International

Journal of Computer
Engineering
Technology (IJCET),
ISSN 0976-6367(Print),
INTERNATIONAL
JOURNAL
OFand
COMPUTER
ENGINEERING
&
ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

TECHNOLOGY (IJCET)

ISSN 0976 6367(Print)

ISSN 0976 6375(Online)
Volume 6, Issue 2, February (2015), pp. 45-53
IAEME: www.iaeme.com/IJCET.asp
Journal Impact Factor (2015): 8.9958 (Calculated by GISI)
www.jifactor.com

IJCET
IAEME

A PROPOSAL ON PROTECTING DATA LEAKAGES IN

CLOUD COMPUTING
Supriya Mandhare1,
1

2
3

Dr.A.K.Sen 2 ,

Rajkumar Shende3

Student, Computer Engineering, St. Francis Institute of Technology,

Mumbai University, India,

Principal, St. Francis Institute of Technology, Mumbai University, India,

Associate Professor, Computer Engineering, St. Francis Institute of Technology,

Mumbai University, India,

ABSTRACT
In cloud computing we can store personal and business data. Cloud computing provides
various features like less maintenance, more storage capacity, pay-per-use etc. But with this features
cloud computing has some disadvantages like security and privacy. Existing data security
mechanisms are not sufficient for the security of the data. In this work, five layers of security of data
have been proposed which makes data more secure on cloud. In the 1st two layers user
authentication with one time password mechanism is proposed. Then in the next layers data
encryption, access rights and in the final layer file will be split and store that file on different
locations of server.
Keywords: AES (Advanced Standard Encryption), Access Rights, Cloud Computing, Data
Protection Mechanisms, File Split and Merge
I.

INTRODUCTION

Cloud computing is becoming more and more popular today. With traditional desktop
computing we were running copies of software programs on our own computer. Whatever the
documents created by user, that were store on users computer. Although documents can be accessed
from other computer within a network but they cant be accessed outside the network. But in cloud
computing we can use these services anywhere, anytime. Cloud computing offers various services
over the internet so customer doesnt need to buy that services [1].Cloud computing can run
programs at the same time on many connected computers [2].
45

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

1.1

Cloud Computing Deployment models

1.1.1. Private Cloud

Cloud infrastructure is provided only for single enterprise but services on cloud infrastructure
will be used by multiple users of that enterprise [3].
1.1.2. Public Cloud
In this, cloud infrastructure services and storage is available to general public with the access
of internet. [3].
1.1.3. Hybrid cloud
The Hybrid cloud infrastructure is a combination of two or more different cloud
infrastructures such as private, or public. It combines public cloud services with private cloud [3].
1.2. Cloud computing service models are as follow
1.2.1. Software as a Service (SaaS)
The facility given to the user is to use the vendors applications which are running on a cloud
infrastructure. The user doesnt need to control these applications which are provided by vendor on
the cloud infrastructure. In this service, services provided by the service provider are available to user
[4].
1.2.2 Platform as a Service (PaaS)
In this service development or software environment is provided as service upon which
higher levels of services can be built means in which applications can be developed and deployed.
This service provides automatic arrangement for ready to use services [4].
1.2.3. Infrastructure as a Service (IaaS)
This service provides infrastructure to user with the use of storage, memory. User does not
manage cloud infrastructure. But user can manage his data stored on cloud infrastructure and
applications which he has deployed [4]. Gmail, Drop box are some applications of cloud computing
services [5].
Now a days cloud computing is being used for storage of data .All the applications provided
by cloud infrastructure are available to wide range of user and can be accessed with internet. If the
user is authorized then that user can access services of cloud from anywhere, anytime. In the data
management security user data should not be disclosed to any third party. In the cloud computing
infrastructure new challenge is privacy and security of data [6].
For the security of data, data encryption is used .In the cloud computing environment it consist
of large amount of data storage ,transmission of data and handling of data is difficult . Again service
providers need to manage encryption key which becomes very complex because users are not have
enough expertise to manage keys [6].
II.

