ENCRYPTION AND DECRYPTION OF DATA REPLICATION USING ADVANCED ENCRYPTION STANDARD (AES)

FARAH ZURAIN BINTI MOHD FOIZI

BACHELOR OF COMPUTER SCIENCE (COMPUTER NETWORK SECURITY)WITH HONOURS UNIVERSITI SULTAN ZAINAL ABIDIN

2018

ENCRYPTION AND DECRYPTION OF DATA REPLICATION

USING ADVANCED ENCRYPTION STANDARD (AES)

FARAH ZURAIN BINTI MOHD FOIZI

Bachelor of Computer Science (Computer Network Security) with Honours Faculty of Informatics and Computing Universiti Sultan Zainal Abidin, Terengganu, Malaysia

2018

DECLARATION

It is declared that the project titled Enryption and Decryption of Data Replication Using Replication using Advanced Encryption Standard (AES) algorithm is originally proposed by me. However, further research and exploration onto this project is granted and encourage for contribution upon this topic.

______(Farah Zurain Binti Mohd Foizi)

BTBL15041003

Date:

ii

CONFIRMATION

This project entitle Encryption and Decryption of Data Replication using Advanced Encryption Standard (AES) was prepared and submitted by Farah Zurain binti Mohd Foizi, matric number BTBL15041003 has been satisfactory in terms of scope, quality and presentation as a partial fulfilment of the requirement for Bachelor of Computer Science (Computer Network Security) in University Sultan Zainal Abidin (UniSZA).

Signature : ………………………

Supervisor : ………………………

Date : ………………………

iii

DEDICATION

In the name of Allah, the Most Gracious and the Most Merciful, Alhamdulilah thanks to Allah for giving me the opportunity to complete the Final Year Project proposal report entitles “Encryption and Decryption of Data Replication Using Advanced Encryption Standard (AES)”. I would like to thanks to Dr Zarina bt Mohamad as my supervisor who had guided me, give valuable information and give useful suggestion during compilation and preparation of this research. Also thanks to my family and friends at the instigation of the completion of this project.

iv

ABSTRACT

Nowadays, most company that have transaction process want to ensure that there are no possible failure happened. For instance, if sudden damage happened occurring at primary database, the second one will take over the responsibility of previous work automatically. This process can happen if the company systems have data replication. Data replication is a process that copies and maintains data from a database in one computer or severs to a database in another so that all users share and store same level of the information. This is also increase data availability and enhances data access relevant to their task without interfering work of others. The problem is how to make sure that connection/valuable in data replication is secure. In view of this issue, this paper proposed a secure data replication using encryption algorithm. Encryption is the process of converting readable character into another version of transformation to prevent unauthorized access. So that valuable data information will more secured and this method show a data from a database will be encrypted first then replicate it to another server. The unauthorized user also cannot sniff into database server easily. Thus, this paper approach encryption of data replication using Advanced Encryption Standard (AES) encryption is a symmetric encryption algorithm which are can encrypt and decrypt data or text. AES was created to be efficient and support block- length of 128 bits and key lengths of 128, 192, and 256 bits. This is useful to ensure that sensitive data was secured.

v

ABSTRAK

Di dalam era ini, kebanyakkan syarikat besar menjalankan proses transaksi untuk mencegah daripada berlakunya keberangkalian kegagalan sistem. Sebagai contoh, jika berlaku kegagalan secara tiba-tiba di pangkalan data utama, tidak perlu risau kerana pangkalan data yang ke dua akan mengambil alih memproses kerja secara automatik. Hal ini telah menyedarkan syarikat masa kini pelu menggunakan Replikasi Data sebagai langkah pencegahan. Replikasi data adalah proses yang menyalin dan mengekalkan data dari pangkalan data dalam satu komputer atau memutuskan kepada pangkalan data yang lain supaya semua pengguna berkongsi dan menyimpan tahap maklumat yang sama. Ini juga meningkatkan ketersediaan data dan meningkatkan akses data yang berkaitan dengan tugas mereka tanpa mengganggu kerja orang lain. Masalahnya adalah bagaimana untuk memastikan bahawa sambungan data yang bernilai dalam replikasi data selamat. Memandangkan isu ini, makalah ini mencadangkan replikasi data yang selamat menggunakan algoritma penyulitan. Penyulitan adalah proses menukarkan aksara yang boleh dibaca ke versi lain untuk mengubah cara yang tidak dibenarkan. Jadi maklumat data berharga akan lebih terjamin dan kaedah ini menunjukkan data dari pangkalan data akan disulitkan terlebih dahulu kemudian meniru ke pelayan lain. Pengguna yang tidak dibenarkan juga tidak dapat menghidu ke pelayan pangkalan data dengan mudah. Oleh itu, pendekatan penyulitan data ini menggunakan penyulitan data yang menggunakan enkripsi Advanced Encryption Standard (AES) adalah algoritma penyulitan simetri yang boleh menyulitkan dan menyahsulit data atau teks. AES dicipta untuk menjadi cekap dan menyokong blok lebar 128 bit dan panjang kunci 128, 192, dan 256 bit. Ini berguna untuk memastikan data sensitif terjamin.

