International Journal of Advance Foundation and Research in Computer (IJAFRC)

Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$

1 ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*

-ffective .istri/uted Accounta/ilit0 For .ata "harin* In
Cloud
Mr. Bhole R. H. ,Prof.Pakle G.K.
Department of Information Technology SGGSE&T i!hn"p"ri #an$e$.
rah"lh%hole&gmail.com ' g.pakle&gmail.com

A 1 " 2 R A C 2
In the Internet +orldCloud computin* is the ne3t developmentsta*e +hich +ill provide the
services that are re4uired for ever0thin* from computational po+er to computational
infrastructure, /usiness processes, applications to personal colla/oration can /e delivered to 0ou
+henever and +herever 0ou +ant!5rivac0 protection techni4ues onl0 focusin* on controllin* the
cloud environment, that6s +h0research is needed in the area of accounta/ilit0 and auditin*! 2his
paper represents a frame+or7 for distri/uted accounta/ilit0 and auditin* +hich is used to
protect user6s data as +ell as monitor the actual usa*e of data provided throu*h cloud services! In
order to control the usa*e of data distri/uted auditin* mechanism is follo+ed and information of
the user is collected simultaneousl0!

Inde3 2erm8 Cloud computin*, auditin*, data sharin*, accounta/ilit0

I! I#2R9.:C2I9#

(lo"$ comp"ting i! the !oft)are application )hich )ill pro*i$e $ata !torage capa%ility an$ acce!! o*er
the internet. (lo"$ comp"ting i! the ne+t generation technology )hich )ill $ynamically $eli*er!
information' re!o"rce!' capa%ilitie! an$re!o"rce! a! a !er*ice! o*er the Internet. There are three %"il$ing
%lock! of clo"$ comp"ting' !oft)are a! a !er*ice ,SaaS-'platform a! a !er*ice ,PaaS- an$ Infra!tr"ct"re a!
a !er*ice ,Iaa!-. .ll the!e allo) "!er to r"n application! an$ to !tore $ata online. Each offer! $ifferent
le*el! of "!er fle+i%ility an$ control.
SaaS allo)! "!er to r"n e+i!ting online application!' PaaS allo)! to create their o)n clo"$ application!
"!ing tool! an$ lang"age!' an$ Iaa! allo)! to r"n any application they plea!e on clo"$ har$)are of their
o)n choice. (lo"$ comp"ting ha! follo)ing attri%"te!/

0. Ser*ice1%a!e$
2. Scala%le
3. Share$
4. Metere$ %y "!e
5. irt"ali6e$ re!o"rce!

.! per to$ay! "!e of comp"ter an$ internet thi! clo"$ )ill pro*i$e the acce!! to lo)1co!t' "ltra
light)eight $e*ice! an$ ine+pen!i*e' han$hel$ $e*ice! )hich are %"ilt %a!e$ on Google7! (hrome
8perating Sy!tem or on Google7! .n$roi$.9hile !ome intro$"ctory %ook! a%o"t (lo"$ (omp"ting ha*e
%een $e!cri%ing ho) to "!e the clo"$ comp"ting !er*ice! pro*i$e$ %y !e*eral !ite! !"ch a! Google an$
.ma6on' there are fe) %ook! )hich )ill concentrate on the *en$or!' enterpri!e! an$ !er*ice! they
pro*i$e.

There are three key %enefit! of clo"$ comp"ting/
0. Spee$ an$ Time to market.
International Journal of Advance Foundation and Research in Computer (IJAFRC)
Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$
2 ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*

2. :ree "p yo"r IT !taff to $o more *al"a%le )ork.
3. ;o)er yo"r co!t!.

