Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

fog computing provide security to the data in cloud

9.947 Aufrufe

Veröffentlicht am

Veröffentlicht in: Technologie
  • Loggen Sie sich ein, um Kommentare anzuzeigen.

fog computing provide security to the data in cloud

  1. 1. 1 1. ABSTRACT Cloud is basically a clusters of multiple dedicated servers attached within a network. Cloud Computing is a network based environment that focuses on sharing computations or resources. In cloud customers only pay for what they use and have not to pay for local resources which they need such as storage or infrastructure. so this is the main advantage of cloud computing and main reason for gaining popularity in todays world Also..But in cloud the main problem that occurs is security. And now a day’s security and privacy both are main concern that needed to be considered. To overcome the problem of security we are introducing the new technique which is called as Fog Computing .Fog Computing is not a replacement of cloud it is just extends the cloud computing by providing security in the cloud environment. With Fog services we are able to enhance the cloud experience by isolating user’s data that need to live on the edge. The main aim of fog computing is to place the data close to the end user.
  2. 2. 2 2. INTRODUCTION In today's worlds the small as well as big -big organizations are using cloud computing technology to protect their data and to use the cloud resources as and when they need. Cloud is a subscription based service .Cloud computing is a shared pool of resources. The way of use computers and store our personal and business information can arises new data security challenges. Encryption mechanisms not protect the data in the cloud from unauthorized access. As we know that the traditional database system are usually deployed in closed environment where user can access the system only through a restricted network or internet. With the fast growth of W.W.W user can access virtually any database for which they have proper access right from anywhere in the world . By registering into cloud the users are ready to get the resources from cloud providers and the organization can access their data from anywhere and at any time when they need. But this comfortness comes with certain type of risk like security and privacy. To overcome by this problem we are using a new technique called as fog computing. Fog computing provides security in cloud environment in a greater extend to get the benefit of this technique a user need to get registered with the fog. once the user is ready by filling up the sign up form he will get the message or email that he is ready to take the services from fog computing. 2.1 Existing System Existing data protection mechanisms such as encryption was failed in securing the data from the attackers. It does not verify whether the user was authorized or not. Cloud computing security does not focus on ways of secure the data from unauthorized access. Encryption does not provide much security to our data. In 2009.We have our own confidential documents in the cloud. This files does not have much security. So, hacker gains access the documents. Twitter incident is one example of a data theft attack in the Cloud. Difficult to find the attacker. In 2010 and 2011 Cloud computing security was developed against attackers. Finding of hackers in the cloud. Additionally, it shows that recent research results that might be useful to protect data in the cloud.
  3. 3. 3 2.2 Proposed System We proposed a completely new technique to secure user’s data in cloud using user behavior and decoy information technology called as Fog Computing. We use this technique to provide data security in the cloud. A different approach for securing data in the cloud using offensive decoy technology. We monitor data access in the cloud and detect abnormal data access patterns. In this technique when the unauthorized person try to access the data of the real user the system generates the fake documents in such a way that the unauthorized person was also not able to identify that the data is fake or real .It is identified thought a question which is entered by the real user at the time of filling the sign up form. If the answer of the question is wrong it means the user is not the real user and the system provide the fake document else original documents will be provided by the system to the real user.
  4. 4. 4 3. SYSTEM OVERVIEW 3.1 Cloud Architecture In Cloud architecture, the systems architecture(A system architecture or systems architecture is the conceptual model that defines the structure, behavior, and more views of a system. An architecture description is a formal description and representation of a system) of the software systems(The term software system is often used as a synonym of computer program or software.) involved in the delivery of cloud computing, typically involves multiple cloud components communicating with each other over application programming interfaces, usually web services. This resembles the Unix philosophy of having multiple programs each doing one thing well and working together over universal interfaces. Complexity is controlled and the resulting systems are more manageable than their monolithic counterparts. Fig 1 :Cloud Computing Sample Architecture
  5. 5. 5 3.2 Cloud computing Services: Cloud computing is a model for enabling convenient, on demand network access to a shared pool of configurable computing resources (for example, networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service-provider interaction. It is divide into three types. 1. Application as a service. 2. Infrastructure as a service. 3. Platform as a service. Fig 2: Cloud computing Services Cloud computing exhibits the following key characteristics: 1. Agility: improves with users' ability to re-provision technological infrastructure resources.
  6. 6. 6 2. Cost: Cost is claimed to be reduced and in a public cloud delivery model capital expenditure is converted to operational expenditure. This is purported to lower barriers to entry, as infrastructure is typically provided by a third-party and does not need to be purchased for one-time or infrequent intensive computing tasks. Pricing on a utility computing basis is fine-grained with usage-based options and fewer IT skills are required for implementation. The e-FISCAL project's state of the art repository contains several articles looking into cost aspects in more detail, most of them concluding that costs savings depend on the type of activities supported and the type of infrastructure available in-house. 3. Virtualization: Technology allows servers and storage devices to be shared and utilization be increased. Applications can be easily migrated from one physical server to another. 4. Multi tenancy: Enables sharing of resources and costs across a large pool of users thus allowing for. 5. Centralization: Centralization of infrastructure in locations with lower costs. (such as real estate, electricity, etc.) 6. Utilization and efficiency: Improvements for systems that are often only 10–20% utilized. 7. Reliability: Reliability is improved if multiple redundant sites are used, which makes well- designed cloud computing suitable for business continuity and disaster recovery.
