Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No.
2, April 2019 5
A Study of Data Storage Security Issues in Cloud
Computing
P. Sabarisha Malathi* and Dr.D. Vanathi
Abstract--- Cloud computing provides on demand services
to its purchasers. Knowledge storage is among one in every of
the first services provided by cloud computing. Cloud service
supplier hosts the information of knowledge owner on their
server and user will access their data from these servers. As
data, homeowners and servers are completely different
identities, the paradigm of knowledge storage brings up
several security challenges. Associate in Nursing freelance
mechanism is needed to form certain that knowledge is
properly hosted in to the cloud storage server. During this
paper, we are going to discuss the various techniques that are
used for secure knowledge storage on cloud.
Keywords--- Cloud Computing, Knowledge Storage, Cloud
Storage Server.
I. INTRODUCTION
C LOUD computing is that the combination of the many
antecedent technologies that have matured at different
rates and in numerous contexts. The goal of cloud computing
is to permit users to require get pleasure from of these
technologies. several organizations are going in cloud as a
result of it permits the users to store their knowledge on clouds
and may access at anytime from anyplace. Knowledge
breaching is feasible in cloud surroundings, since knowledge
from varied users and business organizations lie along in
cloud. By causing the information to the cloud, the information
home owners transfer the management of their data to a
3rdindividual that could raise security issues. Generally the
Cloud Service Provider (CSP) itself can use/corrupt the
information illicitly.
Security and privacy stands as major obstacle on cloud
computing i.e. protective confidentiality, integrity and
accessibility of information. a straight forward answer is to
encode the information before uploading it onto the cloud.
This approach ensures that was the information don't seem to
be visible to external users and cloud directors how ever has
the limitation that plain text primarily based looking
algorithmic program aren’t applicable. during this paper, we
tend to discuss the safety flaws in information storage and
therefore the mechanisms to beat it.
P. Sabarisha Malathi*, PG Scholar, Department of CSE, Nandha
Engineering College (Autonomous), Erode, India.
E-mail: sabarishapatt1713@gmail.com
Dr.D. Vanathi, Associate Professor, Department of CSE, Nandha
Engineering College (Autonomous), Erode, India.
E-mail: vanathi.p@nandhaengg.org
DOI:10.9756/BIJSESC.9012
ISSN 2277-5099 | © 2019 Bonfring
II. CLOUD STORAGE
Cloud storage is one amongst the first use of cloud
computing. we will outline cloud storage as storage of the in
foon-line within the cloud. A cloud storage system is taken
into account as a distributed information centres, which
generally use cloud-computing technologies and offers some
quite interface for storing and accessing information. once
storing information on cloud, it seems as if the info is hold on
in an exceedingly explicit place with specific name.
There are four main forms of cloud storage:
Personal Cloud Storage: It is conjointly called mobile cloud
storage. during this sort storage, individual's knowledge is
keep within the cloud, and he/she might access the info from
anyplace.
Public Cloud Storage
In Public cloud storage the enterprise and storage service
supplier are separate and there aren't any cloud resources keep
within the enterprise's information centre. The cloud storage
supplier absolutely manages the enterprise's public cloud
storage.
Private Cloud Storage
In Private Cloud Storage the enterprise and cloud storage
supplier are integrated within the enterprise's knowledge
centre. in camera cloud storage, the storage supplier has
infrastructure within the enterprise's knowledge centre that's
sometimes managed by the storage provider. personal cloud
storage helps resolve the potential for security and
performance considerations whereas still giving the benefits of
cloud storage.
Hybrid cloud storage
It is a mix of public and personal cloud storage wherever
some vital knowledge resides within the enterprise's private
cloud whereas different data is hold on and accessible from a
public cloud storage supplier.
III. CHARACTERISTIC OF CLOUD COMPUTING
There are 5 characteristics of cloud computing. the primary
one is on-demand self-service, wherever a shopper of services
is provided the required resources while not human
intervention and interaction with cloud supplier. The second
characteristic is broad network access, which implies resources
will be accessed from anyplace through a typical mechanism
by skinny or thick shopper platforms such itinerant, laptop, and
microcomputer. Resource pooling is another characteristic,
which implies the resources are pooled so as for multitenant to
share the resources. within the multi-tenant model, resources
are allotted dynamically to a consumer and when the patron
Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 2, April 2019
finishes it, it will be allotted to a different one to reply to high
resource demand.
Whether or not the resources are allotted to customers on
demand, they are doing not understand the situation of those
allotted resources.
