Description:A SYSTEM/METHOD FOR STORING DATA IN CLOUD BY USING TWO LEVEL SECURITY CONTRIVANCES
Field of Invention
Cloud computing is a model for providing IT services in which users use shared virtual machines (VMs) hosted on remote servers. It is a model for providing low-effort, rapid provisioning of a shared pool of configurable computer resources (including networks, servers, storage, applications, and services). Users and businesses have a variety of options when it comes to storing and retrieving data through cloud computing and storage solutions. Network utilities (like the electrical grid) rely on resource sharing to ensure continuity and efficiency. The virtual environment in the realm of cloud computing provides access to resources that much outstrip the user's local hardware. Neither the data's actual location nor the data's original sources are often known to users.
Background of the Invention
Companies which migrate into cloud imply that their information and applications are moving outside of the organization security edge. This outsourcing opens new security issues and enhances existing; hence expanding the organization's security is the huge problem. Multi-tenancy, bolstered by virtualization, is another basic security imperfection delivering new dangers and vulnerabilities from inside and from the co-inhabitants. The predominant segregation within clouds, i.e., virtualization is weak and can be easily prone to attack.
Cloud benefit offerings show an oversimplified perspective of IT if there should be an occurrence of IaaS or a simplistic perspective of programming on the off chance that PaaS or a simplistic perspective of resources utilization in the event of SaaS, the basic frameworks level help challenges are tremendous and exceedingly mind-boggling. These originate from the need to offer a consistently steady and powerfully short-sighted perspective of processing while the underlying frameworks are exceedingly disappointment inclined, heterogeneous, asset hoarding, and showing serious security shortcomings.
Data security is a significant issue in any technology nowadays. In the cloud, it becomes a considerable challenge when users have to depend on their providers for appropriate protection. The data is processed in plaintext and is stored in the cloud (US20190306240A1). The provider is responsible for the security of the information when it is handled and stored said by Gehana Booth et al. Other concerns are the data location, data segregation how information it is stored. Customers encrypt their data and then send it as cipher text to a cloud. Data can be decrypted when required is said by DimitriosZissis et al.
Search authenticator, searchable encryption, group signature, XML encryption, identity-based encryption, broadcast encryption, attribute-based encryption, group encryption, and group encryption are just few of the cryptographic methods provided by Peng Yong et al. for securing data in the cloud. For the purpose of keeping data secure, private, and accessible on the cloud, KooroshGoodarzi and Abbas Karimi examined both traditional and cutting-edge cryptographic algorithms. Elliptic curve cryptography (ECC) is a method suggested by Bhavana Sharma that offers various safeguards for cloud storage, including message authentication, non-repudiation of data, data secrecy, and message integrity.
Data confidentiality and third party audit ability are the essential obstacles of the cloud computing innovation in organization, as per a current study of more than 2100 Indian Business Technology experts which is appeared. The overview led by Salt March Intelligence, measured impression of Business innovation experts incorporate their difficulties in embracing Cloud in their organization in various phases of adoption, and cloud stages, applications, customers, infrastructure and capacity utilized. Financial saving, agility and flexibility, all empowered through cloud technology, are urgent in a quick business world.
Data mobility is at an abnormal state then the dangers and issues increment particularly when information is exchanged to another nation with the distinctive administrative system, and information migration have not positive implication for information security, protection, and information availability. The primary worry concerning the security of information in cloud is to guarantee the security of information that is at the same area in spite of the fact that, customers know the area of information and there internet-based no data migration, there are questions relating to its security and confidentiality of it. Wide system access and flexibility in cloud computing winding up more prominent. Reliability is in regards to the sheltered and secure condition for the individual information.
Summary of the Invention
Large-scale compute, data storage, virtualization, high scalability, high dependability, and cheap cost are only some of the consumer-facing benefits of cloud computing. One of the primary issues highlighted is that cloud storage is more sensitive to consumers because it is stored in third-party storage. Firstly it is necessary to safe guard the data whenever the data is uploaded to data centre to ensure data is not tampered on the way to cloud storage. Secondly whenever there is hacking problem, the data stored in cloud is easily accessible to the public without any protection is another major problem. Thirdly, even though a security mechanism is employed in cloud storage, accessing and retrieval of data from the storage raises another issue of efficiency and availability. To improve the security of data and easy retrieval of data from the cloud, without compromising security is always been a demand.
