International Journal of Research in Advent Technology, Vol.7, No.

1, January 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org

Multi-Cloud Secure Data storage using Cryptographic

Techniques
Manoj V. Bramhe, Dr. Milind V. Sarode, Dr. Meenakshi S. Arya
Phd Research Scholar, Professor and Head, Associate Prof. & Head
Department of Computer Science & Engineering, Department of Computer Engineering ,
G.H. Raisoni College of Engineering, Nagpur
Government Polytechnic,
Yavatmal
G.H. Raisoni College of Engineering, Nagpur
[email protected]

Abstract: Cloud computing is becoming popular paradigm for storage and computing purpose for big and small organizations.
Even though cloud supports pay-as-you-go model with saving on infrastructure, hardware and software cost of organizations it
has disadvantages like various vulnerabilities and threats to user’s information . File access mechanism is an technique to
guarantee the file safety in the cloud. On the other hand, due to file farm out and untrusted cloud servers the file access
mechanism develops security concerns in cloud storage systems. Malicious system administrator at cloud storage is becoming
most difficult attack to stop as he has full access to the user data. In proposed system, we have implemented secure cloud
storage for multi-cloud environment where instead of keeping user's data in single cloud environment it can be fragmented into
different chunks and these chunks can be encrypted and stored in multiple cloud along with metadata which can be used during
access of the files.

Keywords: Multi-Clouds, Cryptography, FTP

Our proposed system will provide multi-cloud
1. INTRODUCTION based secured storage where user will split the data into
multiple parts, storing each one of them on various private/
Cloud computing provides on-demand and pay -per-usage public cloud hence none of the entity will ever get
access to scalable resources over the Internet. It saves complete set of the data at any time , improving trust and
operational and infrastructure based expenses for reliability of cloud services. Security of data in our system
organizations. is improved as user will encrypt the data before uploading
and will have all security related information stored in
Cloud computing as defined by NIST model is classified
local application server thus removing the possibilities of
into three types of services as Software-as-a-Service ,
system administrator attacks.
Platform-as-a-Service, and Infrastructure -as-a-Service.
Cloud models has four categories as Private, Public,
2. RELATED WORK
Hybrid and Community depending upon the nature of
storage services. Public cloud is maintained by third party Research was carried on cloud storage system and
service provider which distributes their resources among various defense methodologies were proposed for handling
clients and charge them as per their usage . Private cloud is cloud threats and vulnerabilities. NIST has discussed cloud
used by big organizations for storing security critical security issues and challenges in their draft of cloud
information at private hosting place . Hybrid cloud uses computing synopsis and recommendations [1]. Cloud
both public and private cloud resources for data storage security alliance has provided detailed guidance for focus
where general information is stored in public cloud areas in cloud as mentioned in [2]. They have discussed
whereas critical information is maintained in private cloud. various security domains like identity management,
Community cloud is used for specific purpose like encryption & key management, application level security
education, insurance, healthcare services. Organizations for data security out of which encryption and identity
hesitate to put their critical information on public cloud management is widely by researchers.
storage as most of them either maintains users data in plain Most of the cloud storage research is carried out
text format or they may used encryption techniques on for single cloud environment which stores complete set of
their own transparent to the user. This encryption data at one place thus creating vulnerabilities like system
algorithm and security keys are maintained by cloud administrator attack, data integrity issues, data losses due
system administrators who can use them for malicious to vendor lock-in problems so further solution was
activity so there is need of system where data must be provided for multi-cloud environment as mentioned in [4]
uploaded on cloud in secured manner and user must where performance is improved by distributing trust, and
maintain critical security information with them.

484
 International Journal of Research in Advent Technology, Vol.7, No.1, January 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org
security among various clouds. They have discussed many encryption and decryption module & file splitting and
multi-cloud based systems like RACS, DepSky, HAIL merging modules.
with their advantages and disadvantages. Distributed file Step 1: Registration & Login Module
system (DFS) is used by all such systems to share and store This module will be used for user registration and
users files in distributed network. Authors have discussed login purpose. User has to perform one time registration to
popular DFS in [5] and [6]. Paval Bozh in [7] had the system by providing user credentials like username,
discussed reliability and performance improvement in DFS password and personal details. Random verification code
by distributing data and metadata parts of file separately on will be generated and forwarded to the registered mobile
the server. RACS system discussed in [8] is based on number which will be used for user verification during
creating redundant array of cloud storage which focused login to the system. This step will enhance user
only on the economic failures and of the data. Our system authentication. Once sign in user can use various system
is similar to DepSky model[10] where confidentiality, modules.
integrity cloud outage whereas HAIL system [9] works for
maintaining integrity and availability parameters for Step 2: FTP Management Module
maintaining security and privacy will be implemented. This module will be used for managing FTP
Authors have discussed multi cloud based system in [14] services used for writing and reading the data to multiple
and [15] mainly for cost effectiveness and failure clouds. FTP service will be utilized by our distributed file
management. system for communicating with distributed network. Our
system divides and store user files among multiple clouds
3. PROPOSED METHODOLOGY .Normally three clouds are used for storage and recovery
purpose .First location used to store first part of our file is
System Architecture: our local application server which is also used as storage
server. Next two locations will be public clouds where
Architecture of our proposed system is discussed below. second and third parts of the file will be stored. This
User application layer receives and transfer user module is used by the user application as FTP client for
commands to API of our distributed file system which will connecting , writing and reading various files to storage
communicate to system modules through DFS methods. server.
Encryption module will be used for encryption and
decryption of the data for maintaining the security. De- Step 3: Upload and Download Module
construction module is used for splitting of files during Upload:
writing data to multi-clouds whereas merging of files is This module will be used by the end user to write
done during reading the data from the clouds. File users data into multiple clouds using web interface. User
Transport module will be useful for writing and reading of can choose any types of file from local storage. All the
files to the multi-clouds. Users data will be written to files uploaded by the user will be listed in user specific
private / public clouds. System implementation is directory along with file details .File upload function will
discussed below in detail. be used to upload file and server map function will be used
to get server path for uploading data.

