Data Security in Cloud Computing
Data Security in Cloud Computing
Volume 7, Issue 12, December – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Data Security in Cloud Computing
Zeel B Dabhi Akanksha Kulkarni
MCA DS Ajeenkya DY Patil University
School of Engineering Pune(MH) 412105
Ajeenkya DY Patil University
Pune (MH) 412105
Abstract:- The importance of data security has been a 4. Meaured services:-Pay according to the servers you use.
significant problem in information technology. Because 5. Rapid easily The ability to instantly deploy resources in the
the data is spread out all over the place in the field of cloud as needed by the company (and remove them when they
technology, it becomes extremely problematic. Users' are no longer needed) is one of the best aspects of cloud
primary worries regarding cloud computing are related computing.
to data security and privacy security. Despite the fact that 6. No maintenance /easy maintenance
numerous approaches to the issue of cloud computing 7. Security:- copy of over data on various service. If one fails,
have been studied in academic research and clinical trials, data is secure on the other.
data security and privacy protection are becoming
increasingly crucial for the future use of cloud computing Cloud data security is a technological mix. solutions,
technology in business, industry, and government. In the policies, and procedures that you implement. to protect cloud-
cloud architecture, concerns about data security and based applications and systems, along with the associated
privacy security apply to both hardware and software. data and user access. resources for hardware and software in
This research aims to improve data security and privacy data centres that provide a variety of services across a
security for a reliable cloud environment by examining network or the Internet to satisfy user’s demand [2].
various security strategies and exceptions from both
software and hardware aspects for securing data in the The simplify of cloud computing from the National
cloud. a comparison of the study that has already been NIST is the National Institute of Standards and Technology,
done on the data security and privacy security methods A shared pool of reconfigurable computing resources (such
utilised in cloud computing. as networks, servers, storage, etc.) that can be instantly
deployed and released with minimum administration effort or
Keywords:- Cloud Computing, Data Security, Privacy, and service provider involvement is made possible by cloud
Data Protection. computing. Cloud computing offers quick on-demand
network access to a pool of adjustable resources that are
I. INTRODUCTION shared. computing assets. Assets turn to computing
applications, network assets, platforms, software services,
In Simple Terms, It means storing, managing and virtual servers, and computing infrastructure.
accesing the data and program on the remote servers that are
hosted on internet instead of computers hard drive [1]. Cloud computing is very optimistic for the IT
applications; however, there are still some complication to be
For example, Google Cloud, AWS (Amazon Web solved enabling individuals and businesses to store data and
Service), IBM Cloud, etc. find applications in the cloud computing environment. Data
security is one of the most crucial boundaries to establish and
Characteristics of cloud computing:- is governed by problems like permission, privacy, trust, and
1. On-Demand Self-Service: A customer can request and legal considerations. a portion of institutions and institutional
obtain access to a service without the need for a manual development is close to privacy and security when using the
response from an administrator or other support staff. cloud.
2. Bread network access:- The service can be accessed from
any location. Data security has always been a big problem in IT.
e.g. any where access & anytime. Because data are stored separately on servers, PCs, and a
3. Resourse pooling:- Resource can be storage, memory, variety of mobile devices including wireless sensor networks
virtual machine. computing has been envisioned as the and smartphones, data security becomes a top priority in the
upcoming generation paradigm in computation surrounding, cloud computing environment. Compared to on-premises
both Applications and resources are made available as security, cloud computing data security requires more work.
services through the Internet. It can be any servers which can established information systems. The specific controls and
be consumed by cloud users. Resource pooling means that technologies used to enforce.
multiple customers are server from the some physical
resources.
IJISRT22DEC1013 www.ijisrt.com 982
Volume 7, Issue 12, December – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Information governance. They are classified below:
Detecting and preventing data migrations to the cloud
include to the internal data migration and movement to the
cloud and second is protecting data moving to the cloud
include to the application/client encryption both proxy-based
encryption and link/network encryption. Keeping cloud data
secure is content discovery, laaS Encryption, PaaS
encryption, saaS encryption.