  7. 7. 7 8. Performance: Performance is monitored and consistent and loosely coupled architectures are constructed using web services as the system interface. 9. Security: Could improve due to centralization of data, increased security-focused resources, etc., but concerns can persist about loss of control over certain sensitive data, and the lack of security for stored kernels. Security is often as good as or better than other traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford. However, the complexity of security is greatly increased when data is distributed over a wider area or greater number of devices and in multi-tenant systems that are being shared by unrelated users. In addition, user access to security audit logs may be difficult or impossible. Private cloud installations are in part motivated by users' desire to retain control over the infrastructure and avoid losing control of information security. 10. Maintenance: Maintenance of cloud computing applications is easier, because they do not need to be installed on each user's computer and can be accessed from different places. Fig 3: Represents The Benefit
  8. 8. 8 3.3 Security Issues in Service Model Cloud computing having three delivery models through which services are delivered to end users. These models are SaaS, IaaS and PaaS which provide software, Infrastructure and platform assets to the users. They have different level of security requirements. Fig 4 : Security Issues in Service Model Security issues in SaaS: Software as service is a model, where the software applications are hosted slightly by the service provider and available to users on request, over the internet. In SaaS, client data is available on the internet and may be visible to other users, it is the responsibility of provider to set proper security checks for data protection. This is the major security risk, which create a problem in secure data migration and storage. The following security measures should be counted in SaaS application improvement process such that Data Security, Data locality, Data integrity, Data separation, Data access, Data confidentiality, Data breaches, Network Security, Authentication and authorization, Web application security, Identity management process. The following are the basics issues through which malicious user get access and violate the data Aruna et al., International Journal of SQL Injection flaw, Cross-site request forgery, Insecure storage, Insecure configuration.
  9. 9. 9 Security issues in PaaS: PaaS is the layer above the IaaS. It deals with operating system, middleware, etc. It provides set of service through which a developer can complete a development process from testing to maintenance. It is complete platform where user can complete development task without any hesitation. In PaaS, the service provider give some command to customer over some application on platform. But still there can be the problem of security like intrusion etc, which must be assured that data may not be accessible between applications. Security issues in IaaS: IaaS introduce the traditional concept of development, spending a huge amount on data centers or managing hosting forum and hiring a staff for operation. Now the IaaS give an idea to use the infrastructure of any one provider, get services and pay only for resources they use. IaaS and other related services have enable set up and focus on business improvement without worrying about the organization infrastructure. The IaaS provides basic security firewall, load balancing, etc. In IaaS there is better control over the security, and there is no security gap in virtualization manager. The main security problem in IaaS is the trustworthiness of data that is stored within the provider’s hardware. 3.4 Cloud Computing Security Threats and solution Top seven security threats to cloud computing discovered by “Cloud Security Alliance” (CSA) are: i. Abuse and Nefarious Use of Cloud Computing: Abuse and nefarious use of cloud computing is the top threat identified by the CSA. A simple example of this is the use of botnets to spread spam and malware. Attackers can
  10. 10. 10 infiltrate a public cloud, for example, and find a way to upload malware to thousands of computers and use the power of the cloud infrastructure to attack other machines. Suggested remedies by the CSA to lessen this threat:  Stricter initial registration and validation processes.  Enhanced credit card fraud monitoring and coordination.  Comprehensive introspection of customer network traffic.  Monitoring public blacklists for one’s own network blocks. ii. Insecure Application Programming Interfaces: As software interfaces or APIs are what customers use to interact with cloud services, those must have extremely secure authentication, access control, encryption and activity monitoring mechanisms - especially when third parties start to build on them. Suggested remedies by CSA to lessen this threat:  Analyze the security model of cloud provider interfaces.  Ensure strong authentication and access controls are implemented in concert with encrypted transmission.  Understand the dependency chain associated with the API. iii. Malicious Insiders: The malicious insider threat is one that gains in importance as many providers still don't reveal how they hire people, how they grant them access to assets or how they monitor them. Transparency is, in this case, vital to a secure cloud offering, along with compliance reporting and breach notification. Suggested remedies by CSA to lessen this threat:  Enforce strict supply chain management and conduct a comprehensive supplier assessment.
