SlideShare a Scribd company logo

Secure modelling schema of distributed information access management in cloud environment

I
iaemedu

This document proposes a security management framework to protect cloud storage systems from complex attacks. It introduces a model that enforces security policies defined by cloud providers. The framework can interface with different cloud data management systems and detect both predefined and customized attacks. It evaluates user behavior and identifies malicious activity patterns based on thresholds defined in security policies. The framework was implemented on a testbed and experiments showed it can efficiently defend storage systems by evaluating policies. This generic approach provides flexible security while maintaining high performance for cloud services.

1 of 10
Download to read offline
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME ENGINEERING AND TECHNOLOGY (IJARET) ISSN 0976 - 6480 (Print) ISSN 0976 - 6499 (Online) Volume 3, Issue 2, July-December (2012), pp. 187-196 IJARET © IAEME: www.iaeme.com/ijaret.asp Journal Impact Factor (2012): 2.7078 (Calculated by GISI) ©IAEME www.jifactor.com SECURE MODELLING SCHEMA OF DISTRIBUTED INFORMATION ACCESS MANAGEMENT IN CLOUD ENVIRONMENT C. Lalrinawma Dr. Masih Saikia Asst. Prof: Dept of Computer Sciences. HOD. Dept. of Computer Sciences Govt. Zirtiri Residential Science College Pragjyotish College Mizoram, India Guwahati, India E-Mail: lalrinawma.c@gmail.com ABSTRACT The current paper focuses on furnishing a robust security schema in Cloud Environments that is recently a very active analysis area. The analysis of security comments that there are massive uncertain malicious behaviors that targets large scale Cloud data repositories, like Denial of Service attacks that can drastically degrade the overall performance of such systems and cannot be detected by typical authentication mechanisms as well. Throughout this paper, a robust security management framework is introduced in Java that allows service provider of Cloud data management systems to stipulate and enforce sophisticated security policies. This security framework is supposed to observe and eliminate outsized array of attacks made public through a communicative policy description language and to be merely interfaced with varied data management systems. The accomplished results indicate the framework to expeditiously defend storage system by evaluating the security framework on high of the advanced information management platform. Keywords-component; Cloud Computing, Security, Cloud Storage Service I. INTRODUCTION As Cloud computing [1] is rising as an honest means that to leverage accessible remote resources in a very versatile, scalable and value-effective means because of a usage-based cost model, one amongst the important issues that directly impacts the adoption rate of the Cloud paradigm is security [2]. This currently motivates an oversized variety of analysis efforts and collaborative comes on this subject. Despite the fact that Cloud computing could be a comparatively new field, some security mechanisms are already in place, most of that are imported from the Grid computing space. However, merely applying Grid techniques to Clouds might not be enough, as Clouds introduce new assumptions and requirements: Cloud 187
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME environments suppose virtualization and isolation of resources that introduce a necessity for a distinct approach. allow us to think about the of case the Nimbus Cloud-Kit [3], that inherited the Grid Security Infrastructure (GSI) [4], widely utilized in Grids to make sure message integrity and authentication of the communicating entities. during this case, once mutual authentication is performed, a possible threat is that authenticated purchasers might behave in a very malicious means, making an attempt to break the system, consume bandwidth or decrease its overall performance through operations that they need the acceptable access rights. the main target of our analysis is that the detection of such malicious purchasers that will be performing attacks [5] like Denial of Service (DoS) attacks, flooding attacks or crawling that can't be prevented by typical security mechanisms. Addressing such security vulnerabilities proves to be non-trivial. so as to attenuate management prices and increase potency, Cloud suppliers may benefit from generic security management systems that meet 2 essential requirements: (1) they'll be interfaced with any of the assorted Cloud systems that exhibit this kind of security vulnerabilities and (2) they'll handle and detect not solely predefined attacks, however conjointly those resembling customized security policies. This paper proposes such a generic security management framework, targeted at Cloud knowledge storage systems, that permits suppliers of Cloud knowledge management systems to outline and enforce complicated security policies. The generosity of this approach comes from its flexibility: it supports custom security eventualities and may be applied to completely different Cloud storage systems. Addressing such security vulnerabilities proves to be non-trivial. so as to attenuate management prices and increase potency, Cloud suppliers may benefit from generic security management systems that meet 2 essential requirements: (1) they'll be interfaced with any of the assorted Cloud systems that exhibit this kind of security vulnerabilities and (2) they'll handle and detect not solely predefined attacks, however conjointly those resembling customized security policies. This paper proposes such a generic security management framework, targeted at Cloud knowledge storage systems, that permits suppliers of Cloud knowledge management systems to outline and enforce complicated security policies. The generosity of this approach comes from its flexibility: it supports custom security eventualities and may be applied to completely different Cloud storage systems. We aim to provide high-level security mechanisms for Cloud storage services, as data access operations are vulnerable against a wide range of security attacks prone to damage the system and to affect its overall data access performance and response time. This paper focuses on the policy management core. In order to have an adequate malicious client detection level, we first have to define what kind of behavior is considered inappropriate or dangerous for the system. In section 2 we give an overview of related work which identifies all the major research work being done in this area. Section 3 highlights about the proposed system. Implementation and results are discussed in Section 4 and finally in section 5 we make some concluding remarks. II. RELATED WORK Whereas resource management in Grid environments is enforced by system directors, a matter is completely different within the context of Clouds [6] [7], where users have the management of the remote virtual resources. This raises some extra security issues regarding management policies, as purchasers need to consider the safety tools of the Cloud service suppliers. to require the instance of Nimbus [3] once more, GSI mechanisms are used to authenticate and authorize shopper requests, VM image files, resource requests, reservation and usage times for users. This approach permits for easy cluster management, identity assignment, policies enforcement, setting reservation limits and path checks. Moreover, in [8], the authors extend this mechanism by encrypting the VM pictures on the shopper aspect, permitting the user to retain information 188
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME management. However, the proposed remedy is merely appropriate for the storage of VMs, as their transfer is secured through GSI and also the start-up depends on the not-always true assumption that concerned systems are often trusted. a lot of security mechanisms (e.g., intrusion detectors) are required to guard the virtual host from attacks. From a a lot of general perspective, there's a desire to detect differing types of malicious behavior through custom policy enforcement mechanisms. Hadoop Distributed File System (HDFS) [9], the default back finish for the Hadoop Map/Reduce framework [10], implements security as a rudimentary file and directory permission mechanism. regarding authorization, the permission model is analogous to different platforms like Linux, every file and directory being related to an owner and a gaggle. HDFS uses Kerberos [11] because the underlying authentication system. In distinction to Nimbus, that depends on the powerful options of GSI, the most security threats in HDFS arise from the shortage of user-to- service authentication, service-to-service authentication and also the lack of encryption when sending and storing information. Moreover, even though a typical user doesn't have full access to the file system, HDFS is liable to varied attacks that it cannot detect, like Denial of Service. In Amazon easy Storage Service (S3) [12], the info storage and management infrastructure for Amazon’s Elastic Compute Cloud [13], the users will decide how, when and to whom the data stored in Amazon internet Services is accessible. Amazon S3 API provides access management lists (ACLs) for write and delete permissions on each objects and objects containers, denoted buckets. However, no high-level security mechanism is accessible to guard the setting from complicated attacks, like those that can't be prevented by authentication mechanisms. whereas all the comes described on top of rely heavily on authentication and authorization mechanisms, none of them is ready to spot users who arrange to damage the system or to detect specific patterns of malicious behavior. we tend to address exactly this goal: we tend to propose a generic policy management system to guard Cloud services from complicated attacks which will otherwise stay undetected and have an effect on the performance perceived by the purchasers. III. PROPOSED SYSTEM The current paper has outlined a hierarchical format for the protection policies, therefore on befits the on top of necessities. On one hand, every policy contains a collection of template user actions that form up a pattern reminiscent of a selected security attack. Additionally, the policy will specify a collection of thresholds that draw the bounds between traditional behavior that exhibits a similar activity pattern and malicious user actions. So as for an attack to be detected, the policy should be instantiated for a selected user, that is, the activity history of that user should embody recorded actions that match the template sequence provided by the policy. As an example, a DoS attack may be outlined by a series of write operations that happen in an exceedingly short amount of your time and are initiated by a similar shopper. Therefore, the corresponding policy can describe a write operation because the required pattern and can specify a period and therefore the most variety of write operations thought-about traditional for that period. In this project we have able to identify users who attempt to harm the system or to detect specific patterns of malicious behavior. We propose a generic policy management system to protect Cloud services from complex attacks that may otherwise remain undetected and affect the overall performance perceived by the clients. The proposed system is a modeling of complex and robust architecture ensuring security of data management system in cloud services over internet. The modules will consist of: 189
