Review Article, J Comput Eng Inf Technol Vol: 11 Issue: 5

Securing Data in Cloud

Saumya Kumar^*

Department of computer science and Engineering, Sagar Institute of Research and Technology, Bhopal, Madhya Pradesh, India

*Correspondence to : Saumya Kumar, Department of computer science and Engineering, Sagar Institute of Research and Technology, Bhopal, Madhya Pradesh, India; E-mail: Saumyakumar8935@gmail.com

Received date: 04 April, 2022, Manuscript No. JCEIT-22-51767;

Editor assigned date: 06 April, 2022, PreQC No. JCEIT-22-51767 (PQ);

Reviewed date: 20 April, 2022, QC No. JCEIT-22-51767;

Revised date: 02 June, 2022, Manuscript No. JCEIT-22-51767 (R);

Published date: 14 June, 2022, DOI:10.4172/JCEIT.1000231

Citation: Kumar S (2022) Securing Data in Cloud. J Comput Eng Inf Technol 11:5.

Abstract

Keywords: Data security; Treats; Data protection; Privacy; Cloud computing security; Risks; Cloud computing

Introduction

The term cloud computing come in existence very lately. The simplest definitions from different other are “Cloud Computing is a network solution for providing reliable, inexpensive, simple, and easy provisioning of IT related resources” [1]. The nature of cloud computing is service oriented, the major services provided by cloud are PaaS, SaaS and IaaS [2]. This helps in reducing ownership and infrastructure cost and also helps in providing good performance and flexibility to the user of cloud services [3,4].

The privacy and security of data is of most concern in the use of cloud services [5]. It is most important to ensure privacy, integrity and the protection of the data for cloud. For that very same region many cloud service providers are implementing different mechanism and policies. The mechanism implemented varies with size, type of data and its nature.

Sharing of data among multiple organizations is one of many advantage of using cloud computing. However, at the same time this advantage also poses some risk of data security. To mitigate this risk of data security, protection of repositories where data has been stored is necessary.

The most important question to answer before using cloud storage for the purpose of storing the valuable data is whether we should use private cloud (which is internal to any organization) or use services of public cloud. When data is very much sensitive such as data related to national security or highly confidential data of industry/company etc. Then storing this type of highly sensitive data on public cloud is very much risky so it is recommended to store in private cloud in high security.

Literature Review

Risk in cloud computing

Virtualization: Virtualization technique allows sharing of the physical instance of single machine/system to utilize by multiple virtual instances. To run guest operating system as VM we require hypervisor. It is one of the fundamental part of cloud computing [6,7]. It also introduces some risk to the cloud computing data. For example one major risk of hypervisor being compromised, and once hypervisor is under control of attacker then whole system and all the data stored in the cloud is exposed to attacker (Figure 1) [8].

Other risk which is associated with virtualization is allocation and its deal location of the resources [9,10]. It occurs when one VM during operation writes some data to the memory and once operation is done same memory space is allocated to other VM without clearing the memory then this leads to the exposer of data to undesirable person which poses a get threat data confidentiality [11]. A solution of this issue is that before de-allocating resource from one VM allocated memory should be cleared.

Multitenancy: Term multitenancy refers to the shared access or shared use of same computing resources like Storage, CPU and memory etc [12]. As same resource is being used or shared by different users it poses some short of threat and in this threat all user comes between whom resource is being shared.

In this situation always there is a risk on privacy of data means anyone's data can leak to different user [13]. It can be very much risky because single fault can allow access to all data to another user or attacker. These issues should be handled by using proper authentication of any user who tries to access the data. Different techniques can be used for authentication of the user to avoid this issue [14].

Public cloud storage: Storing your important data on cloud is also a security issue. Generally storage facilities implemented on cloud to store data are centralized system, which is very interesting target for attacker. Resource used for storing data includes both combination of software and hardware, and it is very much complicated. Any instance configuration can cause data exposer and data breach [15]. To avoid this kind of data breach it is advised to use private cloud for very important and sensitive data if possible.

Securing cloud

Securing data in clouds involves not only data encryption rather it depends on the cloud service model PaaS, SaaS and IaaS.

Data in cloud remain normally in two states which require security.

Data at rest: Data at Rest also known as static data which includes data which is stored in cloud or data which is accessed through internet. Some of the data which come under this categories are live data, backup data etc. This kind of data is very difficult to protect. If private cloud is not in use for this kind of data then we do not have any kind of physical control. This kind of issue is mitigated by storing the data in private cloud and applying good access control.