  11. 11. 11  Specify human resource requirements as part of legal contracts.  Require transparency into overall information security and management practices, as well as compliance reporting.  Determine security breach notification processes. iv. Shared Technology Vulnerabilities: Sharing infrastructure is a way of life for IaaS providers. Unfortunately, the components on which this infrastructure is based were not designed for that. To ensure that customers don't thread on each other's "territory", monitoring and strong compartmentalization is required. Suggested remedies by CSA to lessen this threat:  Implement security best practices for installation/configuration.  Monitor environment for unauthorized changes/activity.  Promote strong authentication and access control for administrative access and operations.  Enforce service level agreements for patching and vulnerability remediation.  Conduct vulnerability scanning and configuration audits. v. Data Loss/Leakage: Be it by deletion without a backup, by loss of the encoding key or by unauthorized access, data is always in danger of being lost or stolen. This is one of the top concerns for businesses, because they not only stand to lose their reputation, but are also obligated by law to keep it safe. Aruna et al., International Journal of Advanced Research in Computer Science and Software Engineering 3(9), September - 2013, pp. 292-299 © 2013, IJARCSSE All Rights Reserved Page | 294 Suggested remedies by CSA to lessen this threat:  Implement strong API access control.  Encrypt and protect integrity of data in transit.
  12. 12. 12  Analyze data protection at both design and run time.  Implement strong key generation, storage and management, and destruction practices.  Contractually demand providers to wipe persistent media before it is released into the pool.  Contractually specify provider backup and retention strategies. vi. Account, Service & Traffic Hijacking: Account service and traffic hijacking is another issue that cloud users need to be aware of. These threats range from man-in the-middle attacks, to phishing and spam campaigns, to denial-of service attacks. Suggested remedies by CSA to lessen this threat:  Prohibit the sharing of account credentials between users and services.  Leverage strong two-factor authentication techniques where possible.  Employ proactive monitoring to detect unauthorized activity.  Understand cloud provider security policies and SLAs. vii. Unknown Risk Profile: Security should be always in the upper portion of the priority list. Code updates, security practices, vulnerability profiles, intrusion attempts – all things that should always be kept in mind ,Suggested remedies by CSA to lessen this threat:  Disclosure of applicable logs and data.  Partial/full disclosure of infrastructure details (e.g., patch levels, firewalls, etc).3  Monitoring and alerting on necessary information.
  13. 13. 13 4. SECURING CLOUDS USING FOG 4.1 Fog Computing: Below is the reference architecture of a Fog computing environment in an enterprise. You can see that the Fog network is close to the smart devices, data processing is happening closer to the devices and the processed information is passed to the cloud computing environment. Fig 5: Reference Architecture Just got comfortable with the concept of cloud computing Well, that is now in past. Cloud computing has now been overtaken by a new concept called fog computing which is certainly much better and bigger than the cloud. Fog computing is quite similar to cloud and just like cloud computing it also provides its users with data, storage, compute and application services. The thing that distinguishes fog from cloud is its support for mobility, its proximity to its end-users
  14. 14. 14 and its dense geographical distribution. Its services are hosted at the network edge or even on devices such as set-top-boxes or access points. By doing this, fog computing helps in reducing service latency and even improves QoS, which further result in a superior user experience. Fog computing even supports emerging Internet of Things (IoT) applications that require real time or predictable latency. A thing in Internet of Things is referred to as any natural or manmade object that can be assigned an Internet Protocol (IP) address and provided with an ability to transfer data over a network. Some of these can end up creating a lot of data. Cisco here provides us with an example of a jet engine, which is capable of creating 10 terabytes of data about its condition and performance that too in half-hour. Transmitting all this data to the cloud and then transmitting response data back ends up creating a huge demand on bandwidth. This process further requires a considerable amount of time to take place and can suffer from latency. In fog computing, much of the processing takes place in a router. This type of computing creates a virtual platform that provides networking, compute and storage services between traditional cloud computing data centers and end devices. These services are central to both fog and cloud computing. They are also important for supporting the emerging Internet deployments. Fog computing also has the capability of enabling a new breed of aggregated services and applications, such as the smart energy distribution. In smart energy distribution, all the energy load balancing apps will run on network edge devices that will automatically switch to alternative energies like wind and solar etc., based on availability, demand and lowest price. The usage of fog computing can accelerate the innovation process in ways that has never been seen before. This includes self-healing, self-organising and self- learning apps for industrial networks. products.
  15. 15. 15 Fig 6 : Without Fog Computing and With Fog Computing in Grid
  16. 16. 16 4.2 Real-Time Large Scale Distributed Fog Computing "Fog Computing" is a highly distributed broadly decentralized "cloud" that operates close to the operational level, where data is created and most often used. Fog computing at the ground-level is an excellent choice for applications that need computing near use that is fit for purpose, where there is high volume real-time and/or time-critical local data, where data has the greatest meaning within its context, where fast localized turn around of results is important, where sending an over abundance of raw data to an enterprise "cloud" is unnecessary, undesireable or bandwidth is expensive or limited. Example applications of fog computing within an industrial context are analytics, optimization and advanced control at a manufacturing work center, unit- operation, across and between unit-operations where sensors, controllers, historians, analytical engines all share data interactively in real-time. At the upper edges of the "fog" is local site-wide computing, such manufacturing plant systems that span work centers and unit operations, higher yet would be regional clouds and finally the cloud at the enterprise level. Fog computing is not independent of enterprise cloud computing, but connected to it sending cleansed summarized information and in return receiving enterprise information needed locally. Fog computing places data management, compute power, performance, reliability and recovery in the hands of the people who understand the needs; the operators, engineers and IT staff for a unit operation, an oil and gas platform, or other localized operation, so that it can be tailored for "fit-for-purpose" in a high speed real- time environment. Fog computing reduces bandwidth needs, as 80% of all data is needed within the local context, such as; pressures, temperatures, materials charges, flow rates. To send such real-time information into the enterprise cloud would be burdensome in bandwidth and centralized storage. Enterprise data base bloat would occur for information rarely
  17. 17. 17 used at that level. In this way a limited amount of summarized information can be transmitted up to the cloud and also down from the cloud to the local operation, such as customer product performance feedback to the source of those products. Fig 7 : Real-Time Large Scale Distributed Fog Computing We place computing where it is needed, and performant, suited for the purpose, sitting where it needs to be, at a work center, inside a control panel, at a desk, in a lab, in a rack in a data center, anywhere and everywhere, all sharing related data to understand and improve your performance. While located throughout your organization, a fog computing system operates as a single unified resource, a distributed low level cloud that integrates with centralized clouds to obtain market and customer feedback, desires and behavior’s that reflect product performance in the eyes of the customer.
