Web Service Composition With Cloud

Published Date: 02 Nov 2017

CHAPTER 1

INTRODUCTION

Cloud computing, a new kind of computing model, is coming. This word is a new word that appears at the fourth season, 2007. It is an extend of changing with the need, that is to say the manufacturer provide relevant hardware, software and service according to the need that users put forward. With the rapid development of the Internet, user’s requirement is realized through the Internet, different from changing with the need. In fact cloud computing is an extend of grid computing, distributed computing, and parallel computing. Its foreground is to provide secure, quick, convenient data storage and net computing service centered by internet. The factors that impel the occurring and development of cloud computing include: the development of grid computing, the appearance of high quality technology in storage and data transportation, and the appearance of Web2.0, especially the development of Virtualization [29].

The character of cloud computing is in the virtualization, distribution and dynamically extendibility. Virtualization is the main character. Most software and hardware have provided support to virtualization. We can virtualize many factors such as IT resource, software, hardware, operating system and net storage, and manage them in the cloud computing platform; every environment has nothing to do with the physical platform. Carries on the management, the expansion, the migration, the backup through the hypothesized platform, all sorts of operations will be completed through the virtualization level. Distributional refers to the physical node which the computation uses is distributed. Dynamic expandability is refers to through the dynamic extension virtualization level, then achieves to above applies carries on the expansion the goal. Has broken between the physical structure barrier, represents is transforming the physical resources for logic may manage the resources the inevitable trend. In the future, all resources transparently will move in each physical platform, the resources management will carry on according to the logical way, will realize the resources automated assignment completely, but the virtualization technology realizes this ideal only tool. In view of the cloud computation, the virtualization technology's fusion and the application should face the high-quality hypothesized main engine, the application and the resources, as well as aspects and so on [30].

Cloud Services

Here the focus is on three cloud services storage as a service, processing as a service and software as a service. In the following sections, we outline the functionality of each of the three cloud service [2].

1.1.1 Software as a Service

Consumer software is traditionally purchased with a fixed upfront payment for a license and a copy of the software on appropriate media. This software license typically only permits the user to install the software on one computer. When a major update is applied to the software and a new version is released, users are required to make a further payment to use the new version of the software. Users can continue to use an older version, but once a new version of software has been released, support for older versions is often significantly reduced and updates are infrequent. When a user exclusively uses network- or Internet-based software services, the concept is similar to a Bthin client model, where each user’s client computer functions primarily as a network terminal, performing input, output, and display tasks, while data are stored and processed on a central server. Thin clients were popular in office environments prior to the widespread use of PCs [2].

1.1.2 Storage as a Service

Through storage as a service, users can outsource their data storage requirements to the cloud. All processing is performed on the user’s PC, which may have only a solid state drive (e.g., flash-based solid-state storage), and the user’s primary data storage is in the cloud. Data files may include documents, photographs, or videos. Files stored in the cloud can be accessed from any computer with an Internet connection at any time.

However, to make a modification to a file, it must first be downloaded, edited using the user’s PC and then the modified file uploaded back to the cloud. The cloud service provider ensures there is sufficient free space in the cloud and also manages the backup of data. In addition, after a user uploads a file to the cloud, the user can grant read and/or modification privileges to other users [2].

1.1.3 Processing as a Service

Processing as a service provides users with the resources of a powerful server for specific large computational task. The majority of tasks, which are not computationally demanding, are carried out on the user’s PC. More demanding computing tasks are uploaded to the cloud, processed in the cloud, and the results are returned to the user. Similar to the storage service, the processing service can be accessed from any computer connected to the Internet. One example of processing as a service is the Amazon Elastic Compute Cloud service.

When utilizing a processing service, the user’s PC still performs many small tasks and is consequently required to be more powerful than the Bthin client considered in the software service. However, the user’s computer is not used for large computationally intensive tasks and so there is scope to reduce its cost and energy consumption, relative to a standard consumer PC, by using a less powerful computer [2].

1.2 Types Of Cloud

1.2.1 Public Cloud

A cloud in which service providers offer their resources as services to the general public. Public clouds offer several key benefits to service providers, including no initial capital investment on infrastructure and shifting of risks to infrastructure providers. However, public clouds lack fine-grained control over data, network and security settings, which hampers their effectiveness in many business scenarios [35].A public cloud is offered as a service, usually over an internet connection.

Public clouds typically charge a monthly usage fee per GB, combined with bandwidth transfer charges.

Users can scale the storage on demand and do not need to purchase storage    hardware.

Service providers manage the infrastructure and pool resources into capacity that customers can claim.

1.2.2 Private Cloud

Also known as internal clouds are designed for exclusive use by a single organization. A private cloud may be built and managed by the organization or by external providers. A private cloud offers the highest degree of control over performance, reliability and security. However, they are often criticized for being similar to traditional proprietary server farms and do not provide benefits such as no up-front capital costs[35].

Private clouds are deployed inside a firewall and managed by the user organization.

Private clouds are built from software running on customer supplied commodity hardware.

The data is typically not shared outside the enterprise and full control is retained by the organization.