vi

CONTENTS

PAGE DECLARATION i CONFIRMATION ii DEDICATION iii ABSTRACT Iv ABSTRAK vi CONTENTS vii-viii LIST OF TABLES vii LIST OF FIGURES Ix LIST OF ABBREVIATIONS X

CHAPTER 1 INTRODUCTION 1.1 Introduction 2-3 1.2 Problem statement 4 1.3 Objectives 5 1.4 Scopes 5

CHAPTER II LITERATURE REVIEW 2.1 Introduction 6 2.2 Data Replication 6 2.3 Comparison of Encryption Algorithm

2.3.1 AES with RC4 7 2.3.2 AES 7-8 2.3.3 AES with Dynamic Key Selection 8 2.3.4 AES for Data Replication in Cloud 8-9 2.3.5 9 2.3.6 9 2.3.7 Hybrid Encryption 9

2.3.8 Blowfish 10 2.3.9 Hybrid 10 2.3.10 Blowfish 10 2.4 Summary 11

vii

CHAPTER III METHODOLOGY 3.1 Introduction 12 3.2 System Design 3.2.1 Framework 13-15 3.2.2 Algorithm 16-18 3.3 AES framework 19-20 3.4 Conclusion 22 CHAPTER 1V IMPLEMENTATION 4.1 Introduction 23 4.2 VMWareworkstation 23 4.3 Server Installation 24

4.3.2 MySQL server 26 4.3.3 SSH 26 4.4 Network configuration 27-30

4.5 Database server 31 4.5.1 Introduction 31 4.5.2 Creating Database 31 4.6 MySQL Replication 33 4.6.1 Master configuration 33-34 4.6.2 Slave configuration 35-36 4.7 AES Encryption and Decryption 37-40 4.8 Scripting 41-48 CHAPTER V RESULT AND DISCUSSION 5.1 Introduction 49-50 5.2 Discussion 51-52 CHAPTER VI CONCLUSION AND FUTURE WORK

5.1 Conclusion 53 5.2 Future work 53-54 CHAPTERVII REFERENCES 55 - 56

viii

LIST OF TABLES

TABLE TITLE PAGE 3.2.2 Description of Table Encryption Algorithm 15-16 3.2.3 Description of Table Decryption Algorithm 16-17

ix

LIST OF FIGURES

FIGURE TITLE PAGE 2.3.3.1 Interface Dynamic Key Selection 6 3.2.1 Framework of Secure Data Replication 13 3.2.2 Encryption and Decryption Process 15 3.2.3 Encryption and Decryption Algorithm 19-20 3.3.1 Flow of AES-128 bits 21 4.2.1 VMWareworkstation 24 4.3.1.1 Folder 25 4.3.1.2 Language 25-26 4.4.1 Master 28 4.4.2 Network interfaces Slave1 28 4.4.3 Network interfaces Slave2 28 4.4.4 IP address Ubuntu-Master 29 4.4.5 IP address Ubuntu-Slave1 30 4.4.6 IP address Ubuntu-Slave2 30 4.5.2.1 Show Databases 31 4.5.2.2 Show Tables 31 4.6.1.1 Configuration of Master file 33 4.6.1.2 Server-id in Ubuntu master 33 4.6.1.3 Successfully transfer to Ubuntu-slave1 34 4.6.1.4 Successfully transfer to Ubuntu-slave1 34 4.6.2.1 Bind-address slave1 35 4.6.2.2 Bind-address slave1 35 4.6.2.3 Server-id slave 2 35 4.6.2.4 Server-id slave 2 36 4.7.1.1 Original sample6.sql 37 4.7.1.2 Export database 38 4.7.1.3 Decryption of file sample6.sql at slave 1 39 4.7.1.4 Decryption of file sample6.sql at slave 2 39 4.8.1 Main scripting 41 4.8.2 Start2.sh scripting file 42 4.8.3 Start3.sh scripting file 43

x

4.8.4 Program.exp connected to slave1 44 4.8.5 Program2.exp connected to slave2 44 4.8.6 Decryption at Slave1 46 4.8.7 Decryption at Slave2 46 4.8.8 Result 47 5.1.1 Encrypted sample6.sql 49 5.1.2 Decrypted sample6.sql.cpt 50

xi

LIST OF ABBREVIATIONS / TERMS / SYMBOLS

AES Advanced Enryption Standards RC4 Rivest Cipher 4 RSA Ron Rivest, Adi Shamir,Leonard Adleman FYP Final year project

xii

LIST OF APPENDICES

APPENDIX TITLE PAGE A Graph Gantt Chart FYP I 57

B Graph Gantt Chart FYP II 58

xiii

CHAPTER 1

INTRODUCTION

1.1 Background

The great development of Internet and World Wide Web makes the number of people surf internet by accessing system development increase. There are 1.7 billion of people used internets since 2012. Despite the rapid growth of using internet, a large of data were shared and used by database system. If this continued happened the database performance will become slower than usual.

