Data Locations and Security Issues in Cloud Computing

• ANURAG JAIN 
• JITENDRA TAWARI 
• SANDEEP SONI

ABSTRACT-:

Cloud computing is one of today’s most important technology because in this technology cost low, exciting and flexible. It is the most important technology of growing industrial areas. It allows user to access applications, documents etc., that consist location of our own computer or other Internet-connected devices. Data is stored remotely from a location.it can be stored in any location. Within the fast growing of cloud computing technology, Data security becomes more and more important. Cloud Computing offers many benefits to the enterprise there are also many issues as with any new technology. One of the main issues relates to the secure and positive result of customer data in terms of its location, relocation, availability and security .The aim is to provide some useful information and security issues for organizations preparing to migrate to the Cloud to take advantage of this computing technology. In this research paper we have proposedan encryption algorithm to solve data location security issues.

Keywords-:cloud computing, security of data ,data location, internet, data privacy, encryption algorithm.

Introduction

cloud computingrises upthe fieldinanIT. It’sattributedto operation forward as employment up to the information to the cloud based hardware and system .In a cloud computing data are transferred betweenthe clientand the server .now a day cloud

computing recently technology because can store and retrieve the data on the cloud by using remote technology .It’s providing the software platform and framework as a utility. Today all the it companystoreshis data on the cloud .thisfacility given by the cloud provider or cloud owner .so here is require to defend that

data against illegal access and changing .security issue of datacontainsthreepoints.Thesepointsare integrity ,availability and secrecy. secrecy of the data by the using ofcryptography. in a moderndaycryptography is very famous technique.

Data cryptography used to hide of the data in the form of image ,sound, text, video .during the transmission hackers can’t access the our data because he will get only unreadable and meaningless.

the cloud assures low price saving and given the high speed to user. the cloud technology a company quickly expand application where growth and contraction of the basic technology part can be obtained with the high and low of the trade .it can be gotten with the help of cloud supporter. such as Virtualization and grid computing, that permit application dynamically expand on the proper infrastructure.

security service of the cloud -there are some type of service of the cloud to solve the security issue .these service are storage as a service (saas),software as a service(saas),platform as a service (paas),infrastructure as a service(iaas).

(A)storage as A service- the cloud computingallowsa huge space that is probably infinite, and it’s ascending day by day .storage as a service authorizea cloud applicationto measurer besides bound service. Cloud computing technologyis requiredto obtain various needsfor hold the user data and information , add high capacity , stability operation. In this service the user areresponsibleto own data and hold their storage as a cloud trader proposal them the

option of storing their data in the cloud .the user can access the data whenever hewants.due to the hostile character of ­­­­­­­­­­­­­­­the need of the cloud , no one method implement all in all.

(B)software as a service (saas):-software as service is very famous technology. this technology also referred as software offered on requirement . it’s depends on multi-tenant design. software like that customer relation organization .the benefit of SaaS technique that the apps are locally run on your computer . user access can any application by using the cloud technology that user can never own from any browser .the saas technique support his user to increasing application day by day .with the help of saas technology user create and upload own data on the cloud .globally uploading data any one can access .

c. platform as a service:- we are developed the software by tools and libraries given by the cloud. the user manage the software operation and design location. services offered through (PaaS) help the operation of applications exclusive of the cost and complication of buying and organization the basic hardware and software. PaaS services also contain enhancing the application life cycle processes similar to application design, application development, testing and deployment. It provides an communicate with high level of combination. That is largely in arrange to execute and analysis cloud applications. The user does not manage the overall communications but he control deployed applications and their configurations.

Infrastructure as a Service(iaas)

IaaS is a general which an organization outsources the equipment used to maintenance operations such as storage, hardware device, servers and networking components. The service provider keeps the equipment and is answerable for housing, running and maintaining . The customer typically pays on a .

Features and modules of IaaS include:

Efficacy computing service and billing model.

Computerization of organizational tasks.

Forceful scaling.

Desktop virtualization.

Policy-based services.

Internet connectivity.

Security issues:-

Companies are fast moving onto cloud computing because they can currently usage the greatest resources present on the market in the flash of an eye and also decrease their actions’ cost radically. But as more and more information is moved to the cloud computing the security concerns have on-going to develop.