Figure 1.1: Cloud Architecture [4]

1.2.3 Hybrid Cloud

A hybrid cloud is a combination of public and private cloud models that tries to address the limitations of each approach. In a hybrid cloud, part of the service infrastructure runs in private clouds while the remaining part runs in public clouds. Hybrid clouds offer more flexibility than both public and private clouds. Specifically, they provide tighter control and security over application data compared to public clouds, while still facilitating on-demand service expansion and contraction. On the down side, designing a hybrid cloud requires carefully determining the best split between public and private cloud components [31].

Clouds have five essential characteristics:

1. On-demand self-service

2. Broad network access

3. Database pooling

4. Rapid elasticity

1.3 Application of cloud

Several large Web companies (such as Amazon and Google) are now exploiting the fact that they have data storage capacity which can be hired out to others. This approach, known as ‘cloud storage’ allows data stored remotely to be temporarily cached on desktop computers, mobile phones or other Internet-linked devices. Amazon’s Elastic Compute Cloud (EC2) and Simple Storage Solution (S3) are well known examples.

1.4 Web Service

Web Services can convert your applications into Web-applications. Web Services are published, found, and used through the Web [26].

Web services are application components

Web services communicate using open protocols

Web services are self-contained and self-describing

Web services can be discovered using UDDI

Web services can be used by other applications

XML is the basis for Web services .The basic Web services platform is XML + HTTP.XML provides a language which can be used between different platforms and programming languages and still express complex messages and functions. The HTTP protocol is the most used Internet protocol.

Web services platform elements:

SOAP (Simple Object Access Protocol)

UDDI (Universal Description, Discovery and Integration)

WSDL (Web Services Description Language)

The relationships among HTTP, Web Server and Web Services are a complicated set of functionalities and exchanges of information. Each component plays an important role in the thousands of functions users can access and utilize on the Internet. HTTP allows users to interact with Web Servers and access information via the Internet. Web servers serve data and files to users who request them. Web Services allow cross-system, cross-language communication among various kinds of machines and enable inter-business transaction. Although each technology works on its own and performs many useful functions, it is the combination of these technologies that has created the dynamic functionalities of the Web that are available today [26].

1.5 Web Service Composition With Cloud

There are various products for cloud computing .Two major vendors of the cloud computing are Amazon and Google.

1. Amazon Web Services

Amazon is the largest online retailer in the world, and to support its daily operations, Amazon has one of the most advanced data centers in the world. Processing millions of transactions every hour requires a high-class transactional infrastructure that not only provides reliability and speed but also reduces the total cost of a transaction. Amazon has achieved this by building a resilient data center infrastructure boasting automated virtualized operating systems and storage servers. Amazon Web Services (AWS) is a set of cloud services, providing cloud-based computation, storage and other functionality that enable organizations and individuals to deploy applications and services on an on-demand basis and at commodity prices. Amazon Web Services’ offerings are accessible over HTTP, using REST and SOAP protocols [31].

2. Google

Go ogle is the leader in search services on the Internet and has a significant presence and properties in advertising, collaboration, e-mail, and social networking sites. Google has massively scaled data centers with customized caching algorithms that host the fastest search engine in the world. The company has extended this massively scalable infrastructure for hosting communication and collaboration platform called Google Apps and an application platform called Google AppEngine for developing and deploying web applications [31].

Characteristics of Cloud Computing

Cloud computing has a variety of characteristics, with the main ones being [4]:

Shared Infrastructure: Uses a virtualized software model, enabling the sharing of physical services, storage, and networking capabilities. The cloud infrastructure, regardless of deployment model, seeks to make the most of the available infrastructure across a number of users.

Dynamic Provisioning: Allows for the provision of services based on current demand requirements. This is done automatically using software automation, enabling the expansion and contraction of service capability, as needed.

Network Access: Needs to be accessed across the internet from a broad range of devices such as PCs, laptops, and mobile devices, using standards-based APIs. Deployments of services in the cloud include everything from using business applications to the latest application on the newest smart phones.

Managed Metering: Uses metering for managing and optimizing the service and to provide reporting and billing information. In this way, consumers are billed for services according to how much they have actually used during the billing period.

1.7 Opportunities and Challenges

The use of the cloud provides a number of opportunities: [21]

It enables services to be used without any understanding of their infrastructure.

Cloud computing works using economies of scale. It lowers the outlay expense for start up companies, as they would no longer need to buy their own software or servers. Cost would be by on-demand pricing. Vendors and Service providers claim costs by establishing an ongoing revenue stream.

Data and services are stored remotely but accessible from ‘anywhere’.

In parallel there has been backlash against cloud computing:

Use of cloud computing means dependence on others and that could possibly limit flexibility and innovation. The ‘others’ are likely become the bigger Internet companies like Goggle and IBM who may monopolize the market. Some argue that this use of supercomputers is a return to the time of mainframe computing that the PC was a reaction against.

Security could prove to be a big issue. It is still unclear how safe outsourced data is and when using these services ownership of data is not always clear.

There are also issues relating to policy and access. If your data is stored abroad whose FOI policy do you adhere to? What happens if the remote server goes down? How will you then access files? There have been cases of users being locked out of accounts and losing access to data.

