0 évaluation0% ont trouvé ce document utile (0 vote)
16 vues5 pages
A B S T R A C T
In the Internet worldCloud computing is the next developmentstage which will provide the
services that are required for everything from computational power to computational
infrastructure, business processes, applications to personal collaboration can be delivered to you
whenever and wherever you want.Privacy protection techniques only focusing on controlling the
cloud environment, that’s whyresearch is needed in the area of accountability and auditing. This
paper represents a framework for distributed accountability and auditing which is used to
protect user’s data as well as monitor the actual usage of data provided through cloud services. In
order to control the usage of data distributed auditing mechanism is followed and information of
the user is collected simultaneously.
A B S T R A C T
In the Internet worldCloud computing is the next developmentstage which will provide the
services that are required for everything from computational power to computational
infrastructure, business processes, applications to personal collaboration can be delivered to you
whenever and wherever you want.Privacy protection techniques only focusing on controlling the
cloud environment, that’s whyresearch is needed in the area of accountability and auditing. This
paper represents a framework for distributed accountability and auditing which is used to
protect user’s data as well as monitor the actual usage of data provided through cloud services. In
order to control the usage of data distributed auditing mechanism is followed and information of
the user is collected simultaneously.
A B S T R A C T
In the Internet worldCloud computing is the next developmentstage which will provide the
services that are required for everything from computational power to computational
infrastructure, business processes, applications to personal collaboration can be delivered to you
whenever and wherever you want.Privacy protection techniques only focusing on controlling the
cloud environment, that’s whyresearch is needed in the area of accountability and auditing. This
paper represents a framework for distributed accountability and auditing which is used to
protect user’s data as well as monitor the actual usage of data provided through cloud services. In
order to control the usage of data distributed auditing mechanism is followed and information of
the user is collected simultaneously.
International Journal of Advance Foundation and Research in Computer (IJAFRC)
Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$
1 ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*
-ffective .istri/uted Accounta/ilit0 For .ata "harin* In Cloud Mr. Bhole R. H. ,Prof.Pakle G.K. Department of Information Technology SGGSE&T i!hn"p"ri #an$e$. rah"lh%hole&gmail.com ' g.pakle&gmail.com
A 1 " 2 R A C 2 In the Internet +orldCloud computin* is the ne3t developmentsta*e +hich +ill provide the services that are re4uired for ever0thin* from computational po+er to computational infrastructure, /usiness processes, applications to personal colla/oration can /e delivered to 0ou +henever and +herever 0ou +ant!5rivac0 protection techni4ues onl0 focusin* on controllin* the cloud environment, that6s +h0research is needed in the area of accounta/ilit0 and auditin*! 2his paper represents a frame+or7 for distri/uted accounta/ilit0 and auditin* +hich is used to protect user6s data as +ell as monitor the actual usa*e of data provided throu*h cloud services! In order to control the usa*e of data distri/uted auditin* mechanism is follo+ed and information of the user is collected simultaneousl0!
Inde3 2erm8 Cloud computin*, auditin*, data sharin*, accounta/ilit0
I! I#2R9.:C2I9#
(lo"$ comp"ting i! the !oft)are application )hich )ill pro*i$e $ata !torage capa%ility an$ acce!! o*er the internet. (lo"$ comp"ting i! the ne+t generation technology )hich )ill $ynamically $eli*er! information' re!o"rce!' capa%ilitie! an$re!o"rce! a! a !er*ice! o*er the Internet. There are three %"il$ing %lock! of clo"$ comp"ting' !oft)are a! a !er*ice ,SaaS-'platform a! a !er*ice ,PaaS- an$ Infra!tr"ct"re a! a !er*ice ,Iaa!-. .ll the!e allo) "!er to r"n application! an$ to !tore $ata online. Each offer! $ifferent le*el! of "!er fle+i%ility an$ control. SaaS allo)! "!er to r"n e+i!ting online application!' PaaS allo)! to create their o)n clo"$ application! "!ing tool! an$ lang"age!' an$ Iaa! allo)! to r"n any application they plea!e on clo"$ har$)are of their o)n choice. (lo"$ comp"ting ha! follo)ing attri%"te!/
.! per to$ay! "!e of comp"ter an$ internet thi! clo"$ )ill pro*i$e the acce!! to lo)1co!t' "ltra light)eight $e*ice! an$ ine+pen!i*e' han$hel$ $e*ice! )hich are %"ilt %a!e$ on Google7! (hrome 8perating Sy!tem or on Google7! .n$roi$.9hile !ome intro$"ctory %ook! a%o"t (lo"$ (omp"ting ha*e %een $e!cri%ing ho) to "!e the clo"$ comp"ting !er*ice! pro*i$e$ %y !e*eral !ite! !"ch a! Google an$ .ma6on' there are fe) %ook! )hich )ill concentrate on the *en$or!' enterpri!e! an$ !er*ice! they pro*i$e.
