iv. authentic re-encryption scheme

advertisement
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
A Framework to Avoid Vulnerability Incidents in Cloud Computing
1
Kavyashree M U, 2Manjunath H
1
PG Scholar, Department of Computer Science & Engineering, Mangalore Institute of Technology & Engineering,
Moodbidri, Karnataka
2
HOD, Department of Information Science& Engineering, Mangalore Institute of Technology & Engineering, Moodbidri,
Karnataka
Email: 1kavyamu@gmail.com, 2hebbs@rediffmail.com
Abstract— One of the latest drift in small and medium
businesses and enterprise sized IT is the need for a
significant transformation of the IT environment. Cloud
computing provides a major shift in the way companies see
the IT infrastructure. It is an emerging style of computing
where applications, data and resources are provided to users
as services over the web. Even though migrating to cloud
environment is a tempting trend these days, there are many
aspects that a company must consider before adopting cloud
computing. One of the most important and crucial aspect is
the security in cloud. To deal with the security issues, the
cloud provider must build up sufficient controls to provide
such level of security than the company would have if the
cloud were not used. To address this problem, here we
propose a framework which can avoid some of the
vulnerability incidents that may occur in the cloud
computing environment.
Index Terms—attribute based encryption, authentic
re-encryption, cloud computing, disorientation scheme,
inveigle information, vulnerability incidents.
I. INTRODUCTION
Information is pouring in faster than we can make sense of
it. It is being authored by billions of people and flowing
from a trillion intelligent devices, sensors and
instrumented objects. With 80 percent of new data growth
existing as unstructured content from music files to 3D
images, to medical records, to e-mail keystrokes and more
the challenge is trying to pull it all together and make it
useful. Cloud computing plays a very important role in
these scenarios [16]. Cloud computing is an emerging
style of technology where applications, data and resources
are provided to users as services over the Web. The
services provided may be available globally, always on,
low in cost, on demand, massively scalable, pay as you
use. Consumers of a cloud service need to care only about
what the service does for them and not on how it is
implemented. Cloud computing is a technology that
allows users to access software applications, store
information, develop and test new software, create virtual
servers, draw on disparate IT resources and more, all over
the Internet or other broad network. It is a model driven
methodology that provides configurable computing
resources such as servers, networks, storage and
applications as and when required with minimum efforts
over the Internet. Along with these benefits, cloud
computing raises severe concerns especially regarding the
security level provided. Security is considered to be a key
requirement in cloud computing by many distinct groups
including academia researchers, business decision makers
and government organizations. Migrating to a cloud
computing infrastructure poses security risks to an
organization’s data. One of the biggest user concerns
about Cloud Computing is its security, as naturally with
any emerging Internet technology [11][14][15][16]. In the
absence of security standards, businesses and
organizations are vulnerable to security breaches.
This paper primarily aims to highlight the major
vulnerability incidents in current existing cloud
computing environments, help users recognize the risks of
them and provide a framework which can avoid these
potential vulnerability incidents.
The rest of the paper is structured as follows. Section II
describes the vulnerability incidents in cloud. Section III
says about the related work in this area. Section IV & V
describe the authentic re-encryption scheme and the
disorientation scheme. Finally section VI concludes the
paper.
II. VULNERABILITY INCIDENTS IN
CLOUD COMPUTING
Even though there are many advantages of cloud
computing, businesses and organizations are slow in
accepting it due to the security issues or vulnerability
incidents associated with it. Vulnerability refers to the
_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -3, 2014
12
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
unauthorized access of resources from the cloud server. It
may be a service running on a cloud server, unmatched
applications or operating system software, or an
unsecured physical entrance. There are several significant
vulnerabilities that should be considered when an
organization is ready to move its critical applications and
data to a cloud computing environment. By considering
both the promises of cloud computing and the risks
associated with it, the Cloud Security Alliance (CSA) [1]
has created the industry-wide standards for effective
cloud security. In recent years, CSA has released security
guidance and implementation documents. These
documents have quickly become the industry-standard
catalogue of best practices to secure cloud computing.
Already, many businesses, organizations, and
governments have incorporated this guidance into their
cloud strategies. CSA conducted a survey of industry
experts to find out professional opinion on the greatest
vulnerabilities within cloud computing [1][15][16]. The
critical vulnerability incidents to cloud security as
identified by the experts of CSA are:
1. Data Breaches
2. Data Loss
3. Account Hijacking
4. Insecure API’s
5. Denial of Service
6. Malicious Insiders
7. Abuse of Cloud Services
8. Insufficient Due Diligence
9. Shared Technology
The aim here is to focus on data breaches and malicious
insiders, their risks to cloud environment and develop a
framework to avoid these two vulnerability incidents.
III. RELATED WORK
Cloud security has been identified as an important factor
from both research point of view and application point of
view as huge amount of critical data is stored on cloud and
this data is accessible by a huge number of people [15].
