Professional Documents
Culture Documents
Adnan-2019-Big Data Security in The Web-Based PDF
Adnan-2019-Big Data Security in The Web-Based PDF
Adnan-2019-Big Data Security in The Web-Based PDF
1 Introduction
Big Data, in general is defined as a group of huge size of data sets with different types
and due to its size, the data processing becomes hard when using traditional data
processing algorithms and platforms. Lately, the number of data provisions such as
social networks, sensor networks, high throughput instruments, satellite and streaming
machines has increased, and these environments produce huge size of data [11].
Nowadays, a big data as mentioned in [13], becomes the critical enterprises and
governmental institutions application. Hence, there is an accelerating need for the
challenges development of secure big data infrastructure that will support cloud storage
and processing of big data in cloud computing environment.
Cloud storage is a service model in which data is maintained, managed and backed
up remotely and made available to users over a network. Cloud computing is an
innovation that uses the web and central remote servers to keep up information [10]. It
enables consumers and businesses to utilize applications without establishment and
access their own documents. This innovation permits for significantly more productive
processing by concentrating stockpiling, memory, handling and transfer speed. The
cloud computing model National Institute Standards and Technology (NIST) defined
has three service models, which are Service (SaaS), Cloud Platform as a Service (PaaS)
and Cloud Infrastructure as a Service (IaaS) [5].
While cost and convenience are two advantages of cloud computing, there are
critical security worries that should be tended to while moving basic applications and
delicate information to open and cloud storage [4]. Security concerns relate to risk
areas, for example, outside information capacity, reliance on people in general web,
absence of control, multi-occupancy and incorporation with inner security. Further-
more, privacy of data is also a main concern as client’s own information might be
scattered in different virtual data center instead of remain in the same physical area,
indeed, even over the national fringes. Besides that, there are many distinct kinds of
assaults and threats carried out to cloud systems. A number of them are viable simply
due to the fact there is a cloud solution. Others are taken into consideration variations
of commonplace attacks, with the distinction that they may be applied to the compu-
tational assets to be had to cloud solutions and cloud users. Man-in-the-cloud (MITC)
is one of the common attacks currently occurring on cloud services [8]. MITC does not
require any specific malicious code or exploit to be used within the preliminary con-
tamination degree, thus making it very difficult to avoid.
Current cloud storage service providers such as Google Drive and Dropbox utilizes
AES-256 encryption algorithm. Additionally, AES-256 is susceptible against brute
force assault. Although, it is still considered a secure algorithm to use currently, a brief
look through history shows that each algorithm gets broken eventually which is why it
is imperative to constantly make new cryptographic algorithms to mitigate this ongoing
issue.
Cryptography is the science or study of techniques of secret writing and message
hiding [7]. While encryption is one specific element of cryptography in which one
hides data or information by transforming it into an undecipherable code. Present day
encryption calculations assume an essential part in the security affirmation of IT
frameworks and correspondences as they can give secrecy, as well as the accompa-
nying key elements of security which are authentication and integrity. The most
broadly utilized symmetric-key cipher is AES, which was made to ensure government
classified data. AES is an encryption standard adopted by the U.S. government and has
been approved by the National Security Agency (NSA) for encryption of “top secret”
information.
Big Data Security in the Web-Based Cloud Storage System 311
The 3D-AES block cipher is based on the AES block cipher which is a key-
alternating block cipher, composed of rotation key function, minimum 3 iterations of
round function and key mixing operations [9]. The technique for 3D-AES is utilized to
generate symmetric keys by randomizing first key arrays three times which creates a
superior key in every randomization. Accordingly, the last key will be more grounded
than standard AES keys. This procedure is equipped for giving an abnormal state of
instructive security of message secrecy, and originality traded between two parties and
in addition decreasing the length of words.
Despite the fact that cloud computing provider vendors touted the security and
reliability in their offerings, actual deployment of cloud computing offerings is not as
secure and reliable as they declare. In 2009, the foremost cloud computing companies
successively regarded several accidents. Amazon’s simple storage service was inter-
rupted twice in February and July 2009. In March 2009, safety vulnerabilities in
Google medical doctors even caused serious leakage of user personal records. Google
Gmail additionally regarded a worldwide failure as much as 4 h. As administrators’
misuse main to lack of 45% user information, cloud storage vendor LinkUp had been
pressured to close [5].
