Ensuring Data Security In Cloud Computing Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

With increasing technology demand for the cloud application is also increasing. Due to this security demands are also increasing. A user can access a cloud services from anywhere and at any time or almost instantly. These features make cloud computing so flexible and prone to risk. Therefore there are possibilities of lacking confidentiality, integrity and authentication among the cloud users. So the key purpose of this research is to investigate cloud securities and build a framework using encryption algorithms to provide data confidentiality, integrity and authentication.

Keywords: Cloud Computing, Data Security, Symmetric Encryption, Public Key Encryption, SHA.


Cloud computing have became very popular in today's world. Since most of the work is done through clouds these days and data is stored in it. So information security has become one of the important issues in cloud computing, because most of the work is done through computerization and data is transferred over the network. Information security is a process of safeguarding information against intentional and malicious attacks to ensure its CIA triad [1] [2]. The CIA triad stands for three major tenets to information security: confidentiality, integrity and availability.

Confidentiality provides prevention from unauthorized usage of sensitive information. Integrity provides accuracy of information by preventing unauthorized modification of data and information.

Availability ensures that information is available whenever it is needed and it also includes prevention from denial of service attack.

Therefore CIA triad is achieved through encryption. Encryption algorithms are applied to data which

provides information security. In encryption plain text or information is encrypted using algorithms and key, turning it into a cipher text which is only

readable to authorized user. Authorized user contained key which decrypt a cipher text into plain text.

Different combination of encryption algorithms can be used to provide information security. A framework had been proposed earlier using AES (block cipher), but when compared to stream cipher algorithms it is less energy efficient and slow[8]. So a new framework is proposed in this paper using RC4 (stream cipher) algorithm.


Sudha, [7] has proposed a simple security network in this paper. They have used cryptographic algorithms to provide data security in cloud computing. A symmetric and asymmetric algorithms are used to prepare a framework. The security issues associated in cloud data storage and have explored many security issues, whenever a data vulnerability is perceived during the storage process a precision verification across the distributed servers are ensured by simultaneous identification of the misbehaving nodes through analysis in term of security malfunctioning, it is proved that their scheme is effective to handle certain failures, malicious data modification attack, and even server colluding attacks [5]. John Harauz et al. [6], escribed the Security Content automation protocol (SCAP) and benefits it can provide with latest cloud computing paradigm with reference to the latest report released by NIST, giving insight as to what SCAP is trying to do, It states that many tools for system security, such as patch management and vulnerability management software, use proprietary formats, nomenclatures, measurements, terminology, and content.


Encryption is the process of encoding a information in such a way that it become unreadable to unauthorized user. Encryption is done by applying encryption algorithms to the plaintext, turning it into cipher text. Encryption key is used by the encryption algorithm which specifies the method of encoding message. Any unauthorized user having a cipher text cannot see the original message. An authorized user can only be able to decode the cipher text to original text using decryption algorithm, which requires a decryption key. Generally secret key is generated by using a key-generation algorithm.

There are two basic types of encryption techniques: Symmetric-key and public-key encryption [3]. In symmetric-key encryption technique, encryption is done through same key. Thus communicating parties must share secret key before communication. In public-key encryption technique, the encryption is done through combination of public key and private key. Thus the encrypted message and key is published for everyone, but it can only be used by the receiving party.

Figure1: Overview of encryption algorithms



RC4 is a stream cipher symmetric key encryption algorithm. It uses a variable key length 1-256 bytes to initialize a state table of 256 bytes. State table is initialized in the form of array. So the array is used for generating pseudo-random bytes and then pseudo-random stream. Thus the pseudo-random stream is XORed with the plain text to generate cipher text.

While initializing the state table there are two 256 bytes array are taken: S-Box and K- box. S-Box contains linear numbers such as S0=0,S1=1,S2=2,…S255=255 and K-Box contained key to be used in repetition to fill the array. The key setup and key generation is performed for every new key to generate a unique key.

Figure 2: Block Diagram of RC4 Key generation Phases

In key set up phase S-Box is modified using pseudo random codes. It uses two counter i and j.

