SlideShare a Scribd company logo

B018211016

IOSR Journals, profile picture
IOSR Journals

This document proposes a novel framework for dependable cloud computing. It discusses security risks associated with cloud computing including vulnerabilities, accessibility issues, authentication, data tampering and privacy concerns. The framework aims to address these issues by involving all stakeholders to securely store and transfer encrypted data between private clouds and cloud service providers. An encryption system was designed using Java programming to encrypt and decrypt data in transit to test the dependability of stored and transferred data from the cloud. The goal is to improve security techniques and build trust in cloud computing by preventing and detecting security flaws.

Technology
1 of 7
Download to read offline
1
2
3
4
5
6
7
IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 2, Ver. I (Mar-Apr. 2016), PP 10-16 www.iosrjournals.org DOI: 10.9790/0661-18211016 www.iosrjournals.org 10 | Page A Novel Framework for Dependable Cloud Computing Dr. Roy Joel Ureigho1 , Edje Abel2 , Felix Elugwu3 1 Department of Computer Science and Informatics, Federal University Otuoke, P.M.B. 126, Yenagoa. Bayelsa State, Nigeria. 2 Department of Mathematics and Computer Science, Delta State University, Abraka. Delta State, Nigeria. 3 Department of Computer Science, Delta State Polytechnic, Otefe-Oghara. Delta State, Nigeria. Abstract:The cloud computing is one technology that has taken the computing world by storm with potent opportunities that are so tempting to ignore. Yet many are skeptical about its adoption because of the many problems that came with internet usage. The belief is that since cloud computing is an offshoot of internet, there are possibilities of multifaceted problems possibly inherited from Internet. They opined that since data will be under the care of cloud service provider, there will be likelihood of compromising data integrity and other security risks. In this work, a framework for dependable cloud computing was designed in such a way that all stakeholders have one part or the other to play to ensure the security of data.An encryption system was designed to encrypt and decrypt data in transit between the client private cloud and the cloud service provider. This ensures that data is delivered to the service provider in encrypted form. Since the task of securing the data stored has the involvement of all stakeholders, it increases the trust level thereby making it dependable. Keywords: cloud computing, dependable cloud computing, internet, security I. Introduction Cloud computing is a technology that is so equally transformational and feared by many. It is hard to find any other comparable technology both now and in the past which has the power to positively re-engineer the manner that technology supports organizational goals. But possibly by a combination of issues such as negative pundit messaging and well-founded suspicion of wide-scale technology and organizational readiness, cloud computing appears to be the most feared of the big technology innovations. In a world that sees new technological trends bloom and fade out almost on daily basis, one new trend promises more longevity. This is because it extends the Internet capabilities. This trend is called cloud computing, and it will change the way we use computer and the Internet. Just as the benefits are obvious, however, so too are the security concerns.Cloud computing is based on open system architecture where costumers‟ data and program reside in cloud service provider premises. That‟s the reason why security is a major issue. Stakeholders always find themselves asking various question before they adopt cloud computing. Cloud computing shares in common with other network-based application, storage and communication platforms certain vulnerabilities in several broad areas:  Web application vulnerabilities.  Accessibility vulnerabilities.  Authentication of the respondent device or devices.  Data Verification, tampering, loss and theft while on a local machine, or in transit, or at rest at the unknown third-party device, or devices, and during remote back-ups.  Physical access issues, both the issue of an organization‟s staff not having physical access to the machines storing and processing a data, and the issue of unknown third parties having physical access to the machines.  Privacy and control issues stemming from third parties having physical control of data. Many prospective adopter of cloud computing are curious about what will happen to their data/information when it is hosted in the cloud. How would they be harmed if an employee of the cloud service provider or any other outsider accessed and manipulated their data/information? What will happen if as at the time they need the stored data, it is not available for that period? These are some of the basic questions that often arise in the mind of any prospective adopter of cloud computing. The significance of this work is to contribute techniques to improve the vulnerability of cloud computing. In improving the techniques that prevent and detect security flaws, it is hoped that cloud services can justifiably be relied upon that is it can be considered dependable. The security model designed is also a significant advance in security of cloud computing. II. Related Works
A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 11 | Page There are others who have carried out various studies successfully in cloud computing security. IBM developed a secured hypervisor called sHype to help solve the problem of separating private data between Virtual Machines, virtualization containment attacks and hypervisors attack against Virtual Machine (VM) [1]. [2]in their work proposed a trusted cloud computing platforms using Trusted Computing Group specifications.[3]presented the technical security issues in Cloud Computing; however, these issues are more related with the problems of web services and web browser and not of Cloud Computing. [4]in his work titled “building trust into utility cloud computing” also proposed Private Virtual Infrastructure (PVI) and Locator Bot as a means of securing data processed by the VMs in the cloud. The various implementation strategies of securing cloud computing by these researchers form the basis for this study. They provided the needed platform for future work as their method of cloud security implementation serve as reference point.[5]discussed key challenges in achieving a trusted cloud through the use of detective controls, and presents the TrustCloud framework, which addresses accountability in cloud computing via technical and policy based approaches. III. Risks And Security Concerns With Cloud Computing Many of the risks frequently associated with cloud computing are not new, and can be found in enterprises today. Some examples of cloud computing risks for the enterprise that need to be properly managed include:  Choice of trusted cloud service provider based on history and sustainability. Sustainability is of particular importance to ensure that services will be available and data can be tracked.  The responsibility of information handling is transferred to the cloud provider, which is a critical part of the business. Failure to perform to agreed-upon service levels can impact not only confidentiality but also availability, severely affecting business operations.  The dynamic nature of cloud computing may result in confusion as to where information actually resides. When information retrieval is required, this may create delays.  High risk of compromise to confidential information since sensitive information is kept under the control of a third-party. This can pose a significant threat to ensuring the protection of intellectual property (IP) and trade secrets.  Technical risks such as data leakage, distributed denial of service attacks, loss of encryption keys, and conflicts between customer hardening procedures and cloud platforms.  