A Seminar Report

Submitted to the Rajasthan Technical University Kota

In Partial Fulfilment of the requirement for the degree
of Bachelor of Technology

Submitted by
Saurabh Singh Kushwaha

Seminar Topic
Name of Internal Guide (Security in cloud
(Mr. Himanshu computing)
Swarnkar)

University College of Engineering GGTU

Banswara, Rajasthan

University College of Engineering

Affiliated To
GGTU

(February 2022)

(B. Tech. – 2018-22)

 lOMoAR cPSD| 11953201

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

ACKNOWLEDGEMENT

I would like to express my sincere gratitude to our Faculty-incharge

of seminar Mr. Himanshu Swarnkar for his proper guidance and valuable
suggestions which helped me to improve my works. I am also greatly
thankful to our Computer Science Engineering department and other
faculty members for giving me this unique opportunity to do this
seminar.
 lOMoAR cPSD| 11953201

TABLE OF CONTENTS

1 1 . Introduction......................................................................................................................................1
2 2. Evolution of cloud computing........................................................................................................1
3 3 . Cloud architecture..........................................................................................................................2
4 4. Cloud security challenges...............................................................................................................4
4.1 Characteristics of cloud computing.................................................................................................5
4.2 Security challenges............................................................................................................................6
5 5. Need for security in cloud..............................................................................................................10
5.1 Security and privacy attributes......................................................................................................11
5.1.1 Cloud confidentiality.......................................................................................................................12
5.1.2 Cloud integrity..............................................................................................................................15
5.1.3 Cloud availability............................................................................................................................17
5.1.4 Cloud accountability.......................................................................................................................19
5.1.5 Cloud privacy-preservability...........................................................................................................22
6 6 . Conclusions.....................................................................................................................................24
References.............................................................................................................................................25
 lOMoAR cPSD| 11953201

ABSTRACT SECURITY IN CLOUD COMPUTING

Cloud computing is an internet-based computing technology, where shared resources such as

software, platform, storage and information are provided to customers on demand. It is a
computing platform for sharing resources that include infrastructures, software, applications,
and business processes. Cloud computing is a virtual pool of computing resources.
Confidentiality, Integrity, Availability, Authenticity, and Privacy are essential concerns for both
Cloud providers and consumers as well. Security concerns have given rise to immerging an
active area of research due to the many security threats that many organizations have faced at
present.
This seminar provides a concise but all-round analysis on data security and privacy protection
issues associated with cloud computing. Then this seminar discusses some current solutions and
finally describes future research work about data security and privacy protection issues in cloud.
 1. INTRODUCTION

Cloud computing is an internet-based computing technology, where shared resources such as

software, platform, storage and information are provided to customers on demand. Cloud computing
is a computing platform for sharing resources that include infrastructures, software, applications, and
business processes. Cloud Computing is a virtual pool of computing resources. It provides computing
resources in the pool for users through internet. Cloud computing, as an emerging computing
paradigm aiming to share storage, computation, and services transparently among a massive users.
The exact definition of cloud computing is A large-scale distributed computing paradigm that is driven
by economies of scale, in which a pool of abstracted, virtualized, dynamically scalable, managed
computing power, storage, platforms, and services are delivered on demand to external customers
over the Internet
.
Current cloud computing systems pose serious limitation to protecting user’s data confidentiality.
Since users sensitive data is presented in unencrypted forms to remote machines owned and operated
by third party service providers, the risks of unauthorized disclosure of the user’s sensitive data by
service providers may be quite high. There are many techniques for protecting user’s data from
outside attackers. An approach is presented to protecting the confidentiality of user’s data from
service providers, and ensures service providers cannot collect user’s confidential data while the data
is processed and stored in cloud computing systems. Cloud computing systems provide various
Internet based data storage and services. Due to its many major benefits, including cost effectiveness
and high scalability and flexibility, cloud computing is gaining significant momentum recently as a new
paradigm of distributed computing for various applications, especially for business applications. Along
with the rapid growth of the Internet. With the rise of the era of cloud computing, concerns about
Internet Security continue to increase. To address this problem we propose the design of a system
that will capture the movement of information on the cloud. We will be identifying whether there is a
need for some type of security capture device/measure on the cloud, which will allow users to know
whether their information is secure and safe without comprising from threats and attacks.

2. EVOLUTION OF CLOUD COMPUTING

Cloud computing began to get both awareness and popularity in the early 2000s. When the concept
of cloud computing originally came to prominence most people did not fully understand what role it
fulfilled or how it helped an organization. In some cases people still do not fully understand the concept
of cloud computing. Cloud computing can refer to business intelligence (BI), complex event
processing (CEP),
1
service-oriented architecture (SOA), Software as a Service (SaaS), Web-oriented architecture (WOA),
and even Enterprise 2.0. With the advent and growing acceptance of cloud- based applications like
Gmail, Google Calendar, Flickr, Google Docs, and Delicious, more and more individuals are now open to
using a cloud computing environment than ever before. As this need has continued to grow so has the
support and surrounding infrastructure needed to support it. To meet those needs companies like
Google, Microsoft, and Amazon have started growing server farms in order to provide companies with
the ability to store, process, and retrieve data while generating income for themselves. To meet this
need Google has brought on-line more than a million servers in over 30 data centres across its global
network. Microsoft is also investing billions to grow its own cloud infrastructure. Microsoft is currently
adding an estimated 20,000 servers a month. With this amount of process, storage and computing
power coming online, the concept of cloud computing is more of a reality than ever before. The growth
of cloud computing had the net effect of businesses migrating to a new way of managing their data
infrastructure. This growth of cloud computing capabilities has been described as driving massive
centralization at its deep centre to take advantage of economies of scale in computing power, energy
consumption, cooling, and administration.

