IDL - International Digital Library Of

Technology & Research

Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org

International e-Journal For Technology And Research-2017

Information Flow Control as a Service on

Cloud System
*1
Mr. Ahmad Faheem Raheme , Mr. R Rajkumar *2
M.Tech*1 , Department of Information Science and Engineering
Assistant Professor2 , Department of Information Science and Engineering
RNS Institute of Technology, Bengaluru, Karnataka, India

Abstract-Security as a Service for cloud system are IFCaaS has been designed in such a way that every
increasing in every prospect since the beginning of the Cloud. application that has been developed in different
Applications on cloud or internet are available everywhere and
programming language will have a specific
its access able to anyone who has internet accessibility, there
for security for such applications are required there for security
dictionary so that the source code of that
maintainers are available from anti-virus, security event application will be tested and matched with the
management services, authentication, anti-malware and dictionary that has been provided if the source code
intrusion detection. These security applications maintain the
has any vulnerability then the third party service
security of such applications but those security solutions will
will give a low rating point on how much the
come at a cost which are mostly costly not all internet or cloud
users can afford. Hence Information Flow Control as a Services specific application is vulnerable. Hence these
on Cloud Systems has been introduced which will bring a services can help in nurturing the efficiency of
solution for any vulnerability in applications which are
security resolutions.
available on cloud.Information Flow Control as a Service on
Cloud computing a service which is
cloud System basically based on third party which is trusted
party for checking and searching applications metadata or provided through internet everywhere in the world
source code for vulnerability if any application that is designed It provides different types of service for clients or
or developed in any particular programming language IFCaaS
consumer. Clients and consumers could be anyone
will check that particular application and match them with
just a common person who use cloud services as a
specific programming language dictionary which has been
provided for different types of programming language. storage or it could be software developer, big
multinational organization, public and private
1. INTRODUCTION
companies, who use cloud services for different
Information Flow Control as a Service on Cloud
proposes.
System a web based application that provide
Cloud computing has three models or
services for Application as a Service and for users.
categories which are Software as a Service,
Its based on vulnerability checking on source code
Application as a Service and Infrastructure as a
of specific application. The vulnerability checking
Service. These services provide different types of
is done by third trusted party which all the
service for user. Since this project is based on
applications metadata will be sent to third party
Software as a service the concentration would be
server, when the application arrived in third party
on Software as a Service.
servers storage it will immediately open the source
Software as a Service (SaaS) it provides
code and check that with the specific dictionary. application or software licensing for clients upon

