Abstract: Application security is a Major problemfacing by many organizations. In which application security is relatively easyto maintain. By knowing which type of application is used and how to use thisapplication in efficient manner by providing application security. In manycases this application is secure and harder to corrupt than in other sitespecific storage situation. For better Security purpose Temporal attributebased encryption method and multi keyword search encryption algorithm methodsare analyzed In this paper, We also discuss the different new techniques whichare suitable for privacy aware application intensive computing.
And also how toimprove the quality of services by providing efficient techniques that areobserved. Keywords: LSK, PSK, LOG.——————————————————————————————————–I INTRODUCTIONCloud computing is any hostedservice that is delivered over a network, typically the Internet. Integratedcloud computing is a whole dynamic.
1.1Cloud computing Service modelsComputing systemand has its advantages Cloud Services are divided into basically three parts.IaaS (includes the entire infrastructure stack), PaaS (sits on top of IaaS andadds an additional layer with application development capabilities andprogramming languages and tools), and SaaS (builds upon IaaS and PaaS andprovides a self contained operating environment delivering presentation,application, and management capabilities) 3. The advantages to the cloudcomputing service model will be discussed further in this section.1.1.1Infrastructure as a Service (IaaS)Thisis the base layer of the cloud stack.
It serves as a foundation for the othertwo layers, for their execution. The keyword behind this stack is Virtualization.Amazon EC2 is a good example of an IaaS. In Amazon EC2 (Elastic Compute Cloud)application will be executed on a virtual computer (also known as an instance).1.1.2.
Platformas a Service (PaaS)Platformas a service (PaaS) is a category of cloud computing services that provide acomputing platform and a solution stack as a service. Along with SaaS and IaaS,it is a service model of cloud computing. In this model, the consumer createsthe software using tools and/or libraries from the provider. The consumer alsocontrols software deployment and configuration settings. The provider providesthe networks, servers, storage and other services. PaaS offerings facilitatethe deployment of applications without the cost and complexity of buying andmanaging the underlying hardware and software and provisioning hostingcapabilities 2. There are various types of PaaS vendor; however, all offerapplication hosting and a deployment environment, along with various integratedservices. Services offer varying levels of scalability and maintenance.
PaaSofferings may also include facilities for application design, application 1.1.3. Softwareas a Service (SaaS)Software as aService is a method of providing users with software through the Internet 2,3.
The combination of using the Internet together with software services haveoccurred for some time, although the term describing this sensation have beenrelatively diffuse until recent years. Several of the most common uses of theseservices include e-mail clients (e.g., Hotmail and Gmail), anti-virus scans(e.g., Symantec, McAfee, and Kaspersky) and word processors (e.g., Google Docsand Adobe Buzzword).
These applications are not directly a collection of SaaSs,but the services they offer are. SaaS should not be seen upon as a way ofcreating software or its underlying architecture. SaaS is more of a businessmodel, which institutes a new way of distributing software. It is aboutdelivering web-based software over the Internet, where the user runs theapplication in a browser and only pays for the use of the software instead ofowning it.1.2Security IssuesThere are many security problemsoccurred in cloud computing.
Due to this type of security issues which affectsthe clients and there providers.1.2.1 Service LevelagreementCloudis applications delivered as services. Service-Oriented Architecture, thequality and reliability of the services become important aspects.
However thedemands of the service consumers vary significantly. It is not possible to fullall consumer expectations from the service provider perspective and hence abalance needs to be made via a negotiation process. At the end of thenegotiation process, provider and consumer commit to an agreement.
In SOAterms, this agreement is referred to as a SLA. This SLA serves as thefoundation for the expected Level of service between the consumer and theprovider. II METHODOLOGY2.
1 Accountability of abstraction Layer in Cloud Fig1. Abstraction Layers of Accountability in Cloud ComputingFigure 1 showsthe abstraction layers for the type of logs needed for an accountable cloudwhich stipulated three basic layers: workflow, Application and system layers.It is important to note that the focus is on the abstraction layers of logs andnot on architectural layers. Hence, the Trust Cloud framework is independent ofvirtual or physical environments, and consequently, the current cloud layers ofIaaS, PaaS and SaaS. Such explicit definition of layers allows us toefficiently identify the areas of their application and their focus areas. At aglance, the five layers look deceptively simple, but the problem is morecomplex than it looks. Each layer has a slightly different focus, and differentset of sub-components for each context. Our model simplifies the problem andmakes accountability more achievable.