There are three key %enefit! of clo"$ comp"ting/ 0. Spee$ an$ Time to market. International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$ 2 ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*
2. :ree "p yo"r IT !taff to $o more *al"a%le )ork. 3. ;o)er yo"r co!t!.
Fi*ure 1! Cloud Computin* Architecture
Pri*acy play! an important role to pro*i$e right!thro"ghmany techni<"e! )hich are propo!e$ "n$er $ifferent !y!tem! an$ !ec"rity mo$el!. Data can %e o"t!o"rce$ %y the $irect clo"$ !er*ice pro*i$er ,(SP- to other !y!tem! in the clo"$ an$ the!e !y!tem! can al!o allocate the ta!k of $ata management to other!' an$ !o on. Being fle+i%le in nat"re "!er! are allo)e$ to =oin an$ lea*e clo"$ on their )i!h. So the $ata han$ling take! place thro"gh a comple+ an$ $ynamic hierarchical !er*ice chain )hich $oe! not e+i!t in con*entional en*ironment!.
II! R-;A2-. <9R= Sec"rity play! a *ital role in clo"$ comp"ting' there are many techni<"e! are a*aila%le for applying the !ec"rity policy/ i. Denyfrom the !toring of !en!iti*e information in the clo"$. ii. (aref"lly rea$ o"t the "!er agreement policy to fin$ o"t ho) yo"r clo"$ !er*ice !torage )ill )ork. iii. Encryption i*. >!e an encrypte$ clo"$ !er*ice.
In paper ?0@' the a"thor! ha*e propo!e$ an agent1%a!e$ !y!tem' )hich relate$ to gri$ comp"ting. The !oft)are agent follo)! $i!tri%"te$ =o%!' along )ith the re!o"rce con!"mption at local machine!. .cco"nta%ility policyi! relate$ to o"r!' %"t it i! foc"!e$ on re!o"rce con!"mption an$ on tracking of !"% =o%! proce!!e$ at m"ltiple comp"ting no$e!' rather than acce!! control.In paper ?2@' the a"thor! propo!e a"tomatic logging mechani!m in the clo"$ !y!tem. .! per o"r kno)le$ge' thi! i! the fir!t time a !y!tematic approach to $ata acco"nta%ility thro"gh the no*el "!age of A.R file! i! propo!e$. Their propo!e$ architect"re i! platform in$epen$ent an$ highly $ecentrali6e$' )hich $oe! not re<"ire any $e$icate$ a"thentication or !torage !y!tem in place %"t here m"ltiple =ar file! take! lot of time to e+ec"te. In ?3@' the a"thor! e+plain their !cheme of a"$iting an$ !"pport the %atch a"$iting for m"ltiple o)ner!. D"e to the large n"m%er of $ata tag!' their a"$iting protocol! may inc"r a %"lky !torage o*erhea$ on the !er*er. Sahai an$ 9ater! ?4@ a! a ne) metho$ for f"66y i$entity1%a!e$ encryption fir!t intro$"ce$ the notion of .BE. The primary $ra)%ack of the !cheme in ?4@ i! that lack! of e+pre!!i%ility. Some ofthe effort! follo)e$ in the literat"re to try to !ol*e the e+pre!!i%ility pro%lem. In the .BE !cheme' cipherte+t! International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$ $ ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*
are not encrypte$ to one partic"lar "!er a! in tra$itional )ay of p"%lic key cryptography. Rather' %oth cipherte+t! & "!er! $ecryption key! are a!!ociate$ )ith a !et of attri%"te! or a policy o*er attri%"te!. >!er i! a%le to $ecrypt a cipherte+t only if there i! a match %et)een hi! $ecryption key an$ the cipherte+t..BE !cheme! are cla!!ifie$ into key1policy attri%"te%a!e$ encryption ,KP1.BE- an$ cipherte+t1policy attri%"te1 %a!e$ encryption ,(P1.BE-' $epen$ing ho) attri%"te! an$ policy are a!!ociate$ )ith cipherte+t! an$ "!er!7 $ecryption key! ?5@.
