Professional Documents
Culture Documents
ISSN No:-2456-2165
Abstract:- The safety of one's data when using cloud New York Times rented Amazon's cloud computing
computing is the topic of this research. It is an capabilities in order to convert over 11 million stories into
investigation into the data stored in the cloud as well as electronic documents for users to explore, at a total cost of
the various issues of data security that are connected to it. $ 240, which is significantly less than the cost of one of the
In this paper, we will go into the specifics of data dozens or perhaps hundreds of traditional alternatives. In
protection methods and approaches that are utilized in addition, the cloud is a highly practical, quick way for a
different parts of the world to provide the highest level of startup to save money on essentials like servers, software, and
data protection possible by minimizing potential dangers processing capacity expansion. Unfortunately, cloud
and hazards. The availability of data in the cloud is computing has not yet achieved the kind of commercial
advantageous for a wide variety of applications, but it also dominance that we had hoped for.
presents hazards because it exposes data to applications
that may already contain vulnerabilities in their security When it comes to adapting cloud storage for data,
protocols. In a similar vein, the utilization of privacy and data security are important concerns. It is
virtualization for cloud computing may put data at risk essential for the cloud service to guarantee the confidentiality
when a guest operating system is run atop a hypervisor of the data as well as its own integrity and protection. To
without first determining the dependability of the guest achieve this goal, anumber of different service providers are
operating system, which may contain a security flaw. In utilizing a variety of policies and mechanisms, each of which
addition to this, the paper will shed light on the various is determined by the nature, type, and scale of the data. One
facets of data security that pertain to data both while it is of the benefits of using cloud computing is the ability for
in transit and when it is stored. The research considers several organizations’ data to be shared with one another.
all aspects of Software as a Service (SaaS), Platform as a Nevertheless, this benefit in and of itself constitutes a threat to
Service (PaaS), and Infrastructure as a Service (IaaS) data. It is imperative that data repositories be protected in
(Infrastructure as a Service). order to ward off any potential dangers to the data. When
using the cloud to store data, one of the most important
Keywords:- Data Security, Cloud Computing, Data questions to ask is whether or not to use a cloud service
Protection, Privacy, Risks, and threats. provided by a third party or to build an internal organizational
cloud. Sometimes, the information is too sensitive to be
I. INTRODUCTION stored in a public cloud. This could be the case with data
pertaining to national security or highly confidential
There has been a recent emergence of the term "Cloud information regarding future products, for example. The
Computing," but it is still not commonly used. One of the repercussions of exposing this type of data on a public cloud
simplest definitions is "a network solution for offering cheap, can be severe because this data might be exceedingly
dependable, accessible, and simple access to IT resources." sensitive, and the cloud in question can be public. When this
The focus of cloud computing is on the underlying services, occurs, it is strongly advised that the data be stored using the
rather than the applications themselves. Cloud computing's internal cloud of the organization. Imposing an on-premises
service orientation not only lowers the total cost of ownership data usage policy, this strategy can be helpful in the process
and operational expenses but also gives users more control of keeping data secure. However, this does not guarantee
over their systems and better overall performance. Like the complete data security and privacy because many firms do
transition from traditional computing to a centralized power not have the necessary expertise to apply all of the necessary
supply method, cloud computing originates from a single layers of protection to sensitive data.
generator at a power steering plant. This means that computer
capability can be utilized as a commodity and traded like The purpose of this paper is to investigate the methods
water or energy. of data security that are currently in use all over the world to
safeguard and protect data stored in the cloud. It examines the
Internet-based distributed and virtual machine potential dangers that could befall data stored in the cloud as
technologiesinspired the concept of cloud computing, which well as the solutions that have been implemented by a variety
aims to lower the cost of computing by providing consumers of service providers in order to protect data. growth of
with low- priced computer services and storage options. The computing in the cloud.
On the other side, Chen and Zhao have talked about The third type of cloud is the "community cloud," which
the customers' worries about shifting their data to the functions similarly to a private cloud but is shared among a
cloud. According to Chen and Zhao, concerns about data smaller group of people.
security areone of the primary factors that contribute to
the reluctance ofmajor businesses to shift their data to Cloud infrastructure that combines elements of many
the cloud. The authorshave offered an excellent analysis deployment types is called a hybrid cloud.
of the data security andprivacy protection challenges
associated with cloudcomputing.
