1

SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM

A Dissertation Proposal submitted

By student

mann

to

Department CSE

In partial fulfilment of the Requirement for the

Award of the Degree of

Master of Technology in

Under the guidance of

(Advisor)

Month Year

2

CERTIFICATE

This is to certify that

has completed M.Tech dissertation

proposal titled SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM under my guidance and supervision. To the best of my knowledge, the present work is the result of her original investigation and study. No part of the dissertation p r o p o s a l has ever been submitted for any other degree or diploma.

The dissertation proposal is fit for the submission and the partial fulfilment of the conditions for the award of M.Tech Computer Science & Engg.

Date: Signature of Advisor

Name:

DECLARATION

I hereby declare that the dissertation p roposa l entitled SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM submitted for the M.Tech Degree is entirely my original work and all ideas and references have been duly acknowledged. It does not contain any work for the award of any other degree or diploma.

Date: _

Investigator

Reg No.

INTRODUCTION

In its broadest usage, the term cloud computing refers to the delivery of scalable IT

resources over the Internet, as opposed to hosting and operating those resources

locally, such as on a college or university network. Those resources can include

applications and services, as well as the infrastructure on which they operate. By

deploying IT infrastructure and services over the network, an organization can

purchase these resources on an as-needed basis and avoid the capital costs of software

and hardware. With cloud computing, IT capacity can be adjusted quickly and easily

to accommodate changes in demand.

While remotely hosted, managed services have long been a part of the IT landscape, a

heightened interest in cloud computing is being encouraged by maturing standards, the

rise of hardware and software virtualization, and the push to make IT costs variable

and transparent.

Cloud and cloud-like solutions appear to be widespread and growing in higher

education, though in relatively focused areas, such as student e-mail. E-mail

notwithstanding, higher education institutions are more likely to obtain new services

from the cloud than to transition established services that have long been operated by

the campus. Many colleges and universities see pockets of cloud service usage in

other areas, often led by individual faculty or students looking for the added

flexibility and convenience that the cloud can provide.

Among the drivers that are encouraging more institutions to contemplate cloud

services are budget pressures, calls for increased reliability of and access to IT

systems, and the need for institutions to provide timely access to the latest IT

functionality.

WORKING

In traditional enterprise computing, IT departments forecast demand for

applications and capacity and invest time and money to develop those resources in-

house or purchase them from others and operate them in-house. With cloud

computing, institutions procure IT services from remote providers, and campus

constituents access these resources over the Internet. E-mail, for example, long

considered a support of an institution’s IT operations, can be obtained from a range

of sources, and a growing number of campuses contract with outside suppliers for

this function.

Software is hosted by the provider and does not need to be installed—or maintained

— on individual computers around campus. In some cases, a large university or a

consortium might become a provider of cloud services. Storage and processing

needs can also be met by the cloud. Institutions pay only for the resources used, and

users can access the applications and files they need from virtually any Internet-

connected computer. In a mature cloud computing environment, institutions would

be able to add new IT services or respond to changes in capacity on the fly, saving

capital costs that can be redirected to programs of strategic value to the institution.

The emergence of cloud computing as a viable option for a growing number of IT

services speaks to a level of Internet penetration and infrastructure maturity that did

not exist just a few years ago. Analysts expect cloud computing to see mainstream

adoption in 2–5 years, and some higher education IT leaders believe that cloud

computing programs on campus will increase considerably in the coming years. To

the extent that these efforts are successful, confidence in the model and trust in

providers will grow, and institutions will be more amenable to transferring a larger

number of services to the cloud. Conversely, a breach of trust by a cloud provider

would likely leave institutions uneasy about cloud services.

CLASSIFICATION (SERVICE)

Software as a service (SAAS): SaaS is a new model of how software is delivered. SaaS refers to software that is accessed via a web browser and is paid on a subscription basis (monthly or yearly). Different from the traditional model where a customer buys a license to software and assumes ownership for its maintenance and installation, SaaS presents significant advantages to the customer.

SaaS is faster and a cost effective way to getting implemented. There are no hardware, implementation or acquisition costs involved to run the application from the customer's side. Unlike traditional software’s where upgrades would happen once a year or once in 6 months (with the vendor coming to your office with a CD), the SaaS vendor continuously pushes new updates, fixes to the application, which is immediately accessible by the customer. This reduces the length of time it takes a customer to recognize value from the software.