IDL - International Digital Library 1 |P a g e Copyright@IDL-2017

IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017
International e-Journal For Technology And Research-2017
their request that is why it also called on-demand
software, which is a third party service it is being
provided on internet. Hosts provide such service
and application and those will be available on
internet hence users can have access to such
services from internet. Advantages or benefits of
using SaaS is that users dont need hardware for
installing their required application or software, not
only hardware there is no need for installing the
software into the system users can have access to
such software just by having access to internet
connection and some registration to specific cloud
service provider in order to have access to desire
application or software which is needed or which is
provide from cloud service provider
Software as a service categories.
Introduction to Information Flow Control as a
Service on Cloud System
In This generation where technology is used in
every aspect of our life from personal to
professional from private to public each and every
organization whether its private or
somehow connected to technology and computer
network which interconnect all the public and
private networks together.
Since the technology is developing rapidly
every month every year new services are being
produced by software developer application
programmer and hardware inventors,
development and invention has brought new
phenomena which is now being used
everywhere, which is called Cloud computing, that
provide services for user and developers.
Cloud computing a service which is
provided through internet everywhere in the world
IDL - International Digital Library
Available at: www.dbpublications.org
It provides different types of service for clients or
consumer. Clients and consumers could be anyone
just a common person who use cloud services as a
storage or it could be software developer, big
multinational organization, public and private
companies, who use cloud services for different
proposes.Cloud computing has three models or
categories which are Software as a Service,
Application as a Service and Infrastructure as a
Service. These services provide different types of
service for user. Since this project is based on
Software as a service the concentration would be
on Software as a Service.
Software as a Service (SaaS) it provides
under
application or software licensing for clients upon
their request that is why it also called on-demand
software, which is a third party service it is being
provided on internet. Hosts provide such service
and application and those will be available on
internet hence users can have access to such
services from internet. Advantages or benefits of
using SaaS is that users dont need hardware for
public
installing their required application or software, not
only hardware there is no need for installing the
software into the system users can have access to
such software just by having access to internet
connection and some registration to specific cloud
service provider in order to have access to desire
application or software which is needed or which is
these provide from cloud service provider under
Software as a service categories.
in
2.RELATED WORK
In This generation where technology is used in
every aspect of our life from personal to
professional from private to public each and every
organization whether its private or public
2 |P a g e Copyright@IDL-2017
IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017
International e-Journal For Technology And Research-2017
somehow connected to technology and computer
network which interconnect all the public and
private networks together.
Since the technology is developing rapidly
every month every year new services are being
produced by software developer application
programmer and hardware inventors,
development and invention has brought new
phenomena which is now being
everywhere, which is called Cloud computing, that
provide services for user and developers.
Cloud computing a service which is
provided through internet everywhere in the world
It provides different types of service for clients or
consumer. Clients and consumers could be anyone
just a common person who use cloud services as a
storage or it could be software developer, big
multinational organization, public and private
companies, who use cloud services for different
proposes.
Authors discussed in paper [1], about
Security concerns which are extensively
comprehended as an obstacle to the implementation
of cloud computing solutions. Information Flow
Control (IFC) is a well understood Compulsory
Access Control methodology. Technology which is
available for cloud computing and
management of distributed computing can solve
security concerns which are wildly seen these days
on networking or internet. These security issues
which are mostly based on cloud networking can
be fixed with the help of decentralized IFC which
the authors have discussed and issued for
controlling the cloud security and cloud network
management.
Authors have explained in paper [2],
Detecting Data Leakage between Cloud service
IDL - International Digital Library
Available at: www.dbpublications.org
providers or cloud application providers. As the
cloud services are provided by multi tenants and
are very easily accessible by clients or users the
data or information which are provided for those
user can be harmful if the applications which are
developed by programmers and put into the cloud
these has any harmful codding or if those application got
infected from other application or programs the
used in detecting leakage between cloud service would find
any issue.
In paper [3], which is based on Intrusion
detection authors explained how Intrusion detection
system as a service can find and eliminate the
possibility of threat to the public cloud the authors
suggest that all the user or cloud service providers
put an intrusion detection to their system for
detecting any intrusion which could be from either
side from client or service user or from service
providers with the help of intrusion detection if any
party service provider or user violate or attempt to
compromise the system with the help of Intrusion
Detection.
This paper based on cloud services and authors
described on [4] how cloud services should be
provided and avoid any threats the authors
basically introduced, Rule-Based Run-Time
system Information Flow Control in Service Cloud which
is provide a service chain to provide protection
against any threat to the cloud.
In [5], the authors have proposed
Enforcing Secure Information Flow at the Cloud
Edge which is based in data processing on Platform
as a Service with use proposed system the
applications which flows through the cloud
services can be checked line by line for
vulnerability and any malicious coding when buy
3 |P a g e Copyright@IDL-2017
IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017
International e-Journal For Technology And Research-2017
checking a java application line by line any
vulnerability can be spotted or detected.
3.PROPOSED WORK
Application or software which are provided for
users or clients on cloud or internet for any propose
which could be commercial or non-commercial
must be verified by third party which should be a
trusted party.
Third party should not be in favor of
anyone software as a service provider, cloud
service provider or users who are intent to use
applications or software from cloud. The third
party with use of Information Flow Control (IFC)
can detect any vulnerability to the source code of
the application or software which has been sent.
After the source code is verified for
vulnerability the third party will provide details
information of specific application for users into
the logbook then users can download or use those
specific verified application.
3.4 Advantages in proposed system
Application and software can be trusted.
Detection of vulnerabilities.
Verified source code of application.
Users can see how much an application
has vulnerability.
Figure 3.1: Proposed Architecture
IDL - International Digital Library
Available at: www.dbpublications.org
3.5 System Requirement
Any project which is being developed or modified
has requirements which must be considered. The
main idea or goal of system requirement is to
develop an independent project which is more
efficient and the propose of system requirement is
to meet the software requirement specification.
Software has their own requirement specification
with the help of system analysis, which also called
requirements engineering those requirements can
be solved, whiten this process the user determines
expectations for a new or modified product. These
features, called requirements, that must be
computable, related and comprehensive.
Software requirement specification describe the
behavior of the project and its development which
includes the functional and nonfunctional
necessities for the project or software to be
developed. The functional requirements contain
that the software compatibility and none
compatibility which needs to be considered while
developing any project and software. None
functional requirements include the control on the
strategy or operation of the project or software.
Requirements must meet all the functionality of
project which is going to be developed which
includes performance, services, platforms,
availability of services, configuration of services.
For providing a services which is available on the
cloud from any location and at any time the project
must be designed and implemented in web based
that is accessible from any operating system with
internet connection. Servers are required for
providing such web based services those servers
must be configured in a way that could hand Flow
of Data in different timeline since the data will
4 |P a g e Copyright@IDL-2017
IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org

