Anda di halaman 1dari 8

ABSTRACT:

The use of cloud computing has increased rapidly in many


organizations. Cloud computing provides many benefits in terms of
low cost and accessibility of data. Ensuring the security of cloud
computing is a major factor in the cloud computing environment,
as users often store sensitive information with cloud storage
providers but these providers may be untrusted. Dealing with
single cloud providers is predicted to become less popular with
customers due to risks of service availability failure and the
possibility of malicious insiders in the single cloud. A movement
towards multi-clouds, or in other words, inter-clouds or cloudof-clouds has emerged recently. This paper surveys recent
research related to single and multi-cloud security and addresses
possible solutions. It is found that the research into the use of
multi-cloud providers to maintain security has received less
attention from the research community than has the use of single
clouds. This work aims to promote the use of multi-clouds due to its
ability to reduce security risks that affect the cloud computing user.
Depsky architecture to implement the multi-cloud system helps to
provide Confidentiality as well as Integrity along with protection
to phishing attacks.
We propose VCS based scheme to protect the multi-cloud system
from phishing attack. In this scheme user can easily detect the
phishing sites.

1. INTRODUCTION:
1.1

BACKGROUND:
NIST [1] describes cloud computing as a model for enabling
convenient, on-demand network access to a shared pool of
configurable computing resources (e.g., networks, servers,
storage, applications, and services) that can be rapidly
1

provisioned and released with minimal management effort or


service provider interaction.
In literature of security, to protect from phishing attacks
attribute based schemes are used. But false positive rate of
these methods is higher, so we propose new VCS based antiphishing framework.
1.2

AIM AND OBJECTIVE:

The use of cloud computing has increased rapidly in many


organizations. Cloud computing provides many benefits in terms of
low cost and accessibility of data. Ensuring the security of cloud
computing is a major factor in the cloud computing environment,
as users often store sensitive information with cloud storage
providers but these providers may be untrusted. Dealing with
single cloud providers is predicted to become less popular with
customers due to risks of service availability failure and the
possibility of malicious insiders in the single cloud. A movement
towards multi-clouds, or in other words, interclouds or cloudof-clouds has emerged recently. This paper surveys recent
research related to single and multi-cloud and addresses possible
solutions. It is found that the research into the use of multi-cloud
providers to maintain security has received less attention from the
research community than has the use of single clouds. This work
aims to promote the use of multi-clouds due to its ability to reduce
security risks that affect the cloud computing user.
While making a cloud secure, the following objectives are to be
met:
1) Understanding the cloud computing environment provided by
the cloud service provider.
2) The cloud computing solution should meet the basic security and
privacy requirements of any firm deploying it.
3) Maintain an account of the privacy of the cloud and data security
and applications that are deployed in cloud computing
environment.
4) Data Integrity.
5) Service Availability.
6) The user runs customer applications using the service providers
resources

1.2

PROPOSED WORK:

This paper focuses on the issues related to the data security aspect
of cloud computing. As data and information will be shared with a
third party, cloud computing users want to avoid an untrusted
cloud provider. Protecting private and important information, such
as credit card details or a patients medical records from attackers
or malicious insiders is of critical importance. In addition, the
potential for migration from a single cloud to a multi-cloud
environment is examined and research related to security issues in
single and multi-clouds in cloud Computing are surveyed.

2. PROPOSED SYSTEM:
3.1 PROPOSED APPROACH:
In this system we are uploading the file onto the different
public cloud which maintains the integrity confidentiality
and security of uploaded files on cloud. We use MD5
algorithm for computing the hash value (digital signature)
of files before upload. After that we apply our main
algorithm which divides files into different shares and
each share contains unreadable text format and that will
be uploaded to each cloud.
At download time we can choose any of the 3 clouds and
that file will be reconstructed.