Example: Google Apps (Google Docs), SalesForce.com are among the providers of

this kind of cloud computing.

Product as a Service (PAAS):-Provides the entire infrastructure needed to run applications over the Internet. It is delivered in the same way as a utility like electricity or water. Users simply “tap in” and take what they need without

worrying about the complexity behind the scenes. And like a utility, PaaS is based on a metering or subscription model so users only pay for what they use.

With PaaS, corporate IT departments can focus on innovation instead of complex infrastructure. By leveraging the PaaS, organizations can redirect a significant portion of their budgets from “keeping the lights on” to creating applications that provide real business value.

This model is driving a new era of mass innovation. For the first time, developers around the world can access unlimited computing power. Now, anyone with an Internet connection can build powerful applications and easily deploy them to users wherever they’re located.

.

Example: Google App Engine, Microsoft’s Windows Azure platform, Amazon EC2

(Amazon Elastic Compute Cloud) , etc are among the providers of this kind of

cloud computing

Infrastructure as a Service (IAAS) is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the

equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis.

Characteristics and components of IaaS include:

Utility computing service and billing model. Automation of administrative tasks.

Dynamic scaling.

Desktop virtualization .

Policy-based services.

Internet connectivity.

Infrastructure as a Service is sometimes referred to as Hardware as a Service

(HaaS).

Example: Amazon Web Services, Rackspace Cloud, Go Grid , etc are among the

providers of this kind of cloud computing.

CLASSFICATION (LOCATION)

Public Cloud: Computing infrastructure is hosted at the vendor’s premises. The customer has no visibility over the location of the cloud computing infrastructure. The computing infrastructure is shared between organizations.

Private Cloud: Computing architecture is dedicated to the customer and is not shared with other organisations. They are expensive and are considered more secure than Public Clouds. Private clouds may be externally hosted ones as well as in premise hosted clouds.

Hybrid Cloud: Organisations host some critical, secure applications in private

clouds. The not so critical applications are hosted in the public cloud. The

combination is known as Hybrid Cloud. Cloud bursting is the term used to

define a system where the organisation uses its own infrastructure for normal

usage, but cloud is used for peak loads. Cloud computing describes a new

supplement, consumption, and delivery

model for IT services based on Internet

protocols, and it typically involves

provisioning of dynamically scalable and

often virtualised resources.

It is ay product and consequence of the

ease-of-access to remote computing sites

provided by the Internet. This may take the form of web-based tools or

applications that users can access and use through a web browser as if the

programs were installed locally on their own computers.

Cloud computing providers deliver applications via the internet, which are

accessed from web browsers and desktop and mobile apps, while the

business software and data are stored on servers at a remote location .

Review of literature

1 )Xuan Zhang, Nattapong Wuwong , Hao Li,Xuejie Zhang “Information Security

Risk Management Framework for the Cloud Computing Environments” Risk

management framework is one of security assessment tool to reduction of

threats and vulnerabilities and mitigates security risks. The goal of this paper is to

present information risk management framework for better understanding critical

areas of focus in cloud computing environment, to identifying a threat and

identifying vulnerability. This framework is covering all of cloud service models

and cloud deployment models. Cloud provider can be applied this framework to

organizations to do risk mitigation. Key to the successful adoption and transition

of information systems to a cloud computing environment is the implementation

or modification of a strategic proactive information security risk management

framework for cloud computing environment. They developed a framework that

implemented in logistics Software as a Service (SaaS) . Then they are apply this

framework to Infrastructure as a Service (IaaS) environment and Platform as a

Service(IaaS) to testing this framework.

2) Xue Jing ,Zhang Jian-jun2, 2007 “A Brief Survey on the Security Model of Cloud

Computing” This paper surveys the security problems of current cloud

computing that based on the architecture of cloud computing, a security model is

proposed. In cloud computing environment, they introduce the concept of

Security Access Control Service (SACS).SACS includes Access Authorization,

Security API, cloud connection Security. Access Authorization is used to authorize

to users who want to request cloud service. Security API keeps users use specific

services safely after accessing to the cloud connection security to ensure

Combining the SACS with the existing architecture of cloud computing, A security

model of cloud computing is

Constituted they can see that no attacks in the first 10 minutes, the system

performance which no using security model is better than the using one, the

reason is the using one needs some system resources to carry out safety testing.

