Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
© 2016, IJARCSMS All Rights Reserved 223 | P a g e
ISSN: 2321-7782 (Online) Impact Factor: 6.047
Volume 4, Issue 6, June 2016
International Journal of Advance Research in Computer Science and Management Studies
Research Article / Survey Paper / Case Study Available online at: www.ijarcsms.com
Cloud Data Security for Users Sujit Laxman Thorat
1
Department of Computer Engineering,
G. S. Moze College of Engineering,
Savitribai Phule Pune University,
Balewadi, Pune-411045, India
Pradnya R. Patange2
Department of Computer Engineering,
G. S. Moze College of Engineering,
Savitribai Phule Pune University,
Balewadi, Pune-411045, India
Abstract: Many users use cloud for storage and processing of data for maintaining Backup of Data. Here, the question is
that should users trust the security services provided by cloud as it is managed by third party. Previous System’s security
provided for users data consists of digital watermarking for image, secret sharing of data(image). But secret shares of image
data are not protected in existing system and are vulnerable to attackers. Watermark in existing system works only for
images and not for video/audio. In existing system, Reed-Solomon code is used for correction of transmission errors. The
required processing power for R-S code increases quadratically and as the required maximum level of protection increases,
the additional overhead needed for the R-S code increases with very large amount. Proposed System consists of advanced
watermarking operations so that all multimedia data such as Image, Video and Audio can be watermarked for
authentication of user data. Multimedia Data is splitted into shares in such a way that data remains secure. Also, AES
encryption protection is provided for each share of multimedia so that data is kept protected from attackers. DF Raptor code
is used for transmission error correction which has much better results than R-S code. Additional overhead for required
maximum level of protection is much lesser in case of DF Raptor code than that of R-S code.
Keywords: AES, encryption, DF Raptor, watermarking, authentication, transmission error, Additional overhead.
I. INTRODUCTION
With the fast development of current information technology, electronic publishing, such as the distribution of digitized
images and videos is becoming more and more popular. Digital multimedia content such as images and videos can easily be sent
through the Internet to the cloud system. In particular, data access over wireless networks from the media cloud has recently
found increased popularity due to the fast growth of wireless multimedia applications. However, multimedia security has
become an increasingly major concern for cloud media data access control. It is important to ensure secure and reliable
multimedia data transmissions between users and the media cloud. Since the data can be transferred and stored in a cloud
system through wireless, it becomes vulnerable to unauthorized disclosures, modifications, and replay attacks. A critical
question must be answered when the mobile clients upload their multimedia to the cloud: can users trust the media cloud?
Cloud computing supports distributed service oriented architecture, multi-user and multi-domain administrative
infrastructure. So, it is more prone to security threats and vulnerabilities. At present, a major concern in cloud adoption is
towards its security and privacy. Security and privacy issues are of great concern to cloud service providers who are actually
hosting the services. In most cases, the provider must guarantee that their infrastructure is secure and clients' data and
applications are safe, by implementing security policies and mechanisms. The security issues are organized into several general
categories: trust, identity management, software isolation, data protection, availability reliability, ownership, data backup, data
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 224 | P a g e
portability and conversion, multi-platform support and intellectual property. In this paper, some of the techniques are discussed
that were implemented to protect data and propose architecture to protect data in cloud.
II. LITERATURE SURVEY
A. Existing System
Watermarking provides a possible solution to ensure and safeguard copyright and intellectual property rights for online
multimedia content. Multimedia has its own characteristics, and the traditional security methods for the mobile cloud have
limitations such as higher computational and communication overhead. On the other hand, many researchers are aware of the
issues of copyright protection, image authentication, proof of ownership, and so on. Existing System provides Digital
Watermarking authentication security and Secret Sharing of Data in multiple clouds. Discrete wavelets transform (DWT)-based
watermarking is within the category of frequency domain watermarking techniques. The process of transforming the image into
its transform domain varies; hence, the resulting coefficients are different. Generally, the watermarked data are embedded in a
transformed image. In other words, the watermark is inserted into transformed coefficients of the input image. Finally, inverse
transform is performed on the watermarked image. The watermark detection process is the inverse procedure of the watermark
insertion process.