This paper analyzes existing challenges and issues involved in the cloud storage
security concerns. These highlighted issues are grouped into architecture-related issues,
attack vulnerabilities and cryptographic algorithm structures. The objective of this
paper is to identify weak points in the cloud storage model. This paper presents a
detailed and structured analysis for each vulnerability to highlight their root causes.
Evaluation of the analysis will help cloud providers and security vendors to have a
better understanding of the existing problems.
Cloud storage is gaining popularity lately. In employer settings, it is seen that the
upward push in demand for statistics outsourcing, which assists within the strategic
control of company statistics. It is also used as a middle technology in the back of many
online services for personal programs. These days, it is easy to apply without spending
a dime accounts for e mail, photograph album, report sharing and/or faraway get entry
to, with storage size extra than 25 GB together with the cutting-edge wireless tech-
nology, customers can get right of entry to almost all of their documents and emails by
using a mobile phone in any corner of the sector [6]. Figure 1 shows the standard
architecture of cloud data storage service [12].
Data sharing is a crucial functionality in cloud storage. As an instance, bloggers can
allow their friends view a subset of their non-public pictures. An employer can also
grant her personnel get right of entry to a part of touchy records. The difficult problem
is the way to effectively share encrypted statistics. Of route users can download the
encrypted information from the garage, decrypt them, then send them to others for
sharing, but it loses the value of cloud storage. Users must be able to delegate the get
entry to rights of the sharing records to others in an effort to get right of entry to this
information from the server without delay. However, locating an efficient and
312 N. A. N. Adnan and S. Ariffin
comfortable manner to proportion partial records in cloud storage is not always trivial.
Figure 2 shows the challenges and issues related to cloud on-demand model [14].
As shown in Fig. 2, security is the top one concern. It is mentioned by the users of
Cloud Computing whose worry about their businesses’ information and critical IT
resources in the Cloud Computing system which are vulnerable to be attacked. The
second most concern issues are on performance and availability. The least concern of
cloud computing users is there are not enough major suppliers yet [14].
The results from several research papers states that encryption of sensitive data
information is crucial in protecting data integrity angst confidentiality. The most
commonly used cryptography in cloud computing systems is AES algorithm because of
the benefits it provides outweighs its overall weaknesses. Hence, an improvement to an
already very stable algorithm such as 3D-AES provides a better security structure
towards data protection. Table 1 below shows a brief summary of the comparison
between AES and 3D-AES in terms of complexity, security, and performance from the
results collected from different research papers. Since 3D-AES is an enhancement to
AES, it is considerably more complex than AES as it involves more methods to
Big Data Security in the Web-Based Cloud Storage System 313
AES block cipher involves two main inputs, which are the plaintext to cipher
considered as the state and also the cipher key. The state goes through four transfor-
mation processes which are subsequently known as SubBytes, ShiftRows, MixCol-
umns and AddRoundKey. The SubBytes method utilizes the S-Box or substitution-box
to substitute a byte from the state with the corresponding value in the S-Box. The
ShiftRows process shifts or switch the array position of each bytes of the state. In
MixColumns, the four numbers of one column are modulo multiplied in Rjindael’s
Galois Field by a given matrix. Lastly, the AddRoundKey function performs an XOR
operation with the round key itself. These four main transformation steps are per-
forming in repeated 10 rounds until completion. The MixColumns step along with the
ShiftRows step is the primary source of diffusion in AES block cipher.
AES block cipher also has its own limitations and weaknesses. For example, the
simplistic nature of the methods surrounding its architecture which involves only 4
basic operations can be both considered an advantage and a disadvantage. Additionally,
every block is always encrypted in the same manner which means that the cipher can
somewhat be easily implemented but also, be easily de-constructed or reverse engi-
neered. Furthermore, through the years, it is widely known that old encryption methods
will be cracked in due time which is why it is always important to figure out new cipher
methods or improve upon already existing ones.
3D-AES block cipher is primarily based on the AES block cipher [2]. 3D-AES is a key-
alternating block cipher which is composed of rotation key function that has minimum
of three iterations of round functions, each with a key mixing operation. The three
round functions in 3D-AES are nonlinear substitution function, permutation function
and transposition function. Figure 3 shows the encryption and decryption process
diagram of the 3D-AES block cipher in the form of 4 16 bytes [1].