  18. 18. 18 The characteristics of a fog computing system are:  A Highly Distributed Concurrent Computing (HDCC) System.  A peer-to-peer mesh of computational nodes in a virtual hierarchical structure that matches your organization  Communicates with smart sensors, controllers, historians, quality and materials control systems and others as peers  Runs on affordable, off the shelf computing technologies  Supports multiple operating platforms; Unix, Windows, Mac  Employs simple, fast and standardized IoT internet protocols (TCP/IP, Sockets, etc.)  Browser user experience, after all, it is the key aspect of an "Industrial Internet of Things"  Built on field-proven high performance distributed computing technologies. Capturing,historizing,validating,cleaning and filtering, integrating, analyzing, predicting, adapting and optimizing performance at lower levels across the enterprise in real-time requires High Performance Computing (HPC) power. This does not necessarily mean high expense, as commercial off the shelf standard PCs with the power of a typical laptop computer will suffice and the software running the system need not be expensive. To architect such a system, we draw upon the experiences, architectures, tools and successes of such computing giants as Google, Amazon, YouTube, Facebook , Twitter and others. They have created robust high performance computing architectures that span global data centers. They have provided development tools and languages such as Google's GO (golang) that are well suited for high speed concurrent distributed processing and robust networking and web services. Having a similar need, but more finely distributed, we can adopt similar high performance computing architectures to deliver and share results where they are needed in real-time.
  19. 19. 19 There are various ways to use cloud services to save or store files, documents and media in remote services that can be accessed whenever user connect to the Internet. The main problem in cloud is to maintain security for user’s data in way that guarantees only authenticated users and no one else gain access to that data. The issue of providing security to confidential information is core security problem, that it does not provide level of assurance most people desire. There are various methods to secure remote data in cloud using standard access control and encryption methods. It is good to say that all the standard approaches used for providing security have been demonstrated to fail from time to time for a variety of reasons, including faulty implementations, buggy code, insider attacks, misconfigured services, and the creative construction of effective and sophisticated attacks not envisioned by the implementers of security procedures. Building a secure and trustworthy cloud computing environment is not enough, because attacks on data continue to happen, and when they do, and information gets lost, there is no way to get it back. There is needs to get solutions to such accidents. The basic idea is that we can limit the damage of stolen data if we decrease the value of that stolen data to the attacker. We can achieve this through a preventive decoy (disinformation) attack. We can secure Cloud services by implementing given additional security features. The basic idea is that we can limit the damage of stolen data if we decrease the value of that stolen information to the attacker. We can achieve this through a ‘preventive’ disinformation attack. We posit that secure Cloud services can be implemented given two additional security features: 4.3 User Behavior Profiling It is expected that access to a user’s information in the Cloud will exhibit a normal means of access. User profiling is a well known technique that can be applied here to model how, when, and how much a user accesses their information in the Cloud. Such ‘normal user’ behavior can be continuously checked to determine whether abnormal access to a user’s information is occurring. This method of behavior-based security is commonly used in fraud detection applications. Such profiles would naturally include
  20. 20. 20 volumetric information, how many documents are typically read and how often. These simple userspecific features can serve to detect abnormal Cloud access based partially upon the scale and scope of data transferred. 4.4 : Decoy System Decoy data, such as decoy documents, honey pots and other bogus information can be generated on demand and used for detecting unauthorized access to information and to „poison‟ the thief’s ex-filtrated information. Serving decoys will confuse an attacker into believing they have ex-filtrated useful information, when they have not. This technology may be integrated with user behavior profiling technology to secure a user’s data in the Cloud. . Whenever abnormal and unauthorized access to a cloud service is noticed, decoy information may be returned by the Cloud and delivered in such a way that it appear completely normal and legitimate. The legitimate user, who is the owner of the information, would readily identify when decoy information is being returned by the Cloud, and hence could alter the Cloud’s responses through a variety of means, such as challenge questions, to inform the Cloud security system that it has incorrectly detected an unauthorized access. In the case where the access is correctly identified as an unauthorized access, the Cloud security system would deliver unbounded amounts of bogus information to the attacker, thus securing the user’s true data from can be implemented by given two additional security features: (1) validating whether data access is authorized when abnormal information access is detected, and (2) confusing the attacker with bogus information that is by providing decoy documents. We have applied above concepts to detect unauthorized data access to data stored on a local file system by masqueraders, i.e. attackers who view of legitimate users after stealing their credentials. Our experimental results in a local file system setting show that combining both techniques can yield better detection results .This results suggest that this approach may work in a Cloud environment, to make cloud system more transparent to the user as a local file system.
