1

SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM

A Dissertation Proposal submitted

By student mann to

Department CSE

In partial fulfilment of the Requirement for the

Award of the Degree of Master of Technology in

Under the guidance of

(Advisor) Month Year

CERTIFICATE

This is to certify that

has completed M.Tech dissertation

proposal titled SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM under my guidance and supervision. To the best of my knowledge, the present work is the result of her original investigation and study. No part of the dissertation p r o p o s a l has ever been submitted for any other degree or diploma. The dissertation proposal is fit for the submission and the partial fulfilment of the conditions for the award of M.Tech Computer Science & Engg.

Date:

Signature of Advisor

Name:

DECLARATION

I hereby declare that the dissertation p r o p o s a l entitled SECURITY IN CLOUD USING CAESAR CIPHER AND RSA ALGORTHIM submitted for the M.Tech Degree is entirely my original work and all ideas and references have been duly acknowledged. It does not contain any work for the award of any other degree or diploma.

Date:

I nvestigator

R eg No.

INTRODUCTION

In its broadest usage, the term cloud computing refers to the delivery of scalable IT resources over the Internet, as opposed to hosting and operating those resources locally, such as on a college or university network. Those resources can include applications and services, as well as the infrastructure on which they operate. By deploying IT infrastructure and services over the network, an organization can purchase these resources on an as-needed basis and avoid the capital costs of software and hardware. With cloud computing, IT capacity can be adjusted quickly and easily to accommodate changes in demand.

While remotely hosted, managed services have long been a part of the IT landscape, a heightened interest in cloud computing is being encouraged by maturing standards, the rise of hardware and software virtualization, and the push to make IT costs variable and transparent.

Cloud and cloud-like solutions appear to be widespread and growing in higher education, though in relatively focused areas, such as student e-mail. E-mail notwithstanding, higher education institutions are more likely to obtain new services from the cloud than to transition established services that have long been operated by the campus. Many colleges and universities see pockets of cloud service usage in other areas, often led by individual faculty or students looking for the added flexibility and convenience that the cloud can provide. Among the drivers that are encouraging more institutions to contemplate cloud services are budget pressures, calls for increased reliability of and access to IT systems, and the need for institutions to provide timely access to the latest IT functionality.

WORKING

In traditional enterprise computing, IT departments forecast demand for applications and capacity and invest time and money to develop those resources in-house or purchase them from others and operate them in-house. With cloud computing, institutions procure IT services from remote providers, and campus constituents access these resources over the Internet. E-mail, for example, long considered a support of an institutions IT operations, can be obtained from a range of sources, and a growing number of campuses contract with outside suppliers for this function.

Software is hosted by the provider and does not need to be installed or maintained on individual computers around campus. In some cases, a large university or a consortium might become a provider of cloud services. Storage and processing needs can also be met by the cloud. Institutions pay only for the resources used, and users can access the applications and files they need from virtually any Internet-connected computer. In a mature cloud computing environment, institutions would be able to add new IT services or respond to changes in capacity on the fly, saving capital costs that can be redirected to programs of strategic value to the institution. The emergence of cloud computing as a viable option for a growing number of IT services speaks to a level of Internet penetration and infrastructure maturity that did not exist just a few years ago. Analysts expect cloud computing to see mainstream adoption in 25 years, and some higher education IT leaders believe that cloud computing programs on campus will increase considerably in the coming years. To the extent that these efforts are successful, confidence in the model and trust in providers will grow, and institutions will be more amenable to transferring a larger number of

services to the cloud. Conversely, a breach of trust by a cloud provider would likely leave institutions uneasy about cloud services.
CLASSIFICATION (SERVICE) Software as a service (SAAS): SaaS is a new model of how

software is delivered. SaaS refers to software that is accessed via a web browser and is paid on a subscription basis (monthly or yearly). Different from the traditional model where a customer buys a license to software and assumes ownership for its maintenance and installation, SaaS presents significant advantages to the customer. SaaS is faster and a cost effective way to getting implemented. There are no hardware, implementation or acquisition costs involved to run the application from the customer's side. Unlike traditional softwares where upgrades would happen once a year or once in 6 months (with the vendor coming to your office with a CD), the SaaS vendor continuously pushes new updates, fixes to the application, which is immediately accessible by the customer. This reduces the length of time it takes a customer to recognize value from the software.

