Cloud

ABSTRACT

 The use of cloud cloud computing computing has increased increased rapidly rapidly in many organizations. Cloud computing provides many benets in terms of low cost and accessibility of data. Ensuring the security of cloud computing is a major factor in the cloud computing environment, as users often store sensitive information with cloud storage providers but these providers may be untrusted. Dealing with single cloud! providers is predicted to become less popular with customers due to ris"s of service availability failure and the possibility of malicious insiders in the single cloud. # movement towards multi$clouds!, or in other words, interclouds! or cloud$of$clouds! has emerged recently.  This project project surveys recent research research related related to single single and multi$cloud multi$cloud security and addresses possible solutions. %t is found that the research into the use of multi$cloud providers to maintain security has received less attention from the research community than has the use of single clouds. This wor" aims to promote the use of multi$clouds due to its ability to reduce security ris"s that a&ect the cloud computing user.

'

CHAPTER 1 INTRODUCTION Cloud computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or control over  the technology infrastructure in the "cloud" that supports them. Cloud computing is one of todays most exciting technologies due to its ability to reduce costs associated with computing while increasing flexibility and scalability for  computer processes. !uring the past few years, cloud computing has grown from  being a promising business idea to one of the fastest growing parts of the I industry. Cloud computing others the vision of a virtually infinite pool of  computing, storage and networking resources where applications can be scalable deployed he use of cloud computing has increased rapidly in many organizations. Cloud computing provides many benefits in terms of low cost and accessibility of data. #nsuring the security of cloud computing is a ma$or factor in the cloud computing environment. In %ystem the development of a techni&ue through cloud computing in which user will access application on server which is allocated far away from user system. Cloud computing is a phenomenon of the '(st century, an all)new services delivery model that uses the Internet as a  platform. *ccording to independent technology and market research, cloud computing is a standardized I capability, such as software application platform or  infrastructure, delivered via Internet technologies in a pay)per)use and self)service way. Cloud Computing the familiar term Cloud Computing also approaches %oftware used as a service for consumption over the Internet +the cloud. he word Cloud Computing is not associated with any particular technology, protocol or vendor. It allows cloud applications to service the users +usually via websites, client applications, and so on assuring that the service will have a single point of  access +i.e. from main server  and all the scaling, parallel computation, virtualization and whatever technology is used on the back end will be transparent to the client. -rom this perspective, Cloud Computing is a model rather than an architecture. ot all %/* based applications +like web services are cloud based. It is not necessary to host a web service on a cloud using the elasticity concept. he cloud architecture is probably the best way to efficiently host a web service. Cloud computing is a network)based environment that focuses on sharing computations or resources. *ctually, clouds are Internet)based and it tries to disguise complexity for clients. Cloud computing refers to both the applications delivered as services over the Internet and the hardware and software in the (

organization that provide those services. Cloud computing provides many opportunities for enterprises by ordering a range of computing services. In today0s competitive environment, the service dynamism, elasticity, and choices ordered by this highly scalable technology are too attractive for enterprises to ignore. /ur   proposed system in cloud computing user will handle systems in which any client machine can interact with server machine and can access applications on server  from home or where internet is available. he use of cloud computing has increased rapidly in many organizations. Cloud computing provides many benefits in terms of low cost and accessibility of  data. #nsuring the security of cloud computing is a ma$or factor in the cloud computing environment, as users often store sensitive information with cloud storage providers but these providers may be untrusted. !ealing with 1single cloud2 providers is predicted to become less po pular with customers due to risks of service availability failure and the possibility of malicious insiders in the single cloud. * movement towards 1multi)clouds2, or in other words, 1interclouds2 or 1cloud)of)clouds2 has emerged recently.

)

CHAPTER 2 AIM AND OBJECTIVE *I34 his work aims to promote the use of multi)clouds due to its ability to reduce security risks that affect the cloud computing user. his surveys recent research related to single and multi)cloud security and addresses possible solutions. It is found that the research into the use o f multi)cloud providers to maintain security has received less attention from the research community than has the use of single clouds.