3.2 PROPOSED ARCHITECTURE:


3.2.1 User Registration Process:

3.2.2 User Login Process:

3.2.3 Multicloud Architecture for Data Security:

4 Tools/ Software Required:


4.1

Microsoft Visual Studio 2010

4.2

Microsoft SQL Server 2008

4.3

Windows Azure & Other Cloud FTP Accounts

4.4

File Zilla ftp client to view files on cloud spaces.

5 Algorithms Used:
5.1 Visual Cryptography Scheme
5.1.1 Share Creation Algorithm
5.1.2 Share Re-Construction Algorithm
5.2

Dynamic Captcha Creation

5.3

MD5

5.4

Shamirs Secrete Sharing:

5.4.1 Creating Shares


5.4.2 Re-Construction
6 Modules of Project:
6.1

User Registration:

6.1.1 VCS Share Generation


6.1.2 Share Download to User
6.1.3 Saving user login credentials to server
6.2

User Login:

6.2.1 VCS Share Re-Construction


6.2.2 Authenticate User
6.3

File Upload Module:

6.3.1 Create shares using Shamirs Secrete Sharing


6

6.3.2 Calculate MD5 signature for original file


6.3.3 Store log for file-upload
6.3.4 Upload all shares
6.4

File Download:

6.4.1 Shares re-construction


6.4.2 Check for integrity of file
6.4.3 Download if correctly matching MD5 signatures
otherwise warn user regarding malicious content.

6.5

User log:

6.5.1 View User Upload & Download Logs


6.6

Cloud Configuration Module:

6.6.1 Configure login credentials for cloud FTP api for


file transfer on cloud servers.

7 REFERENCES:
[1] I. Abraham, G. Chockler, I. Keidar and D. Malkhi, "Byzantine disk
paxos: optimal resilience with Byzantine shared memory",
Distributed Computing, 18(5), 2006, pp. 387-408.
[2] H. Abu-Libdeh, L. Princehouse and H. Weatherspoon, "RACS: a
case for cloud storage diversity", SoCC'10:Proc. 1st ACM
symposium on Cloud computing, 2010, pp. 229-240.
[3] D. Agrawal, A. El Abbadi, F. Emekci and A. Metwally, "Database
Management as a Service: Challenges and Opportunities",
ICDE'09:Proc.25thIntl. Conf. on Data Engineering, 2009, pp. 17091716.
[4] M.A. AlZain and E. Pardede, "Using Multi Shares for Ensuring
Privacy in Database-as-a-Service", 44th Hawaii Intl. Conf. on
System Sciences (HICSS), 2011, pp. 1-9.
[5] Amazon, Amazon Web Services. Web services licensing
agreement, October3,2006.
[6] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z.
Peterson and D. Song, "Provable possession at untrusted stores",
Proc. 14th ACM Conf. on Computer and communications security,
2007, pp. 598-609.
7

[7] A. Bessani, M. Correia, B. Quaresma, F. Andr and P. Sousa,


"DepSky: dependable and secure storage in a cloud-of-clouds",
EuroSys'11:Proc. 6thConf. on Computer systems, 2011, pp. 31-46.
[8] K. Birman, G. Chockler and R. van Renesse,"Toward a cloud
computing research agenda", SIGACT News, 40, 2009, pp. 68-80.
[9] K.D. Bowers, A. Juels and A. Oprea, "HAIL: A high-availability
and integrity layer for cloud storage", CCS'09: Proc. 16th ACM
Conf. onComputer and communications security, 2009, pp.187-198.
[10] C. Cachin, R. Haas and M. Vukolic, "Dependable storage in the
Intercloud", Research Report RZ,
3783, 2010.
[11] C. Cachin, I. Keidar and A. Shraer, "Trusting the cloud", ACM
SIGACT News, 40, 2009, pp. 81-86.
[12] C. Cachin and S. Tessaro, "Optimal resilience for erasure-coded
Byzantine distributed storage", DISC:Proc. 19thIntl.Conf. on
Distributed Computing, 2005, pp. 497-498.
[13] M. Castro and B. Liskov, "Practical Byzantine fault tolerance",
Operating Systems Review, 33, 1998, pp. 173-186.