REVIEW OF LITERATURE

Cloud Computing provides various services over the internet [7]. By using the cloud
computing user doesnt need to store his data on his personal hard drive. Pay per use facility which is
provided by cloud computing, many organizations started using it. But with the increasing use of
cloud computing security problems arises [6]. Cloud computing services and internet transmission can
be divided into security domains. First security domain is network domain. In the network domain
data is not secure when data is in transmission. Second domain is service domain .In this data is not
secured in cloud services. And the third domain is storage domain. In this data is not secure when it is
in storage. For these three domains it includes mechanisms such as authentication, encryption of data,
use of access control, etc. [6] [8].

46

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

In three ways it is possible to secure file .The first way is to to provide authentication to user. Second
method is to hide the type of file means the extension of file. For a low level hacker it is not possible
to find that file or its extension. But a high level hacker can easily find that file form a system so this
method also doesnt work. And next method is use of encryption algorithm. With the encryption
algorithm it is not possible to get original data. But the question arises when data is broken or
falsified. So encryption of data is also not sufficient for data security [8].
III. PROPOSED WORK
Cloud computing provides many services to enterprises. Also it is possible to access and store
not only our business but also personal data on cloud. But with this benefits security of data is a
major concern in cloud computing. Though user authentication is provided to access data but it is not
sufficient for the security of data. To overcome this problem, it is necessary to develop a system
which will provide not only access rights, encryption of data but also data will be disjointly stored.
The aim of this work is to develop a system which will provide highest security to data
3.1 The implementation will consist of 4 modules User panel
When user login to system he will get activation code on his registered email-id. User should
provide this code to download, view files.
Encryption of file and Access Rights
Once the admin login to system admin will provide access rights to the user. And when he
will upload a file that file be he will provide AES encryption key for the file encryption. The user
who is having access right for any file that user can access file otherwise not.
File Store
After providing access rights and using AES algorithm for data encryption file will be break
into parts and that file will be store on different locations of server. so it makes more complex for
hacker to get the file.
File Access
Only authorized user can access file from server. To download a file user will get key on his
email-id. User has to provide that key then only user can download file.

Fig.1 Proposed Work

47

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

3.2 Algorithms and security mechanism used

Security and privacy are main concern in cloud computing. In this research work to increase
the security of cloud computing with Modified AES, one time password mechanism, MD5 used.
AES
AES is an advanced encryption standard. In AES block size is fixed means it is 128 bits but
having different key lengths. Key lengths are 128 bits, 192 bits, 256bits. Based upon key lengths it
performs number of rounds for input encryption such as 10 rounds, 12 rounds, 14 rounds
respectively. AES is very fast and secure algorithm. Because it supports larger key sizes and not also
256 bit AES is unbreakable. In this research work 256 bit AES is used for encryption and decryption
of data.
One time password mechanism
One-Time Password security mechanism is generally used for user authentication. one-time
passwords is highly secure mechanism ensuring that only properly authenticated users are authorized
access to critical applications and data. In this research work this mechanism used when user will
login to system. To access his data on cloud user will login code on his account. Without that code
user cant login to system. As it is a one-time password mechanism user will get new code every
time when user will try to login into system.
MD5
It is a message digest algorithm which uses cryptographic hash function which uses
cryptographic hash function and produces 16 byte hash value. In this research work MD5 is used
when new user is creating account on cloud. In that after creating account user will get activation
code on his email-id. And that code will be generated by MD5.Also users email-id and password
will be store in encrypted format by using MD5.
Files split and merge
For splitting file first system will remove the extension of file then start splitting file. Before
splitting the file, system will first encrypt file and then split the file. File split formula = file
size/number of parts.
In this system will first read the contents of the file then writes the contents to parts of file. And in
merging system will first merge the file and then decrypt the file.
Steps for Admin
1. Admin will login to system
2. Admin will select file for uploading. With uploading file admin will give AES encryption key for
file encryption.
3. In file uploading, file will break into 4 parts and will be store on different locations of server.
4. Admin will provide access rights to users.
Steps for user
1. Login to system.
2. Select file which user wants to download.
3. Provide decryption key.
-If the key is correct then only system can merge and decrypt file.

