Security is one of the most concerned areas in
the cloud computing. Achieving security in cloud
environment is not a straight forward task as it requires
different level approach. Security in Cloud Environment
consists of data level and system level security. Data level
security deals with the unauthorized access to the data over
cloud while system level security deals with unauthorized
intrusion into the cloud environment by an external entity.
Data level security sees to it that the users of the cloud
should be provided with the access to the data based on
individual’s role while System level security ensures that no
external or third party user accesses the cloud system to
pose threat to the functioning of the system. We have
proposed the two level approaches by implementing two
modules that take care of each level of security. The data
level system is tackled with a module that performs
encryption and decryption of the data as well as role based
access approach. The system level security is achieved using
a module that performs network intrusion detection and
countermeasure selection for the cloud environment.
Sharvari Pawar : Computer Department, Pune University
Pune, Maharashtra, India
Suresh Rathod : Computer Department, Pune University
Pune, Maharashtra, India
Mandar Mahadeokar : Computer Department, Pune University
Pune, Maharashtra, India
Cloud Computing
Cloud Security
Cryptographic
Techniques
Role-Based Access
In this paper, we have proposed a two level architecture in
which one level deals with data and second with system
security. In data security level, two techniques are used so
as to strengthen security, namely cryptographic algorithm
and role-based access. In system security, if any attacker
tries to down the system, the application traces the
attacker and blocks its IP address.
[1] Luca Ferretti, Michele Colajanni, and Mirco
Marchetti "Distributed, Concurrent, and
Independent Access to Encrypted Cloud Databases",
IEEE transactions on parallel and distributed
systems, VOL. 25, No. 2, February 2014.
[2] Lan Zhou, Vijay Varadharajan, and Michael
Hitchens , "Achieving Secure Role-Based Access
Control on Encrypted Data in Cloud Storage", IEEE
transactions on information forensics and security,
VOL. 8, No.12, December 2013.
[3] Amazon elastic compute cloud web services.
http://aws.amazon.com/ec2.
[4] Netsuite saas portal. http://www.netsuite.com.
[5] Salesforceforce.com platform.
http://developer.force.com.
[6] P. Mahajan, S. Setty, S. Lee, A. Clement, L. Alvisi,
M. Dahlin, and M. Walfish, "Depot: Cloud
Storage with Minimal Trust," ACM Trans.
Computer Systems, vol. 29, no. 4, article 12, 2011.
[7] V. Ganapathy, D. Thomas, T. Feder, H. Garcia-
Molina, and R.Motwani, "Distributing Data for
Secure Database Services," Proc.Fourth ACM Int'l
Workshop Privacy and Anonymity in the
Information Soc., Mar. 2011.
[8] R.A. Popa, C.M.S. Redfield, N. Zeldovich, and H.
Balakrishnan,"CryptDB: Protecting Confidentiality
with Encrypted Query Processing," Proc. 23rd ACM
Symp. Operating Systems Principles,Oct. 2011.
[9] H. Hacigu¨mu¨ S, B. Iyer, C. Li, and S. Mehrotra,
"Executing SQL over Encrypted Data in the
Database-Service-Provider Model,"Proc. ACM
SIGMOD Int'l Conf. Management Data, June 2002.
[10] Sharvari A. Pawar, Suresh B. Rathod "Accessing
the Encrypted Cloud Data in a Simultaneous,
Independent and role-based fashion," IJSR, VOL. 3,
Issue 11, Nov 2014.
[11] Maha TEBAA, Saïd EL HAJJI, Abdellatif EL
GHAZI "Homomorphic Encryption Applied to the
Cloud Computing Security" Proceedings of the
World Congress on Engineering, London, U.K., Vol
1, July 4 - 6, 2012.
[12] A. R Chun-Jen Chung, Pankaj Khatkar, Tianyi Xing,
Jeongkeun Lee. “NICE: Network Intrusion
Detection and Countermeasure Selection in Virtual
Network Systems.” IEEE Transaction on
Dependable and Secure Computing VOL: 10 NO: 4
Year 2013
[13] H.Takabi, J.B.Joshi, and G.Ahn. “Security and
privacy challenges in cloud computing
environments.” IEEE Security and Privacy, vol. 8,
no. 6, pp. 2431, Dec. 2010. .
[14] Z.Duan, P.Chen, F.Sanchez, Y.Dong,
M.Stephenson, and J.Barker. “Detecting spam
zombies by monitoring outgoing messages.” IEEE
Trans. Dependable and Secure Computing, vol. 9,
no. 2, pp. 198210, Apr. 2012. [15] G.Gu, P.Porras, V.Yegneswaran, M.Fong, W.Lee.
“BotHunter: detecting malware infection through
IDS-driven dialog correlation.” Proc. of 16th
USENIX Security Symp. (SS 07), pp. 12:112:16,
Aug. 2007