International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 02 | Feb 2020 www.irjet.net p-ISSN: 2395-0072 © 2020, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 103 Analysis of Cloud Security and Performance for Leakage of Critical Information using DROPS Methodology Monisha Thomas 1 , Laxmi Choudhary 2 , Indra Kishor 3 1,2 B.Tech. Scholars, Dept. Of CSE, Arya Institute of Engineering and Technology, Kukas Jaipur Raj. 3 Associate Prof. Department of CSE, Arya Institute of Engineering and Technology, Kukas Jaipur Raj. ---------------------------------------------------------------------***---------------------------------------------------------------------- Abstract - When outsourcing of data to the third-party administrative control is done in cloud computing then it can cause security concerns or problems. The data may be attacked by other users and nodes within the cloud. So, data must be protected using high security measures within the cloud. Moreover, the security measures must also be concern with the optimization of the data at the retrieval time. In this paper, we propose DROPS methodology that approaches both the security and performance issues. In this methodology, a file is divided into fragments and the fragmented data is replicated over the cloud nodes. Each node stores only a single fragment of a particular data file that ensures no meaningful information is revealed to the attacker in the successful attack. Moreover, the nodes storing the fragments are separated by the certain distance with the help of T-coloring graph to restrict an attacker of guessing the locations of the fragments. Key Words: cloud, division, replication, optimal, security, T-coloring graph, fragmented, performance, node, centrality, outsourcing, critical 1. INTRODUCTION Cloud is a representation of the Internet and other communications. The term cloud can be simply defined by how a network or remote servers can be accessed via an internet connection for managing and storing the information. Cloud is a place where user can store all the information in the computer. DROPS (Division and Replication of Data in the Cloud for Optimal Performance and Security) is a methodology that is an approach for both securing and performance issue of the data.[2] Cloud drops technology is used for securing data over the cloud so that, when the users outsource their data to third party administrative control, it gives rise to security concerns i.e., the data can be attacked by the other users, processes and nodes within the cloud.[5] Cloud Security can be enhanced using DROPS methodology that improves both the security and performance issues. Security is one of the most important aspects among those restricting the widespread adoption of cloud computing. Cloud security issues may arise due to the core technology’s implementation (virtual machine (VM) escape, session riding, etc.), cloud service offerings (structured query language injection, weak authentication schemes, etc.), and from cloud characteristics (data recovery vulnerability, Internet protocol vulnerability, etc.). For a cloud to be secure, all of the participating entities must be secure. In any given system with multiple units, the highest level of the system’s security is equal to the security level of the weakest entity. Therefore, in a cloud, the security benefit does not solely depend on an individual’s security measures.[2] 2. THREATS AND SECURITY STRATERGIES IN CLOUD COMPUTING 2.1 THREATS 2.1.1 The entity or neighbouring entity may provide the opportunity to an attacker to bypass the user security and may access the user data files. 2.1.2 The off-site data storage cloud utility requires the users to move data in cloud and shared environment that may cause various security concerns and hamper the user data. 2.1.3 In the pooling and elasticity of the cloud the physical resources are shared among many users. These shared resources may be reassigned to other users for some duration of time that may cause the risk to the data. 2.1.4 A multi-tenant virtual environment may result in VM to escape the boundaries of virtual machine monitor (VMM) which can interfere to other VMs may access to unauthorized data. 2.1.5 In cross tenant virtualized network, due to improper media sanitization, the customer data can also get leaked.[4] 2.2 DATA SECURITY STRATERGIES 2.2.1 In the DROPS methodology, a file is divided into fragments, and replicates the fragmented data over the cloud nodes, which is duplicating the data. Each of the nodes stores only a single fragment of a particular data file that ensures that even in the case of a successful attack, no meaningful information is revealed to the attackers [3]. 2.2.2 The nodes storing the fragments are separated by a certain distance by means of graph T-coloring to prohibit an attacker of guessing the locations of the fragments. 2.2.3 For a cloud to be secured, all participating entities must be secure. In a system with multiple units, the highest