Cloud computing is an emerging and popular method of accessing shared and dynamically configurable resources via the computer network on demand. Cloud computing is excessively used by mobile applications to offload data over the network to the cloud. There are some security and privacy concerns using both mobile devices to offload data to the facilities provided by the cloud providers. One of the critical threats facing cloud users is the unauthorized access by the insiders (cloud administrators) or the justification of location where the cloud providers operating. Although, there exist variety of security mechanisms to prevent unauthorized access by unauthorized user by the cloud administration, but there is no security provision to prevent unauthorized access by the cloud administrators to the client data on the cloud computing. In this paper, we demonstrate how steganography, which is a secrecy method to hide information, can be used to enhance the security and privacy of data (images) maintained on the cloud by mobile applications. Our proposed model works with a key, which is embedded in the image along with the data, to provide an additional layer of security, namely, confidentiality of data. The practicality of the proposed method is represented via a simple case study.
Cloud computing refers to popular method of accessing services and resources via network connections on demand [
The growth of the number of the mobile devices in the past few years has shown that there is a high demand for mobile applications [
Mobile cloud computing (MCC) acting as clients, is benefitting from the cloud computing platform acting as server [
In mobile cloud computing, the user data are stored on device or cloud. As the internet enabled mobile usage to continue growing, web-based malicious security threat is a serious issue. In this paper, we discuss the working concepts of mobile cloud computing and its various security issues.
In this work, we attempt to address security of mobile cloud computing using mobile devices, because it is very important for customers and providers to retrieve, transmit and retain the data on cloud without breaking any type of secrecy [
Cloud computing is one of the popular methods for the users to host and deliver services over the Internet by dynamically providing computing resources [
・ On-demand self-service: The users have access and the power to change cloud services online. User can add, delete, or change storage networks and software as needed.
・ Broad network access: User can access cloud services using their Smartphone, tablets, laptops, or desktop computers. These devices can be used, wherever they are connected with online access point.
・ Resource pooling: The cloud computing enables users to enter and use data within the software, hosted in the cloud at any time, and from any location.
・ Elasticity: The cloud computing is flexible and scalable according to the user’s needs. User can easily add or remove other users, resources or software features.
・ Measured service: Cloud provider can measure storage levels, processing, the number of user accounts and the user are billed accordingly.
・ Pricing: Cloud computing cost is based on amount of resources used by the user. Cloud computing is transparent to capture for accurate billing information.
・ Quality of service: Cloud computing guarantees, best performance, adequate resources and on round-the- clock availability service for the users.
Cloud Computing services can be classified into three layered service models. These models are: 1) Infrastructure as a service (IaaS), 2) Platform-as-a-Service (PaaS), 3) Software-as-Service (SaaS) [
The PaaS model allows users to run applications on the infrastructure offered by the service providers. The PaaS requires that the applications are created with programming languages or tools that are supported by the service provider. The management of the infrastructure and operating systems is in the hands of the service provider. While on other hand user has full administrative control over the applications he wants to host on the cloud system [
The SaaS model allow applications and software service are being used on demand The management of the infrastructure, operating systems and the configuration of the application is completely achieved by the service provider. This service is commonly used by the business users. It provides the complete customizable within the limits applications. It is mainly used for achieving specific business task with mainly focusing on end-user requirements. Examples: Google Docs, Microsoft Office Web Applications.
Cloud deployment models refer to how cloud infrastructure are operated and utilized by users, and organizations. According to NIST, cloud deployment models are public cloud (services available to public), private cloud (services are exclusively available to the member of a single organization), community cloud (services are exclusively available to the member of multiple organizations), and hybrid cloud (share feathers of both public and private clouds).
Mobile cloud computing (MCC) refers to the computing paradigm that combines the capability of low end computing devices such as smart phones with the capabilities provided by the cloud computing using network connectivity. The key characteristics of mobile cloud computing are Reliability, Scalability, Security, Agility, device independence, reduced cost of mobiles and mobile services and reduced maintenance [
The objective of the mobile cloud computing is to make process convenient for mobile user to access and re-
ceive data from the cloud [
Other important issue is the notion of security of data stored in the data storage provided by cloud computing provider. To secure data on the cloud, cloud providers are required to follow security standards and measures [
In general, when data is stored and offloaded to the cloud, mobile devices may be exposed to the following security threads: 1) In case the mobile device gets stolen or lost, the transmission of un-encrypted data between cloud computing and mobile devices [
In case when the mobile devices are stolen (or lost), data from the devices, can be avoided by wiping of mobile device from remote location. To handle man-in-the-middle attack, majority of mobile manufacturers provide feature or security application [
There are many different approached of storing data securely over the cloud, using mobile computing such as end-to-end encrypted data transmission, dynamic credential generation, steganography etc.
