Abstract ‘ Use of cloud computing is rapidly increases in daily routine where data generates in very large quantity. Actually in small industry cloud gives the better option for storage of large amount data without using extra hardware facility. In large industry it becomes very difficult to always update the hardware as per need for storing the data so they also choose the cloud facility for storage. But problem is that whether the data is secure on cloud storage server or not?
In this paper we are concerning about the single cloud security and multi-cloud security and tells the solutions on it.This work will promote the use of multi-cloud environment due to the ability of reducing security risk which affects to the cloud computing user and his/her data.
Keywords- Cloud computing, Data Integrity, multi-cloud, single cloud, security.
1. INTRODUCTION
Use of cloud computing is becomes very popular in an industry. Every industry has its own data and database servers. But storing that data on their server is becomes very difficult if data size becomes more. In small industry each time it becomes very costlier to upgrading their hardware capability for frequently storing new data and maintaining that storage becomes difficult. So cloud technology is use and it reduces cost of storage, maintenance. When cloud provider provides cloud facility that time they should mention the privacy and security issues. Use of ‘single cloud’ is becomes less popular due to some problems such as service availability failure and there may be chance of presence of or insertion of malicious thread i.e Insider harmful thread in cloud. Now a day, use of ‘multi-cloud’ or ‘intercloud’ or ‘cloud-of-clouds’ becomes very popular just because of potential problems such as service availability failure in single cloud [1].
This paper is focuses on issues related to the data security in multi-cloud environment. As data stored at third party provider, user wants to their data should be secure.so many people have investigated data or ways for avoiding such a problems for storing the data. In that they found some problems namely authentication of data, integrity of data and service availability by cloud. Proof of data stored on cloud is sometime called as Proof of Retrievability (POR).Such proofs are important in Distributed System, Peer to Peer System, Network file system, database system [2].
Such system frequently checks the data on cloud storage from the modification or misrepresentation of data without intimating the owner of that data. And this information gives idea to the owner about the efficient, frequent, secure and quick verification of data stored on cloud. Just one thing is there owner should take into his/her consideration that server might not be infected with any malicious activity. Otherwise it will give the unreliable and inadvertently corrupted data. So we are developing data integrity scheme which are required for infected servers and unreliable cloud storage.
While accessing the large data which is stored at untrusted cloud storage, it requires the more resources on our local machine with that we may require large bandwidth for accessing that data. For accessing such file becomes very expensive in input/output cost on cloud server. With this it will also consume large bandwidth for transmission of file across the network to the client from the server. The problem is that owner of data may be using the small devices like cell phone or PDA (Personal Device Assist) which having limited CPU power capacity, less battery backup, less bandwidth capacity or communication hence, the need of data integrity proof is required for the above limitation. So scenario should be able to produce a proof without the need to access the whole file on server or retrieve whole file on client. Also it should minimize the local computation and bandwidth consumption at client side. [1] [2]
2. FRAMEWORK
In cloud computing, there are two types of framework models which are mostly used and they are namely.
1. Delivery Model
2. Deployment Model
2.1 Delivery Model-
It consist of three types of models for delivering the cloud service
2.1.1 Software as a Service (SaaS)
It is referred as software available on demand. It is also knowledge as an Application Service Provide (ASP).It provides the efficient access services of cloud to the users. For example Google groups, Gmail. This service mostly used for business applications like Human Resource Management, ERP etc.
2.1.2 Platform as a Service (PaaS)
It provides a freedom to the user for application design, application development, and application testing and application deployment. With this it also provides an application services such as a database collection i.e. integration of database, security of data. For example Google apps Engine which allows the users to customize their application and give the service to other people.
2.1.3 Infrastructure as a Service (IaaS)
It delivers the virtualization environment as a service. Instead of spending money on purchasing servers, data center, network equipment, software license client can purchase resources as outsourced service. Means client use the third party infrastructure service to for supporting the operations. [9][11]
2.2 Deployment Model-
There are four types of deployment models of clouds and they are-
Fig: 1 Deployment Model of Clouds
2.2.1 Public Cloud: It is known as external cloud. This service is made available by the service provider through the internet. User may use this service or cloud free or will pay as per his/her usage. The public cloud can be a individual service or collection of services.
2.2.2 Private Cloud: It is also known as internal cloud or on-premise cloud. It provides the limited access to its user and resources which are belonging to that particular organization. That is it manages the data within the organization without the taking care of network bandwidth. So that’s why security, privacy will be maintained.
2.2.3 Hybrid Cloud: It is the combination of public cloud and private cloud. It is also known as multiple cloud system.It gives the facility to the enterprise for managing the workload in private cloud but suppose workload increases and it asking for the public cloud for computing the resources then it gives the authority for public cloud.
2.2.4 Community Cloud: It is the cloud which is managed by group of organizations for achieving the common objective. In this type of cloud mostly common resources are shared within the organizations.
3. DATA SECURITY ISSUES IN CLOUD
There are three types of major issues in data cloud security namely Availability, Confidentiality, Integrity known as ACI triad.[9]
‘ Availability: It is the proof that data will be available to user worldwide irrespective of location. It is handled by network security, authentication and fault tolerance.
‘ Confidentiality: It is the avoidance of unauthorized access of user. It is handled by authentication services, DES, Security protocols like Kerberos.
‘ Integrity: It is the proof that data receive is same as the data sent and it is not modified in between the transfer. Integrity is a copyright of data. It is handled by Firewalls and intrusion detection.
Fig: 2 The ACI traid
4. PROBLEM FORMULATION
In cloud computing technology, many policy issues are there which include issues of security, privacy, reliability, integrity, service availability etc. But out of that the most serious issue is security and how cloud provider solves that issue? Generally cloud has many types of users such as general user, enterprise user, cloud administrator etc. For general user security point of view is different, or enterprise user security point of view is different and for cloud administrator it is different. So for all of these users security issue is most important.
5. PROPOSED WORK
In this paper we are concerning about security of the data in cloud. So we are using the TripleDES algorithm for securing the data and MD5 algorithm for creating the encryption key.
‘ Triple DES (Triple Data Encryption Algorithm i.e TDEA), a widely uses the Data Encryption Standard (DES) algorithm three times to each data block. The original key size of the DES is 56 bits so after applying three times DES algorithm in Triple DES we get the keys of sizes of 56,112,168 bits.
By using the Triple DES
MD5- (Message-Digest algorithm 5), a mostly known as cryptographic hash function with a 128-bit hash value, it processes a variable-length message into a fixed-length output of 128 bits. The input message is broken up into chunks of 512-bit blocks . the message is padded so that its length is divisible by 512.