  21. 21. 21 Fig 8: Decoy system Anomaly Detection : The current logged in user access behavior is compared with the past behavior of the user.If the user behavior is exceeding the threshold value or a limit, then the remote user is suspected to be anomaly. If the current user behavior is as the past behavior, the user is allowed to operate on the original data. Challenge Request : If the current user‘s behavior seems anomalous, then the user is asked for randomly selected secret questions. If the user fails to provide correct answers for a certain limits or threshold, the user is provided with decoy files. If the user provided correct answers for a limit, the user is treated as normal user. Sub subsection .
  22. 22. 22 Algorithm Details : AES ( Advanced Encryption Standards) The Advanced Encryption Standard (AES) is a symmetric-key encryption standard approved by NSA for top secret information and is adopted by the U.S. government. AES is based on a design principle known as a substitution permutation network. The standard comprises three block ciphers: AES-128, AES-192 and AES-256. Each of these ciphers has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The AES ciphers have been analyzed extensively and are now used worldwide; AES was selected due to the level of security it offers and its well documented implementation and optimization techniques. Furthermore, AES is very efficient in terms of both time and memory requirements. The block ciphers have high computation intensity and independent workloads (apply the same steps to different blocks of plain text). Explanations: AES is based on a design principle known as a Substitution permutation network. It is fast in both software and hardware. Unlike its predecessor, DES, AES does not use a Feistelnetwork.AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits, whereas Rijndael can be specified with block and key sizes in any multiple of 32 bits, with a minimum of 128 bits. The block size has a maximum of 256 bits, but the key size has no theoretical maximum.AES operates on a 4×4 column-major order matrix of bytes, termed the state (versions of Rijndael with a larger block size have additional columns in the state). Most AES calculations are done in a special field. The AES cipher is specified as a number of repetitions of transformation rounds that convert the input plaintext into the final output of cipher text. Each round consists of several processing
  23. 23. 23 steps, including one that depends on the encryption key. A set of reverse rounds are applied to transform cipher text back into the original plaintext using the same encryption key. High-level description of the algorithm 1. Key Expansion: Round keys are derived from the cipher key using Rijndael's key schedule. 2. Initial Round AddRoundKey: Each byte of the state is combined with the round key using bitwise xor. 3. Rounds 1. SubBytes—a non-linear substitution step were each byte is replaced with another according to alookup table. 2. ShiftRows—a transposition step where each row of the state is shifted cyclically a certain number of steps. 3. MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in each column. 4. AddRoundKey Final Round (no MixColumns) 5. SubBytes 6. ShiftRows 7. AddRoundKey
  24. 24. 24 5. APPLICATIONS OF FOG COMPUTING We elaborate on the role of Fog computing in the following six motivating scenarios. The advantages of Fog computing satisfy the requirements of applications in these scenarios. Fog computing in Smart Grid: Energy load balancing applications may run on network edge devices, such as smart meters and micro-grids . Based on energy demand, availability and the lowest price, these devices automatically switch to alternative energies like solar and wind. Fog computing in smart traffic lights and connected vehicles: Video camera that senses an ambulance flashing lights can automatically change street lights to open lanes for the vehicle to pass through traffic. Smart street lights interact locally with sensors and detect presence of pedestrian and bikers, and measure the distance and speed of approaching vehicles. Wireless Sensor and Actuator Networks: Traditional wireless sensor networks fall short in applications that go beyond sensing and tracking, but require actuators to exert physical actions like opening, closing or even carrying sensors. In this scenario, actuators serving as Fog devices can control the measurement process itself, the stability and the oscillatory behaviours by creating a closed-loop system. For example, in the scenario of self-maintaining trains, sensor monitoring on a train’s ball-bearing can detect heat levels, allowing applications to send an automatic alert to the train operator to stop the train at next station for emergency maintenance and avoid potential derailment. In lifesaving air vents scenario, sensors on vents monitor air conditions flowing in and out of mines and automatically change air- flow if conditions become dangerous to miners.