Furthermore, existing system also proposed a secret sharing scheme to divide multimedia data into multiple pieces and then
uploading them to different cloud servers. In this situation, even the data pieces in one cloud are disclosed, but all of the
information cannot be disclosed due to the nature of secret sharing. The secret image sharing scheme is widely applied in visual
cryptography. To secure an image, a secret image sharing scheme usually divides the image into n unreadable images (shares).
The secret image can be recovered by at least a threshold number (r) of shares known as the (r, n) secret sharing threshold.
Also, existing system provides Reed-Solomon Code for transmission error corrections in data which is good in extracting data
bits than general extraction algorithm. Watermark can be attacked by transmission errors and it may become undetectable due to
errors. Watermark errors can be corrected using RS code which is better than other codes for watermark.
Limitations of Existing System
Secret shares of data in existing system are not protected by security mechanism such as Encryption. If Secret Shares are
passed in sequence over a network then Secret Image can be obtained easily by combining shares. Data privacy approach is not
provided in existing system. No security provided for image shares in existing system. This is main limitation of existing
system. Watermark algorithm in existing system works only for images and not for video/audio. As existing system uses
Wavelet Coefficient and three level DWT technique for Watermarking, it does not work for audio/video. The required
processing power for R-S code increases quadratically and as the required maximum level of protection increases, the additional
overhead needed for the R-S code increases with very large amount.
III. PROPOSED SYSTEM
Proposed System consists of following algorithms:
A. Watermark Embedding and Extraction algorithms:
Watermarking is the process of hiding digital information in a carrier signal. Digital watermarks may be used to verify the
authenticity or integrity of the carrier signal or to show the identity of its owners. It is prominently used for tracing copyright
infringements and for banknote authentication. Image such as jpg, png, bmp etc. can be used as Watermark image to embed into
multimedia data. For embedding watermark, Password of user is used as key for embedding watermark into input file.
Watermark is mainly used for authentication or copyright of user over data stored on cloud. For each different format of
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 225 | P a g e
multimedia data, a byte offset is set in WatermarkOperations class for embedding watermark into Master file from that byte
offset address.
Open Master and Watermark files in Input Mode.
Open Target(Composite) file in Output Mode.
If compression != 0 then features= CEF else features= UEF.
Calculate watermark size, master file size and target file size.
Get Master byte array, Watermark byte array and initialize target byte array.
Check master file extension against image, video and audio formats.
Set Offset address of file format into inputoutputmarker.
Obtain master data characteristics.
Embed bytes of Watermark into target byte array using inputoutputmarker and secret key.
Write 1 byte for features into target array.
Embed the 3 byte version information into the target byte array.
Embed 1 byte compression ratio into the target byte array.
Embed Master file bytes into target byte array using inputoutputmarker, watermark bytes size, file format and master file
data characteristics.
Arrange target byte array in such a way that watermark is hided inside master file data.
Watermark Extraction algorithm is reverse of Watermark Embedding algorithm.
B. File Splitting and Merging Algorithm:
After watermark embedding into multimedia file, file is split into 4 shares. Splitting is in such a way that data is not easily
identified by an attacker after splitting. This technique removes drawback of Secret Shares generation technique used in existing
system. Split shares are then passed to next step in flow.
Input : F, N.
Output: Sending ‘fc’ to destination cloud.
Step 1: Find File Size in bytes.
F_Sz = Sizeof (FN).
Step 2: Make ‘n’ Chunks of file in such a way that data is not easily identified by an attacker after splitting.
Where fc_Sz = F_Sz/N.
FC = {fc1, fc2,………, fcn}
Step 3: Send each chunk to the destined cloudserver using access-token.