(1). Data breaking is the major security issue. A trained hacker Cando simply and get into a client cross application and get into the client’s private data.

(2). the Wasteful and damaged APIs and boundaries convert easy targets. IT companies that offer cloud services allow third party companies to modify the APIs and familiarize their personal functionality which in drive permits these companies to understand the internal workings of the cloud.

(3). the Denial of Service (DoS) is also a main danger wherein the user is fixed partial or no access to his/her data. Companies now use cloud 24/7 and DoS can source huge increase in cost both for the user and facility provider.

(4).the Connection eavesdropping means that a hacker can scan your online activities and replicate/replay a particular communication to catch into your private data. It can also central to the user to prohibited or uninvited sites

(5).Data loss also is a new issue. A malicious hacker can wash out the data or some usual/man-made adversity can wipe out your data. In such cases having an offline copy is a big benefit. negligence of the service provider also able to direct data loss.

(6). Compatibility between different cloud services is as well an issue. If a client decide to shift from one .cloud to one more the compatibility ensures that here is no loss of data.

(7). Cloud also can be used in wrong purposes i.e. cloud exploitation. Due to the accessibility of most recent technologies on the cloud it can be used for high end calculations which cannot be complete on a normal computer.

(8). Insufficient considerate of cloud technologies can guide to unidentified levels of risk. Companies transfer to cloud because it provides significant reduction in cost but if transfer is complete without proper background knowledge, the problems that happen can be still greater.

(9). Insider theft in the appearance of a present or previous employee, a service provider, etc who is capable to use the data for harmful purposes.

(10). Safe storage of encryption keys as well a problem. still if you are using encryption for improved security, safe maintenance of the key becomes an issue. Who should be the holder of the key? client seems to be alive the response but how diligent and careful can he/she be will choose the security of the data.

The other aspects about the cloud security –

categorize of different type of threats about the cloud security are following

Access The plan of cloud technology to offer information to the customer from several position whenever user wants. because a web technology cloud service enables the customer to access his data from wherever he want .it’s is valid to all the services being given by it. all the user should know that where data is stored. at the any condition client can request to server to delete his data after that the data should be deleted.

command the cloud technology controlling of data is very necessary because if we will not control our data then the other user can access our data. so the controlling of data is able to be seen to a few member of the cloud service provider .this data is defies the stage of control.

fulfilment: the authorities of the we have to need a law of govern to protection of data on the cloud because cloud service can cross several jurisdictions approximately the all world. if any user store his data in other country and its contain sensitive data .this data only whose person which have a authorities to access the data and some set of laws apply on the data .

Data reliability: Data reliability in easy terms means that the data is protected and no one change the data without the use’s agreement .this is a basic need of cloud computing .the reliability of data in a cloud is a very impertinent in a present there are many algorithm design to protection of data.

inspection: with the help of inspection we can check the activities occurrence on the cloud. inspection is a mechanism that keep a log and list actions to help stop infringement.

Privacy Breaches: The cloud service supplier should report to its client about any violate in security. The client has to the correct to know what is incident in his/her space. How does the service provider take care of this.

secrecy: This ensures that the client data is kept secret. privacy is one feature of cloud storage security that will lift question in a ordinary users mind. Cloud as such is a public system and is susceptible to new threats, therefore, privacy is very important.

planned work

in this paper we have planned a structure .with the help of this planned structure we involve a file which is involved securing of data files through file encryption technique. the file whose presentation on the computer will be encrypted technique based on AES algorithm. if user wants to read this file then before the user download the uploaded encrypted after that he can read it.

there are many benefit of AES algorithm . in this algorithm we are using an encryption key used by AES algorithm .the order of this algorithm is 128,192 and 256 bits AES algorithm is also a lot quicker than the RSA. Thus, it’s superior option for safety of data on the cloud .

in an AES algorithm. the proposed system works only when an internet connection accessible.

(1) file upload

there are some steps for the file upload process are clarified in the block.

(a) take on the user name or password from user

• If the user is genuine then connect with the cloud.
• else show the Certification error.

(b) the first user asks to pick file to be uploaded on a cloud .

(C) ask the password from user for the encryption .

(D) sure the password and make a key from this password.

