MULTITENENCY

By Manvendra Priyadarshi,

WHAT IS MULTITENENCY?

Multitenancy is the name given to a

software architecture in which one

instance of an application, running

on a remote server, serves many

client organizations (also known

as tenants).

PURPOSE

The issue related to multitenency lies with the leakage of data

(unauthorized access using unfair means). So, the main aim for this article would be to provide a secure way to access online services

without much worries about data exposure. The research work

which I have done deals with two different aspect or way of

securing data.

SIGNIFICANCE

The most important significance of this presentation lies in the believe which the user will get as their data are getting much more secured. There are billionsof users on internet exposing their data without much concern of its security, could easy become a victim of data leaking. There are much care taken in by different I.T. (Information Technology) companies to ensure appropriate way to protect their user’s data. But still there are many ways available to bypass this protection. Nowadays, people moreover put much interest in hacking accounts of others but no one put a concern to think about its security.

On 9th September, 2014 – There were 4.93 million Gmail addresses and passwords hacked belonging to England, Russia & Spanish users. The combination of Gmail addresses and passwords were posted online as stated by some security experts.

The above news do give an appropriate evidence that people are much more involved in hacking as compared to provide much more security. That’s why this work of ensuring security should be given much more care.

METHOD

Now it’s a time to put light to the solution to the issue of data leaking. I have two different ways to ensure the security. To recognize the machine there used to be unique MAC (Media Access Control Address) address which can be considered to be name given to a machine. The data is transferred from sender to the server and then server sends that data to the receiver. The first way to ensure security is by transferring data by recognizing a particular MAC address i.e. if we are transferring data from Machine1 to Machine2 then the data center should be having information that from which MAC address the data is being send and to which MAC address it needed to be transferred. The server needed to retrieve the MAC addresses of sender and receiver and make sure that the data would only transferred between these MAC addresses. If some interruption occurs then data should be lost so that it cannot be retrieved from third – parties and an acknowledgment should be provided to the sender on transferring status. This can ensure the users to know what happened to their data.

The another solution to the issue lies related to the browser we use. As per my research, the browser checks for invalid log in information using either JavaScript or JQuery Validation (even we can use ASP.Net to get validation). This is being done just to make the server much involved in valid input, so that the server is not busy in validating the information otherwise server will be down handling lots of validation on one hand and transferring data on other hand. So, as I came to know about this, I thought to have a security pin check within the browser. As we all know that we do have a pin code which generally be of four digits of our ATM card which make validate the valid user by validating it. Likewise, the browser should have a security pin to access social networking sites so that only the valid browser user access that particular social networking site. By using this technology, if somehow an account is hacked then also it can’t be accessed without that valid security code which that particular browser kept stored. Only the valid user with that browser can be able to access that account.

SCOPE

As what I discussed here in this presentation, there are two different ways

indicated which can enhance the protection of data on Internet. But

there are some limitations which lies in those concerns. Firstly, the way of

referencing the MAC address to send data has a limitation which is that

the data will be lost if there would be any interruption while transferring

the data. This can lead to wastage of informative data and can lead to

e-wastage.

The another way in which there is a security pin to validate the valid user

within the browser can only provide access to a particular user who

already created the security pin in that particular browser and doesn’t

allow the user to use another browser which doesn’t have saved that

particular security pin. So, there would be limitation on the user to use their

own browser to access their account.

TECHNOLOGY USED BY DIFFERENT COMPANIESWebsite Database

Google BigTable

Facebook MySQL, HBase

YouTube MySQL, BigTable

Yahoo MySQL, PostgreSQL

Wikipedia MySQL, MariaDB

Blogger BigTable

Bing Microsoft SQL Server

Twitter MySQL

BigTable is a compressed, high performance, and proprietary data storage system built on Google File System.

HBase is an open source, non-relational, distributed database modeled after Google's BigTable and written in Java.

MySQL is the world's second most widely used open-source relational database management system (RDBMS).

PostgreSQL is an object-relational database management system (ORDBMS). As a database server, its primary function is to store data, securely and supporting best practices, and retrieve it later, as requested by other software applications.

