ITDCC05.ppt
Download as PPT, PDF0 likes5 views
The document proposes protocols for secure launch of virtual machines (VMs) in Infrastructure as a Service (IaaS) clouds. This would provide cloud tenants assurance that their VM instances were launched on hosts with expected software stacks. Currently, cloud tenants have limited control over security mechanisms and lack symbols confirming the integrity of their VM hosts. The proposed protocols aim to address this by verifying platform integrity for hosts and giving tenants symbols of expected code stacks for their launched VMs.
ITDCC05.ppt
- 1. Providing User Security Guarantees in Public Infrastructure Clouds
- 2. ABSTRACT One such mechanism is platform integrity verification for figure hosts that support the virtualized cloud infrastructure. Several giant cloud vendors have signaled sensible implementations of this mechanism, primarily to safeguard the cloud infrastructure from corporate executive threats and advanced persistent threats. we tend to see 2 major improvement vectors regarding these implementations. First, details of such proprietary solutions aren't disclosed and may therefore not be enforced and improved by alternative cloud platforms. Second, to the most effective of our information, none of the solutions provides cloud tenants a symbol concerning the integrity of figure hosts supporting their slice of the cloud infrastructure. To address this, we tend to propose a group of protocols for sure launch of virtual machines (VM) in IaaS, which give tenants with a symbol that the requested VM instances were launched on a number with associate degree expected code stack.
- 3. EXISTING SYSTEM PROPOSED SYSTEM EXISTING CONCEPT:- While providers may offer security enhancements such as protection of data at rest, end-users have limited or no control over such mechanisms. There is a clear need for usable and cost-effective cloud platform security mechanisms suitable for organizations that rely on cloud infrastructure. A role may be assigned to multiple users who share the same secret-key. That means there is no way to distinguish those assigned users and the secret-key derivation is not able to support functions, such as user revocation and traitor tracing. PROPOSED CONCEPT:- • Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments. EXISTING TECHNIQUE:- • Role-Based Access Control (RBAC) PROPOSED TECHNIQUE:- • Partially-ordered Hierarchical Encryption (PHE)
- 4. TECHNIQUE DEFNITION:- • Control (RBAC) in place to maintain the privacy and confidentiality of data for collaboration with teams. Cloud providers have access to the data stored in the cloud, and can control access to it by outside entities the confidentiality of data and limiting privileged user access to it. TECHNIQUE DEFNITION:- PHE is more effective than traditional cryptosystem for tracing-and-revoking because it can organize all decryption keys into a hierarchical key structure according to partially ordering relation of role hierarchy in RBAC. DRAWBACKS:- • Time taken for data load • Data is not secured ADVANTAGES:- • Low power resource only used • Data is secured for storing in cloud
- 5. SOFTWARE REQUIREMENT Operating system :- Windows 7,8.1 Front End :- Microsoft Visual Studio .NET 2013 Coding Language :- C# Backend :- DB2 HARDWARE REQUIREMENT Processor : Pentium Dual Core 2.00GHZ Hard disk : 50 GB Mouse : Optical Mouse RAM : 2GB(minimum) • Keyboard : Standard Keyboard (102 keys)
- 6. PROPOSED SYSTEM: • Proposed a user secret-key must be unique and is accompanied by the user identity. In addition, the derivation of secret-key in such a construction should be avoided. • Advantage of our key structure is that it could be seamlessly integrated into the existing RBAC systems. Consequently, an RBAC system can directly use the public role key to encrypt resources in terms of users’ assigned roles, and then the users owned the senior roles can use their privacy keys to decrypt the encrypted resources. FUTURE WORK: • Future system we focus on protection the privacy of outsourcing data and preventing player abuse in file syncing and sharing services in the cloud. We highlight the development of a group-oriented cryptosystem with especially for tracing and revoking methods that can ensure the security of player/editor. • In our future work, we are planning to introduce a comprehensive anomaly detection, using audit, pattern matching, and risk assessment, for identifying the suspected players PROPOSED TECHNIQUE: Threats and mitigation FUTURE TECHNIQUE: Threats and mitigation enhanced