1.8 Issues with Cloud

The new concept of Cloud Computing offers dynamically scalable resources provisioned as a service over the Internet and therefore promises a lot of economic benefits to be distributed among its adopters. Depending on the type of resources provided by the Cloud, distinct layers can be defined (see Figure ).The bottom-most layer provides basic infrastructure components such as CPUs, memory, and storage, and is henceforth often denoted as Infrastructure-as a-Service (IaaS). Amazon’s Elastic Compute Cloud (EC2) is a prominent example for an IaaS offer. On top of IaaS, more platform-oriented services allow the usage of hosting environments tailored to a specific need. Google App Engine is an example for a Web platform as a service (PaaS) which enables to deploy and dynamically scale Python and Java based Web applications. Finally, the top-most layer provides it users with ready to use applications also known as Software as-a Service (SaaS). To access these Cloud services, two main technologies can be currently identified. Web Services are commonly used to provide access to IaaS services and Web browsers are used to access SaaS applications. In PaaS environments both approaches can be found [22]. Here figure 1.2 is showing all issues related to Cloud computing

Issues in

Cloud Security

Privacy

Jurisdiction

Investigation and E-Discovery

Data Retention

Process Verification

Multi-tenancy

Security Assessment

Shared

Risk

Staff Security

Screening

Data

Leakage

Figure 1.2: Issues with Cloud

On the other hand, along with these benefits, Cloud Computing also raises severe concerns especially regarding the security level provided by such a concept. Completely relying the own data and execution tasks to an external company, eventually residing in another country with a different regulatory environment, may cause companies not to consider Cloud Computing but to stick to the conventional local data center approach. Although there is a clear demand for in-depth discussion of security issues in Cloud Computing, the current surveys on Cloud security issues focus primarily on data confidentiality, data safety and data privacy and discuss mostly organizational means to overcome these issues [4].We provide an overview on technical security issues of Cloud Computing environments. Starting with real-world examples of attacks performed on Cloud computing systems (here the Amazon EC2 service), we give an overview of existing and upcoming threats to Cloud Computing security.

1.8.1 Cloud Integrity and Binding Issues

1. Cloud Malware Injection Attack

A first considerable attack attempt aims at injecting a malicious service implementation or virtual machine into the Cloud system. Such kind of Cloud malware could serve any particular purpose the adversary is interested in, ranging from eavesdropping via subtle data modifications to full functionality changes or blockings [24].

This attack requires the adversary to create its own malicious service implementation module (SaaS or PaaS) or virtual machine instance (IaaS), and add it to the Cloud system. Then, the adversary has to trick the Cloud system so that it treats the new service implementation instance as one of the valid instances for the particular service attacked by the adversary. If this succeeds, the Cloud system automatically redirects valid user requests to the malicious service implementation, and the adversary’s code is executed.

A promising countermeasure approach to this threat consists in the Cloud system performing a service instance integrity check prior to using a service instance for incoming requests. This can e.g. be done by storing a hash value on the original service instance’s image file and comparing this value with the hash values of all new service instance images. Thus, an attacker would be required to trick that hash value comparison in order to inject his malicious instances into the Cloud system.

2. Metadata Spoofing Attack

The metadata spoofing attack aims at maliciously reengineering a Web Services’ metadata descriptions. For instance, an adversary may modify a service’s WSDL so that a call to a delete User operation syntactically looks like a call to another operation, e.g. set Admin Rights. Thus, once a user is given such a modified WSDL document, each of his delete User operation invocations will result in that at the server side look like and thus are interpreted as invocations of the set Admin Rights operation. In the end, an adversary could manage to create a bunch of user logins that are thought to be deleted by the application’s semantics, but in reality are still valid, and additionally are provided with administrator level access rights [11].

For static Web Service invocations, this attack obviously is not so promising for the adversary, as the task of deriving service invocation code from the WSDL description usually is done just once, at the time of client code generation. Thus, the attack here can only be successful if the adversary manages to interfere at the one single moment when the service client’s developer leeches for the service’s WSDL file. Additionally, the risk of the attack being discovered assumably is rather high, especially in the presence of sound testing methods.

These restrictions tend to fall away in the Cloud Computing scenario. As the Cloud system itself has some kind of WSDL repository functionality, new users most assumably will gather for a service’s WSDL file more dynamically. Thus, the potential spread of the malicious WSDL file and thus the probability for a successful attack rises by far.

Similar to the hash value calculation discussed for the Cloud malware injection attack, in this scenario a hash-based integrity verification of the metadata description files prior to usage is required. For instance, an XML digital signature performed on the WSDL by the original service implementer would ensure its integrity. If the WSDL is additionally extended with a hash value on the service instance’s image file, this also ensures a cryptographically strong binding between the WSDL and the original service image.

1.8.2 Flooding Attacks

A major aspect of Cloud Computing consists in outsourcing basic operational tasks to a Cloud system provider. Among these basic tasks, one of the most important ones is server hardware maintenance. Thus, (users) to rent server hardware on demand (IaaS). This approach provides valuable economic benefits when it comes to dynamics in server load, as for instance day-and-night cycles can be attenuated by having the data traffic of different time zones operated by the same servers. Thus, instead of buying sufficient server hardware for the high workload times, Cloud Computing enables a dynamic adaptation of hardware requirements to the actual workload occurring [13][14].