Figure 1: Cloud Environment Architecture
Sometimes they understand the situation at a high-level
abstraction, like country, state, and knowledge centre. Storage,
processing, memory, and network are the type of resources that
are appointed. fast snap is another characteristic, which implies
that resources are dynamically magnified once required and
attenuate when there's no want. Also, one among
characteristics that a shopper desires is measured service so as
to understand what proportion is consumed.
IV. ENCRYPTED DATA STORAGE FOR CLOUD
Since knowledge within the cloud is placed anyplace, it’s
necessary that the information be encrypted. we tend to are
victimization secure co-processor as a part of the cloud
infrastructure to alter economical encrypted storage of
sensitive knowledge. By embedding a secure co-processor
(SCP) into the cloud infrastructure, the system will handle
encrypted knowledge with efficiency. elements of the planned
instrument (see Figure 2). Basically, SCP could be a tamper-
resistant hardware capable of restricted all-purpose
computation. for instance, IBM 4758 science Coprocessor
(IBM) could be a single board laptop consisting of a central
processor, memory and special-purpose science hardware
contained in a very tamper-resistant shell, certified to level
furbelow FIPS pothouse 140-1. once put in on the server, it's
capable of performing arts native computations that are utterly
hidden from the server. If meddling is detected, then the secure
co-processor clears the inner memory. Since the secure
coprocessor is tamper-resistant, one might be tempted to run
the complete sensitive knowledge storage server on the secure
coprocessor. Pushing the complete knowledge storage
practicality into a secure co-processor is not feasible due to
many reasons.1st of all, because of the tamper-resistant shell,
secure co-processors have sometimes restricted memory (only
some megabytes of RAM and a few kilobytes of non-volatile
memory) and process power (Smith, 1999). Performance can
improve over time, however issues like heat dissipation/power
ISSN 2277-5099 | © 2019 Bonfring
6
use (which should be controlled to avoid revealing processing)
can force a niche between general functions and secure
computing. Another issue is that the software system running
on the SCP should be whole sure and verified. This security
demand implies that the software system running on the SCP
ought to be unbroken as straightforward as potential. we will
write in code the sensitive information sets victimisation
random personal keys and to alleviate the chance of key
revealing, we will use tamper-resistant hardware to store a
number of the encryption/decryption keys (i.e., a master that
encrypts all alternative keys).
Figure 2: Parts of the Proposed Instrument
V. SECURITY AND PRIVACY ISSUES IN DATA STORAGE
Cloud Computing permits the users to store their
knowledge on the storage location maintained by a 3rd party.
Once the information is uploaded into the cloud the user loses
its management over the data and therefore the data may be
tampered by the attackers. The assailant is also Associate in
Nursing internal(CSP) or external. Unauthorized access is
additionally typical observe thanks to weak access
management. The protection of data arises the subsequent
challenges:
The security and privacy problems associated with knowledge
storage are confidentiality, integrity and convenience.
Confidentiality
The major dispute in cloud computing is confidentiality.
information confidentiality means that accessing the
information solely by licensed users and is powerfully
associated with authentication. In a different way
confidentiality means that keeping users information secret
within the cloud systems. As we have a tendency to are storing
the information on a distant server and transferring the
management over the data to the supplier here arises the
queries such as:
For making certain confidentiality, cryptologic
cryptography algorithms and powerful authentication
mechanisms are often used. Crypto graphyis that the method of
changing the info into a type referred to as cipher text that may
be understood solely by the licensed users. cryptography is
associate degree economical technique for shielding the info
however have the obstacle that data are lost once the
encryption secret's algorithms. Blowfish could be a fat and
easy cryptography rule.
Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 2, April 2019
Figure 3: Symmetric encryption
The on top of secret writing techniques have the limitation
that for looking the info from the file, the whole file should be
decrypted. it's a time overwhelming method and therefore
searchable secret writing was introduced. Searchable secret
writing permits build Associate in Nursing index for the file
containing the keywords and is encrypted and keep together
with the file, in order that where as looking the info solely the
keywords are decrypted instead of the whole file and search is
formed thereon.
Figure 4: Asymmetric encryption
Integrity
Another major problem faced by cloud computing is
integrity. Integrity of information means that to form certain
that the info has not been modified by Associate in Nursing
unauthorized person or in an unauthorized means. it's a
technique for making certain that the info is real, correct and
safeguarded from unauthorized users. As cloud computing
supports resource sharing, there's an opening of information
being corrupted by unauthorized users. Digital Signatures may
be used for protective the integrity of information. the straight
forward means for providing integrity is mistreatment Message
Authentication Code(MAC).