Example: Google Apps (Google Docs), SalesForce.com are among the providers of this kind of cloud computing.

Product as a Service (PAAS):-Provides the entire infrastructure

needed to run applications over the Internet. It is delivered in the same way as a utility like electricity or water. Users simply tap in and take what they need without worrying about the complexity behind the scenes. And like a utility, PaaS is based on a metering or subscription model so users only pay for what they use. With PaaS, corporate IT departments can focus on innovation instead of complex infrastructure. By leveraging the PaaS, organizations can redirect a significant portion of their budgets from keeping the lights on to creating applications that provide real business value. This model is driving a new era of mass innovation. For the first time, developers around the world can access unlimited computing power. Now, anyone with an Internet connection can build powerful applications and easily deploy them to users wherever theyre located.
.

Example: Google App Engine, Microsofts Windows Azure platform, Amazon EC2 (Amazon Elastic Compute Cloud) , etc are among the providers of this kind of cloud computing
Infrastructure as a Service (IAAS) is a provision model in which an

organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis. Characteristics and components of IaaS include:

Utility computing service and billing model. Automation of administrative tasks. Dynamic scaling. Desktop virtualization. Policy-based services. Internet connectivity.

Infrastructure as a Service is sometimes referred to as Hardware as a Service (HaaS).

Example: Amazon Web Services, Rackspace Cloud, Go Grid , etc are among the providers of this kind of cloud computing.
CLASSFICATION (LOCATION)

Public Cloud: Computing infrastructure is hosted at the vendors premises. The customer has no visibility over the location of the cloud computing infrastructure. The computing infrastructure is shared between organizations.

Private Cloud: Computing architecture is dedicated to the customer and is not shared with other organisations. They are expensive and are considered more secure than Public Clouds. Private clouds may be externally hosted ones as well as in premise hosted clouds.

Hybrid Cloud: Organisations host some critical, secure

applications in private clouds. The not so critical applications are hosted in the public cloud. The combination is known as Hybrid Cloud. Cloud bursting is the term used to define a system where the organisation uses its own infrastructure for normal usage, but cloud is used for peak loads. Cloud computing describes a new supplement, consumption, and delivery model for IT services based on Internet protocols, and it typically involves provisioning dynamically scalable and virtualised resources. It is ay product and consequence of the ease-of-access to remote computing sites provided by the Internet. This may take the form of web-based tools or applications that users can access and use through a web browser as if the programs were installed locally on their own computers. Cloud computing providers deliver applications via the internet, which are accessed from web browsers and desktop and mobile apps, while the business software and data are stored on servers at a remote location . of often

Review of literature

1 )Xuan Zhang, Nattapong Wuwong , Hao Li,Xuejie Zhang Information Security Risk Management Framework for the Cloud Computing Environments Risk management framework is one of security assessment tool to reduction of threats and vulnerabilities and mitigates security risks. The goal of this paper is to present information risk management framework for better understanding critical areas of focus in cloud computing environment, to identifying a threat and identifying vulnerability. This framework is covering all of cloud service models and cloud deployment models. Cloud provider can be applied this framework to organizations to do risk mitigation. Key to the successful adoption and transition of information systems to a cloud computing environment is the implementation or modification of a strategic proactive information security risk management framework for cloud computing environment. They developed a framework that implemented in logistics Software as a Service (SaaS) . Then they are apply this framework to Infrastructure as a Service (IaaS) environment and Platform as a Service(IaaS) to testing this framework. 2) Xue Jing ,Zhang Jian-jun2, 2007 A Brief Survey on the Security Model of Cloud Computing problems of current cloud This paper surveys the security computing that based on the