III! .I"2RI1:2-. ACC9:#2A1I;I2> A#. A:.I2I#? (lo"$ comp"ting o*er the internet )ill pro*i$e the !er*ice! to m"ltiple e+ternal c"!tomer! %y mean! of re!o"rce! are !tore$' !cale$ IT relate$ capa%ilitie! an$ are %ille$ an$ there i! acon!i$era%le gro)th in the "!age of thi! !er*ice. .ma6on i! the lea$er in the fiel$ of clo"$ comp"ting. It m"!t nee$ to $efine )hat i! mean %y acco"nta%ility.
A. What is accountability? .cco"nta%ility i! the term ha*ing *ariety of $ifferent meaning! )ithin an$acro!! the $i!cipline!. :or e+ample' in comp"ter !cience' the term acco"nta%ility ha! %een "!e$ for to refer to an impreci!e re<"irement that i met %y reporting an$ a"$iting mechani!m!. .cco"nta%ility i! the management of"!a%ility'integrity' a*aila%ility an$ !ec"rity of the $ata "!e$' !tore$' or proce!!e$ )ithin the organi6ation. Protectionacce!! ha*e affecte$ %y p"%lic la)' reg"lation! an$ r"le! an$ premi!e$ "poncomman$ an$ control o*er the reg"latory !trategie!..cco"nta%ility i! in o"r !en!e' )hich )ill %e achie*e$ *ia a com%ination of pri*ate an$ p"%licacco"nta%ility ?B@ ?C@.
B. Benefits of accountability Tran!parency in clo"$ comp"ting i! important for legal an$ reg"latory rea!on!' an$ al!o to a*oi$ *iolation of !ocial norm!. The corporate "!er pro*i$e! tran!parency an$ a!!"rance to the client %y their pri*acy policy' )hile re<"iring the !imilar a!!"rance! from the Ser*ice Pro*i$er! thro"gh contract"al mea!"re! an$ a"$it!. .cco"nta%ility help! to"!er7! tr"!t)orthine!!. 9hen it i! not clear to in$i*i$"al' !o )hy their !ec"re pri*ateinformation i! re<"e!te$ an$ %y )hom it )ill %e proce!!e$' thi! lack of control )ill lea$to )arine!!. There are al!o !ome !ec"rity1relate$ concern! a%o"t )hether $ata in the clo"$ )ill protecte$.
IV! C;9:. I#F9R@A2I9# ACC9:#2A1I;I2> (I. frame)ork repre!ente$ in thi! paper !ol*e! a%o*e pro%lem! an$ f"lfillall re<"irement.
A. Major components There are t)o ma=or component! of (I. are pre!ent' fir!t i! logger' an$ !econ$ i! logharmoni6er. The $ata can %e $o)nloa$e$ %y "!ing logger' )hen c"!tomer re<"ire! the $ata an$ it)ill %e pro*i$e$ %y clo"$ !er*ice pro*i$er. ;ogger keep! track of each copy of all "!er $ata an$maintain! logging acce!! to that copy. ;og harmoni6er! re!pon!i%ility i! to allo) "!er!to acce!! the log file! create$ %y logger. ;og harmoni6er i! the central !y!tem )hich connect! all logger! together.
B. Data flow Ba!e$ on Encryption algorithm' each "!er create! a pair of p"%lic an$ pri*ate key!. By "!ingthe!e key!' the "!er )ill create a logger )hich i! a A.R file )hich !tore! it! $ata item!. R"le! go*erning acce!! control International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$ 4 ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*
of the $ata i! kept in A.R file. It manip"late! the "!er7! $ata %y the !takehol$er! in the clo"$. 8nly recogni6e$ "!er! can ha*e acce!! to the $ata.