Legal risks such as data protection and software licensing risks. Risks not specific to the cloud such as network problems, unauthorized access to data centers, and natural disasters [6]. IV. Dependable Cloud Computing While there is no universally accepted definition of dependable cloud computing, it is important to clarify its components and meaning. In dictionaries, dependable is synonymous with reliable. Therefore, we can view dependable cloud computing as cloud computing which everybody (mainly consumers or information owners) can relied on to do what they want or need with all the security concerns adequately taken care of and data integrity is not compromised. Security concerns of cloud computing has been one of the drawbacks affecting the full adoption of cloud computing by many organisations [7]. As long as internet has been accepted by all, cloud computing will soon become the order of the day! This is due to the cost savings that is associated with cloud computing. Users of cloud computing have low technical cost of ownership (TCO) as compared with those using conventional computing. Dependable cloud computing can be achieved with the following components:  Security: there must exist mechanisms (e.g. encryption) which make it extremely difficult or uneconomical for an unauthorised person to access some information  Privacy: protection against the exposure or leakage of personal or confidential data (e.g. personal identifiable information (PII)).  Accountability: the obligation and/or willingness to demonstrate and take responsibility for performance in light of agreed upon expectations. This goes beyond responsibility by obligating an organisation to be answerable for actions.  Auditability: It allows an action to be reviewed against a pre-determined policy to decide if the action was compliant, and if it was not, to hold accountable the person or organisation responsible for the action [5]. V. The Design Of Encryption System An encryption system was designed to test the dependability of the data stored and/or transferred from cloud. The programming language suitable for designing encryption system must have security API for accessing and developing cryptographic functionality. Java programming language on NetBeans IDE was used
A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 12 | Page for the design. This is because Java has security API built around the java.security package (and its subpackages) and it also has Java Cryptography Extension (JCE) which extends the Java Cryptography Architecture (JCA) API to include APIs for encryption, key exchange, and Message Authentication Code (MAC). The Object Oriented Methodology (OOM) was used for this system development. The underlying idea of OOM was to create the logical design from a physical design based on observing the properties of the "real world". OOM is a new system development approach encouraging and facilitating re-use of software components. With this methodology, a computer system can be developed on a component basis which enables the effective re-use of existing components and facilitates the sharing of its components by other systems. Through the adoption of OOM, higher productivity, lower maintenance cost and better quality can be achieved. This methodology employs international standard Unified Modeling Language (UML) from the Object Management Group (OMG). The system analysis stage involves two distinct stages: 1. The preliminary study of the system 2. The detailed analysis of the system Preliminary Study of the System: This involves the problem identification and definition, specifying objectives, establishing technical feasibility and making preliminary cost. It also includes benefit estimates and estimating schedules. Detailed Analysis of the System: This is the second stage of the analysis of the system. Here, the user requirements were identified, and the methods and procedures of the new system were established. The process involves collection of facts and analysing the facts collected. Figure 1: Collaboration diagram of the proposed system Figure 1: Collaboration diagram of the proposed system VI. Development Of System Requirement At this stage, the requirements for the system were developed. These include input and output requirements. Input Requirements Analysis: In order to produce the required output, the input necessary for the output was specified and designed. The input screens are all user-friendly to make usage easy for all kinds of users. The inputs for the encryption system are in two forms; unencrypted format and the encrypted format. Input from the client end into the datacenter in the cloud are unencrypted and the data are of text , files in the form of audio, video, graphics, databases and any other format that the user may want to store in the cloud. When a client requests for stored data from the cloud, they are delivered in the form of cipher text and needs to be decrypted Locality Datacenter Viewing Corporate Portal Server Virtual Servers in cloud 1. Create/Generate sk 2. Modify Existing sk 3. Send encrypting request 1. Verify sk 2. Send decrypted data Viewallcreatedsk Cloud Service Provider’s endCloud Service User’s end Encrypteddata forstorage 1.Verifyowner’sid 2.Sendrequested encrypteddata Actor Encrypted data sent Encrypted data received
A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 13 | Page for the client to understand them. In this case, the input to the system is the encrypted file been sent from the cloud. The system then decrypts this file before they are sent to the client. See Fig. 1. Output Requirements Analysis: The logical place to begin a detailed study of the system requirements and the design of the entire system is the output. The output display is designed in such a way that is user- friendly and suitable for use by both expert and novice users. The output of the encryption system to the cloud server is in encrypted form. The output to the client whenever a request is made to the cloud is unencrypted file which is decrypted by the proposed encryption system as shown in Fig. 2. The system designed is only intended to serve various encryption operations at the cloud users‟ end and not in the service provider‟s cloud. It is expected that users of cloud services should ensure that the data being uploaded into the cloud (i.e. data in transit) are reasonable secured. This system is built into the customer‟s internal private cloud (a kind of LAN). It is depicted as „Security Policy Cust-X‟ in Fig. 3. It must be noted that Cust-A‟s security policy may not be the same for Cust-B. The kind of security policy employed by each customer is a function of the sensitivity of data in question and the business rule of such customer Figure 2: Block diagram of the proposed system Figure 3: Dependable cloud computing physical model VII.The Algorithm Customer D DMZ Customer C DMZ Customer B DMZ Cloud Service Provider Strong Room SAN Cust A Customer mgt Net SAN Cust B External private cloud Internal Private Cloud Cust B Port group A Customer A Customer B SSL VPN Port group B Port group DPort group C Customer C Customer D Private Virtual Domain Customer A DMZService Provider Security Gateway Network (protected) Service Provider Cloud DMZ Network (external) Service Provider Cloud Gateway Security Policy Cust-B Internal Private Cloud Cust A Security Policy Cust-A Security Policy Cust-C Security Policy Cust-D Internal Private Cloud Cust D Internal Private Cloud Cust C
