MCDB:

USING MULTI CLOUDS TO

ENSURE SECURITY
IN

ATHULYA RAJ
S7 CSE
NO:16
OVERVIEW
INTRODUCTION
SINGLE CLOUD MODEL
SOME SECURITY RISKS
WHY MOVING TO MULTI
CLOUD
SECRET SHARING
MULTI CLOUD DATABASE
MODEL
THE MCDB DATA FLOW
WHAT MAKES MCDB
DIFFERENT
EVALUATION
CONCLUTION
REFERENCES
 A Style of
Computing where
massively scalable
IT enabled
capabilities are
delivered as a
service to
external customers
using internet
technologies
Basic Cloud
Characteristic

no-need-to-know
flexibility and elasticity
pay as much as used and needed
always on!, anywhere and any
place
 Types of Clouds
Public Cloud
Community Cloud
Available to
Shared by
the general
several
public or large
organisations and
industry group
supports a
and is owned
specific
by an
community that
organisation
has shared
selling cloud
concerns
services
CLOUD Hybrid Cloud
Combination of
Private Cloud
two of the
Operated
above, they
solely for an
remain unique
organisation or
entities but are
company
bound together
by standardised
technologies
3 Approaches to Cloud
Computing
access to software and
its functions remotely
through internet
browsers.

computing platform is
being delivered as a
service, eg. purchase and
manage hardware
remotely.

defined as computer
infrastructure, such as
virtualization, being
delivered as a service.
Benefits of Using Cloud
High
productivi
ty

Less
Pay as
deployme
you do
nt Time

shared
resources
clou Increased
Moblity
d

Environm
Easy to
ently
manage
Friendly

High
Availabilit
y
SINGLE CLOUD MODEL
SOME SECURITY RISKS

Data integrity

Data security

Service Availability
WHY MOVING TO MULTI
CLOUD??
Avoids the dependency on
single cloud
The main purpose of
moving to inter cloud is to
improve what was offered
in single cloud by
distributing the
reliability,trust and
security among multiple
cloud providers
 What is "Secret
Sharing"?

In cryptography, a secret sharing scheme is a method for

distributing a secret amongst a group of participants,
each of which is allocated a share of the secret. The
secret can only be reconstructed when the shares are
combined together; individual shares are of no use on
their own.

in a secret sharing scheme there is one dealer and n

players. The dealer gives a secret to the players.

The dealer accomplishes this by giving each player a

share in such a way that any group of t (for threshold) or
more players can together reconstruct the secret but no
group of less than t players can. Such a system is called a
(t,n)-threshold scheme.
Shamir's Secret Sharing

Suppose we want to use (k,n)

threshold scheme to share our secret
S where k < n.
Choose at random (k-1) coefficients
a1,a2,a3ak-1 , and let k 1
2 S be the a0
f ( x) a a x a x ..... a
0 1 2 k 1

Construct n points (i,f(i)) where

i=1,2..n
Given any subset of k of these pairs,
we can find the coefficients of the
polynomial by interpolation, and
then evaluate a0=S , which is the
secret
Example

Let S=1234
n=6 and k=3 obtain random integers
a1=166 and a2=94
f ( x) 1234 166 x 94 x 2
Secret share points
(1,1494),(2,1942)(3,2598)(4,3402)(5,4414)
(6,5614)

We give each participant a

different single point (both x
and f(x) ).
 Reconstruction

In order to reconstruct the

secret any 3 points will be
enough
Let us consider
( x0 , y0 ) (2,1924), ( x1 , y1 ) (4,3402), ( x2 , y2 ) (5,4414)
U sin gLagrangepolynomials
l0 x x1 / x0 x1 * x x2 / x0 x2 x 4 / 2 4 * x 5 / 2 5 1 / 6 x 2 11 / 2 x 31 / 3
l1 x x0 / x1 x0 * x x2 / x1 x2 x 2 / 4 2 * x 5 / 4 5 1 / 2 x 2 31 / 2 x 5
l2 x x0 / x2 x0 * x x1 / x2 x1 x 2 / 5 2 * x 4 / 5 4 1 / 3 x 2 2 x 22 / 3

