Cloud security Alliance – Top threats to Cloud

Cloud computing is the most emerging and challenging technology throughout the world. Cloud computing is Internet-based computer technology. Some of the major firms like Amazon, Microsoft, and Google have implemented the “CLOUD” and have been using it to speed up their business. Cloud computing has given a new dimension to the complete outsourcing arena (SaaS, PaaS, and IaaS) and they provide ever cheaper powerful processor with this computing architecture The primary thing that a computer does is to store in the available space and retrieve information whenever requested by the authenticated user. The pioneer of Cloud Computing vendor, (example) Amazon S3 is storage for the Internet. Amazon S3 provides a simple web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the web. It also allows the developer to access the highly scalable, reliable, secure, fast, inexpensive infrastructure that Amazon uses to run its global network of websites. From the viewpoint of data security, which has always been an essential aspect of quality of service, Cloud Computing unavoidably poses new challenging security threats for some reasons.

Secure Data Storage in Cloud In cloud storage system, companies store their data in the remotely located data server. Accordingly, the correctness of the data is assured. Even though the sometimes unauthorized person may modify or delete the information which leads to server compromise and random Byzantine failures. Because it can be the first step for fast recovery of the storage errors. The cloud storage systems propose an effective and flexible distributed scheme with explicit dynamic data support for file distribution across cloud servers. By computing homomorphic token using a universal hash function which can be perfectly integrated with the verification of erasure-coded data. As well as it identifies misbehaving servers. Finally, the procedure for file retrieval and error recovery based on erasure correcting code is outlined.

The Top 5 cloud security threats presented by Mark Russinovich

It achieves assurance for data storage correctness and data error localization, using pre-computed token. Before sharing file distribution using pre-computes a certain number of shortest verification token are generated that will ensure security for a block of data in a file in cloud storage. When the user wants to make sure the storage correctness for the data in the cloud, the challenges the cloud servers with a set of randomly generated block indices. After getting an assurance from the user, it again asks for authentication by which the user is confirmed to be the authenticated user. Upon receiving the guarantee, each cloud server computes a short “signature” over the specified blocks and returns them to the user. The values of these signatures should match the corresponding tokens pre-computed by the user. All servers operate over the same subset of the indices,

Error localization is a fundamental requirement for eradicating errors in storage systems. However, many previous schemes do not explicitly consider the problem of data error localization. The challenges response protocol in our work future provides the localization of data error. Which only contributes binary results about the storage state across the distributed service in predecessors. The response values from servers for each challenge not only determine the correctness of the distributed storage but also contain information to locate potential data error(s).

Cloud data storage, a user stores his data through a CSP into a set of cloud servers, which are running in a simultaneous, the user interacts with the cloud servers via CSP to access or retrieve his data. In some cases, the user may need to perform block-level operations on his data.users should be equipped with security means so that they can make continuous correctness assurance of their stored data even without the existence of local copies. In case that users do not necessarily have the time, feasibility or resources to monitor their data, they can delegate the tasks to an optional trusted TPA of their respective choices. In our model, we assume that the point-to-point communication channels between each cloud server and the user are authenticated and reliable, which can be achieved in practice with little overhead. Cloud Authentication Server The Authentication Server (AS) functions as any AS would with a few additional behaviors added to the typical client-authentication protocol. The first addition is the sending of the client authentication information to the masquerading router. The AS in this model also functions as a ticketing authority, controlling permissions on the application network. The other optional function that should be supported by the AS is the updating of client lists, causing a reduction in authentication time or even the removal of the client as a valid client depending upon the request.

When the user enters into cloud server and the user will start to access the file, but at the same time an unauthorized user comes into the cloud server without the proper authentication to the cloud server the particular IP address will be noticed and it takes some attention to the cloud owner.

We have briefly explained the problems of data security in cloud data storage. And also provided a way out to ensure user correctness. The distributed scheme through homomorphism token with distributed verification of erasure-coded data. Additionally, the technique provides a process to avoid colluding attacks of server modification by unauthorized users. We believe that data storage security in Cloud Computing, an area of challenges and dominant significance, is still in its infancy to be identified. We envision several possible directions for future research on this area. It allows Third Parity Auditor to audit the cloud data storage without demanding users’ time, probability.

SHARE THIS:

Leave a Reply

Your email address will not be published. Required fields are marked *
You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>