314 N. A. N. Adnan and S. Ariffin
3D-AES inherits the same basic operations of AES block cipher which are Sub-
Bytes, ShiftRows, MixColumns and AddRoundKey. The only difference being that the
state is represented in a 3D cube of 4 4 4 bytes. Each slide of the Cube module
implements a permutation process of rotating the x-axis, y-axis and z-axis, which is
similar to the AddRoundKey operation in AES where the XOR operation is used. This
key is known as the rotationKey. Every slice of the cube will be rotated at the 3D-
SliceRotate function of the cube which is similar to the ShiftRows function in AES.
Linear transformation then transposes the state of array much like MixColumns
operation in AES. The three operations are repeated in three rounds. On the third round,
where r = 3, the output cipher state is the ciphertext which operates on plaintext size of
Big Data Security in the Web-Based Cloud Storage System 315
4 Experimental Design
The main characteristics that identify and differentiate one cryptographic algorithm
from another are its ability to secure the protected data against attacks and its per-
formance and complexity in doing so.
The second High Density Plaintext (HDP) Data Category. The HDP data category
is formed based on high-density y-bit plaintext which is 516 bit plaintext. The blocks
testing consists of 1 + 512 + 130816 = 131329 blocks so 512 plaintext 131329
blocks = 67240448 bits as shown in Fig. 6.
Big Data Security in the Web-Based Cloud Storage System 317
Users are required to register and login to the system since each user are assigned
with their own unique cipher key. The cipher key is stored in the web browser’s session
storage and is removed whenever the user logs out of the system. Whenever a user
uploads a file, the file is read in binary format and undergoes the 3D-AES encryption
318 N. A. N. Adnan and S. Ariffin
process using the user’s cipher key. The file’s binary data is represented in a 4 4 4
cube matrix array and goes through 3 rounds of 3D-SliceRotate, MixColumns and
AddRoundKey methods for the diffusion process. The encrypted data will then go
through the synchronization services to be stored in the cloud storage database. The
reverse process is done whenever the user needs to download the file from the cloud
storage database. The encrypted data is first downloaded onto the front-end client and
the decryption process is made before presenting the user interface.
5 Implementation
6 Result Discussion
Based on the analysis conducted towards all nine data categories using the NIST
Statistical Test Suite, the analysis results are shown in the following Table 2. Due to
the high volume of data required (67240448 bits) during LDP and HDP testing data
categories, the analysis cannot be recorded and analyzed.
Table 2 present and compare the randomness analysis result gathered between the
seven out of nine types of data categories. If the rejected sequence is less than or equal
p
( ) to the number of maximum rejection, then the result is passed with symbol . If
the rejected sequence is greater than ( ) to the number of maximum rejection, then the
result is failed with symbol . Conclusively, based on the results obtained, from 15
tests between two categories, the results on randomness test is passed only on test of
Random Excursion Variant Test and Linear Complexity Test. The result reported may
not be accurate due to very high number or bit during testing and the failure of
hardware requirements.
From the literature, Fig. 9 shows a base chart comparison between AES cipher and
3D-AES cipher in terms of complexity, security and performance.
In terms of complexity, AES cipher may have the upper hand since the cipher
architecture involves only 4 basic operations which are SubBytes, ShiftRows, Mix-
Columns and AddRoundkey. On the other hand, 3D-AES utilizes the same 4 opera-
tions with additional methods to help with encrypting or decrypting the state that is
represented in a 3D cube of 4 4 4 bytes. While AES is secure on its own, 3D-
AES is providing a better level of security due to the fact that it utilizes a higher bit
size. Besides that, both AES and 3D-AES cipher provides decent performance in terms
320 N. A. N. Adnan and S. Ariffin
of encryption and decryption processing speed. However, AES cipher may be slight bit
faster since it involves less processing steps compared to 3D-AES.
