data security in cloud using rsa - IEEE Xplore

IEEE - 31661

DATA SECURITY IN CLOUD USING RSA Velagapudi sreenivas Pachipala Yellamma Research scholar Computer Science& Engineering Amrita sai Institute of science &tech,paritala A.P India [email protected]

Challa Narasimham Professor computer science &engg Amrita sai instituteof science & tech ,parital [email protected]

Abstract— The security of cloud computing has always been an important aspect of quality of service from cloud service providers. However, cloud computing poses many new security challenges which have not been well investigated. This paper focusing on issues relating to the cloud data storage methods and security in virtual environment. We propose a method for providing data storage and security in cloud using public key cryptosystem RSA. Further, describes the security services includes key generation, encryption and decryption in virtual environment.

Keywords— RSA algorithm, Data Encryption, Cloud Computing, Data Security, Data Decryption

I.INTRODUCTION In the modern distributed era different services offered in the Internet as a traditional hosting system. But in the traditional hosting system storage and usage are fixed. But the current trend in business requires dynamism in compute and data storage. This leads to the development of cloud model. Cloud computing proposes new model for computing and related issues like compute, storage, software [8]. It provides development environment, allocation and reallocation of resources when needed, storage and networking facility virtually. It satisfies the on-demand Needs of the user. It facilitates the sharable resources “as a-service” model. For the organization, the cloud offers data centers to move their data globally. It eliminates the Responsibility of local nodes for maintaining their data and also cloud supports customizable resources on the web. Cloud Service Providers

Asst.Prof Computer science&engg KLUVijayawada,A.P India [email protected] om

maintains Computing resources and data automatically via software.[3] Cloud Computing is the key driving force in many small, medium and large sized companies and as many cloud users seek the Services of cloud computing, the major concern is the security of their data in the cloud. Securing data is always of vital importance and because of the critical nature of cloud computing and the large amounts of complex data it carries, the need is even more important. Hence forth, concerns regarding data privacy and security are proving to be a barrier to the broader uptake of cloud computing services. Data security is an important aspect of quality of service as a result, Security must be imposed on data by using encryption strategies to achieve secured data storage and access. Because of opaqueness nature of cloud, it is still having security issues. The cloud infrastructure even more reliable and powerful then personal computing, but wide range of internal, external threats for data stored on the cloud. Since the data are not stored in client area, implementing security measures cannot be applied directly. In this work, we implement RSA algorithm before storing the sensitive data in cloud. When the authorized user request the data for usage then data decrypted and provided to the user. I propose a method for Cloud Computing system by providing data storage and securing Cloud Computing system using RSA algorithm. In this method some important security services including key generation, encryption and decryption are provided in Cloud Computing system.

4th ICCCNT - 13 July 4 - 6, 2013, Tiruchengode, India

IEEE - 31661

II.CLOUD ARCHITECTURE AND STORAGE ARCHITECTURE A. .Cloud architecture: The systems architecture of the software systems involved in the delivery of cloud computing comprises hardware and software designed by a cloud architect who typically works for a cloud integrator. It typically involves multiple cloud components communicating with each other over application programming interfaces, usually web services. Cloud architecture extends to the client, where web browsers and/or software applications access cloud applications.

In most cases cloud data storage services also provide benefits like availability (being able to access data from anywhere), relative low cost (paying as a function of need), and on demand sharing among a group of trusted users, such as partners in a collaboration team or employees in the enterprise organization. C.Cloud Computing Components The cloud computing model consists of five Characteristics, three delivery models, and four deployment models. The five key characteristics of cloud computing are: location-independent resource pooling, on-demand self-service, rapid elasticity, broad network access, and measured service. These five characteristics represent the first layer in the cloud environment architecture[9].

Fig 1: cloud computing sample architecture

B. Cloud Storage Architecture High-level architecture description of cloud data storage services illustrated in Fig. 2. The architecture consists of four different entities: data owner, user, cloud server (CS), and Third party Auditor (TPA). Here the TPA is the trusted entity that has expertise and capabilities to assess cloud storage security on behalf of a data owner upon request. Under the cloud paradigm, the data owner may represent either the individual or the enterprise customer, who relies on the cloud server for remote data storage and maintenance, and thus is relieved of the burden of building and maintaining local storage infrastructure.