Cloud computing immaterial provides two basic types
of functions: computing and data storage. data storage, data
keep safe and security are the primary factors for acquire
user’s trust and making the cloud technology successfully Fig 1 Data Integrity
used. A number of data protect and data security techniques
have been put forward in the research field of using the cloud. III. DATA CONFIDENTIALITY
In this section, we'll examine several security measures Data access is reportedly controlled by usage. The
and issues related to protecting users' privacy and data storage method through which users save their personal data in the
in the cloud computing environment. The facility employed cloud is crucial for maintaining confidentiality of data.
in cloud computing is discussed in this study in relation to Access control and authentication methods are used to ensure
previous research work on data security issues, including data information security. The issues with data confidentiality,
integrity, privacy, and availability. Because data privacy authentication, and access control in cloud computing could
generally goes hand in hand with data security, cloud be remedied by improving cloud reliability and
technologies and data privacy problems are also investigated. trustworthiness. Information is most valuable asset you
By protecting data in the cloud computing sector, relevant posses.
research on data security and privacy may assist to increase
the user's confidence. Proprietary information means about ownership and
handle with equal care. confidential information is
II. DATA INTEGRITY access/distribution is restricted.
One of the most important components of any Access/distribution rights is who, what, where, when,
information system is data integrity. Data integrity is the how. Confidentiality levels Is most important part in data
absence of unauthorised data production, modification, or confidentiality.
deletion. With a single database, data integrity may be readily
accomplished in a unique system. Database constraints and Confidentiality levels is electronic documents, fast to
transactions, which a database management system normally create/distribute. Preface with “CONFIDENTIAL”.
completes, ensure data integrity in one system (DBMS).
Transactions should follow the ACID (atomicity, Practical confidentiality restrictions is only use it for its
consistency, isolation, and durability) requirements to ensure stated purpose. Only disclose it to parties with its stated
data integrity. Most databases are capable of handling ACID purpose. Delete it upon request or after its stated purpose.
transactions and maintaining data integrity. control the access
to data in accordance with utilised. It is the method through You must know its propose and affiliated parties.
which a system decides how much access a specific Preface with “CONFIDENTIAL TO CEO, CFO, ….”
authorised user should have to its secure resources. In a cloud
system, preserving data integrity entails information integrity One is homomorphic encryption. Encryption is frequently
protection. The data shouldn't be lost or changed by used to safeguard the confidentiality of data. Homomorphic
unauthorised users. Data integrity is the cornerstone for encryption was recommended as a sort of encryption scheme
providing cloud computing services like SaaS, PaaS, and by Rivest et al.
IaaS. Therefore, cloud computing environments typically
offer data processing services for large-scale data storage. An encrypted database and search. Researchers are
Data integrity can be offered through techniques like digital currently concentrating on the applications of the limited
signatures and RAID-like systems. The prerequisite for homomorphic encryption algorithm in the cloud environment
deploying applications is to remotely check the accuracy of due to the inefficiency of the homomorphic encryption
data in the cloud. Growth et al By integrating error detection technique. A frequent procedure is encrypted search.
and remote data integrity checking correcting code with spot-
checking, the theoretical framework "Proofs of
Retrievability" was presented. The HAIL system employs the
POR mechanism to investigate how data is kept in various
clouds.
IJISRT22DEC1013 www.ijisrt.com 983
Volume 7, Issue 12, December – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Data availability example:-
Fig 2 Data Confidentiality
A. Distributive Storage.
A potential strategy in the cloud context is distributed
data storage. AlZain et al. highlighted issues with data
privacy security, as well as data integrity, infiltration, and
service availability in the cloud. Storing data across many
clouds or cloud databases is one way to ensure data integrity.
According to the designed active measurement, Arfeen et al.
describe how cloud computing resources are distributed. The
system architecture, the unique pathways for incoming and
outgoing traffic, and progressively adjusting the resource Fig.3 Data Availability Example
allocation in accordance with user demands form the
foundation of the personalised measuring approach. Dependable storage contract Some of the user's update
data may be deleted by the cloud service providers, which is
B. Hybrid Method. a frequent anomalous behaviour of untrusted storage and
For data security and integrity, a hybrid methodology is difficult to monitor only depending on the simple data
put forth that makes use of both key sharing and encryption. A good storage agreement must also let numerous
authentication methods. The connection between the user and users to modify data simultaneously. Mahajan et al. suggested
the cloud service provider may be made more secure by using Depot that can provide eventual consistency and fork-join
robust key sharing and authentication methods. causal consistency. It can assist the adoption of other safety
precautions in the trusted cloud storage environment and
IV. DATA AVAILABILITY successfully fend against assaults like discarding.
Data accessibility translates to: How much of a user's Feldman et al. proposed SPORC, which can implement
data can be utilised or retrieved in the event of an accident, the safe and reliable real-time interaction and collaboration
such as a network outage, IDC fire, or hard disc damage, as for multiple users with the help of the trusted cloud
well as how customers may independently check their data environment, and untrusted cloud servers can only access the
rather than just relying on the cloud service provider's credit encrypted data.
guarantee. Due to the fact that cloud suppliers are subject to
local regulations and as a result, cloud customers, the problem V. DATA AVAILABILITY AS PART OF DATA
of data storage across international servers is one that the MANAGEMENT
clients take very seriously. should be cognizant of those laws.