World Wide Web is an information platform where documents and other web resources which are identified by Uniform Resource Locators (URLs) then linked by hypertext links and can be accessed through internet. Internet and World Wide Web are two different things which are usually used without much dissimilarity but linked each other. The Internet is a worldwide system which enables multiple computers to connect with each other while web is an application that makes use of the system. Without the Internet people cannot access to the Web. The Web is a path between the Internet and computer that allows people to communicate and share information, whereas the Internet is the connection between computers for data transmission.

Information Replication is the activity or procedure of putting away information in excess of one site or hub. This is essential for enhancing the accessibility of information. There can be full replication, in which a duplicate of the entire database is put away at each site. There can likewise be halfway replication, in which case, some section of the database are duplicated and others are not recreated. There are advantages to data replication which are improve availability and increasing parallelism. For example, if one of the sites containing experience failure, we have another database server to use. Thus, queries can be continued to be processed in spite 2

of the failure of one site. In term of increasing parallelism, both database server can run queries process simultaneously. This can faster the execution and reduce waiting time. This data replication will be implementing by using MySQL. For instance, MySQL database was quite popular among databases system as it a very attractive task in the implementation of replication. MySQL replication is a database that process and allows you to easily maintain multiple copies of a MySQL data by having them copied automatically from a master to a slave database. Master server is a database that has original copy of data while Slave server is database that contains replicated copy of data.

Data encryption is used all over the place in today‟s connected society. As a modern society becomes more connected, and more information becomes available there is need for safeguards which bring data integrity and data secrecy. In addition, authenticating the source of information gives the recipient, with complete certainly that the information came from the original source and that it has not been altered from its original state.

Data encryption translates data into another form, or code, so that only people with access to a secret key formally called a decryption key or password can read it. Encrypted data which is cannot be read by human is called cipher text, while human readable data is called plaintext. Currently, encryption is one of the most popular and effective data security methods used by organizations. Types of data encryption are divided into two types which are symmetric encryption and asymmetric encryption. The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks. The examples of encryption algorithm that popular are AES, Blowfish, Twofish, TripleDES, MD5 and many more.

3

1.2 Problem Statement

Database replication is the effectiveness of a database to significantly control a copy of the data at other location. Besides, data replication also show the synchronizing data across multiple remote databases simultaneously ensures your business critical information is close at hand should disaster strike. This enables your enterprise to be up and running as quickly as possible, reducing productivity and revenue losses, as well as limiting reputational damage. If the system do not provide high data availability it will also affect the system performance. The advantages of having replication are saving times as the system have backup. So, no need to turn the system down if sudden damage happened. Simply leave the ace database running, incidentally stop replication, close down the slave database and make a perfect reinforcement of your information. Re-begin the slave and replication, and the slave will "get up to speed" to the ace in short request and the clients will significantly welcome the expanded uptime of your framework.

In terms of security, it is important to encrypt the information in the database as it increase privacy and security. So unauthorized user cannot sniff and change the data easily. Data Encryption give the potentiality to encrypt data for both transmission which are against non-protected networks and for storage on media. In key management schemes, the flexibility of data encryption is appropriate in an advanced collection. Therefore, in this paper we implement Advance Encryption Standard (AES) method in encryption algorithm. This is because AES is used to protect the data against unauthorized user access. There are three types of block length which are 128,192 and 256 bits. AES also known as Symmetric Key that are using the same key for the process encryption and decryption of the data. According to that explanation, it shows that the achievement of encryption and decryption is fast and the data is more secured without effect the main system. In addition, we can improve the availability of data and do not need to wait for too long if main database server failed. This is show to user the data in the system is safe.

4

1.3 Objectives

There are three main objectives for this proposal. The objectives are a) To study a method that can secure of data replication database server. b) To implement encryption algorithm technique in data replication. c) To study encryption and decryption of data replication by using AES

1.4 Project Scope

The scope of this project focused on encryption of data replication using Advanced Encryption Standard (AES). The scope of this project focused on encryption of data replication using Advanced Encryption Standard (AES). LAMP is an open source Web improvement stages those utilizations Linux as the working framework, Apache as the Web server, MySQL as the social database administration framework and PHP. Sometimes Perl or Python is used instead of PHP. This paper had decided to use MySQL as a database server. We create two database server which are slave and master. So, make sure to install mysql. Master server has original copy of data while slave server as a backup. We link this two databases. If any data been modify or delete in master database server, the slave database server also do the same. If failure happened in master server, the slave server will take over. For the encryption process, we encrypt data in master database before send to slave database. When data arrived at slave database, the data will be encrypted. The data is encrypted by using AES algorithm. So the data cannot be change or sniff in between data transfer master and slave.

