Implementation of a Cloud Data Server (CDS) for Providing Secure Service in E-Business

Cloud Data Servers is the novel approach for providing secure service to e-business .Millions of users are surfing the Cloud for various purposes, therefore they need highly safe and persistent services. Usually hackers target particular Operating Systems or a Particular Controller. Inspiteof several ongoing researches Conventional Web Servers and its Intrusion Detection System might not be able to detect such attacks. So we implement a Cloud Data Server with Session Controller Architecture using Redundancy and Disconnected Data Access Mechanism. In this paper, we generate the hash code using MD5 algorithm. With the help of which we can circumvent even the attacks, which are undefined by traditional Systems .we implement Cloud Data Sever using Java and Hash Code backup Management using My SQL. Here we Implement AES Algorithm for providing more Security for the hash Code. The CDS using the Virtual Controller controls and monitors the Connections and modifications of the page so as to prevent malicious users from hacking the website. In the proposed approach an activity analyzer takes care of intimating the administrator about possible intrusions and the counter measures required to tackle them. The efficiency ratio of our approach is 98.21% compared with similar approaches.

💡 Research Summary

The paper proposes a novel architecture called Cloud Data Server (CDS) aimed at delivering highly secure and persistent services for e‑business applications. Recognizing that traditional web servers and their associated intrusion detection systems (IDS) often fail to detect attacks that target specific operating systems or controllers, the authors introduce a layered security model that combines a Session Controller, a Virtual Controller, and a Disconnected Data Access mechanism.

At the core of the security model are two cryptographic steps. First, each web page’s content is processed through the MD5 hashing algorithm, producing a digest that serves as an integrity checkpoint. This digest is stored in a MySQL database, providing a tamper‑evident backup. Second, the stored MD5 hash is encrypted using the Advanced Encryption Standard (AES) with a symmetric key, protecting the hash itself from unauthorized modification or theft. The authors claim that this combination enables the system to “circumvent attacks undefined by traditional systems.”

The Virtual Controller acts as an intermediary between client requests and the underlying server. It monitors connection attempts, page modifications, session time‑outs, IP addresses, and request patterns. When an anomaly is detected, the controller can instantly block the offending session, thereby preventing malicious code injection or data leakage. Complementing this, an Activity Analyzer continuously scans logs and system metrics; upon detecting suspicious behavior, it notifies administrators and can trigger automated counter‑measures such as firewall rule updates or session termination.

Implementation details are modestly described. The CDS is built in Java, leveraging the Java Cryptography Architecture (JCA) for AES encryption. MySQL is employed for hash backup and log storage. The authors report an “efficiency ratio” of 98.21 % compared with unspecified baseline approaches. This metric appears to aggregate server availability, successful integrity verification, and intrusion‑blocking success, though the exact calculation is not disclosed.

Critical analysis reveals several weaknesses. MD5 is widely recognized as vulnerable to collision attacks; relying on it for integrity verification undermines the very security the system seeks to provide. Modern alternatives such as SHA‑256 or SHA‑3 would be far more appropriate. While AES encryption of the hash adds a layer of protection, it does not compensate for the fundamental weakness of the underlying hash function. Moreover, the paper lacks concrete descriptions of the policies governing the Virtual Controller (e.g., threshold values, rule sets) and the Activity Analyzer’s trigger conditions, making reproducibility difficult.

Performance considerations are also insufficiently addressed. Encrypting and decrypting hashes for every request, coupled with frequent MySQL reads/writes, can introduce notable CPU and I/O overhead, especially under high traffic typical of e‑business platforms. No latency measurements, throughput benchmarks, or scalability tests are presented. The claimed 98.21 % efficiency is therefore difficult to validate without a clear experimental setup or comparison baseline.

In summary, the CDS concept introduces an interesting multi‑layered approach that integrates session management, real‑time monitoring, and cryptographic integrity checks. However, the choice of MD5, the absence of detailed algorithmic specifications, and the lack of rigorous performance evaluation limit the practical applicability of the proposal. Future work should replace MD5 with a collision‑resistant hash, formalize the controller policies, incorporate robust key‑management practices, and conduct extensive load‑testing in cloud‑native environments (e.g., container orchestration, auto‑scaling). Only with these enhancements can the CDS architecture realistically meet the stringent security and availability demands of modern e‑business services.