3. CLOUD ARCHITECTURE

The architecture of cloud involves multiple cloud components communicating with each other over the
application programming interfaces (APIs), usually web services. The two most significant components
of cloud computing architecture are known as the front end and the back end. The front end is the part
seen by the client, i.e. the customer. This includes the client’s network or computer, and the
applications used to access the cloud via a user interface such as a web browser. The back end of the
cloud computing architecture is the cloud itself, which comprises of various computers, servers and data
storage devices.
The general architecture of cloud platform is also known as cloud stack given in figure
3.1. Cloud services may be offered in various forms from the bottom layer to top layer
in which each layer represent one service model. The three key cloud delivery models
are software as a service (SaaS), platform as a service (PaaS), and infrastructure as a
service (IaaS). Infrastructure-as-a-Service (IaaS) is offered in the bottom layer, where
resources are aggregated and managed physically (e.g., Emulab) or virtually (e.g.,
Amazon EC2), and services are delivered in forms of storage (e.g., GoogleFS), network
(e.g., Openflow), or computational capability (e.g., Hadoop MapReduce). The middle
layer delivers Platform- as a-Service (PaaS), in which services are provided as an
environment for programming (e.g., Django) or software execution (e.g., Google App
Engine). Software- as-a Service
2
(SaaS) locates in the top layer, in which a cloud provider further confines client
flexibility by merely offering software applications as a service. Apart from the service
provisioning, the cloud provider maintains a suite of management tools and facilities
(e.g., service instance life-cycle management, metering and billing, dynamic
configuration) in order to manage a large cloud system.
Cloud deployment models include public, private, community, and hybrid clouds
which is shown in figure 3.2. Public clouds are external or publicly available cloud
environments that are accessible to multiple tenants, whereas private clouds are
typically tailored environments with dedicated virtualized resources for particular
organizations. Similarly, community clouds are tailored for particular groups of
customers.

Figure 3.1: Cloud delivery model

 Figure 3.2: Cloud deployment model

4. CLOUD SECURITY CHALLENGES

The world of computation has changed from centralized to distributed systems and now we are
getting back to the virtual centralization which is the Cloud Computing. Location of data and processes
makes the difference in the realm of computation. We have the cloud computing wherein, the service
and data maintenance is provided by some vendor which leaves the client/customer unaware of
where the processes are running or where the data is stored. So, logically speaking, the client has no
control over it. The cloud computing uses the internet as the communication media. When we look at
the security of data in the cloud computing, the vendor has to provide some assurance in service level
agreements (SLA) to convince the customer on security issues. Organizations use cloud computing as a
service infrastructure, critically like to examine the security and confidentiality issues for their business
critical insensitive applications. What are the security concerns that are preventing companies from
taking advantage of the cloud? This section deals with the taxonomy of the security concerns.
Traditional security issues are still present in cloud computing environments. But as enterprise
boundaries have been extended to the cloud, traditional security mechanisms are no longer suitable
for applications and data in cloud. Traditional concerns involve computer and network intrusions or
attacks that will be made possible or at least easier by moving to the cloud. Cloud providers respond
to these
4
 concerns by arguing that their security measures and processes are more mature and tested than
those of the average company. It could be easier to lock down information if it’s administered by a
third party rather than in-house, if companies are worried about insider threats In addition, it may be
easier to enforce security via contracts with online services providers than via internal controls. Due to
the openness and multitenant characteristic of the cloud, cloud computing is bringing tremendous
impact on information security field. Availability concerns centre on critical applications and data
being available. Well publicized incidents of cloud outages include Gmail. As with the Traditional
Security concerns, cloud providers argue that their server uptime compares well with the availability
of the cloud users own data centres. Cloud services are thought of as providing more availability, but
perhaps not there are more single points of failure and attack. Third-party data control the legal
implications of data and applications being held by a third party are complex and not well understood.
There is also a potential lack of control and transparency when a third party holds the data. Part of the
hype of cloud computing is that the cloud can be implementation independent, but in reality
regulatory compliance requires transparency into the cloud.

4.1 CHARACTERISTICS OF CLOUD COMPUTING

Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences
from, traditional computing approaches:

• On-demand self-service - A consumer can unilaterally provision computing capabilities such as

server time and network storage as needed automatically, without requiring human interaction
with a service provider.

• Broad network access - Capabilities are available over the network and accessed through standard
mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones,
laptops, and PDAs) as well as other traditional or cloud based software services.

• Resource pooling - The providers computing resources are pooled to serve multiple consumers
using a multi-tenant model, with different physical and virtual resources dynamically assigned and
reassigned according to consumer demand. There is a degree of location independence in that the
customer generally has no control or knowledge over the exact location of the provided resources,
but may be able to specify location at a higher level of abstraction (e.g., country, state, or
datacentre). Examples of resources include storage, processing, memory, network bandwidth, and
virtual machines. Even private clouds tend to pool resources between different parts of the same
organization.