Technically, this achievement can be realized by using virtual machines deployed on arbitrary data center servers of the Cloud system. If a company’s demand on computational power rises, it simply is provided with more instances of virtual machines for its services.

Under security considerations, this architecture has a serious drawback. Though the feature of providing more computational power on demand is appreciated in the case of valid users, it poses severe troubles in the presence of an attacker. The corresponding threat is that of flooding attacks, which basically consist in an attacker sending a huge amount of nonsense requests to a certain service. As each of these requests has to be processed by the service implementation in order to determine its invalidity, this causes a certain amount of workload per attack request, which in the case of a flood of requests usually would cause a Denial of Service to the server hardware [28].

In the specific case of Cloud Computing systems, the impact of such a flooding attack is expected to be amplified drastically.

1. Direct Denial of Service

When the Cloud Computing operating system notices the high workload on the flooded service, it will start to provide more computational power (more virtual machines, more service instances) to cope with the additional workload. Thus, the server hardware boundaries for maximum workload to process do no longer hold. In that sense, the Cloud system is trying to work against the attacker (by providing more computational power), but actually to some extent even supports the attacker by enabling him to do most possible damage on a service’s availability, starting from a single flooding attack entry point. Thus, the attacker does not have to flood all n servers that provide a certain service in target, but merely can flood a single, Cloud -based address in order to perform a full loss of availability on the intended service.

2. Indirect Denial of Service

Depending on the computational power in control of the attacker, a side effect of the direct flooding attack on a Cloud service potentially consists in that other services provided on the same hardware servers may suffer from the workload caused by the flooding. Thus, if a service instance happens to run on the same server with another, flooded service instance, this may affect its own availability as well. Once the server’s hardware resources are completely exhausted by processing the flooding attack requests, obviously also the other service instances on the same hardware machine are no longer able to perform their intended tasks. Thus, the Denial of Service of the targeted service instances are likely to cause a Denial of Service on all other services deployed to the same server hardware as well.

Depending on the level of sophistication of the Cloud system, this side-effect may worsen if the Cloud system notices the lack of availability, and tries to "evacuate" the affected service instances to other servers. This results in additional workload for those other servers, and thus the flooding attack "jumps over" to another service type, and spreads throughout the whole computing Cloud .

In the worst case, an adversary manages to utilize another (or the very same) Cloud Computing system for hosting his flooding attack application. In that case, the race in power would play both Cloud systems off against each other; each Cloud would provide more and more computational resources for creating, respectively fending, the flood, until one of them eventually reaches full loss of availability.

3. Accounting and Accountability

As the major economic driver behind running a Cloud Computing service is charging the customers according to their actual usage (e.g. workload caused), another major effect of a flooding attack on a Cloud service consists in raising the bills for Cloud usage drastically. There are no "upper limits" to computational power usage, thus the user running the flooded service most likely has to foot the bill for the workload caused by the attacker at least if the attacker is not determinable itself .

CHAPTER 2

LITERATURE REVIEW

2.1 Literature Study

What is cloud computing? The term is used two different ways in the IT community. To most users, cloud computing is any capability delivered over the network. If it is not local computing it is from the cloud. To these users, almost all enterprise IT is cloud computing. Technologists and enterprise architects use the term in a different way. To them, cloud computing implies new ways of providing capability on demand by use of virtualized resources. It involves pools of storage, network, processing and other computational resources that can be efficiently allocated on demand. It also implies far more agility in support of operational missions. Technologists view cloud computing as a means to most efficiently deliver computer power via an application program interface (API)( Bob Gourley,2009).

A Cloud Services is the new trend of computing where readily available computing resources are exposed as a service. These computing resources are generally offered as pay-as-you-go plans and hence have become attractive to cost conscious customers. Apart from the cost, Cloud Services also supports the growing concerns of carbon emissions and environmental impact since the Cloud advocates better management of resources. We see a growing trend of off loading the previously in-house service systems to the Cloud, based primarily on the cost and the maintenance burden. Such a move allows businesses to focus on their core competencies and not burden themselves with back office operations (Bernd, 2011).

Cloud Services that provides cheap and pay-as-you-go computing resources are rapidly gaining momentum as an alternative to traditional IT Infrastructure.

Even though Cloud Services is not a new conception or technology, but it rises and develops in the financial meltdown and influences everywhere more and more. In the anticipation, the market of Cloud Services will be more than ninety-five thousand million dollars.