  25. 25. 25 Decentralized Smart Building Control: The applications of this scenario are facilitated by wireless sensors deployed to measure temperature, humidity, or levels of various gases in the building atmosphere. In this case, information can be exchanged among all sensors in a floor, and their readings can be combined to form reliable measurements.The system components may then work together to lower the temperature, inject fresh air or open windows. Air conditioners can remove moisture from the air or increase the humidity. Sensors can also trace and react to movements (e.g, by turning light on or off). Fog devices could be assigned at each floor and could collaborate on higher level of actuation. With Fog computing applied in this scenario, smart buildings can maintain their fabric, external and internal environments to conserve energy, water and other resources. IoT and Cyber-physical systems (CPSs): Fog computing based systems are becoming an important class of IoT and CPSs. Based on the traditional information carriers including Internet and telecommunication network, IoT is a network that can interconnect ordinary physical objects with identified addresses. CPSs feature a tight combination of the system’s computational and physical elements. CPSs also coordinate the integration of computer and information centric physical and engineered systems. IoT and CPSs promise to transform our world with new relationships between computer-based control and communication systems, engineered systems and physical reality. Fog computing in this scenario is built on the concepts of embedded systems in which software programs and computers are embedded in devices for reasons other than computation alone. Examples of the devices include toys, cars, medical devices and machinery. The goal is to integrate the abstractions and precision of software and networking with the dynamics, uncertainty and noise in the physical environment. Using the emerging knowledge, principles and methods of CPSs, we will be able to develop new generations of intelligent medical devices and systems, ‘smart’ highways, buildings, factories, agricultural and robotic systems.
  26. 26. 26 Software Defined Networks (SDN): SDN is an emergent computing and networking paradigm, and became one of the most popular topics in IT industry. It separates control and data communication layers. Control is done at a central. ized server, and nodes follow communication path decided by the server. The centralized server may need distributed implementation. SDN concept was studied in WLAN, wireless sensor and mesh networks, but they do not involve multihop wireless communication, multi-hop routing. Moreover, there is no communication between peers in this scenario. SDN concept together with Fog computing will resolve the main issues in vehicular networks, intermittent connectivity, collisions and high packet loss rate, by augmenting vehicleto-vehicle with vehicle-to-infrastructure communications and centralized control. SDN concept for vehicular networks is first proposed in.
  27. 27. 27 6. SECURITY AND PRIVACY IN FOG COMPUTING Security and privacy issues were not studied in the context of fog computing. They were studied in the context of smart grids and machine-to-machine communications .There are security solutions for Cloud computing. However, they may not suit for Fog computing because Fog devices work at the edge of networks. The working surroundings of Fog devices will face with many threats which do not exist in well managed Cloud. In this section, we discuss the security and privacy issues in Fog Computing. Security Issues The main security issues are authentication at different levels of gateways as well as (in case of smart grids) at the smart meters installed in the consumer’s home. Each smart meter and smart appliance has an IP address. A malicious user can either tamper with its own smart meter, report false readings, or spoof IP addresses. There are some solutions for the authentication problem. The work elaborated public key infrastructure (PKI) based solutions which involve multicast authentication. Some authentication techniques using Diffie-Hellman key exchange have been discussed in . Smart meters encrypt the data and send to the Fog device, such as a home-area network (HAN) gateway. HAN then decrypts the data, aggregates the results and then passes them forward. Intrusion detection techniques can also be applied in Fog computing [28]. Intrusion in smart grids can be detected using either a signature-based method in which the patterns of behaviour are observed and checked against an already existing database of possible misbehaviours. Intrusion can also be captured by using an anomaly-based method in which an observed behaviour is compared with expected behaviour to check if there is a deviation. The work develops an algorithm that monitors power flow results and detects anomalies in the input values that could have been modified by attacks. The algorithm detects intrusion by using principal component analysis to separate power flow variability into regular and irregular subspaces.
  28. 28. 28 7. Combining User Behavior Profiling and Decoy Technology We posit that the combination of these two security features will provide unprecedented levels of security for the Cloud. No current Cloud security mechanism is available that provides this level of security. We have applied these concepts to detect illegitimate data access to data stored on a local file system by masqueraders, i.e. attackers who impersonate legitimate users after stealing their credentials. One may consider illegitimate access to Cloud data by a rogue insider as the malicious act of a masquerader. Our experimental results in a local file system setting show that combining both techniques can yield better detection results, and our results suggest that this approach may work in a Cloud environment, as the Cloud is intended to be as transparent to the user as a local file system. In the following we review briefly some of the experimental results achieved by using this approach to detect masquerade activity in a local file setting. A. Combining User Behavior Profiling and Decoy Technology for Masquerade Detection. 7.1 User Behavior Profiling Legitimate users of a computer system are familiar with the files on that system and where they are located. Any search for specific files is likely to be targeted and limited. A masquerader, however, who gets access to the victim’s system illegitimately, is unlikely to be familiar with the structure and contents of the file system. Their search is likely to be widespread and untargeted. Based on this key assumption, we profiled user search behavior and developed user models trained with a oneclass modeling technique, namely one-class support vector machines. The importance of using one-class modeling stems from the ability of building a classifier without having to share data from different users. The privacy of the user and their data is therefore preserved. We monitor for abnormal search behaviors that exhibit deviations from the user baseline. According to our assumption, such deviations