A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 14 | Page In this algorithm, the client is depicted with CT and server in cloud as SIC. 1. CT ← {sk, pk} The client takes as input a security parameters secret key sk and public key pk. The public key pk is sent to SIC while it stores the secret key sk 2. CT: {sk, pk, F, info, M}← SIC: {E(F), E(info), E(M)} The client prepares part of its file F for storage in SIC which is not trusted. As input, it takes a secret key and public key, part of the file F with the definition info of the update to be performed and the previous metadata M. The output sent to SIC is encrypted version of F, info and M as a request for update. 3. SIC: {pk, Fi-1, Mi-1, E(F), E(info), E(M)← CT: {F, Mi, M’c, PM’c} The server in response to update request by client sends the new version of F and M together with the metadata M‟c and its proof PM‟c. The input in SIC are the public key pk, the previous version of F and M which are Fi-1, Mi-1 and the client provided values E(F), E(info) and E(M). 4. CT: {sk, pk, F, info, Mc, M’c, PM’c}← SIC:{accept, reject} CT: {sk, pk, Mc}← SIC: {c} The client verifies the server‟s behaviour during update. The CT has all the previously sent input from SIC in (3) above, it then sends acceptance or rejection signal to the server. Then, there is a probabilistic procedure run by CT to create a challenge for SIC by sending 5. SIC: { pk, Fi, Mi, c}← CT: {P} Upon the receipt of a challenge c, SIC sends proof P to client. 6. CT: {sk, pk, Mc, c, P}← SIC: {accept, reject} Once the proof P is received by CT, it then send accept or reject signal. If accept, then the off-loading commences, it is otherwise if reject signal is sent. The data is then migrated to CTVID (cloud trusted virtual infrastructure datacentre) where dependable virtual infrastructures are based Client Server in Cloud {sk,pk,F, info, M} {sk, pk} {E(F), E(info), E(M)} {pk} {sk, pk, info, Mi, M‟ c, PM‟c} {Fi-1, Mi-1, E(F), E(info), E(M)} {sk, pk, Mc, c, P} {Fi, Mi, Mc, Pc} {accept, reject} {sk, pk, Mc} {c} {pk, Fi, Mi, c}{P} {accept, reject} Migrate to CTVID Figure 4: Sequence diagram of client off-loading files to server in cloud for further migration to CTVID As the data owner or client initiates a request for file retrieval from server in the cloud (SIC), the following adding processes take place in order to transfer the file from the destination platform (DP) which has a direct connection with the SIC (server in cloud) to the CT (client) : 1. CT: {sk, pk, Mc, info}← SIC: {E(info), c}
A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 15 | Page The client requests part of the file from SIC along with associated proof. It takes the sk, pk and the latest clients metadata Mc and the information about what to request as input and output the encrypted information and an associated challenge c that is then sent to the server. 2. SIC: {pk, Fi, Mi, E(info), c}← CT: {F’E(info), P} Once the retrieval request is received from CT by the SIC, it takes as input the pk, the latest version of the file and metadata, the information about request and the challenge c and then out the requested file along with the proof P to the client CT. 3. CT: {sk, pk, Mc, info, c, F’E(info), P}← SIC: {F} After the client has received the part of the file and its associated proof P from the server, it takes as input the sk, pk, the client metadata Mc, the request information info, the challenge c, the part of the file F‟E(info) and the proof P sent by SIC. CT then checks if the proof corresponds to the part of file that is received and output the decrypted file otherwise the client output null. Figure 5: The architecture of dependable cloud computing The user connects the cloud service provider‟s server via its own security policy and server tier firewall rules that are defined within a vApp. This security policy includes server security patch levels, anti-virus status and file-level access restrictions. The dependable cloud computing model in Fig. 5provides a method to communicate the policies and server tier firewall rules. The cloud service provider needs to validate the patch level and security level prior to bringing user‟s data into the server in the cloud. Data from the user‟s DMZ area are validated in order to mitigate any security violations according to each user‟s security profile.The cloud service provider also separates and isolates the resources each customer virtual machine uses from other customers‟ virtual machine resources to prevent DDoS attacks. These attacks are usually caused by log files not having limits or CPU or memory utilization increasing on a single virtual machine through memory leaks or poorly behaving applications. In order to ensure data security, the cloud service provider provides access paths to only the physical servers that must have access to maintain the desired functionality by using zoning system via SAN N-Port ID virtualization (NPIV). The SAN (storage area network) is within the user‟s network.This architecture also provides a method to communicate the access controls and authentication needs to the cloud service provider. The dependable cloud computing model in Fig. 5 shows how the user access is controlled in the cloud environments require. Cloud provider defines a virtual machine identity that ties each virtual machine to an asset identity within the provider‟s virtual infrastructure. Based on this identity, cloud service providers are able to assign user, role and privilege access within the extended infrastructure to provide role-based access controls. Service providers can prevent cloning and copying of virtual machines using a combination of virtual machine identity and server configuration management policies. VIII. Conclusion This work represents a new paradigm of information protection and security in cloud computing. We examined and defined a new model for dependable cloud computing and addressed the core security challenge of cloud computing with multi-tenancy. We have shown that using dependable computing technologies where clients and service providers ensure conformity to security rules in the cloud computing environment can benefit all. Making cloud computing dependable cannot be left in the hands of service providers alone, consumers have to play their own role so that data integrity is maintained uncompromisingly while enjoying the benefits that cloud has provided.
A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 16 | Page Therefore, as a rule, security concerns should not be a block to the adoption of Cloud Computing. While the Cloud has unique challenges, those challenges do not mean it is inherently insecure. The cloud computing has come to stay; making it dependable and trustworthy is a task that can be done. References [1]. R. Sailer,E. Valdez, T. Jaeger, et al., sHype: Secure hypervisor approach to trusted virtualized systems,RC23511, IBM, Yorktown Heights, NY 2005. (On-line:http://www.research.ibm.com/secure_systems_department/projects/hypervisor.) [2]. N. Santos, K.Gummand, and R. Rodrigues, Towards trusted cloud computing,In: Workshop on hot topics in cloud computing, San Diego, CA, 2009. [3]. M. Jensen, J. Schwenk, N. Gruschka. and L. Iacono, On technical security issues in cloud computing,In: IEEE International Conference on Cloud Computing (CLOUD-II 2009), Bangalore, India, September 2009, 109-116. [4]. F.J. Krautheim, Building trust into utility cloud computing, doctoral diss., University of Maryland, Baltimore County, Baltimore, MD, 2010. [5]. R.K.L. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang, B. S. Lee, TrustCloud: A framework for accountability and trust in cloud computing. HP Laboratories HPL-2011-38, 2011. [6]. D. Catteddu and G. Hogben Cloud computing: Benefits, risks and recommendations for information security. Technical Report, European Network and Information Security Agency, 2009. [7]. R.J. Ureigho, Modeling a security framework for dependable cloud computing, doctoral diss., Ebonyi State University, Abakaliki, Nigeria, 2012. [8]. D. Challener, K. Yoder and R. Catherman, A practical guide to trusted computing (Upper Saddle River, NJ: IBM Press, 2008) [9]. T. Velte, J. Velte and R. Elsenpeter, Cloud computing: A practical approach(McGraw-Hill Osborne Media, 2009). [10]. M.A. Vouk, Cloud computing - issues, research and implementations. Journal of Computing and Information Technology 16(4), 2008, 235-246. [11]. S. Pearson,Trusted computing platforms: TCPA technology in context (Upper Saddle River, NJ: Prentice Hall, 2003). [12]. A. Stamo, A. Becherer, and N. Wilcox,Cloud computing models and vulnerabilities: Raining on the trendy new parade. In: BlackHatUSA, LasVegas, NV, 2009, 245-310 [13]. J. Viega, J. Cloud computing and the common man. Science applications International Cooperation Computer42(8),2009, 106-108.