/56#CI7#4 !ealing with 1single cloud2 providers is becoming less popular with customers due to potential problems such as service availability failure and the possibility that there are malicious insiders in the single cloud. In recent years, there has been a move towards 1multiclouds2, 1intercloud2 or 1cloud)of)clouds2 his work focuses on the issues related to the data security aspect of cloud computing. *s data and information will be shared with a third party, cloud computing users want to avoid an untrusted cloud provider. 8rotecting private and important information, such as credit card details or a patient0s medical records from attackers or malicious insiders is of critical importance. In addition, the potential for migration from a single cloud to a multi)cloud environment is examined and research related to security issues in single and multi)clouds in cloud computing are surveyed.

*

CHAPTER 3 C9/U! !#89/:3# 3/!#9%

Public cloud

8ublic cloud applications, storage, and other resources are made available to the general public by a service provider. hese ser)vices are free or o ered on a pay)per)use model. ;enerally, public cloud service providers like *mazon *<%, 3icrosoft and ;oogle own and operate the infrastructure and offer access only via Internet +direct connectivity is not offered.

Community cloud

Community cloud shares infrastructure between several organizations from a special community with common concerns whether managed internally or by a third)party and hosted internally or externally. he costs are spread over fewer users than a public cloud.

Hybid cloud

=ybrid cloud is a composition of two or more clouds +private, community or public that remain uni&ue entities but are bound together, offering the benefits of multiple deployment models. 5y utilizing "hybrid cloud" architecture, companies and individuals are able to obtain degrees of fault tolerance combined with locally immediate usability without dependency on internet connectivity. =ybrid cloud architecture re&uires  both on)premises resources and o )site +remote server)based cloud infrastructure.

Pi!"t# cloud

8rivate cloud is cloud infrastructure operated solely for a single organization, whether managed internally or by a third)party and hosted internally or externally. Undertaking a private cloud pro$ect re&uires a sign in cant level and degree of engagement to virtualizes the business environment, and it will re&uire the organization to re)evaluate decisions about existing resources

Po$y %#!#

he use of proxy server could help provide ade&uate access and re)sponse time to large numbers of
accessed page.
2&2&2 Docum#nt Poc#%%in'(

)ECURIT*

he system needs to log clients information of registration such as I8 address and time for security purpose. 8assword should be encr ypted and store in the database.

MAINTAINABI+IT*

he system developing using .# framework, all les are easy to modify and make update.

APPROPRIATENE)) ,OR OR-ANI.ATION

*vailability of the human input, allocation of expertise, and alignment of team and software structure. he system need to be appropriate as  per customer0s re&uirements. =ence the pro$ect is form of technically, economically, operationally, legally feasible.

,#"%ibility %tudy

he feasibility study is ma$or factor which contributes to analysis of system. In earlier stages of %>< development, it is necessary to check whether system is feasible or not. !etail study was carried out to che ck workability of proposed system, so the feasibility study is system proposal regarding to its workability, impact on organization, ability to meet user re&uirements and effective use of resources. hus, when application progresses it normally goes through a feasibility study and risk analysis. -easibility study was carried out considering the following aspects4)

TECHNICA+ ,EA)IBI+IT* 

echnical study is the study of the hardware re&uirements and software re&uirements i.e. technical re&uirements of our pro$ect in order to inform the management and user that from particular website designing this much technical resources are re&uired. Considering all below re&uirements, the pro$ect is technically feasible. OPERATIONA+ ,EA)IBI+IT*

he system is operationally feasible because of the b enefit of computerized .he total working capacity will be improved due to this proposed system i.e. user need not to install each and every soft)ware at client side. client side is platform independent.

TIME ,EA)IBI+IT*

he client that the system must be completed within ? or @ months proposed it.
+E-A+ ,EA)IBI+IT*

here is no violation or liability that could be result from the development. he idea is not copyright>patent of an y person or organization. software re&uired. hus this pro$ect is legally feasible.

-

CHAPTER / PROB+EM )TATEMENT o develop a system for sharing of software and hardware in cloud from which user can access applications anytime, an ywhere with secure architecture.