Different businesses have different levels of time
Users' faith in the cloud may be increased by finding sensitivity. Every firm wants their data to be as accessible as
data. Users can access transparent storage through cloud possible, but those that have a pressing need to restore data
storage, which can reduce cloud complexity but also limit availability immediately may need to make a sizable
users' ability to manage their data storage. Benson et al. investment in a system that can meet their requirements.
analysed the geographic replication proofs and were
successful in identifying the Amazon cloud data. Data availability issues should not be considered
resolved in a data management plan until they have been fully
handled.
IJISRT22DEC1013 www.ijisrt.com 984
Volume 7, Issue 12, December – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Fig.4 Data Availability Graph
Fig 5 Data Privacy
Reliability of Hard-Drive.
Currently, the primary storage medium in a cloud VII. CONCLUSION
environment is a hard disc. Hard disc dependability creates
the framework for cloud storage. Pinheiro et al. analysed the The newest and most promising technology for the next
hard disc error rate using hard drive history data. wave of IT applications is cloud technology. The analysis of
data and information is always the most important activity in
VI. DATA PRIVACY all businesses, and any company must lower the cost of data
processing and storage. for making decisions. Therefore, until
The use of data privacy in cloud computing enables the clients and cloud service providers can build trust with one
collection, archiving, transmission, and sharing of data via the another, no business will migrate its data or information to
internet without jeopardising the private of specific users' the cloud. More work needs to be done in the field of cloud
personal data. Customers usually are unaware of how the computing to win over users of cloud services. This study
processing of their cloud-stored personal data takes place. focused on how data is stored and used in the cloud for data
With the popularity of the cloud growing, data privacy is protection in cloud computing settings, looking at various
turning into a crucial aspect of cloud computing. data security and privacy solutions. to increase consumer and
cloud service provider trust.
By data privacy, we imply that no one else is viewing or
sharing your sensitive information that you post online. You ACKNOWLEDGMENT
may exchange data while maintaining the privacy of your
personal information. Prof. Akanksha Kulkarni of ADYPU has my sincere
gratitude for her insightful and helpful advice throughout the
Connect cloud computing with data privacy right now. inception and progress of this research project.
With the cloud's rising popularity, millions of people are
storing their personal, business, or both types of data online. REFERENCES
Many cloud users aren't even aware of the precise location of
the server hosting their data or the methods used to analyse it. [1]. R. Latif, H. Abbas, S. Assar, and Q. Ali, “Cloud
those computers. computing risk assessment: a systematic literature
review,” in Future Information Technology, pp. 285–
Privacy has the following elements. When: Rather than 295, Springer, Berlin, Germany, 2014.
worrying about past facts coming to light, a person may be [2]. A. Avizienis, J. Laprie, B. Randell, and C. Landwehr,
more concerned about facts from the present or the future. (ii) “Basic ˇ concepts and taxonomy of dependable and
How: While a user could feel comfortable if their friends secure computing,” IEEE Transactions on Dependable
individually ask them for information, they might not like and Secure Computing, vol. 1, no. 1, pp. 11–33, 2004.
getting regular and automated messages. (iii) Extent :A user [3]. Z. Mahmood, “Data location and security issues in
may choose that their information be reported as a general cloud computing,” in Proceedings of the 2nd
area rather than a specific area specific location. International Conference on Emerging Intelligent Data
and Web Technologies (EIDWT ’11), pp. 49–54, IEEE,
September 2011.
[4]. D. Sun, G. Chang, L. Sun, and X. Wang, “Surveying and
analyzing security, privacy and trust issues in cloud
computing environments,” in Proceedings of the
International Conference on Advanced in Control
IJISRT22DEC1013 www.ijisrt.com 985
Volume 7, Issue 12, December – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Engineering and Information Science (CEIS ’11), pp. [20]. M. A. Shah, R. Swaminathan, and M. Baker, “Privacy-
2852–2856, chn, August 2011. preserving audit and extraction of digital contents,”
[5]. A. Pandey, R. M. Tugnayat, and A. K. Tiwari, “Data IACR Cryptology EPrint Archive, vol. 186, 2008.
