Aes based secured framework for cloud databases
0 likes27 views
This document presents a novel architecture for adaptive encryption of databases in public clouds. It proposes using the Advanced Encryption Standard (AES) algorithm to encrypt data before it is sent to cloud servers. The architecture allows SQL queries to be run directly on the encrypted data through the use of encrypted metadata. This provides confidentiality without requiring intermediate servers. The scheme aims to balance security, performance and cost for cloud database workloads through adaptive encryption techniques. It analyzes the encryption and adaptive encryption costs from a research perspective.
Aes based secured framework for cloud databases
- 1. Thottambedu Kataiah, Prudhvi Munisekhar, International Journal of Advance Research, Ideas and Innovations in Technology. © 2017, www.IJARIIT.com All Rights Reserved Page | 1494 ISSN: 2454-132X Impact factor: 4.295 (Volume 3, Issue 6) Available online at www.ijariit.com AES based Secured Framework for Cloud Databases Kataiah Thottambedu Shree Institute of Technical Education, Tirupati, Andhra Pradesh kata09573@gmail.com Munisekhar Prudhvi Shree Institute of Technical Education, Tirupati, Andhra Pradesh munisekharprudhvi@gmail.com Abstract: A Cloud database management system is a distributed database that delivers computing as a service (Caas) instead of a product. Improving confidentiality of information stored in a cloud database .It is a very important contribution to the cloud database. Data encryption is the optimum solution for achieving confidentiality. In some normal methods, encrypt the whole database through some standard encryption algorithm that does not allow in SQL database operations directly on the cloud. This formal solution affected by workload and cost would make the cloud database service inconvenient. I propose a novel architecture for adaptive encryption of public cloud database. Adaptive encryption allows any SQL operation over encrypted data. The novel cloud database architecture that uses adaptive encryption technique with no intermediate servers. This scheme provides cloud provider with the best level of confidentiality for any database workload. I can determine the encryption and adaptive encryption cost of data confidentiality from the research point of view. Index Terms Adaptive encryption Technique, AES (Advanced encryption Standard), Metadata. Keywords: AES, Cloud Computing, Cloud Databases. I. INTRODUCTION The most thorough security controls needed to protect the most sensitive data may not be guaranteed in public cloud computing architectures, while they can be realized in private cloud computing architectures. These days, you’re frequently processing, storing, or transmitting data that are subject to regulatory and compliance requirements. When that data falls under regulatory or compliance restrictions, your choice of a cloud deployment (whether private, hybrid or public) hinges on an understanding that the provider is fully compliant. Otherwise, there’s the risk of violating privacy, regulatory or other legal requirements. The implications for maintaining the security of information are significant when it comes to privacy. Today almost all PC users have access to the internet. More and more users are using at least some cloud services, like e-mail, Facebook, Google Docs and so forth. But not only private users are switching to cloud services, also companies and governments are adopting them. Cloud computing offers many benefits for its users, e.g. cost savings, increased flexibility and ubiquitous access to the data just to mention a few. There have been enough privacy violations outside the realm of cloud computing for there to be concern about any system—cloud-based or traditional—when storing, processing or transmitting sensitive information. The cloud has its own examples as well. In 2010, several cloud privacy information exposures occurred with a number of cloud-based services, including Facebook, Twitter, and Google. Privacy concerns within the cloud model aren’t new. As a tenant with legal privacy obligations, your handling of privacy issues is no different if you use the cloud. Just as you wouldn’t store such information on a server without adequate controls, you wouldn’t select any cloud provider without verifying it meets the same benchmarks for how it protects data at rest, in transmission or while processing. Your policies may exclude any external provider managing sensitive information for you, including cloud providers. While there may be a perception that the computer on your desk is safer than a public cloud, it’s probably not (unless you’re taking unusual technical and procedural precautions). Safety and governance are two separate issues, and as part of due diligence, you’ll need to fully understand your provider’s privacy governance, as well as its security practices and guidelines.