MariaDB is a community-developed fork of the MySQL relational database management system, the importance being the community maintenance of its free status under the GNU GPL.

Microsoft SQL Server is a relational database management system developed by Microsoft. As a database, it is a software product whose primary function is to store and retrieve data as requested by other software applications.

ESTIMATED USERS VISITING MOST POPULAR“SOCIAL NETWORKING SITES”

Social Networking Sites

Facebook

Twitter

Linkedin

Google+

MySpace

Others

Unique Visitors

792,999,000

167,903,000

94,823,000

66,756,000

61,037,000

255,539,000

QUESTIONNAIRE

Rebeen Rebwar – Doing Master Degree from “Rochester Institute of Technology University” in New York, U.S.A.

First of all it’s a computing ethic issue and the protection issue. As a system administrator we should not trust any software to

use even firewalls. It depends on where you are standing. If you are working in a company, the company must have a tight

policy against those system admins that are responsible for data leak.

Peter Okinyi - Works at “Computer World” in Kitale, Eldoret.

In my opinion data leakage is on wider margin on network platforms so there is need to establish network security

measures like

firewall installations,anti-spywares or network lockdown in instances where it is possible.

Mohammed C Aejaaz Ahmed - Assistant Professor at “Chadalawada Krishnateja Educational Institution” in

Tirupati, India.

Always maintain separate passwords to all your devices and accounts all should have separate passwords.

Like most of the people will lose or forget their passwords so better to have them in a way only understandable to them.

Abhilash Jha - Studies at “UTM - The New Age University” in Shillong, India.

It’s not a good thing .By leaking of data we face many problems we can made a software which stop that

or any strict action should be taken by the government like they have to pay fine or any other.

Dhiraj Raj - Studies at “UTM - The New Age University” in Shillong, India.

Misuse of password : 18% of employees share passwords with their co – workers.

That rate jumps to 25% in China, India & Italy.

CONCLUSION

By the ways which has been discussed here in this article will

somehow make more secured transmission of data. In spite of limitations in the solution to the issue there is a very much

possibility of making online world more secure and comfortable

for the user to use without any worry. This can be a revolution in

the era of technology where authentication do have much importance. We can assure a safe network world with a better

ways. The smooth transmission would be an achievement to

world’s billions of users.

REFERENCES Robinson, B. (2014, September 10). Change YOUR Gmail password now! Google issues warning after hackers expose 5 million

account details on a Russian website. Mail Online. Retrieved September 12, 2014, 9:30 P.M., from http://www.dailymail.co.uk/news/article-2751238/Google-advises-users-change-passwords-hackers-expose-5-million-Gmail-usernames-passwords-Russian-website.html/

(2014, July 16). About multitenancy. Google Developers. Retrieved September 10, 2014, 10:20 P.M., from https://developers.google.com/appengine/docs/java/multitenancy/

(2014, June 10). Multitenancy. Wikipedia. Retrieved September 9, 2014, 5:45 P.M., from http://en.wikipedia.org/wiki/Multitenancy/

Wainewright, P. (2010, March 18). Security risks of multi-tenancy. ZDNet. Retrieved September 9, 2014, 6:45 P.M., from http://www.zdnet.com/blog/saas/security-risks-of-multi-tenancy/1007/

(2014, August 17). Programming languages used in most popular websites. Wikipedia. Retrieved September 10, 2014, 11:05 P.M., fromhttp://en.wikipedia.org/wiki/Programming_languages_used_in_most_popular_websites/

(2014, September 14). Social networking service. Wikipedia. Retrieved September 12, 2014, 10:00 P.M., fromhttp://en.wikipedia.org/wiki/Social_networking_service/

(2014, September 6). How to secure your Apple iCloud account. StorageServers. Retrieved September 13, 2014, 10: 20 P.M., from http://storageservers.wordpress.com/2014/09/06/how-to-secure-your-apple-icloud-account/

!!THANK YOU!!

Created by - Manvendra Priyadarshi,

B.tech student in Cloud Computing and Virtualization Technology

Email Id : Manvendradaredevil@gmail.com