More Related Content

PDF
Ad4502189193
IJERA Editor
 
PDF
Research Report on Preserving Data Confidentiality & Data Integrity in ...
Manish Sahani
 
PDF
Cloud Computing Security Issues and Challenges
CSCJournals
 
PDF
76 s201913
IJRAT
 
PDF
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
PDF
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
inventionjournals
 
PDF
Challenges and Security Issues in Future IT Infrastructure Components
Mubashir Ali
 
PDF
Introduction to cloud security
IAEME Publication
 
Ad4502189193
IJERA Editor
 
Research Report on Preserving Data Confidentiality & Data Integrity in ...
Manish Sahani
 
Cloud Computing Security Issues and Challenges
CSCJournals
 
76 s201913
IJRAT
 
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
inventionjournals
 
Challenges and Security Issues in Future IT Infrastructure Components
Mubashir Ali
 
Introduction to cloud security
IAEME Publication
 

What's hot (20)

PDF
Investigative analysis of security issues and challenges in cloud computing a...
IAEME Publication
 
PDF
G033030035
ijceronline
 
PDF
Eb31854857
IJERA Editor
 
PDF
Data Storage Issues in Cloud Computing
ijtsrd
 
PDF
A Novel Framework to Improve Secure Digital Library at Cloud Environment
IJCSIS Research Publications
 
DOCX
Challenges of IP protection in era of cloud computing
Brandix India Apparel City Pvt Ltd.
 
PDF
Security and privacy approach of cloud computing
Jahangeer Qadiree
 
PDF
Securing Cloud Using Fog: A Review
IRJET Journal
 
DOCX
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
Lillian Ekwosi-Egbulem
 
PDF
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
IJNSA Journal
 
PDF
Security Issues in Cloud Computing by rahul abhishek
Er. rahul abhishek
 
PDF
07 20252 cloud computing survey
IAESIJEECS
 
PDF
Reliable security in cloud computing environment 2-3-4-5-6
IAEME Publication
 
PDF
A systematic mapping study of security, trust and privacy in clouds
journalBEEI
 
PDF
Cloud computing technology security and trust challenges
ijsptm
 
PDF
A Survey of Cloud Computing Security Issues and Consequences
Associate Professor in VSB Coimbatore
 
PDF
Ijsrp p5211
Vishvi Vidanapathirana
 
PDF
F017414853
IOSR Journals
 
PDF
70 74
Editor IJARCET
 
DOC
Security Issues in Cloud Computing by rahul abhishek
Er. rahul abhishek
 
Investigative analysis of security issues and challenges in cloud computing a...
IAEME Publication
 
G033030035
ijceronline
 
Eb31854857
IJERA Editor
 
Data Storage Issues in Cloud Computing
ijtsrd
 
A Novel Framework to Improve Secure Digital Library at Cloud Environment
IJCSIS Research Publications
 
Challenges of IP protection in era of cloud computing
Brandix India Apparel City Pvt Ltd.
 
Security and privacy approach of cloud computing
Jahangeer Qadiree
 
Securing Cloud Using Fog: A Review
IRJET Journal
 
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
Lillian Ekwosi-Egbulem
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
IJNSA Journal
 
Security Issues in Cloud Computing by rahul abhishek
Er. rahul abhishek
 
07 20252 cloud computing survey
IAESIJEECS
 
Reliable security in cloud computing environment 2-3-4-5-6
IAEME Publication
 
A systematic mapping study of security, trust and privacy in clouds
journalBEEI
 
Cloud computing technology security and trust challenges
ijsptm
 
A Survey of Cloud Computing Security Issues and Consequences
Associate Professor in VSB Coimbatore
 
Ijsrp p5211
Vishvi Vidanapathirana
 
F017414853
IOSR Journals
 
70 74
Editor IJARCET
 
Security Issues in Cloud Computing by rahul abhishek
Er. rahul abhishek
 
Ad

Viewers also liked (20)

PDF
U180304130141
IOSR Journals
 
PDF
F010612830
IOSR Journals
 
PDF
F017253244
IOSR Journals
 
PDF
Importance of Development of Quality Checklists
IOSR Journals
 
PDF
M010427686
IOSR Journals
 
PDF
D017372538
IOSR Journals
 
PDF
J012626269
IOSR Journals
 
PDF
A012140107
IOSR Journals
 
PDF
J013118591
IOSR Journals
 
PDF
K012627075
IOSR Journals
 
PDF
Development of Model for Quality Costing in a Medium Scale Industry-A Case Study
IOSR Journals
 
PDF
B017140612
IOSR Journals
 
PDF
D017532629
IOSR Journals
 
PDF
A013150107
IOSR Journals
 
PDF
O11030494100
IOSR Journals
 
PDF
B1103010918
IOSR Journals
 
PDF
D011112432
IOSR Journals
 
PDF
P01213112116
IOSR Journals
 
PDF
L017368189
IOSR Journals
 
PDF
A study of selected biomechanical variables as a factor of hitting performanc...
IOSR Journals
 