5
 • Rapid elasticity - Capabilities can be rapidly and elastically provisioned in some cases automatically
to quickly scale out; and rapidly released to quickly scale in. To the consumer, the capabilities
available for provisioning often appear to be unlimited and can be purchased in any quantity at any
time.

• Measured service - Cloud systems automatically control and optimize resource usage by leveraging
a metering capability at some level of abstraction appropriate to the type of service (e.g., storage,
processing, bandwidth, or active user accounts). Resource usage can be monitored, controlled, and
reported providing transparency for both the provider and consumer of the service.

4.2 SECURITY CHALLENGES

Cloud computing becomes a successful and popular business model due to its charming features. In
addition to the benefits at hand, the former features also result in serious cloud-

6
specific security issues. The people whose concern is the cloud security continue to hesitate to
transfer their business to cloud. Security issues have been the dominate barrier of the
development and widespread use of cloud computing. Understanding the security and privacy
risks in cloud computing and developing efficient and effective solutions are critical for its
success. Although clouds allow customers to avoid start-up costs, reduce operating costs, and
increase their agility by immediately acquiring services and infrastructural resources when
needed, their unique architectural features also raise various security and privacy concerns.
There are three main challenges for building a secure and trustworthy cloud system:

• Outsourcing - Outsourcing brings down both capital expenditure (CapEx) and

operational expenditure for cloud customers. However, outsourcing also means
that customers physically lose control on their data and tasks. The loss of control
problem has become one of the root causes of cloud insecurity. To address
outsourcing security issues, first, the cloud provider shall be trustworthy by
providing trust and secure computing and data storage; second, outsourced data
and computation shall be verifiable to customers in terms of confidentiality,
integrity, and other security services. In addition, outsourcing will potentially incur
privacy violations, due to the fact that sensitive/classified data is out of the
owner’s control.

– Data service outsourcing security - Cloud computing provides access to data,

but the challenge is to ensure that only authorized entities can gain access
to it. When we use cloud environments, we rely on third parties to make
decisions about our data and platforms in ways never seen before in
computing. It’s critical to have appropriate mechanisms to prevent cloud
providers from using customer’s data in a way that hasn’t been agreed
upon. It seems unlikely that any technical means could completely prevent
cloud providers from abusing customer data in all cases, so we need a
combination of technical and nontechnical means to achieve this. Clients
need to have significant trust in their provider’s technical competence and
economic stability.
For the former concern, data encryption before outsourcing is the simplest
way to protect data privacy and combat unsolicited access in the cloud and
beyond. But encryption also makes deploying traditional data
7
utilization services such as plaintext keyword search over textual data or
query over database a difficult task. The trivial solution of downloading all
the
 data and decrypting it locally is clearly impractical, due to the huge
bandwidth cost resulting from cloud scale systems. This problem on how to
search encrypted data has recently gained attention and led to the
development of searchable encryption techniques. At a high level, a
searchable encryption scheme employs a prebuilt encrypted search index
that lets users with appropriate tokens securely search over the encrypted
data via keywords without first decrypting it. However, considering the
potentially large number of on-demand data users and the huge amount of
outsourced data files in the cloud, this problem is still particularly
challenging because meeting performance, system usability, and scalability
requirements is extremely difficult.
Another important issue that arises when outsourcing data service to the
cloud is protecting data integrity and long-term storage correctness.
Although outsourcing data to the cloud is economically attractive for long-
term, large-scale storage, it doesn’t immediately guarantee data integrity
and availability. This problem, if not properly addressed, can impede the
successful deployment of a cloud architecture. Given that users no longer
locally possess their data, they can’t utilize traditional cryptographic
primitives to protect its correctness. Such primitives usually require a local
copy of the data for integrity verification, which isn’t viable when storage is
outsourced. Furthermore, the large amount of cloud data and the users
constrained computing capabilities make data correctness auditing in a
cloud environment expensive and even formidable. So, enabling a unified
storage auditing architecture is important for this nascent cloud economy to
become fully established; users will need ways to assess risk and gain trust
in the cloud. From a system-usability viewpoint, such a design should incur
very limited auditing overhead in terms of computation and bandwidth,
incorporate cloud data’s dynamic features, and preserve user’s privacy
when a specialized third-party auditor is introduced.