5

CHAPTER 2

LITERATURE REVIEW

2.1 Introduction

This chapter discuss the idea of the previous research or article related. It also shows the significant of implementing the technique in former research. In this research there are a few literature reviews that discuss about the encryption algorithm.

2.2 Data Replication

Data replication is one of the methods to manage huge resources of data as it enhances reliability and data access (Noraziah, Azila, Fauzi, Mat & Mohd, 2011). Replication is one of the phenomena happened in the distributed environments which have multiple copies of data are stored at multiple site (Bahareh Alami Miani & Nima Jafari Naimipour, 2017). On that site they were creating, maintaining and updating about the replication which are important and contain challenging issue.

2.3 Technique of Encryption

2.3.1 Comparative analysis AES and RC4 for better Utilization

Plaintext is a data or information that can read or understanding by human and its substance is called encryption while encrypting plaintext results in unreadable gibberish called cipher text (Nidhi Singhal & J.P.S.Raina, 2011). After that, they further their studied on Comparative analysis AES and RC4 for better Utilization. This is because they want to protect data security against unauthorised attack and for better performance of CPU, encryption time, and memory utilization. 6

2.3.2 Implementation of Advanced Encryption Standard (AES)

Algorithm

In information and broadcast communications, is vital when imparting over any questionable medium, which incorporates any system especially the web and a 128 piece AES encryption and Decryption by utilizing Rijndael calculation (Advanced Encryption Standard calculation) is been made into a synthesizable utilizing Verilog code which can be effortlessly executed on to FPGA (M.Pitchaiah, Philemon Daniel & Praveen, 2012). In this research they will use four difference type of byte oriented transformation which are Sub Bytes, Shift Rows, Mix columns and Add Round Key.

2.3.3 AES Based Text Encryption Using 12 Rounds with Dynamic Key

Selection

Symmetric key (AES) has high efficiency that it is suitable for encrypting a relatively long plaintext. Elliptic curve encryption (ECC) is easy for key management that is suitable for key encryption and digital signature (Nishtha Mathur & Rajesh Bansode, 2016). The advantages of this research are there is no need to use private key in transmitted of communication and increase the confidential of decryption key.

Figure 2.3.3.1

7

In figure 2.3.3.1, user must insert the dynamic key in terms to select text documents which is encrypt by using AES. After that, click button encrypt to start the process of encryption and the result will came out after that.

2.3.4 An Optimization and Security of Data Replication in Cloud Using Advanced Encryption algorithm

In Cloud Computing, Database Replication is the successive electronic duplicating of information from a database in one PC or server to a database in another with the goal that all clients share a similar level of data and for the result is a distributed database in which users can access data relevant to their tasks without interfering with the work of others (S.Suganya & R.Kalaiselvan, 2016). Based on the research, they want to study how to secure data replication in cloud computing. Thus, they used DROP methodology. DROP is stand for Division and Replication of Data in the Cloud for Optimal Performance and Security. The DROPs will divided fragments of user files into pieces and then put them in a necessary place in cloud. So any unauthorised data that try to enter into public cloud must prevent them from access. Thus the researcher used advanced encryption algorithm to secure the data. The advantages of implement AES algorithm are the storage system more efficient, reduce in cost of communication, high speed so encryption going faster and reliable network connectivity. In this research, the comparison between Blowfish algorithm and AES algorithm is Blowfish algorithm more suitable for communication connection or impulsive file secured because the key change often while AES has good performance computing that can secured data in cloud computing.

2.3.5 Improved Storage Security Scheme using RSA & Twofish algorithm at Window Azure Cloud

Data storage security refers to the security of data on the storage media and that‟s why security is an important factor in cloud computing for ensuring clients data is placed on the secure mode in the cloud (Amandeep Kaur & Sarpreet Singh, 2013). In this paper, they secured storage scheme by implement Twofish and RSA and user can insert any form of data. After that,

8

the data will be stored in in Windows Azure Cloud. The advantages for having these algorithm are reduces data lost and the aligned of security increases.

2.3.6 Secured Data Transfer for Cloud Using Blowfish

In the world of cloud computing, the cloud provider will, in most cases, be the data processor, passively processing the data, for example, by storing it on its platform. Depending on the type of cloud used, the cloud provider's responsibilities could include providing infrastructure, physical security of the premises, operating system and network security (Sumalatha Potteti & Namita Parati, 2015). The researcher found a variety algorithm used to secure data in cloud computing such as DES, 3DES, blowfish, AES, etc. But, they just made the comparison between AES, Blowfish and RSA. The advantages from this research are get higher confidentiality conserve inattentive, geographic restricting which is allow cloud storage make excellent option and reduce cost. Besides, data can send directly as customer contain all key during encryption process. The result from comparing the algorithms found that AES provide least time to execute cloud data while Blowfish get least memory requirement and RSA had longest memory size so that the process of encryption will be too long.