CHAPTER 0 

PROJECT P+AN he Implementation 8lan describes how the information system will be deployed, installed and transitioned into an operational system. he  plan is developed during the !esign 8hase and is updated during the !evelopment 8haseB the final version is provided in the Integration and est 8hase and is used for guidance during the Implementation 8hase. )*)TEM ARCHITECTURE

!esign is concerned with identifying software components specifying relationships among components. %pecifying software structure and providing blue print for the document phase. 3odularity is one of  the desirable properties of large systems. It implies that the system is divided into several parts. In such a manner, the interaction between parts is minimal clearly specified. !esign will explain software components in detail. his will help the implementation of the system. 3oreover, this will guide the further changes in the system to satisfy the future re&uirements he !ep%ky architecture consists of four clouds and each cloud uses its own particular interface. he !ep%ky algorithm exists in the clients0 machines as software library to communicate with each cloud hese four clouds are storage clouds, so there are no codes to be executed. he !ep%ky library  permits reading and writing operations with the storage clouds.with different cloud providers, the !ep%ky library deals with different cloud interface providers and conse&uently, the data format is accepted by eachcloud. he !ep%ky data model consists of three abstraction levels4 the conceptual data u nit, a generic data unit, and the data unit implementation. D#)y )y%t#m mod#l& he !ep%ky system model contains three parts readers, writers, and four cloud storage providers, where readers and writers are the client0s tasks. eader can fail arbitrarily +for example, they can fail by crashing, they can fail from time to time and then display any  behavior whereas, writers only fail by crashing. Cloud %to"'# o!id#% in t# D#)4y %y%t#m mod#l& he 5yzantine protocols involve a set of storage clouds +n where n D E f F(, and f is maximum number of clouds which could be faulty. In addition, any subset of +n G f storage cloud creates byzantine &uorum  protocols .

/

CHAPTER 5

PROJECT METHODO+O-* his protocol uses secret sharing and erasure code techni&ues to replicate the data in a cloud)of)clouds. he image below show how this is donne. -irst is generated an encryption key, and after that the original data block is encrypted. hen the encrypted data block is erasure coded and are computed key shares of the encryption key. In this case we get four erasure coded blocks an d four key shares because we use four clouds. 9astly, is stored in each cloud a d ifferent coded  block together with a diffenret key share.

'0

''

,unction"l R#6ui#m#nt(7 I8 Aut#ntic"tion 9it t# %y%t#m(  he functionality is to authenticate the user . II8 Di%tibut#d D"t"b"%# on %#!#( %H9 %#7# 'J is used to store that data. III8 :#b %#!ic# int#'"tion Int#'ity(  create the web services as middle wear  architecture it will same as scalable transactions.

 E;TERNA+ INTER,ACE RE
he product should be able to function 'KxL. he client experience should be good and page loads should not take excessive time to display except on noisy dialup connections. %ystem should be dev eloped with min response time.

Client and server should connect in minimum time i.e. application response time must be less. *fter connection ac cess time must be minimum. he system should be built on such foundations that the system is easy to extend. It should be built using such design and development practices that it is interoperable by using standard protocols and products. he system availability re&uirement is 'KxL. User must get reply from server which actually has to give reply not from any other server. Client must get proper from any application which he>she is using. If server is busy proxy must reply with uninterrupted communication.

H"d9"# R#6ui#m#nt%(7

he selection of hardware is very important in the existence and  proper working of any software. In the selection of hardware, the size and the capacity re&uirements are also important. he %oftware can be efficiently run on 8entium system with minimum '?@ 35 *3 and =ard disk drive having K ;5 for %erver. 8entium processor 4 'EE 3=M or above *3 Capacity 4 ?('35 =ard !isk 4 K;5 C!)/3 !rive 4 E'=M )o=t9"# R#6ui#m#nt%(7

/ne of the most difficult tasks is that, the selection of the software, once system re&uirement is known is determining whether a particular software  package fits the re&uirements. *fter initial selection further security is needed to determine the desirability of particular software compared with other candidates. his section first summarizes the application re&uirement &uestion and then suggests more detailed comparisons. /perating %ystem 4 NJ>O8>' !atabase %erver 4 %H9 'J 9anguage 4 6*7* '*

/ther ools P echnologies +-rameworkK.

4 3icrosoft 7isual %tudio'(

. Project Scope:-

1umber of services available by category wise %t can be used in college campus %t can be used in huge cloud also. %t provide secured cloud. %n system server side program can be access and can be modied as per as your need and teacher can able to comment on it. 2oad balancing will be provide to avoid any system clash and Dividing the tra3c between servers, data can be sent and received without major delay 4ulti cloud computing service availability 5ttp and 67#8 protocol is used, for two way communication 4inimum response time re9uired when wor"er processor is busy i.e. pro:y server can reply. 6ecret sharing algorithm provides security.