Download:
This module will be used by the end user for reading
the required file from cloud storage. User will select file
already uploaded using directory listing . System has
mapping table where file parts stored are mapped with
respective cloud storages. System will get first path from
mapping table to get first part of the file stored on local
storage Using FTP details and server path stored in
mapping table system will get 2nd and 3rd parts of the file
stored in public cloud storage . Merge function of the
system combines all the parts of file in temporary buffer
and stored it.

Figure 1: Proposed System Architecture Step 4: File Encryption and Decryption Module
This module will be used for file security purpose.
Implementation: Symmetric cryptographic techniques will be used for
Our proposed system modules are explained in securing files where encryption is used during upload
this section. We have user registration & login module, process and decryption is used during download process.
FTP setting module, File upload and download module, Users can perform encryption on complete file before
splitting into parts or perform encryption after splitting the

485
 International Journal of Research in Advent Technology, Vol.7, No.1, January 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org
file . System will provide randomly generated security key that data stored on cloud premises is safe from malicious
to the user which will be used for encryption and inside attacker.
decryption. Using the key, encrypted file parts will be Cryptographic techniques are most popular for
generated and uploaded to the security of data has been classified as symmetric or private
cloud storage. key cryptography and Asymmetric or public key
Download process uses decryption module to cryptography. Symmetric algorithms are simple and easy
decrypt the merged parts of the user file using the security to implement with less complexity . Some of the popular
key provided by the user. Once user credentials and symmetric algorithms are DES, 3DES, AES, RC5,
security key are matched then process is executed BlowFish Etc. Asymmetric cryptography is mathematically
successfully to download the requested file . more complex than symmetric but provide more security.
RSA is most popular asymmetric key algorithm.
Step 5: File Split and Merge Module We have tested our system for various symmetric
This module will be used for splitting the user file key algorithms and results are discussed in next section.
into various parts during upload process and merging the Here we discussed AES, Advanced encryption standard
parts to generate original file during the download process. algorithm
Meta data of all the files is stored on local application AES is symmetric key block cipher uses 128 bit
server which not only saves network transmission time but data size. It allows variable round and keys. It supports 10
also provides greater level of security round for 128 bit key, 12 rounds for 192 bit key and 14
rounds for 256 bit key. Each round uses 128 bit round key
extracted from original key by key generator program. It is
stronger and around six times faster than 3DES. It is
Developer Interface / SaaS iterative cipher using substitution & permutation network.
Each round in AES consists of four processes as
Web Server Byte substitution, Shift Rows, Mix Columns and Add
RoundKey
 Security:
Cloud Based File System / PaaS
In general, AES is most secured symmetric key
algorithm. It is widely accepted and used in both hardware
Proprietary Proprietary Proprietary
File System File System File System
and software implementation. AES does not have any
cryptanalytic attacks but has some side channel attacks
detected against specific versions of AES hence
programmer must take care during its implementation
5. RESULTS AND. DISCUSSIONS

Cloud A Cloud B Cloud C

We have developed system for implementing the
concept using asp.net. Our system has web interface which
Figure 1 : Multi-Cloud Secured Storage System is used by end user for communication with the system.
Registration module is used for user registration and
regular signup. We have developed a multi-cloud system in
4. SECURITY ANALYSIS which user split his file, perform encryption using
symmetric key and will upload the file to multiple clouds.
This section deals with analyzing security of our During downloading user will specify his file, system will
proposed system using various cryptographic techniques read various encrypted parts from multi clouds , merge
.Proposed system provides security to user's data by them and perform decryption to generate original file for
splitting it into multiple chunks and putting those chunks the user.
in various clouds. Confidentiality of the data is maintained Our system is using cryptographic techniques for
using encryption techniques where symmetric or securing the users data. We have chosen symmetric key
asymmetric techniques can be used cryptographic technique for our system as it is simple, easy
to implement as compared to asymmetric techniques.
 Cryptographic Techniques: We have tested our system for various symmetric
cryptographic algorithms like DES, 3DES, AES, Blowfish
Security of data is most important aspect for any and RC4. We have tested the system in cloud environment
cloud service provider. Most of the public cloud provider with following configuration. We have Xen (5.6 XCP)
stores data in plain format or some of them may use server and the client with VMware system with N- Para-
encryption / decryption using keys stored on cloud virtual machine. The cloud server has Core i5 (4.8GHz)
premises. Hence there is a need of system where with 8GB of RAM and 500GB-HDD. The client machine
cryptographic techniques are in the control of the user so has Core i3 (2.4GHz) with 2GB of RAM . We have tested