U180304130141
IOSR Journals
 
F010612830
IOSR Journals
 
F017253244
IOSR Journals
 
Importance of Development of Quality Checklists
IOSR Journals
 
M010427686
IOSR Journals
 
D017372538
IOSR Journals
 
J012626269
IOSR Journals
 
A012140107
IOSR Journals
 
J013118591
IOSR Journals
 
K012627075
IOSR Journals
 
Development of Model for Quality Costing in a Medium Scale Industry-A Case Study
IOSR Journals
 
B017140612
IOSR Journals
 
D017532629
IOSR Journals
 
A013150107
IOSR Journals
 
O11030494100
IOSR Journals
 
B1103010918
IOSR Journals
 
D011112432
IOSR Journals
 
P01213112116
IOSR Journals
 
L017368189
IOSR Journals
 
A study of selected biomechanical variables as a factor of hitting performanc...
IOSR Journals
 
Ad

Similar to B018211016 (20)

RTF
Secure third party cloud computing services a proposal by shibwabo anyembe
Shibwabo Christopher Anyembe
 
PDF
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
IJNSA Journal
 
PDF
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
IJNSA Journal
 
PDF
Iaetsd cloud computing and security challenges
Iaetsd Iaetsd
 
PDF
A proposed Solution: Data Availability and Error Correction in Cloud Computing
CSCJournals
 
PDF
Analysis of Cloud Computing Security Concerns and Methodologies
IRJET Journal
 
PDF
Issues of cloud security and its implications
eSAT Publishing House
 
PDF
Security Issues’ in Cloud Computing and its Solutions.
IJCERT JOURNAL
 
PDF
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
IRJET Journal
 
PDF
Enhancing Data Integrity in Multi Cloud Storage
IJERA Editor
 
PDF
Outsourcing control
Shahbaz Sidhu
 
PPTX
Cloud security
Niharika Varshney
 
PDF
New Approaches to Security and Availability for Cloud Data
EMC
 
PDF
FRAMEWORK FOR SECURE CLOUD COMPUTING
ijccsa
 
PDF
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
cscpconf
 
PDF
Design and implement a new cloud security method based on multi clouds on ope...
csandit
 
PDF
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
cscpconf
 
PDF
B1802041217
IOSR Journals
 
PDF
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Zac Darcy
 
PDF
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
Zac Darcy
 
Secure third party cloud computing services a proposal by shibwabo anyembe
Shibwabo Christopher Anyembe
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
IJNSA Journal
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
IJNSA Journal
 
Iaetsd cloud computing and security challenges
Iaetsd Iaetsd
 
A proposed Solution: Data Availability and Error Correction in Cloud Computing
CSCJournals
 
Analysis of Cloud Computing Security Concerns and Methodologies
IRJET Journal
 
Issues of cloud security and its implications
eSAT Publishing House
 
Security Issues’ in Cloud Computing and its Solutions.
IJCERT JOURNAL
 
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
IRJET Journal
 
Enhancing Data Integrity in Multi Cloud Storage
IJERA Editor
 
Outsourcing control
Shahbaz Sidhu
 
Cloud security
Niharika Varshney
 
New Approaches to Security and Availability for Cloud Data
EMC
 
FRAMEWORK FOR SECURE CLOUD COMPUTING
ijccsa
 
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
cscpconf
 
Design and implement a new cloud security method based on multi clouds on ope...
csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
cscpconf
 
B1802041217
IOSR Journals
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Zac Darcy
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
Zac Darcy
 

More from IOSR Journals (20)

PDF
A011140104
IOSR Journals
 
PDF
M0111397100
IOSR Journals
 
PDF
L011138596
IOSR Journals
 
PDF
K011138084
IOSR Journals
 
PDF
J011137479
IOSR Journals
 
PDF
I011136673
IOSR Journals
 
PDF
G011134454
IOSR Journals
 
PDF
H011135565
IOSR Journals
 
PDF
F011134043
IOSR Journals
 
PDF
E011133639
IOSR Journals
 
PDF
D011132635
IOSR Journals
 
PDF
C011131925
IOSR Journals
 
PDF
B011130918
IOSR Journals
 
PDF
A011130108
IOSR Journals
 
PDF
I011125160
IOSR Journals
 
PDF
H011124050
IOSR Journals
 
PDF
G011123539
IOSR Journals
 
PDF
F011123134
IOSR Journals
 
PDF
E011122530
IOSR Journals
 
PDF
D011121524
IOSR Journals
 
A011140104
IOSR Journals
 
M0111397100
IOSR Journals
 
L011138596
IOSR Journals
 
K011138084
IOSR Journals
 
J011137479
IOSR Journals
 
I011136673
IOSR Journals
 
G011134454
IOSR Journals
 
H011135565
IOSR Journals
 
F011134043
IOSR Journals
 
E011133639
IOSR Journals
 
D011132635
IOSR Journals
 
C011131925
IOSR Journals
 
B011130918
IOSR Journals
 
A011130108
IOSR Journals
 
I011125160
IOSR Journals
 
H011124050
IOSR Journals
 
G011123539
IOSR Journals
 
F011123134
IOSR Journals
 
E011122530
IOSR Journals
 
D011121524
IOSR Journals
 

Recently uploaded (20)

PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Encapsulation theory and applications.pdf
gurumoop
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Approach and Philosophy of On baking technology
30anthuong17
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 