According to a recent survey on cloud computing, users
rate cloud security as the first preference before
availability and performance.
An abundant number of related works and publications
exist in the literature, emphasizing the importance and
demand of security solutions for cloud computing
[4][5][8][15].
“Data Management in the Cloud: Limitations and
Opportunities, (March 2009)”, is focused to discuss the
limitations and opportunities of deploying data
management issues on these emerging cloud computing
platforms. Enabling Public Verifiability and Data
Dynamics for Storage Security in Cloud Computing
(2009)”, describes that “Cloud Computing has been
envisioned as the next generation architecture of IT
Enterprise. “Controlling Data in the Cloud: Outsourcing
Computation without Outsourcing Control (2009)”,
“characterizes the problems and their impact on adoption.
“Security Guidance for Critical Areas of Focus in Cloud
Computing (April 2009)”, is intended to provide security
practitioners with a comprehensive roadmap for being
proactive in developing positive and secure relationships
with cloud providers. “Security Issues for cloud
computing (2010)”, discusses security issues for cloud
computing and present a layered framework for secure
clouds and then focus on two of the layers, i.e., the storage
layer and the data layer. “CryptoNET: Software
Protection and Secure Execution Environment (2010)”,
describes protection of software modules which is based
on strong encryption techniques, for example public key
encryption and digital signature. “Addressing cloud
computing security issues (2010)”, aims at twofold; firstly
to evaluate cloud security by identifying unique security
requirements and secondly to attempt to present a viable
solution that eliminates these potential threats. This paper
proposes introducing a Trusted Third Party, tasked with
assuring specific security characteristics within a cloud
environment. “Deployment Models: Towards Eliminating
Security Concerns from Cloud Computing (2010)”,
claims that Cloud computing has become a popular choice
as an alternative to investing new IT systems. “A survey
on security issues in service delivery models of cloud
computing (2010)”, discusses that the architecture of
cloud poses such a threat to the security of the existing
technologies when deployed in a cloud environment.
“Improved proxy re-encryption schemes with
applications to secure distributed storage (2006)”, the
solution here is to let the data owner issue a re-encryption
key to an untrusted server to re -encrypt the data.
“Cryptographic cloud storage (2010)”, discusses an
approach, were users are revoked by having a third party
to re-encrypt data such that previous keys can no longer
decrypt any data. “Information security and cloud
computing (2011)”, gives a description of cloud
computing followed by a general description of
information security issues and solutions, and a brief
description of issues linking cloud computing with
information security. “Security issues in cloud computing
(2011)”, mentions that Cloud Computing is a distributed
architecture that centralizes server resources on a scalable
platform so as to provide on demand computing resources
and services.
_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -3, 2014
13
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
IV. AUTHENTIC RE-ENCRYPTION
SCHEME
Fig 1: A classic cloud environment
Fig 2: A sample time slice
A. Overview
One of the famous techniques to protect the data from a
possible untrusted CSP is for the data owner to encrypt the
outsourced data. Flexible encryption schemes can be
adopted to provide fine grained access control. Attribute
Based Encryption (ABE) is one of such flexible
encryption schemes which allows data to be encrypted
using an access structure comprised of different attributes.
Instead of specific decryption keys for specific files, users
are issued attribute keys[4][5][6]. Users must have the
necessary attributes that satisfy the access structure in
order to decrypt a file. The key problem of storing
encrypted data in the cloud lies in revoking access rights
from users. A user whose permission is revoked will still
retain the keys issued earlier, and thus can still decrypt
data in the cloud. A naive solution is to let the data owner
immediately re-encrypt the data, so that the revoked users
cannot decrypt the data using their old keys, while
distributing the new keys to the remaining authorized
users. This solution will lead to a performance bottleneck,
especially when there are frequent user revocations.
availability [7][8]. As a distributed system, the cloud will
experience failures common to such systems, such as
server crashes and network outages. As a result,
re-encryption commands sent by the data owner may not
propagate to all of the servers in a timely fashion, thus
creating security risks.
A better solution is to allow each cloud server to
independently re-encrypt data without receiving any
command from the data owner. Here, we propose an
authentic re-encryption scheme. It is a time-based
re-encryption scheme, which allows each cloud server to
automatically re-encrypt data based on its internal clock.
The basic idea of this scheme is to associate the data with
an access control and an access time. Each user is issued
keys associated with attributes and attribute effective
times. The data can be decrypted by the users using the
keys with attributes satisfying the access control, and
attribute effective times satisfying the access time[10].
Unlike the command-driven re-encryption scheme, the
data owner and the CSP share a secret key, with which
each cloud server can re-encrypt data by updating the data
access time according to its own internal clock. Even
through this scheme relies on time; it does not require
perfect clock synchronization among cloud servers.