(E interpolate the encryption algorithm .

(F) Upload an file on to the cloud.

(G) ask the user if he wants to delete the file which is uploaded.

• delete the user selected file

(F) after that connection disconnect with the cloud.

stage-1 we have to first check that the user is authentic or not . and after that system will accept the user name or password. if the user name or password is valid the system will be accepted else the username or password and not match the system show error message.

stage-2 in a second stage we will check the cloud is stable because the file uploading in this section. The user will upload the file. which is he wanting.

stage-3 in this stage the user ask the password for encryption process The user is optional to use long passphrases as their passwords. This password is used for creation of a key.

stage-4 this stage is a very important for the system. in this stage generated a key for the encryption technique. we are using AES is a symmetric key algorithm .this key used for encryption or description technology. in this technology generated a key for password to a generated function. We suggest the use of Password Based Key Generation Function. Password Based Key generation Function uses iterations for a password to default checking. this process is called a key exertion. in this stage the system saves the password which is entered once and create a key for encryption.

stage-5 in this stage we are applying Advanced Encryption Standard algorithm . the Advance Encryption Standard algorithm is useful to the simple text to make the secret message text. as a result the user can be rest secure the data protected from the a variety of threats the uploaded is data is encrypted which can be decrypted when the user enters the password which he entered for the period of the encryption process.

stage-6 when the secret message text is created then upload the encrypted file on the cloud and concerned with the removal of the real simple text file from the memory. The option is given by the user to delete the unique file which is uploaded on the cloud. if the user don’t want to delete this file the he has a second option retaining the unique file. We suggest that the unique file should be removed. This ensures that no illegal right to use will be built up to the simple text file stored in the system. The method of file upload can be shown in bellow:

successful uploaded

delete

original file

upload

encryption file

user

encrypted file

(2) download file –there are some stage of file download process describe in this part.

Stage 1– The identity of the user is validation process have in this stage and the collection of files that the user has uploaded on the cloud . The user is ask to choose any one of the files from the record.

stage2- the user is asked for the password during the encryption of the file justification . entered password is complete in another stage. The secret message text file uploaded when the decrypted process will completed by the user and downloaded. the same password entered during the encryption. this is only motive that the password save for the duration of encryption process so the store password is valid. AES algorithm is a symmetric key algorithm so, it wants the same key to encrypt and decrypt the data. This procedure possible only if the same password is entered into the key creator job to make the key.

stage 3- the means of the generated key, the AES algorithm to decrypt the uploaded secret message text.

stage 4 the user Save this decrypted simple text in the user system memory.

stage 5 the user is asked if he needs to remove the secret message text file uploaded on the cloud. If the user chooses to perform, remove the encrypted file from the file.

the user does not desire to download any additional files from the cloud, log out of the user account and after that cut off the recognized link with the cloud. This is the very last stage of the download process.

(A) we first Accept user name and password from the user

• If user is genuine set up connection through the cloud
• Else, show verification error

(B). Ask user to pick file to be downloaded

(C) the user ask to enter a password used for the decryption procedure

(d) verify the legality of this password

• If the entered password is valid, the key is generated.
• Else. show the error message and refuse password

(D) relate the decryption algorithm

(E) Download the file commencing the cloud

(F) the user ask if he wish for to delete the uploaded encrypted data file .

Delete the file from the cloud which is encrypted. if user selects the delete choice (G) and cut off connection through the cloud .

CONCLUSION

Cloud computing is an puzzle anyone can get lost in. But separate like any new technology. the cloud computing is also a double enclosed stop. On one end lies the ability of fast technology, a huge array of applications to use, superficially infinite storage ability. On the other end story various security threats which develop with collective spaces such as break of privacy, impeding of data reliability and non-availability of data. In this paper, we have projected a structure which encrypts a file before it is uploaded on to the cloud. AES (Advanced Encryption Standard) is one of the most secure encryption measures and not many attacks are successful on data which is encrypted using AES. This application solves the problem of most, if not all. the threats that data kept in the cloud faces. We have framework also suggest the use of login id and password to ensure reliable and official access to a user’s data.

Thus, if we used securely, cloud computing offers a user with wonderful profits and overcomes its only disadvantage of security threat.