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME A. Cloud Controller: It will enforce the security policy towards all the active online clients in the cloud network. It will be facilitated to manage (create/delete/modify) all clients. The cloud resource and service security is ensured by implementation of IP specification in the entire client’s machine, which will force the client to access only from specific system with authorized IP and MAC. B. Clients: It is a set of different customers who are assumed to be utilizing the services offered by the cloud service providers. After passing through strict procedure of authentication from cloud controller, the clients will be authorized to access their privilege services. The clients will be entitled for uploading, modifying, deleting, and accessing data. All the clients are under strict vigilance of cloud controller. C. Virtual machine: It is a completely isolated guest operating system installation within a normal host operating system. A virtual machine (VM) is a software implementation of a machine (i.e. a computer) that executes programs like a physical machine. It will act as a bridge between clients and model of cloud infrastructure in the proposed system (see system architecture in Figure 1). Figure 1: Proposed System Architecture 190
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME D. Cloud infrastructure: It is set of dispersed data centres which are networked with their respective web servers and MySQL server. The entire clients request ends in this model. The model is also integrated with proposed security framework which will manage (enable / disable) security policy written by cloud controller. • Malicious Process (Client-Side): Three types of malicious process will be designed to operate in client’s machine as: • Flooding: Multiple duplication of requests during file upload / modification/ file accessibility. • Crawling: While deleting it will crawl through the author blob of replicated data. • Threshold check: It checks thread handling capacity by the data centres in order to check DoS attack. The main security concern is that the system must be robust enough to protect the data being accessed by unauthorized users. An attacker can impersonate an authorized user by stealing its credentials and then attempt to read all stored files (crawling). The performance analysis of the proposed system will be performed by measuring parameter matrices as: • Average throughput Vs Time with different combination of malicious clients writing. • Average throughput Vs. Client for: • Legitimate Client • Malicious or Illegitimate client • Malicious Client Vs. Time Figure 2: A high level representation of Security policy The tree structure of a security policy as shown in Figure 2, which consists of four elements: • The template set of user actions. The Preconditions element encloses the list of user actions that describe the pattern of an attack. Each user action is modeled by an Event, described through a set of attributes that identify a particular type of records in the User Activity History. To take the example of the DoS attack again, the Preconditions may contain only one 191
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME event, whose Type attribute points to the list of recorded write operations in the User Activity History. • General Parameters. They are used to differentiate the policies (e.g., Active, Priority) and to enable the detection module to interpret the events describing the policy by specifying the Start and the End event. • Actions suggested when the policy is instantiated. The element Enforcement contains a list of Constraints and Actions. When the sequence of events defined by the policy is matched, the Security Violation Detection module will select the satisfied Constraints and propose the associated Actions to the Policy Enforcement module, which will be in charge of executing them. This approach allows us to define flexible policies that result in a customized feedback that depends on some given constraints. Algorithm: Step 1: Legitimate IP address of client machine is stored into an IP Address Database (IAD) Step 2: Several statistics of incoming traffic for the current time interval N is calculated. Step 3: A hash table is used to record the IP addresses that appeared in the current interval of time. Hash table entry contains 2 fields, the number IP packets and the time stamp of the most recent packet for that IP address. Step 4: By comparing the current counts of the hash table with the IAD, we calculate how many new IP addresses have appeared in this time slot. Step 5: If the number of packets per IP address is larger than a certain threshold, an alarm is set to indicate the bandwidth attack. Step 6: By analyzing the number of new IP addresses, DoS attack can be detected. Step 7: If an attack is detected, that particular IP address is suspended. IV. IMPLEMENTATION AND RESULT The proposed system is experimented on client server experimental test bed considering 32 bit windows OS with 1.84 GHz processor. The user interface is designed on java along with Apache Tomcat as web server. To validate our approach we needed to see how it performs in large scale Cloud environments. Data intensive applications can benefit from being executed in Cloud environments if the back- end storage services provide several important features, such as a scalable architecture, handling of massive unstructured data, and high throughput for data accesses or data-location transparency. We proposed a generic security management framework that enables Cloud storage providers to define and enforce flexible security policies. The Policy Management module we developed can be adapted to a wide range of Cloud systems, and can process any kind of policy that fits a given base format generated through the Policy Definition module. In this paper, we addressed a series of security issues, which expose important vulnerabilities of Cloud platforms, and, more specifically, of Cloud data management services. 192
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME Figure 3. Implementation Plan Flow Chart Figure 4. Main GUI of the application 193
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME The data center privilege is as shown in figure 4 above, where the user needs to add the Data Centers Add Network Address & Tomcat Port Number (Network Address means : IP address of the Data center pc IP Address. For An example: 192.168.1.101, Port: 8080). This is datacenter application with help of virtual machin appllication client id we should access this page. Figure 5. Sub-privileges of application Figure 6. User interface for feeding file name and ID. Figure 7. Visualization of digital contents in datacenter. 194
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME Figure 7 shows the availability of the digital contents in datacenters. Selecting any one it will display as below if someone want to modify the data. As shown as below; then submit the update button the data has modified Figure 8. Digital content for downloading from datacenter. Figure 8 shows the user interface if an user wants to download any one file it will display like as below, the files will be accessed in particular format. V. CONCLUSION Cloud computing has been emerged out with various benefits to an individual and corporate, and at the same time has exposed various concerns in the security aspects. In this project, the security aspects of the data management services have been considered. Various existing mechanism has been studied and analyzed. It has been found that most of the existing systems apart from data security focus on client authentication and authorization. There are always a certainty that authenticated clients can execute a process of flooding, crawling, and DoS because in cloud computing environment, the client having control of virtual machines. A framework is proposed where in local area network a cluster of computers will be formed as data centre and virtual machine to mimic actual cloud infrastructure. Authentication and authorization of an accessibility of client will be facilitated by resource ID and encryption will be handled by Secure Socket Layer (SSL), further malicious activities will be performed by the client process and then security policies will be written based on matrices such as client transaction trust system and by enforcing these policies malicious clients should be monitored and detected and further performance analysis will be done for resource utilization and Quality of Service. In this project will focus on more in-depth experiments involving the detection of various types of attacks in the same time. Moreover, we will investigate the limitations of our Security Management framework, with respect to the accuracy of the detection in the case of more complex policies, as well as the probability and the impact of obtaining false positive or false negative results. Another research direction is to further develop the Trust Management component of the security management framework and study the impact it has on the Policy Enforcement decisions for complex scenarios. 195
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME REFERENCES [1] K. Keahey, R. Figueiredo, J. Fortes et al., “Science Clouds: Early experiences in cloud computing for scientific applications,” In Cloud Computing and Its Application 2008 (CCA - 08) Chicago, 2008. [2] L. Vaquero, L. Rodero-Merino, J. Caceres et al., “A break in the clouds: towards a cloud definition,” SIGCOMM Comput. Commun. Rev., vol. 39, no. 1, pp. 50–55, 2009. [3] K. Keahey, M. Tsugawa, A. Matsunaga, and J. Fortes, “Sky computing,” IEEE Internet Computing, vol. 13, no. 5, pp. 43–51, 2009. [4] V. Welch, F. Siebenlist, I. Foster et al., “Security for grid services,” HPDC-12, p. 48, 2003. [5] M. Jensen, J. Schwenk, N. Gruschka et al., “On technical security issues in cloud computing,” in CLOUD ’09, 2009, pp. 109–116. [6] B. Nicolae, G. Antoniu, L. Bouge et al., “BlobSeer: Next generation data management for large scale infrastructures,” J. Parallel Distrib. Comput., Aug 2010. [7] B. Sotomayor, R. S.Montero, I. M. Llorente et al., “Virtual infrastructure management in private and hybrid clouds,” IEEE Internet Computing, pp. 13(5):14–22, 2009. [8] M. Descher, P. Masser, T. Feilhauer et al., “Retaining data control to the client in infrastructure clouds,” Intl. Conf. on Availability, Reliability and Security, pp. 9–16, 2009. [9] “HDFS. the Hadoop distributed file system,” http://hadoop.apache.org/common/docs/r0.20.1/hdfs_design.html. [10] D. Borthakur, The Hadoop Distributed File System: Architecture and Design, The Apache Software Foundation, 2007. [11] B. C. Neuman and T. Ts’o, “Kerberos: An authentication service for computer networks,” IEEE Communications, vol. 32(9), pp. 33–38, September 1994. [12] Amazon Simple Storage Service (S3). http://aws. amazon.com/s3/. [13] Amazon Elastic Compute Cloud (EC2), http://aws. amazon.com/ec2/. 196