– Computation outsourcing security - Another fundamental service enabled

within the cloud paradigm is computation outsourcing. By outsourcing
workloads to the cloud, user’s computational power is no longer limited by
their resource-constrained devices. Instead, they can enjoy the clouds
literally unlimited computing resources in a pay-per-use manner without
committing any large capital outlays locally.
 However, current outsourcing practice operates in plaintext that is, it
reveals both data and computation results to the commercial public cloud.
This can raise big security concerns, especially when the outsourced
computation workloads contain sensitive information, such as a business’s
financial records, proprietary research data, or even personally identifiable
health information. Furthermore, the clouds operational details aren’t
transparent enough to users. Consequently, various motivations can cause
the cloud to behave unfaithfully and return incorrect results. These range
from possible software bugs, hardware failures, or even outsider attacks to
cloud servers deliberately being lazy to save computational costs. Thus,
were in great need of secure computation outsourcing mechanisms to both
protect sensitive workload information and ensure that the computation
results returned from the cloud are correct. This task is difficult, however,
due to several challenges that the mechanism design must meet
simultaneously. First, such a mechanism must be practically feasible in
terms of computational complexity. Otherwise, either the users cost can
become prohibitively huge, or the cloud might not be able to complete the
outsourced computations in a reasonable amount of time. Second, it must
provide sound security guarantees without restricting system assumptions.
Namely, it should strike a good balance between security guarantees and
practical performance. Third, this mechanism must enable substantial
computational savings at the user side compared to the amount of effort
required to solve a problem locally. Otherwise, users have no reason to
outsource computation to the cloud. A recent breakthrough in fully
homomorphic encryption (FHE) has shown the general results of secure
computation outsourcing to be viable in theory. But applying this general
mechanism to everyday computing tasks is still far from practical due to FHE
operations extremely high complexity, which can’t yet be handled in
practice.
9
• Multi-tenancy - Multi-tenancy means that the cloud platform is shared and
utilized by multiple customers. Moreover, in a virtualized environment, data
belonging to different customers may be placed on the same physical machine by
certain resource allocation policy. Adversaries who may also be legitimate cloud
customers may exploit the co-residence issue. A series of security issues such as
data breach, computation breach, flooding attack etc., are incurred. Although
Multi-tenancy is a definite choice of cloud venders due to its economic
efficiency, it provides new
 vulnerabilities to the cloud platform [5]. From a customer’s perspective, the
notion of using a shared infrastructure could be a huge concern. However, the
level of resource sharing and available protection mechanisms can make a big
difference. For example, to isolate multiple tenant’s data, Salesforce.com employs
a query rewriter at the database level, whereas Amazon uses hypervisors at the
hardware level. Providers must account for issues such as access policies,
application deployment, and data access and protection to provide a secure,
multi-tenant environment.
Multi-tenancy security and privacy is one of the critical challenges for the public
cloud, and finding solutions is pivotal if the cloud is to be widely adopted.
However, little work exists today that not only addresses these problems but also
consistently and scalably maintains this dynamic computing environments
scalability.

• Massive data and intense computation - Cloud computing is capable of handling

mass data storage and intense computing tasks. Therefore, traditional security
mechanisms may not suffice due to unbearable computation or communication
overhead. For example, to verify the integrity of data that is remotely stored, it is
impractical to hash the entire data set. To this end, new strategies and protocols
are expected.

5. NEED FOR SECURITY IN CLOUD

A user’s dependence on cloud is analogous to a person’s dependence on public transportation

as it forces one to trust over which one have no control, limits what one can transport, and
subjects us to rules and schedules that wouldn’t apply if one had their own vehicles. On the
other hand, it is so economical that one doesn’t realistically have any alternative. Users of the
cloud aren’t aware about the location of the data and ultimately have to rely on the cloud
service provider for exercising appropriate security measures. Therefore cloud security issue is
the most important and elicited topic among the IT professionals.
Security in cloud computing is of two types:

• Data security It focuses on protecting the software and hardware associated with the cloud. It
deals with choosing an apt location for data centres so as to protect it from internal threats,
different types of weather conditions, fire and even physical attacks that might destroy the
centre physically and external threats avoiding unauthorized access and break ins.

10
 • Network security Protecting the network over which cloud is running from various attacks DOS,
DDOS, IP Spoofing, ARP Spoofing and any novel attacks that intruders may device. Attack on data
affects a single user whereas a successful attack on Network has the potential to affect multiple
users. Therefore network security is of foremost importance.

5.1 SECURITY AND PRIVACY ATTRIBUTES

Five most representative security and privacy attributes are confidentiality, integrity, availability,
accountability, and privacy-preservability, which is shown in figure 5.1. Within the enterprise
boundaries, data transmission usually does not require encryption, or just have a simple data
encryption measure. For data transmission across enterprise boundaries, both data
confidentiality and integrity should be ensured in order to prevent data from being tapped and
tampered with by unauthorized users. In other words, only the data encryption is not enough.
Data integrity is also needed to be ensured .Therefore it should ensure that transport protocols
provide both confidentiality and integrity. Confidentiality and integrity of data transmission need
to

11
 Figure 5.1: Security and privacy attributes

ensure not only between enterprise storage and cloud storage but also between
different cloud storage services.
Threats to these attributes and Defence strategies are discussing below.

5.1.1 Cloud confidentiality

Confidentiality is defined as the assurance that sensitive information is not disclosed to

unauthorized persons, processes, or Devices. i.e., customer’s data and computation
tasks are to be kept confidential from both the cloud provider and other customers.
Confidentiality remains as one of the greatest concerns with regards to cloud
computing. This is largely due to the fact that customers outsource their data and
computation tasks on cloud servers, which are controlled and managed by potentially
untrustworthy cloud providers.

12
User’s confidential data is disclosed to a service provider if all of the following three
conditions are satisfied simultaneously

• The service provider knows where the user’s confidential data is located inthe
cloud computing systems.

• The service provider has privilege to access and collect the user’s confidentialdata
in cloud.

• The service provider can understand the meaning of the user’s data.

