Secure Cloud Based Document Management System

Secure Cloud Based Document Management System

Varsha Jawale Vedashri Jundre Reshma Bathe Pimpri Chinchwad College Of Engineering, Nigdi-44

Abstract

The transition towards paperless offices and increasing adoption of electronic transfer of information through emails and other web based content has prompted organizations to have a system which would manage their documents effectively. A cloud based document management system provides a hassle free classification and identity system that tags documents with information. Electronic documents are considered to be the most valuable information assets in enterprises. As the cloud security era is coming, the existing systems need to be upgraded with most cost-effective measures, so a document security management system suitable for cloud security is also designed. With more documents being integrated electronically and transferred as knowledge points, organizations see document management system as an integral tool to handle growing surge of data and respond to audits without heavy burdens to the business.

We are also presenting Flogger, a novel file- centric logger suitable for both private and public Cloud environments. Flogger records file-centric access and transfer information from within the kernel spaces of both virtual machine and physical machines in the Cloud, thus giving full transparency of the entire data landscape in the Cloud. With Flogger, services can be built above it to provide Cloud providers, end-users and regulators with the relevant provenance, e.g. a tool for an end-user to track whether his/her file was 'touched' by an unauthorized user.

Keywords: Document Management System, Windows Communication Foundation, Data Access Layer, Cloud.

1. Introduction

   Cloud based document management systems offer benefits like; reduced costs, off-site backups and better accessibility. Most of these document management systems offer seamless integration with your current accounting software. It enables you to attach documents in the system, directly in an arranged way from your accounting software. Electronic documents, can be easily located and emailed from within your software with the help of a cloud based document management system. Electronic document management systems help you to save a lot of cost that were not possible while using the traditional paper filing systems. It is like a direct saving where your office has to use less paper besides boost extra space thanks to reduced storage space. Apart from that the aspect of file security is another important feature of cloud based document management systems. Most of these files contain important data, passwords, personal pictures/journals and other important digital files and hence many companies nowadays are using this type of document management system simply because it provides backup files, and especially helpful for businesses that are dealing with huge volumes of paperwork on a regular basis. It also maintains the documents according to hierarchy of organization and provides privileges by designations to access the documents. Though the concept of cloud based document

   management system is not that new but the usage has started gaining momentum in recent past and it will surely grow more in future. With more number of companies using these systems and with the market increasing, it is expected that more people will be benefitted by using these digital methods in future.

   The cloud hosted systems deliver information via the web which gives 24/7 access to information from any remote location. Unlike traditional document management systems which are dependent on office based servers and support from the IT department, cloud systems require no IT infrastructure or upgrade installations so are a much more cost effective option. Another major benefit is the portability of cloud based document management systems.

   1. Document Management System

      Document management systems are designed from the ground up to assist entire organisations seeking to manage the creation, storage, retrieval and expiry of information stored as documents. Unlike a file structure on your PC, a DMS revolves around a centralized repository that is used to manage the storage of any type of information that could be of value to an organization – and protect the same against loss.

      As content stored within a DMS is typically self contained, a well-designed document management system promotes finding and sharing information easily. It does this via sophisticated search tools – and the adding of classification schemes or taxonomies to the document information being stored.

      The document management systems have the following benefits:

      • Reduced Storage

        The cost of commercial property and the need to store documentation for e.g. retrieval, regulatory compliance means that paper based document storage

        competes with people for space within an organization. Scanning documents and integrating them into a document management system can greatly reduce the amount of prime storage space required by paper.

      • Flexible Retrieval

        Retrieving documents stored as hard copies, or on microfilm absorbs time. A DMS increases creates electronic images of documents and stores them centrally. Less time is spent locating the documents as they can be retrieved without leaving a desk. DMS users can also access other systems available from the desktop at the same time as retrieving documents.

      • Flexible Indexing

        Indexing paper and microfilm in more than one way can be done, but it is awkward, costly and time- consuming. Images of documents stored within a DMS can be indexed in several different ways simultaneously.

      • Improved, faster and more flexible search Document Management Systems can retrieve

        files by any word or phrase in the document – known as full text search – a capability that is impossible with paper. A DMS can also apply single or multiple taxonomies or categorizations to a document of folder that allow documents to be classified.

      • Controlled and Improved Document distribution Imaging makes it easy to share documents

        electronically with colleagues and clients over a network, by email or via the Web in a controlled manner. This provides a cost saving by reducing the overheads associated with paper based document distribution, such as printing and postage and removes the typical delay associated with providing hard copy information.

      • Improved Security

        A DMS can provide better, more flexible control over sensitive documents. Many DMS solutions allow access to documents to be controlled at the

        folder and/or document level for different groups and individuals. A DMS also provides an audit trail of who viewed an item, when or who modified an item and when. A DMS also removes the possibility of having confidential material or trade secrets lying around unattended in an office.

      • Disaster Recovery

        A DMS provides an easy way to back-up documents for offsite storage and disaster recovery providing failsafe archives and an effective disaster recovery strategy.

      • No Lost Files

        Lost documents can be expensive and time- consuming to replace. Within a DMS, imaged documents remain centrally stored when being viewed, so none are lost or misplaced. New documents are less likely to be incorrectly filed and even if incorrectly stored can be quickly and easily found and moved via the full-text searching mechanisms

      • Digital Archiving

        Keeping archival versions of documents in a document management system helps protect paper documents, that still have to be retained, from over- handling and keeps electronic documents in a non- proprietary and native format, such as Microsoft Word or Excel.

