algorithm namely Private Cloud Security Level Algorithm. (PCSLA) for the ease of the Client's private data in cloud. PCSLA provides a dynamic security to the ...
1
Improving Security in Private Cloud through Cryptographic and Biometrics 1
Rajesh Duvvuru, 2Bangaru BalaKrishna, 3Ashok Kote and 4Suprita Das
Abstract—Data Security and network traffic control are two important aspects in the field of Cloud computing. This paper combines these two aspects for the reliable and fast transmission of data in private cloud. Security should have to provide to client user according to their requirement. We have proposed a novel algorithm namely Private Cloud Security Level Algorithm (PCSLA) for the ease of the Client’s private data in cloud. PCSLA provides a dynamic security to the client’s data in private cloud. We have compared our simulation results with two base line algorithms namely PC_MIN and PC_MAX, there is significant growth in security and transmission of data. Index Terms— Data Security, Private Cloud Computing, Network Traffic.
due to unnecessary security for non important clients. 2. Delay in data transmission (see Section 2.B). The most important contributions of this work include: (1) an analysis of security and real-time requirements for PCC; (2) A model to specify both delay and security requirements in PCC; (3) A novel Private Cloud Security Level Algorithm;(4) a new performance metric integrating both security and Delay in time performance; and (5) a simulator where the SPFF algorithm is implemented and evaluated. The rest of this paper is organized as follows. Section 2 discusses previous works in the area of ensuring security for Private Cloud Computing (PCC). Section 3 describes architecture and the system model. In section 4, we present the performance evaluation of our algorithm. Finally, we will conclude the paper and future work in Section 5.
I. INTRODUCTION Cloud Computing is a collection of existing techniques and technologies, integrated within a innovative infrastructure paradigm. It offers a verity services like Infrastructure as a service (IaaS), Platform as a service (PaaS) and Software as a Service (SaaS). Figure 1 demonstrate completely of about layers of Cloud computing. IaaS provider’s supplies as physical or more often as virtual machines, raw (block) storage, firewalls, load balancers, and network resources on demand from their large pools installed in data centers. PaaS delivers as a computing platform and solution stack typically including operating system, programming framework, web server, and database. Lastly, IaaS come across with installation and operation of application software in the cloud and cloud users access the software from cloud clients. Even though private cloud is providing a plenty of useful IaaS like ability to deploy new applications, Cross Platform etc [1] and it got its own limitations like reliable network connection, Control of data security, Peripherals, Integration. Especially security for private cloud is not that much satisfactory. A survey report by Ponemon Institute on ‘Security of Cloud Computing Providers Study’, April 2011is clearly specifying that, Further, only 18% of European and 19% of US cloud providers cloud providers strongly agree or agree that their organization perceives security as a aggressive improvement in the cloud marketplace [2]. In our research we have sorted out two problems in maintaining same security for PCC client. 1. Load on network
Fig 1. Layers of Cloud Computing architecture.
2 II. LITERATURE REVIEW AND RELATED WORK
III. OUR APPROACH
A. Challenges in Cloud Computing Business of Cloud Computing is developing day to day. Though Cloud Computing business is proliferating drastically, still the Cloud Computing industry is facing lot of challenges like, Safeguarding data security , Managing the contractual relationship, Dealing with lock-in, Managing the cloud [3]. Safeguarding data security especially in private cloud is bit difficult task. The personal data which client want to store in the cloud as that of in own PC, will be accessible to the cloud providers easily. For instance, if we are storing our personal documents in any mail like gmail, yahoo etc..That particular service provider DB administrator has a chance to know about clients data, if he wish to know. This mechanism is not trust worthy. This is the major drawback of the private cloud. Even though it is providing the services like IaaS. But none of the client don’t want to share his/her personal data to any others unless otherwise they wish to do. To Solve this problem in the literature there are plenty of research was carried and have solved problem different solutions [4] [5] [6]. Fig 2 shows the architecture of the Private cloud data access between the client and the user.