Threats to cloud confidentiality

• Cross-Virtual Machine (VM) attack via Side Channels - A Cross-VM attack exploits
the nature of multi-tenancy, which enables that VMs belonging to different
customers may co-reside on the same physical machine. Timing side channels as
an insidious threat to cloud computing security due to the fact that
a) the timing channels pervasively exist and are hard to control due to the nature
of massive parallelism and shared infrastructure; b) malicious customers are able
to steal information from other ones without leaving a trail or raising alarms.

• Malicious sysAdmin: The Cross-VM attack discusses how others may violate
confidentiality cloud customers that co-residing with the victim, although it is not
the only threat. Privileged sysadmin of the cloud provider can perform attacks by
accessing the memory of a customer’s VMs. For instance, Xenaccess enables a
sysadmin to directly access the VM memory at run time by running a user level
process in Domain0.

Defence strategies

Approaches to address cross-VM attack fall into six categories: a) placement prevention
intends to reduce the success rate of placement; b) physical isolation enforcement; c)
new cache designs; d) fuzzy time intends to weaken malicious VMs ability to receive the
signal by eliminating fine-grained timers; e) forced VM determinism ensures no timing
or other non-deterministic information leaking to adversaries; f) cryptographic
implementation of timing-resistant cache.
13
• Placement prevention: In order to reduce the risk caused by shared infrastructure,
a few suggestions to defend the attack in each step are given in . For instance,
cloud
 providers may obfuscate co-residence by having Dom0 not respond in traceroute,
and/or by randomly assigning internal IP addresses to launched VMs. To reduce
the success rate of placement, cloud providers might let the users decide where
to put their VMs; however, this method does not prevent a brute-force strategy.

• Co-residency detection: The ultimate solution of cross-VM attack is to eliminate

co- residency. Cloud customers (especially enterprises) may require physical
isolation, which can even be written into the Service Level Agreements (SLAs).
However, cloud vendor may be reluctant to abandon virtualization that is
beneficial to cost saving and resource utilization. One of the left options is to
share the infrastructure only with friendly VMs, which are owned by the same
customer or other trustworthy customers. To ensure physical isolation, a
customer should be enabled to verify its VMs exclusive use of a physical machine.
HomeAlone is a system that detects co-residency by employing a side- channel (in
the L2 memory cache) as a detection tool. The idea is to silence the activity of
friendly VMs in a selected portion of L2 cache for a certain amount of time, and
then measure the cache usage to check if there is any unexpected activity, which
indicates that the physical machine is coresided by another customer.

• NoHype: It attempts to minimize the degree of shared infrastructure by removing

the hypervisor while still retaining the key features of virtualization. The NoHype
architecture provides a few features: i) the one core per VM feature prevents
interference between VMs, eliminates side channels such as L1 cache, and retains
multi-tenancy, since each chip has multiple cores; ii) memory partition restricts
each VMs memory access on a assigned range; iii) dedicated virtual I/O devices
enables each VM to be granted direct access to a dedicated virtual I/O device.
NoHype has significantly reduced the hypervisor attack surface, and increased the
level of VM isolation. However, NoHype requires to change hardware, making it
less practical when consider applying it to current cloud infrastructures.

• Trusted cloud computing platform (TCCP): It offers a closed box execution

environment for IaaS services. TCCP guarantees confidential execution of guest
virtual machines. It also enables customers to attest to the IaaS provider and to
determine if the service is secure before their VMs are launched into the cloud.
The design goals of TCCP are: 1) to confine the VM execution inside the secure
perimeter; 2) that a sysadmin with root privileges is unable to access the memory
of a VM hosted in a physical node. TCCP leverages existing techniques to build
 trusted cloud computing platforms. This focuses on solving confidentiality
problems for client’s data and for computation outsourced to the cloud. With
TCCP, the sysadmin is unable to inspect or tamper with the content of running
VMs.

• Retaining data control back to customer: Considering the customers fear of losing
the data control in cloud environments, it is propose to retain data control for the
cloud customers by simply storing encrypted VMs on the cloud servers. Encrypted
VM images guarantee rigorous access control since only the authorized users
known as key-holders are permitted access. Due to the encryption, the data
cannot be mounted and modified within the cloud without an access key, assuring
the confidentiality and integrity. This approach offers security guarantees before a
VM is launched; however, there are ways to attack the VM during running time
and to jeopardize the data and computation.

5.1.2 Cloud integrity

Similar to confidentiality, the notion of integrity in cloud computing concerns both data
integrity and computation integrity. Data integrity implies that data should be honestly
stored on cloud servers, and any violations (e.g., data is lost, altered, or compromised)
are to be detected. Computation integrity implies the notion that programs are
executed without being distorted by malware, cloud providers, or other malicious
users, and that any incorrect computing will be detected.

Threats to cloud integrity

• Data loss/manipulation: In cloud storage, applications deliver storage as a service.

Servers keep large amounts of data that have the capability of being

15
accessed on rare occasions. The cloud servers are distrusted in terms of both
security and reliability, which means that data may be lost or modified
maliciously or accidentally. Administration errors may cause data loss (e.g.,
backup and restore, data migration, and changing memberships in P2P systems).
Additionally, adversaries may initiate attacks by taking advantage of data owner’s
loss of control over their own data.