Fig2: cloud storage sample architecture

Fig 3: cloud environment architecture

The three key cloud delivery models are Infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). In IaaS, the user can benefit from networking infrastructure facilities, data storage and computing services. In other words, it is the delivery of computer infrastructure as a service. An example of IaaS is the Amazon web service. In PaaS, the user runs custom applications using the service provider’s resources. It is the delivery of a computing platform and solution as a service[2]. An example of PaaS is Google Apps. Running software on the provider’s infrastructure and providing licensed applications to users to use services is known as SaaS .An example of SaaS is the Salesforce.com CRM application. This model represents the second layer in the cloud environment architecture. Cloud deployment models include public, private, community, and hybrid clouds. A


IEEE - 31661

cloud environment that is accessible for multitenants and is available to the public is called a public cloud. A private cloud is available for a particular group, while a community cloud is modified for a specific group of customers .Hybrid cloud infrastructure is a composition of two or more clouds (private, community, or public cloud).This model represents the third layer in the cloud environment architecture. Kamara and Lauter present two types of cloud infrastructure only, namely private and public clouds. The infrastructure that is owned and managed by users is in the private cloud. Data that is accessed and controlled by trusted users is in a safe and secure private cloud, whereas the infrastructure that is managed and controlled by the cloud service provider is in a public cloud. In particular, this data is out of the user’s control, and is managed and shared with unsafe and untrusted servers III. DATA SECURITY ISSUES IN THE CLOUD A. Data Availability: Customer data is normally stored in chunk on different servers often residing in different locations or in different Clouds. In this case, data availability becomes a major legitimate issue as the availability of uninterruptible and seamless provision becomes relatively difficult [4].

location of their data. However, when an enterprise has some sensitive data that is kept on a storage device in the Cloud, they may want to know the location of it. They may also wish to specify a preferred location (e.g. data to be kept in India). This, then, requires a contractual agreement, between the Cloud provider and the consumer that data should stay in a particular location or reside on a given known server.. Also, cloud providers should take responsibility to ensure the security of systems (including data) and provide robust authentication to safe guard customers’ information. Another issue is the movement of data from one location to another. Data is initially stored at an appropriate location decide by the Cloud provider. However, it is often moved from one place to another. Cloud providers have contracts with each other and they use each others’ resources. D. Data integrity: With providing the security of data, cloud service providers should implement mechanisms to ensure data integrity and be able to tell what happened to a certain dataset and at what point. The cloud provider should make the client aware of what particular data is hosted on the cloud, the origin and the integrity mechanisms put in place for compliance purposes, it may be necessary to have exact records as to what data was placed in a public cloud, when it occurred, what virtual memories (VMs) E .Storage, Backup and Recovery:

B. Privacy and Confidentiality: Once the client host data to the cloud there should be some guarantee that access to that data will only be limited to the authorized access. Inappropriate access to customer sensitive data by cloud personnel is another risk that can pose potential threat to cloud data. Assurances should be provided to the clients and proper practices and privacy policies and procedures should be in place to assure the cloud users of the data safety. The cloud seeker should be assured that data hosted on the cloud will be confidential. C. Data location and Relocation: Cloud Computing offers a high degree of data mobility .Consumers do not always know the

When you decide to move your data to the cloud the cloud provider should ensure adequate data resilience storage systems. At a minimum they should be able to provide RAID (Redundant Array of Independent Disks) storage systems although most cloud providers will store the data in multiple copies across many independent servers [6]. In addition to that, most cloud providers should be able to provide options on backup services which are certainly important for those businesses that run cloud based applications so that in the event of a serious hardware failure they can roll back to an earlier state. and storage it resided on, and where it was processed .When such data integrity requirements exists, that the origin and custody of data or information must be maintained in order to prevent tampering or to prevent the exposure of data beyond the agreed territories