A. Model and Assumptions of Architecture This model contains a Client, Internet and Cloud Database. Each and specific user is assigned with a security level (LS).[7]LS range from 1 to 5. 1 is the highest security and 5 is the lowest security. For example if the LS is 5, then the security level will be simple username and password. If the security level is 4, in addition to the username, password, there will be biometric authentication like finger print recognition. If LS is 3, in addition to level4, there will be face recognition will be attached. Like that it will fallow up to level 1.Fig 3 will gives a complete picture of about security level. LEVEL 1 LEVEL 2 LEVEL 3 LEVEL 4 LEVEL 5 (USER NAME+ PASSWORD) LEVEL 5 + FINGER PRINT LEVEL 4 + FACE RECOGNITION
LEVEL 3 + HAND RECOGNITION Fig 2. Network Architecture of the Private Cloud Computing. LEVEL 2 + IRIS RECONITION
B. Current problem However, software and systems that are accessed through private clouds rather than public Internet connections make it easier for obtainable security metrics and values to remain integral. Yes it is absolutely true; that the existing algorithms will provide good security. In this paper we are make use of those security algorithms and making the security system much stronger. In most of the PCC, clients user are assigning with the same level of security. Due to this, there is no discrimination between the important, unimportant and partial important client. For the client who requires high security for storing of data in PCC. Currently the service providers are meeting their security requirements. For example, in the bank for the current transactions should encrypt with highest security compared to the previous more than two years transactions. PCC Service providers are unnecessarily providing good security for the unimportant user also. Because of this high encryption algorithm will take time delay and load on network, which don’t require highest security also.
Fig 3. Client Security levels of the Private Cloud Computing.
Before accessing the data from the Private Cloud Database, Client wants to apply specified security, which is assigned to him/her[8] [9]. The Cloud Database is also designed such fashion, all the stored data will stored in an encryption format and locked with an any one of the security level. Even Database administrator want to access data in cloud of the client. It is not possible, because he requires the Biometric authentication instantly at the time of access. PCSLA is designed for the single user security, not for multi or group user security. For example, if the user is using personal Google mail account, it is his own private data, he don’t wish to share with anybody. For this particular user’s PCSLA will provide highly efficient security. B. Private Cloud Security Level Algorithm (PCSLA) Step1: Client will perform authentication operation by specified security level. All the authentication credentials are encrypted (user-id and password with cryptography algorithm and biometric with a secure crypto-biometric system [10]) and
3 sent to cloud service provider. Step2: If the security level is a valid authentication, client will be permitted to access the data go to step3, or if client is not valid, redirected to step1. Step3: After granting permission, then client start using the data and services of private cloud. Step4: After completion of his work, he finally logout from the cloud. Fig 4 explains of about this mechanism.
security (LS) and the bandwidth (BW). The following expression is used to calculate OP. TP = LS ∗ BW
(2)
B. Impacts of Level of Security Level of security is an important parameter, which we have considered for our PCSLA, C_MIN, and C_MAX. In fig 5, the security level is differentiated for PCSLA, and lowest security is maintained to C_MIN and lastly C_MAX is maintained with highest security.
Fig 4. Proposed architecture
The fallowing figure represents the Instant Authentication Point (IAP), which will check the security level instantly at that point. Even Cloud Database administrator (DBA) wants to access the client’s data, he can’t, why because he require biometric authentication of client at that point. C. Calculating Security operating cost To calculate the security operating cost we make use of formula (1) to model the security operating cost predicted as the extra processing time experienced by packet i. SOCi = ETi ∗ (LSi/T) (1) where SOCi is the security overhead of packet i, LSi is the security level provided to packet i, ETi is the transmission time of the packet. And T is set to 5. IV. RESULTS OF SIMULATIONS Now we momentarily summarize the ideas of the following two baseline algorithms, which are used to compare with our projected algorithm. C_MIN: Client is assigned with lowest level of security for each coming packet. Therefore, the bandwidth is improved at the cost of reducing overall security value of the system. C_MAX: Client is assigned chooses the highest security level for each accepted packet. As a result, the security values are increased while decreasing the bandwidth. On the other hand our proposed algorithm PCSLA adaptively select the most appropriate level of security for each and every cloud client the guarantee ratio and the security level are increased which in turns increase the overall performance of the system significantly. A. Performance metrics To evaluate the performance of our approach, we compare PCSL algorithm against two baseline algorithms, namely, C_MIN and C_MAX. The following three important performance metrics are used to effectively evaluate the proposed algorithm. The Total Performance (TP) is measured as the product of level of
Fig. 5 Impact of arrival rate on Level of security when data size = 0.3 KB, and Bandwidth = 0.5MBPS.
C. Impacts of Bandwidth Whenever we are maintaining the different security level, some it requires a very less bandwidth and some time it requires high, but it is balanced. In the case of C_MIN it will take a very low bandwidth, but the security standards is very low. Whereas C_MAX is concerned security standards are good, but bandwidth requires very high. It is clearly specified in fig 6.
