You are on page 1of 19

Safesky: A Secure Cloud Storage Middleware for Enduser Applications

Submitted by,
Ananthu ks
Roll no:10


Contents  Introduction  Existing Systems  Proposed System  Contents  Advantages and Limitations  Conclusion  References 2 .

Introduction  Cloud storage Cloud storage is a model of data storage in which the data is stored in remote servers and can be accessed from internet or “cloud” from anywhere and at anytime.  Popularity  It of cloud storage services grows is desirable and even essential for both legacy and new end-user applications to have the cloud storage capability to improve their functionality. and accessibility. 3 . usability.

Google Drive. Box.Cloud Storage Eg: Amazon Cloud Drive. Dropbox. Rackspace 4 .

Existing systems  Unfortunately.  Lack of sufficient security knowledge and skills in application developers.  Requires deep domain expertise from developers. it is nontrivial for ordinary application developers to either enhance legacy applications or build new applications to properly have the secure cloud storage capability. 5 .

INSIDER ATTACKS  Insider attackers could be in-sincere or former employees who can still access the resources of a cloud storage service. 6 .Security Issues in cloud OUTSIDER ATTACKS  Attackers could be outsider unauthorized or illegitimate Examples of outsider attackers could be from amateur pranksters to organized criminals and even hostile governments.

but instead securely saves the data to multiple free cloud storage service. A Safe Sky-enabled application does not need to save any data to the local disk. a middleware that can immediately enable an end-user application to use the cloud storage services securely and efficiently. without any code modification or recompilation. 7 .  The cloud storage capability must be securely equipped with end-user application.Proposed System  SafeSky.


Performance: SafeSky should not incur any perceivable performance overhead to end users. Availability: Applications can access their data anytime even if certain cloud storage services are unavailable.Requirements and Challenges Confidentiality and Integrity: SafeSky must securely protect the data at the user-end before saving them to cloud storage services. 9 . Deployability: Different applications can immediately have the secure cloud storage capability without requiring any code modification or recompilation to them.

Architecture Of Safesky… 10 .

Standard C function level (e. Shamir’s (k.Fetching data from application.g. n) secret sharing scheme with parameters N and K. the buffered fread() and fwrite() functions) or at the system call wrapper function level safesky LD PRELOAD environment variable Plaintext is first protected using an authenticated encryption algorithm (AES Algorithm ) with a randomly generated key cloud driver component saves those data block pieces to n different cloud storage services. 11 . to produce N secret-shared data block pieces.

Data Protection in safe sky 12 .

1. if attackers can compromise any K −1 cloud storage services and steal any K − 1 cloud data objects of a data block. it is absolutely infeasible to recover the entire ciphertext of that data block . which will be decrypted and verified using the authenticated decryption algorithm to reconstruct that data block. 2. 13 . In the decryption and verification process. any K cloud data objects of a data block can be used by the secret sharing scheme to recover the ciphertext.

Advantages  High data availability  Deployed  Data to applications without recompilation is not stored in hard disk 14 .

 Due to shared or weak passwords  if an application directly transmits a user’s data to a server through network connections  Singlewriter possible multi-readers consistency semantics is not 15 .Disadvantages  We assume that on a user’s computer. the operating system is secure and no malware is installed to steal the user’s data.

proposed DepSky.  BlueSky BlueSky is a file system proxy that aims to lower the cost and improve the performance of using cloud storage services byadopting a log-structured data layout for the file system storedin the cloud 16 . n) secret sharing scheme to improve the overall data availability and confidentiality. a system that sits on top of multiple cloud storage services to form a cloud-ofclouds and applies the Shamir’s (k.RELATED WORKS  DepSky Bessani et al.

17 .  We implemented SafeSky as a C shared library on Linux. enhance the data confidentiality. and availability. various popular cloud storage services.  Does not need to save any data to the local disk. integrity.Conclusion  Enable either legacy or new end-user applications to have the secure cloud storage capability without requiring any code modification.  SafeSky supports applications written in different languages.

A. . Fox. and M. ACM. Patterson. pages 229–240. Security in the cloud. 53(4):50–58. 2010 18 .References  H. A. Zaharia. and H. Lee. A view of cloud computing. Konwinski. L. A. R. Joseph. Anthes. D. 2010. ACM. Commun. Griffith. Armbrust. I. Prince house. Rabkin. Stoica. D. Commun. A.  G. Weatherspoon.  M. In Proc. RACS: a case for cloud storage diversity. 2010. R. Abu-Libdeh. of the ACM symposium on Cloud Computing (SoCC). 53(11):16–18. Katz.