Security Framework for Cloud Computing Networks,” [21]. Z. Xiao and Y. Xiao, “Security and privacy in cloud
International Journal of Computer Engineering & computing,” IEEE Communications Surveys &
Technology, vol. 4, no. 1, pp. 178–181, 2013. Tutorials, vol. 15, no. 2, pp. 843–859, 2013.
[6]. D. A. Klein, “Data security for digital data storage,” [22]. N. Kshetri, “Privacy and security issues in cloud
U.S. Patent Application 14/022,095, 2013. computing: the role of institutions and institutional
[7]. M. Y. A. Younis and K. Kifayat, “Secure cloud evolution,” Telecommunications Policy, vol. 37, no. 4-
computing for critical infrastructure: a survey,” Tech. 5, pp. 372–386.
Rep., Liverpool John Moores University, Liverpool, [23]. P. Mahajan, S. Setty, S. Lee et al., “Depot: cloud storage
UK, 2013. with minimal trust,”ACM Transactions on Computer
[8]. S. Kardas¸, S. C¸ elik, M. A. Bingol, and A. Levi, “A Systems, vol. 29, no. 4, article 12, 2011.
new security ¨ and privacy framework for RFID in cloud [24]. A. J. Feldman, W. P. Zeller, M. J. Freedman, and E. W.
computing,” in Proceedings of the 5th IEEE Felten, “SPORC: group collaboration using untrusted
International Conference on Cloud Computing cloud resources,” in Proceedings of the 9th USENIX
Technology and Science (CloudCom '13), Bristol , UK, Conference on Operating Systems Design and
2013. Implementation (OSDI ’10), vol. 10, pp. 337– 350,
[9]. A. Behl, “Emerging security challenges in cloud 2010.
computing: an insight to cloud security challenges and [25]. E. Pinheiro, W.-D. Weber, and L. A. Barroso, “Failure
their mitigation,” in Proceedings of the World Congress trends in a large disk drive population,” in Proceedings
on Information and Communication Technologies of the 5th USENIX conference on File and Storage
(WICT ’11), pp. 217–222, IEEE, December 2011. Technologies (FAST '07), vol. 7, pp. 17–23.
[10]. D. Chen and H. Zhao, “Data security and privacy
protection issues in cloud computing,” in Proceeding of
the International Conference on Computer Science and
Electronics Engineering (ICCSEE '12), vol. 1, pp. 647–
651, Hangzhou, China, March 2012.
[11]. K. D. Bowers, A. Juels, and A. Oprea, “Proofs of
retrievability: theory and implementation,” in
Proceedings of the ACM Workshop on Cloud
Computing Security (CCSW ’09), pp. 43–53,
November 2009.
[12]. K. D. Bowers, A. Juels, and A. Oprea, “HAIL: a high-
availability and integrity layer for cloud storage,” in
Proceedings of the 16th ACM conference on Computer
and Communications Security, pp. 187–198, ACM,
Chicago, Ill, USA, November 2009.
[13]. J. Schiffman, T. Moyer, H. Vijayakumar, T. Jaeger, and
P. McDaniel, “Seeding clouds with trust anchors,” in
Proceedings of the ACM workshop on Cloud computing
security workshop (CCSW ’10), pp. 43–46, ACM,
October 2010.
[14]. D. H. Rakesh, R. R. Bhavsar, and A. S. Thorve, “Data
security over cloud,” International Journal of Computer
Applications, no. 5, pp. 11–14, 2012.
[15]. R. L. Rivest, L. Adleman, and M. L. Dertouzos, “On
data banks and privacy homomorphisms,” Foundations
of Secure Computation, vol. 4, no. 11, pp. 169–180,
1978.
[16]. C. Gentry, A fully homomorphic encryption scheme
[Ph.D. thesis], Stanford University, 2009
[17]. N. Leavitt, “Is cloud computing really ready for prime
time?” Computer, vol. 42, no. 1, pp. 15–25, 2009.
[18]. P. Mell and T. Grance, “The nist definition of cloud
computing,” National Institute of Standards and
Technology, vol. 53, no. 6, article 50, 2009.
[19]. F. Berman, G. Fox, and A. J. G. Hey,Grid Computing:
Making the Global Infrastructure a Reality, Volume 2,
John Wiley and sons, 2003.