architecture of cloud computing, a security model is proposed. In cloud computing environment, they introduce the concept of Security Access Control Service (SACS).SACS includes Access Authorization, Security API, cloud connection Security. Access Authorization is used to authorize to users who want to request cloud service. Security API keeps users use specific services safely after accessing to the cloud connection security to ensure Combining the SACS with the existing architecture of cloud

computing,

security

model

of

cloud

computing

is

Constituted they can see that no attacks in the first 10 minutes, the system performance which no using security model is better than the using one, the reason is the using one needs some system resources to carry out safety testing. After attack, the performance is rapidly increasing. So the cloud computing with the proposed security model has the more stable performance when facing the attack threat a variety of stacks at the same time. 3) Richard Chow, Philippe Golle, Markus Jakobsson, Ryusuke Masuoka, Jesus Molina, Controlling Data in the Cloud : Outsourcing Computation without Outsourcing Control Laboratories of America. In this paper, they characterize the problems and their impact on adoption. They describe how the combination of existing research thrusts has the potential to alleviate many of the concerns impeding adoption. In particular, they argue that with continued research advances in trusted computing and computation-supporting encryption, life in the cloud can be advantageous from a business intelligence

standpoint over the isolated alternative that is more common today.

4) Uma Somani, Kanika Lakhani, Manish Mundra Implementing Digital Signature with RSA Encryption Algorithm to Enhance the Data Security of Cloud in Cloud Computing The cloud is a next generation platform that provides dynamic resource pools, virtualization, and high availability. In this Research Paper, they

have tried to assess Cloud Storage Methodology and Data Security in cloud by the Implementation of digital signature with RSA algorithm. in this paper propose , Digital Signature with RSA encryption algorithm to enhance data Security in Cloud .A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. They proposed digital signature with RSA algorithm scheme to ensure the security of data in cloud. RSA is probably the most recognizable asymmetric algorithm. 5) Xin Zhou , Harbin, China Research and Implementation of RSA Algorithm for Encryption and Decryption In this paper proposed an implementation of a complete and practical RSA encrypt/decrypt solution based on the study of RSA public key algorithm. In addition, the encrypt procedure and code implementation is provided in details. Cryptographic technique is one of the principal means to protect information security the encryption and

decryption solution can ensure the confidentiality of the information, as well as the integrity of information and certainty, to prevent information from tampering, forgery and counterfeiting. Encryption and decryption algorithm's security depends on the algorithm while the internal structure of the rigor of mathematics, it also depends on the key confidentiality RSA algorithm has been used as a possible authentication methods in ISAKMP / Oakley framework. Diffie-Hellman key exchange algorithm is a key component of the framework. a key agreement session, participants communicate by using Diffie-Hellman algorithm and create shared keys which will be used for key agreement protocol of follow-up steps in order to achieve the optimal efficiency, the symmetric key algorithms and public key cryptography algorithms are always combined together. That is using a symmetric key cryptosystem to encrypt the confidential information needed to be sent, while using the RSA asymmetric key cryptosystem to send the DES key.

6) Jayalatchumy ,Ram kumar,Kadhirvelu Preserving Privacy through Data Control in a Cloud Computing Architecture using Discretion AlgorithmIndia.Cloud computing is an On-demand selfservice Internet infrastructure where a customer can pay and use only what is needed, managed by an API. The SP plays an active role in transmitting information across the cloud. Providing security requires more than user authentication with passwords or digital certificates. The discretion algorithm has been designed and the IDS provide passive security solution. In this paper define working of cloud computing cloud computing system is divided it into two sections: the front end and the back end. They connect to each other through a network, usually the Internet. The front end is the

side the computer user, or client, sees. The back end is the "cloud" section of the system. The front end includes the client's computer and the application required to access the cloud computing system. On the back end of the system are the various computers, servers and data storage systems that create the cloud" of computing services