IEEE - 31661

IV. DATA SECURITY The survey conducted by Salt march Intelligence in the third quarter of this year measured perceptions of Business technology professionals including their important challenges in adopting Cloud, the drivers, how their organization's plan to use Cloud, the different stages of adoption, and the cloud platforms, applications, clients, infrastructure and storage used. Financial savings, agility and elasticity, all enabled through cloud technology, are crucial in a fast paced business world.[5] At the same time security incidents in the Cloud have made clear that this new promising technology comes with complexity and security and privacy challenges. "While Data confidentiality and audit ability (24.5%) topped the list of primary obstacles for the use of cloud computing technologies, performance unpredictability (20.1%) appeared to be another key factor dampening adoption levels". Data transfer bottlenecks (17.5%) and data lock in (14.3%) were next on the list of factors as reported by respondents. Information is produced at a rapid rate and more and more openly shared through new and agile collaboration channels that are no longer under our control." Hence Security of data has become a major concern. When data mobility is at a high level then the risks and issues increase many folds especially when data is transferred to another country with different regulatory framework. High levels of data relocation have negative implications for data security and data protection as well as data availability. Thus the main concern with reference to security of data residing in the Cloud is: how to ensure security of data that is at rest. Although, consumers know the location of data and there in no data mobility, there are questions relating to its security and confidentiality of it. No doubt the Cloud Computing area has become larger because of its broad network access and flexibility. But reliability in terms of a safe and secure environment for the personal data and info of the user is still required.

algorithm to encrypt the data to provide security so that only the concerned user can access it. By securing the data, we are not allowing unauthorized access to it .User data is encrypted first and then it is stored in the Cloud. When required, user places are quest for the data for the Cloud provider; Cloud provider authenticates the user and delivers the data. RSA is a block cipher, in which every message is mapped to an integer. RSA consists of Public -Key and Private-Key [7]. In our Cloud environment, Pubic-Key is known to all, whereas Private-Key is known only to the user who originally owns the data. Thus, encryption is done by the Cloud service provider and decryption is done by the Cloud user or consumer. Once the data is encrypted with the Public-Key, it can be decrypted with the corresponding Private-Key only.

Fig4: Public-Key Cryptography

RSA algorithm: involves three steps: A. Key Generation B .Encryption C .Decryption

V.PROPOSED WORK RSA is widely used Public-Key algorithm [1]. RSA stands for Ron Rivest, Adi Shamir and Len Adleman, who first publicly described it in 1977. In our proposed work, we are using RSA


IEEE - 31661

VI. IMPLEMENTATION RSA algorithm for key generation  Input: none  Computation: - Select two prime integer’s p, q - Compute integers n = p  q v = (p-1)  (q-1) - Select small odd integer k such that gcd(k, v) = 1 - Compute integer d such that (dk)%v= 1 • Output: n, k, and d • RSA algorithm for encryption Input: integers k, n, M - M is integer representation plaintext message • Computation: - let C be integer representation cipher text C = (Mk)%n • Output: integer C -Cipher text or encrypted message •

of of

RSA algorithm for decryption Input: integers d, n, C - C is integer representation of cipher text message • Computation: - let D be integer representation of decrypted cipher text D = (Cd)%n • Output: integer D - Decrypted message •

Its security comes from the computational difficulty of factoring large numbers. To be secure, very large numbers must be used for p and q - 100 decimal digits at the very least. I'll now go through A simple worked example: Key Generation 1) Generate two large prime numbers p and q To make the example easy to follow I am going to use small numbers, but this is not secure. To find random primes, we start at a random number and go up ascending odd numbers until we find a prime. Lets have: p=7 q = 19