Fi*ure 1! Cloud Computin* Architecture

Pri*acy play! an important role to pro*i$e right!thro"ghmany techni<"e! )hich are propo!e$ "n$er
$ifferent !y!tem! an$ !ec"rity mo$el!. Data can %e o"t!o"rce$ %y the $irect clo"$ !er*ice pro*i$er ,(SP-
to other !y!tem! in the clo"$ an$ the!e !y!tem! can al!o allocate the ta!k of $ata management to other!'
an$ !o on. Being fle+i%le in nat"re "!er! are allo)e$ to =oin an$ lea*e clo"$ on their )i!h. So the $ata
han$ling take! place thro"gh a comple+ an$ $ynamic hierarchical !er*ice chain )hich $oe! not e+i!t in
con*entional en*ironment!.

II! R-;A2-. <9R=
Sec"rity play! a *ital role in clo"$ comp"ting' there are many techni<"e! are a*aila%le for applying the
!ec"rity policy/
i. Denyfrom the !toring of !en!iti*e information in the clo"$.
ii. (aref"lly rea$ o"t the "!er agreement policy to fin$ o"t ho) yo"r clo"$ !er*ice !torage )ill )ork.
iii. Encryption
i*. >!e an encrypte$ clo"$ !er*ice.

In paper ?0@' the a"thor! ha*e propo!e$ an agent1%a!e$ !y!tem' )hich relate$ to gri$ comp"ting. The
!oft)are agent follo)! $i!tri%"te$ =o%!' along )ith the re!o"rce con!"mption at local machine!.
.cco"nta%ility policyi! relate$ to o"r!' %"t it i! foc"!e$ on re!o"rce con!"mption an$ on tracking of !"%
=o%! proce!!e$ at m"ltiple comp"ting no$e!' rather than acce!! control.In paper ?2@' the a"thor! propo!e
a"tomatic logging mechani!m in the clo"$ !y!tem. .! per o"r kno)le$ge' thi! i! the fir!t time a
!y!tematic approach to $ata acco"nta%ility thro"gh the no*el "!age of A.R file! i! propo!e$. Their
propo!e$ architect"re i! platform in$epen$ent an$ highly $ecentrali6e$' )hich $oe! not re<"ire any
$e$icate$ a"thentication or !torage !y!tem in place %"t here m"ltiple =ar file! take! lot of time to e+ec"te.
In ?3@' the a"thor! e+plain their !cheme of a"$iting an$ !"pport the %atch a"$iting for m"ltiple o)ner!.
D"e to the large n"m%er of $ata tag!' their a"$iting protocol! may inc"r a %"lky !torage o*erhea$ on the
!er*er. Sahai an$ 9ater! ?4@ a! a ne) metho$ for f"66y i$entity1%a!e$ encryption fir!t intro$"ce$ the
notion of .BE. The primary $ra)%ack of the !cheme in ?4@ i! that lack! of e+pre!!i%ility. Some ofthe
effort! follo)e$ in the literat"re to try to !ol*e the e+pre!!i%ility pro%lem. In the .BE !cheme' cipherte+t!
International Journal of Advance Foundation and Research in Computer (IJAFRC)
Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$
$ ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*

are not encrypte$ to one partic"lar "!er a! in tra$itional )ay of p"%lic key cryptography. Rather' %oth
cipherte+t! & "!er! $ecryption key! are a!!ociate$ )ith a !et of attri%"te! or a policy o*er attri%"te!.
>!er i! a%le to $ecrypt a cipherte+t only if there i! a match %et)een hi! $ecryption key an$ the
cipherte+t..BE !cheme! are cla!!ifie$ into key1policy attri%"te%a!e$ encryption ,KP1.BE- an$
cipherte+t1policy attri%"te1 %a!e$ encryption ,(P1.BE-' $epen$ing ho) attri%"te! an$ policy are
a!!ociate$ )ith cipherte+t! an$ "!er!7 $ecryption key! ?5@.

III! .I"2RI1:2-. ACC9:#2A1I;I2> A#. A:.I2I#?
(lo"$ comp"ting o*er the internet )ill pro*i$e the !er*ice! to m"ltiple e+ternal c"!tomer! %y mean! of
re!o"rce! are !tore$' !cale$ IT relate$ capa%ilitie! an$ are %ille$ an$ there i! acon!i$era%le gro)th in the
"!age of thi! !er*ice. .ma6on i! the lea$er in the fiel$ of clo"$ comp"ting. It m"!t nee$ to $efine )hat i!
mean %y acco"nta%ility.