After attack, the performance is rapidly increasing. So the cloud computing with

the proposed security model has the more stable performance when facing the

attack threat a variety of stacks at the same time.

3) Richard Chow, Philippe Golle, Markus Jakobsson, Ryusuke Masuoka, Jesus

Molina,

“Controlling Data in the Cloud : Outsourcing Computation without Outsourcing

Control “Laboratories of America. In this paper, they characterize the problems

and their impact on adoption. They describe how the combination of existing

research thrusts has the potential to alleviate many of the concerns impeding

adoption. In particular, they argue that with continued research advances in

trusted computing and computation-supporting encryption, life in the cloud can

be advantageous from a business intelligence standpoint over the isolated

alternative that is more common today.

4) Uma Somani, Kanika Lakhani, Manish Mundra ”Implementing Digital Signature

with RSA Encryption Algorithm to Enhance the Data Security of Cloud in Cloud

Computing” The cloud is a next generation platform that provides dynamic

resource pools, virtualization, and high availability. In this Research Paper, they

have tried to assess Cloud Storage Methodology and Data Security in cloud by the

Implementation of digital signature with RSA algorithm. in this paper propose ,

Digital Signature with RSA encryption algorithm to enhance data Security in Cloud

.A digital signature or digital signature scheme is a mathematical scheme for

demonstrating the authenticity of a digital message or document. A valid digital

signature gives a recipient reason to believe that the message was created by a

known sender, and that it was not altered in transit.

They proposed digital signature with RSA algorithm scheme to ensure the security

of

data in cloud. RSA is probably the most recognizable asymmetric algorithm.

5) Xin Zhou , Harbin, China “Research and Implementation of RSA Algorithm for

Encryption and Decryption” In this paper proposed an implementation of a

complete and practical RSA encrypt/decrypt solution based on the study of RSA

public key algorithm. In addition, the encrypt procedure and code

implementation is provided in details. Cryptographic technique is one of the

principal means to protect information security the encryption and decryption

solution can ensure the confidentiality of the information, as well as the integrity

of information and certainty, to prevent information from tampering, forgery and

counterfeiting. Encryption and decryption algorithm's security depends on the

algorithm while the internal structure of the rigor of mathematics, it also depends

on the key confidentiality RSA algorithm has been used as a possible

authentication methods in ISAKMP / Oakley framework. Diffie-Hellman key

exchange algorithm is a key component of the framework. a key agreement

session, participants communicate by using Diffie-Hellman algorithm and create

shared keys which will be used for key agreement protocol of follow-up steps in

order to achieve the optimal efficiency, the symmetric key algorithms and public

key cryptography algorithms are always combined together. That is using a

symmetric key cryptosystem to encrypt the confidential information needed to be

sent, while using the RSA asymmetric key cryptosystem to send the DES key.

6) Jayalatchumy ,Ram kumar,Kadhirvelu “Preserving Privacy through Data Control

in a Cloud Computing Architecture using Discretion Algorithm”India.Cloud

computing is an On-demand self-service Internet infrastructure where a customer

can pay and use only what is needed, managed by an API. The SP plays an active

role in transmitting information across the cloud. Providing security requires more

than user authentication with passwords or digital certificates. The discretion

algorithm has been designed and the IDS provide passive security solution. In this

paper define working of cloud computing cloud computing system is divided it

into two sections: the front end and the back end. They connect to each other

through a network, usually the Internet. The front end is the side the computer

user, or client, sees. The back end is the "cloud" section of the system. The front

end includes the client's computer and the application required to access the

cloud computing system. On the back end of the system are the various

computers, servers and data storage systems that create the “cloud" of

computing services

.

SIGNIFICANCE

Cloud computing presents IT organizations with a fundamentally different model of

operation, one that takes advantage of the maturity of web applications and

networks and the rising interoperability of computing systems to provide IT services.