SIGNIFICANCE

Cloud computing presents IT organizations with a fundamentally different model of operation, one that takes advantage of the maturity of web applications and networks and the rising interoperability of computing systems to provide IT services. Cloud providers specialize in particular applications and services, and this expertise allows them to efficiently manage upgrades and maintenance, backups, disaster recovery, and failover functions. As a result, consumers of cloud services may see increased reliability, even as costs decline due to economies of scale and other production factors. With cloud computing, organizations can monitor current needs and make on-the-fly adjustments to increase or decrease capacity, accommodating spikes in demand without paying for unused capacity during slower times. Aside from the potential to lower costs, colleges and universities gain the flexibility of being able to respond quickly to requests for new services by purchasing them from the cloud. Cloud computing encourages IT organizations and providers to increase

standardization of protocols and processes so that the many pieces of the cloud computing model can interoperate properly and efficiently.

Cloud computing scalability is another key benefit to higher education, particularly for research projects that require vast amounts of storage or processing capacity for a limited time. Some companies have built data centres near sources of renewable energy, such as wind farms and hydroelectric facilities, and cloud computing affords access to these providers of green IT. Finally, cloud computing allows college and university IT providers to make IT costs transparent and thus match consumption of IT services to those who pay for such services.

OBJECTIVE

Understanding basic of cloud computing. Implementing Cloud computing using Microsoft Azure in .NET Framework.

Implementation of CAESAR CIPHER algorithm of Encryption and Decryption.

Implementing Decryption.

the

RSA

algorithm

of

Encryption

and

Providing data security to data using both of the above algorithms.

METHODOLOGY

In this research method we be experimenting with the given data ,and try to secure this data from unauthorized access .Method of data security is Caesar Cipher and RSA algorithm for providing data security ,Firstly data will be encrypted using Caesar Cipher method which is further encrypted using RSA method . And this data then can only be decrypted by authorized person by using his private key.

FORMULATION OF HYPOTHESES

In all emerging areas of engineering science, there is normally a lack of knowledge about their underlying processes, and technologies. Knowledge can be built if the experiences are gathered and organized in the proper manner. This acquired knowledge can be reused in many useful ways. Taking the above point into consideration, they will be devising a mechanism or a way of storing and reusing the past valuable experiences gained by the people during project development. So the problem can be stated as SECURITY IN CLOUD USING CAESER CIPHER AND RSA
ALGORTHIM

SOURCES OF DATA

Data will be provided by the user when the application is run, qualitative data is considered for that purposes.

RESEARCH DESIGN

It consists of using .Net framework for implementing the interface of the application deployed in cloud .Application will have basic layout and will implement Caesar Cipher and RSA algorithm for creating working layout.

TOOL VISUAL STUDIO -2010 with cloud computing add in will be used to

implement the flow of the cloud computing application.

REFERENCES
http://searchcloudcomputing.techtarget.com/definition/publiccloud http://microreviews.org/types-of-cloud-computing/ http://searchcloudcomputing.techtarget.com/sDefinition/0, sid201_gci1287881,00.html http://searchsecurity.techtarget.com/definition/RSA http://www.boingboing.net/2009/09/02/cloudcomputing-skep.html

uan Zhang, Nattapong Wuwong, Hao Li 2Information Security Risk Management Framework for the Cloud

Xue Jing, China Zhang Jian-jun2,(2007) A Brief Survey on the Security Model of Cloud Computing

Richard

Chow,

Philippe

Golle,

Markus

Jakobsson,

Ryusuke

Masuoka, Jesus Molina Elaine Shi, Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control

Uma Somani, Kanika Lakhani, Manish Mundra Implementing Digital Signature with RSA EncryptionAlgorithm to Enhance the Data Security of Cloud

Jayalatchumy, . Kadhirvelu Preserving Privacy through Data Control in a Cloud Computing Architecture using Discretion AlgorithmIndia.

Prashant Srivastava1, Satyam Singh2, Ashwin Alfred Pinto3, Shvetank Verma4, Vijay K. computing Chaurasiya5, Rahul Gupta An architecture based on proactive model for security in cloud

Xin Zhou , Teclmology Harbin Implementation of RSA Algorithm for Encryption and Decryption China