Recommended

A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
IJNSA Journal
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
IJERA Editor
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
Er. rahul abhishek
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
Er. rahul abhishek
 
An approach for secured data transmission at client end in cloud computing
An approach for secured data transmission at client end in cloud computingAn approach for secured data transmission at client end in cloud computing
An approach for secured data transmission at client end in cloud computing
IAEME Publication
 
FRAMEWORK FOR SECURE CLOUD COMPUTING
FRAMEWORK FOR SECURE CLOUD COMPUTINGFRAMEWORK FOR SECURE CLOUD COMPUTING
FRAMEWORK FOR SECURE CLOUD COMPUTING
ijccsa
 
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET Journal
 
Security policy enforcement in cloud infrastructure
Security policy enforcement in cloud infrastructureSecurity policy enforcement in cloud infrastructure
Security policy enforcement in cloud infrastructure
csandit
 
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
IRJET Journal
 
Data Storage Issues in Cloud Computing
Data Storage Issues in Cloud ComputingData Storage Issues in Cloud Computing
Data Storage Issues in Cloud Computing
ijtsrd
 
Enforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingEnforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computing
IAEME Publication
 
Security and Privacy Enhancing Multicloud Architecture
Security and Privacy Enhancing Multicloud ArchitectureSecurity and Privacy Enhancing Multicloud Architecture
Security and Privacy Enhancing Multicloud Architecture
ijsrd.com
 
Security Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A ReviewSecurity Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A Review
Eswar Publications
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computing
vivatechijri
 
Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
Iaetsd Iaetsd
 
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
IJNSA Journal
 
Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...
IAEME Publication
 
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSSECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
IJNSA Journal
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudA study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloud
eSAT Journals
 
A study on security responsibilities and adoption in
A study on security responsibilities and adoption inA study on security responsibilities and adoption in
A study on security responsibilities and adoption in
eSAT Publishing House
 
Vertualisation
VertualisationVertualisation
Vertualisation
Chkifa Khalid
 
Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...
iosrjce
 
Time domain sound spectrum measurements in ducted axial fan under stable regi...
Time domain sound spectrum measurements in ducted axial fan under stable regi...Time domain sound spectrum measurements in ducted axial fan under stable regi...
Time domain sound spectrum measurements in ducted axial fan under stable regi...
iaemedu
 
High performance parallel prefix adders with fast carry chain logic
High performance parallel prefix adders with fast carry chain logicHigh performance parallel prefix adders with fast carry chain logic
High performance parallel prefix adders with fast carry chain logic
iaemedu
 
Assignment of cells to switches using firefly algorithm
Assignment of cells to switches using firefly algorithmAssignment of cells to switches using firefly algorithm
Assignment of cells to switches using firefly algorithm
iaemedu
 
Effect of punch profile radius and localised compression
Effect of punch profile radius and localised compressionEffect of punch profile radius and localised compression
Effect of punch profile radius and localised compression
iaemedu
 
Improving performance and development of two stage reciprocating compressors
Improving performance and development of two stage reciprocating compressorsImproving performance and development of two stage reciprocating compressors
Improving performance and development of two stage reciprocating compressors
iaemedu
 