Cloud providers specialize in particular applications and services, and this expertise

allows them to efficiently manage upgrades and maintenance, backups, disaster

recovery, and failover functions. As a result, consumers of cloud services may see

increased reliability, even as costs decline due to economies of scale and other

production factors.

With cloud computing, organizations can monitor current needs and make on-the-

fly adjustments to increase or decrease capacity, accommodating spikes in demand

without paying for unused capacity during slower times. Aside from the potential to

lower costs, colleges and universities gain the flexibility of being able to respond

quickly to requests for new services by purchasing them from the cloud. Cloud

computing encourages IT organizations and providers to increase standardization of

protocols and processes so that the many pieces of the cloud computing model can

interoperate properly and efficiently.

Cloud computing scalability is another key benefit to higher education, particularly

for research projects that require vast amounts of storage or processing capacity for

a limited time. Some companies have built data centres near sources of renewable

energy, such as wind farms and hydroelectric facilities, and cloud computing affords

access to these providers of “green IT.” Finally, cloud computing allows college and

university IT providers to make IT costs transparent and thus match consumption of

IT services to those who pay for such services.

OBJECTIVE

Understanding basic of cloud computing.

Implementing Cloud computing using Microsoft Azure in .NET Framework.

Implementation of CAESAR CIPHER algorithm of Encryption and

Decryption.

Implementing the RSA algorithm of Encryption and Decryption.

Providing data security to data using both of the above algorithms.

METHODOLOGY

In this research method we be experimenting with the given data ,and try to

secure this data from unauthorized access .Method of data security is Caesar

Cipher and RSA algorithm for providing data security ,Firstly data will be

encrypted using Caesar Cipher method which is further encrypted using RSA

method . And this data then can only be decrypted by authorized person by using

his private key.

FORMULATION OF HYPOTHESES

In all emerging areas of engineering science, there is normally a lack of knowledge

about their underlying processes, and technologies. Knowledge can be built if the

experiences are gathered and organized in the proper manner. This acquired

knowledge can be reused in many useful ways. Taking the above point into

consideration, they will be devising a mechanism or a way of storing and reusing

the past valuable experiences gained by the people during project development.

So the problem can be stated as SECURITY IN CLOUD USING CAESER CIPHER AND RSA

ALGORTHIM

SOURCES OF DATA

Data will be provided by the user when the application is run, qualitative data is

considered for that purposes.

RESEARCH DESIGN

It consists of using .Net framework for implementing the interface of the

application deployed in cloud .Application will have basic layout and will

implement Caesar Cipher and RSA algorithm for creating working layout.

TOOL

VISUAL STUDIO -2010 with cloud computing add in will be used to implement the

flow of the cloud computing application.

REFERENCES

http://searchcloudcomputing.techtarget.com/definition/public-cloud

http://microreviews.org/types-of-cloud-computing/

http://searchcloudcomputing.techtarget.com/sDefinition/0,

sid201_gci1287881,00.html

http://searchsecurity.techtarget.com/definition/RSA

http://www.boingboing.net/2009/09/02/cloudcomputing-skep.html

uan Zhang, Nattapong Wuwong, Hao Li 2”Information Security Risk Management

Framework for the Cloud”

Xue Jing, China Zhang Jian-jun2,(2007) “A Brief Survey on the Security Model of

Cloud Computing”

Richard Chow, Philippe Golle, Markus Jakobsson, Ryusuke Masuoka, Jesus Molina

Elaine Shi,” Controlling Data in the Cloud: Outsourcing Computation without

Outsourcing Control “

Uma Somani, Kanika Lakhani, Manish Mundra ”Implementing Digital Signature

with RSA EncryptionAlgorithm to Enhance the Data Security of Cloud”

Jayalatchumy, . Kadhirvelu “Preserving Privacy through Data Control in a Cloud

Computing Architecture using Discretion Algorithm”India.

Prashant Srivastava1, Satyam Singh2, Ashwin Alfred Pinto3, Shvetank Verma4,

Vijay K. Chaurasiya5, Rahul Gupta “An architecture based on proactive model for

security in cloud computing”

Xin Zhou , Teclmology Harbin “Implementation of RSA Algorithm for Encryption

and Decryption” China