Cloud Services is associated with a new paradigm for the provision of computing infrastructure. This paradigm shifts the location of this infrastructure to the network to reduce the costs associated with the management of hardware and software resources depending on the type of resources provided by the Cloud, distinct layers can be defined. The bottom-most layer provides basic infrastructure components such as CPUs, memory, and storage, and is henceforth often denoted as Infrastructure-as-a- Service (IaaS) On top of IaaS, more platform-oriented services allow the usage of hosting environments tailored to a specific need. Google App Engine is an example for a Cloud platform as as service (PaaS) which enables to deploy and dynamically scale Python and Java based Cloud applications. On top of IaaS, more platform-oriented services allow the usage of hosting environments tailored to a specific need. Google App Engine is an example for a Cloud platform as as service (PaaS) which enables to deploy and dynamically scale Python and Java based Cloud applications. Finally, the top-most layer provides it users with ready to use applications also known as Software-as-a-Service (SaaS) (Chunye, 2009).

Along with these benefits, Cloud Services also raises severe concerns especially regarding the security level provided by such a concept. Completely relying the own data and execution tasks to an external company, eventually residing in another country with a different regulatory environment, may cause companies not to consider Cloud Services but to stick to the conventional local data center approach. Although there is a clear demand for in-depth discussion of security issues in Cloud Services, the current surveys on Cloud security issues focus primarily on data confidentiality, data safety and data privacy and discuss mostly organizational means to overcome these issues.

With the advancement of the modern human society, basic essential services are commonly provided such that everyone can easily obtain access to them. Today, utility services, such as water, electricity, gas, and telephony are deemed necessary for fulfilling daily life routines. These utility services are accessed so frequently that they need to be available whenever the consumer requires them at any time. Consumers are then able to pay service providers based on their usage of these utility services. This vision of the computing utility based on the service provisioning model anticipates the massive transformation of the entire computing industry in the 21st century whereby computing services will be readily available on demand, like other utility services available in today’s society. Similarly, computing service users (consumers) need to pay providers only when they access computing services. In addition, consumers no longer need to invest heavily or encounter difficulties in building and maintaining complex IT infrastructure (Mishra, 2009).

As consumers rely on Cloud providers to supply all their computing needs, they will require specific QoS to be maintained by their providers in order to meet their objectives and sustain their operations. Cloud providers will need to consider and meet different QoS parameters of each individual consumer as negotiated in specific SLAs. To achieve this, Cloud providers can no longer continue to deploy traditional system-centric resource management architecture that do not provide incentives for them to share their resources and still regard all service requests to be of equal importance. Instead, market-oriented resource management is necessary to regulate the supply and demand of Cloud resources at market equilibrium, provide feedback in terms of economic incentives for both Cloud consumers and providers, and promote QoS-based resource allocation mechanisms that differentiate service requests based on their utility.

The Webs have different architecture based on the services they provide. The data is stored on to centralized location called data centers having a large size of data storage. The data as well as processing is somewhere on servers. So, the clients have to trust the provider on the availability as well as data security. The SLA is the only legal agreement between the service provider and client. The only means the provider can gain trust of client is through the SLA, so it has to be standardize. In this paper, section two describes the service level agreement, section three explains present SLA’s of Cloud Services, and section four discusses how to standardize SLA’s followed by the proposed data security issues (Octavio and Kwang, 2010).

The Webs have different architecture based on the services they provide. The data is stored on to centralized location called data centers having a large size of data storage. The data as well as processing is somewhere on servers. So, the clients have to trust the provider on the availability as well as data security. The SLA is the only legal agreement between the service provider and client. The only means the provider can gain trust of client is through the SLA, so it has to be standardize. The past SLA’s declares waivers if the promises are not met but do this really help the customer’s in fulfilling their losses. The SLA’s also have to discuss about how the security is maintained, what are the methods used in maintaining security and how customer complaints are taken care?

The core concept of Cloud Services is reducing the processing burden on the users’ terminal by constantly improving the handling ability of the "Cloud", eventually simplify the users’ terminal to a simple input and output devices, and busk in the powerful computing capacity of the Cloud on-demand. All of this is available through a simple Internet connection using a standard browser or other connection. However, there still exist many problems in Cloud Services today, a recent survey shows that data security and privacy risks have become the primary concern for people to shift to Cloud Services.

While reducing cost is a primary motivation for moving towards a Cloud provider, reducing responsibility for security or privacy should not be. Ultimately, the organization is accountable for the overall state of the outsourced service. Monitoring and addressing security and privacy issues remain in the purview of the organization, just as other important issues, such as performance, availability, and recovery.

The issues are organized into several general categories: trust, architecture, identity management, software isolation, data protection, and availability. Because Cloud Services has grown out of an amalgamation of technologies, including service oriented architecture, virtualization, Cloud 2.0, and utility computing, many of the security issues involved can be viewed as known problems cast in a new setting. Nevertheless, it represents a thought-provoking paradigm shift that goes beyond conventional norms in de-perimeterizing the organizational infrastructure at the extreme, displacing applications from one organization’s infrastructure to the infrastructure of another organization, where the applications of potential adversaries may also operate (Baliga, 2011).

The systems architecture of the software systems used to deliver Cloud services comprises hardware and software residing in the Cloud. The physical location of the infrastructure is determined by the service provider as is the implementation of reliability and scalability logic of the underlying support framework. Virtual machines (VMs) typically serve as the abstract unit of deployment and are loosely coupled with the Cloud storage architecture. Applications are built on the programming interfaces of Internet-accessible services and typically involve multiple intercommunicating Cloud components (Jianfeng, 2010).