Figure 5: Remote auditing mechanism
Availability
Availability refers to being obtainable and accessible to
approved users on demand. The aim of availableness in cloud
computing systems is to make sure that its users will use them
at anyplace and at any time
ISSN 2277-5099 | © 2019 Bonfring
7
VI. CONCLUSION
Cloud computing allows users to store their information in
remote storage location. However information security is that
the major threat in cloud computing. Thanks to this several
organizations aren't willing to manoeuvre into cloud
environment. To overcome this, confidentiality, integrity,
accessibility ought to be encapsulated in a very CSP’s Service-
Level Agreement (SLA) to its customers. Otherwise make sure
that any sensitive data isn't place into a public cloud and if any
it's to be hold on in encrypted kind. Effective auditing
mechanisms can also be used for providing information
integrity.
REFERENCES
[1] V. Nirmala, R.K. Sivanandhan and Dr.R. Shanmuga Lakshmi, “Data
Confidentiality and Integrity Verification using User Authenticator
scheme in cloud”, International Conference on Green High Performance
Computing (ICGHPC 2013), Pp. 1-5, 2013.
[2] Kumar, B. Gook Lee, H.J. Lee and A. Kumari, “Secure Storage and
Access of Data in Cloud Computing”, International Conference on ICT
Convergence (ICTC), Pp. 336-339, 2012.
[3] M.R. Tribhuwan, V.A. Bhuyar and S. Pirzade, “Ensuring Data Storage
Security in Cloud Computing through Two-way Handshake based on
Token Management”, International Conference on Advances in Recent
Technologies in Communication and Computing, Pp. 386-389, 2010.
[4] Prashant Rewagad, Ms.Yogita Pawar, “Use of Digital Signature with
Diffie Hellman Key Exchange and AES Encryption Algorithm to
Enhance Data Security in Cloud Computing”, International Conference
on Communication Systems and Network Technologies, Pp. 437-439,
2013.
[5] U. Somani, K. Lakhani and M. Mundra, “Implementing Digital Signature
with RSA Encryption Algorithm to Enhance the Data Security of Cloud
in Cloud Computing”, 1st International Conference on Parallel,
Distributed and Grid Computing (PDGC), Pp. 211-216, 2010.
[6] M. AlZain, E. Pardede, B. Soh and J. Thom, “Cloud computing security:
From single to multi-clouds,” 45th Hawaii International Conference on In
System Science (HICSS), Pp. 5490–5499, 2012.
[7] M. Sookhak, H. Talebian, E. Ahmed, A. Gani and M. K. Khan, “A
review on remote data auditing in single cloud server: Taxonomy and
open issues”, Journal of Network and Computer Applications, Vol. 43,
Pp. 121–141, 2014.
[8] E. Aguiar, Y. Zhang and M. Blanton, “An overview of issues and recent
developments in cloud computing and storage security”, In High
Performance Cloud Auditing and Applications. Springer, Pp. 3–33, 2014.
[9] Gul and M. Islam, “Cloud computing security auditing”, In 2nd
International Conference on Next Generation Information Technology
(ICNIT), Pp. 143–148, 2011.
[10] E.M. Mohamed, H.S. Abdelkader and S. ElEtriby, “Enhanced data
security model for cloud computing”, IEEE 8th International Conference
on in Informatics and Systems (INFOS), Pp. CC–12, 2012.
[11] S. Ramgovind, M.M. Eloff and E. Smith, “The management of security
in cloud computing”, IEEE In Information Security for South Africa
(ISSA), Pp. 1–7, 2010.
[12] F. Sabahi, “Cloud computing security threats and responses”, IEEE 3rd
International Conference on In Communication Software and Networks
(ICCSN), Pp. 245–249, 2011.
[13] X. Wang, B. Wang and J. Huang, “Cloud computing and its key
techniques”, IEEE International Conference on Computer Science and
Automation Engineering (CSAE), Vol. 2, Pp. 404–410, 2011.
[14] [14] S. Aldossary and W. Allen, “Data Security, Privacy, Availability
and Integrity in Cloud Computing: Issues and Current Solutions”, In
International Journal of Advanced Computer Science and Applications,
Vol. 7, No. 4, 2016.
[15] Latifur Khan and Bhavani Thuraisingham, “Security Issues for Cloud
Computing”, International Journal of Information Security and Privacy
(IJISP), Vol. 4, No. 2, Pp. 36-48, 2010.