A. What is accountability?
.cco"nta%ility i! the term ha*ing *ariety of $ifferent meaning! )ithin an$acro!! the $i!cipline!. :or
e+ample' in comp"ter !cience' the term acco"nta%ility ha! %een "!e$ for to refer to an impreci!e
re<"irement that i met %y reporting an$ a"$iting mechani!m!.
.cco"nta%ility i! the management of"!a%ility'integrity' a*aila%ility an$ !ec"rity of the $ata "!e$' !tore$'
or proce!!e$ )ithin the organi6ation. Protectionacce!! ha*e affecte$ %y p"%lic la)' reg"lation! an$ r"le!
an$ premi!e$ "poncomman$ an$ control o*er the reg"latory !trategie!..cco"nta%ility i! in o"r !en!e'
)hich )ill %e achie*e$ *ia a com%ination of pri*ate an$ p"%licacco"nta%ility ?B@ ?C@.

B. Benefits of accountability
Tran!parency in clo"$ comp"ting i! important for legal an$ reg"latory rea!on!' an$ al!o to a*oi$
*iolation of !ocial norm!. The corporate "!er pro*i$e! tran!parency an$ a!!"rance to the client %y their
pri*acy policy' )hile re<"iring the !imilar a!!"rance! from the Ser*ice Pro*i$er! thro"gh contract"al
mea!"re! an$ a"$it!.
.cco"nta%ility help! to"!er7! tr"!t)orthine!!. 9hen it i! not clear to in$i*i$"al' !o )hy their !ec"re
pri*ateinformation i! re<"e!te$ an$ %y )hom it )ill %e proce!!e$' thi! lack of control )ill lea$to
)arine!!. There are al!o !ome !ec"rity1relate$ concern! a%o"t )hether $ata in the clo"$ )ill protecte$.

IV! C;9:. I#F9R@A2I9# ACC9:#2A1I;I2>
(I. frame)ork repre!ente$ in thi! paper !ol*e! a%o*e pro%lem! an$ f"lfillall re<"irement.

A. Major components
There are t)o ma=or component! of (I. are pre!ent' fir!t i! logger' an$ !econ$ i! logharmoni6er. The
$ata can %e $o)nloa$e$ %y "!ing logger' )hen c"!tomer re<"ire! the $ata an$ it)ill %e pro*i$e$ %y
clo"$ !er*ice pro*i$er. ;ogger keep! track of each copy of all "!er $ata an$maintain! logging acce!! to
that copy. ;og harmoni6er! re!pon!i%ility i! to allo) "!er!to acce!! the log file! create$ %y logger. ;og
harmoni6er i! the central !y!tem )hich connect! all logger! together.

B. Data flow
Ba!e$ on Encryption algorithm' each "!er create! a pair of p"%lic an$ pri*ate key!. By "!ingthe!e key!'
the "!er )ill create a logger )hich i! a A.R file )hich !tore! it! $ata item!. R"le! go*erning acce!! control
International Journal of Advance Foundation and Research in Computer (IJAFRC)
Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$
4 ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*

of the $ata i! kept in A.R file. It manip"late! the "!er7! $ata %y the !takehol$er! in the clo"$. 8nly
recogni6e$ "!er! can ha*e acce!! to the $ata.