2.3.7 Hardware implementation of Blowfish algorithm for the secure data Transmission in Internet of Things

Blowfish has 64 bit block cipher which is an amazing decision for encryption, since it is lightweight, open space, and exceptionally secure even after broad investigations which have two approaches to actualize the blowfish calculation which are through programming or equipment usage and contrasted with programming execution, equipment execution has numerous focal points (Manju Suresh and Neema M, 2016). The blowfish calculation is a decent alternative to secure information transmission in IoT in light of the fact that it give best of execution time, less memory utilization and most noteworthy security.

9

2.3.8 Protecting Data in Cloud Storage Using Blowfish Encryption

Algorithm and Image-Based One-Time Password

Cloud is basically the collection of computers on the internet that companies are using to offer their services (M Rama Raju & J Purna Prakash, 2016). One cloud benefit that is being offered is a progressive stockpiling technique for your information. From music records to pictures to touchy archives, the cloud undetectably goes down your documents and organizers and reduces the conceivably unending. Form this research, they figure out three problems or issues in this project which are authenticated, authorization, access control. Thus they implement One Time Pad (OTP) generator by using Blowfish algorithm to prevent these problems. The benefit of using Blowfish algorithm are it is fast as it used 32 bits microprocessor, it more compact to other algorithm as 5K of memory and more secured. The advantages used OTP are if user forgot their image password, OTP will give new image password for every section. Hence, it will avoid user id from replicate.

2.3.9 Enhanced Security using Hybrid Encryption Algorithm

Cloud computing is a technology that provides access to information and computing resources from anywhere that a network is available and it is needed to secure the data stored on cloud (Neha & Mandeep Kaur, 2016). So we must ensure that algorithm must have protection against unauthorized attacks. In this research, they will use hybrid model that contain two symmetric algorithm which are AES and Blowfish. Both algorithm can increase data confidentiality. But, in terms of speed Blowfish has better speed compared to AES because of the length of bits while AES has stronger security.

2.3.10 Secure Storage and Replication Using Hybrid Cryptographic

Algorithm for Cloud Environment

Cloud computing is the new generation technology provides the way of sharing of resources, memory, software anything in the form of service using internet and subsequently, Cloud computing also provides several advantages 10

over the traditional network philosophy Involvement of public network make it sensitive for several security threat such replay attack, eavesdropping, man- in-middle attack. There are many disadvantages that had figure out. First, there is low number of encryption solution for capacity security and replication. Second, replication gives high info accessibility but the cost is irregularity. Third, data link continue increase as well as the consistency but it not secured at all. Next, the solution for control the quantity of copies reliability and data replicate decreased as possible with principle conservation. After that the researcher found that AES perform slower than Rc6 but it is secured compared to Rc6. The good things are replication can help for secure and smooth data storage and performance always approach time.

SUMMARY

Algorithm Symmetric Asymmetric Security Encryption and Decryption Process AES Yes Excellent Faster Rc4 Yes Not Really Slow Blowfish Yes Secured Fast RSA No Not Secured Slower Twofish Yes Secured Fast

11

CHAPTER 3

METHODOLOGY

3.1 Introduction

Methodology is the theoretical analysis or a guideline of method that must be applied when doing some research or study. Generally, it contain with theoretical model, phases, paradigm and quantitative or qualitative techniques. Algorithm is like a paradigm which is a type of constructive theoretical that means the development of framework which is used to structure, plan and control the process of developing the system. In this chapter, we will discuss the process and explanations of the methodology used in this project in terms of how to encrypt data replication using encryption algorithm.

In this project, an encryption algorithm is needed to ensure the security of data replication between two databases server. Thus, AES (Advanced Encryption Standard) algorithm used to secure data replication as it is a type of symmetric block cipher which is encrypt data on a per-block. It is important because AES require less resources and faster than asymmetric block cipher and also suitable to encrypt the original data. The size of each block in AES encryption is measured in bits. For example, 192 bits of plaintext is needed to produce 19 bits of cipher text.

12

3.2 System Design 3.2.1 Framework

Web server

Database server (master)

Replication Use the same key

Database server (slave)

Figure 3.2.1

13

A framework is a basic layered structure that shows a concept, idea, and rules of the program or system to show what kind of program that should be built and how they function. A framework also provides and develop a faster and easier work by simplify complex problem into an easier way. Typically, a framework is more compendious than protocol and more conventional than structure.

In figure 3.2.1 shows that a general process of encryption of data replication. Its involves two databases which are master sever and slave server. Master database server has original copy data information while slave database server act backup server because they contain replicated copy of data information. For this project, employee data information will be used as a collection data. After that it stored the data in database server (master). Generally, authorise user access the web server and make a change to data input whether to add, delete, update about the data information. The data might be in semi-structured or unstructured condition. So, it need to be in sorted first and stored in database server.