• Dishonest computation in remote servers: With outsourced computation, it is

difficult to judge whether the computation is executed with high integrity. Since
the computation details are not transparent enough to cloud customers, cloud
15
 servers may behave unfaithfully and return incorrect computing results; they may
not follow the semi-honest model. For example, for computations that require
large amount of computing resources, there are incentives for the cloud to be
lazy. On the other hand, even the semi-honest model is followed, problems may
arise when a cloud server uses outdated, vulnerable code, has misconfigured
policies or service, or has been previously attacked with a rootkit, triggered by
malicious code or data.

Defence strategies

• Provable data possession (PDP): The main challenge of integrity checking is that
tremendous amounts of data are remotely stored on untrustworthy cloud
servers; as a result, methods that require hashing for the entire file become
prohibitive. In addition, it is not feasible to download the file from the server and
perform an integrity check due to the fact that it is computationally expensive as
well as bandwidth consuming. Each of the former notions is not acceptable in
cloud environments.

• Third party auditor (TPA): Instead of letting customers verify data integrity, it is
also possible to offload task of integrity checking to a third party which can be
trusted by both cloud provider and customers. It is propose to adopt a TPA to
check the integrity of outsourced data in cloud environments. TPA ensures the
following: 1) cloud data can be efficiently audited without a local data copy, and
cloud clients suffer no on-line overhead for auditing; 2) no new vulnerabilities will
be introduced to jeopardize data privacy. The key technique is a public based
homomorphic authenticator, which has been utilized in

existing literatures. When combining a homomorphic authenticator with random

masking, TPA becomes unable to access the data content while it is performing
auditing.

• Combating dishonest computing: Conventional strategies to check external

computation integrity fall into four categories:
Re-computation requires the local machine to re-do the computation, and then
compare the results. Re-computation guarantees 100detection, and does not
require trusting the cloud vendor. However, the cost is usually unbearable due to
the fact that each of the verifications require at least the equal time as the
original computation. To this end, customers could possibly have no incentive
to verify
 computation integrity in this manner. A variation of recomputation is sampling,
which offers probabilistic guarantees of mistake detection, depending on the
degree of sampling. Sampling trades accuracy for efficiency.
Replication assigns one computation task to multiple machines, and then
compares the results. Majority voting may be employed to determine
correctness. Replication assumes semi-trust to cloud vender because both
computation and verification are conducted remotely. Intelligent adversaries that
control certain amounts of machines may bypass replication checking by
returning the same incorrect results.
Auditing usually works together with logging. During the execution of a
computation, a logging component records all critical events into a log file, which
is subsequently sent to one or multiple auditors for review. Auditing is a typical
approach to do forensics investigation. One drawback of auditing is that if the
attacker understands the computation better than the auditor, it is possible for
the attacker to manipulate data bits without being detected.
Trusted computing enforces the computer to behave consistently in expected
ways with hardware and software support. The key technique of integrity
checking is known as remote attestation, which works by having the hardware
generate a certificate stating that what software is running. The certificate can
then be sent to the verifier to show that the software is unaltered. One
assumption of trusted computing is that some component like the hardware and
the hypervisor is not physically altered.
17
5.1.3 Cloud availability

Availability is crucial since the core function of cloud computing is to provide on

demand service of different levels. If a certain service is no longer available or the
quality of service cannot meet the Service Level Agreement (SLA), customers may lose
faith in the cloud system. In this section, we have studied two kinds of threats that
impair cloud availability. Threats to Cloud Availability:

Threats to cloud availability

• Flooding attack via bandwidth starvation: In a flooding attack, which can cause
Deny of Service (DoS), a huge amount of nonsensical requests are sent to a
particular service to hinder it from working properly. In cloud computing, there
are two basic types of flooding attacks:
17
 Direct DOS the attacking target is determined, and the availability of the targeting
cloud service will be fully lost.
Indirect DOS the meaning is twofold: 1) all services hosted in the same physical
machine with the target victim will be affected; 2) the attack is initiated without a
specific target.

• Fraudulent Resource Consumption (FRC) attack: A representative Economic Denial

of Sustainability (EDoS) attack is FRC, which is a subtle attack that may be carried
out over a long period (usually lasts for weeks) in order to take effect. In cloud
computing, the goal of a FRC attack is to deprive the victim (i.e., regular cloud
customers) of their long-term economic availability of hosting web contents that
are publicly accessible. In other words, attackers, who act as legal cloud service
clients, continuously send requests to website hosting in cloud servers to
consume bandwidth, which bills to the cloud customer owning the website;
seems to the web server, those traffic does not reach the level of service denial,
and it is difficult to distinguish FRC traffic from other legitimate traffic. A FRC
attack succeeds when it causes financial burden on the victim.

Defence strategies

• Defending the new DOS attack: This new type of DOS attack differs from the
traditional DOS or DDOS attacks in that traditional DOS sends traffic to the
targeting application/host directly while the new DOS attack does not; therefore,
some techniques and counter-measures for handling traditional DOSs are no
longer applicable. A DOS avoidance strategy called service migration has been
developed to deal with the new flooding attack. A monitoring agent located
outside the cloud is set up to detect whether there may be bandwidth starvation
by constantly probing the cloud applications. When bandwidth degradation is
detected, the monitoring agent will perform application migration, which may
stop the service temporarily, with it resuming later. The migration will move the
current application to another subnet of which the attacker is unaware.