2
f ( x) y j l j ( x) 1942(1 / 6 x 2 11 / 2 x 31 / 3) 3402(1 / 2 x 2 31 / 2 x 5) 4414(1 / 3 x 2 2 x 22 / 3)
j 0

f ( x) 1234 166 x 94 x 2
MULTI CLOUD
DATABASE MODEL
CSP is responsible for
storing the data in its cloud
storage that is divided into
n shares and then returning
the relevant shares to the
DBMS that consists of the
user's is
DBMS query result for
responsible
rewriting the user's query (one
for each CSP), generating
polynomial values handling the
user's query to each CSP and
then receiving
The Servlet the result from
Engine
CSP.
communicates with the
data source through the
JDBC protocol.
HTTP server is responsible for
managing the communication
between the application and
the browser..
MULTI CLOUD DATABASE
MODEL
THE MCDB LAYERS
THE MCDB MODEL DATA FLOW

Sending Data Procedure

User sends a request through user

interface and web browser through
an HTTP request
User query will be sent to servlet
engine
Servlet engine and DBMS
communicates through JDBC protocol
DBMS manage the query and send to
CSP
Result is send to DBMS and it returns
the result to servlet
Servlet returns the result to HTTP
server and it returns to user
Procedure between DBMS and CSP

DBMS divides the data into n shares and

stores it into CSP
DBMS Generates a random polynomial
function in the same degree for each value of
the valuable attribute that the client wants
to hide from the untrusted cloud provider
When users query arrives at DBMS it rewrites
the polynomial for each CSP
Relevant shares are retrieved from CSP
WHAT MAKES MCDB
DIFFERENT??

Data Integrity

The stored data may suffer from any

damage occur during transition from or to
cloud storage provider
Data will be distributed in 3 different
providers in MCDB model
If the malicious insider wants to know the
hidden information they should have at
least three values from different cloud
Data Intrusion

a. If anyone gains access to the account in

single cloud ,then they will be able to
access all of the accounts instances and
resources
b. MCDB replicates the data among three
different clouds
c. Hackers need to retrieve all information
from 3 different service providers to be
able to reconstruct the real data
d. Replicating data into multi cloud reduces
the risk of data intrusion
Service Availability

The users web service may terminate for

any reason at any time if any users files
break the cloud storage policy
There will be no compensation for the
service failure
MCDB distributes the data into different
clouds ,so data loss risk will be reduced
If one cloud provider fails the users can
still access there data live in other service
provider
 EVALUATION

Data storing
procedure

Data storing involves

data distribution from
data source to different
cloud providers
Multi cloud may suffer
from time and cost
The time cost increases
with increasing no of
shares
Increased no of shares
increases the scurity
 Data retrieval time

The data retrieval

process in MCDB starts
from rewriting the
users query in the
DBMS and then sends
these queries,one for
each CSP,after
constructing the
polynomial and order
of secret value
The relevent tuple will
be returned to the
DBMS to compute the
polynomial function
Data retrieval time for
exact match query is
less than aggregate
query
CONCLUSION
Customers do not want to lose their
private information as a result of
malicious insiders in the cloud.
the loss of service availability has
caused many problems for a large
number of customers recently.
Furthermore, data intrusion leads to
many problems for the users of cloud
computing.
The purpose of this work is to propose
a new model called MCDB which use
Shamirs secret sharing algorithm with
multi-clouds providers instead of
single cloud.
The main aim of this model reduce the
security risks occurs in cloud
computing and addresses the issues
that related to data integrity, data
 REFERENCES

[1] H. Abu-Libdeh, L.
Princehouse and H.
Weatherspoon, RACS: a case for
cloud storage diversity, ACM,
2010, pp. 229-240.

[2] D. Agrawal, A. El Abbadi, F.

Emekci and A. Metwally,
Database Management as a
Service: Challenges and
Opportunities, Data Engineering,
2009. ICDE '09. IEEE 25th
International Conference on,
2009, pp. 1709-1716.

[3] S. Akioka and Y. Muraoka,

HPC benchmarks on Amazon EC2,
IEEE, 2010, pp. 1029-1034.
QUESTIONS..??