Mitigating Disaster using Secure Threshold-Cloud Architecture

sharing methods as used in cryptography [6,7] to create shares of cryptographic key, disperse and recover the key when needed in a multi-cloud environment. It also aims to prove that the combination of secret sharing scheme and multi-clouds can be used to provide a new direction in disaster management by using it to mitigate cloud outages rather than current deigns of recovery after the outages. Experiments were performed using ten different cloud services providers for storage services, which at different times of cloud outages, key recovery were still possible and even faster compared to normal situations. All the same, key recovery was impossible when the number of cloud outages exceeded secret sharing defined threshold. To ameliorate this scenario, we look forward to employ the concept of self-organisation as proposed by Nojoumian et al. [8] in improving resource availability but with some modifications as proposed. The rest of the work is organised into section II, Literature Review takes a closer look at current practices, use of secret sharing and cloud-based disaster recovery with much interest in the method used in Abstract There are many risks in moving data into public cloud environments, along with an increasing threat around large-scale data leakage during cloud outages. This work aims to apply secret sharing methods as used in cryptography to create shares of cryptographic key, disperse and recover the key when needed in a multi-cloud environment. It also aims to prove that the combination of secret sharing scheme and multi-clouds can be used to provide a new direction in disaster management by using it to mitigate cloud outages rather than current designs of recovery after the outages. Experiments were performed using ten different cloud services providers at share policies of 2 from 5, 3 from 5, 4 from 5, 4 from 10, 6 from 10 and 8 from 10 for which at different times of cloud outages key recovery were still possible and even faster compared to normal situations. All the same, key recovery was impossible when the number of cloud outages exceeded secret sharing defined threshold. To ameliorate this scenario, we opined a resilient system using the concept of self-organization as proposed by Nojoumian et al in 2012 in improving resource availability but with some modifications to the original concept. The proposed architecture is as presented in our Poster: Improving Resilience in Multi-Cloud Architecture.


Introduction
With the introduction of cloud services for disaster management on a scalable rate, there appears to be the needed succour by small business owners to get a cheaper and more secure disaster recovery mechanism to provide business continuity and remain competitive with other large businesses.But that is not to be so, as cloud outages became a nightmare.Recent statistics by Ponemon Institute [1] on Cost of Data Centre Outages, shows an increasing rate of 38% from $505,502 in 2010 to $740,357 as at January 2016.Using activity-based costing they were able to capture direct and indirect cost to: Damage to mission-critical data; Impact of downtime on organizational productivity; Damages to equipment and other assets and so on.The statistics were derived from 63 data centres based in the United States of America.These events may have encouraged the adoption of multi-cloud services so as to divert customers traffic in the event of cloud outage.Some finegrained proposed solutions on these are focused on Redundancy and Backup such as: Local Backup by [2]; Geographical Redundancy and Backup [3]; The use of Inter-Private Cloud Storage [4]; Resource design.III.Presents our approach, in section IV, present Results and Evaluations and Conclude in section V with future works and lessons learnt.

Literature Review
There are research solutions based on different variants of secret sharing schemes and multi-cloud architecture that give credence to its resilience in the face of failures, data security in keyless manner, such as: Ukwandu et al. b) Second Site: As proposed by Rajagopalan et al. [14] is built to extend the Remus high-availability system based on virtualization infrastructure by allowing very large VMs to be replicated across many data centres over the networks using internet.One main aim of this solution is to increase the availability of VMs across networks.Like every other DR systems discussed above, Second Site is not focused on contending downtime and security of data during cloud outages.c) DR-Cloud: Yu et al. [15] relied on data backup and restore technology to build a system proposed to provide high data reliability, low backup cost and short recovery time using multiple optimisation scheduling as strategies.The system is built of multicloud architecture using Cumulus [16] as cloud storage interface.
Thus providing the need for further studies on the elimination of system downtime during disaster, provide consistent data availability as there is no provision for such in this work.

Our Approach
Our approach is in combining secret sharing scheme with multi-clouds to achieve resilience with the aim of applying same in redefining cloud-based disaster management from recovery from cloud outages to mitigating cloud outages.

The Architecture
The architecture of as shown in Figure 1 shows key share creation, dispersal and storage, while that of Figures 2 & 3

Share creation and Secret recovery:
The diagram above explains our design of key share creation, dispersal and storage using different cloud service providers (Figure 1).Share Creation: The dealer determines the number of hosts shares combination from which data recovery is possible known as threshold (t) and the degree of the polynomial, drived from subtracting 1 from the threshold.In this case, the threshold is 3 and the degree of polynomial is 2.He initiates a secret sharing scheme by generating the polynomial, the coefficients a and b are random values and c is the secret, the constant term of the polynomial as well as the intercept of the graph.He generates 5 shares for all the hosts H1… H5 and sends the shares to them for in an equal ratio and weights we, and thereafter leaves the scene [1].
Secret Recovery: Just as in Shamir [6] [9] -RESCUE: Resilient Secret Sharing Cloud-based Architecture; Alsolami & Boult,[10], -CloudStash: Using Secret-Sharing Scheme to Secure Data, Not Keys, in Multi-Clouds.Others are: Fabian et al.[11] on Collaborative and secure sharing of healthcare data in multi-clouds and[12] on Secret Sharing for Health Data in Multi-Provider Clouds.While RESCUE provided an architecture for a resilient cloud-based storage with keyless data security capabilities using secret sharing scheme for data splitting, storage and recovery, Cloud Stash also relied on the above strengths to prove security of data using secret sharing schemes in a multi-cloud environment and Fabian et al proved resilience and robust sharing in the use of secret sharing scheme in a multi-cloud environment for data sharing.Because our approach is combining secret sharing and multi-clouds in developing a clouddisaster management the need therefore arise to review current method used in cloud-based disaster in a multi-cloud system and their shortcomings.a) Remus: Cully et al.[13] described a system that provides software resilience in the face of hardware failure (VMs) in such a manner that an active system at such a time can continue execution on an alternative physical host while preserving the host configurations by using speculative execution.The strength lies on the preservation of system's software independently during hardware failure.
is of shares retrieval and key recovery.

Figure 3 :
Figure 3: Cloud Service Providers at Different Scenarios.
authorised participants following earlier stated rules are able to recover the secret using Lagrangian interpolation once the condition as stated earlier is met.The participants contribute their shares to recover the secret.Curr Tr Comp Sci & App Copyrights@ Elochukwu Ukwandu, et al.Citation: Elochukwu U, William J B, Gordon R. Mitigating Disaster using Secure Threshold-Cloud Architecture.Curr Tr Comp Sci & App 1(2)-2018.CTCSA.MS.ID.000107.DOI: 10.32474/CTCSA.2018.01.000107.