B018211016

  • 1. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 2, Ver. I (Mar-Apr. 2016), PP 10-16 www.iosrjournals.org DOI: 10.9790/0661-18211016 www.iosrjournals.org 10 | Page A Novel Framework for Dependable Cloud Computing Dr. Roy Joel Ureigho1 , Edje Abel2 , Felix Elugwu3 1 Department of Computer Science and Informatics, Federal University Otuoke, P.M.B. 126, Yenagoa. Bayelsa State, Nigeria. 2 Department of Mathematics and Computer Science, Delta State University, Abraka. Delta State, Nigeria. 3 Department of Computer Science, Delta State Polytechnic, Otefe-Oghara. Delta State, Nigeria. Abstract:The cloud computing is one technology that has taken the computing world by storm with potent opportunities that are so tempting to ignore. Yet many are skeptical about its adoption because of the many problems that came with internet usage. The belief is that since cloud computing is an offshoot of internet, there are possibilities of multifaceted problems possibly inherited from Internet. They opined that since data will be under the care of cloud service provider, there will be likelihood of compromising data integrity and other security risks. In this work, a framework for dependable cloud computing was designed in such a way that all stakeholders have one part or the other to play to ensure the security of data.An encryption system was designed to encrypt and decrypt data in transit between the client private cloud and the cloud service provider. This ensures that data is delivered to the service provider in encrypted form. Since the task of securing the data stored has the involvement of all stakeholders, it increases the trust level thereby making it dependable. Keywords: cloud computing, dependable cloud computing, internet, security I. Introduction Cloud computing is a technology that is so equally transformational and feared by many. It is hard to find any other comparable technology both now and in the past which has the power to positively re-engineer the manner that technology supports organizational goals. But possibly by a combination of issues such as negative pundit messaging and well-founded suspicion of wide-scale technology and organizational readiness, cloud computing appears to be the most feared of the big technology innovations. In a world that sees new technological trends bloom and fade out almost on daily basis, one new trend promises more longevity. This is because it extends the Internet capabilities. This trend is called cloud computing, and it will change the way we use computer and the Internet. Just as the benefits are obvious, however, so too are the security concerns.Cloud computing is based on open system architecture where costumers‟ data and program reside in cloud service provider premises. That‟s the reason why security is a major issue. Stakeholders always find themselves asking various question before they adopt cloud computing. Cloud computing shares in common with other network-based application, storage and communication platforms certain vulnerabilities in several broad areas:  Web application vulnerabilities.  Accessibility vulnerabilities.  Authentication of the respondent device or devices.  Data Verification, tampering, loss and theft while on a local machine, or in transit, or at rest at the unknown third-party device, or devices, and during remote back-ups.  Physical access issues, both the issue of an organization‟s staff not having physical access to the machines storing and processing a data, and the issue of unknown third parties having physical access to the machines.  Privacy and control issues stemming from third parties having physical control of data. Many prospective adopter of cloud computing are curious about what will happen to their data/information when it is hosted in the cloud. How would they be harmed if an employee of the cloud service provider or any other outsider accessed and manipulated their data/information? What will happen if as at the time they need the stored data, it is not available for that period? These are some of the basic questions that often arise in the mind of any prospective adopter of cloud computing. The significance of this work is to contribute techniques to improve the vulnerability of cloud computing. In improving the techniques that prevent and detect security flaws, it is hoped that cloud services can justifiably be relied upon that is it can be considered dependable. The security model designed is also a significant advance in security of cloud computing. II. Related Works
  • 2. A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 11 | Page There are others who have carried out various studies successfully in cloud computing security. IBM developed a secured hypervisor called sHype to help solve the problem of separating private data between Virtual Machines, virtualization containment attacks and hypervisors attack against Virtual Machine (VM) [1]. [2]in their work proposed a trusted cloud computing platforms using Trusted Computing Group specifications.[3]presented the technical security issues in Cloud Computing; however, these issues are more related with the problems of web services and web browser and not of Cloud Computing. [4]in his work titled “building trust into utility cloud computing” also proposed Private Virtual Infrastructure (PVI) and Locator Bot as a means of securing data processed by the VMs in the cloud. The various implementation strategies of securing cloud computing by these researchers form the basis for this study. They provided the needed platform for future work as their method of cloud security implementation serve as reference point.[5]discussed key challenges in achieving a trusted cloud through the use of detective controls, and presents the TrustCloud framework, which addresses accountability in cloud computing via technical and policy based approaches. III. Risks And Security Concerns With Cloud Computing Many of the risks frequently associated with cloud computing are not new, and can be found in enterprises today. Some examples of cloud computing risks for the enterprise that need to be properly managed include:  Choice of trusted cloud service provider based on history and sustainability. Sustainability is of particular importance to ensure that services will be available and data can be tracked.  The responsibility of information handling is transferred to the cloud provider, which is a critical part of the business. Failure to perform to agreed-upon service levels can impact not only confidentiality but also availability, severely affecting business operations.  The dynamic nature of cloud computing may result in confusion as to where information actually resides. When information retrieval is required, this may create delays.  High risk of compromise to confidential information since sensitive information is kept under the control of a third-party. This can pose a significant threat to ensuring the protection of intellectual property (IP) and trade secrets.  Technical risks such as data leakage, distributed denial of service attacks, loss of encryption keys, and conflicts between customer hardening procedures and cloud platforms.  