- 2. Thottambedu Kataiah, Prudhvi Munisekhar, International Journal of Advance Research, Ideas and Innovations in Technology. © 2017, www.IJARIIT.com All Rights Reserved Page | 1495 A. Cloud Computing Technology: Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network Cloud computing provides computation, software, data access, and storage services that do not require end-user knowledge of the physical location and configuration of the system that delivers the services. Parallels to this concept can be drawn with the electricity grid, wherein end-users consume power without needing to understand the component devices or infrastructure required to provide the service. Cloud computing is different from hosting services and assets at ISP data center. It is all about computing systems are logically at one place or virtual resources forming a Cloud and user community accessing with intranet or Internet. So, it means Cloud could reside in-premises or off premises at service provider location. There are types of Cloud computing like 1. Public clouds 2. Private Clouds 3. Inter-clouds or Hybrid Clouds, B. Cloud Working Progress: Cloud computing has been changing how most people use the web and how they store their files. It’s the structure that runs sites like Face book, Amazon, and Twitter and the core that allows us to take advantage of services like Google Docs and Gmail. But how does it work? Before we dig further into how does cloud computing work, first let’s understand what the term ―cloud―refers to. The concept of the cloud has been around for a long time in many different incarnations in the business world. It mostly means a grid of computers serving as a service oriented architecture to deliver software and data. Most websites and server-based applications run on particular computers or servers. What differentiates the cloud from the way those are set up is that the cloud utilizes the resources from the computers as a collective virtual computer, where the applications can run independently from particular computer or server configurations. They are basically floating around in a ―cloud of resources‖, making the hardware less important to how the applications work. With broadband internet, the need to have the software run on your computer or on a company’s site is becoming less and less essential A lot of the software that people use nowadays are completely web-based. The cloud takes advantage of that to bring it to the next level. C. Characteristics of Cloud Computing: Characteristics Cloud computing is cost-effective. Here, the cost is greatly reduced as an initial expense and recurring expenses are much lower than traditional computing. Maintenance cost is reduced as a third party maintains everything from running the cloud. The Cloud Computing Confidentiality Architecture 2. PROPOSED ALGORITHM Advanced Encryption Standard: It also uses Symmetric Key Algorithm. AES uses 128, 192, or 256-bit length keys. Adopted by National Institute of Standards and Technology (NIST) on May 26, 2002. AES uses the Rijndael algorithm developed by Joan Daemen and Vincent Rijmen of Belgium. AES is a simple design, a high speed algorithm, with low memory costs. AES is a symmetric block cipher. The same key is used to encrypt and decrypt the message. The plain text and the cipher text are the same sizes. AES is restricted to use a block size of 128 bits with AES uses permutation substitution method which involves a series of substitution and permutation steps to create the encrypted block.