Data in transit: Transiting Data also known as Data in Transit which includes data which is moving either from the cloud or to the cloud, it also includes the data on which computation is going on. The data can be stored in any database or file on cloud and can be fetched from different location. Data in transit poses greater risk then data at rest. It is mainly due to the fact that it has to travel between two locations through the unsecured network. There are multiple ways to eavesdrop the packet which is flowing through the network. Also it is possible to make change in the data travelling through the network [16]. This way it poses a great risk of confidentiality and integrity of data. One of the most effective ways to protect transiting data is use of encryption (Figure 2).

Security problems

Before you begin to format your paper, first write and save the content as a separate text file. Complete all content a

Failure of isolation: Multi-tenancy feature or sharing of IT resources of cloud-computing poses some risk to the confidentiality of data [17]. Multi- tenancy helps in minimizing of requirement of separate storage. This feature can also cause different types of attacks such as guest hopping attack etc.

Deletion of incomplete or insecure data: In a situation when a client wants to delete any particular data either completely or partially, in such scenario a question arises that is it possible that the desired data or part of it can be deleted accurately [18].

Data interception: In traditional computing data remain at local system and process of computation is being done locally on that data but in case of cloud computing data remain in transit for quite a long time. This way it makes data vulnerable to different attacks and poses great risk on data. It makes our data available for different attacks particularly sniffing, spoofing and other third party attacks, man in the middle attack and reply attack [19].

Using encryption for protecting data

Encryption involves the encoding of the data or message such a way that data or message can only be accessed by authorized parties. The technique used for encrypting static data or data at rest is very much different from the technique used for encrypting transiting data. For examples, encryption keys for the static data is same for longer time period whereas for transiting data encryption key is very short-lived (Figure 3).

Now a days different encryption technique are being used each technique has its own positive points as well as negative points. It is totally dependent upon administrator that which encryption algorithm he/she will use. Cryptography technique has improved the level of protection of data and it has also helped in assuring the authentication, integrity and availability of data. In simple cryptography, plaintext or normal text is encrypted using key known as encryption key and after encryption the encrypted text is known as cipher text and it is then sent over network and then at receiving end cipher text is again converted to plaintext using key known as decryption key [20]. This encryption key and decryption key may or may not be same depending upon the type of encryption algorithm being used.

Stream cipher: As name suggest stream cipher is a technique in plaintext is converted into cipher text bit by bit means in stream cipher each bit is encrypted one at a time, encryption algorithm is applied on stream of bits.

If we try to differentiate performance wise then stream cipher is faster than block cipher [21,22]. The region behind the stream cipher being faster than block cipher is because of having low hardware complexity (Figure 4). But if it is not used properly then this can be vulnerable to different security problems.

Each bit in stream cipher is encrypted using encryption key. Once encrypted then bit by bit decryption is done on the resultant cipher text and decryption key is used while decryption process.

Block cipher: Block Cipher is symmetric key encryption technique and it uses deterministic algorithm. Symmetric key encryption means using same key for encrypting plaintext to cipher text and again for decrypting it. Instead of encrypting single bit at a time like in Stream cipher it encrypts fixed length group of bits at a time. Initially plaintext is segmented into block of fixed size; generally it is of 64 bits (Figure 5). Then encryption is applied on each block one by one [21].

In Block cipher encryption of similar blocks is not done same way. The cipher text generated from the encryption of previous block is used for next block and it goes on.

Hash Function: The Hash Function is pure mathematical function which is used for the conversion of any text into a string containing alphanumeric values. Generally the generated hash value which is in form of alphanumeric character is of fixed length. Also the generated hash value should never be same for any two input text. If there is only minor difference in two input text, then also the hash value of both the input can differ greatly when compared.

The choice hash function depends upon where it is being used. It can be much simplest like shown below in equation (1) to very much complex like hash function used to store passwords (Figure 6).

Hash function is also known as message digest. It is due to the fact that hash function is non-reversible which means once the hash value is generated from the string then we cannot retrieve the string back from hash value. So it is only one way process.

Conclusion

Use of cloud-computing is increasing day by day. Now days almost every person having smart phones uses cloud in one way or another. Major use of cloud services in the field of data storage. Almost everyone store some short of data on cloud to access it from any corner of the world. So that much amount of data is stored on cloud it also attracts the attacker. Which make the data stored in cloud is at risk. My focus in the paper is about the security threats and risk to the data which is stored in cloud and also given some overview about different security concern. Also we try to put forward some of the solution of threat to cloud computing. This paper also give some overview about the stream cipher, block cipher and about hash function. These are some of the technique which is used in cloud for purpose of authentication of user and encryption of data either in transit or at rest.