48

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

IV. RESULTS

Fig.2: Admin Panel

Figure 2. shows the admin panel. In this it keeps counter for pending access rights, number of
files uploaded on server, number of users registrations, and number of unique visitors visiting site.

Fig. 3: File uploading with encryption key

Figure 3.shows the admin is uploading file with encryption key and name of file. File name
should not contain its extension. Because of file splitting it converts file into text file. And the parts
of that file will be in encrypted format.

49

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

Fig. 4: Users Access Rights Status

Figure 4. shows which users are having access right to download file which is uploaded by
admin. In this section admin can edit access rights for users. If user is not having access right then
that file is available to user to download.

(a)
(b)
Fig. 5(a) (b): File Breaking and storing it on different locations
Figure 5. Shows after uploading file, file will be break into parts. This figure shows after
breaking a file, file parts are stored on different locations of server like server0, sever1. If file name
is AESencryption.pdf then on server location it will look like AESencryption_0 which is first part,
AESencryption_1 which is second part.
50

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

Fig. 6: User Login with activation code

Figure 6 shows after providing login details system will ask for to provide activation code
which user will get on his register email-id. This activation code is generated by shuffling A-Z
characters, 0-9numbers and special characters.

Fig.7: File Download

Figure 7.shows no of files that can be downloaded by user. Only that files are available to
user which admin has given access right to that particular user.

51

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

Fig.8: System is asking for Key to download a file

Figure 8.shows User wants download a file. For downloading a file user will get decryption
key on his registered email-id which he has provided while creating account. After providing key
system will merge file and then decrypt a file. If key does not match then user cannot download file.
And at bottom of window it shows downloaded file.
V. CONCLUSION
With the use of cloud computing is easy to deploy services on cloud and provides benefits
such as storage capacity is more, continuous availability. When data is stored on cloud, security of
data very important. By using Encryption approach data will be secured. Data is also stored on
different locations by using file split technique which makes difficult not only for hacker but also to
cloud provider to access data which is in encrypted form and also difficult to use any part of file
because file parts are not possible to open.
VI. ACKNOWLEDGEMENT
I would like to thank Professor Dr. A.K.Sen, Associate Professor Rajkumar Shende for their
guidance, encouragement and useful critiques of this research work. I would also like to thanks my
parents, friends for their encouragement and support throughout this research work.
REFERENCES
1.
2.
3.
4.

www.authorstream.com/Presentation/ with traditional desktop computing, 12 Nov 2014

www.isim-indore.blogspot.in/ Cloud computing is a colloquial expression, 22 Aug 2014
www.csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf, NIST Definition of Cloud,
26 Sep 2014
www.stackoverflow.com/questions/16820336/what-is-saas-paas-and-iaas-with-examples,
Cloud computing service models, 30 Aug 2013

52

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 6, Issue 2, February (2015), pp. 45-53 IAEME

5.
6.
7.

8.

www.thebowditchgroup.com/17-cloud-computing-applications-small-business,Cloud
Computing Applications, 15 Sep 2013
Deyan Chen, Hong Zhao, Data Security and Privacy Protection Issues in Cloud
Computing, vol.1.pp.647-651, 2012
Di Iu, Pingchang Bai, Hong Jiang, Using The User Space File System To Protect File
International Conference on Apperceiving Computing and Intelligence Analysis
(ICACIA),pp.350-353,2010.
V.Nirmala, R.K.Sivanandhan, Dr.R.Shanmuga Lakshmi, Data Confidentiality and Integrity
Verification Using User Authentication Scheme in Cloud IEEE International Conference
on Green High Performance Computing (ICGHPC), pp.1-5, 2013.

53