For j=1 to N do
Get access-token[j] from FTP setting module;
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 226 | P a g e
fc[j]access-token[j]; //send each file chunk to specified Cloud Server.
Merging algorithm is reverse of Splitting algorithm.
C. AES Encryption algorithm:
Fig. 1 AES Encryption Algorithm
It is based on ‘substitution–permutation network’.
Three types of keys can be used such as 128-bit, 192-bit or 256-bit key.
It is symmetric block cipher algorithm.
Performs computations on bytes rather than bits.
For different Key Size, different number of rounds are executed for input block of data.
Input data is divided into blocks of 128 bits(16 bytes) each.
Each split share of watermarked multimedia is encrypted using AES Encryption technique. This gives protection to each
share of data from attacker where as in existing system, there is no such protection given.
D. DF Raptor Code algorithm:
DF Raptor is an erasure correction code, capable of correcting “missing” or “lost” data. By recovering lost data packets
without requiring retransmission from the sender, DF Raptor efficiently and effectively provides reliability in data networks.
DF Raptor code offers:
The ability to generate a potentially limitless amount of encoded data from any original set of source data, thereby
supporting extremes of low or high network loss as needed for a particular application.
The ability to recover the original data from an amount of successfully received encoded data only slightly greater than the
original source data, regardless of which specific encoded data has been received.
Exceptionally fast encoding and decoding algorithms - operating at nearly symmetric speeds that grow only linearly with
the amount of source data to be processed and independently of the actual amount of loss – so that DF Raptor is highly
scalable and suitable for lightweight software-based solutions.
DF Raptor guarantees error-free delivery in end-to-end communications over any data network, enhancing the quality of
streaming content or accelerating the delivery of data.
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 227 | P a g e
Fig. 2 DF Raptor code process
IV. SYSTEM ARCHITECTURE
Fig. 3 System Architecture
V. MATHEMATICAL MODEL
Design of the watermark signal to be added to the host signal. Typically, the watermark signal depends on a key and
watermark information
Possibly, it may also depend on the host data into which it is embedded.
(2)
Design of the embedding method itself that incorpo-rates the watermark signal into the host data yielding
watermarked data
(1)
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 228 | P a g e
(3)
Design of the corresponding extraction method that recovers the watermark information from the signal mixture using the
key and with help of the original
(4)
A DF Raptor code with k input symbols that produces n output symbols using symbols of size S bytes is designated Raptor
(n,k,S). Raptor Codes can produce a potentially infinite stream of symbols such that any subset of symbols of size k (1+ε) is
sufficient to recover the original k symbols with high probability. The original symbols are recovered from the collected ones
with O (k log (1/ε)) operations and output symbol is generated using O (log (1/ε)) operations.
AES algorithm steps is defined as:
Mix Column step is defined as:
Each column is treated as a polynomial over and is then multiplied modulo with a fixed polynomial.
.
Given equation explains Sub Bytes step :
(5)
VI. RESULTS
DF Raptor code is used for transmission error correction which has much better results than R-S code. Additional overhead
for required maximum level of protection is much lesser in case of DF Raptor code than that of R-S code. With Reed-Solomon
codes, however, a protection period of data must be segmented into multiple blocks that are protected individually, and the
resulting encoded blocks are then interleaved, at the cost of additional processing as well as reduced packet loss protection. For
same number of packets to be recovered, additional overhead for DF Raptor code is much lesser than reed-solomon code. Figure
3 considers a video stream with a media rate of 5 Mbps protected using a 500millisecond protection period. As
before, interleaved Reed-Solomon codes are necessary to protect the data over this protection period. Here,
however, with the symbol size and number of source symbols k held constant, different values of the number of
output symbols n are used for the DF Raptor and ReedSolomon codes to vary the protection amount. Figure 3
then shows the maximum randomly distributed packet loss rate that each code can tolerate with a mean time
between artifacts of at least 10,000 seconds (approximately every 2 hours and 46 minutes), where this level of
performance is considered by some to be a minimum requirement for commercial streaming video services.
