Data protectin &malicious insiders detection in cloud

abstract
Cloud Storage Enables Users To Store Their Data Offering strong data

protection to cloud users while enabling rich applications is a

challenging task. We explore a new cloud platform architecture called Data Protection as a Service, which dramatically reduces the per-

application development effort required to offer data protection, while

still allowing rapid development and maintenance.

Existing system
a key challenge is how to ensure and build confidence that the cloud

can handle user data securely. A recent Microsoft survey found that
58 percent of the public and 86 percent of business leaders are excited about the possibilities of cloud computing. But more than 90

percent of them are worried about security, availability, and privacy of

their data as it rests in the cloud. Its impossible to develop a single data-protection solution for the cloud

disadvantages
1)Integrity problem

2)privacy problem
3)verification problem 4)rich computation problem 5)development and maintenance problem

Proposed system
We propose a new cloud computing paradigm, data protection as a

service (DPaaS) is a suite of security primitives offered by a cloud

platform, which enforces data security and privacy and offers evidence of privacy to data owners, even in the presence of potentially

compromised or malicious applications. Such as secure data using

encryption, logging, key management.

advantages
1)it must be able to perform user authentication, or at least have a trusted way to know whos logged in and accessing the service; and 2) it must rely on encryption and authenticated data store techniques to remove the need to trust the storage service. 3) administrative access for maintenance operations such as debugging

System architecture

modules
Cloud Computing Trusted Platform Module Third Party Auditor User Module

Cloud Computing
Cloud computing promises lower costs rapid scaling easier maintenance service availability

Trusted Platform Module

) A trusted platform module (TPM) to provide secure and verifiable boot and dynamic root of trust. Two techniques Full disk Encryption Computing on Encrypted data

Third Party Auditor

In this module, Auditor views the all user data and verifying data and also changed data. Auditor directly views all user data without key. Admin provided the permission to Auditor. After auditing data, store to the cloud.

User Module
User store large amount of data to clouds and access data using secure key. Secure key provided admin after encrypting data. Encrypt the data using TPM. User store data after auditor, view and verifying data and also changed data. User again views data at that time admin provided the message to user only changes data.

Use -case diagram

User data

View all user data

changing data

AUDITOR allows user data

view data

USER

ADMIN

view all data

store

view auditing details

change data with alert

Sequence diagram
user auditor data upload with encrypt view all user data change or unchanging store data view user data cloud admin

view auditing details allow new data

view data or change data with alert message

collaboration diagram
auditor user

2: view all user data 3: change or unchanging store data

1: data with encrypt 7: view data or change dataupload with alert message

5: view auditing details

cloud

4: view user data admin 6: allow new data

Class diagram

screens

screens

screens

enhancement
We propose a different approach for securing data in the cloud using offensive decoy technology. We monitor data access in the cloud and detect abnormal data access patterns. When unauthorized access is suspected and then verified using challenge questions, we launch a disinformation attack by returning large amounts of decoy information to the attacker. This protects against

the misuse of the users real data.

Conclusion
The cloud platform not only provides the hardware and software stack as in todays cloud computing, but also dynamic data protection that protects users data while enabling rich computation over them. Data is protected at the platform level.

Queries