The usefulness of abstraction layers isalso analogous to OSI and TCP/IP networking layers. Let us now discuss theresearch issues, scope and scale of each Trust Cloud framework layer:2.1.1 SystemLayerVariousComponents working under the system layer are as follows.
· OperatingSystems (OS)OSsystem and event logs are the most common type of logs associated with cloudcomputing at the moment. However, these logs are not the main contributingfactor to accountability of Application in the cloud, but a supporting factor.This is because in traditional physical server environments housed withincompanies, the emphasis was on server health, system status and ensuringuptime, as server resources are limited and expensive to maintain. In cloudcomputing, resources are relatively inexpensive and appear to end-users asthough they were unlimited. OS logs, while important, are no longer the topconcern of customers. · FileSystemsEventhough the file system is technically part of the OS, we explicitly include itas a major component in a file-centric system layer. This is because, in orderto know, trace and record the exact file life cycles, we often have to tracksystem read/write calls to the file system. From the system read/write calls,we can also extract the files’ virtual and physical memory locations, providingmore information for further forensics.
2.1.2Application Layer·Provenance LoggerToenable reasoning about the origins, collection or creation, evolution, and useof Application, it is essential to track the history of Application, i.e., itsprovenance. Provenance information is often viewed as the foundation for anyreasonable model of privacy and trust. It enables validation of processesinvolved in generating/obtaining the Application and the detection of unusualbehavior. We also need to detect attempts to falsify provenance Application; toprotect Application owners as well as Application providers from exposingsensitive, important information indirectly through provenance logs; and toenable efficient querying of provenance Application.
Cloud computing-basedprovenance logging must fulfill the following criteria: (1) be secure andprivacy-aware (to ensure that the logs themselves cannot be tempered with or bea source for knowledge inference); (2) be (eventually) consistent andcomplete (3) betransparent/non-invasive; (4) be scalable, e.g. avoid exponential explosion ofprovenance Application through application of summarization techniques; (5) bepersistent over the long term; (6) allow for multiple tailored views (to permitaccess based on roles with different access Privileges); and (7) be efficientlyaccessible. · Consistency LoggerWhilecurrent cloud providers typically support a weaker notion of consistency, i.e.,eventual consistency, it is important to have mechanisms to allow for rollback,recovery, replay, backup, and restoring of Application.
Such functionality isusually enabled by using operational and/or transactional logs, which assistwith ensuring atomicity, consistency, and durability properties. Logs have alsobeen proven useful for monitoring operational anomalies. While these conceptsare well established in the domain, cloud computing characteristics such aseventual Consistency, “unlimited” scale, and multi-tenancy pose new challenges.In addition, secure, privacy-aware mechanisms must be devised not only forconsistency logs but also for their backups.2.1.3 Workflow LayerTheworkflow layer focuses on audit trails and audit related Application found inthe software services in the cloud.
2.1.4 AutomatedContinuous AuditingWiththe promise of high performance computing power from cloud architectures, weforesee automated auditing of financial and business process transactions inthe cloud. Auditability is a prerequisite for such a step. However, achievingauditability via methods such as continuous auditing 4 within a highlyvirtualized environment is a very difficult and complex task. There needs to beconsideration not only of the auditing of business logic and control flows, butalso of the applications.
2.1.5 PatchManagement AuditingThere is also aneed for auditing of the management of virtual machine image bug fixes,patching and upgrades in a cloud environment. The scale of patching anddeployment within the cloud environment is massive, and the associated logsneed to be highly auditable for proper troubleshooting, playbacks andaccountability of the technical staff performing these activities.III PROPOSED ENHANCEMENT3.
1 Temporal attribute-based Encryption for CloudComputing• A: the set ofattributes A = {A1, · · · ,Am};• Ak(ti, tj):the range constraint of attribute Ak on ti, tj , i.e., ti ? Ak ? tj ;• P: the accesscontrol policy expressed as a Boolean function on AND/OR logical operations,generated by the grammar: P ::= Ak(ti, tj)|P AND P|P OR P;• L: the accessprivilege assigned to the user’s license, generated by L ::= {Ak(ta, tb)}Ak €A;• APK: thepublic key over A;• LSK: theprivate key with L;• MSK: themaster key presided by system managers;• CP: the ciphertext header over P;• SK: thesession key used to encrypt the Application by symmetrical encryption scheme.The definitions of P and L can meet the basic requirements of dual temporalexpressions. We focus on the temporal access control and encryption process incloud computing. 3.