Legal risks such as data protection and software licensing risks. Risks not specific to the cloud such as network problems, unauthorized access to data centers, and natural disasters [6]. IV. Dependable Cloud Computing While there is no universally accepted definition of dependable cloud computing, it is important to clarify its components and meaning. In dictionaries, dependable is synonymous with reliable. Therefore, we can view dependable cloud computing as cloud computing which everybody (mainly consumers or information owners) can relied on to do what they want or need with all the security concerns adequately taken care of and data integrity is not compromised. Security concerns of cloud computing has been one of the drawbacks affecting the full adoption of cloud computing by many organisations [7]. As long as internet has been accepted by all, cloud computing will soon become the order of the day! This is due to the cost savings that is associated with cloud computing. Users of cloud computing have low technical cost of ownership (TCO) as compared with those using conventional computing. Dependable cloud computing can be achieved with the following components:  Security: there must exist mechanisms (e.g. encryption) which make it extremely difficult or uneconomical for an unauthorised person to access some information  Privacy: protection against the exposure or leakage of personal or confidential data (e.g. personal identifiable information (PII)).  Accountability: the obligation and/or willingness to demonstrate and take responsibility for performance in light of agreed upon expectations. This goes beyond responsibility by obligating an organisation to be answerable for actions.  Auditability: It allows an action to be reviewed against a pre-determined policy to decide if the action was compliant, and if it was not, to hold accountable the person or organisation responsible for the action [5]. V. The Design Of Encryption System An encryption system was designed to test the dependability of the data stored and/or transferred from cloud. The programming language suitable for designing encryption system must have security API for accessing and developing cryptographic functionality. Java programming language on NetBeans IDE was used
  • 3. A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 12 | Page for the design. This is because Java has security API built around the java.security package (and its subpackages) and it also has Java Cryptography Extension (JCE) which extends the Java Cryptography Architecture (JCA) API to include APIs for encryption, key exchange, and Message Authentication Code (MAC). The Object Oriented Methodology (OOM) was used for this system development. The underlying idea of OOM was to create the logical design from a physical design based on observing the properties of the "real world". OOM is a new system development approach encouraging and facilitating re-use of software components. With this methodology, a computer system can be developed on a component basis which enables the effective re-use of existing components and facilitates the sharing of its components by other systems. Through the adoption of OOM, higher productivity, lower maintenance cost and better quality can be achieved. This methodology employs international standard Unified Modeling Language (UML) from the Object Management Group (OMG). The system analysis stage involves two distinct stages: 1. The preliminary study of the system 2. The detailed analysis of the system Preliminary Study of the System: This involves the problem identification and definition, specifying objectives, establishing technical feasibility and making preliminary cost. It also includes benefit estimates and estimating schedules. Detailed Analysis of the System: This is the second stage of the analysis of the system. Here, the user requirements were identified, and the methods and procedures of the new system were established. The process involves collection of facts and analysing the facts collected. Figure 1: Collaboration diagram of the proposed system Figure 1: Collaboration diagram of the proposed system VI. Development Of System Requirement At this stage, the requirements for the system were developed. These include input and output requirements. Input Requirements Analysis: In order to produce the required output, the input necessary for the output was specified and designed. The input screens are all user-friendly to make usage easy for all kinds of users. The inputs for the encryption system are in two forms; unencrypted format and the encrypted format. Input from the client end into the datacenter in the cloud are unencrypted and the data are of text , files in the form of audio, video, graphics, databases and any other format that the user may want to store in the cloud. When a client requests for stored data from the cloud, they are delivered in the form of cipher text and needs to be decrypted Locality Datacenter Viewing Corporate Portal Server Virtual Servers in cloud 1. Create/Generate sk 2. Modify Existing sk 3. Send encrypting request 1. Verify sk 2. Send decrypted data Viewallcreatedsk Cloud Service Provider’s endCloud Service User’s end Encrypteddata forstorage 1.Verifyowner’sid 2.Sendrequested encrypteddata Actor Encrypted data sent Encrypted data received
  • 4. A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 13 | Page for the client to understand them. In this case, the input to the system is the encrypted file been sent from the cloud. The system then decrypts this file before they are sent to the client. See Fig. 1. Output Requirements Analysis: The logical place to begin a detailed study of the system requirements and the design of the entire system is the output. The output display is designed in such a way that is user- friendly and suitable for use by both expert and novice users. The output of the encryption system to the cloud server is in encrypted form. The output to the client whenever a request is made to the cloud is unencrypted file which is decrypted by the proposed encryption system as shown in Fig. 2. The system designed is only intended to serve various encryption operations at the cloud users‟ end and not in the service provider‟s cloud. It is expected that users of cloud services should ensure that the data being uploaded into the cloud (i.e. data in transit) are reasonable secured. This system is built into the customer‟s internal private cloud (a kind of LAN). It is depicted as „Security Policy Cust-X‟ in Fig. 3. It must be noted that Cust-A‟s security policy may not be the same for Cust-B. The kind of security policy employed by each customer is a function of the sensitivity of data in question and the business rule of such customer Figure 2: Block diagram of the proposed system Figure 3: Dependable cloud computing physical model VII.The Algorithm Customer D DMZ Customer C DMZ Customer B DMZ Cloud Service Provider Strong Room SAN Cust A Customer mgt Net SAN Cust B External private cloud Internal Private Cloud Cust B Port group A Customer A Customer B SSL VPN Port group B Port group DPort group C Customer C Customer D Private Virtual Domain Customer A DMZService Provider Security Gateway Network (protected) Service Provider Cloud DMZ Network (external) Service Provider Cloud Gateway Security Policy Cust-B Internal Private Cloud Cust A Security Policy Cust-A Security Policy Cust-C Security Policy Cust-D Internal Private Cloud Cust D Internal Private Cloud Cust C
