security of cloud storage and cloud...
Post on 04-Oct-2018
226 Views
Preview:
TRANSCRIPT
SECURITY OF CLOUD STORAGE AND
CLOUD COMPUTING
GIRI PRANEETH KOMMALAPATI
VENKAT RAMAN SRIPERUMBUDUR
ECE 646
Final Presentation
George Mason University
Introduction
Save and access the files online.
Data stored in the cloud can be accessed from anywhere.
There are many security threats faced by the User and the Cloud
Service Provider.
This cloud storage can be trusted when there is enough security from
the server side.
There are many security issues with the cloud computing. These
security concerns are faced by both the providers and the consumers.
In order to protect the data, the providers/organizations must ensure
that the infrastructure is secure and the data of the consumers must be
protected.
The consumers must also be careful in selecting their passwords.
MOTIVATION
There is a huge amount of data that is stored in the cloud. Over the
years many popular cloud services like Dropbox, Amazon cloud
service, iCloud, etc. have been attacked by the hackers.
Hackers attack the cloud and steal the information of many users.
Although there are many attacks on the cloud, it is very important to
store the sensitive data due to its huge advantages.
Reducing or eliminating the problem of loosing sensitive data
through reliable security at the client side.
Fundamental services like confidentiality, availability, integrity and
reliability are required for the consumers which are rendered by the
CSP.
Hypothesis
Main focus is on the analytical assessment of deployment of
cryptools to safeguard the data. Some services a CSP must render
are-
Confidentiality: The data stored by the consumer must not be
accessed by any other person including the service provider.
Availability: The data must be accessible from anywhere from any
computer/mobile phones, etc.
Integrity: The data must not be modified by anyone other than the
consumer by maintaining data integrity.
Reliability: Data backup is a reliable task.
CRYPTOOLSThe tools which we are using out of many for encryption are:
• SharedSafe Launcher for Windows
• Cloudfogger for Mac
• BoxCryptor for Windows
• Viivo SecretSync for Android
• AES Crypt for Windows
• Disk Cryptor for Windows
SHAREDSAFE LAUNCHER
• simple way to share files on our FTP, e-mail, Dropbox with friends
& co-workers.
• encrypts files with the well known AES-256 (Advanced Encryption
Standard) and is an Open Source with client side encryption.
• protects files and file names before uploading.
• automatically shares files in the background and is available to
operate offline.
• Encryption key is sent to receiver safely.
Step-2
• Password created
and safekey
generated.
• Folder syncs
automatically
• Client-side
encryption
BOXCRYPTOR
• Fast and easy Encryption
• available for all the cloud storage providers like Dropbox, Sky drive, Google Drive, etc.
• supports all the clouds that use the WebDAV standard such as Cubby, Strato HiDrive and Owncloud.
• PGP can be used for sharing the files.
• It creates a Virtual Drive on our computer that allows us to encrypt our files locally before uploading them to the cloud.
• Boxcryptor uses the AES-256 and RSA-4096 encryption algorithms.
BOX CRYPTOR ENCRYPTION (SERVER SIDE)
AENCRYPTIONENCRYPTED FILE
---------------------
ENCRYPTED KEY
AES-256
KEY
ENCRYPTION
With RSA
public key
FILE
CLOUD
BOX CRYPTOR DECRYPTION
A
RSA KEY
DECRYPTION
AES 256
DECRYPTION
PASSWORD
PRIVATE KEY
AKEY
ENCRYPTED FILE
---------------------
ENCRYPTED KEY
DECRYPTION
FILE
CLOUD
VIIVO
• VIIVO is a client side encryption tool used in android operating
system.
• uses RSA 2048 and AES 256 algorithms to encrypt the data by creating
an RSA key pair.
• The private key is secured with the password using PBKDF2
(Password-Based Key Derivation Function 2).
• The files are encrypted using AES-256 before they are uploaded in to
the cloud.
• Most widely used by accountants, attorneys and Govt. & Health Care
in the country.
VIIVO ENCRYPTION
RSA PRIVATE KEY
PASSWORD
(PBKDF2)ENCRYPTED KEY
FILE
ENCRYPTED FILE
(USING
AES-256)
CLOUD
AES CRYPT
• AES encrypts files using AES encryption.
• Files encrypted on one platform can be decrypted in other
platforms.
• After encrypting the files locally we have to upload them to the
cloud.
DISKCRYPTOR
• It offers encryption for all disk partitions.
• It uses AES-256, Twofish, Serpent and also their combinations.
• By cascading the algorithms, even if one algorithms is broken
the data will be safe.
CLOUDFOGGER
• Cloudfogger for MAC allows manual encryption and decryption of files.
• Uses AES-256 and RSA-4096 algorithm for the encryption of files.
• Private key is encrypted using the RSA-4096 algorithm.
• Files are encrypted using AES-256 algorithm.
Observations
• BoxCryptor secures the file that are uploaded into dropbox by encrypting
them with a safe key.
• SharedSafe is used for sharing the files and file names securely using safe
key.
• SharedSafe when a file is uploaded, it’s then encrypted and sent to a folder
called My Safes.
• All the cryptools uses RSA-4096 and AES-256 algorithms for encryption
of keys and files respectively.
• Cloud Fogger also uses same encryption algorithms at the client side.
• AES Crypt can be used to encrypt the files locally.
• Security mechanisms of all the tools are identical.
• Data can be shared using all the tools except AES Crypt and Disk Cryptor.
TOOL ENCRYPTION ALGORITHM
USED
SHARING PLATFORM
Boxcryptor Client Side RSA 4096
AES 256
YES Windows, MAC,
iOS, Android
Viivo Client Side RSA 4096
AES 256
YES Windows, MAC,
iOS, Android
Sharedsafe Client Side RSA 4096
AES 256
YES Windows,
MAC
Cloudfogger Client Side RSA 4096
AES 256
Yes Windows, MAC,
iOS, Android
AES Crypt Single file
encryption Tool
AES NO Windows, MAC,
Linux
DiskCryptor Local drive
encryption Tool
AES-256,
Twofish,
Serpent
NO Windows
CONCLUSIONS
• Client side encryption is important before uploading data to the cloud.
• Through the analytical assessment of the cryptools, we found boxcryptor to
better for encryption in various terms of confidentiality, availability,
reliability and ease of use.
• All the cryptools have the same algoriths in common, i.e., the RSA for key
encryprion and AES for file encryption.
top related