The stored application or information on cloud raises security issues which are discussed in Bilogrevic [
C. Saravankumar and C. Arun [
Z. Al-Khanjari and A. Alani proposed a steganography scheme architectural model to protect data in cloud. Cloud computing systems needs to satisfy interoperability, security, safety, dependability, performance and many other parameters [
S. Brohi, M. Bamiah, S. Chuprat and J. Manan provide a solution for data privacy issue [
This technique maintains client’s data intact and protects them from malicious attackers.
Resilient Role-based Access Control Mechanism - The process starts from this phase and it is responsible for generation of private and public keys by requesting the cloud server for data communication over the internet.
Using Partial Homomorphic Cryptography, data inside the file will be homomorphic-ally encrypted during the uploading process and stored on the cloud in the encrypted format [
Now a day’s sender can send the secret data openly using encrypted mail or files to receiver with no fear of reprisals. However there are often cases when this is not allowed when sender or receiver is working for a company that does not allow encrypted email or the local government does not allow encrypted communication. This is where steganography can play a key role. In the simplest form, steganography refers to the method of writing hidden messages in a manner that no one other person but sender and receiver would be able to securely understand and communicate the information hidden in the means of communications (e.g., images) [
who interact with system by inputting data and the key, original image that the sender will use to embed the data, stego-image, which is the image contains embedded key and data, and finally, steganography application, which receives as an input stego-image and user key.
In the steganography model, the user is responsible for selecting any 24-bit image and entering data and the key. In steganography, the classified information aretypically stored in the least significant bits of a digitized file, that means those bits that can be changed in subtle way and hence cannot be detected by the human eye.
After accepting input from the user, the steganography application embeds the key and data into the image selected by the user; this image is called a stego-image. To retrieve data from the image, the stego-image acts as an input to the steganography application. The steganography application retrieves the key from the stego-image and compares it with the user entered image; if both keys are matched then the application displays the embedded data to the user.
Steganography can be classified as: 1) pure steganography, 2) symmetric steganography and 3) asymmetric steganography [
Steganography, for the most part, is dependent on the type of medium being used to hide the information. Medium being commonly used include text, images, audio or video used in network transmissions. Image steganography is generally more preferred media because of its easiness, harmlessness and attraction. Technology advancement in cameras and digital images being saved in cameras and then transfer to PCs [
To farther enhance secure communication, it is common practice to encrypt the hidden message before placing it in the cover message. However, the hidden message does not need to be encrypted to qualify as steganography. The hidden message can be in plain English. If steganographer decides to have the extra layer of protection then the encryption should provide that extra level of protection. In case, the hidden message is found by unauthorized person (thief), then encryption provides additional level of data protection.
In what follows, we explain the method of embedding secret message in images using pure Steganography approach.
For the mobile users, data security and privacy are key concerns. Cryptography and steganography are basic but popular methods to protect data. Using cryptography, the data is transformed using well-defined algorithm that hopefully makes it hard to read encrypted data without having proper keys.
On the other hand, steganography operates by hiding the message in some kind of medium to transfer to another user in such a way that no one will be able to see or guess the exchange of messages. Some steganography methods are hybrid method combining cryptography and steganography. Combination of cryptography and steganography method may enhance the security of the communication, may affect the performance because these technique demand additional processing that may affect energy consumption. To ease the power consumption, our proposed application applies steganography with an embedded key.
In what follows, we outline the overall process to apply steganography. The process consists of the following steps:
1) Encryption (Optional): The media file which is supposed to be processed will be encrypted in some binary codes. These binary codes depend on the nature of media file. This encryption is different for different files.
2) Data chunking: The encrypted media file is chunked in various parts and this file is to be proceeding for further steganography.