  • 5. A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 14 | Page In this algorithm, the client is depicted with CT and server in cloud as SIC. 1. CT ← {sk, pk} The client takes as input a security parameters secret key sk and public key pk. The public key pk is sent to SIC while it stores the secret key sk 2. CT: {sk, pk, F, info, M}← SIC: {E(F), E(info), E(M)} The client prepares part of its file F for storage in SIC which is not trusted. As input, it takes a secret key and public key, part of the file F with the definition info of the update to be performed and the previous metadata M. The output sent to SIC is encrypted version of F, info and M as a request for update. 3. SIC: {pk, Fi-1, Mi-1, E(F), E(info), E(M)← CT: {F, Mi, M’c, PM’c} The server in response to update request by client sends the new version of F and M together with the metadata M‟c and its proof PM‟c. The input in SIC are the public key pk, the previous version of F and M which are Fi-1, Mi-1 and the client provided values E(F), E(info) and E(M). 4. CT: {sk, pk, F, info, Mc, M’c, PM’c}← SIC:{accept, reject} CT: {sk, pk, Mc}← SIC: {c} The client verifies the server‟s behaviour during update. The CT has all the previously sent input from SIC in (3) above, it then sends acceptance or rejection signal to the server. Then, there is a probabilistic procedure run by CT to create a challenge for SIC by sending 5. SIC: { pk, Fi, Mi, c}← CT: {P} Upon the receipt of a challenge c, SIC sends proof P to client. 6. CT: {sk, pk, Mc, c, P}← SIC: {accept, reject} Once the proof P is received by CT, it then send accept or reject signal. If accept, then the off-loading commences, it is otherwise if reject signal is sent. The data is then migrated to CTVID (cloud trusted virtual infrastructure datacentre) where dependable virtual infrastructures are based Client Server in Cloud {sk,pk,F, info, M} {sk, pk} {E(F), E(info), E(M)} {pk} {sk, pk, info, Mi, M‟ c, PM‟c} {Fi-1, Mi-1, E(F), E(info), E(M)} {sk, pk, Mc, c, P} {Fi, Mi, Mc, Pc} {accept, reject} {sk, pk, Mc} {c} {pk, Fi, Mi, c}{P} {accept, reject} Migrate to CTVID Figure 4: Sequence diagram of client off-loading files to server in cloud for further migration to CTVID As the data owner or client initiates a request for file retrieval from server in the cloud (SIC), the following adding processes take place in order to transfer the file from the destination platform (DP) which has a direct connection with the SIC (server in cloud) to the CT (client) : 1. CT: {sk, pk, Mc, info}← SIC: {E(info), c}
  • 6. A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 15 | Page The client requests part of the file from SIC along with associated proof. It takes the sk, pk and the latest clients metadata Mc and the information about what to request as input and output the encrypted information and an associated challenge c that is then sent to the server. 2. SIC: {pk, Fi, Mi, E(info), c}← CT: {F’E(info), P} Once the retrieval request is received from CT by the SIC, it takes as input the pk, the latest version of the file and metadata, the information about request and the challenge c and then out the requested file along with the proof P to the client CT. 3. CT: {sk, pk, Mc, info, c, F’E(info), P}← SIC: {F} After the client has received the part of the file and its associated proof P from the server, it takes as input the sk, pk, the client metadata Mc, the request information info, the challenge c, the part of the file F‟E(info) and the proof P sent by SIC. CT then checks if the proof corresponds to the part of file that is received and output the decrypted file otherwise the client output null. Figure 5: The architecture of dependable cloud computing The user connects the cloud service provider‟s server via its own security policy and server tier firewall rules that are defined within a vApp. This security policy includes server security patch levels, anti-virus status and file-level access restrictions. The dependable cloud computing model in Fig. 5provides a method to communicate the policies and server tier firewall rules. The cloud service provider needs to validate the patch level and security level prior to bringing user‟s data into the server in the cloud. Data from the user‟s DMZ area are validated in order to mitigate any security violations according to each user‟s security profile.The cloud service provider also separates and isolates the resources each customer virtual machine uses from other customers‟ virtual machine resources to prevent DDoS attacks. These attacks are usually caused by log files not having limits or CPU or memory utilization increasing on a single virtual machine through memory leaks or poorly behaving applications. In order to ensure data security, the cloud service provider provides access paths to only the physical servers that must have access to maintain the desired functionality by using zoning system via SAN N-Port ID virtualization (NPIV). The SAN (storage area network) is within the user‟s network.This architecture also provides a method to communicate the access controls and authentication needs to the cloud service provider. The dependable cloud computing model in Fig. 5 shows how the user access is controlled in the cloud environments require. Cloud provider defines a virtual machine identity that ties each virtual machine to an asset identity within the provider‟s virtual infrastructure. Based on this identity, cloud service providers are able to assign user, role and privilege access within the extended infrastructure to provide role-based access controls. Service providers can prevent cloning and copying of virtual machines using a combination of virtual machine identity and server configuration management policies. VIII. Conclusion This work represents a new paradigm of information protection and security in cloud computing. We examined and defined a new model for dependable cloud computing and addressed the core security challenge of cloud computing with multi-tenancy. We have shown that using dependable computing technologies where clients and service providers ensure conformity to security rules in the cloud computing environment can benefit all. Making cloud computing dependable cannot be left in the hands of service providers alone, consumers have to play their own role so that data integrity is maintained uncompromisingly while enjoying the benefits that cloud has provided.
  • 7. A Novel Framework For Dependable Cloud Computing DOI: 10.9790/0661-18211016 www.iosrjournals.org 16 | Page Therefore, as a rule, security concerns should not be a block to the adoption of Cloud Computing. While the Cloud has unique challenges, those challenges do not mean it is inherently insecure. The cloud computing has come to stay; making it dependable and trustworthy is a task that can be done. References [1]. R. Sailer,E. Valdez, T. Jaeger, et al., sHype: Secure hypervisor approach to trusted virtualized systems,RC23511, IBM, Yorktown Heights, NY 2005. (On-line:http://www.research.ibm.com/secure_systems_department/projects/hypervisor.) [2]. N. Santos, K.Gummand, and R. Rodrigues, Towards trusted cloud computing,In: Workshop on hot topics in cloud computing, San Diego, CA, 2009. [3]. M. Jensen, J. Schwenk, N. Gruschka. and L. Iacono, On technical security issues in cloud computing,In: IEEE International Conference on Cloud Computing (CLOUD-II 2009), Bangalore, India, September 2009, 109-116. [4]. F.J. Krautheim, Building trust into utility cloud computing, doctoral diss., University of Maryland, Baltimore County, Baltimore, MD, 2010. [5]. R.K.L. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang, B. S. Lee, TrustCloud: A framework for accountability and trust in cloud computing. HP Laboratories HPL-2011-38, 2011. [6]. D. Catteddu and G. Hogben Cloud computing: Benefits, risks and recommendations for information security. Technical Report, European Network and Information Security Agency, 2009. [7]. R.J. Ureigho, Modeling a security framework for dependable cloud computing, doctoral diss., Ebonyi State University, Abakaliki, Nigeria, 2012. [8]. D. Challener, K. Yoder and R. Catherman, A practical guide to trusted computing (Upper Saddle River, NJ: IBM Press, 2008) [9]. T. Velte, J. Velte and R. Elsenpeter, Cloud computing: A practical approach(McGraw-Hill Osborne Media, 2009). [10]. M.A. Vouk, Cloud computing - issues, research and implementations. Journal of Computing and Information Technology 16(4), 2008, 235-246. [11]. S. Pearson,Trusted computing platforms: TCPA technology in context (Upper Saddle River, NJ: Prentice Hall, 2003). [12]. A. Stamo, A. Becherer, and N. Wilcox,Cloud computing models and vulnerabilities: Raining on the trendy new parade. In: BlackHatUSA, LasVegas, NV, 2009, 245-310 [13]. J. Viega, J. Cloud computing and the common man. Science applications International Cooperation Computer42(8),2009, 106-108.