  29. 29. 29 signal a potential masquerade attack. Our previous experiments validated our assumption and demonstrated that we could reliably detect all simulated masquerade attacks using this approach with a very low false positive rate of 1.12% . 7.2 Decoy Technology We placed traps within the file system. The traps are decoy files downloaded from a Fog computing site, an automated service that offers several types of decoy documents such as tax return forms, medical records, credit card statements, e-bay receipts, etc. [10]. The decoy files are downloaded by the legitimate user and placed in highly-conspicuous locations that are not likely to cause any interference with the normal user activities on the system. A masquerader, who is not familiar with the file system and its contents, is likely to access these decoy files, if he or she is in search for sensitive information, such as the bait information 126embedded in these decoy files. Therefore, monitoring access to the decoy files should signal masquerade activity on the system. The decoy documents carry a keyed-Hash Message Authentication Code (HMAC), which is hidden in the header section of the document. The HMAC is computed over the file’s contents using a key unique to each user. When a decoy document is loaded into memory, we verify whether the document is a decoy document by computing a HMAC based on all the contents of that document. We compare it with HMAC embedded within the document. If the two HMACs match, the document is deemed a decoy and an alert is issued. 7.3 Combining the Two Techniques The correlation of search behavior anomaly detection with trap-based decoy files should provide stronger evidence of malfeasance, and therefore improve a detector’s accuracy. We hypothesize that detecting abnormal search operations performed prior to an unsuspecting user opening a decoy file will corroborate the suspicion that the user is indeed impersonating another victim user. This scenario covers the threat model of illegitimate access to Cloud data. Furthermore, an
  30. 30. 30 accidental opening of a decoy file by a legitimate user might be recognized as an accident if the search behavior is not deemed abnormal. In other words, detecting abnormal search and decoy traps together may make a very effective masquerade detection system. Combining the two techniques improves detection accuracy. We use decoys as an oracle for validating the alerts issued by the sensor monitoring the user’s file search and access behavior. In our experiments, we did not generate the decoys on demand at the time of detection when the alert was issued. Instead, we made sure that the decoys were conspicuous enough for the attacker to access them if they were indeed trying to steal information by placing them in highly conspicuous directories and by giving them enticing names. With this approach, we were able to improve the accuracy of our detector. Crafting the decoys on demand improves the accuracy of the detector even further. Combining the two techniques, and having the decoy documents act as an oracle for our detector when abnormal user behavior is detected may lower the overall false positive rate of detector. We trained eighteen classifiers with computer usage data from 18 computer science students collected over a period of 4 days on average. The classifiers were trained using the search behavior anomaly detection described in a prior paper. We also trained another 18 classifiers using a detection approach that combines user behavior profiling with monitoring access to decoy files placed in the local file system, as described above. We tested these classifiers using simulated masquerader data. Figure 1 displays the AUC scores achieved by both detection approaches by user model1. The results show that the models using the combined detection approach achieve equal or better results than the search profiling approach alone.
  31. 31. 31 8. FOG COMPUTING ARCHITECTURE Fog Computing system is trying to work against the attacker specially malicious insider. Here malicious insider means Insider attacks can be performed by malicious employees at the providers or users site. Malicious insider can access the confidential data of cloud users. A malicious insider can easily obtain passwords, cryptographic keys and files. The threat of malicious attacks has increased due to lack of transparency in cloud providers processes and procedures .It means that a provider may not know how employees are granted access and how this access is monitored or how reports as well as policy compliances are analyzed. Fig 9: Fog Computing Architecture
  32. 32. 32 Above fig. states the actual working of the fog computing. In two ways login is done in system that are admin login and user login .When admin login to the system there are again two steps to follow: step1:Enter username step2:Enter the password . After successful login of admin he can perform all admin related tasks, but while downloading any file from fog he have to answer the security Question if he answer it correctly then only original file can be download. In other case, when admin or user answer incorrectly to the security question then decoy document (fake document) is provided to the fake user. Decoy technology work in the given manner if you have any word ,suppose “MADAM” in the document then some alphabets are replaced as M->A then the given word become “AADAA” which have no meaning. In some Case, if attacker getting to know that, M is replaced by A in the given document and by applying reverse engineering he get result as “MMDMM”. In any case he can’t judge content of document.When user login to the system he also have to follow the same procedure as admin. Operations like upload files/documents, download files/documents, view alerts, send message, read message, broadcast any message all these can be perform by the user. ALERT this stream provide the detail knowledge of attack done on their personal file/document with details like date, time, no of times the attacker trying to hack that file/document .Best thing of fog Computing is after each successful login the user get SMS on the mobile that „login successful‟. from this the user get alert when other else trying to gain access to his/her personal fog account and when attacker trying to download some files/documents then user also get SMS that contain attacker ip- address, attacker’s server name, date, time details on his/her mobile so that become easy to catch attacker by tracing all these things. In this way fog computing is more secure than the traditional cloud computing.
  33. 33. 33 9. ADVANTAGES AND DISADVANTAGES ADVANTAGES The advantages of placing decoys in a file system are threefold:  The detection of masquerade activity.  The confusion of the attacker and the additional costs incurred to distinguish real from bogus information.  The deterrence effect which, although hard to measure, plays a significant role in preventing masquerade activity by risk-averse attackers. DISADVANTAGES  Nobody is identified when the attack is happen.  It is complex to detect which user is attack.  We cannot detect which file was hacking.