• FRC attack detection: The key of FRC detection is to distinguish FRC traffic from
normal activity traffic. Idziorek et al. propose to exploit the consistency and
selfsimilarity of aggregate web activity. To achieve this goal, three detection
metrics are used: i) Zipf s law are adopted to measure relative frequency and self-
similarity of web page popularity; ii) Spearmans footrule is used to find the
proximity between two ranked lists, which determines the similarity score; iii)
overlap between the reference list and the comparator list measures the
similarity
 between the training data and the test data. Combining the three metrics yields a
reliable way of FRC detection.

5.1.4 Cloud accountability

Accountability implies that the capability of identifying a party, with undeniable

evidence, is responsible for specific events. When dealing with cloud computing, there
are multiple parties that may be involved; a cloud provider and its customers are the
two basic ones, and the public clients who use applications (e.g., a web application)
outsourced by cloud customers may be another party. A fine-grained identity, however,
may be employed to identify a specific machine or even the faulty/ malicious program
that is responsible.

Threats to Cloud accountability

• SLA violation: the loss of data control is problematic when something goes awry.
For instance, the following problems may possibly arise: 1) The machines

19
in the cloud can be mis-configured or defective and can consequently corrupt the
customers data or cause his computation to return incorrect results; 2) The cloud
provider can accidentally allocate insufficient resources for the customer, an act
which can degrade the performance of the customers services and then violate
the SLA; 3) An attacker can embed a bug into the customers software in order to
steal valuable data or to take over the customers machines for spamming or DoS
attacks;
4) The customer may not have access to his data either because the cloud loses it
or simply because the data is unavailable at an inconvenient time.

• Dishonest MapReduce: MapReduce is a parallel computing paradigm that is

widely employed by major cloud providers (Google, Yahoo!, Facebook, etc.).
MapReduce splits a large data set into multiple blocks, each of which are
subsequently input into a single worker machine for processing. However,
working machines may be mis-configured or malicious, as a result, the processing
results returned by the cloud may be inaccurate.

• Hidden identity of adversaries: Due to privacy concerns, cloud providers should

not disclose cloud customer’s identity information. Anonymous access is
employed to deal with this issue; although anonymity increases privacy, it also
introduces security problems. Full anonymity requires that a customer’s
 information.
19
 • Inaccurate billing of resource consumption: The pay-as-you-go model enables
customers to decide how to outsource their business based on their necessities as
well as the financial situations. However, it is quite difficult for customers to verify
the expenses of the resource consumption due to the black box and dynamic
nature of cloud computing. From the cloud vendor’s perspective, in order to
achieve maximum profitability, the cloud providers choose to multiplex
applications belonging to different customers to keep high utilization. The
multiplexing may cause providers to incorrectly attribute resource consumption to
customers or implicitly bear additional costs, therefore reducing their cost
effectiveness. For example, I/O time and internal network bandwidth are not
metered, even though each incurs non-trivial cost. Additionally, metering sharing
effects, such as shared memory usage, is difficult.

Defence strategies

• Accountability on Service Level Agreement (SLA): To deal with this dispute of an

SLA violation, a primitive AUDIT (A, S, t1, t2) is proposed in to allow the customers
to check whether the cloud provider has fulfilled the SLA (denoted by A) for
service S between time internal t1 and t2. AUDIT will return OK if no fault is
detected; otherwise AUDIT will provide verifiable evidence to expose the
responsible party.

• Accountable virtual machine (AVM): The intent of AVM is to enable users to audit
the software execution on remote machines. AVM is able to 1) detect faults, 2)
identify faulty node, 3) provides verifiable evidence of a particular fault and point
to the responsible party. AVM is applicable to cloud computing in which
customers outsource their data and software on distrusted cloud servers. AVM
allows cloud users to verify the correctness of their code in the cloud system. The
approach is to wrap any running software in a virtual machine, which keeps a
tamper-evident log to record the entire execution of the software.

• Collaborative monitoring: A solution that is similar to AVM was developed by

maintaining an external state machine whose job is to validate the correctness of
the data and the execution of business logic in a multi-tenancy environment. The
authors in define the service endpoint as the interface through which the cloud
 services are delivered to its end users. It is assumed that the data may only be
accessed through endpoints that are specified according to the SLA between the
cloud provider and the users. The basic idea is to wrap each endpoint with an
adapter that is able to capture the input/output of the endpoint and record all the
operations performed through the endpoint. The log is subsequently sent to the
external state machine for authentication purposes.

21
• Accountable MapReduce (AMR): This problem has been addressed with
SecureMR, which adopts full task duplication to double check the processing
result. SecureMR requires that twice two different machines, which will double
the total processing time, execute a task. Additionally, SecureMR suffers false
positive when an identical faulty program processes the duplicated tasks.

• Secure provenance: Secure provenance is introduced with an aim to ensure that

verifiable evidence might be provided to trace the real data owner and the
records of data modification. Secure provenance is essential to improve data
forensic and accountability in cloud systems. It is proposed a secure provenance
scheme based on bilinear paring techniques, first bringing provenance problems
into cloud computing. Considering a file stored in cloud, when there is dispute on
that file, the cloud can provide all provenance information with the ability to plot
all versions of the file and the users that modified it. With this information, a
specific user identity can be tracked.