486
 International Journal of Research in Advent Technology, Vol.7, No.1, January 2019
E-ISSN: 2321-9637
Available online at www.ijrat.org
our system for encryption and decryption using various http://www.cloudsecurityalliance.org/guidance/csagui
symmetric algorithms for varying file size from 500 kb to de.v2.1.pdf
3500 kb. We came to the conclusion that AES algorithm is [3] Zhifeng Xiao and Yang Xiao, “Security and Privacy in
fastest among all other algorithms tested hence we will be Cloud Computing”, IEEE Communications Surveys &
using AES symmetric key algorithm for security of our Tutorials, March 2012
system data. [4] MohammedA. AlZain, Eric Pardede, Ben Soh, James
Following figure shows results of comparison of various A. Thom, “Cloud Computing Security: From Single to
cryptographic algorithms for varying file Multi-Clouds”, IEEE 45th Hawaii International
size. Conference on System Sciences, 2012
[5] Tran Doan Thanh, Subaji Mohan, EunmiChoil,
SangBum Kim, Pilsung Kim “A Taxonomy and
Survey on Distributed File Systems,” IEEE Fourth
International Conference on Networked Computing
and Advanced Information Management, 2008
[6] Satyanarayanan, M., "A Survey of Distributed
FileSystems," Technical Report CMU- CS-89- 116,
Departmentof Computer Science,
CarnegieMellonUniversity, 1989
[7] PavalBzoch, Jiri Safarik, “Security and reliability of
distributed file systems,” 6th IEEE international con.
on intelligent data acquisition and advanced
computing systems, Sep 2011.
[8] Hussam Abu-Libdeh, Lonnie Princehouse, Hakim
Weatherspoon, " RACS: A Case for Cloud Storage
Diversity", International conference for Internet
technology and Secured Transaction, December 2012
[9] Kevin D. Bowers, Ari Juels, Alina Oprea, "HAIL: A
High-Availability and Integrity Layer for Cloud
Storage", 16th ACM conference on Computer and
communications security, November 2009.
Figure 3 : Encryption with Symmetric Key [10] Alysson Bessani Miguel Correia Bruno Quaresma
Fernando Andre Paulo Sousa, " DEPSKY: Dependable
6. CONCLUSION and Secure Storage in a Cloud-of-Clouds", ACM
Cloud based storage systems are most popular Transaction on Storage, Vol. 9,No. 4, Article 12.
among organizations due to their "pay-as-you-go" model. November 2013
Big organizations are using private / public / hybrid cloud [11] DaliborPeric, Thomas Bocek, Fabio Victora Hecht,
infrastructure for storage but still most of them are not David Hausheer, Burkhard Stiller, “ The design and
deploying their critical data on cloud due to security evaluation of a distributed reliable file system,” Int.
concerns. Conference of parallel and distributed computing,
Our proposed system implementation is based on application and technologies, 2009
multiple clouds where data is fragmented and distributed [12] Hung-Chang Haiao, Hsueh –Yi Chung, HaiyingShen,
among various available clouds partially so that adversary Yu-Chang Chao, “Load rebalancing for distributed file
will never get complete data thus removing threats related systems in clouds,” IEEE transactions on parallel and
to single cloud system. Security is enhanced in our system distributed systems, Vol. 24, No. 5, May 2013
by using AES symmetric cipher used for encryption during [13] KhengKok Mar, “Secured virtual diffused file system
writing data to the cloud and for decryption during reading for the cloud,” 6th International
data from the cloud. We have tested our system on local [14] IEEE conference on internet technology and secured
and public cloud environment for various symmetric key transactions, UAE, December 2011
algorithm. Our system is secure and reliable. [15] Quanlu Zhang, Shenglong Li, Zhenhua Li, Yuanjian
Xing, Zhi Yang, Yafei Dai, “ CHARM: A Cost-
REFERENCES efficient multi cloud data hosting scheme with high
[1] Lee Badger, Tim Grance, Robert Patt-Corner, Jeff availability,” IEEE Transactions on Cloud Computing,
Voas DRAFT Cloud Computing Synopsis and Vol. 3, Issue 3, July-September 2015
Recommendations, NIST Special Publication 800-146, [16] Dan Dobre, Paolo Viotti, Marko Vukolic, " Hybris:
May 2011 Robust Hybrid Cloud Storage", ACM Transactions
[2] Cloud Security Alliance (CSA). “Security Guidance on Storage, Vol . 13, Issue 3, October 2017
for Critical Areas of Focus in Cloud Computing
V2.1,” (Released December 17, 2009),

487