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 229 | P a g e
Fig. 4 DF Raptor vs RS Code Algorithms
Results of Watermark and DF Raptor code improvement:
The multimedia can be corrupted by different noise attacks such as Gaussian noise (GN) with zero mean and
variance σ2 = 0.01,0.001,0.0001; Multiplicative noise with mean 0 and variance 0.1, 0.01, 0.001; Salt and pepper noise
addition with density of 10%, 10/0, 0.1%; Poisson noise; uniform noise adding. The goal is to find the corresponding
(correlated) pixel within a certain disparity range d (d E [0,….,dmax]) that minimizes the associated error and maximizes the
similarity.
Fig. 5 Average NC with Noise and DF Raptor code
The graph in fig. 5 shows that proposed system gives better Normalized Correlation (NC) than existing system for
Watermark and data recovery. Normalized Correlation (NC) is given by following equation:
NC = 1/N * sum{ [x(n) - mean(x)]* [y(n) - mean(y)] }/ (sqrt(var(x)*var(y)) (6)
where the sum is taken from 1 till N, mean(x) is the mean of x, var(x) is the variance of x, sqrt is square root.
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 230 | P a g e
VII. CONCLUSION
Proposed System provides strong security for multimedia data as compared to existing system. Digital Watermark in
proposed system provides authentication for image, video as well as audio data. DF Raptor Code improves performance of
protection from transmission errors and is powerful than Reed-Solomon Code.The analysis confirm that the proposed scheme
achieves good robustness against different attacks on multimedia data. In existing system, each cryptographic share has same
size as of input secret data and it increases space requirement. But in proposed system, storage space requirement reduces as
multimedia data is being split and then encrypted and uploaded on different cloud servers.A DF Raptor code’s processing
requirements are significantly less than that of a Reed-Solomon erasure code and grow only linearly with the source block size.
Additional overhead for required maximum level of protection is much lesser in case of DF Raptor code than that of R-S code.
Normalized Correlation in proposed system is much better than in existing system as DF Raptor code is used along with
Watermark and more symbols of original data are recovered in proposed system. Shares in proposed system are protected using
AES Encryption algorithm and it increases protection level in proposed system.
ACKNOWLEDGEMENT
With immense pleasure, I am presenting this Proposed System Work on “Cloud Data Security for Users" as a part of the
curriculum of M.E. Computer Engineering at G.S. MOZE COLLEGE OF ENGINEERING. It gives me proud privilege to
complete this Project Work under the valuable guidance of Prof. Mrs. Pradnya R. Patange. I am also extremely grateful to Prof.
Ratnaraj Kumar (HOD of Computer Department) and Principal for providing all facilities and help for smooth progress of
Project Work. I would also like to thank all the Staff Members of Computer Engineering Department, Management, friends and
my family members who have directly or indirectly guided and helped me for the preparation of this Project and gave me an
unending support right from the stage the idea was conceived.
References
1. “Security protection between users and the mobile media cloud” by Wang H. ; Wu. S. ; Chen M. ; Wang W. (PDF).
2. R. G. van Schyndel, A. Z. Tirkel, and C. F. Osborne, “A Digital Watermark,” Proc. IEEE Int’l. Conf. Image Processing, vol. 2, 1994, pp. 86–90.
3. Cox, I. J., Kilian, J., Leighton, F. T., Shamoon, T., 1997. Secure spread spectrum watermarking for multimedia. IEEE Trans. Image
Processing , 6(12) , pp. 1673-1687.S. Zhang, C. Zhu, J. K. O. Sin, and P. K. T. Mok, “A novel ultrathin elevated channel low-temperature poly-Si TFT,”
IEEE Electron Device Lett., vol. 20, pp. 569–571, Nov. 1999.