3) Applying steganography: The steganography is done on the chunked encrypted files. Sending chunked files - The chunked files to be sent to receiver and these files will be in the hidden form. This all files are received by the receiver and then are proceed to get the original data.
4) File recombination: The chunked files are recombined to get the whole file so that the receiver can get the original file.
5) Decryption (optional): The previously recombined file is decrypted to get the original file which is sent from the sender.
Images are the most popular medium to use as a cover for steganography. In the simplest form, an image is a collection of pixels that contains different light intensities [
Information can be hidden in many different ways in images. Message insertion in images means simply embed every bit of information in the image. More complex encoding can be done by embedding the message only in “noisy” areas/pixels of image that will attract less attention. The message may also scattered on pixels randomly throughout the cover image.
In general, the most common approaches for information hiding are [
The least significant bit [
Using a 24-bit image, a bit of each of color (red, green and blue) corresponding to each pixel of image can be used to embed the data, which means each pixel store 3 bytes with 8-bits in each. The message is embedded into the first 8 bytes of the grid and in each byte only the 3-bits are changed to embed the information. So only half of the bits in an image is needed to be modified in order to hide a secret data [
The main benefit of LSB insertion approach is that the data can be inserted in the pixels but still the human eye would be unable to notice it. While using LSB approach on 8-bit images, more care needs to be taken, as 8-bit format changes can be detected by human eyes as 24-bit format are not. Also, additional care needs to be taken in the selection of the cover image in a way that changes to the data will not be visible in the stego-image. Commonly known images, painting such as the Mona Lisa should be avoided. In most cases, a simple picture of (e.g., dog) would be ideal.
Masking and filtering techniques hide the information by marking the image in a manner similar to paper watermarks. This technique can be applied on 24-bit gray-scale or colored images. Watermarking techniques are more integrated into the image; they may be applied without fear of image destruction. The human visual system cannot detect changes in JPEG images.
The algorithms and transformations technique, on the other hand, use mathematical functions to hide the least bit coefficients in the compression algorithms which reduce the size of images.
Proposed Approach to Secure Data from Cloud ProvideThe proposed solution allows a customer to protect its own data by maintained by cloud provider. Although, mobile devices are increasingly essential part of human life, but they are considered as low-end computing with limited processing capability, energy supply, data protection, and storage capacity. As noted previously, it is imperative to consider these inherent limitations of mobile devices when one is attempting to provide additional layer of data protection.
sender and receiver’s information on which the steganography application is running, 3) Steganography application (SA), which is a mobile-application (app) running on the mobile device to embed data and the key in the image given by the user; it then generates a stego-image and retrieves data from the image if user entered key matches, 4) Cloud computing provider providing various service (e.g., SaaS).
The proposed architectural model is based on Client-server architecture [
There exists a large body of work aiming at hiding sensitive information in images. Our proposed approach uses 24-bit image steganography to embed data and a key into an image. Different methods of hiding messages work with different types of images. For example, one technique lacks in payload capacity whereas the other approach lacks in robustness.
In this research we have used the least significant bit technique to hide information, which makes the mobile cloud computing application robust and less prone for image distortion. We used 24-bit images because 24-bit images can display more than 16,000 k different combinations that can easily hide data in a way that it will be hard to detect any difference between the modified image and the original image.
To add additional layer of protection, encryption algorithms are used but if the user wants to embed large amounts of information, these algorithms may increase the load on the processor as well as the response time. To overcome this problem, we have used the concept of a key to provide more secure data storage. Using a key, the key first is embedded into an image together with the payload (data). The system will use a specific algorithm to calculate those bytes’ location where the key has been stored. Because this app is deployed and used on the user’s side, therefore only the user of the system needs to remember this key. As such, we do not need to be concerned about key exchange between the sender and receiver.
The digital image is represented by an array of pixels. These pixels represent the intensities of the three colors: red, green and blue (also known as RGB). In RGB model, a value of each color describes a pixel. In our case, we are using Least Significant Bit (LSB) approach for hiding information into the image.