Octave wave sound signal measurements in ducted axial fan under stable region...
Octave wave sound signal measurements in ducted axial fan under stable region...Octave wave sound signal measurements in ducted axial fan under stable region...
Octave wave sound signal measurements in ducted axial fan under stable region...
iaemedu
 
Model for prediction of temperature distribution in workpiece for surface gri...
Model for prediction of temperature distribution in workpiece for surface gri...Model for prediction of temperature distribution in workpiece for surface gri...
Model for prediction of temperature distribution in workpiece for surface gri...
iaemedu
 

More Related Content

What's hot (15)

Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
IRJET Journal
 
Data Storage Issues in Cloud Computing
Data Storage Issues in Cloud ComputingData Storage Issues in Cloud Computing
Data Storage Issues in Cloud Computing
ijtsrd
 
Enforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingEnforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computing
IAEME Publication
 
Security and Privacy Enhancing Multicloud Architecture
Security and Privacy Enhancing Multicloud ArchitectureSecurity and Privacy Enhancing Multicloud Architecture
Security and Privacy Enhancing Multicloud Architecture
ijsrd.com
 
Security Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A ReviewSecurity Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A Review
Eswar Publications
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computing
vivatechijri
 
Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
Iaetsd Iaetsd
 
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
IJNSA Journal
 
Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...
IAEME Publication
 
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSSECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
IJNSA Journal
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudA study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloud
eSAT Journals
 
A study on security responsibilities and adoption in
A study on security responsibilities and adoption inA study on security responsibilities and adoption in
A study on security responsibilities and adoption in
eSAT Publishing House
 
Vertualisation
VertualisationVertualisation
Vertualisation
Chkifa Khalid
 
Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...
iosrjce
 
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
IRJET Journal
 
Data Storage Issues in Cloud Computing
Data Storage Issues in Cloud ComputingData Storage Issues in Cloud Computing
Data Storage Issues in Cloud Computing
ijtsrd
 
Enforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingEnforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computing
IAEME Publication
 
Security and Privacy Enhancing Multicloud Architecture
Security and Privacy Enhancing Multicloud ArchitectureSecurity and Privacy Enhancing Multicloud Architecture
Security and Privacy Enhancing Multicloud Architecture
ijsrd.com
 
Security Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A ReviewSecurity Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A Review
Eswar Publications
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computing
vivatechijri
 
Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
Iaetsd Iaetsd
 
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
IJNSA Journal
 
Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...
IAEME Publication
 
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSSECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
IJNSA Journal
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudA study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloud
eSAT Journals
 
A study on security responsibilities and adoption in
A study on security responsibilities and adoption inA study on security responsibilities and adoption in
A study on security responsibilities and adoption in
eSAT Publishing House
 
Vertualisation
VertualisationVertualisation
Vertualisation
Chkifa Khalid
 
Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...
iosrjce
 

Viewers also liked (9)

Time domain sound spectrum measurements in ducted axial fan under stable regi...
Time domain sound spectrum measurements in ducted axial fan under stable regi...Time domain sound spectrum measurements in ducted axial fan under stable regi...
Time domain sound spectrum measurements in ducted axial fan under stable regi...
iaemedu
 
High performance parallel prefix adders with fast carry chain logic
High performance parallel prefix adders with fast carry chain logicHigh performance parallel prefix adders with fast carry chain logic
High performance parallel prefix adders with fast carry chain logic
iaemedu
 
Assignment of cells to switches using firefly algorithm
Assignment of cells to switches using firefly algorithmAssignment of cells to switches using firefly algorithm
Assignment of cells to switches using firefly algorithm
iaemedu
 
Effect of punch profile radius and localised compression
Effect of punch profile radius and localised compressionEffect of punch profile radius and localised compression
Effect of punch profile radius and localised compression
iaemedu
 
Improving performance and development of two stage reciprocating compressors
Improving performance and development of two stage reciprocating compressorsImproving performance and development of two stage reciprocating compressors
Improving performance and development of two stage reciprocating compressors
iaemedu
 
Octave wave sound signal measurements in ducted axial fan under stable region...
Octave wave sound signal measurements in ducted axial fan under stable region...Octave wave sound signal measurements in ducted axial fan under stable region...
Octave wave sound signal measurements in ducted axial fan under stable region...
iaemedu
 
Model for prediction of temperature distribution in workpiece for surface gri...
Model for prediction of temperature distribution in workpiece for surface gri...Model for prediction of temperature distribution in workpiece for surface gri...
Model for prediction of temperature distribution in workpiece for surface gri...
iaemedu
 
Analysis of programming aspects of wireless sensor networks
Analysis of programming aspects of wireless sensor networksAnalysis of programming aspects of wireless sensor networks
Analysis of programming aspects of wireless sensor networks
iaemedu
 
Design and development of an automotive vertical doors opening system avdos
Design and development of an automotive vertical doors opening system avdosDesign and development of an automotive vertical doors opening system avdos
Design and development of an automotive vertical doors opening system avdos
iaemedu
 
Time domain sound spectrum measurements in ducted axial fan under stable regi...
Time domain sound spectrum measurements in ducted axial fan under stable regi...Time domain sound spectrum measurements in ducted axial fan under stable regi...
Time domain sound spectrum measurements in ducted axial fan under stable regi...
iaemedu
 
High performance parallel prefix adders with fast carry chain logic
High performance parallel prefix adders with fast carry chain logicHigh performance parallel prefix adders with fast carry chain logic
High performance parallel prefix adders with fast carry chain logic
iaemedu
 
Assignment of cells to switches using firefly algorithm
Assignment of cells to switches using firefly algorithmAssignment of cells to switches using firefly algorithm
Assignment of cells to switches using firefly algorithm
iaemedu
 
Effect of punch profile radius and localised compression
Effect of punch profile radius and localised compressionEffect of punch profile radius and localised compression
Effect of punch profile radius and localised compression
iaemedu
 
Improving performance and development of two stage reciprocating compressors
Improving performance and development of two stage reciprocating compressorsImproving performance and development of two stage reciprocating compressors
Improving performance and development of two stage reciprocating compressors
iaemedu
 
Octave wave sound signal measurements in ducted axial fan under stable region...
Octave wave sound signal measurements in ducted axial fan under stable region...Octave wave sound signal measurements in ducted axial fan under stable region...
Octave wave sound signal measurements in ducted axial fan under stable region...
iaemedu
 
Model for prediction of temperature distribution in workpiece for surface gri...
Model for prediction of temperature distribution in workpiece for surface gri...Model for prediction of temperature distribution in workpiece for surface gri...
Model for prediction of temperature distribution in workpiece for surface gri...
iaemedu
 
Analysis of programming aspects of wireless sensor networks
Analysis of programming aspects of wireless sensor networksAnalysis of programming aspects of wireless sensor networks
Analysis of programming aspects of wireless sensor networks
iaemedu
 