Key Setup phase:


for i from 0 to 255

j = ( j + S[i] + K[i] ) mode 256

swap ( S[i] , S[j] )

end for

Pseudo Random Key Generation Phase:

i = 0

j = 0

ptlen = length( plaintext )

while ( ptlen>0 )

i = ( i+1) mod 256

j = ( j+ S[i] ) mod 256

swap ( S[i], S[j] )

key = S [ ( S[i] + S[j] ) mod 256 ]

output key

ptlen = ptlen-1

end while

Once the pseudo random key is generated then plain text is XORed with it to generate cipher text.

Figure 3: RC4 Working

5.2 SHA

Secure Hash Algorithm uses compression function to convert a arbitrary size message to a fixed size message. Hash function can be applied to any size message and it produces a fixed size message. As compared to other hashing algorithms, it is more secure and easy to compute.

In our framework for the enhanced authentication the message digest or the hash value of the message is generated using secure hash algorithm which is of fixed size. Then the hash value produced is concatenated with the actual encrypted data and digital signature. Later whole concatenated strings are securely encrypted using RSA algorithm i.e. public key of the receiver and then send to the cloud to the requesting recipient. On the receiver side data integrity is checked by the hash value generated by deciphering message and sender authentication is verified.

5.3 RSA

RSA stands for Rivest, Shamir & Adleman of MIT, the one who introduced RSA. RSA is asymmetric public key encryption technique which is based on exponentiation in a finite field over integers modulo a prime numbers. In order to encrypt a message M the sender should have a public key of the receiver, PU={e,n} is the public key which is used to compute the cipher message: C=Me (mod n) has to obtain public key of recipient, where 0≤M<n. At the receiver end recipient uses their private key to decrypt the message, PR={d,n} is the private key which is used to compute the original message: M = Cd (mod n), where M < n.

RSA uses Euler's Theorem: aø(n)mod n = 1 where gcd(a,n)=1 in RSA we have to initially calculate n=p.q such that ø(n)=(p-1)(q-1) one has to carefully chose e & d to be inverses mod ø(n) [7].

Figure 4: RSA key generation


Figure 5: Proposed Hybrid Framework

In this scenario we have considered that interaction of cloud server and cloud client is the initial step. Only a registered cloud client can avail the services of the cloud. So the user has to be registered cloud client, if the user is registered user then only login and password is verified. If the user is new then he needs to register in the cloud server. So the user registers itself and the Certificate Authority generates a certificate for the cloud client. After user login authentication a random string is generated by the server for the client and digital signature is generated by sighing random string with client's private key.

The client can request for the data from the cloud data centers after the user is authenticated by the two step authentication. Then the proposed secure hybrid framework is executed to ensure the information security. The framework uses a symmetric key algorithm for efficiency, confidentiality and simplicity and along with it a public key algorithm for secure key exchange. So the hybrid is constructed with symmetric and asymmetric encryption algorithm for the enhanced framework.

Step 1: Upon successful authentication of the client by server, the data is encrypted using a symmetric (RC4) algorithm to generate cipher text.

Step 2: Data hash code and key hash code is generated using secure hash algorithm. A concatenated string is generated by combining data hash code, key hash code, symmetric key to generate cipher text and cipher text.

Step 3: Then the concatenated string is encrypted with the receivers public key by using RSA algorithm.

Step 4: Apply the reverse process .i.e. the whole string is decrypted at receiver end by the recipient private key and the required symmetric key is obtained on decryption.

Step 5: Original message is decrypted using symmetric encryption algorithm (RC4) key, then the validation and verification of the sender is done.

Step 6: Secure Hash Algorithm (SHA) is used of generating hash value for checking integrity of the message sent.

Step 7: Digital Signature is only validated when the value of the message matches the hash code sent and then data integrity accepted.

Step 8: Once data is transfer in the secure form then the request is terminated.

Following were the steps to transfer secure data over clouds with the help of hybrid framework.


In this paper a simple hybrid framework is proposed with the help of encryption algorithms. This hybrid framework produces a secure data which can be transferred over the clouds. The combination of RC4, SHA and RSA is used to enhance data security and to give more energy efficient and fast working. In Future this secure hybride framework can be implemented on a platform.