In what follows, we show how the data embedding process of using LSB is performed. Assuming that the user wants to embed letter “A” into a 24-bit image and the binary value of “A” is 10000011. In 24-bit image each pixel has eight bits for each color in RGB model that is red, green and blue. The user needs to change the least significant bits that require only 3 pixels for hiding 8 bits letter “A”. The original three pixels are represented in
After embedding the binary value of “A” that is 10000011 into the three pixels, starting from the top left byte in the table and going to the right end. Following the same sequence for each row would generate result represented
Red | Green | Blue | |
---|---|---|---|
Pixel 0 | 00100111 | 11101001 | 11001000 |
Pixel 1 | 00100111 | 11001000 | 11101001 |
Pixel 2 | 11001000 | 00100111 | 11101001 |
Red | Green | Blue | |
---|---|---|---|
Pixel 0 | 00100111 | 11101000 | 11001000 |
Pixel 1 | 00100110 | 11001000 | 11101000 |
Pixel 2 | 11001001 | 00100111 | 11101001 |
in
The most important features of this application are, the user can use different keys for different information, so even if the thief guesses the key for one stego-image he won’t be able to use same key for other images, which reduces the chances of data theft, and if the user loses the mobile device, then the user can access cloud data from any other mobile by simply downloading the “Mobile Cloud Computing” application on that mobile device.
In recent year’s mobile with digitalized applications are widely used and popular due to flexibility and feasibility of the wireless internet. Most of the daily work can be performed easily with the help of mobile internet such as modern ways of communication like Messenger, Whats App, Facebook and Email, handling banking accounts using mobile e-banking.
Now a day’s who owns a mobile, text or call more often than directly going to someone’s house to convey the message even if house is really close. Email’s has replaced for mails. Paper signed up or registration has replaced by online forms etc.
For any kind of online work, we mostly have to sign up and open new account with personal detail so that you can access your account later with username and password. Due to the popularity and comfort of mobile wireless internet access, user prefers opening and accessing new accounts using mobile phones. In this case it is highly possible that user have many accounts and there is high chance of forgetting credentials of those accounts. Hence to be on the safe side, users write down some important information or pass phrase somewhere. This written information may be read or access by another user or it is also possible that user kept this information at house and wanted to access that from remote location which is not possible. To handle this issue, we have proposed solution in which user can store limited amount of information on cloud, by mobile using steganography, which will protect user data from cloud administrator. If user is storing their information on cloud then they can access data from any location without any strain of losing important data on mobile device or any unauthenticated data access.
This application works for small amounts of data per image with low processing power and less battery usage, which eventually increases the performance of the overall application and the mobile device. This approach combines and enhances the trust in mobile computing as well as the efficiency of cloud computing.
Mobile cloud computing is one of the mobile technology trends which combine the advantages of both mobile computing and cloud computing, and provides optimal services for mobile devices. Cloud computing is a transformative technology that can change the nature of computing so often, specifically for business purposes. It offers on-demand network access for configurable computing resources like networks, servers, storage, applications, and different cloud services that can be rapidly installed and uninstalled with minimal management effort.
Many applications are supported by mobile cloud computing such as mobile commerce and mobile healthcare, which contain user sensitive data. Security to this sensitive data is a more important factor in the mobile cloud computing. Due to memory storage issues, this data are usually stored on the cloud. Cloud data are secured against invalid data access and data theft, but technologies are still lacking behind due to the cloud administrator’s
invalid data access. Hence, to resolve this issue, we have proposed a “Mobile Cloud Computing” application, which provides secured data storage through mobile on the cloud against the cloud administrator by using steganography application which improves performance of mobile cloud computing. This steganography application can be used on networks for data security without using third party interference. The mobile cloud computing application is able to embed only limited amounts of data into images. In the future, we can extend this capability from a few words to huge data files by replacing the steganography medium that is, images with audio or video files. The proposed system will work perfectly as long as a user remembers the key, but if he loses the key, then the system does not have any provision for recovering or guessing the key, so in this case a user might lose the data. This issue will have to be addressed in the future. The proposed system is efficient and legal for the client as long as the cloud administrator doesn’t have restrictions about a client’s data. As this system is hiding the original data, a user may abuse this feature and can store illegal or unethical data. As of now, the proposed system does not have any remedy for this issue. In the future, cloud management systems and proposed models may work in parallel for smooth and legal data storage function.
Hassan Reza,Madhuri Sonawane, (2016) Enhancing Mobile Cloud Computing Security Using Steganography. Journal of Information Security,07,245-259. doi: 10.4236/jis.2016.74020