Classical clock synchronization techniques that ensure
loose clock synchronized in the cloud are sufficient.
Fig1depicts a classic cloud environment.
B. Problem Formulation
We consider a cloud computing environment consisting
of a data owner, a cloud service provider (CSP) and
multiple data users. The data owner outsources his data in
the form of a set of files F1…. Fn to the CSP[6][7][9].
Each file is encrypted by the data owner before uploading
to the CSP. Data users that want to access a particular file
must first obtain the necessary keys from the data owner in
order to decrypt the file. The data owner can also update
the contents of a file after uploading it to the CSP. This is
termed a write command.
Each file, F, is encrypted with two parameters, time slice
and attributes. We divide time into time slices, and every
time slice is of equal length. Fig.2 illustrates this concept.
Attributes are organized into an access structure, A, which
regulates access to a file. A file F can only be decrypted
with keys that satisfy both the access structure and time
slice[10]. A data user, after being authenticated by the
data owner, is granted a set of keys, each of which is
associated with an attribute and an effective time that
denotes the length of time the user is authorized to possess
the attributes. For example, if Alice is authorized to
possess attributes a1…. am from TS1 to TSn, she will be
issued keys.
An alternative solution is to apply the proxy re-encryption
(PRE) technique. This approach takes advantage of the
abundant resources in a cloud by delegating the cloud to
re-encrypt data. This approach is also called
command-driven re-encryption scheme, where cloud
servers execute re-encryption while receiving commands
from the data owner. However, command-driven
re-encryption schemes do not consider the underlying
The security requirements of the authentic re-encryption
system architecture of the cloud environment. A cloud is
scheme are as follows:
essentially a large scale distributed system where a data
owner’s data is replicated over multiple servers for high
_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -3, 2014
14
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
1) Access control correctness. This requires that a data
user with invalid keys cannot decrypt the file.
V. DISORIENTATION SCHEME
A. Overview
2) Data consistency. This requires that all data users who
request file F, should obtain the same content in the same
time slice.
3) Data confidentiality. The file content can only be
known to data users with valid keys. The CSP is not
considered a valid data user.
4) Efficiency. The cloud servers should not re-encrypt any
file unnecessarily. This means that a file that has not been
requested by any data user should not be re-encrypted.
C. Adversary Model
Our system considers two types of adversaries. The first
type of adversary is the CSP. The CSP adversary is
considered honest-but-curious. This means that the CSP
will always correctly execute a given protocol, but may
try to gain some additional information about the stored
data[9][10]. The second type of adversary is malicious
data users. The data user adversary will try to learn the file
content that he is not authorized to access.
This adversary is assumed to possess invalid keys (either
with incorrect attributes or time). We also assume the data
user adversary can query any server in the cloud. Note that
both an honest-but-curious CSP and malicious data users
can exist together. However, we assume that the CSP and
data users will not collude to break the system, because
the CSP is considered to be honest-but-curious.
D. Control Flow Diagram
Data theft attacks are amplified if the attacker is a
malicious insider. This is considered as one of the top
threats to cloud computing by the Cloud Security
Alliance[1]. While most Cloud computing customers are
well-aware of this threat, they are left only with trusting
the service provider when it comes to protecting their
data. Cloud customers’ private keys might be stolen, and
their confidential data might be extracted from a hard
disk. After stealing a customer’s password and private
key, the malicious insider get access to all customer data,
while the customer has no means of detecting this
unauthorized access[2][3].The possible solution for this is
encryption of data. But there are chances that the
encryption techniques also fail. This scenario can be dealt
in the cloud using offensive inveigle technology. We
monitor data access in the cloud and detect abnormal data
access patterns. When unauthorized access is suspected
and then verified using challenge questions, we launch a
disinformation attack by returning large amounts of decoy
information to the attacker. This protects against the
misuse of the user’s real data[11][12]. We propose a
completely different approach for securing the cloud
using inveigle information technology, which we are
referring as disorientation scheme. We use this
technology to launch disinformation attacks against
malicious insiders, preventing them from distinguishing
the real sensitive customer data from fake worthless data.
The inveigle information then serve two purposes: (1)
validating whether data access is authorized when
abnormal information access is detected, and (2)
confusing the attacker with bogus information.