The increased availability and use of social media, personal Webmail, and other publicly available sites also has associated risks that can impact the security of the browser, its underlying platform, and Cloud service accounts negatively through social engineering attacks. For example, spyware reportedly installed in a hospital via an employee’s Yahoo Webmail account sent out more than 1,000 screen captures containing financial and other confidential information to the originator before it was discovered. Having a backdoor Trojan, keystroke logger, or other type of malware running on a client does not bode well for the security of the Cloud or other Cloud-based services. Organizations need to employ measures to secure the client side as part of the overall architecture. Banks are beginning to take the lead in deploying hardened browser environments that encrypt network exchanges and protect against keystroke logging. Even though Cloud Services has gained popularity as the new technology driver; businesses are still evaluating its feasibility for their own business environment (Jiyi, 2010).

2.2 Related Work

Cloud computing is a internet based computing which enables sharing of services. Many users place their data in the cloud, so correctness of data and security is a prime concern. This work studies the problem of ensuring the integrity and security of data storage in Cloud Computing. Security in cloud is achieved by signing the data block before sending to the cloud. Signing is performed using BLS algorithm which is more secure compared to other algorithms. To ensure the correctness of data, Author consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the data stored in the cloud. By utilizing public key based homomorphic authenticator with random masking privacy preserving public auditing can be achieved. Author explore the efficient technique for error correction called reed Solomon technique which ensures the correctness of data(Balakrishnan 2011).

This article is the first in a three-part series that will look at cloud computing from the market and legal perspectives. This first article focuses on the technological and business capabilities of cloud computing and associated privacy and data security concerns. Part II will focus on the current state of the law that applies to cloud computing services. Part III will highlight industry and policy developments in the past months and upcoming few weeks(Barry Reingold, 2009).

Cloud computing delivers convenient, on-demand access to shared pools of data, applications and hardware over the internet. Cloud computing provides unlimited infrastructure to store and execute customer data and program. As customers Author do not need to own the infrastructure, they are merely accessing or renting; they can forego capital expenditure and consume resources as a service, paying instead for what they use. Data can be redundantly store in multiple physical locations. Due to this redundancy the data can be easily modified by unauthorized users which can be stored in the database(S.Birutha, 2007).

This article introduces the background and principle of Cloud Services, the character, style and actuality (Shuai, 2010). This article also introduces the application field the merit of Cloud Services, such as, it do not need user’s high level equipment, so it reduces the user’s cost. It provides secure and dependable data storage center, so user needn’t do the awful things such storing data and killing virus, this kind of task can be done by professionals. It can realize data share through different equipments. It analyses some questions and hidden troubles, and puts forward some solutions, and discusses the future of Cloud Services. Cloud Services is a computing style that provide power referenced with IT as a service. Users can enjoy the service even he knows nothing about the technology of Cloud Services and the professional knowledge in this field and the power to control it.

Shuai, Z., Shufen, Z., Xuebin, C., and Xiuzhen, H. (2010) "Cloud Computing Research and Development Trend" Second International Conference on Future Networks DOI 10.1109/ICFN.2010.58. This paper introduced with emphasis the Amazon Elastic Compute Cloud, the Cloud Services platform of Google and "blue Cloud" of IBM, analyze and compare three kinds of Cloud Services platform.

Bernd, G., ToBias, W. and elmar S. (2011) "Understanding Cloud Computing Vulnerabilities" Copublished By The IEEE Computer And Reliability Societies 1540-7993/11/ © 2011 IEEE. To clarify the discussions regarding vulnerabilities, the authors define indicators based on sound definitions of risk factors and Cloud Services.

Zhidong, S. and Qiang, T. (2010) "The Security of Cloud Computing System enabled by Trusted Computing Technology" 2nd International Conference on Signal Processing Systems (ICSPS) 978-1-4244-6893-5/IEEE They proposed a method to build a trusted computing environment for Cloud Services system by integrating the trusted computing platform into Cloud Services system. We propose a model system in which Cloud Services system is combined with trusted computing platform with trusted platform module. In this model, some important security services, including authentication, confidentiality and integrity, are provided in Cloud Services system.

Baliga, J., Ayre, W.A., Hnton, K. and Tucker,S. (2010) "Green Cloud Computing: Balancing Energy in Processing, Storage, and Transport". Vol. 99, No. 1, January 2011 | Proceedings of the IEEE 0018-9219/IEEE. It present an analysis of energy consumption in Cloud Services. The analysis considers both public and private Webs, and includes energy consumption in switching and transmission as well as data processing and data storage. We show that energy consumption in transport and switching can be a significant percentage of total energy consumption in Cloud Services. Cloud Services can enable more energy-efficient use of computing power, especially when the computing tasks are of low intensity or infrequent. However, under some circumstances Cloud Services can consume more energy than conventional computing where each user performs all computing on their own personal computer (PC).