Design and development of an automotive vertical doors opening system avdos
Design and development of an automotive vertical doors opening system avdosDesign and development of an automotive vertical doors opening system avdos
Design and development of an automotive vertical doors opening system avdos
iaemedu
 

Similar to Secure modelling schema of distributed information access management in cloud environment (20)

Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...
IAESIJAI
 
SECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGY
SECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGYSECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGY
SECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGY
ijsrd.com
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorization
IAEME Publication
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorization
IAEME Publication
 
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsProposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Hossam Al-Ansary
 
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
ijcnes
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms
IJECEIAES
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Editor IJCATR
 
Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161
Kamal Jyoti
 
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture
IJECEIAES
 
Reliable security in cloud computing environment 2-3-4-5-6
Reliable security in cloud computing environment 2-3-4-5-6Reliable security in cloud computing environment 2-3-4-5-6
Reliable security in cloud computing environment 2-3-4-5-6
IAEME Publication
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
IJNSA Journal
 
C017421624
C017421624C017421624
C017421624
IOSR Journals
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud Application
IJSRD
 
Fs2510501055
Fs2510501055Fs2510501055
Fs2510501055
IJERA Editor
 
Enhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyEnhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through Steganography
IDES Editor
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
Stelios Krasadakis
 
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing SecurityA Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing Security
Associate Professor in VSB Coimbatore
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
IJCNCJournal
 
Comparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computingComparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computing
eSAT Journals
 
Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...
IAESIJAI
 
SECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGY
SECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGYSECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGY
SECURE DATA TRANSMISSION OVER CLOUD USING MOBILE TECHNOLOGY
ijsrd.com
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorization
IAEME Publication
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorization
IAEME Publication
 
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsProposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Hossam Al-Ansary
 
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
ijcnes
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms
IJECEIAES
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Editor IJCATR
 
Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161
Kamal Jyoti
 
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture
IJECEIAES
 
Reliable security in cloud computing environment 2-3-4-5-6
Reliable security in cloud computing environment 2-3-4-5-6Reliable security in cloud computing environment 2-3-4-5-6
Reliable security in cloud computing environment 2-3-4-5-6
IAEME Publication
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
IJNSA Journal
 
C017421624
C017421624C017421624
C017421624
IOSR Journals
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud Application
IJSRD
 
Fs2510501055
Fs2510501055Fs2510501055
Fs2510501055
IJERA Editor
 
Enhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyEnhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through Steganography
IDES Editor
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
Stelios Krasadakis
 
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing SecurityA Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing Security
Associate Professor in VSB Coimbatore
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
IJCNCJournal
 
Comparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computingComparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computing
eSAT Journals
 

More from iaemedu (20)

Tech transfer making it as a risk free approach in pharmaceutical and biotech in
Tech transfer making it as a risk free approach in pharmaceutical and biotech inTech transfer making it as a risk free approach in pharmaceutical and biotech in
Tech transfer making it as a risk free approach in pharmaceutical and biotech in
iaemedu
 
Integration of feature sets with machine learning techniques
Integration of feature sets with machine learning techniquesIntegration of feature sets with machine learning techniques
Integration of feature sets with machine learning techniques
iaemedu
 
Effective broadcasting in mobile ad hoc networks using grid
Effective broadcasting in mobile ad hoc networks using gridEffective broadcasting in mobile ad hoc networks using grid
Effective broadcasting in mobile ad hoc networks using grid
iaemedu
 
Effect of scenario environment on the performance of mane ts routing
Effect of scenario environment on the performance of mane ts routingEffect of scenario environment on the performance of mane ts routing
Effect of scenario environment on the performance of mane ts routing
iaemedu
 
Adaptive job scheduling with load balancing for workflow application
Adaptive job scheduling with load balancing for workflow applicationAdaptive job scheduling with load balancing for workflow application
Adaptive job scheduling with load balancing for workflow application
iaemedu
 
Survey on transaction reordering
Survey on transaction reorderingSurvey on transaction reordering
Survey on transaction reordering
iaemedu
 
Semantic web services and its challenges
Semantic web services and its challengesSemantic web services and its challenges
Semantic web services and its challenges
iaemedu
 
Website based patent information searching mechanism
Website based patent information searching mechanismWebsite based patent information searching mechanism
Website based patent information searching mechanism
iaemedu
 
Revisiting the experiment on detecting of replay and message modification
Revisiting the experiment on detecting of replay and message modificationRevisiting the experiment on detecting of replay and message modification
Revisiting the experiment on detecting of replay and message modification
iaemedu
 
Prediction of customer behavior using cma
Prediction of customer behavior using cmaPrediction of customer behavior using cma
Prediction of customer behavior using cma
iaemedu
 
Performance analysis of manet routing protocol in presence
Performance analysis of manet routing protocol in presencePerformance analysis of manet routing protocol in presence
Performance analysis of manet routing protocol in presence
iaemedu
 
Performance measurement of different requirements engineering
Performance measurement of different requirements engineeringPerformance measurement of different requirements engineering
Performance measurement of different requirements engineering
iaemedu
 
Mobile safety systems for automobiles
Mobile safety systems for automobilesMobile safety systems for automobiles
Mobile safety systems for automobiles
iaemedu
 
Efficient text compression using special character replacement
Efficient text compression using special character replacementEfficient text compression using special character replacement
Efficient text compression using special character replacement
iaemedu
 
Agile programming a new approach
Agile programming a new approachAgile programming a new approach
Agile programming a new approach
iaemedu
 
Adaptive load balancing techniques in global scale grid environment
Adaptive load balancing techniques in global scale grid environmentAdaptive load balancing techniques in global scale grid environment
Adaptive load balancing techniques in global scale grid environment
iaemedu
 
A survey on the performance of job scheduling in workflow application
A survey on the performance of job scheduling in workflow applicationA survey on the performance of job scheduling in workflow application
A survey on the performance of job scheduling in workflow application
iaemedu
 
A survey of mitigating routing misbehavior in mobile ad hoc networks
A survey of mitigating routing misbehavior in mobile ad hoc networksA survey of mitigating routing misbehavior in mobile ad hoc networks
A survey of mitigating routing misbehavior in mobile ad hoc networks
iaemedu
 
A novel approach for satellite imagery storage by classify
A novel approach for satellite imagery storage by classifyA novel approach for satellite imagery storage by classify
A novel approach for satellite imagery storage by classify
iaemedu
 
A self recovery approach using halftone images for medical imagery
A self recovery approach using halftone images for medical imageryA self recovery approach using halftone images for medical imagery
A self recovery approach using halftone images for medical imagery
iaemedu
 
Tech transfer making it as a risk free approach in pharmaceutical and biotech in
Tech transfer making it as a risk free approach in pharmaceutical and biotech inTech transfer making it as a risk free approach in pharmaceutical and biotech in
Tech transfer making it as a risk free approach in pharmaceutical and biotech in
iaemedu
 
