Pp1t
Download as PPT, PDF0 likes1,290 views
The document proposes a Cloud Information Accountability (CIA) framework to provide accountability in cloud computing. The CIA framework uses a decentralized, automatic logging mechanism to track data access and usage in the cloud. It includes a logger that is strongly coupled with user data and can enforce access and usage policies. The CIA also features a log harmonizer that collects logs periodically and allows users to audit how their data is being used and ensure service agreements are being followed. The goal is to increase trust for cloud users by giving them greater visibility and control over their data.
More Related Content
Viewers also liked (14)
Similar to Pp1t (20)
More from Nitish Bhardwaj (20)
Pp1t
- 1. IINNTTRROODDUUCCTTIIOONN:: ï‚— CLOUD computing presents a new way to supplement the current consumption and delivery model for IT services based on the Internet. ï‚— While enjoying the convenience brought by this new technology, users also start worrying about losing control of their own data. ï‚— In the context of cloud, accountability is a set of approaches to addresses two key problems: ï‚— Lack of consumer trust in cloud service providers ï‚— Difficulty faced by cloud service providers with compliance across geographic boundaries ï‚— Emphasis is on data protection, but the notion of accountability encompasses more than just privacy
- 2. AABBSSTTRRAACCTT::  Though the Cloud Service Provider (CSP) gives the privacy and integrity of the data, this tracks the actual usage of the user’s data in the cloud by using novel highly decentralized framework data and policies  An object-centered approach that enables enclosing our logging mechanism together with users’ data and policies.  By leverageing the JAR programmable capabilities to both create a dynamic and traveling object.  To strengthen user’s control, also provide distributed auditing mechanisms.
- 3. EEXXIISSTTIINNGG SSYYSSTTEEMM:: ï‚— Data handling can be outsourced by the direct cloud service provider (CSP) to other entities in the cloud and theses entities can also delegate the tasks to others, and so on. ï‚— Entities are allowed to join and leave the cloud in a flexible manner. As a result, data handling in the cloud goes through a complex and dynamic hierarchical service chain which does not exist in conventional environments ï‚— No log and JAR files created for this system ï‚— Data in the cloud may be of encrypted form
- 4. PPRROOPPOOSSEEDD SSYYSSTTEEMM::  As the cloud provider gives the access of the resources to the cloud user’s, the data owner keeps track of usage of their resources.  It also provides authenticated usage of data in the cloud.  Proposed CIA framework provides end-to end accountability in a highly distributed fashion..  By means of the CIA, data owners can track not only whether or not the service-level agreements.
- 5. Advantage Of Proposed System: ï‚— Novel automatic and enforceable logging mechanism in the cloud. ï‚— Proposed architecture is platform independent and highly decentralized, in that it does not require any dedicated authentication or storage system in place. ï‚— Provide a certain degree of usage control for the protected data after these are delivered to the receiver ï‚— The results demonstrate the efficiency, scalability, and granularity of our approach. We also provide a detailed security analysis and discuss the reliability and strength of our architecture.
- 6. Literature Survey 1.Toward Publicly Auditable Secure Cloud Data Storage Services The authors propose that publicly auditable cloud data storage is able to help this nascent cloud economy become fully established. With public auditability, a trusted entity with expertise and capabilities data owners do not possess can be delegated as an external audit party to assess the risk of outsourced data when needed.  Such an auditing service not only helps save data owners’ computation resources but also provides a transparent yet cost-effective method for data owners to gain trust in the cloud. The author describe approaches and system requirements that should be brought into consideration, and outline challenges that need to be resolved for such a publicly auditable secure cloud storage service to become a reality
- 7. 2.Identity-Based Authentication for Cloud Computing The authors propose an identity-based encryption (IBE) and decryption and identity-based signature (IBS) schemes for IBHMCC. based on the former IBE and IBS schemes, an identitybased authentication for cloud computing (IBACC) is proposed.The author presented an identity based authentication for cloudcomputing, based on the identity-based hierarchical model for cloud computing (IBHMCC) and corresponding encryption and signature schemes 3.Online data storage using implicit security The authors have described an implicit security architecture suited for the application of online storage. In this scheme data is partitioned in such a way that each partition is implicitly secure and does not need to be encrypted. These partitions are stored on different servers on the network which are known only to the user. Reconstruction of the data requires access to each server and the knowledge as to which servers the data partitions are stored..
- 8. HHAARRDDWWAARREE RREEQQUUIIRREEMMEENNTTSS:: ï‚— System : Pentium IV 2.4 GHz. ï‚— Hard Disk : 40 GB. ï‚— Floppy Drive : 1.44 Mb. ï‚— Mouse : Logitech. ï‚— Ram : 512 Mb. SSOOFFTTWWAARREE RREEQQUUIIRREEMMEENNTTSS:: ï‚— Operating System : Windows95/98/2000/XP ï‚— Application Server : Tomcat5.0/6.X ï‚— Front End : HTML, Java, Jsp ï‚— Scripts : JavaScript. ï‚— Server side Script : Java Server Pages. ï‚— Database : Mysql 5.0 ï‚— Database Connectivity : JDBC.
- 10. MMOODDUULLEESS:: 1. Cloud Information Accountability (CIA) Framework 2. Distinct mode for auditing: 3. Logging and auditing Techniques . 4. Components of CIA
- 11. MMOODDUULLEESS:: 1. Cloud Information Accountability (CIA) Framework: ï‚— CIA framework lies in its ability of maintaining lightweight and powerful accountability. ï‚— By means of the CIA, data owners can track not only whether or not the service-level agreements are being honored, but also enforce access and usage control rules as needed.
- 12. 2. Distinct mode for auditing: Push mode: ï‚— The push mode refers to logs being periodically sent to the data owner or stakeholder. Pull mode: ï‚— Pull mode refers to an alternative approach whereby the user ï‚— (Or another authorized party) can retrieve the logs as needed.
- 13. 3. Logging and auditing Techniques: 1. The logging should be decentralized in order to adapt to the dynamic nature of the cloud.. 2. Every access to the user’s data should be correctly and automatically logged. 3. Log files should be reliable and tamper proof to avoid illegal insertion, deletion, and modification by malicious parties. 4. Log files should be sent back to their data owners periodically to inform them of the current usage of their data. 5. The proposed technique should not intrusively monitor data recipients’ systems.
- 14. 4. Major components of CIA:  There are two major components of the CIA, the first being the logger, and the second being the log harmonizer.  The logger is strongly coupled with user’s data (either single or multiple data items).  It may also be configured to ensure that access and usage control policies associated with the data are honored.
- 15. CCOONNCCLLUUSSIIOONN ï‚— Innovative approaches for automatically logging any access to the data in the cloud together with an auditing mechanism is proposed. ï‚— Approach allows the data owner to not only audit his content but also enforce strong back-end protection if needed. Moreover, one of the main features of our work is that it enables the data owner to audit even those copies of its data that were made without his knowledge. ï‚— In the future, planed to refine our approach to verify the integrity and the authentication of JARs
- 16. Thank You!