CYBER SECURITY.pdf

1. HYBRID CLOUDS EFFICIENT PROVABLE DATA POSSESSION FOR YAN ZHU1,2, HUAIXI WANG3, ZEXING HU1, GAIL-JOON AHN4, HONGXIN HU4, STEPHEN S. YAU4 1INSTITUTE OF COMPUTER SCIENCE AND TECHNOLOGY, PEKING UNIVERSITY, BEIJING 100871, CHINA 2KEY LABORATORY OF NETWORK AND SOFTWARE SECURITY ASSURANCE (PEKING UNIVERSITY), MINISTRY OF EDUCATION 3SCHOOL OF MATHEMATICAL SCIENCES, PEKING UNIVERSITY, BEIJING 100871, CHINA 4ARIZONA STATE UNIVERSITY, TEMPE, AZ 85287, USA {YAN.ZHU,WANGHX,HUZX}@PKU.EDU.CN, {GAHN,HXHU,YAU}@ASU.EDU CYBER SECURITY

2. CONTENT 01 02 03 04 05 06 WHAT IS HYBRID CLOUD ? COMPONENTS IN HYBRID CLOUD STORAGE CONSTRUCTION OF PDP SCHEMES IN HYBRID CLOUDS HASH INDEX HIERARCHY WHAT IS CPDP MODEL ? FRAGMENT STRUCTURE OF CPDP

3. WHAT IS HYBRID CLOUD ? Hybrid cloud storage architecture is a combination of public and private cloud storage architectures. It is designed to provide organizations with the flexibility and scalability of public clouds while ensuring the security and privacy of private clouds. In a hybrid cloud storage architecture, data is stored and accessed from both public and private cloud storage infrastructures, allowing organizations to leverage the benefits of both environments.

4. COMPONENTS IN HYBRID CLOUD STORAGE Private cloud storage: The private cloud storage component provides a secure, dedicated storage infrastructure within an organization's data center or on-premises environment. It is typically used to store sensitive or confidential data that needs to be protected from external threats. Public cloud storage: The public cloud storage component provides a scalable, cost-effective storage infrastructure that can be accessed over the Internet. It is typically used to store less sensitive data that needs to be accessed from anywhere and by anyone. Hybrid cloud storage gateway: The hybrid cloud storage gateway is a software or hardware appliance that connects the private and public cloud storage components. It provides a unified view of the entire storage infrastructure and allows data to be seamlessly moved between the two environments.

5. Data migration tools: Data migration tools are used to move data between the private and public cloud storage components. They ensure that data is securely transferred between the two environments and that data integrity is maintained throughout the migration process. Security and compliance tools: Security and compliance tools are used to ensure that data stored in the hybrid cloud storage architecture is protected from unauthorized access, theft, or loss. They also help organizations comply with industry and government regulations related to data privacy and security. Data backup and disaster recovery: Data backup and disaster recovery are critical components of a hybrid cloud storage architecture. Organizations need to ensure that their data is backed up regularly and that they have a disaster recovery plan in place in case of a catastrophic event.

6. CONSTRUCTION OF PDP SCHEMES IN HYBRID CLOUDS Provable Data Possession (PDP) schemes are cryptographic techniques used to ensure that a remote storage server has not tampered with or lost any data that has been entrusted to it by a client. Hybrid clouds, on the other hand, are cloud computing environments that combine both private and public clouds. PDP schemes can be constructed in hybrid clouds to provide a secure and reliable method for storing and retrieving data. There are several techniques that can be used to construct PDP schemes in hybrid clouds like, Replication-based, Encryption-based, and Erasure-coded PDP schemes. In all of these techniques, the PDP scheme is constructed in such a way that the data owner can verify the integrity and availability of their data without having to download the entire data from the remote server. This makes PDP schemes in hybrid clouds efficient, scalable, and secure, allowing for the reliable storage and retrieval of data in cloud computing environments.

7. HASH INDEX HIERARCHY Hash index hierarchy is a data structure used in computer science to organize and access large amounts of data efficiently. It is a hierarchical structure that uses hash functions to map keys to specific locations in memory, allowing for fast retrieval of data. Here's a brief explanation of each layer of the Hash Index Hierarchy: First Layer (Express Layer): This layer provides an abstract representation of the stored resources. It is responsible for handling metadata and other non-data aspects of storage. The express layer typically consists of a database or index that allows for efficient searching and organization of stored data. Second Layer (Service Layer): The service layer promptly offers and manages cloud storage services. It serves as a bridge between the express and storage layers, providing a standardized interface for clients to interact with the storage system. The service layer is responsible for managing user authentication, access control, and resource allocation. Third Layer (Storage Layer): The storage layer directly realizes data storage on many physical devices. It consists of the physical infrastructure, including servers, storage devices, and network components, that stores and manages the data. The storage layer is responsible for data replication, backup, and recovery, ensuring that data is always available and protected.

8. WHAT IS CPDP MODEL ? The Cooperative Provable Data Possession (CPDP) model is a method of ensuring the integrity and availability of data stored in a remote server or cloud storage. It is designed to address security concerns that arise when individuals or organizations store their data on remote servers that are not under their direct control. The data owner generates a set of cryptographic keys that are used to create a proof of possession (PoP) for each block of data that is stored on the remote server. The PoP is a small piece of data that can be used to verify that the corresponding block of data has not been tampered with or deleted. The data owner requests that the server provides a set of challenges that require the server to provide PoPs for random blocks of data stored on the server. The server must provide the correct PoP for each block in order to prove that the data has not been tampered with or deleted. If the server fails to provide the correct PoP for any block, the data owner can assume that the data has been tampered with and take appropriate action. The CPDP model provides a way for data owners to ensure that their data remains secure and available even when it is stored on remote servers or cloud storage.

9. FRAGMENT STRUCTURE OF CPDP The fragment structure of the Cooperative Provable Data Possession (CPDP) model is a way of dividing the data into smaller, manageable pieces to allow for efficient processing and storage. In the CPDP model, the data is divided into fixed-size blocks or fragments, which are typically a few kilobytes in size. Each fragment is associated with a unique identifier, known as a fragment ID, which is used to track and verify the fragment's integrity. The data owner generates a set of cryptographic keys, including a set of secret keys and a set of public keys, which are used to generate the proofs of possession (PoPs) for each fragment. The secret keys are kept secret by the data owner, while the public keys are provided to the server for verification To store the data on the remote server, each fragment is first encrypted using a symmetric encryption algorithm, such as Advanced Encryption Standard (AES), with a unique key. The unique key for each fragment is then encrypted using a public key encryption algorithm, such as RSA, with the server's public key, and stored on the server along with the encrypted fragment.

10. When the data owner requests a set of challenges, the server selects a random set of fragments and sends their corresponding fragment IDs to the data owner. The data owner uses their secret key to compute the PoP for each selected fragment and sends them back to the server for verification. The server then uses the corresponding public key to verify the PoP for each fragment and sends the result back to the data owner. If the server fails to provide the correct PoP for any fragment, the data owner can assume that the corresponding fragment has been tampered with or deleted, and take appropriate action to ensure the integrity and availability of their data.

11. Made by : Hardikkumar P. Patel (21BT04141) Janak M. Radadiya (21BT04094) Preet H. Prajapati (21BT04094) THANK YOU CYBER SECURITY

CYBER SECURITY.pdf

CYBER SECURITY.pdf

Recomendados

Más contenido relacionado

Similar a CYBER SECURITY.pdf

Similar a CYBER SECURITY.pdf(20)

Último

Último(20)

CYBER SECURITY.pdf