Fi*ure 28 CIA Frame+or7
Then' the A.R file i! gi*en to (SP accor$ing to )hich he ha! to )ork. To a"thenticate thi! A.R file! (SP "!e! the certificate! from the tr"!te$ thir$ party. 9hen a"thentication i! $one clo"$ !er*ice pro*i$er )ill gi*e acce!! to c"!tomer of the "!erafter the completing !"%!cription of the "!er7! !er*ice. A.R get! $o)nloa$e$ at c"!tomer! place..ccor$ing to the acce!! control r"le! )hich are !et $"ring creation of A.R it keep! track of "!agean$ maintain logging. A.R )ill generate a log recor$a"tomatically )hen there i! acce!! to "!er7! $ata. The log! are !tore$ along A.R an$ encrypte$ "!ing p"%lic key to a*oi$ "na"thori6e$ acce!! tothe log. :or all A.R file! "!er can gi*e !ame pair of key' an$ al!o can "!e $ifferent pair of key!. (orrection can %e $one %y the log harmoni6er if any error i! occ"rre$ $"ring log creation. . "!er can *erify the log %y $ecrypting the A.R %y hi! pri*ate key' an$ al!o a"$iting i! $one %y the logharmoni6er.
V! F:2:R- "C95- In the f"t"re' )e plan to refine my approach to *erify the integrity of the ARE an$ the a"thentication of A.R!. :or e+ample' )e )ill in*e!tigate )hether it i! po!!i%le to le*erage the notion of a !ec"rity. Thi! re!earch i! aime$ at pro*i$ing !oft)are tamper re!i!tance to Aa*a application!. In the long term' )e plan to $e!ign a comprehen!i*e an$ more generic o%=ect1oriente$ approach to facilitate a"tonomo"! protection of tra*eling content. 9e )o"l$ like to !"pport a *ariety of !ec"rity policie!' like in$e+ing policie! for te+t file!' "!age control for e+ec"ta%le' an$ generic acco"nta%ility an$ pro*enance control!.
VI! C9#C:;"I9# In f"t"re' )e )o"l$ like to enhance a clo"$' on )hich )e )ill in!tall ARE an$ AM' to $o the *ali$ation of A.R. Refine to enhance the protection of acc"m"late$ $ata an$ to re$"ce log recor$ generation time. VII! R-F-R-#C-"
?0@ 9. ;ee' .. (in6iaS<"icciarini' an$ E. Bertino' DThe De!ign an$ E*al"ation of .cco"nta%le Gri$ (omp"ting Sy!temE.
?2@ Smitha S"n$are!)aran' .nna (. S<"icciarini an$ Dan ;in' FEn!"ring Di!tri%"te$ .cco"nta%ility for Data Sharing in the (lo"$'F' IEEE Tran!action on $epen$a%le a !ec"re comp"ting' 8;. G' #8. 4' pg 55B15BH' 2I02.
International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 4, April 214! I""# 2$4% & 4%'$ ' ( ) 214, IJAFRC All Ri*hts Reserved +++!i,afrc!or*
?3@ (.9ang' J. 9ang' K. Ren' an$ 9. ;o"' DPri*acy1pre!er*ing p"%lic a"$iting for $ata !torage !ec"rity in clo"$ comp"ting'E in I#:8(8M. IEEE' 2I0I' pp. 525K533.
?4@ .. Sahai an$ B. 9ater!' D:"66y i$entity %a!e$ encryption'E in Proc..c*ance! in (ryptologyL E"rocrypt' 2II5.
?5@ Mhig"o9an' A"n7e;i"'Ro%ert H. Deng' EH.SBE/ . Hierarchical .ttri%"te1Ba!e$ Sol"tion for fle+i%le an$ Scala%le .cce!! (ontrol in (lo"$ (omp"tingE
?B@ B. (h"n an$ ..(. Ba*ier' DDecentrali6e$ Tr"!t Management an$ .cco"nta%ility in :e$erate$ Sy!tem!'E Proc. Ann. Hawaii Intl !onf."ystem "ciences #HI!""$' 2II4.
?C@ P.T. Aaeger' A. ;in' an$ A.M. Grime!' D(lo"$ (omp"ting an$ Information Policy/ (omp"ting in a Policy (lo"$NE %. Information &echnolo'y an( Politics' *ol. 5' no. 3' pp. 2BG12H3' 2IIG