A. RSA
RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman. It is a public key Cryptosystem used for secure data transmission. In this, two different keys are used. One is public key used for encryption and other is private key used for decryption. In [1], they mainly focused on the data security issues in the cloud like:
1) Privacy and Confidentiality which means that once the user hosted the data in the cloud, there should be some guarantee that access to that hosted data will only be limited to the authorized access. It is ensured by the authentication services, security protocols and data encryption services.
2) Data Integrity which means data sent is same as the message received i.e. it is not altered in between. It is ensured by the firewalls and intrusion detection system (IDS).
3) Data Availability which means data should be available to users when they needed.
4) Data Location and Relocation which means data can be moved from one location to another because cloud providers have contracts with each other, so that they can use each other’s resources.
In cloud computing environment, plain text is converted into cipher text by the cloud service provider and get back to the original data by the cloud user. Only the authorised user can access the data. If any unauthorised person gets the data intentionally or by mistake then he cannot get the original data.
In [2], they have addressed the secure hybrid framework to ensure the data security in cloud computing, which comprises public key algorithm RSA, private key algorithm AES and SHA algorithm which is used to convert arbitrary sized message into hash code with the help of hash function. They have integrated digital fingerprint mechanism to enhance the authenticatio...
... middle of paper ...
... is generated using secure hash algorithm which is combined with digital signature to form a concatenated string. This concatenated string is then encrypted with the help of public key of receiver and sent to the cloud user who requested data. Then deciphered message is converted into the message digest by SHA for data integrity verification and RSA is used to validate digital fingerprint.
1) Advantages: It produces a fixed length output by applying a hash function on the actual data. So, it’s easy to compute fixed length output. It is a collision resistant algorithm and provides a one way hash. Its attack protection is also stronger than the other algorithms.
2) Disadvantages: It is a slower computational algorithm than MD5 algorithm. It has known security vulnerabilities. Choosing an effective hash function for a specific application is a difficult task.
...idence of users by agreeing to the policy that the data submitted to their cloud platform will be kept confidential. (Ryan, 2011)
The RSA cryptosystem, imagined by Ron Rivest, Adi Shamir, and Len Adleman , was pitched in the August 1977 issue of Scientic American. The cryptosystem is generally ordinarily utilized for giving security and guaranteeing legitimacy of advanced information. Nowadays RSA is sent in numerous business frameworks. It is utilized by web servers and programs to secure web traffic, it is used to guarantee security and legitimacy of Email, it is utilized to secure remote login sessions, and it is at the heart of electronic Visa installment frameworks. In short, RSA is much of the time utilized within provisions where security of advanced information is a worry.
PKC is the enabling technology for all Internet security and the increasing use of digital signatures, which are replacing traditional signatures in many contexts. However, RSA is better than PKC because RSA doesn’t need digital signature. As a result, the RSA algorithm turned out to be a perfect fit for the implementation of a practical public security system. In 1977, Martin Gardner first introduced the RSA system. After 5 years, company RSA used secure electronic security products. Nowadays many credit companies of all over the world use the RSA system or a similar system based on the RSA system.
If organisation’s sensitive data and intellectual property resides on public cloud then it is strongly advisable to implement strong encryption techniques. The threat of data tampering is at its highest when data is being processed in the cloud. Essentially, this is because when data are
The main aim of this paper is to study the concept of cloud computing through virtualization, how security is compromised in cloud computing and how we can secure the system from security breach in case of virtualization.
Cloud computing is a relatively new technology that allows data to be stored, distributed and manipulated with greater ease than ever. As described by Gurjar and Rathore (2013), the “Cloud is a large pool of easily usable and accessible virtualized resources. These resources can be dynamically reconfigured to adjust to a variable load, allowing also for an optimum resource utilization” (p. 1). By moving data, documents and media to the Cloud, the potential for business efficiency and productivity increases and anyone with internet can take advantage of the benefits. As with anything, it is important to understand the risks and benefits in order to weigh whether or not moving to the Cloud is the best move for the business. Some companies, like Lavu, an iPad based point of sale system, operate solely on the Cloud. Without Cloud computing capability, some organizations would not exist.
Data encryption refers to the process of transforming electronic information into a scrambled form that can only be read by someone who knows how to translate the code. In nowadays business world, it’s the easiest and most practical way to secure the information that we stored and processed, and it’s significant for our sensitive information. For example, as electronic commerce is popular now, the vendors and retailers must protect the customers’ personal information from hackers or competitors. They also have many business files or contracts that need to be strictly protected. Without data encryption, these important information may fall into wrong hands and be misused by others. Besides, data encryption may be used to secure sensitive information that exists on company networks, or create digital signatures, and help to authorize in business. No one should underestimate the importance of encryption. A little mistake in encryption may make sensitive information revealing, or even result in illegal and criminal accuse.