References

1. Srinivas J, Reddy K, Qyser A (2011) "Cloud Computing Basics." Build Infrastruct Cloud Secur 1:3-22.
2. Dikaiakos MD, Katsaros D, Mehra P (2009) Cloud Computing: Distributed Internet Computing for IT and Scientific Research. IEEE Internet Computing 13:10-13.

   [Crossref] [Google Scholar].

3. Vouk MA (2008) "Cloud computing-Issues, research and implementations." Proc Int Conf Inf Technol Interfaces ITI 16:31-40.

   [Crossref] [Google Scholar].

4. Wooley PS (2011) "Identifying Cloud Computing SecurityRisks." Contin Educ 1277.

   [Google Scholar].

5. Alharthi A, Yahya F, Walters RJ, Wills GB (2015) "An Overview of Cloud Services Adoption Challengesin Higher Education Institutions."

   [Google Scholar].

6. Subashini S, Kavitha V (2011) "A survey on security issues in service delivery models of cloud computing." J Netw Comput Appl 34(1):1-11.

   [Crossref] [Google Scholar].

7. Zhang F, Chen H (2012) "Security-Preserving Live Migration of Virtual Machines in the Cloud." J Netw Syst Manag 562-587.

   [Crossref] [Google Scholar].

8. Hu J, Klein A (2009) "A benchmark of transparent data encryption for migration of web applications in the cloud." 8th IEEE Int Symp Dependable, Auton Secur Comput DASC 735-740.

   [Crossref] [Google Scholar].

9. Winkler VJ (2011) "Securing the Cloud." Cloud Comput Secur Tech tactics. 1st Edition
10. Sabahi F (2011) "Virtualization-level security in cloud computing." 2011 IEEE 3rd Int Conf Commun Softw Networks:250-254.

    [Crossref] [Google Scholar].

11. Rodero-Merino L, Vaquero LM, Caron E, Muresan A, Desprez F (2012) "Building safe PaaS clouds: A survey on security in multitenant software platforms." Comput Secur 31(1):96-108.

    [Crossref] [Google Scholar].

12. Khan AU, Oriol M, Kiran M, Jiang M, Djemame K (2012) "Security risks and their management in cloud computing." 4th IEEE Int Conf Cloud Comput Technol Sci Proc: 121-128.

    [Crossref] [Google Scholar].

13. Mather T, Kumaraswamy S, Latif S (2009) "Cloud Security and Privacy." Oreilly

    [Crossref] [Google Scholar].

14. Cloud Security Alliance (2013) "The Notorious Nine. Cloud Computing Top Threats in 2013." Security1-14.
15. Yahya F, Chang V, Walters J, Wills B (2014) "Security Challenges in Cloud Storage." 1-6.

    [Crossref] [Google Scholar].

16. Albugmi, Ahmed, Alassafi, Madini, Walters (2016) Data Security in Cloud Computing. Fifth International Conference on Future Generation Communication Technologies (FGCT) 55-59,

    [Crossref] [Googlscholar].

17. Ion I, Sachdeva N, Kumaraguru P, Ä?apkun S (2011) Home is safer than the cloud!: privacy concerns for consumer cloud storage. In Proceedings of the Seventh Symposium on Usable Privacy and Security ACM

    [Crossref] [Google Scholar].

18. Lipinski TA (2013) Click Here to Cloud: End User Issues in Cloud Computing Terms of Service Agreements. Springer Berlin Heidelberg. In International Symposium on Information Management in a Changing World 92-111.

    [Crossref] [Google Scholar].

19. Gope P, Hwang T (2015) "Untraceable Sensor Movement in Distributed IoT Infrastructure." IEEE Sens J 15(9):5340-5348.

    [Crossref] [Google Scholar].

20. Qian H, He J, Zhou Y, Li Z (2010) "Cryptanalysis and improvement of a block cipher based on multiple chaotic systems." Math Probl Eng:7-9.

    [Crossref] [Google Scholar].

21. Ruhma T, Javed MY, Cheema AR (2008) Rabbit-MAC:Lightweight Authenticated Encryption in Wireless Sensor Networks.International Conference on Information and Automation 573-577

    [Crossref] [Google Scholar].

22. Tiwari, Harshvardhan (2017) Merkle-Damgard Construction Method and Alternatives: A Review. J Inf Organ Sci 41: 283-304

    [Google Scholar].