Data interception:-
Fig 4 :- Data in Use
In cloud computing, data is separated and dispersed
while in transit, in contrast to traditional computing. This
increases risksdue to the insecurity and frailty of computer
technology, especially with regards to sniffing and spoofing,
third-party attacks, and reply assaults.
For instance, in some cloud computing use cases, the Secure Sockets Layer (SSL) 128-bit encryption, which
client may assume ownership of the computers, while in maybe upgraded to 256 bits, is introduced to guarantee the
others, the service provider may assume control by instituting availability, integrity, and secrecy of cloud data. Access to
strict accesspolicies. encrypted cloud data requires a user ID and password. The
userinputs data into the cloud, and the cloud service provider
Information leakage during data uploading to the cloud, encrypts it with the RSA algorithm before storing it. The
attacks on privacy and security of user's data, lost or cloudservice provider authenticates the user's identity before
maliciously manipulated encryption keys, and disagreements handing over encrypted data that can be unlocked with a
between service providers and customers on procedure and personal key.
policies pertaining to the operation of cloud computing
applications all pose additional security challenges. The three layers of this data security approach all
contribute to keeping cloud information safe. Data is
There are also complications that don't directly threaten authenticated in the first layer, encrypted in the second, and
the security of cloud applications but do interact with or decrypted in the third. If your data is stored in the cloud, RC5
influence cloud computing. Changes in network traffic, will keep it safe. Theft of encrypted data is catastrophic since
network outages, and managerial complications including no recovery key exists.
inefficient resource utilisation, traffic buildup, and lost
connections all fall under this category. Social engineering With the help of role-based access control (RBAC)
assaults, natural disasters, andtheft of equipment are just a few cloud architecture and the Role-Based Encryption (RBE)
examples of the additional threats that might impact cloud method, businesses can confidently store data in the public
computing deployments. cloud while keeping sensitive information about their internal
structures in a private cloud.
VII. PROPOSED SOLUTIONS/APPROACHES TO
ENSURE THE DATA SECURITY IN CLOUD Data owner, data consumer, cloud server, and N
attribute authorities are the four defined authorities in. In
Encryption:- order to send encrypted data to a cloud server, the data's
The most popular method for protecting information in owner must first geta public key from the relevant authorities.
the cloud was encryption (used by 45%). To protect cloud After receiving a request for information, authorities generate
information, it is suggested using digital signatures based on a private key and provide it to the end user. Only once the
the RSA method. Which programme minimises filesize by user has been authenticated by the cloud service will he be
using a hashing algorithm? The digital signature is generated able to download the file. There are two distinct approaches
by encrypting the message digest using the individual's to safe cloud computing, one of which necessitates a reliable
privatekey in software. A digital signature is converted into a third party andthe other of which does not. Data stored in the
messagedigest by software using the recipient's private key cloud is protected using Elliptic Curve DiffieHellman
and the sender's public key. (ECDH) and symmetric bivariate polynomial-based secret
sharing.
Use both the SDES and DES cypher methods for a more
secure and robust game (DES). In this method, a 64-bit block In, an encryption method dependent on a user's physical
of plain text is split in half using a "black box;" the right half location was unveiled. Data was encrypted using a geo
contains two bits, while the left half contains six bits. These encryption method and labelled with the firm or employee's
sixbits are then fed into a "superior function" block, where name in the cloud and on the user's machine. Data is retrieved
they are split once again; the first two bits represent the rows, using a cloud-based search for a matching label whenever it
whilethe last four bits represent the columns. Then, the output is required. Information kept in the cloud can be encrypted
from the vigenere block is multiplied by this function, which and signed digitally, as well as using the Diffie-Hellman key
is applied to all eight octets. The output of the black box is 64 exchange and the Advanced Encryption Standard. The
bits, which are subsequently subdivided into 4 new octaves. authentication, data security, and verification needs are met
The left half is derived by XOR-ending the right and left bythis approach.
halves. At least thrice
Guidelines:-
The data is encrypted using RSA, and the keys are According to the findings of research, 21% of studies
securely exchanged using Bilinear Diffie-Hellman. The use guidelines to guarantee the security of data stored in the
suggested solution adds a message header to each data packet cloud. By introducing a new cloud system architecture
so that clients can securely communicate with the cloud approach that has three features—separation of software
directly, without going through a proxy server. The server service providers and infrastructure service providers, hiding