Burton S. Kaliski Jr. performed a work," Toward Risk Assessment as a Service in Cloud Environments". Security and privacy assessments are considered a best practice for evaluating a system or application for potential risks and exposures. Cloud computing introduces several characteristics that challenge the effectiveness of current assessment approaches. In particular, the on-demand, automated, multi-tenant nature of cloud computing is at odds with the static, human process-oriented nature of the systems for which typical assessments were designed. This paper describes these challenges and recommends addressing them by introducing risk assessment as a service

Jiyi, W., Lingdi, P., Xiaoping, G.E., Ya W. and Jianqing, F.U. (2010) "Cloud Storage as the Infrastructure of Cloud Computing", International Conference on Intelligent Computing and Cognitive Informatics. DOI 10.1109/ICICCI.2010.119. It performed work as an emerging technology and business paradigm, Cloud Services has taken commercial computing by storm. Cloud Services platforms provide easy access to a company’s high-performance computing and storage infrastructure through Cloud services. With Cloud Services, the aim is to hide the complexity of IT infrastructure management from its users. At the same time, Cloud Services platforms provide massive scalability, 99.999% reliability, high performance, and specifiable configurability. These capabilities are provided at relatively low costs dedicated infrastructures. This article gives a quick introduction to Cloud storage. It covers the key technologies in Cloud Services and Cloud Storage, several different types of Webs services, and describes the advantages and challenges of Cloud Storage after the introduction of the Cloud Storage reference model.

Chunye, G., Jie L., Qiang Z., Haitao C. and Zhenghu G., (2010) "The Characteristics of Cloud Computing". DOI 10.1109/ICPPW.45. They work on the Characteristics of Cloud Services. Cloud Services is based on several other computing research areas such as HPC, virtualization, utility computing and grid computing. In order to make clear the essential of Cloud Services, we propose the characteristics of this area which make Cloud Services being Cloud Services and distinguish it from other research areas. The Cloud Services has its own conceptional, technical, economic and user experience characteristics. The service oriented, loose coupling, strong fault tolerant, business model and ease use are main characteristics of Cloud Services. Clear insights into Cloud Services will help the development and adoption of this evolving technology both for academe and industry.

Tian-L, LIN C. and NI Y. (2010) "Evaluation of User Behavior Trust in Cloud Computing" International Conference on Computer Application and System Modeling (ICCASM 2010 978-1-4244-7237-6/10/ ©IEEE. It works on Evaluation of User Behavior Trust in Cloud Services. In the Cloud computing, due to users directly use and operate the software and even basic programming environment and network infrastructure which provided by the Cloud services providers, so the impact and destruction for the software and hardware Cloud resources in Cloud Services are worse than the current Internet users who use it to share resources. Therefore, that whether user behavior is trusted, how to evaluate user behavior trust is an important research content in Cloud computing. mainly discusses evaluation importance of user behavior trust and evaluation strategy, in the Cloud computing, including trust object analysis, principle on evaluating user behavior trust, basic idea of evaluating user behavior trust, evaluation strategy of behavior trust for each access, and long access, which laid the theoretical foundation about trust for the practical Cloud Services application.

Shuai, Z., Shufen, Z., Xuebin, C., and Xiuzhen, H. (2010) "The Comparison Between Cloud Computing and Grid Computing" International Conference on Computer Application and System Modeling (ICCASM 2010). C 978-1-4244-7237-6/ IEEE. It provides secure and dependable data storage center, so user needn’t do the awful things such storing data and killing virus, this kind of task can be done by professionals. It can realize data share through different equipments. The users need not know how the Cloud runs And We describe the concept of Cloud Services and grid computing and compare them.

Minqi, Z., Rong, Z., Wei, X. and Weining, Q. (2010) "Security and Privacy in Cloud Computing: A Survey", Sixth International Conference on Semantics, Knowledge and Grids. DOI 10.1109/SKG.2010.19 we investigate several Cloud Services system providers about their concerns on security and privacy issues. We find those concerns are not adequate and more should be added in terms of Five aspects (i.e., availability, confidentiality, data integrity, control, audit) for security. Moreover, released acts on privacy are out of date to protect users’ private information in the new environment (i.e., Cloud Services system environment) since they are no longer applicable to the new relationship between users and providers, which contains three parties (i.e., Cloud service user, Cloud service provider/Cloud user, Cloud provider). Multi located data storage and services (i.e., applications) in the Cloud make privacy issues even worse. Hence, adapting released acts for new scenarios in the Cloud, it will result in more users to step into Cloud. We claim that the prosperity in Cloud Services literature is to be coming after those security and privacy issues having be resolved.

Jianfeng,Y. and Zhibin,C. (2010) "Cloud Computing Research and Security Issues". 978-1-4244-5392-4/10/©IEEE. It works on Cloud Services Research and Security Issues. It aims to construct a perfect system with powerful computing capability through a large number of relatively low-cost computing entity, and using the advanced business models like SaaS (Software as a Service), PaaS (Platform as a Service), IaaS (Infrastructure as a Service) to distribute the powerful computing capacity to end users’ hands. This article introduces the background and service model of Cloud Services. This article also introduces the existing issues in Cloud Services such as security, privacy, reliability and so on. Proposition of solution for these issues has been provided also.