For the first step, we have to select text file that saved on database server (master) because we want to encrypt it and replicated to another database which is slave database. The reason why text file need to be encrypted because to ensure that data selected is secured during the process occur.

Next, the encrypted text files need to replicate to backup server. So the process of replication occur start from database server (master) to backup server (slave). This is can increase data availability, performance and enhances data access. Besides, the response time also will be faster. For example, if sudden damage happen to the server the other server already have that backup. So the time taken to wait for maintenance to process it again is shorter.

14

After the process of data replication is success, the text file need to decrypt first before it stored in database. This is because the database that had been stored must be in understanding form. So that it can availableb we to read and the decrypted data can easily store in backup server. The figure 3.2.3 will show detail about encryption of data in diagram.

Figure 3.2.2

In figure 3.2.2, show that employee data which are located at database table in database server need to encrypt. After that, send the encrypt data to the database server (slave) which is also known as backup server. Data encryption must change to decrypt first. This is because decryption of data is a one way to make the data information as human-readable. Thus, they can be read and people will understanding the data all about. The process of encryption and decryption of data replication are using the same key.

The implementation of algorithm in this data replication is AES algorithm. AES is a symmetric block cipher which used same key for encryption and decryption

15

process. Most of the AES encryption use same block bits which 128 bits. But, it depends of us to use other key length like 192 bits and 256 bits. It is important to use AES encryption in both software and hardware. Form figure 3.2.2 shows the algorithm used in this project which is AES encryption algorithm.

1. Start 2. Select text file from database 3. Encrypt text file (for first 9 round) 4. Perform XOR operation with sub key for encryption 5. Divide input bit into 4 parts 6. Byte substitution 7. Shifting rows is a simple byte transposition 8. Mix the data with a column of static key 9. Perform XOR operation with sub key 10. At last round mix column will not involved 11. Data send to the slave server (backup)

Figure 3.2.2

Table 3.2.2 show the number of line of algorithm with the explanations. This is will describe more detail about the algorithm.

No of Description line 2 Select data from database name as text file. 3 To ensure the security of the data when replication process happened, data need to encrypt. 4 This is the first step before process of encryption start, proposed input state array which is XOR is needed for the first round read. 5 AES have four different types of transformation such as SubBytes, ShiftRows, MixColumn, AddRoundKey. 6 At this round, each block of data has its character which is 4x4 bytes

16

matrix and the key also need to break down into 4x4 subkeys. 7 These matrices which is an input and going through 4x4 byte state matric as an output. 8 For each row, the circular shift is achieve. 10 The operation need to be done before the decryption process. 11 After encrypt the data need to decrypt 12 Stored the decrypted text file in backup database server (slave). Table 3.2.2

Figure 3.2.3 shows the algorithm used in this project which is AES decryption algorithm.

1. Start 2. Select text file from database 3. Decrypt text file (for first 9 round) 4. Perform XOR operation with sub key for encryption 5. Divide input bit into 4 parts 6. Byte substitution 7. Shifting rows is a simple byte transposition 8. Mix the data with a column of static key 9. Perform XOR operation with sub key 10. Inverse mix column will not occur in last round of AES 11. Data send to the slave server (backup) 12. Stored text file in backup server 13. Stop

Figure 3.2.3

17

Table 3.2.3 show the number of line of algorithm with the explanations. This is will describe more detail about the algorithm.

Table 3.2.3 No of Description line 2 Select data from database name as text file. 3 To read the original data information from master server the text file need to decrypt first 4 This is the first step before process of decryption start, proposed input state array which is XOR is needed for the first round read. 5 To decrypt, inverse shift rows, inverse substitution bytes, add round

key and inverse mix columns are used.

6 At this round, each block of data has its character which is 4x4 bytes matrix and the key also need to break down into 4x4 subkeys. 7 These matrices which is an input and going through 4x4 byte state matric as an output. 8 For each row, the circular shift is achieve. 10 Same as encryption, the AES only adds round key in the first round while inverse mix columns will not be occurred in last round of AES. 11 After encrypt process the data need to decrypt 12 Stored the decrypted text file in backup database server (slave).

18

3.3 AES

AES stands for Advanced Encryption Standard. AES also known as secret-key ciphers which means that only one key is using by sender and receiver for encryption and decryption. Sender and receiver must use the same key. AES is a symmetric encryption which was introduced to replace DES which is more vulnerable. A key size of 128, 192 and 256 bits are supported. The longer the key size, the security is stronger because there are more rounds using for encryption and decryption.

Different key size used will iterate different number of rounds such as 10 times for 128-bit length key, 12 times for 192-bit key length and 14 times for 256-bit key length. Substitution, transposition and mixing of the input can be found in AES. In figure 3.3.1 show that encryption process, each round consists of 4 processes which are byte substitution, shift rows, mix columns and add round key. In the first round, AES only adds round key while mix columns will not be occurred in last round of AES.

