardware is no more mandatory, so there is no limit on entertainment options. Uploading latest software and buying games from the market is going to be things of the past. In the future, there will be mobile 3D games to entertain your kids.

   Medical treatments simplified: The future of cloud computing is not confined to entertainment and gaming options as it can contribute massively in the fields of medical sciences as well. As most of the contemporary treatment require computer assistance, as data have to be searched for various things like DNA samples and other biochemical procedures and hence cloud computing is going to play its part in the most of the therapies. In addition, it will make easy the task of data processing.

   Weather Forecasting: It is believed that with increased level of computing coupled with improved climate models it will be lot more easy makes weather forecasts.

   Education for all: With lot of educational institutions offering free course material for everyone over the Internet it is here cloud computing can play a great role delivering education on the doorsteps of learners over an interface. In addition, it will be a giant leap towards digitalization of education. So what if you have not secured admission at a reputed university, you can learn various things over computer with Internet connection.

   Freedom from Wallets: With the advent of mobile phones the concept of traditional wallets has gone for toss. Now everything right from your contact details to your shopping related needs and you air ticket for vacations to clicking the pictures of happy moments, everything can be done by you smart phone. The cloud has made it possible. It is possible in the futures that you can store all you valuable documents like driving license and voter identity with the help of your smart phone.

   Get your location: The location services offered by some social networking sites like twitter in US and

   Four square assist helps people to locate their family and friends. With the help of cloud computing, the locations services are going to be better for sure. Now it can be used in rescuing operations to finding the location of the victims.

   A boon to Digital media: Arrival of cloud could be a boon for the digital media. Now independent artists and creative writer can reach to more and more peoples and thus ending the monopoly of certain media organizations. The rising competition will open the floodgates of the creative writers and digital media content providers. If all the content is not for free the users can at least find out from where to by this music or a book and thus saving their lot of time and efforts. In the coming years, buying DVD from a market and endless cue at a cinema hall is going to be obsolete.

   A new age safety system: With the help of cloud computing, records of cars including number. Driving license and address detail of the owner can be stored on the cloud in case the car is stolen one and recovered by some security agency in far off locations, they can instantly inform the owner of the car. It also lessens the burden of the various police and security organizations in a given region. Like wise complete details of all the population of a county that including Fingerprint and DNA records can be given. It will help recruiters in doing background checks before giving employment to candidates. It will help reduces theft and misconduct in some cases.

9. CONCLUSION

With the development of cloud computing, cloud security remains as a hot spot issue. Cloud computing is actually not a new special weapon for solving security problem. Until now, software vulnerabilities and viruses still exist on the Internet, but the security can be regarded as a service provided by special security centers in cloud computing. In general, cloud security is not same as computer security, network security, and data security; it is not a simple technical problem in essence. This paper tries to provide a new insight into the essence of cloud security, and proposes a data coloring method based on cloud watermarking, which can be applied to solving the trust management between data owners and service providers. The experimental result shows that the process is uncertain and irreversible, and the robustness of reverse cloud generator can guarantee users embedded social reputation identifications. Although cloud computing has already affected daily lives, such as online shopping, online office, email, etc., but many users still doubt about its security. Same as good safety and reliability, reputation is also an important guarantee for

service providers, and it is the trusted computing in cloud computing. In the future, we will conduct more experiments in cloud computing centers, and test the performance of our approach, which may provide a reference solution for cloud security.

REFERENCES

[1]. M. Miller. Cloud Computing: Web-based Applications That Change the Way You Work and Collaborate Online, USA: QUE, 2008.

[2]. Y. Zhang, D. N. Zhao, D. Y. Li. Watermarking relational databases. Journal of PLAUniversity of Science and Technology, vol. 4, no. 5, pp. 1- 4, 2003.(in Chinese)

[3]. E. Bertino. Data security. Data & Knowledge Engineering, vol. 25, no. 1-2, pp. 199-216, 1998.

[4]. D. Y. Li, Y. Du. Artificial Intelligence with Uncertainty, New York, USA: CRC Press, 2007.

[5]. C. Rey, D. Jean-Luc. A survey of watermarking algorithms for image authentication. EURASIP Journal on Applied Signal Processing, vol. 2002, no. 1, pp. 613-621, 2002.

[6]. D. Y. Li, X. M. Shi, H. J. Meng. Membership clouds and membership cloud generators. Computer Research and Development, vol. 32, no. 6, pp. 15-20, 1995. (in Chinese)

[7]. S. E. I. Baba, L. Z. Krikor, T. Arif, Z. Shaaban. Watermarking of digital images in frequency domain. International Journal of Automation and Computing, vol. 7, no. 1,pp. 17-22, 2010.

[8]. G. Lo-Varco, W. Puech, W. Dumas. Content based watermarking for securing color images. Journal of Imaging Science and Technology, vol. 49, no. 5, pp. 464-473, 2005.

[9]. X. Kong, R. Feng. Watermarking medical signals for telemedicine. IEEE Transactions on Information Technology in Biomedicine, vol. 5, no. 3, pp. 195-201, 2001.

[10]. Z. H. Zhang, X. M. Jin, J. M. Wang, D. Y. Li.

Watermarking relational database using image. In Proceedings of the 3rd International Conference on Machine Learning and Cybernetics, IEEE, Shanghai, PRC, vol. 3, pp. 1739-1744,2004.

[11]. R. Agrawal, J. Kiernan. Watermarking relational databases. In Proceedings of the 28th VLDB Conference, ACM, Hong Kong, PRC, pp. 155-166, 2002.