Integration of feature sets with machine learning techniques
Integration of feature sets with machine learning techniquesIntegration of feature sets with machine learning techniques
Integration of feature sets with machine learning techniques
iaemedu
 
Effective broadcasting in mobile ad hoc networks using grid
Effective broadcasting in mobile ad hoc networks using gridEffective broadcasting in mobile ad hoc networks using grid
Effective broadcasting in mobile ad hoc networks using grid
iaemedu
 
Effect of scenario environment on the performance of mane ts routing
Effect of scenario environment on the performance of mane ts routingEffect of scenario environment on the performance of mane ts routing
Effect of scenario environment on the performance of mane ts routing
iaemedu
 
Adaptive job scheduling with load balancing for workflow application
Adaptive job scheduling with load balancing for workflow applicationAdaptive job scheduling with load balancing for workflow application
Adaptive job scheduling with load balancing for workflow application
iaemedu
 
Survey on transaction reordering
Survey on transaction reorderingSurvey on transaction reordering
Survey on transaction reordering
iaemedu
 
Semantic web services and its challenges
Semantic web services and its challengesSemantic web services and its challenges
Semantic web services and its challenges
iaemedu
 
Website based patent information searching mechanism
Website based patent information searching mechanismWebsite based patent information searching mechanism
Website based patent information searching mechanism
iaemedu
 
Revisiting the experiment on detecting of replay and message modification
Revisiting the experiment on detecting of replay and message modificationRevisiting the experiment on detecting of replay and message modification
Revisiting the experiment on detecting of replay and message modification
iaemedu
 
Prediction of customer behavior using cma
Prediction of customer behavior using cmaPrediction of customer behavior using cma
Prediction of customer behavior using cma
iaemedu
 
Performance analysis of manet routing protocol in presence
Performance analysis of manet routing protocol in presencePerformance analysis of manet routing protocol in presence
Performance analysis of manet routing protocol in presence
iaemedu
 
Performance measurement of different requirements engineering
Performance measurement of different requirements engineeringPerformance measurement of different requirements engineering
Performance measurement of different requirements engineering
iaemedu
 
Mobile safety systems for automobiles
Mobile safety systems for automobilesMobile safety systems for automobiles
Mobile safety systems for automobiles
iaemedu
 
Efficient text compression using special character replacement
Efficient text compression using special character replacementEfficient text compression using special character replacement
Efficient text compression using special character replacement
iaemedu
 
Agile programming a new approach
Agile programming a new approachAgile programming a new approach
Agile programming a new approach
iaemedu
 
Adaptive load balancing techniques in global scale grid environment
Adaptive load balancing techniques in global scale grid environmentAdaptive load balancing techniques in global scale grid environment
Adaptive load balancing techniques in global scale grid environment
iaemedu
 
A survey on the performance of job scheduling in workflow application
A survey on the performance of job scheduling in workflow applicationA survey on the performance of job scheduling in workflow application
A survey on the performance of job scheduling in workflow application
iaemedu
 
A survey of mitigating routing misbehavior in mobile ad hoc networks
A survey of mitigating routing misbehavior in mobile ad hoc networksA survey of mitigating routing misbehavior in mobile ad hoc networks
A survey of mitigating routing misbehavior in mobile ad hoc networks
iaemedu
 
A novel approach for satellite imagery storage by classify
A novel approach for satellite imagery storage by classifyA novel approach for satellite imagery storage by classify
A novel approach for satellite imagery storage by classify
iaemedu
 
A self recovery approach using halftone images for medical imagery
A self recovery approach using halftone images for medical imageryA self recovery approach using halftone images for medical imagery
A self recovery approach using halftone images for medical imagery
iaemedu
 

Secure modelling schema of distributed information access management in cloud environment