In byte substitution, each byte of a data block is transformed into another block using an 8-bit substitution box (S-box). A shift row is a simple byte transposition. There is no shifting in the first row. One byte is circular left shift in the second row. Two byte and three byte are circular left shift in the third and fourth row. The matrix will multiply with another given fixed matrix to produce new output bytes in mix columns process. Lastly, a subkey is derived from the main key using key schedule in the process of add round key. Each byte will carry out XOR operation with the subkey.

To decrypt, inverse shift rows, inverse substitution bytes, add round key and inverse mix columns are used. Same as encryption, the AES only adds round key in the first round while inverse mix columns will not be occurred in last round of AES. No shifting in the first row in the process of inverse shift rows. One byte is circular right shift in the second row. Two byte and three byte are circular right shift in the

19

third and fourth row. An inverse S-Box is obtained and applied to each byte to inverse the byte substitution transformation. A sub key is derived from the main key using key schedule in the process of add round key. Each byte will carry out XOR operation with the subkey. Lastly, the inverse mix column is the inverse transformation of mix columns.

20

Figure 3.3.1

21

3.4 Conclusion

The replication process involves more than one server. Hence, this project used Oracle VM Virtual Box and created two virtual servers. For the first database act as main database while the other one act as backup database. The primary database located at the main database server. After that, the backup server will receive the replicated data and stored it and the replication of data will secured through AES algorithm.

22

CHAPTER 4

IMPLEMENTATION

4.1 Introduction

This project is implemented according to the framework that designed in the previous chapter. This project is implemented using virtual servers instead of the real servers. This is because of the high cost of the real servers. To create and store the virtual servers, a virtual machine is needed. In this project, VMware Workstation 12 is chosen. Process of secured database replication using AES is done in the virtual environment. In this chapter, VM ware will be introduced. Each step of the processes and system configuration is also recorded explained using figures.

4.2 VMware Workstation

There are three servers are created and stored in virtual machines. Virtual machine is a type of software that runs operating system and applications. The operating systems used in virtual machine may be different with the operating system in the computer. The operating systems that can be used in the virtual machine are Linux or Windows. The operating system used in this project is Linux. VMware Workstation 12 is very useful since VM ware allows multiple operating systems within the same computer. With VM ware, people do not need to purchase a new computer just for running different operating systems. It is also able to clone virtual machines.

23

In this project, one of the virtual servers is created to act as master server while the other two servers will act as slave servers.

Figure 4.2.1 shows the interface of the Oracle VMware Workstation with three virtual servers. Figure 4.2.1

This project is implemented using the concept of virtual servers because the real servers are expensive. The virtual servers are created in a virtual environment. The configuration of the virtual servers is same with the real servers.

4.3 Server Installation

4.3.1 Ubuntu Server

After installing the VM ware, Ubuntu server is also needed. In this project, a version of Ubuntu 14.04.4-server-amd64.iso is installed. Ubuntu server can be downloaded from http://www.ubuntu.com/download/server .

Steps taken in order to create a virtual server: 1) Download ISO file. 2) Boot the system from the folder that stored iso file. It is used when user want to do a start-up disk.

24

Figure 4.3.1.1: Select the folder that stored Ubuntu-14.04.1-server-i386

3) After that, select the folder that stored Iso image. 4) Select language.

Figure 4.3.1.2: Select the language used

25

Then, select for the first option which is “Install Ubuntu Server”. After that, user can select option that suited for language, keyboard layout, network configuration, hostname and time zone. Finally, user will be prompted to provide a username and password for log in session later. Save all the setting and installation of Ubuntu Server is complete.

In this project, there are three database servers was created namely Ubuntu- master, Ubuntu-Slave 1, Ubuntu-Slave 2. Step to create these databases was mentioned earlier.

4.3.2 MySQL Server

In this project, a database is needed to store the information and to enable SQL in the virtual server. MySQL server is installed by using the command, sudo apt-get install mysql-server. If this command not successful, try to check the network connection or try to update. This is to make sure the available package is up to date before installing anything new. The command for update is sudo apt-get update. During installation, user is prompted to provide password for MySQL root user. After the user confirm password and “root” user, the MySQL Server is installed. When the installation completed, there are some additional commands need to be run in order to get MySQL environment set up securely.

4.3.3 SSH

Secure Socket Shell, is a system convention that furnishes heads with a protected method to get to a remote PC. SSH likewise alludes to the suite of utilities that execute the convention. Secure Shell gives fixed confirmation and secure scrambled information correspondences between two PCs interfacing over a connection system, for example, the Internet. It is also used to run command line and transfer files. To install the SSH server, use command sudo apt-get install openssh- server. In order to create connection between three servers which are Ubuntu-master Server, Ubuntu-Slave 1 Server and Ubuntu-Slave 2 Server, SSH are needed. If the command is denied, run the update command first, sudo apt-get update. After updating, install the OpenSSH server.