'+

PROPOSED SYSTEM :

 The term multi$clouds! is similar to the terms interclouds! or cloud$ of$clouds! that were introduced by ;u"olic <+*=. These terms suggest that cloud computing should not end with a single cloud. >sing their illustration, a cloudy s"y incorporates di&erent colors and shapes of clouds which leads to di&erent implementations and administrative domains. ?ecent research has focused on the multi$cloud environment <)=,<=,<'0=,<''= which control several clouds and avoids dependency on any one individual cloud. Cachin et al. <''= identify two layers in the multicloud environment@ the bottom layer is the inner$cloud, while the second layer is the inter$cloud. %n the intercloud, the Ayzantine fault tolerance nds its place. Be will rst summarize the previous Ayzantine protocols over the last three Decades. This section will e:plain the recent wor" that has been done in the area of multi clouds. Aessani et al. <= present a virtual storage cloud system called Dep6"y which consists of a combination of di&erent clouds to build a cloud$of$ clouds. The Dep6"y system addresses the availability and the condentiality of data in their storage system by using multi$cloud providers, combining Ayzantine 9uorum system protocols, cryptographic secret sharing and erasure codes <=.

EXSISTING SYSTEM :

?#C6 ?edundant #rray of Cloud 6torage for instance, utilizes ?#%D$li"e techni9ues that are normally used by dis"s and le systems, but for multiple cloud storage. #bu$2ibdeh et al. assume that to avoid vender loc"$in!, distributing a users data among multiple clouds is a helpful '

solution. This replication also decreases the cost of switching providers and o&ers better fault tolerance. Therefore, the storage load will be spread among several providers as a result of the ?#C6 pro:y. 5#%2 5igh #vailability and %ntegrity 2ayer is another e:ample of a protocol that controls multiple clouds. 5#%2 is a distributed cryptographic system that permits a set of servers to ensure that the clients stored data is retrievable and integral. 5#%2 provides a software layer to address availability and integrity of the stored data in an intercloud. Cachin et al. present a design for intercloud storage %C6tore, which is a step closer than ?#C6 and 5#%2 as a dependable service in multiple clouds. Cachin et al. develop theories and protocols to address the C%?C attributes condentiality, integrity, reliability and consistency of the data stored in clouds. #s mentioned before, Aessani et al. present a virtual storage cloud system called Dep6"y consisting of a combination of di&erent clouds to build a cloudof$ clouds. Aessani et al. <= discuss some limitations of the 5#%2 protocol and ?#C6 system when compared with Dep6"y. 5#%2 does not guarantee data condentiality, it needs code e:ecution in their servers, and it does not deal with multiple versions of data. 1one of these limitations are found in Dep6"y , whereas the ?#C6 system di&ers from the Dep6"y system in that it deals with economic failures! and vendor loc"$in and does not address the issue of cloud storage security problems. %n addition, it also does not provide any mechanism to ensure data condentiality or to provide updates of the stored data. Finally, the Dep6"y system presents an e:perimental evaluation with several clouds, which is di&erent from other previous wor" on multi clouds. There are a number of studies on gaining constancy from untrusted clouds. For instance, similar to Dep6"y, Depot improves the Ge:ibility of cloud storage, as 4ahajan et al. believe that cloud storages face many ris"s. 5owever, Depot provides a solution that is cheaper due to using single clouds, but it does not tolerate losses of data and its service availability depends on '-

cloud availability. 7ther wor" which implements services on top of untrusted clouds are studies such as 687?C and ;enus . These studies are di&erent from the Dep6"y system because they consider a single cloud not a cloud$of$clouds. %n addition, they need code e:ecution in their servers. Furthermore, they o&er limited support for the unavailability of cloud services in contrast to Dep6"y.

?

Customers can use cryptographic methods to protect the stored data in the cloud.

? ?

>sing a hash function is a good solution for data integrity.  The loss of availability of service is considered one of the main limitations in cloud computing and it has been addressed by storing the data on several clouds.

?

%f the data is processed from di&erent clients, data encryption cannot ensure privacy in the cloud.

? ?

Cloud can be attac"ed by the Third$party  This system provides a secure storage cloud, but does not provide security of data in the cloud model

Disada!ta"es: '. Cloud providers should address privacy and security issues as a matter of high and urgent priority. (. Dealing with single cloud! providers is becoming less popular with customers due to potential problems such as service availability failure and the possibility that there are malicious insiders in the single cloud.

'