4. R. G. van Schyndel, A. Z. Tirkel, and C. F. Osborne, “A Digital Watermark,” Proc. IEEE Int’l. Conf. Image Processing, vol. 2, 1994, pp. 86–90.
5. Arjun Kumar, Byung Gook Lee, HoonJae Lee, Anu, “Secure Storage and Access of Data in Cloud Computing”, IEEE2012, P. 336-339..
6. J Darbon, B Sankur, H Maitre, Error correcting code performance for watermark protection. Secure. Watermark. Multimedia Contents 3 SPIE 4314, 663–
672 (2001).
7. S. Wang and S. Dey, “Adaptive Mobile Cloud Computing to Enable Rich Mobile Multimedia Applications,” IEEE Trans.Multimedia, vol. 15, no. 4, June
2013, pp. 870–83.
8. G. C. Clark Jr. and J. B. Cain,Error-Correction Coding for DigitalCommunicationsSpringer, 1981.
9. S.B.WickerandV.K.Bhargava,Reed-Solomon codes and theirApplications IEEE Press, 1994.
10. I. J. Cox, M. L. Miller, J. A. Bloom, J. Fridrich, and T. Kalker,Digital Watermarking andSteganographyMorgan Kaufmann Publishers, 2008.
11. S. Sengupta, V. Kaulgud, and V. Sharma, “Cloud computingsecurity–trends and research directions,” in 2011 IEEE World Congress on Services
(SERVICES). IEEE, 2011, pp. 524–531.
12. Hamburger, Ellis. "Google Drive vs. Dropbox, SkyDrive, SugarSync, and others: a cloud sync storage face-off." The Verge, 2012.
13. Jens-Matthias Bohli, Nils Gruschka, Meiko Jensen, Luigi Lo Iacono, and Ninja Marnau, “Security and Privacy Enhancing Multi-Cloud Architectures”,
IEEE Transaction on Dependable and Secure Computing, July/August 2013.
14. Mohammed A. AlZain, Eric Pardede, Ben Soh, James A. Thom, “Cloud Computing Security: From Single to Multi-Clouds”, IEEE 45th Hawaii
International Conference on System Sciences,IEEE,2012.
15. J.-M. Bohli, M. Jensen, N. Gruschka, J. Schwenk, and L.L.L. Iacono, “Security Prospects through Cloud Computing by Adopting Multiple Clouds”, Proc.
IEEE Fourth International Conference on Cloud Computing (CLOUD), 2011.
16. Selvakumar G. Jeeva Rathanam M. R. Sumalatha ,“ PDDS - Improving Cloud Data Storage Security Using Data Partitioning Technique”, IEEE,2012.
Sujit et al., International Journal of Advance Research in Computer Science and Management Studies
Volume 4, Issue 6, June 2016 pg. 223-231
© 2016, IJARCSMS All Rights Reserved ISSN: 2321-7782 (Online) Impact Factor: 6.047 231 | P a g e
17. Akash Kumar Mandal, Mrs. Archana Tiwari, “Performance Evaluation of Cryptographic Algorithms: DES and AES”, in Proceeding of 2012 IEEE
Students’ Conference on Electrical, Electronics and Computer Science, IEEE 2012.
AUTHOR(S) PROFILE
Sujit Laxman Thorat, received B.E. degree in ComputerEngineering from Pravara Rural Engineering
College, Loni in Pune University and PG Diploma in DAC from IACSD, Pune in 2011 and 2012,
respectively. Currently, he is pursuing M.E. Degree from G. S. Moze College of Engineering, Balewadi,
Pune. Also, he is working as Software Developer in Opulent Infotech Pvt. Ltd. Company from October
2015.
Prof. Pradnya R. Patange, received B.E. degree in Computer Engineering from Govt. College of
Engineering, Karad. After graduation, she has completed M.Tech in IT Engineering from Bharati
Vidyapeeth College of Engineering, Pune. Now, she is working as Assistant Professor in I.T. Department
in G. S. Moze College of Engineering with 10 Years of experience.