Somani,U., Lakhani,K. and Mundra,M. (2010) "Implementing Digital Signature with RSA Encryption Algorithm to Enhance the Data Security of Cloud in Cloud Computing"1st International Conference on Parallel, Distributed and Grid Computing (PDGC - 2010) 978-1-4244-7674-9/10/ ©IEEE. The Cloud Services provides an undemanding and Non ineffectual Solution for Daily Computing. The prevalent Problem Associated with Cloud Services is the Cloud security and the appropriate Implementation of Cloud over the Network. In this Research Paper, we have tried to assess Cloud Storage Methodology and Data Security in Cloud by the Implementation of digital signature with RSA algorithm.

Octavio, J. and Kwang, M.S. (2010) "Self-Organizing Agents for Service Composition in Cloud Computing". 2nd IEEE International Conference on Cloud Computing Technology and Science DOI 10.1109/CloudCom Cloud service composition collaboration between brokers and service providers is essential to promptly satisfy incoming Cloud consumer requirements. These requirements should be mapped to Cloud resources, which are accessed via Cloud services, in an automated manner. However, distributed and constantly changing Cloud-computing environments pose new challenges to automated service composition such as: (i) dynamically contracting service providers, which set service fees on a supply-and-demand basis, and (ii) dealing with incomplete information regarding Cloud resources (e.g., location and providers). To address these issues, in this work, an agent-based Cloud service composition approach is presented. Cloud participants and resources are implemented and instantiated by agents. These agents sustain a three-layered self-organizing multi-agent system that establishes a Cloud service composition framework and an experimental test bed. The self-organizing agents make use of acquaintance networks and the contract net protocol to evolve and adapt Cloud service compositions. The experimental results indicate that service composition is efficiently achieved despite dealing with incomplete information as well as coping with dynamic service fees.

Rohit Bhadauria(2011) performed a work," A Survey on Security Issues in Cloud Computing". Cloud Computing holds the potential to eliminate the requirements for setting up of high cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines.

Mohamed, A.M. (2010) "An Analysis of The Cloud Computing Security Problem", In Proceedings of APSEC 2010 Cloud Workshop, Sydney, Australia. It work on Mobile Agents Based Infrastructure for Cloud Services Composition. WS are limited and cannot satisfy some practical user requirements. The true potential can be achieved if WSs are used to dynamically compose some existing/new WSs. Moreover, WS technology is to be applied in various environments, such as wireless networks of relatively narrow bandwidth and unstable connections. In response to the mentioned problems Author adopt Mobile Agent technology and present a Mobile Agent framework for WSs integration. Author exploit the capabilities offered by Mobile Agents to invoke WSs without the need for simultaneous presence of the service requestor.

Byron Ludwig(2010) performed a work,"A comparison of platform as a service (paas) clouds with a detailed reference to security and geoprocessing services". In this paper, Author compare three PaaS cloud computing solutions, namely Microsoft Azure, Google App Engine and GroundOS, with a detailed reference to cloud security concerns. An analysis of the security mechanisms and Service Level Agreements (SLA) provided by these PaaS clouds is presented. Author then look at the implications of these security issues for geoprocessing services and the OGC’s WPS specifically, investigating potential security pitfalls when developing a WPS in a PaaS cloud. Finally, recommendations for future work are presented.

Richard Chow performed a work," Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control". In this paper, Author characterize the problems and their impact on adoption. In addition, and equally importantly, Author describe how the combination of existing research thrusts has the potential to alleviate many of the concerns impeding adoption. In particular, Author argue that with continued research advances in trusted computing and computation-supporting encryption, life in the cloud can be advantageous from a business intelligence standpoint over the isolated alternative that is more common today[12].

Sneha Prabha Chandran(2009) performed a work," Cloud Computing: Analysing the risks involved in cloud computing environments". This paper presents a study about the risk issues involved in cloud computing. It highlights the different types of risks and how their existence can affect the cloud users. It also discusses the different circumstances in which the risks occur and the measures to be taken to avoid them. The paper also attempts to lay out measures to be taken while using cloud computing to reduce negative effects on the outcome and maintain data integrity.

Dai Yuefa(2009) performed a work," Data Security Model for Cloud Computing". With the development of cloud computing, Data security becomes more and more important in cloud computing. This paper analyses the basic problem of cloud computing data security. With the analysis of HDFS architecture, Author get the data security requirement of cloud computing and set up a mathematical data model for cloud computing. Finally Author build a data security model for cloud computing.

Hongbin Liang (2011) performed a work," Resource Allocation for Security Services in Mobile Cloud Computing". In general, Author can classify cloud security services in two categories: Critical Security (CS) service and Normal Security (NS) service. CS service provides strong security protection such as using longer key size, strict security access policies, isolations for protecting data, and so on. The CS service usually occupies more cloud computing resources, however it generates more rewards to the cloud provider since the CS service users need to pay more for using the CS service. To address this issue, Author propose a Security Service Admission Model (SSAM) based on Semi-Markov Decision Process to model the system reward for the cloud provider. Author, first, define system states by a tuple represented by the numbers of cloud users and their associated security service categories, and current event type (i.e., arrival or departure).