"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
MCDB: Multi Cloud Database Model
1. MCDB:
USING MULTI CLOUDS TO ENSURE
SECURITY
IN
ATHULYA RAJ
S7 CSE
NO:16
2. OVERVIEW
INTRODUCTION
SINGLE CLOUD MODEL
SOME SECURITY RISKS
WHY MOVING TO MULTI
CLOUD
SECRET SHARING
MULTI CLOUD DATABASE
MODEL
THE MCDB DATA FLOW
WHAT MAKES MCDB
DIFFERENT
EVALUATION
CONCLUTION
REFERENCES
3. “ A Style of Computing
where massively scalable
IT enabled capabilities are
delivered ‘as a service’ to
external customers using
internet technologies ”
4. Basic Cloud
Characteristic
“no-need-to-know”
“flexibility and elasticity”
“pay as much as used and needed”
“always on!, anywhere and any place”
5. Types of Clouds
Public Cloud –
Available to the
general public or
large industry group
and is owned by an
organisation selling
cloud services
Community Cloud –
Shared by several
organisations and
supports a specific
community that has
shared concerns
Private Cloud –
Operated solely for
an organisation or
company
Hybrid Cloud –
Combination of two of
the above, they remain
unique entities but are
bound together by
standardised
technologies
CLOUD
6. 3 Approaches to Cloud Computing
access to software and
its functions remotely
through internet
browsers.
computing platform is
being delivered as a
service, eg. purchase and
manage hardware
remotely.
defined as computer
infrastructure, such as
virtualization, being
delivered as a service.
7. Benefits of Using Cloud
High
productivity
cloud
Less
deployment
Time
Increased
Moblity
Environmentl
y Friendly
High
Availability
Pay as you do
Easy to
manage
shared
resources
10. WHY MOVING TO MULTI
CLOUD??
Avoids the dependency on single
cloud
The main purpose of moving to
inter cloud is to improve what was
offered in single cloud by
distributing the reliability,trust and
security among multiple cloud
providers
11. What is "Secret
Sharing"?
In cryptography, a secret sharing scheme is a method for distributing a
secret amongst a group of participants, each of which is allocated a share
of the secret. The secret can only be reconstructed when the shares are
combined together; individual shares are of no use on their own.
in a secret sharing scheme there is one dealer and n players. The dealer
gives a secret to the players.
The dealer accomplishes this by giving each player a share in such a way
that any group of t (for threshold) or more players can together
reconstruct the secret but no group of less than t players can. Such a
system is called a (t,n)-threshold scheme.
12. Shamir's Secret Sharing
• Suppose we want to use (k,n) threshold
scheme to share our secret S where k < n.
• Choose at random (k-1) coefficients
a1,a2,a3…ak-1 , and let S be the a0
f ( x ) a a x a x 2
..... a
k
1
0 1 2 k 1
• Construct n points (i,f(i)) where i=1,2…..n
• Given any subset of k of these pairs, we can
find the coefficients of the polynomial by
interpolation, and then evaluate a0=S , which
is the secret
13. Example
• Let S=1234
• n=6 and k=3 obtain random integers a1=166
and a2=94
f (x) 1234 166x 94x2
• Secret share points
(1,1494),(2,1942)(3,2598)(4,3402)(5,4414)(6,5614)
• We give each participant a different
single point (both x and f(x) ).
14. Reconstruction
• In order to reconstruct the secret any
3 points will be enough
• Let us consider
x y x y x y
( , ) (2,1924),( , ) (4,3402),( , )
(5,4414)
0 0 1 1 2 2
U gLagrangepolynomials
l x x x x x x x x x x x x
/ * / 4 / 2 4* 5/ 2 5 1/ 6 11/ 2 31/ 3
l x x x x x x x x x x x x
/ * / 2 / 4 2* 5/ 4 5 1/ 2 31/ 2 5
l x x x x x x x x x x x x
/ * / 2 / 5 2* 4 / 5 4 1/ 3 2 22/ 3
sin
f x y l x x x x x x x
( ) ( ) 1942(1/ 6 11/ 2 31/ 3) 3402( 1/ 2 31/ 2 5) 4414(1/ 3 2
22/ 3)
2
2 2 2
2
0
2
2 0 2 0 1 2 1
2
1 0 1 0 2 1 2
2
0 1 0 1 2 0 2
j
j j
f ( x ) 1234 166 x
94
x
15. MULTI CLOUD
DATABASE MODEL
CSP is responsible for storing the
data in its cloud storage that is
divided into n shares and then
returning the relevant shares to
the DBMS that consists of the
user's query result
DBMS is responsible for rewriting the
user's query (one for each CSP),
generating polynomial values handling
the user's query to each CSP and then
receiving the result from CSP.