Brief Description of Drawings
Figure 1: System Architecture of Data Security Contrivance
Figure 2: Client Data Security Contrivance
Figure 3: Blowfish Encryption Algorithm
Figure 4: Modified F Function
Detailed Description of the Invention
Since data in the cloud can be placed anywhere, including across the globe, this is a very dangerous problem. Users' main concerns about cloud computing revolve around its security and privacy features. Information security and protection assurance are becoming increasingly important for the future development of distributed computing technology in government, industry, and business, despite the fact that numerous approaches on the themes in cloud computing have been examined in both academia and enterprises. Both the hardware and the software in the cloud must be protected from threats to data security and privacy. In order to ensure a secure cloud environment, this framework provides a variety of security measures, both software and hardware-based.
Mobile communication infrastructure includes different system gadgets for the radio access arranges (RAN) and the center system (CN). With NFV, the center system gadgets, for example, Mobility Management Entity (MME), Home Subscriber Server (HSS), Serving Gateway (S-GW) and Packet Data Network Gateway (P-GW) in 4G can be accomplished in software and deployed on virtualized resources in the cloud. This will decrease the aggregate cost of possession because of the combination of system part that keeps running on industry-standard systems administration equipment.
Community cloud shares infrastructure between a few organizations from a particular group with basic concerns (security, consistency, ward, and so forth.), regardless of whether overseen inside or by an outsider, and either facilitated inside or remotely. Regardless of the rental solution, community clouds are typically conceived for corporations and organisations working together on shared projects, applications, or research that necessitate a centralised cloud computing facility for building, administering, and executing such initiatives. The Defence Department and other intelligence agencies, for instance, have begun projects to upgrade their data centres by utilising a public cloud. Because of this, they can confidently exchange data with other community organisations in the cloud while maintaining strict control over it. The expenses are spread over few clients than a public cloud, so only a portion of the cost-saving potential of this cloud is realized Cloud data servers (CDS), CDS1, CDS2, CDS3,... CDS (N) are shown in Figure 1 as part of the system architecture of the proposed security system for cloud-stored data. Cloud Service Providers (CSPs) own and operate all of the servers storing data in the cloud. The data servers in the cloud make it possible for cloud users to save their data in the cloud. Through the establishment of a Service Level Agreement, the Cloud Service Provider allots the necessary resources to the cloud users. Any organisation, institution, etc. that saves sensitive information on the cloud is considered a cloud user (CU). The customer Data Security Device (CDSD) safeguards sensitive customer information. The information sent to the cloud is encrypted through linguistic steganography. The proposed approach states the new solution for cloud computing security, which employs two levels of security, as shown in Figure 2. The first level uses the 65 improved blowfish algorithm to encrypt the text before it is sent from the cloud user to the cloud service provider.

The key length of Modified Blowfish, a 64-bit block cipher, is up to 448 bits. There are 16 stages in this Feistel network. The encryption algorithm's relative quality is proportional to the length of the key. Two 32-bit S-boxes and a P-array are used as sub-key arrays in the modified Blowfish method. Subkey creation, S-Box preprocessing, and encryption are the three primary components of this approach. In this article, we describe the Modified Blowfish Encryption Algorithm.
The first phase is Sub key generation (P-array).In this phase a constant string is used to populate the P-array. It has eighteen separate 32-bit keys. Extract the key string's first eighteen 32-bit characters. Up to 18 rounds of XORing are performed on the values of the P-arrays, where the first P-exhibit (P1) value is XORed with the first 32-bit key (K), the second P-array (P2) value is XORed with the second 32-bit key (K2), and so on. Each value in the P array of size 18 is XOR'd with a key of size 18. The Modified Blowfish technique is used to encrypt each string of zeros. The entire process takes 18 rotations to complete. Subkey values are then saved in a P-array.
