Group no. 15

Project Presentation on,

Cloud Computing Security over Single to Multi Clouds using Secret Sharing Algorithm

By,

Priyanka Pareek (Roll No.: 70)Neeraj Sharma (Roll No.: 50)Nikhil Raverkar(Roll No.:46)Ashwini Tongle(Roll No.:53)

MET’s Bhujbal Knowledge City, Institute of Engineering

Dept. of Computer Engineering

Index• Overview• Issues Addressed• Literature survey• Problem Statement• Introduction• DepSky System and Architecture • Proposed System Architecture• Algorithm, Mathematical Model and its Analysis• Limitation• Conclusion• References

2

April 10, 2023Cloud Computing Security over Single to Multi Clouds using Secret Sharing Algorithm

Overview

Computing Security over Single to Multi Clouds :

• Data stored in the cloud can be compromised or lost. So, we have to come up with a way to secure those files. We can encrypt them before storing them in the cloud, which sorts out the disclosure aspects.

• However, what if the data is lost due to some catastrophe befalling the cloud service provider? We could store it on more than one cloud service and encrypt it before we send it off. Each of them will have the same file.

3


Issues Addressed

Issues:• Data Integrity• Maintain an account of the privacy of the cloud • Service Availability

4


Literature Survey• According to [1] cloud computing is a cost-effective, service

availability, flexible and on demand service delivery platform for providing business through the internet.

• In [2] use of multi clouds and data security, security risks and its affect on cloud computing is dealt using Shamir’s Secret Sharing algorithm. It is a form of secret sharing, where data is divided into parts, which gives each participant its own unique part, where some of the parts or all of them are required in order to reconstruct the secret.

• A system proposed in [3] provides backup. Companies seeking to protect services from such failure need measures such as backups or use of multiple providers.

5


Problem Statement

6

April 10, 2023

Encode and replicate data using secret sharing algorithm and store over multicloud system.

Cloud Computing Security over Single to Multi Clouds using Secret Sharing Algorithm

Introduction• Cloud computing concept is relatively new concept but it is

based on not so many new technologies. Many of the features that makes cloud computing attractive, however has to meet certain basic security criteria .

• The dealing with “Single cloud” providers is becoming less popular service with customers due to potential problems such as service availability failure and malicious insider’s attacks in the single cloud. So now there is a shift in users polarity from “single cloud” towards “multi clouds”, “interclouds”, or “cloud of clouds”

7


8

Contd.....


9

Security and Data Integrity issues of Cloud service:• Protecting private and important information such as credit card

details or patients’ medical records from attackers or malicious insiders is of critical importance.

• Moving databases to a large data centre involves many security challenges such as virtualization vulnerability, accessibility vulnerability, privacy and control issues related to data accessed from a third party, integrity, confidentiality, and data loss or theft.

• The data stored in the cloud may suffer from damage during transition operations from or to the cloud storage provider.

• An example of breached data occurred in 2009 in Google Docs, which triggered the Electronic Privacy Information Centre for the Federal Trade Commission to open an investigation into Google’s Cloud Computing Services.


Contd.....

DepSky Architecture [5]

10


• The stated DepSky architecture consists of four clouds and each cloud uses its own particular interface.

• The DepSky algorithm exists in the clients’ machines as a software library to communicate with each cloud.

• These four clouds are storage clouds, so there are no codes to be executed.

• The DepSky library permits reading and writing operations with the storage clouds.

• As the DepSky system deals with different cloud providers, the DepSky library deals with different cloud interface providers and consequently, the data format is accepted by each cloud.

11


Contd.....

Proposed System Architecture

12


• System to be implemented will use Secret Sharing algorithm by Shamir, which demands:

• Data ‘D’ (e.g., the safe combination) be divided into D1, D2…,Dn in such a way that: • The Knowledge of any k or few Di pieces makes D easily computable. • The Knowledge of any k-1 or fewer Di pieces leaves D completely

undetermined (in the sense that all its possible values are equally likely).

• This scheme is called (k,n) threshold scheme. If k=n then all participants are required to reconstruct the secret original data.

• The essential idea of Shamir's threshold scheme is that 2 points are sufficient to define a line, 3 points are sufficient to define a parabola, 4 points to define a cubic curve and so forth. That is, it takes points to define a polynomial of some degree .