2) Let n = pq n=7*19 = 133 3) Let m = (p - 1)(q - 1) m=(7-1)(19-1) =6*18 = 108 4) Choose a small number, e co prime to m,e co prime to m, means that the largest number that can exactly divide both e and m (their greatest common divisor, or GCD) is 1. Euclid's algorithm is used to find the GCD of two numbers, but the details are omitted here. e = 2 => GCD(e, 108) = 2 (no) e = 3 => GCD(e, 108) = 3 (no) e = 4 => GCD(e, 108) = 4 (no) e = 5 => GCD(e, 108) = 1 (yes!) 5) Find d, such that de % m = 1 This is equivalent to finding d which satisfies de = 1 + nm where n is any integer. We can rewrite this as d = (1 + nm) / e. Now we work through values of n until an integer solution for e is found: n = 0 => d = 1 / 5 (no) n = 1 => d = 109 / 5 (no) n = 2 => d = 217 / 5 (no) n = 3 => d = 325 / 5 = 65 (yes!) To do this with big numbers, a more sophisticated algorithm called extended Euclid must be used. Public Key n=133 e=5

Secret Key n=133 d = 65

Encryption: The message must be a number less than the smaller of p and q. However, at this point we don't know p or q, so in practice a lower bound on p and q must be published. This can be somewhat below their true value and so isn't a major security concern. For this example, let’s use the message "6". C=Me %n =65 %133 =7776%133 = 62


IEEE - 31661

Decryption: This works very much like encryption, but involves a larger exponentiation, which is broken down into several steps. M=Cd %n =6265 %133 =62*6264 %133 =62*(622)32 %133 =62*384432 %133 =62*(3844%133)32 %133 = 62 * 12032 % 133 We now repeat the sequence of operations that reduced 6265 to 12032 to reduce the exponent down to 1. =62*3616 %133 =62*998 %133 =62*924 %133 =62*852 %133 =62*43%133 =2666%133 =6 And that matches the plaintext we put in at the beginning, so the algorithm worked!

3].N. Saravanan, A. Mahendiran, N. Venkata Subramanian and N. Sairam”An Implementation of RSA Algorithm in Google Cloud using Cloud SQL” Research Journal of Applied Sciences, Engineering and Technology 4(19): 35743579, 2012. 4].Parsi Kalpana, Sudha Singaraju,” Data Security in Cloud Computing using RSA Algorithm”IJRCCT, ISSN 2278-5841, Vol 1, Issue 4, September 2012. 5].M.Sudha1, M.Monica “Enhanced Security Framework to Ensure Data Security in Cloud Computing Using Cryptography” Advances in Computer Science and its ApplicationsVol. 1, No. 1, March 2012. 6]. Nilesh N. Kumbhar,Virendrasingh V. Mohit A.Badhe”The Comprehensive Approach for Data Security in Cloud Computing:A Survey”International Journal of Computer Applications (0975 – 8887) Volume 39– No.18, February 2012. 7].”The RSA Solution for Cloud Security and Compliance” A GRC foundation for VMware infrastructure security and complianc. 8]. Mehdi Hojabri & Mona Heidari “Union of RSA algorithm, Digital signature And KERBEROS in cloud security” International Conference on Software Technology and Computer Engineering (STACE-2012), ISBN : 978-9381693-68-1. 9].G. Jai Arul Jose,C. Sajeev, Dr. C. Suyambulingom” Implementation of Data Security in Cloud Computing” International Journal of P2P Network Trends and Technology- Volume1Issue1- 2011

VII. CONCLUSION Clouds provide on-demand access to computing utilities, an abstraction of unlimited computing resources, and support for on-demand scale up, scale down and scale out. Applications with out installation and access their personal files at any computer with internet access. The RSA provides the high security in high potential data encryption methodology; the clouds are working to maintain the situation of the security and handover the position. Cloud computing is a comprehensive solution that delivers IT as a service. It is an Internet-based computing solution where shared resources are provided like electricity distributed on the electrical grid. Computers in the cloud are configured to work together and the various applications use the collective computing power as if they are running on a single system. The flexibility of cloud computing is a function of the allocation of resources on demand. VIII. REFERENCES 1].The RSA Algorithm Evgeny Milanov3 June 2009 2].Rupali Sachin Vairagade1, Nitin Ashokrao Vairagade” Cloud Computing Data Storage and Security Enhancement” International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 1, Issue 6, August 2012.