The Servlet Engine
communicates with the data
source through the JDBC
protocol.
HTTP server is responsible for
managing the communication
between the application and the
browser..
17. THE MCDB MODEL DATA FLOW
Sending Data Procedure
User sends a request through user interface and
web browser through an HTTP request
User query will be sent to servlet engine
Servlet engine and DBMS communicates through
JDBC protocol
DBMS manage the query and send to CSP
Result is send to DBMS and it returns the result to
servlet
Servlet returns the result to HTTP server and it
returns to user
18. Procedure between DBMS and CSP
• DBMS divides the data into n shares and stores it into CSP
• DBMS Generates a random polynomial function in the same
degree for each value of the valuable attribute that the client
wants to hide from the untrusted cloud provider
• When users query arrives at DBMS it rewrites the polynomial
for each CSP
• Relevant shares are retrieved from CSP
19. WHAT MAKES MCDB
DIFFERENT??
Data Integrity
The stored data may suffer from any damage occur
during transition from or to cloud storage provider
Data will be distributed in 3 different providers in MCDB
model
If the malicious insider wants to know the hidden
information they should have at least three values from
different cloud
20. Data Intrusion
a. If anyone gains access to the account in single cloud ,then
they will be able to access all of the accounts instances and
resources
b. MCDB replicates the data among three different clouds
c. Hackers need to retrieve all information from 3 different
service providers to be able to reconstruct the real data
d. Replicating data into multi cloud reduces the risk of data
intrusion
21. Service Availability
The users web service may terminate for any reason at any
time if any users files break the cloud storage policy
There will be no compensation for the service failure
MCDB distributes the data into different clouds ,so data
loss risk will be reduced
If one cloud provider fails the users can still access there
data live in other service provider
22. EVALUATION
Data storing
procedure
Data storing involves data
distribution from data source to
different cloud providers
Multi cloud may suffer from
time and cost
The time cost increases with
increasing no of shares
Increased no of shares increases
the scurity
23. Data retrieval time
The data retrieval process in
MCDB starts from rewriting the
users query in the DBMS and
then sends these queries,one
for each CSP,after constructing
the polynomial and order of
secret value
The relevent tuple will be
returned to the DBMS to
compute the polynomial
function
Data retrieval time for exact
match query is less than
aggregate query
The time to retrieve data
increases linearly with increase
in no of shares
24. CONCLUSION
Customers do not want to lose their private
information as a result of malicious insiders in the
cloud.
the loss of service availability has caused many
problems for a large number of customers recently.
Furthermore, data intrusion leads to many
problems for the users of cloud computing.
The purpose of this work is to propose a new model
called MCDB which use Shamir’s secret sharing
algorithm with multi-clouds providers instead of
single cloud.
The main aim of this model reduce the security
risks occurs in cloud computing and addresses the
issues that related to data integrity, data intrusion,
and service availability.
25. REFERENCES
[1] H. Abu-Libdeh, L. Princehouse and H.
Weatherspoon, RACS: a case for cloud storage
diversity, ACM, 2010, pp. 229-240.
[2] D. Agrawal, A. El Abbadi, F. Emekci and
A. Metwally, Database Management as a
Service: Challenges and Opportunities, Data
Engineering, 2009. ICDE '09. IEEE 25th
International Conference on, 2009, pp. 1709-
1716.
[3] S. Akioka and Y. Muraoka, HPC
benchmarks on Amazon EC2, IEEE, 2010, pp.
1029-1034.