International e-Journal For Technology And Research-2017

flow from cloud to cloud between software
developers. The main requirement of IFCaaS is that
it has to be available on the system and it needs to
be accessed from different part of the world at any
time.
3.5.1 Functional Requirements
Product functional requirement is review or
exploration of the product which is being
developed or being modified, this analysis shows
how the product is carried out is the product fake or
real since the project is being developed whiten
server and client environment it should contain all
the requirement for both server and client which
later on each functionality of service is explained
throughout the report. All the functionality of the
project which are going to be implemented are
explained in this section. For every new project or
software which is going to be developed its
important to determine the functionality of that
project or software that how it works and what are
the requirements.
All the system functionality and system design
which has been implemented to IFCaaS project is
essential and its important to be considered while
developing the project in order to not face any
failure during the execution of the project.
The Functional requirements of the IFCaaS project
are include the following.
Functionality for data input to be used: it
indicates the type of data that needs to be
uploaded or select for transferring to the
third party (here user can choose java file
/C sharp/ and Spring browsing data as
input)
Output functionality: With output
functionality the user can have access to
IFCaaS database for downloading the
application. Descriptions of work-flows
performed by the scheme (it explains the
control flow of the project)
Descriptions of the user credentials: How
users create their database how the system
stores all that information.
Accessibility: How the services are
accessible though the network.
Server
Upload files and store
Download graded file
Stabs and Skeleton
Communication devices.
Alert System
Inform the stabs communicating with
server
Trusted Server
Track record of stabs.
Only Access will be given cloud server
Analysis Objects
Analysis objects are used to described object and
provided detailed information about objects which
are used in the project. Its important to define each
objects since deferent types of objects has been
used in this project graphic and text base object that
define the whole objects which has been used in
IFCaaS. Different types of object has been used
during the project development each and every
object has its own independent objective that gives
the project ability to work as it was designed there
are several types of object that have been used,
which are explained in the following section.