  • 1. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME ENGINEERING AND TECHNOLOGY (IJARET) ISSN 0976 - 6480 (Print) ISSN 0976 - 6499 (Online) Volume 3, Issue 2, July-December (2012), pp. 187-196 IJARET © IAEME: www.iaeme.com/ijaret.asp Journal Impact Factor (2012): 2.7078 (Calculated by GISI) ©IAEME www.jifactor.com SECURE MODELLING SCHEMA OF DISTRIBUTED INFORMATION ACCESS MANAGEMENT IN CLOUD ENVIRONMENT C. Lalrinawma Dr. Masih Saikia Asst. Prof: Dept of Computer Sciences. HOD. Dept. of Computer Sciences Govt. Zirtiri Residential Science College Pragjyotish College Mizoram, India Guwahati, India E-Mail: [email protected] ABSTRACT The current paper focuses on furnishing a robust security schema in Cloud Environments that is recently a very active analysis area. The analysis of security comments that there are massive uncertain malicious behaviors that targets large scale Cloud data repositories, like Denial of Service attacks that can drastically degrade the overall performance of such systems and cannot be detected by typical authentication mechanisms as well. Throughout this paper, a robust security management framework is introduced in Java that allows service provider of Cloud data management systems to stipulate and enforce sophisticated security policies. This security framework is supposed to observe and eliminate outsized array of attacks made public through a communicative policy description language and to be merely interfaced with varied data management systems. The accomplished results indicate the framework to expeditiously defend storage system by evaluating the security framework on high of the advanced information management platform. Keywords-component; Cloud Computing, Security, Cloud Storage Service I. INTRODUCTION As Cloud computing [1] is rising as an honest means that to leverage accessible remote resources in a very versatile, scalable and value-effective means because of a usage-based cost model, one amongst the important issues that directly impacts the adoption rate of the Cloud paradigm is security [2]. This currently motivates an oversized variety of analysis efforts and collaborative comes on this subject. Despite the fact that Cloud computing could be a comparatively new field, some security mechanisms are already in place, most of that are imported from the Grid computing space. However, merely applying Grid techniques to Clouds might not be enough, as Clouds introduce new assumptions and requirements: Cloud 187
  • 2. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME environments suppose virtualization and isolation of resources that introduce a necessity for a distinct approach. allow us to think about the of case the Nimbus Cloud-Kit [3], that inherited the Grid Security Infrastructure (GSI) [4], widely utilized in Grids to make sure message integrity and authentication of the communicating entities. during this case, once mutual authentication is performed, a possible threat is that authenticated purchasers might behave in a very malicious means, making an attempt to break the system, consume bandwidth or decrease its overall performance through operations that they need the acceptable access rights. the main target of our analysis is that the detection of such malicious purchasers that will be performing attacks [5] like Denial of Service (DoS) attacks, flooding attacks or crawling that can't be prevented by typical security mechanisms. Addressing such security vulnerabilities proves to be non-trivial. so as to attenuate management prices and increase potency, Cloud suppliers may benefit from generic security management systems that meet 2 essential requirements: (1) they'll be interfaced with any of the assorted Cloud systems that exhibit this kind of security vulnerabilities and (2) they'll handle and detect not solely predefined attacks, however conjointly those resembling customized security policies. This paper proposes such a generic security management framework, targeted at Cloud knowledge storage systems, that permits suppliers of Cloud knowledge management systems to outline and enforce complicated security policies. The generosity of this approach comes from its flexibility: it supports custom security eventualities and may be applied to completely different Cloud storage systems. Addressing such security vulnerabilities proves to be non-trivial. so as to attenuate management prices and increase potency, Cloud suppliers may benefit from generic security management systems that meet 2 essential requirements: (1) they'll be interfaced with any of the assorted Cloud systems that exhibit this kind of security vulnerabilities and (2) they'll handle and detect not solely predefined attacks, however conjointly those resembling customized security policies. This paper proposes such a generic security management framework, targeted at Cloud knowledge storage systems, that permits suppliers of Cloud knowledge management systems to outline and enforce complicated security policies. The generosity of this approach comes from its flexibility: it supports custom security eventualities and may be applied to completely different Cloud storage systems. We aim to provide high-level security mechanisms for Cloud storage services, as data access operations are vulnerable against a wide range of security attacks prone to damage the system and to affect its overall data access performance and response time. This paper focuses on the policy management core. In order to have an adequate malicious client detection level, we first have to define what kind of behavior is considered inappropriate or dangerous for the system. In section 2 we give an overview of related work which identifies all the major research work being done in this area. Section 3 highlights about the proposed system. Implementation and results are discussed in Section 4 and finally in section 5 we make some concluding remarks. II. RELATED WORK Whereas resource management in Grid environments is enforced by system directors, a matter is completely different within the context of Clouds [6] [7], where users have the management of the remote virtual resources. This raises some extra security issues regarding management policies, as purchasers need to consider the safety tools of the Cloud service suppliers. to require the instance of Nimbus [3] once more, GSI mechanisms are used to authenticate and authorize shopper requests, VM image files, resource requests, reservation and usage times for users. This approach permits for easy cluster management, identity assignment, policies enforcement, setting reservation limits and path checks. Moreover, in [8], the authors extend this mechanism by encrypting the VM pictures on the shopper aspect, permitting the user to retain information 188
  • 3. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME management. However, the proposed remedy is merely appropriate for the storage of VMs, as their transfer is secured through GSI and also the start-up depends on the not-always true assumption that concerned systems are often trusted. a lot of security mechanisms (e.g., intrusion detectors) are required to guard the virtual host from attacks. From a a lot of general perspective, there's a desire to detect differing types of malicious behavior through custom policy enforcement mechanisms. Hadoop Distributed File System (HDFS) [9], the default back finish for the Hadoop Map/Reduce framework [10], implements security as a rudimentary file and directory permission mechanism. regarding authorization, the permission model is analogous to different platforms like Linux, every file and directory being related to an owner and a gaggle. HDFS uses Kerberos [11] because the underlying authentication system. In distinction to Nimbus, that depends on the powerful options of GSI, the most security threats in HDFS arise from the shortage of user-to- service authentication, service-to-service authentication and also the lack of encryption when sending and storing information. Moreover, even though a typical user doesn't have full access to the file system, HDFS is liable to varied attacks that it cannot detect, like Denial of Service. In Amazon easy Storage Service (S3) [12], the info storage and management infrastructure for Amazon’s Elastic Compute Cloud [13], the users will decide how, when and to whom the data stored in Amazon internet Services is accessible. Amazon S3 API provides access management lists (ACLs) for write and delete permissions on each objects and objects containers, denoted buckets. However, no high-level security mechanism is accessible to guard the setting from complicated attacks, like those that can't be prevented by authentication mechanisms. whereas all the comes described on top of rely heavily on authentication and authorization mechanisms, none of them is ready to spot users who arrange to damage the system or to detect specific patterns of malicious behavior. we tend to address exactly this goal: we tend to propose a generic policy management system to guard Cloud services from complicated attacks which will otherwise stay undetected and have an effect on the performance perceived by the purchasers. III. PROPOSED SYSTEM The current paper has outlined a hierarchical format for the protection policies, therefore on befits the on top of necessities. On one hand, every policy contains a collection of template user actions that form up a pattern reminiscent of a selected security attack. Additionally, the policy will specify a collection of thresholds that draw the bounds between traditional behavior that exhibits a similar activity pattern and malicious user actions. So as for an attack to be detected, the policy should be instantiated for a selected user, that is, the activity history of that user should embody recorded actions that match the template sequence provided by the policy. As an example, a DoS attack may be outlined by a series of write operations that happen in an exceedingly short amount of your time and are initiated by a similar shopper. Therefore, the corresponding policy can describe a write operation because the required pattern and can specify a period and therefore the most variety of write operations thought-about traditional for that period. In this project we have able to identify users who attempt to harm the system or to detect specific patterns of malicious behavior. We propose a generic policy management system to protect Cloud services from complex attacks that may otherwise remain undetected and affect the overall performance perceived by the clients. The proposed system is a modeling of complex and robust architecture ensuring security of data management system in cloud services over internet. The modules will consist of: 189