   2. Storage of Data on Cloud

      Cloud Storage enables SaaS providers to significantly enhance their existing offerings by incorporating the flexibility and scalability offered by Cloud Storage. Web services APIs simplify integration, and provide advanced capabilities. These include file store and retrieval, file sharing and collaboration, hierarchical and tag-based organizational structures and native multi-device client access. All of this is available from multiple

      access points web, desktop. These same capabilities can be built into future releases, making the offering more robust, feature-rich and truly web-scaled.

      Cloud Storage have benefits like:

      • Includes enhanced capabilities for existing and future SaaS applications.

      • Provides anytime, anywhere, flexible access to files using Web Services APIs.

      • Files can be shared securely (for read only) or collaborated by multiple users.

      • The file owner retains the ability to manage the access levels for each user.

      • Insures highest levels of security by storing data in encrypted form.

        1.2. Flogger

        In order to increase trust in Cloud computing, we need to increase transparency and accountability of data in the Cloud for both enterprises and end-users. However, current system tools are unable to log file accesses and transfers effectively within a Cloud environment. In this paper, we present Flogger, a novel file-centric logger suitable for both private and public Cloud environments. Flogger records file- centric access and transfer information from within the kernel spaces of both virtual machines (VMs) and physical machines (PMs) in the Cloud, thus giving full transparency of the entire data landscape in the Cloud. With Flogger, services can be built above it to provide Cloud providers, end-users and regulators with the relevant provenance, e.g. a tool for an end- user to track whether his/her file was 'touched' by an unauthorized user.

        Flogger addresses the needs of system layer within the Trust Cloud Framework. Trust Cloud is a layered framework describing the different layers of granularity for Cloud accountability. The System Layer in the framework highlighted the importance of

        monitoring and auditing containers of data within and out of the Cloud. With the foundational System Layer, we can then study movement and changes of data within and across files (Data Layer), and also workflows and data flows, thus giving full provenance of data in the Cloud and in compliance to the Law/ Regulation Layer and the Policies Layer.

2. Proposed System

   The purpose of this system is to a detailed description of the project entitled as Secure Cloud Based Document Management System. It will explain the purpose and features, the interfaces of the project, the constraints under which it must operate and how the system will react to external stimuli. This document is intended for both the stakeholders and the developers of the system. This system is having additional features like:

   1. Document storage with hierarchical privileges

   2. Storage on Cloud with security

3. System Architecture

   System follows 3-tier archirecture.Client interacts with web server which consist of WCF services and GUI.Web server interacts with data access layer.All the data is stored on cloud in encrypted format.While retriving data,it will get in original format by decrypting it.

   Fig 3.1 Architecture of Proposed System

   Documents stored in system are of two types:

   1. Organizational Document

   2. Personal Document

   Privileges to organizational documents are set according to hierarchy of organization.Lower designation member can not access the documents of higher designation member.All the rights of read only,write only,read and write,etc cab be assigned by administrator of organization.

   Fig 3.2 Hierarchical Storage of Documents

   1. AES

      AES is an Advanced Encryption Standard used for secure transmission of data in encrypted format. In our system AES is used for sending user authentication data (PIN) in encrypted format.

      Advantages of AES:

      1. AES is more secure and powerful

      2. It provides the key length of 256 bits.

   2. MD5

   MD5 is a Message Digest Algorithm used for encryption of sensitive data like password. In our

   system MD5 is used to encrypt passwords in database.

   Advantages of MD5:

   1) It is one way encryption algorithm so we cant decrypt it.

4. Advantages of Proposed System

   • Increased data reliability

   • Reduce the hardware cost and the physical spaces

   • Easier group collaboration

   • Universal document access

5. Application of Proposed System

   The application of system is to manage and store all documents in hierarchical manner of organization.

   To store large amount of documents or files in the organizations, institutes, offices, etc.

6. Conclusion:

   The Document Management System is a very powerful tool in managing documents of large organizations. This paper proposes a more secure document management system. The security increases because of use of cloud in the system. The cloud also provides distributed system through which data can be remotely accessed from anywhere.

7. References

1. Wiss,Computing in the clouds, networker, vol. 11, no. 4, pp. 16 -25, December 2007.

2. M. Baker, R.Buyya, and D. Laforenza, Grids and grid technologies for wide area distributed computing,

   International Journal of Software: Practise and Experience, vol. 32, pp. 1437-1466, 2002.

3. B. R. Kandukuri, V, R. Pasture and A. Rakshit, Cloud Security Issues, in proceedins of the 2009 IEEE International Conference on Services Computing, pp. 517- 520, September 2009.

4. A. Weiss, Computing in the Clouds, networker, vol. 11, no. 4, pp. 16-25, December.

5. Cloud Technology in the Security Management of Enterprise Document, IEEE International Conference, by Na Liu, vol. 30, pp. 344-360, 2011.

[6]Flogger: A File-centric Logger for Monitoring File Access and Transfers within Cloud Computing Environments, IEEE International Conference, by K L Ryan Ko, Peter Jagadpramana, Bu Sung Lee. vol. 32, pp. 1437-1466, 6 August 2012.