7 Conclusion
The cloud computing guarantees many opportunities whilst posing a unique safety and
privacy challenges. The acknowledged problem with cloud computing is the issue of
privacy and confidentiality of both the user and the computation of the data stored in
the cloud storage. The solution to the problems was uniformly solved by sending the
data encrypted to the cloud storage. Privacy is a primary concern in all of the chal-
lenges going through cloud computing. Many agencies and end-user customers are not
at ease with the thought of storing their records on off-premise information centers or
machines. End-users do not trust cloud services to save their personal facts and might
favor to store the data locally on their devices at home. Many customers agree with that
the records stored in cloud offerings may be exposed or stolen. While current cloud
storage solutions provide a decent level of security in terms of protecting end-users’
data, in practice the user information in cloud storage services are often exposed to the
risk of unauthorized access. Ever though, the 3D-AES encryption claimed that can
provides a higher degree layer of security, but the further randomness test with other
technique need to be conducted again due to the failed randomness test in this paper.
Acknowledgment. This work is supported by the Fundamental Research Grant Scheme (FRGS)
provided by the Ministry of Higher Education Malaysia, under the Grant Number
FRGS/1/2015/ICT03/UiTM/02/6.
Big Data Security in the Web-Based Cloud Storage System 321
References
1. Ariffin, S., Hisan, N.A., Arshad, S., Bakar, S.H.: Square and boomerang attacks analysis of
diffusion property of 3D-AES block cipher. In: 2016 12th International Conference on
Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD), Changsha,
China, pp. 862–867. IEEE (2016)
2. Ariffin, S., Mahmod, R., Rahmat, R., Idris, N. A.: SMS encryption using 3D-AES block
cipher on android message application. In: 2013 International Conference Advanced
Computer Science Applications and Technologies (ACSAT), Kuching, Malaysia, pp. 310–
314. IEEE (2013)
3. Ariffin, S., Yusof, N.A.M.: Randomness analysis on 3D-AES block cipher. In: 2017 13th
International Conference on Natural Computation, Fuzzy Systems and Knowledge
Discovery (ICNC-FSKD), Guilin, China, pp. 331–335. IEEE (2017)
4. Arockiam, L., Monikandan, S.: Data security and privacy in cloud storage using hybrid
symmetric encryption algorithm. Int. J. Adv. Res. Comput. Commun. Eng. 2(8), 3064–3070
(2013)
5. Chen, D., Zhao, H.: Data security and privacy protection issues in cloud computing. In:
International Conference on Computer Science and Electronics Engineering, Hangzhou,
China, vol. 1, pp. 647–651. IEEE (2012)
6. Chu, C.K., Chow, S.S., Tzeng, W.G., Zhou, J., Deng, R.H.: Key-aggregate cryptosystem for
scalable data sharing in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(2), 468–477
(2014)
7. Dictionary.com. http://www.dictionary.com/browse/cryptography. Accessed 26 Mar 2018
8. Galibus, T., Krasnoproshin, V.V., Albuquerque, R.D., Freitas, E.P.: Elements of Cloud
Storage Security Concepts. Designs and Optimized Practices. Springer, Heidelberg (2016).
https://doi.org/10.1007/978-3-319-44962-3
9. Kale, N.A., Natikar, S.B., Karande, S.M.: Secured mobile messaging for android
application. Int. J. Adv. Res. Comput. Sci. Manag. Stud. 2(11), 304–311 (2014)
10. Kumar, A., Lee, B.G., Lee, H., Kumari, A.: Secure storage and access of data in cloud
computing. In: 2012 International Conference ICT Convergence (ICTC), Jeju Island, South
Korea, pp. 336–339. IEEE (2012)
11. Manogaran, G., Thota, C., Kumar, M.V.: MetaCloudDataStorage architecture for big data
security in cloud computing. Procedia Comput. Sci. 87, 128–133 (2016)
12. Wang, C., Chow, S.S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for
secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)
13. Waziri, V.O., Alhassan, J.K., Ismaila, I., Dogonyaro, M.N.: Big data analytics and data
security in the cloud via fully homomorphic encryption. Int. J. Comput. Control Quantum
Inf. Eng. 9(3), 744–753 (2015)
14. Zhou, M., Zhang, R., Xie, W., Qian, W., Zhou, A.: Security and privacy in cloud computing:
a survey. In: 2010 Sixth International Conference on Semantics Knowledge and Grid (SKG),
pp. 105–112 (2010)