data storage security technique for cloud computing
Transcript of data storage security technique for cloud computing
1
STEGANOGRAPHIC APPROACH TO ENSURE DATA STORAGESECURITY IN CLOUD COMPUTING USING HUFFMAN CODING
CREATED BY: HASIMSHAH . R . S
2CONTENTS1.INTRODUCTION2.RELATED WORK3.DESIGN OF THE SYSTEM4.ALGORITHMS USED IN THE SYSTEM5.SECURITY ANALYSIS AND PERFOMANCE EVALUATION6.CONCLUSION7.REFERENCES
3INTRODUCTION
Cloud computing
4 The cloud computing model allows access to information and computer resources from anywhere that a network connection is available. Cloud computing provides a shared pool of resources, including data storage space, networks, computer processing power, and specialized corporate and user applications.
Cloud computing is a practical approach to experience direct cost benefits and it has the potential to transform a data center from a capital-intensive set up to a variable priced environment. The idea of cloud computing is based on a very fundamental principal of „reusability of IT capabilities'.
5INTRODUCTION(CNTD)Data securityCan’t implement Traditional cryptographic technology .Cloud - not a third-party warehouse.Data stored in multiple physical locations in random
mannerSteganographic Approach Using Huffman Coding ensures explicit dynamic data support security of data when these data are in the cloud storage.
6INTRODUCTION(CONT)
The Huffman Tree constructs an optimal prefix code called a Huffman code.Let’s say, there are six characters A,B,C,D,E and F as shown in Fig a .
7INTRODUCTION(CONT)
Now for a given code 0 100 100 1101 we can decode them to get back the original code by traversing the Huffman tree.
8CLOUD COMPUTING ARCHITECTURE AND SECURITY ISSUES
DEPLOYMENT MODELSPrivate cloudCommunity cloudPublic cloudHybrid cloud
SERVICE DELIVERY MODELSSoftware as a Service(SaaS)Platform as a Service(PaaS)Infrastructure as a Srevice(IaaS)
INTRODUCTION(CONT)
9
SECURITY ISSUES
Phishing data loss botnet (Collection of machines are running remotely).
botnet - offers more reliable infrastructure at a relatively low price for attack.
INTRODUCTION(CONT)
10
Problem statement :Main problem - loss of control of data stored in the cloud.
Schematic System Architecture for Cloud
INTRODUCTION(CONT)
11RELATED WORKcong wang et al.use homomorphic token with distributed verification of erasure-coded data.
but it is failed to achieve public verifiability and storage correctness.
shantanu pal et al. ensures to find location of adversary or the attacking party from its target.
it may try to attack them, if adversary knows the location of the other vms. this may harm the other vms in between.
ateniese et al.proposed the “provable data possession” (pdp) model to ensure possession of file in untrusted storages.
This scheme used public key based homomorphic tags to audit the data file and it is providing public verifiability.
12DESIGN OF THE SYSTEM
Storing data into some images. - steganography .
Processes to store or retrieve their data :
13
Computational model to Store Data
Computational model to Retrieve Data
14Human Visual System(HVS) has very low sensitivity.
Variable length encoding doesn’t help attacker to recognize characters.
He/she has no idea about frequency of characters.
Can’t generate Huffman code.
Ultimately we are having a secured system
15Image database
•Images stored in CSP-1•Set of images sent to CSP-3 - user wants to store data in cloud
File database•File holds the address of images
Embedded data into Images•Counts total no. of characters•Finds frequency of each characters by Huffman code•Applies Steganography to both frequency of characters & codified data.
16ALGORITHMS USED IN THE SYSTEMALGORITHM 1 : HF-codification()1. procedure2. Read file FText which is to be saved in Cloud3. Compute CN from FText4. Find the frequency of occurrences of each characters in Ftext and store them in some chronological order5. Store frequency in a new file FFreq .6. FN = Freq-Codification( )
177. Call Huffman-Tree()8. Create a file FCode
9. Open FN. Reach EOF of FN where the originalcharacters of FText will be replaced by the Huffmancodes present in FCode .10. Calculate the total Bit BCount in FN.11. Delete FText, F Freq and F Code.12. Call Steganography() to perform steganography on FN13. end procedure
18FILE CODIFICATIONfrequency file is read digit by digit & each digit is codified
into 4- bit binary pattern
Algorithm 2: Freq-Codification ()1. procedure2. Open FFreq and a new File FN.3. while ( Read characters from F Freq until EOF )4. do if (character is a new line character)5. Append 1111 at the end of FN.6. else
19
7. Convert the digit to its 4-bit binary form.8. Append those 4-bits at the end of FN.9. end if10. end while11. Append 11111111 at the end of FN.12. Return FN13. end procedure
Algorithm 2: Freq-Codification () (CNTD…)
20Hiding Data within Images SteganographyDeals the pre-requisite requirements like :load image, store file name, image indexfinally call the MdfImg operation which will map data from file to
images.ALGORITHM 3: STEGANOGRAPHY()1. procedure2. Load Image_Index = ImageSearch (Image_Database)3. Store (FName, BCount, Image_Index)4. MdfImg (Image_Database [Image_Index]);5. end procedure.
21SEARCHING OF VALID IMAGEThe algorithm searches an image which we can be used to store the data. It returns the address of a valid image if it is available in image database.