2 Temporalattribute based encryption algorithmSecureinformation management architecture based on emerging Temporal attribute-basedencryption primitives. A policy system that meets the needs of complex policiesby following algorithmStep 1: StartStep 2: Setup(1?, A): Takes a security parameter ? as input, outputs the master key MSK and The public-keyAPK;Step 3:GenKey(MSK,uk,L): Takes the user’s ID number uk as input, the access privilegeL and MSK, outputs the user’s private key LSK;Step 4: Encrypt(APK, P): Takes a temporal access policy P and PK as input, outputs the ciphertext header CP and a random session key SK; Step 5: Decrypt(LSK, CP): Takes a user’s private key LSK, and a cipher text header CP asinput, outputs a session key SK.Step 6: Stop method.
So due to this strong encryption we justify actually what to show and what notto show are other core functionalities that will be done by this Method. Security is one main concern forcloud-computing applications, when a user application which is owned by cloudservice provider. In this paper We analyze challenging problem ofprivacy-preserving multi-keyword ranked search over encrypted cloud application(MRSE), and establish a set of strict privacy requirements for such a securecloud application utilization system to become a reality.
Among variousmulti-keyword semantics, we choose the efficient principle of “coordinatematching”. We first define the security requirements for the given problem ofapplication security and then employ a secure usage of different technique forapplication scenarios. Where total number of keywords that can be searched isrelatively limited and there are only few search terms in a query by using atrapdoor based system also to prevent the cloud server from learning additionalinformation from the application and the index, and to meet privacyrequirements.IVCONCLUSIONSecurity is onemain concern for cloud-computing applications, when a user application which isowned by cloud service provider. In this seminar We analyze challenging problemof privacy-preserving multi-keyword ranked search over encrypted cloudapplication (MRSE), and establish a set of strict privacy requirements for sucha secure cloud application utilization system to become a reality. Amongvarious multi-keyword semantics, we choose the efficient principle of”coordinate matching”.
We first define the security requirements for the givenproblem of application security and then employ a secure usage of differenttechnique for application scenarios. Where total number of keywords that can besearched is relatively limited and there are only few search terms in a queryby using a trapdoor based system also to prevent the cloud server from learningadditional information from the application and the index, and to meet privacyrequirements.V REFERENCES1 SmithaSundareswaran, Anna C.
Squicciarini, Member, IEEE, and Dan Lin, “Ensuring Distributed Accountability for Data Sharingin the Cloud”, IEEE Transactions on Dependable and Secure computing, Vol. 9,No. 4, pp. 556 – 568, July/August 2012. 2 Lv, H.
and Y. Hu, “Analysis and Researchabout Cloud Computing Security Protect Policy”, In proceeding of the InternationalConference intelligence Science and Information Engineering, pp. 214-216, 2011. 3 Mathisen,E., “Security Chalenges and solutions in Cloud Computing”, in proceeding of theIEEE International Conference and Digital Ecosystem and Technologies, pp.208-212 4 John C.Roberts II, and Wasim Al-Hamdani “Who Can You Trust in the Cloud? A Review ofSecurity Issues Within CloudComputing”.5 Ateniese, R.
Burns, R. Curtmola, J. Herring, L. Kissner, Z.
Peterson, and D. Song, “ProvableData Possession at Untrusted Stores,” Proc. ACM Conf. Computer and Comm.Security, pp.
598-609, 2007.6P. Ammann and S.
Jajodia, “Distributed Timestamp Generation in Planar Lattice Networks”ACM Trans. Computer Systems, vol.11,pp. 205-225, Aug. 1993.7 Madhan Kumar Srinivasan, K Sarukesi , Paul Rodrigues, Sai Manoj M, and Revathy P, “State of the art Cloud Computing Security Taxonomies aclassification of Security Challengesin the present Cloud Computing Environment”, International Conference on Advancesin Computing, Communications and Informatics.8S. Yu, C.
Wang, K. Ren, and W. Lou. “Achieving Secure, Scalable, andFine-grained Data Access Control in Cloud Computing”. In Proceedings of IEEEINFOCOM, pp.
534-542, 2010.