Many people wonder exactly how encryption works. People think that encryption is the same thing as coding when in fact it is very different. Computer code is used to create software while encryption is used to disguise a message from the public. Coding such as ASCII and EBCDIC are used to create data that is publicly shared. With encryption, when you first put in a message, its goes in as plaintext. Plaintext is the text in its original form when it has not been encrypted. A message that has been encrypted is known as ciphertext. The process of converting plaintext to ciphertext is known as encryption. The process of changing ciphertext into plaintext is known as decryption (Parsons 328).
Despite the numerous advantages offered by cloud computing, security is a big issue concerned with cloud computing. There are various security issues and concerns associated with cloud computing, among them being phishing, data loss and data privacy. There are different mitigation measures that cloud pioneers are currently using to ensure data stored in the cloud remain secure and confidential as intended. Encryption is one mitigation method used to ensure security in cloud computing. According to Krutz and Vines (2010), encryption involves coding of the data stored in the computing cloud such that hackers cannot gain access to the data. Data encryption seems to be the most effective method of ensuring security in computing (Krutz and Vines, 2010). However, it is of paramount importance to note that encrypted data is usually difficult to search or perform various calculations on it.
When they wanted to save photos online instead of on your personal computer, they are able to use “cloud computing” service. Cloud computing means that the transfer of computing data or information over the internet. Not just to keep data in your personal computer, they are able to save the data on internet server to open their data in any computer. In this report we will walk through about what is cloud computing, what kinds of model did cloud computing have, types of cloud computing, benefits of cloud computing, and security.
But, if the intruder gets the algorithm of the sentinel application on data, then the data can be breached easily. Hence, it appeared ineffective in due course of time. Thus a need of specific system rose to have such process which can monitor the cloud without adding any sentinels. Hence, demand of more improvised Auditor emerged which can provide effective integrity assurance for database services. Due to absence of such Auditor, have led to many inevitable situations, for example, recently a big robbery of data had occurred in the South Korea of three major banks. It had shown major drawbacks in the security and storage mechanism of IT infrastructure. The data which was robbed contained information like monthly card usage, card numbers, salaries etc, which had led to a lot of tension among the account holders. The card holders were running towards the bank for cancelling the card, so that no money from their account could be transferred. This episode pro-vided a lesson to keep the storage servers watertight, protected and detect prohibited action of culprits. In IT industry, large improvements in authentication system, firewalls and data access has to be made to avoid such incident in future. The presented work checks the integrity of data, so that no part of data could be modified, deleted and inserted without user permission. This paper provides users, the freedom of examining the integrity which observes indifferently toward both Cloud service providers (CSP) as well Data Owners. Monitoring of data needs requires profound study of database storage as well as methods of data transfer and access which is a very complex job. The methods must be reliable and must be transparent so that questions will not arise on the way of work...
One might ask how does cloud computing work? Cloud computing architecture refers to the components that work together to form cloud computing. The architecture behind cloud computing involves two different parts, the front end and the back end. Each part connects through the internet and works together. The front end structure is also referred to as the clients. This is the part or side of the server that the user interacts with and sees. For the user to connect and interact with this end, they need to have access to a computer with internet. An example of the front end structure being used is a user logging on the internet to check their email. Again, millions of people check their email every day and do not realize it is part of cloud computing. The other part of cloud computing architecture is called the back end structure. This part is responsible for the service that make the cloud work. It comprises of huge data storage, virtual machines, security mechanism, services, deployment models, servers, etc. () The back end service is made up of Software as a Service (SaaS), Platf...
The usage of information systems within daily business and personal affairs for the transmission of confidential or even personal identifiable information, requires the usage of such as cryptography technology to secure the information. Three major forms of cryptography for digital transmission and data storage are hybrid, asymmetric, and symmetric cryptography algorithms, that provide security to protect the integrity, confidentiality, reliability, and authenticity of data transmissions and storage. (Rouse, 2008) However, each technology possesses individual traits and characteristics best suited for types of data transmission and storage. As symmetric key uses two identical keys for transmission and decryption, asymmetric employs a private
Some of the security challenges that we commonly face are: maintaining integrity and confidentiality of the information, encrypting the information and sharing of information. To address these challenges, it is very important for you to explore cryptography concepts
Physically, the resource may across multiple servers. The safety of the files depends upon the hosting websites. It means storage capacity, that’s can be access through a public network, like the Internet, or WAN (Wide Area Network). Internet users have the capability of expanding the amount of data Cloud Storage can hold without any limitations, but may require you to contact the service provider.