DATA STORAGE SECURITY IN CLOUD COMPUTING

By

Author

Presented To

Department of Computer Science

1.2     Background of Study

Several trends are opening up the era of Cloud Computing, which is an Internet-based development and use of computer technology. The ever cheaper and more powerful processors, together with the software as a service (SaaS) computing architecture, are transforming data centers into pools of computing service on a huge scale. The increasing network bandwidth and reliable yet flexible network connections make it even possible that users can now subscribe high quality services from data and software that reside solely on remote data centers.

Moving data into the cloud offers great convenience to users since they don’t have to care about the complexities of direct hardware management. The pioneer of Cloud Computing vendors, Amazon Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2) are both well known examples. While these internet-based online services do provide huge amounts of storage space and customizable computing resources, this computing platform shift, however, is eliminating the responsibility of local machines for data maintenance at the same time. As a result, users are at the mercy of their cloud service providers for the availability and integrity of their data. Recent downtime of Amazon’s S3 is a good example. From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons.

Firstly, traditional cryptographic primitives for the purpose of data security protection cannot be directly adopted due to the users’ loss control of data under Cloud Computing. Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the cloud and the demand of long term continuous assurance of their data safety, the problem of verifying correctness of data storage in the cloud becomes even more challenging. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is very important. However, this dynamic feature also makes traditional integrity insurance techniques futile and entails new solutions. Last but not the least, the deployment of Cloud

Computing is powered by data centers running in a simultaneous, cooperated and distributed manner. Individual user’s data is redundantly stored in multiple physical locations to further reduce the data integrity threats. Therefore, distributed protocols for storage correctness assurance will be of most importance in achieving a robust and secure cloud data storage system in the real world. However, such important area remains to be fully explored in the literature.

1.3    Statement of Problem

Cloud computing as a new innovation and ultimate solution for utility and distributed computing on Web Applications has been used by billions of users across the globe since its inception. Its implementation and impact cut across several fields, disciplines and businesses across the globe. Nevertheless, cloud computing have been bedeviled by certain obstacles, the goal of this research study is to discern the factors affecting performance and provide some solutions or guidelines to cloud users that might run into performance problems:

1.  Integrity and protection of information deployed or stored in the cloud domain as opposed to the traditional approach of information storage.

2.           Ability to transform data from diverse sources into intelligence and deliver intelligence information to right users and systems.

3.           The need for load balancing and traffic control when multiple users access the cloud service.

4.           Need to address the scalability issue: Large scale data, high performance computing, automaton, response time, rapid prototyping, and rapid time to production.

5.           Security, privacy and trust issues from the end users of cloud services.

6.           Adopting cloud as a platform to enhance a vibrant business intelligence environment.

1.4  Aim and Objectives

The aim of the research work is to design a data storage security system that provides solution to factors affecting performance, security and reliability in the cloud computing domain.

This research study has the following objectives:

1.           To offer a controlled approach for the problem of security, privacy and trust issues from the end users of cloud services.

2.           To offer a benchmark for the amount of resources users can store in the cloud service which solves the problem of scalability and load balancing.

3.           To offer provision of on-demand utility to users of the cloud service at a quick response time.

1.5  Significance of the Study

The application of Information technology cuts across every facet of human endeavor (Izevbizua, 2013).  The significance of this research study is:

1.    It offers guarantee on the quality of cloud computing services.

2.    It offers an easy information sharing platform for the users.

3.    It highlights and solves the problem of multi-tenancy (where a single application instance may serve hundreds of users or subscribers).

4.    It offers a measured security of information stored in the cloud domain.

1.6  Limitations of the Study

This study is constrained by certain factors which constitute limitations of the study:

1.           The problem of data size limit assign to subscribers of the system may not allow users to deploy as much resources as they desire to store and share among other users.

2.           The expense of acquiring a space on the cloud service provider was tasking initially. This lead to the concentration of the study to some restricted scope.

3.           The measure of resource security within the cloud domain may not suit users; which gives room for improvement of resource security in further research.

1.7  Definition of Terms

Server: It is any combination of hardware or software designed to provide services to clients.

Client: It requests and consumes the services provided by another having the role of server.

Virtualization: It is the ability to separate the OS from the hardware that operates it.

Private Cloud: It is an approach for designing, implementing and managing servers, applications and data center resources by reducing complexity, increasing standardization and automation, and provide elasticity.

Web Application: It is any software application that depends on the Web for its correct execution.

PHP: Hypertext Preprocessor is a server-side scripting language designed for web development as well as general purpose programming language.

DBMS: Database Management System is a computerized record keeping system that comprises collection of data organized to service many applications at the same time