IDL - International Digital Library 5 |P a g e Copyright@IDL-2017

IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017
International e-Journal For Technology And Research-2017
Interface Objects
The interface objects are used and responsible for
controlling the web based services and java
application throughout interface object users can
have access and use the provided services.
Interface objects includes server outlet and clients
which are developed under NetBeans.
Java and JSP are also used for web
services such as web pages and controlling the
server for maintaining connection between server
and client.
Control Objects
Control objects are used to provide accessibility for
users since its not a command line project or
service its an object oriented project each services
which are used in this project required objects,
those objects needs to be control by users and
servers objects are provided by SOAP.
Entity Objects
Entity objects used to provide access to the
database of the system this project contain a
database which hold all the information and data
for users and developers who are trying to use the
services.
4.EXPERIMENTAL RESULTS
After developing the project implementation to
validate the effectiveness of IFCaaS the project has
been tested on source code of targeted applications
(java, C# and Spring). The testing on targets
demonstrating the precision of IFCaaS
detecting vulnerabilities in cloud SaaS applications.
IDL - International Digital Library
Available at: www.dbpublications.org
Table 1shows the name of application which is
being tested platform of application in which
programming language the application has been
developed the next last column indicate the grading
of coding the application which means it shows
that specific application which is coded in specific
language how much of the codding is from same
programming language and how much of the
coding not relate to specific language
5. CONCLUSION
With recent development and rapidly increasing of
the cloud service providers and application which
are available on the cloud it is very important to
maintain security and integrity for applications
which are delivered to users from Software as a
Service provider through cloud service providers.
When the applications are put on the cloud for
users to download or use online those application
might have some vulnerability, which may
compromise all the system or individual system in
which that application is being used.
Since there are multi software providers
and service and applications which are provided
through cloud service providers all those service
for providers might be insecure without any valid and
none-venerable applications. The IFCaaS project
has shown that it can be very effective for
maintaining and providing security for cloud
application. Through third party services for
6 |P a g e Copyright@IDL-2017
IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017
International e-Journal For Technology And Research-2017
checking vulnerability and insecurity in coding of
applications
REFERENCES
[1] Jean Bacon, David Eyers, IEEE, Thomas F. J.-M.
Pasquier, Jatinder Singh, IoannisPapagiannis, and Peter
Pietzuch, Information Flow Control for Secure Cloud
Computing, IEEE Transactions On Network And Service
Management, 2014.
[2] Thuy D. Nguyen, Mark A. Gondree, David J. Shifflett,
Jean Khosalim, Timothy E. Levin, A Cloud-Oriented
Cross-Domain Security Architecture, Military
Communications Conference Unclassified Program Cyber
Security and Network Management, 2010.
[3]Thomas F. J.-M. Pasquier, Julia E. Powles, Intrusion
detection system as a service in public clouds Intrusion.
IEEE International Conference on Cloud Engineering,
2015.
[4] Wei She, I-Ling Yen, BhavaniThuraisingham,San-Yih
Huang, Rule-Based Run-Time Information Flow Control in
Service Cloud, IEEE International Conference on W eb
Services, 2011.
[5]Thuy D. Nguyen, Mark A. Gondree, David J. Shifflett,
Jean Khosalim, Timothy E. Levin, Cynthia E. Irvine, A
Cloud-Oriented Cross-Domain Security Architecture, IEEE
international Conference on Cyber Security and Network
Management, 2010.
[6] R.K.Shyamasundar, N.V.Narendra
Kumar,MuttukrishnanRajarajan,Information-Flow Control
for Building Security and Privacy Preserving Hybrid
Clouds, IEEE 2nd International Conference on Data
Science and Systems, 2016.
[7] Jatinder Singh, Julia Powles, Thomas Pasquier, and
Jean Bacon,Cloud Filter: practical control of sensitive data
propagation to the cloud, IEEE 14th International
Conference on Smart City, 2016.
[8] Jedidiah Yanez-Sierra, Arturo Diaz-Perez, Victor Sosa-
Sosa and J.L.Gonzalez,Towards Secure and Dependable
Cloud Storage Based on User-Defined Workflows, IEEE
2nd International Conference on Cyber Security and
Cloud Computing, 2015.
[9]Nidhiben Solanki, Timothy Hoffman,Stephen S. Yau, An
Access and Information Flow Control Paradigm for Secure
Information Sharing in Service-Based Systems, IEEE 39th
IDL - International Digital Library
Available at: www.dbpublications.org
Annual International Computers, Software & Applications
Conference, 2015.
[10] Ramegowda, A unidirectional data-flow model for
cloud data security with user involvement during data
transit, International Conference on Communication, 2014.
[11]Safwan Mahmud Khan, Kevin W. Hamlen and Murat
Kantarcioglu, Silver Lining: Enforcing Secure Information
Flow at the Cloud Edge, IEEE International Conference on
Cloud Engineering, 2014.
[12] Jatinder Singh, Jean Bacon, Cloud Safety Net:
Detecting Data Leakage between Cloud Tenants, IEEE
18th International Conference on High Performance
Computing and Communications, 2013.
[13]Shih-Chien Chou, Controlling information flows in
SaaS cloud services, IEEE international Conference on A
Break in the Clouds Towards a Cloud Definition, 2012.
[14] Thuy D. Nguyen, Mark A. Gondree, David J. Shifflett,
Jean Khosalim, A cloud oriented multilayer access control
system for logic virtual domain, IET Information Security,
2012.
[15] Chih-Hung Lin and Zhi-Wei Chen, A Decentralized
Information Flow Model for SaaS Applications Security,3rd
International Conference on Intelligent System Design and
Engineering Applications, 2012.
[16] QuratulainAlam, SaherTabbasum, Saif U. R. Malik,
MasoomAlam, Tamleek Ali, Adnan Akhunzada, Samee U.
Khan, Formal Verification of the xDAuth Protocol, IEEE
Transactions On Information Forensics And Security,
2016.
[17]Mahbub Ahmed,Yang Xiang,Shawkat Ali, Above the
Trust and Security in Cloud Computing: A Notion Towards
Innovation, IEEE/IFIP International Conference on
Embedded and Ubiquitous Computing, 2010.
[18] Olivier Hermant,Managing Big Data with Information
Flow Control, IEEE 8th International Conference on Cloud
Computing, 2010.
[19] AbdulatifAlabdulatif, Ibrahim Khalil, Vu Mai, Protection
of Electronic Health Records in Cloud, 35th Annual
International Conference of the IEEE EMBS, 2013.
[20] Yu Jia Chen, Feng Yi, A Dynamic Security Traversal
Mechanism for Providing Deterministic Delay Guarantee in
SDN, IEEE Signal and Information Processing Association
Annual Summit and Conference, 2012.
[21] Purva Grover, Rahul Johari,BigData,Cloud Computing
and Distributed Computing, Proceedings of Global
Conference on Communication Technologies,2015.
7 |P a g e Copyright@IDL-2017