- 3. Thottambedu Kataiah, Prudhvi Munisekhar, International Journal of Advance Research, Ideas and Innovations in Technology. © 2017, www.IJARIIT.com All Rights Reserved Page | 1496 AES encryption, on the other hand, is still not breakable through there are some theoretical discussions about breaking the AES is relatively new. The time required to check all the possible keys at 50 billion keys per second. A. Adaptive Encryption Schemes: Adaptive encryption methods for public cloud database service, where distributed and concurrent clients can issue direct SQL operations. By avoiding an architecture based on one or multiple intermediate servers between the clients and the cloud database, the proposed solution guarantees the same level of scalability and availability of the cloud service a scheme of the proposed architecture where each client executes an encryption engine that manages encryption operations. This software module is accessed by external user applications through the encrypted database interface. 3. IMPLEMENTATION A. Modules and Module Description 1. User Application: First of all the client has to select the data. The data re useful for the clients in the cloud. The original data is not transferred to the server directly. Before that client has to encrypt the data and then transfer it to the server, because of this encryption the data is very secure. And also the metadata is created. Using the metadata the server can verify easily. 2. Client-Side encryption: Engine sending original data to the server is vulnerable to the data. To avoid this problem the original data should be encrypted. Also, the client can’t send the original Meta data to the server. The metadata is also encrypted for the security purpose. These processes are done in the client side encryption engine. 3. Client Encrypted Database Interface: These encrypted original data are transferred to the server. And the encrypted metadata are also transferred to the server. Using the metadata the client request is processed on the server side. The data are stored in the data base. The searching process is done over the encrypted metadata. Metadata is useful forget the encrypted original data to the client. 4. Cloud Database Engine: The client request is generated on the client side. And this request is transferred to the server. The server searches for the related data to the query. This searching is done by the encrypted metadata. Using the Meta data the original data is referred to the server side. And transfer the encrypted metadata to the client who sends the request to the server. Using the encrypted data the client decrypts and get the original data. Cloud Authentication and Connection Services The client receives the data from the server. And get the key for decrypting the data. Using the key the data is decrypted. The original data is visible to the client only. Server transfers the data to the client. But the client does not know about the original data. Using the security and the metadata the data is transferred to the client. B. Results:
- 4. Thottambedu Kataiah, Prudhvi Munisekhar, International Journal of Advance Research, Ideas and Innovations in Technology. © 2017, www.IJARIIT.com All Rights Reserved Page | 1497 4. CONCLUSION Data confidentiality is very important in sharing. The data is encrypted on client side and transferred to the server. Then client sends request to the server. Server processing for that request and transfers it to the client. Then client uses the key and decrypts the data. REFERENCES 1) R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, ―Cloud computing and emerging it platforms: Vision, hype, and reality for delivering computing as the 5th utility,‖ Future Generation Computer Systems, vol. 25, no. 6, pp. 599– 616, 2009. 2) T. Mather, S. Kumaraswamy, and S. Latif, Cloud security and privacy: an enterprise perspective on risks and compliance. O’ReillyMedia, Incorporated, 2009. 3) H.-L. Truong and S. Dustdar, ―Composable cost estimation and monitoring for computational applications in cloud computing environments,‖ Procedia Computer Science, vol. 1, no. 1, pp. 2175 – 2184, 2010, iCCS 2010. 4) Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R. et al. (2009). Above the clouds: A Berkeley view of cloud computing. eeCS Department, University of California, Berkeley, Tech. Rep. UCB/eeCS-2009-28. 5) Baralis, e. and Chiusano, S. (2004). Essential classification rule sets. ACM Transactions on Database Systems, 29(4): 635-674. 6) Bardin, J., Callas, J., Chaput, S., Fusco, P., Gilbert, F. et al. (2009). Security Guidance for Critical Areas of Focus in Cloud computing v2.1, Retrieved January 28, 2010, from Cloud Security Alliance, from http://www.cloudsecurityalliance.org/guidance/ 7) NIST SP 800-145, ―A NIST definition of cloud computing‖, http://csrc.nist.gov/publications/ drafts/ 800-145/ Draft-SP- 800-145_cloud-definition.pdf
- 5. Thottambedu Kataiah, Prudhvi Munisekhar, International Journal of Advance Research, Ideas and Innovations in Technology. © 2017, www.IJARIIT.com All Rights Reserved Page | 1498 8) NIST SP 800-146, ―NIST Cloud Computing Synopsis and Recommendations‖, http://csrc.nist. gov/ publications/drafts/800-146/Draft-NIST-SP800-146.pdf 9) NIST SP 800-53, ―Recommended Security Controls for Federal Information Systems and Organizations, http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final_ updated-errata_05-01-2010.pdf 10) Federal Cloud Computing Strategy, http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf 11) Chief Information Officers Council, ―Privacy Recommendations for Cloud Computing‖, http://www.cio.gov/Documents/Privacy-Recommendations-Cloud-Computing-8-19-2010.docx