• Verifiable Resource Accounting: It enables cloud customers to be assured that i)

their applications indeed consumed the resources they were charged for and ii)
the consumption was justified based on an agreed policy. The scheme in considers
three roles: the customer C, the provider P, and the verifier V. First, C asks P to
run task T; then, P generates a report R describing what resources P thinks that C
consumes. C then sends the report R and some additional data to V who checks
whether R is a valid consumption report. By implementing a trusted hardware
layer with other existing technologies such as offloading monitoring, sampling,
and snapshot, it can be ensured that a) the provider does not
overcharge/undercharge customers and b) the provider correctly assigns the
consumption of a resource to the principal responsible for using that resource.
 5.1.5 Cloud privacy-preservability

Privacy is yet another critical concern with regards to cloud computing due to the fact that customer’s
data and business logic reside among distrusted cloud servers, which are owned and maintained by the
cloud provider. Therefore, there are potential risks that the confidential data (e.g., financial data, health
record) or personal information (e.g., personal profile) is disclosed to public or business competitors.
Privacy has been an issue of the highest priority. Throughout this text, we regard privacy- preservability
as the core attribute of privacy. A few security attributes directly or indirectly influence privacy
preservability, including confidentiality, integrity, accountability, etc. Evidently, in order to keep private
data from being disclosed, confidentiality becomes indispensable, and integrity ensures that
data/computation is not corrupted, which somehow preserves privacy. Accountability, on the contrary,
may undermine TABLE 5.1: Approaches of privac

y enforcement them.
Approach Description ected
Information centric Data ts have access-control security policies are
objec with
Trusted computing The system will consistently behave in exp
ways with hardware or softw
privacy due to the fact that the methodsenforcement.
of achieving the two attributes usually
conflict Cryptographic
[5]. protocols Cryptographic techniques and tools are
employed to preserve privacy.
Threats to cloud privacy

In some sense, privacy-preservability is a stricter form of confidentiality, due to the

notion that they both prevent information leakage. Therefore, if cloud confidentiality is
ever violated, privacy-preservability will also be violated. Similar to other security
services, the meaning of cloud privacy is twofold: data privacy and computation
privacy.

Defence strategies

The privacy-preserving classified into three categories, which are shown in Table 5.1. It
is proposed that Fully Homomorphic Encryption (FHE) to preserve privacy in cloud
computing. FHE enables computation on encrypted data, which is stored in the
distrusted servers of the cloud provider. Data may be processed without decryption.
The cloud servers have little to no knowledge concerning the input data, the
processing

22
function, the result, and any intermediate result values. Therefore, the outsourced
computation occurs under the covers in a fully privacypreserving way.

23
FHE has become a powerful tool to enforce privacy preserving in cloud computing.
However, all known FHE schemes are too inefficient for use in practice. While
researchers are trying to reduce the complexity of FHE, it is worthwhile to consider
alleviating the power of FHE to regain efficiency. Somewhat homomorphic encryption,
which only supports a number of homomorphic operations, which may be much faster
and more compact than FHE.
 6. CONCLUSIONS

Every new technology has its pros and cons, similar is the case with cloud computing. Although cloud
computing provides easy data storage and access. But there are several issues related to storing and
managing data, which is not controlled by owner of the data. This paper discussed security issues for
cloud. These issues include cloud integrity, cloud confidentiality, cloud availability, cloud privacy.
There are several threats to cloud confidentiality including cross-VM attack and Malicious sysadmin.
On the other hand integrity of cloud is compromised due to data loss and dishonest computation in
remote servers. Denial of Service attack (Dos) is the most common attack which is also possible in
cloud computing network. This attack attempts to prevent the data available to its intended users.
The last issue is cloud privacy and it is similar to cloud confidentiality. If cloud confidentiality is at risk,
cloud privacy will also be at risk.

24
 REFERENCES

[1] C. Wang, Q, Wan, K. Ren nd Wenjing Lou, ”Privacy-Preserving Public Auditing for Data StorageSecurity in
Cloud Computing”, Infocom, Proceedings IEEE, 2010, pp.1-9.

[2] D. Chen and H. Zhao, ”Data Security and Privacy Protection Issues in Cloud Computing”, in International
Conference on Computer Science and Electronics Engineering(ICCSEE), 2012, vol.1, pp.647-651.

[3] H. Takabi, J. B. D. Joshi and G. J. Ahn, ”Security and Privacy Challenges in Cloud Computing Environments”
, Security and Privacy, IEEE, vol.8 , no.6, pp.24-31, Nov/Dec 2010.

[4] K. Ren, C. Wang and Q. Wang, ”Security Challenges for the Public Cloud”, Internet Computing, IEEE ,
vol.16, no.1, pp.69-73, Jan/Feb 2012.

[5] Z. Xiao and Y. Xiao, ”Security and Privacy in Cloud Computing ”,IEEE Commun. Surveys and Tutorials, vol.
15, no.2, pp.843 - 859, Second quarter 2013.

[6] Cloud Security Alliance (CSA). Security Guidance for Critical Areas of Focus in Cloud Computing V2.1,
(Released December 17, 2009).
(http://www.cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf. Accessed Jan. 13, 2011.)

25