Fig 6. Impact of bandwidth on Security Level when data size = 0.3 KB, and arrival rate = 0.5 No/Sec.
D. Total Performance By considering the two factors security level and bandwidth, of the total performance is represented graphically. In figure 7 the overall performance is clearly shows that PCSL algorithm performance is approximately 32 % better than C_MIN and C_MAX.
4 Rajesh Duvvuru (M’76–SM’81–F’87) received the B.Tech. (First Class ),from S.V.University, Tirupati. He pursued M.Tech( First class with Distinction) from A.N.University, Guntur. He worked as software trainee in Virtuoso Soft Technologies, Chennai. He worked in various engineering colleges, currently he is working as Assistant Professor in Department of Computer Science and Engineering, National Institute of Technology, Jamshedpur. INDIA. Bangaru BalaKrishna (M’76–SM’81–F’87) pursued the MCA from IGNOU, Delhi. He received M.Tech( First class with Distinction) from A.N.University, Guntur. He is having experience as Network Administrator. He is currently he is Working as Assistant Professor in Department of Computer Science and Engineering, Turbo Institute of Technology and Science, Hyderabad. INDIA. Fig. 7 Total performance of bandwidth and Level of security when data size = 0.3 KB..
V. CONCLUSION AND FUTURE WORK In this global IT world, technology has achieved several mile stone. Cloud computing is also one of the mile stone in IT Sector. From the past decades, cloud computing business is proliferating day to day. But security and data transmission are two challenges where the cloud computing is concentrating. To meet these two factors, we have designed a novel approach PCSLA and we have compared the algorithm with C_MAX and C_MIN algorithm. Lastly the overall performance of PCSLA is incremented abruptly. In future these security levels may increase, depending upon the demand. These security algorithms may upgrade with much stronger algorithm. For Group user access is a limitation for PCSLA. In future PCSLA is going to be enhanced for group user access. REFERENCES [1] [2] [3] [4]
[5]
[6] [7]
http://www.smartstylecomputing.com/docs/ema-ss-wp.pdf http://www.ca.com/~/media/Files/IndustryResearch/security-of-cloudcomputing-providers-final-april-2011.pdf http://www.accenture.com/us-en/outlook/Pages/outlook-online-2011challenges-cloud-computing.aspx John Harauz, Lori M. Kaufman, Bruce Potter, “Data Security in the World of Cloud Computing”, IEEE SECURITY & PRIVACY, pp. 61-64, Aug. 2009. Chenguang Wang, Huaizhi Yan, “Study of Cloud Computing Security Based on Private Face Recognition”, In Proc. International Conference on Computational Intelligence and Software Engineering (CiSE), 2010,IEEE, pp.1-5,Dec.2010. http://www.ibm.com/ibm/files/Z702257B23536P19/15PPCLOUDCOM PUTING_116KB.pdf Xiao Qin, Mohamed Alghamdi, Mais Nijim, Ziliang Zong, Kiranmai Bellam, Xiaojun Ruan,and Adam Manzanares, “Improving Security of Real-Time Wireless Networks Through Packet Scheduling”, IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, pp 3273- 3279, SEPTEMBER 2008
[8]
Mateljan, V. “Cloud Database-as-a-Service (DaaS) – ROI,” in Proc. MIPRO, In Proc. 33rd International Convention, 2010, IEEE, pp.11851188,May 2010. [9] Cheung, D.W. “Security on cloud computing, query computation and data mining on encrypted database,” in Proc. Symposium on Technologies Beyond 2020 (TTM), 2011 IEEE Technology Time Machine ,IEEE ,pp.1-1.June,2011. [10] Gonzalez Martinez, D. “Secure crypto-biometric system for cloud computing,” In Proc. 1st International Workshop on Securing Services on the Cloud (IWSSC), IEEE, pp.38-45, Sep. 2011.
Ashok Kote (M’76–SM’81–F’87) completed the B.Tech, from J.N.T.University, Hyderabad. He pursued M.Tech ( Frist class) from A.N.University, Guntur.. He worked in various engineering colleges, currently he is working as Assistant Professor in Department of Computer Science and Engineering, Lingay’s Institute of Technology and management, Vijayawada. INDIA.
Suprita Das (M’76–SM’81–F’87) finished the B.Tech. (First Class ),from B.P.U.T, Roukela.she worked as software testing trainee in Cognizant Technologies, Bengaluru. She currently Working as Lecturer in Department of Computer Science and Engineering, National Institute of Technology, Jamshedpur. INDIA.
