Академический Документы
Профессиональный Документы
Культура Документы
Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 2, Issue 4, July August 2013 ISSN 2278-6856
M.Tech Scholar, Department of Computer Science and Engineering, Global Institute of Management and Emerging Technologies, Amritsar
2
Department of Computer Science and Engineering, Global Institute of Management and Emerging Technologies, Amritsar
Keywords: Message Digest, Advanced Encryption Standard, Distributed environment, cloud computing, data security.
1. INTRODUCTION
At the present world of networking system Cloud computing is one the most important and developing concept for both the developers and the users. Therefore in recent days providing security in cloud has become a major challenging issue in cloud computing. Cloud computing is primarily based on virtualization which enables multi tenancy and on-demand use of scalable shared resources by all tenants [3][4]. Cloud computing provides the facility to access shared resources and common infrastructure which offers the services on demand over the network to perform operations that meet changing business needs. The location of physical resources and the devices which are being accessed are not known to the end user. It also provides facilities for users to develop deploy and manage their applications on the cloud which entails virtualization of resources that maintains and manages itself. Overlay networks have also received much attention in recent years. Overlay networks were first used in the deployment of the Internet over telephone networks [1]. By definition, they are virtual networks built on top of physical networks. They consist of virtual nodes connected via virtual links and aim to offer additional functionalities which are not available in the underlying physical network [2]. Because overlay networks are also based on virtualized nodes for implementing network Volume 2, Issue 4 July August 2013
services both techniques are combined to reap the benefits of each. This is particularly useful for deploying new transparent network security services over existing networks to enhance their protection [5]. In the area of cloud computing different security models and algorithms are applied at present. But these models have failed to solve most of the security threats. Moreover for E-commerce and different types of online businesses high capacity security models are implied in cloud computing fields. Security models that are developed and currently used in the cloud computing environments are mainly used for providing security for a file and not for the communication system. Moreover present security models are sometimes uses secured channel for communication. But this is not cost effective process. Some models attempt on discussing about all of these but are completely dependent on user approach. The models usually fail to use machine intelligence for generating key and newer proposed model. Some models have proposed about hardware encryption system for secured communication system. The idea is usually straightforward but the implementation is relatively difficult. Hardware encryption is helpful only for the database system not for other security issues. Authenticated user detection technique is currently very important for ensuring security in cloud computing. A network-based IDS (NIDS) passively monitors traffic traversing a given network for malicious payloads. NIDS sensors sniff and capture this traffic. The NIDS analyzes the collected data to detect malicious activities and responds to or generates reports based on the detection. It also examines the content of the network and the transport layer packet headers and analyzes the packet sequence as well as how these packets will affect applications at the customer endpoints. Security is broadly categorized as two types protecting the asset and protecting the data. In this research encryption process is performed for cloud architecture and machines act as network intrusion detction system and send encrypted messages to servers in the network. Various algorithms have been used to provide message security. It is good practice to encrypt the actual message to be transmitted using a Symmetric key algorithm with better computational speed for cloud environment. Firstly Advanced Encrption Standard is used in which keys are generated randomly by the system. AES is a block cipher Page 235
3. RELATED WORK
Cloud computing offers on-demand use of third party IT infrastructures on a pay-per-use basis. Khaled Salah in 2008 discussed that cloud computing reduces customers need for hardware while improving the elasticity of computational resources allowing them to adapt to business requirements. Therefore businesses are finding it attractive to adopt the cloud computing paradigm. Hassan Takabi explains that Cloud computing is an evolving paradigm with tremendous momentum but its unique aspects exacerbate security and privacy challenges. This explores the roadblocks and solutions to providing a trustworthy cloud computing environment. Page 236
4. PROPOSED WORK
At present ensuring security in cloud computing platform has become one of the most significant concerns. These problems have been considered to provide some solution correlated with security. The Cloud computing environment discussed earlier implements the security layers having IDS, IPS, AV, Anti-spam with firewall to provide protection to all endpoints connected to it. But they do not provide protection to the messages that transfer between the VM sensor, SEM and CSM in cloud structure while communicating to each other. The messages which are to Volume 2, Issue 4 July August 2013
Page 237
Fig 2: proposed cloud computing environment The algorithm starts with giving its whitened text as the input to the AES .Now this algorithm again encrypt the encrypted text. The numbers of steps that are processed on each block are basically: 1) Convert to State Array 2) Transformations (and their inverses) a) Add Rounds Keys: each byte of the state is combined with the round key using bitwise xor. b) Substitute Byte: a non-linear substitution step where each byte is replaced with another according to a lookup table. c) Shift Row: transposition step where each row of the state is shifted cyclically a certain number of steps. d) Mix Column: a mixing operation which operates on the columns of the state combining the four bytes in each column. 3) Key Expansion The transformation is performed at each round on each block of the data. The given input is firstly divided into the block of the fixed size values and then keys are applied to this. Example now Input is: [xU^U]GYB_UYSEW_@E_UUATZBY\B\MG AES encryption is: [tmw,N/m#" c; 128-bit plain text block
References
[1] Khaled Salah, Jose M. Alcaraz, Sherali Zeadally, Sameera Al-Mulla and Mohammed Alzaabi, Using Cloud Computing to Implement a Security Overlay Network, security & privacy IEEE, vol. 11, Issue: 1, pages: 44 53, Jan.-Feb. 2013. [2] Hassan Takabi and James B.D. Joshi -University of Pittsburgh and Gail-Joon Ahn -Arizona State University, Security and Privacy Challenges in Cloud Computing Environments, Security & Privacy, IEEE,Vol 8, Issue:6 Pages: 24 - 31 ,2012. [3] Bernd Grobauer, Tobias Walloschek, and Elmar Stcker Siemens, Understanding Cloud Computing Vulnerabilities, Security & Privacy, IEEE, Vol : 9 , Issue: 2, Pages: 50 57, March-April 2011. [4] Jianyong Chen, Yang Wang, and Xiaomin Wang, On-Demand Security Architecture for Cloud
128-bit cipher text block Fig.3: AES Algorithm (a) Volume 2, Issue 4 July August 2013
Page 238
Author
Aparjita Sidhu received the B.Tech degree from Guru Nanak Dev University and pursuing M.Tech in Computer Science and Engineering from Global Institute of Management and Emerging Technologies Amritsar.
Page 239