期刊名称:International Journal of Innovative Research in Computer and Communication Engineering
印刷版ISSN:2320-9798
电子版ISSN:2320-9801
出版年度:2017
卷号:5
期号:4
页码:8116
DOI:10.15680/IJIRCCE.2017.0504096
出版社:S&S Publications
摘要:Cloud Computing is evolving and thought of next generation design for computing, generally cloudcomputing could be a combination of computing recourses accessible via net. Traditionally the client or organizationsaccumulate data in data centers with firewall and other safety measures techniques used to guard data against intrudesto access the data. Since the data was confined to data centers in limits of association, the direct over the data was moreand well distinct procedures could be used for access its own data. However in cloud computing, since the data isstored anywhere across the globe, the client organization has less control over the stored data. To built the reliance forthe growth of cloud computing the cloud providers must protect the user data from unauthorized access and disclosure.One modus operandi could be encrypting the data on client side before storing it in cloud storage, however thistechnique has too much burden from client perspective in terms of key administration, continuance viewpoint etc.Other way could be this kind of security service like computing hash of data and verifying truthfulness of data,encryption/decryption service if provided by same cloud storage provider, the data conciliation cannot be ruled outsince same provider has access to both storage and security service. Divide and rule can be one of the techniques,meaning dividing the errands amongst different cloud services providers can benefit the client. A trusted 3rd partycloud provider be used to provide security services, while the other cloud provider would be data storage provider. Thetrusted 3rd party security service provider would not store any data at its end, and its only confined to providingsecurity service. The application or software will provide data integrity verification by using hashing algorithm likeSHA-1, provide encryption/decryption using symmetric algorithm like AES, and defining band of people who canaccess the shared data securely can be achieved by defining access list. The Software is only responsible forencryption/decryption, computing/verifying the hash of the data and does not store any data in trusted 3rd partysecurity system server. The encrypted data along and original data hash are stored in Separate Cloud (Security Cloud),therefore even if the storage cloud system administrator has access user data, since the data is encrypted it will bedifficult for the system administrator to understand the encrypted data. While the user downloads the data from StorageCloud, it is decrypted first and then new hash is calculated which is then compared with hash of original data stored inSecurity Cloud. Finally, this software/application provides the user with the ability to store the encrypted data inStorage cloud and hash and encryption/decryption keys in security cloud service, and no single cloud service providerhas access to both. Other benefit of delegating responsibility to trusted 3rd party is that it reliefs the client from anykind of key management or over head is maintenance of any key information related to data on it device, because ofwhich it allows the client to use any browser enabled devices to access such service.
关键词:Cloud computing; Hash service; encryption and decryption service; data protection and integrity; third;part auditor (TPA).