The next phase is S-Box preparation .In this the four S-boxes should be initialised using a constant string. There are 256 slots in each S-box. Using the Blowfish cypher, these S-box values are encrypted. Then, the first and second S-box values are joined, followed by the third and fourth. Finally, we've reduced the four S-box values to two. Next Data Encryption is performed. The data is encrypted using F function and 16 rounds of encryption. A key-dependent permutation and a key-and-data-dependent replacement are performed in each cycle. Each round, each subkey is influenced by each key, and vice versa for the left halves of the keys. In Figure 3 we see the framework of the Blowfish algorithm at work. Similar to the simplified Blowfish algorithm, this structure is efficient. A Feistel network's avalanche effect is maximised at the value of 67 because function F is not reversible. A 32-bit input is separated into four 8-bit sub-inputs using the original f Function, which consists of four S-boxes. These four eight-bit numbers are added modulo and XOR'd together to form a new value. The adjusted F function is shown in Figure 2.
Finally the Modified F function is applied .In this specifically, the F-boxes have been replaced by S-boxes. While the Blowfish algorithm's Feistel structure remains unchanged, the F-function's structure has been tweaked. Figure 4 shows the F-function's new, improved structure. Blowfish decryption is just moderately difficult because it uses the same method as encryption and reads in the encrypted text as input. However, these steps significantly lengthen the program's runtime. Function F was selected to avoid unnecessary delays because it plays a crucial role in ensuring the safety of algorithms. The working of Working of Modified Blowfish is explained as follows
Use a static string to initialise the P-array and the four S-boxes in sequential sequence, Encrypt the key and P-array to generate the subkeys, employ the F function to cypher the contents of four S-boxes.Split the 64-bit input into two 32-bit halves, called the left and right. The left side is labelled XL, and the right side is XR. The subkey P is XORed with the leftmost 32 bits of XL, and the resulting value is assigned to XL. Input from XL is made to the F operation.The F-function is built from four S-boxes. F function divides the 32-bit input into four 8-bit halves, one for each S-box. The first 32-bit S-box (S1) and the third 32-bit S-box (S3) .Additional 32-bit S-boxes, designated S2 and S4. When s1, s3, and s2, s4 are added together, the 32-bit result bit is XORed with the resulting bit. s1, s3, and s4 are complete.
Following is the revised F function: Cut XL in half so that you have four 8-bit pieces: a, b, c, and d.

The formula for F(XL) is: F(a,b,c,d) = (S1,a + S3,c mod 232) XOR (S2,b + S4,d mod 232).

XOR (exclusive-or) (XOR) of F(XL) and XR , Swap the XL and XR values, so that the right half (XR) is the new left half (L) and the left half (L) is the new right half (R)..After the 17th iteration, the left and right halves are not exchanged; instead, XR is XORed with P and XL is XORed with P. Ten, XL and XR are recombined using exclusive OR. When doing decryption, the same process is followed as when encrypting, except that P0, P1,..., P17 are utilised in the opposite sequence.
4 Claims & 4 Figures , Claims:The scope of the invention is defined by the following claims:

Claim:
A System/Method for storing data in cloud by using two level security contrivances comprising the steps of:
a) Designed a technique that has to provide security for the client data.
b) Adopted a method for encrypts the data received from the cloud user
c) Designed a method encrypts the data received from the DSC-C.
2. A System/Method for storing data in cloud by using two level security contrivancesas claimed in claim1, Client Data Security Contrivance (CDSC) provides security for the client data.
3. A System/Method for storing data in cloud by using two level security contrivancesas claimed in claim1, led to the design of a method linguistic steganography to encrypts the data received from the cloud user.
4. A System/Method for storing data in cloud by using two level security contrivancesas claimed in claim1, Cloud Service Provider's Data Security Contrivance at CSP (CSPDSC) encrypts the data received from the DSC-C using blowfish algorithm.