B. Depicting the User Actions
We monitor data access in the cloud and detect abnormal
data access patterns. Depicting user actions is a
well-known technique that can be applied here to model
how, when, and how much a user accesses their
information in the Cloud. Such ‘normal user’ action can
be continuously checked to determine whether abnormal
access to a user’s information is occurring. This method
of action-based security is commonly used in fraud
detection applications[1][2][3]. Such profiles would
naturally include volumetric information, how many
documents are typically read and how often. We monitor
for abnormal search behaviors that exhibit deviations
from the user baseline the correlation of search behavior
anomaly detection with trap-based inveigle files should
provide stronger evidence of malfeasance, and therefore
improve a detector’s accuracy
C. Providing a Inveigle File
We propose a different approach for securing data in the
cloud using offensive decoy technology. We monitor data
_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -3, 2014
15
Fig 3: Control Flow Diagram
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
access in the cloud and detect abnormal data access
patterns. We launch a disinformation attack by returning
large amounts of decoy information to the
attacker[3][10[13]. This protects against the misuse of the
user’s real data. We use this technology to launch
disinformation attacks against malicious insiders,
preventing them from distinguishing the real sensitive
customer data from fake worthless data the inveigle
information then serve two purposes:
(1) Validating whether data access is authorized when
abnormal information access is detected, and
(2) Confusing the attacker with bogus information.
VI. CONCLUSION
Cloud based systems have brought a new, scalable
application delivery service model to the market. Cloud
services promise to help reduce capital and operational
costs while providing higher service levels. However,
cloud services rely heavily on keeping the data and
applications they are managing available at all times and
to restore operations quickly following any type of data
disaster.
Cloud administrators need to ensure that the cloud which
has so many advantages is largely affected by the different
vulnerabilities. Organizations and businesses fear to
adopt cloud services because of these security issues.
There is a need to prevent the data in the cloud from being
accessed by the intruder.
Accordingly, here we focused on the two important
security concerns in cloud environments these days i.e.,
data breaches and malicious insiders and developed a
secure framework which can prevent them. The
framework consists of authentic re-encryption scheme
and disorientation scheme which can provide
unprecedented levels of security in the Cloud
environment.
REFERENCES
[1] Cloud Security Alliance, “Top Threat to Cloud
Computing V1.0,” March 2010[Online]. Available:
https://cloudsecurityalliance.org/topthreats/csathrea
ts.v1.0.pdf
[2] M. Ben-Salem and S. J. Stolfo, “Modeling user
search-behavior for masquerade detection,” in
Proceedings of the 14th International Symposium on
Recent Advances in Intrusion Detection.
Heidelberg: Springer, September 2011, pp. 1–20.
[4] S. Kamara and K. Lauter, “Cryptographic cloud
storage,” Financial Cryptography and Data Security,
2010.
[5] M. Armbrust, A. Fox, R. Griffith, A. Joseph, R.
Katz, A. Konwinski, G. Lee, D. Patterson, A.
Rabkin, and I. Stoica, “A view of cloudcomputing,”
Communications of the ACM, 2010.
[6] Cong Wang, Student Member, IEEE, Sherman S.M.
Chow, Qian Wang, Student Member, IEEE, Kui
Ren, Senior Member, IEEE, and Wenjing Lou,
Senior Member, IEEE, “Privacy-Preserving Public
Auditing for Secure Cloud Storage”, IEEE
TRANSACTIONS ON COMPUTERS, 2012.
[7] J. Bethencourt, A. Sahai, and B. Waters,
“Ciphertext-policy attributebased encryption,” in
Proc. of IEEE Symposium on S&P, 2007.
[8] Boldyreva, V. Goyal, and V.
“Identity-based
encryption
with
revocation,” Proc. of ACM CCS, 2008.
Kumar,
efficient
[9] G.Wang, Q. Liu, and J. Wu, “Hierarchical
attribute-based encryptionfor fine-grained access
control in cloud storage services,” in Proc. Of ACM
CCS (Poster), 2010.
[10] S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving
secure, scalable, andine-grained data access control
in cloud computing,” in Proc. of IEEE INFOCOM,
2010.
[11] Foster I, Zhao Y, Raicu I, Lu, S. Cloud Computing
and Grid Computing 360-degree compared.
Proceedings of the Grid Computing Environments
Workshop, GCE 2008; IEEE Press, Nov. 2008,
1-10.
[12] M. Prince, “The four critical security flaws that
resulted in last Friday'shack”, Available:
http://blog.cloudflare.com/the-four-critical-security
flaws.
[13] M Rouse, “Two-factor authentication”, Available:
http://searchsecurity.techtarget.com/definition/twofactor-authentication.
[14] “Sizing the Cloud: Understanding and Quantifying
the Future of Cloud Computing,” Forrester
Research, Inc. April 21, 2011.
[15] Paquette S, Jaeger P T, Wilson S C. Identifying the
security risks associated with governmental use of
cloud computing. Government Information
Quarterly; 2010;27(3):245–253.
[16] Dr. Kumar Saurabh , 2012, “Cloud Computing”,
Wiley India, Delhi,219.
[3] B. M. Bowen and S. Hershkop, “Decoy Document
Distributor:http://sneakers.cs.columbia.edu,”2009.
[Online]. Available: http://sneakers.cs.columbia.edu

_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -3, 2014
16
Download