  • 4. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME A. Cloud Controller: It will enforce the security policy towards all the active online clients in the cloud network. It will be facilitated to manage (create/delete/modify) all clients. The cloud resource and service security is ensured by implementation of IP specification in the entire client’s machine, which will force the client to access only from specific system with authorized IP and MAC. B. Clients: It is a set of different customers who are assumed to be utilizing the services offered by the cloud service providers. After passing through strict procedure of authentication from cloud controller, the clients will be authorized to access their privilege services. The clients will be entitled for uploading, modifying, deleting, and accessing data. All the clients are under strict vigilance of cloud controller. C. Virtual machine: It is a completely isolated guest operating system installation within a normal host operating system. A virtual machine (VM) is a software implementation of a machine (i.e. a computer) that executes programs like a physical machine. It will act as a bridge between clients and model of cloud infrastructure in the proposed system (see system architecture in Figure 1). Figure 1: Proposed System Architecture 190
  • 5. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME D. Cloud infrastructure: It is set of dispersed data centres which are networked with their respective web servers and MySQL server. The entire clients request ends in this model. The model is also integrated with proposed security framework which will manage (enable / disable) security policy written by cloud controller. • Malicious Process (Client-Side): Three types of malicious process will be designed to operate in client’s machine as: • Flooding: Multiple duplication of requests during file upload / modification/ file accessibility. • Crawling: While deleting it will crawl through the author blob of replicated data. • Threshold check: It checks thread handling capacity by the data centres in order to check DoS attack. The main security concern is that the system must be robust enough to protect the data being accessed by unauthorized users. An attacker can impersonate an authorized user by stealing its credentials and then attempt to read all stored files (crawling). The performance analysis of the proposed system will be performed by measuring parameter matrices as: • Average throughput Vs Time with different combination of malicious clients writing. • Average throughput Vs. Client for: • Legitimate Client • Malicious or Illegitimate client • Malicious Client Vs. Time Figure 2: A high level representation of Security policy The tree structure of a security policy as shown in Figure 2, which consists of four elements: • The template set of user actions. The Preconditions element encloses the list of user actions that describe the pattern of an attack. Each user action is modeled by an Event, described through a set of attributes that identify a particular type of records in the User Activity History. To take the example of the DoS attack again, the Preconditions may contain only one 191
  • 6. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME event, whose Type attribute points to the list of recorded write operations in the User Activity History. • General Parameters. They are used to differentiate the policies (e.g., Active, Priority) and to enable the detection module to interpret the events describing the policy by specifying the Start and the End event. • Actions suggested when the policy is instantiated. The element Enforcement contains a list of Constraints and Actions. When the sequence of events defined by the policy is matched, the Security Violation Detection module will select the satisfied Constraints and propose the associated Actions to the Policy Enforcement module, which will be in charge of executing them. This approach allows us to define flexible policies that result in a customized feedback that depends on some given constraints. Algorithm: Step 1: Legitimate IP address of client machine is stored into an IP Address Database (IAD) Step 2: Several statistics of incoming traffic for the current time interval N is calculated. Step 3: A hash table is used to record the IP addresses that appeared in the current interval of time. Hash table entry contains 2 fields, the number IP packets and the time stamp of the most recent packet for that IP address. Step 4: By comparing the current counts of the hash table with the IAD, we calculate how many new IP addresses have appeared in this time slot. Step 5: If the number of packets per IP address is larger than a certain threshold, an alarm is set to indicate the bandwidth attack. Step 6: By analyzing the number of new IP addresses, DoS attack can be detected. Step 7: If an attack is detected, that particular IP address is suspended. IV. IMPLEMENTATION AND RESULT The proposed system is experimented on client server experimental test bed considering 32 bit windows OS with 1.84 GHz processor. The user interface is designed on java along with Apache Tomcat as web server. To validate our approach we needed to see how it performs in large scale Cloud environments. Data intensive applications can benefit from being executed in Cloud environments if the back- end storage services provide several important features, such as a scalable architecture, handling of massive unstructured data, and high throughput for data accesses or data-location transparency. We proposed a generic security management framework that enables Cloud storage providers to define and enforce flexible security policies. The Policy Management module we developed can be adapted to a wide range of Cloud systems, and can process any kind of policy that fits a given base format generated through the Policy Definition module. In this paper, we addressed a series of security issues, which expose important vulnerabilities of Cloud platforms, and, more specifically, of Cloud data management services. 192
  • 7. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME Figure 3. Implementation Plan Flow Chart Figure 4. Main GUI of the application 193
  • 8. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME The data center privilege is as shown in figure 4 above, where the user needs to add the Data Centers Add Network Address & Tomcat Port Number (Network Address means : IP address of the Data center pc IP Address. For An example: 192.168.1.101, Port: 8080). This is datacenter application with help of virtual machin appllication client id we should access this page. Figure 5. Sub-privileges of application Figure 6. User interface for feeding file name and ID. Figure 7. Visualization of digital contents in datacenter. 194
  • 9. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME Figure 7 shows the availability of the digital contents in datacenters. Selecting any one it will display as below if someone want to modify the data. As shown as below; then submit the update button the data has modified Figure 8. Digital content for downloading from datacenter. Figure 8 shows the user interface if an user wants to download any one file it will display like as below, the files will be accessed in particular format. V. CONCLUSION Cloud computing has been emerged out with various benefits to an individual and corporate, and at the same time has exposed various concerns in the security aspects. In this project, the security aspects of the data management services have been considered. Various existing mechanism has been studied and analyzed. It has been found that most of the existing systems apart from data security focus on client authentication and authorization. There are always a certainty that authenticated clients can execute a process of flooding, crawling, and DoS because in cloud computing environment, the client having control of virtual machines. A framework is proposed where in local area network a cluster of computers will be formed as data centre and virtual machine to mimic actual cloud infrastructure. Authentication and authorization of an accessibility of client will be facilitated by resource ID and encryption will be handled by Secure Socket Layer (SSL), further malicious activities will be performed by the client process and then security policies will be written based on matrices such as client transaction trust system and by enforcing these policies malicious clients should be monitored and detected and further performance analysis will be done for resource utilization and Quality of Service. In this project will focus on more in-depth experiments involving the detection of various types of attacks in the same time. Moreover, we will investigate the limitations of our Security Management framework, with respect to the accuracy of the detection in the case of more complex policies, as well as the probability and the impact of obtaining false positive or false negative results. Another research direction is to further develop the Trust Management component of the security management framework and study the impact it has on the Policy Enforcement decisions for complex scenarios. 195
  • 10. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 3, Number 2, July-December (2012), © IAEME REFERENCES [1] K. Keahey, R. Figueiredo, J. Fortes et al., “Science Clouds: Early experiences in cloud computing for scientific applications,” In Cloud Computing and Its Application 2008 (CCA - 08) Chicago, 2008. [2] L. Vaquero, L. Rodero-Merino, J. Caceres et al., “A break in the clouds: towards a cloud definition,” SIGCOMM Comput. Commun. Rev., vol. 39, no. 1, pp. 50–55, 2009. [3] K. Keahey, M. Tsugawa, A. Matsunaga, and J. Fortes, “Sky computing,” IEEE Internet Computing, vol. 13, no. 5, pp. 43–51, 2009. [4] V. Welch, F. Siebenlist, I. Foster et al., “Security for grid services,” HPDC-12, p. 48, 2003. [5] M. Jensen, J. Schwenk, N. Gruschka et al., “On technical security issues in cloud computing,” in CLOUD ’09, 2009, pp. 109–116. [6] B. Nicolae, G. Antoniu, L. Bouge et al., “BlobSeer: Next generation data management for large scale infrastructures,” J. Parallel Distrib. Comput., Aug 2010. [7] B. Sotomayor, R. S.Montero, I. M. Llorente et al., “Virtual infrastructure management in private and hybrid clouds,” IEEE Internet Computing, pp. 13(5):14–22, 2009. [8] M. Descher, P. Masser, T. Feilhauer et al., “Retaining data control to the client in infrastructure clouds,” Intl. Conf. on Availability, Reliability and Security, pp. 9–16, 2009. [9] “HDFS. the Hadoop distributed file system,” http://hadoop.apache.org/common/docs/r0.20.1/hdfs_design.html. [10] D. Borthakur, The Hadoop Distributed File System: Architecture and Design, The Apache Software Foundation, 2007. [11] B. C. Neuman and T. Ts’o, “Kerberos: An authentication service for computer networks,” IEEE Communications, vol. 32(9), pp. 33–38, September 1994. [12] Amazon Simple Storage Service (S3). http://aws. amazon.com/s3/. [13] Amazon Elastic Compute Cloud (EC2), http://aws. amazon.com/ec2/. 196