ALGORITHM 4: IMAGESEARCH(IMAGE_DATABASE)1. procedure2. Open Image_Database;3. for Image_Database(i), i<-1, n do4. if (Image_Database(i).valid==1)5. return i6. end if7. end for8. end procedure
22MAPPING DATA FROM A FILE TO IMAGEIt does the actual steganographic operation by storing data into images.
Algorithm 5: MdfImg (Image_Database [Image_Index])1. procedure2. Read Image_Database [Image_Index];3. Compute Pixel Count for Image_Database[Image_Index];4. Open FN5. while (Read Characters until EOF)6. do if (Pixel Count < B Count) …
23
7. Last bit of each consecutive pixels of the Image_Database[Image_Index] is replaced by Store each character.8. else9. Load Image_Index1=ImageSearch(Image_Database)10. Image_Database[Image_Index1].valid=Image_Index111. Image_Database [Image_Index1].valid=012. end if13. end while14. end procedure
Algorithm 5: MdfImg (Image_Database [Image_Index]) (CNTD)
24RETRIEVING DATA FROM IMAGEThe following algorithm retrieves the data from the images which is kept in cloud storage.
Algorithm 6: RetrieveData ()1. procedure2. Read File_Database;3. for F_Database (i), i=1 to m4. do if (F exits)5. I=Holds the address of image.6. end if7. end for8. Open Image_Database;9. Read Image_Database [I];10. Open a F Temp and a F Freq
2511. while (Until we get 11111111 in Image_Database [I])
12. do Read 4 bits at a time from 4 consecutive pixels
13. Convert them into decimal form.
14. sum =sum + 4
15. if ( decimal number is within 0 to 9 )
16. Write that digit in F Freq17. else18. Write new line character in F Freq19. end if20. end while21. sum= sum - BCount22. Call Huffman-Tree( ) based on the frequency counts
present in FFreq and create the HuffmanTree.
2623. while ( sum <= BCount ) do24. read bits from Image_Database [I]25. Start traversing the Huffman-Tree from root.26. When we reach leaf node, we will get character.27. Append that character in FTemp .28. Increment sum number of times we collect bitsfrom Image_Database [I]29. end while30. Show F Temp to the user, after user closes the file FTemp, delete the file FTemp from system.31. end procedure
27CONSTRUCTION OF HUFFMAN TREE A priority queue, Q, is used to generate Huffman Tree with levels (frequency) as key. Algorithm 7a: Huffman-Tree (X) 1. procedure 2. FN=|X| 3. Q=X 4. for i=1 to N-1 5. do 6. Z=Allocate_node( ) 7. Z.left=Extract_min(Q) 8. Z.right=Extract_min(Q) 9. Frequency(Z)=Frequency(Z.left)+Frequency(Z.right) 10. Insert(Q,Z) 11. end for 12. end procedure
28Algorithm 7b: Allocate_node()1. Procedure2. Create a node for storing characters and theirfrequency from available free memory space.3. Return the allocated node.4. End procedureAlgorithm 7c: Extract_min(Q)1. procedure2. Remove and return the character with minimumfrequency from the priority queue Q.3. end procedure
29
Algorithm 7d: Insert(Q,Z)1. procedure2. Insert the node Z in the priority queue Q3. end procedure
30Security Analysis and PerformanceEvaluation
Huffman coding is a variable length coding scheme.The frequency of each character is stored in some chronological order.Variable length encoding does not help the attacker to recognize the characters.Decoding of bits can only be done by the Huffman tree only.The frequency file contains only frequency.Change in chronological order results difficulty of tracking characters.Ultimately we are having a secured system.
31• SECURITY STRENGTH AGAINST CSP-1CSP-1 only stores some files.CSP-1 does not contain the retrieving algorithm, thus the images containing data are purely safe.
•SECURITY STRENGTH AGAINST CSP-2Retrieving and hiding mechanism are stored in CSP-2.Knowing only the algorithm will not help the attacker.
•SECURITY STRENGTH AGAINST CSP-3CSP-3 is responsible for computation.All files will be deleted after the above operations.
32CONCLUSIONWe applied steganographic approach to ensure data storage security in cloud computing using Huffman Coding (SAHC).
Through detailed security and performance analysis this approach gives high security of data when it is on rest in the data center of any Cloud Service Provider (CSP).
This proposed architecture will be able to provide customer satisfaction to a great level and it will attract more clients in the field of cloud computing for industrial as well as future research firms.
33REFERENCES[1] Peter Mell, Timothy Grance, “The NIST Definatin of Cloud Computing”, Jan, 2011.http://docs. ismgcorp.com/files/external/Draft-SP-800-145_clouddefinition.pdf.[2] Amazon.com, “Amazon Web Services (AWS)”, Online at hppt://aws.amazon.com, 2008.[3] Con Wang, Qian Wang, Kui Ren, and Wenjng Lou,“Ensuring Data Storage Security in CloudComputing”,17th International workshop on Quality of service, USA, pp1-9, 2009, IBSN:978-42443875-4.[4] Thomas H. Cormen, Charles E. Leiserson, Ronald L.Rivest, and Clifford Stein. Introduction to Algorithms,Third Edition, Prentice Hall of India, 2010.[5] B.P Rimal, Choi Eunmi,I.Lumb, “A Taxonomy and Survey of Cloud Computing Sytem”, Intl. Joint Conference on INC, IMS and IDC, 2009,pp.44-51, Seoul,Aug, 2009. DOI : 10.1109/NCM.2009.218.
34
THANK YOU