13


Algorithm

Mathematical Analysis• Here we use a (k,n) threshold scheme to share our secret data

‘S’• We choose at random (k-1) coefficients i.e. a1 …. ak-1• We divide our secret data ‘S’ by picking a random degree

polynomial q(x)= a0+a1x+a2x^2+…+ak-1x^k-1

where a0=‘S’(i.e the data).• The essential idea of Adi Shamir's threshold scheme is that 2

points are sufficient to define a line, 3 points are sufficient to define a parabola, 4 points to define a cubic curve and so forth.

• That is, it takes “k” points to define a polynomial of degree “k-1”

14


Recovery using Lagrange basis polynomials• The “k” instances of original polynomial are processed using

Lagrange polynomials to recover the original data.• Lagrange basis are :

lo = x-x1 . x-x2 x0-x1 x0-x2 l1 = x-x0 . x-x2

x1-x0 x1-x2 l2 = x-x0 . x-x1

x2-x0 x2-x115


Implementation of Mathematical model• The following example illustrates the basic idea.• Suppose that our secret is 1234 (S=1234)

We wish to divide the secret into 6 parts (n=6) where any subset of 3 parts (k=3) is sufficient to reconstruct the secret.

At random we obtain 2 numbers: 166, 94

(a1=166 ; a2=94)

Our polynomial to produce secret shares (points) is therefore:

f(x)=1234+166x+94x^216


• We construct 6 points from the polynomial: • (1,1494) (2,1942) (3,2578) (4,3402) (5,4414) (6,5614)• We give each participant a different single point (both x and f(x))

• Reconstruction• In order to reconstruct the secret any 3 points will be enough.• Let us consider :-• (x0, yo)=(2, 1942) ; (x1, y1)=(4, 3402) ; (x2, y2)=(5, 4414)

17


Contd.....

Using Lagrange Basis Polynomial• lo = x-x1 . x-x2 = x-4 . x-5 = 1 x^2 – 3x + 10 x0-x1 x0-x2 2-4 2-5 6 2 3 • l1 = x-x0 . x-x2 = x-2 . x-5 = -1 x^2 + 7x - 5 x1-x0 x1-x2 4-2 4-5 2 2

• l2 = x-x0 . x-x1 = x-2 . x-4 = 1 x^2 – 2x + 8 x2-x0 x2-x1 5-2 5-4 3 3

18


Now 2

f(x)=∑ yj .lj(x) j=0

=1942 (1 x^2 – 3x + 10 ) + 3402 (-1 x^2 + 7x – 5) + 4414 (1 x^2 - 2x + 8)

(6 2 3 ) ( 2 2 ) (3 3)

f(x)=1234+166x+94x^2

19

Contd.....


Limitation• Only text and relational database is being implemented.• Including images and audio handling capability would increase

the size and complexity of system.• Number of data instances depend on users affiliation with

cloud service.• Maximum size of data to be handled can be known after trial

only.• Size of the data increases after encoding.

20


Conclusion

This system aims at providing a secure cloud database that will help prevent security risks and most importantly ensure against data loss, even in case of genuine damage to cloud system and part of actual data being lost is the main motive behind implementing this system. We apply multi cloud concept using Shamir’s Secret Sharing algorithm that reduces risk of data intrusion and loss of service, ensuring availability of data.

21


Reference[1] Hassan Takabi, James B.D., Joshi, Gail-Joon, Ahn, “Security and

Privacy Challenges in Cloud Computing Environments”, University of Pittsberg, October 2010.

[2] Dawson, E.; Donovan, D. (1994), "The breadth of Shamir's secret-sharing scheme", Computers & Security 13: 69–78

[3] Cloud Computing Security: From Single to Multi-Clouds,2012 ,45th Hawaii International Conference on System Sciences.

[4] Review of methods for secret sharing in cloud Computing- “International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)”, Volume 2, Issue 1, January 2013

[5] A. Bessani, M. Correia, B. Quaresma, F. André and P. Sousa, "DepSky: dependable and secure storage in a cloud-of-clouds", EuroSys'11:Proc. 6thConf. On Computer systems, 2011, pp. 31-46.

22


23

Thank You


Group no. 15

Documents

Transcript of Group no. 15