  34. 34. 34 10. CONCLUSION With the increase of data theft attacks the security of user data security is becoming a serious issue for cloud service providers for which Fog Computing is a paradigm which helps in monitoring the behavior of the user and providing security to the user’s data. The system was developed only with email provision but we have also implemented the SMS technique. In Fog Computing we presenting a new approach for solving the problem of insider data theft attacks in a cloud using dynamically generated decoy files and also saving storage required for maintaining decoy files in the cloud. So by using decoy technique in Fog can minimize insider attacks in cloud. Could provide unprecedented levels of security in the Cloud and in social networks.
  35. 35. 35 11. SCOPE FUTURE ENHANCEMENTS In our future work, this security system as we have explained is applicable only for single cloud ownership system. If the cloud owner has a more than one clouds to operate then our security system will not be applicable for providing security, therefore in the future enhancement we can enhance our existing application to manage a cloud environment which has more than one cloud architecture. Cloud computing is the future for organizations.The considerable benefits that provide will make eventually all the organizations totally move their processes and data to the Cloud. A lot of effort will be put in return to provision the appropriate security to make business on cloud environments. Although virtualization is already established, virtualization in the Cloud is still an immature area. The focus of future works should aim to harden the security of virtualization in multi-tenant environments. Possible lines of research are the development of reliable and efficient virtual network securities to monitor the communications between virtual machines in the same physical host. To achieve secure virtualized environments, isolation between the different tenants is needed. Future researches should aim to provide new architectures and techniques to harden the different resources shared between tenants. The hypervisor is the most critical component of virtualized environments. If compromised, the host and guest OSs could potentially be compromised too. Hypervisor architectures that aim to minimize the code and, at the same time, maintain the functionalities, provide an interesting future research to secure virtualized environments and the Cloud, especially to prevent against future hypervisor root kits.
  36. 36. 36 12. REFERENCES  Cloud Security Alliance, “Top Threat to Cloud Computing V1.0,” March 2010. [Online].Available: https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf  Prevention Of Malicious Insider In The Cloud Using Decoy Documents by S. Muqtyar Ahmed, P. Namratha, C. Nagesh  Cloud Security: Attacks and Current Defenses Gehana Booth, Andrew Soknacki, and Anil Somayaji.  Overview of Attacks on Cloud Computing by Ajey Singh, Dr. Maneesh Shrivastava.  D.Jamil and H. Zaki, “Security Issues in Cloud Computing and Countermeasures,” International Journal of Engineering Science and Technology, Vol. 3 No. 4, pp. 2672-2676, April 2011.  K. Zunnurhain and S. Vrbsky, “Security Attacks and Solutions in Clouds,” 2nd IEEE InternationalConference on Cloud Computing Technology and Science, Indianapolis, December 2010.  W. A. Jansen, “Cloud Hooks: Security and Privacy Issues in Cloud Computing,” 44th Hawaii International Conference on System Sciences, pp. 1–10, Koloa, Hawaii, January 2011.  F. Bonomi, “Connected vehicles, the internet of things, and fog computing,”in The Eighth ACM International Workshop on Vehicular Inter-Networking (VANET), Las Vegas, USA, 2011.  http ://cnc.ucr.edu/security/glossary.  http://technet.microsoft.com/enus/library/cc959354.aspx  Cisco Cloud Computing -Data Center Strategy, Architecture,and Solutions http://www.cisco.com/web/strategy/docs/gov/CiscoCloudComputing_WP.pdf.  Fog Computing: Mitigating Insider Data Theft Attacks in The Cloud.[Online].Available:http://ids.cs.columbia.edu/sites/default/files/Fog_Comut ing_Position_Paper_WRIT_2012.pdf  M. Van Dijk and A. Juels, “On the impossibility of cryptography alone for privacy-preserving cloud computing,” in Proceedings of the 5th USENIX
  37. 37. 37 conference on Hot topics in security, ser. HotSec’10. ”Berkeley, CA, USA”: ”USENIX Association”, 2010, pp. 1–8.  J. A. Iglesias, P. Angelov, A. Ledezma, and A. Sanchis, “Creating evolving user behavior profiles automatically,” IEEE Trans. on Knowl. and Data Eng., vol. 24, no. 5, pp. 854–867, May 2012.  F. Rocha and M. Correia, “Lucy in the sky without diamonds: Stealing confidential data in the cloud,” in Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops, ser. DSNW ’11. Washington, DC, USA: IEEE Computer Society, 2011, pp. 129–134.  M. B. Salem and S. J. Stolfo, “Modeling user search behavior for masquerade detection,” in Proceedings of the 14th international conference on Recent Advances in Intrusion Detection, ser. RAID’11. Berlin, Heidelberg: SpringerVerlag, 2011, pp. 181–200.  S. et al, “Decoy document deployment for effective masquerade attack detection,” in Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment, ser. DIMVA’11. Berlin, Heidelberg: Springer-Verlag, 2011