Fi*ure 28 CIA Frame+or7

Then' the A.R file i! gi*en to (SP accor$ing to )hich he ha! to )ork. To a"thenticate thi! A.R file! (SP
"!e! the certificate! from the tr"!te$ thir$ party. 9hen a"thentication i! $one clo"$ !er*ice pro*i$er )ill
gi*e acce!! to c"!tomer of the "!erafter the completing !"%!cription of the "!er7! !er*ice. A.R get!
$o)nloa$e$ at c"!tomer! place..ccor$ing to the acce!! control r"le! )hich are !et $"ring creation of A.R
it keep! track of "!agean$ maintain logging. A.R )ill generate a log recor$a"tomatically )hen there i!
acce!! to "!er7! $ata. The log! are !tore$ along A.R an$ encrypte$ "!ing p"%lic key to a*oi$ "na"thori6e$
acce!! tothe log. :or all A.R file! "!er can gi*e !ame pair of key' an$ al!o can "!e $ifferent pair of key!.
(orrection can %e $one %y the log harmoni6er if any error i! occ"rre$ $"ring log creation. . "!er can
*erify the log %y $ecrypting the A.R %y hi! pri*ate key' an$ al!o a"$iting i! $one %y the logharmoni6er.

V! F:2:R- "C95-
In the f"t"re' )e plan to refine my approach to *erify the integrity of the ARE an$ the a"thentication of
A.R!. :or e+ample' )e )ill in*e!tigate )hether it i! po!!i%le to le*erage the notion of a !ec"rity. Thi!
re!earch i! aime$ at pro*i$ing !oft)are tamper re!i!tance to Aa*a application!. In the long term' )e plan
to $e!ign a comprehen!i*e an$ more generic o%=ect1oriente$ approach to facilitate a"tonomo"!
protection of tra*eling content. 9e )o"l$ like to !"pport a *ariety of !ec"rity policie!' like in$e+ing
policie! for te+t file!' "!age control for e+ec"ta%le' an$ generic acco"nta%ility an$ pro*enance control!.

VI! C9#C:;"I9#
In f"t"re' )e )o"l$ like to enhance a clo"$' on )hich )e )ill in!tall ARE an$ AM' to $o the *ali$ation of
A.R. Refine to enhance the protection of acc"m"late$ $ata an$ to re$"ce log recor$ generation time.
VII! R-F-R-#C-"

?0@ 9. ;ee' .. (in6iaS<"icciarini' an$ E. Bertino' DThe De!ign an$ E*al"ation of .cco"nta%le Gri$
(omp"ting Sy!temE.

?2@ Smitha S"n$are!)aran' .nna (. S<"icciarini an$ Dan ;in' FEn!"ring Di!tri%"te$ .cco"nta%ility for
Data Sharing in the (lo"$'F' IEEE Tran!action on $epen$a%le a !ec"re comp"ting' 8;. G' #8. 4' pg
55B15BH' 2I02.

International Journal of Advance Foundation and Research in Computer (IJAFRC)
Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$
' ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*

?3@ (.9ang' J. 9ang' K. Ren' an$ 9. ;o"' DPri*acy1pre!er*ing p"%lic a"$iting for $ata !torage !ec"rity
in clo"$ comp"ting'E in I#:8(8M. IEEE' 2I0I' pp. 525K533.

?4@ .. Sahai an$ B. 9ater!' D:"66y i$entity %a!e$ encryption'E in Proc..c*ance! in (ryptologyL
E"rocrypt' 2II5.

?5@ Mhig"o9an' A"n7e;i"'Ro%ert H. Deng' EH.SBE/ . Hierarchical .ttri%"te1Ba!e$ Sol"tion for fle+i%le
an$ Scala%le .cce!! (ontrol in (lo"$ (omp"tingE

?B@ B. (h"n an$ ..(. Ba*ier' DDecentrali6e$ Tr"!t Management an$ .cco"nta%ility in :e$erate$
Sy!tem!'E Proc. Ann. Hawaii Intl !onf."ystem "ciences #HI!""$' 2II4.

?C@ P.T. Aaeger' A. ;in' an$ A.M. Grime!' D(lo"$ (omp"ting an$ Information Policy/ (omp"ting in a Policy
(lo"$NE %. Information &echnolo'y an( Politics' *ol. 5' no. 3' pp. 2BG12H3' 2IIG