26

4.4 Network Configuration

This project will change the dynamic IP address to a static IP address. A static Internet Protocol (IP) address is a fix number that cannot be changed assigned to a computer by an Internet Service Provider (ISP).

Setup to utilize a static IP deliver need to add the static technique to the inet address family proclamation for the suitable interface in the document sudo nano/and so forth/arrange/interfaces. For this project, user used p3p1 and p3p2 instead of eth0 and eth1. This is because p3p1 used dhcp ip which easy and auto assign ip address. Since p3p1 choose NAT as network adapter, it is easy to connect with internet. For p3p2, it is use static ip address because it has easier way to configure private network. P3p2 used HOST only as network adapter. Thus, user can isolate virtual network.

Figure 4.4.1: Network Interfaces Ubuntu-Master

Figure 4.4.1 shows the file sudo nano /etc/network/interfaces that had been configured in Ubuntu-master server. User states this ip address 192.168.224.132 as a static IP address for master server.

27

Figure 4.4.2: Network Interfaces Ubuntu-Slave1

Figure 4.4.3: Network Interfaces Ubuntu-Slave2

28

Figure 4.4.2 and figure 4.4.3 above shows configuration network file in Ubuntu-slave 1 and Ubuntu-slave 2. User state the static IP with 192.168.224.128 and 192.168.224.130. Next, user need to reboot the server and check it with command ifconfig at each of the servers

Figure 4.4.4: Ip address for Ubuntu-Master

29

Figure 4.4.5: Ip address for Ubuntu-Slave1

Figure 4.4.6: Ip address for Ubuntu-Slave2

Figure 4.4 (d), figure 4.4 (e) and figure 4.4 (f) show dhcp ip address is auto assign at p3p1 while p3p2 ip address that had been set in sudo nano /etc/network/interfaces. User will use p3p2 ip since it is for private network.

30

4.5 Database Server

4.5.1 Introduction

Before the process of data replication occurs, the data must be encrypting first before transfer between servers. In order to encrypt the data replication, user has to create a database before replicate to another server. Thus, user has to install software or tools that can be used to manage database. For example, MySQL database. SSH for create connection between three servers, and tool or method use for the encryption of database from one server to other server.

4.5.2 Creating database

After MySQL is installing, user can access the MySQL shell by typing the following command into terminal, mysql –u root –p. After insert the root MySQL password into the prompt and ready to create mysql database. In addition, MySQL command must be ending with semicolon (;). Otherwise, the command will not execute.

In order to create new database, user must typing this command in MySQL terminal, CREATE DATABASE fzcompany; In this project, the database is called „fzcompany‟. Once user has the new database, user can begin to fill it with information. The user will used the command USE fzcompany; to open up the new database. To show how database that user have in a database server, user insert this command, SHOW DATABASES; Since this is a new database, MySQL has nothing to show and you will get the message, Empty Set. Then, user creates a new MySQL table by typing command CREATE TABLE employee; To show table that user had create, user just need to type command SHOW TABLES;.

31

Figure 4.5.2.1 show the list of databases that stored in Ubuntu-master server while figure 4.5.2.2 show about tables in database “fzcompany” which is the table is “employee”.

Figure 4.5.2.1: show databases

Figure 4.5.2.2: show tables

To collect further information, user can choose to view, update or delete any data or column in each of the table. After done creating database, use command ‘exit’ to exit from MySQL terminal.

32

4.6 MYSQL Replication

4.6.1 Master Configuration

In master configuration, some changes are made in the MySQL configuration file by using sudo nano /etc/mysql/my.cnf. Next, bind the server to the local host by replacing the bind-address with the IP address of the server as in the figure 4.6.1.1

Figure 4.6.1.1: MySQL configuration file of master server.

In mysql section of the sudo nano /etc/mysql/my.cnf file, the server-id was uncommented and set as 1 which is unique. The line log_bin was aslo uncommented. Changes were made and saved as shown in the figure 4.6.1.2

Figure 4.6.1.2: server-id in Ubuntu-Master

After that, restart and log in MySQL server and the slave servers were granted as replication slave servers. Next, restart MySQL by using the command sudo service mysql restart. Lastly, export the database using mysqldump command, mysqldump –u root –p –all-databases -–master-data > sample6.sql which all the changes made in the database of the master server will export and recorded in the sample6.sql file. To insert farah2.sql into Mysql user must use the command, mysql –u root –p < sample6.sql. The database in the slave servers were synchronized according to that file. To send the sample6.sql to another two slaver server, user need to use this command:

 scp sample6.sql 192.168.224.128 (Ubuntu-Slave 1)  scp sample6.sql 192.168.224.130 (Ubuntu-Slave 2)

33

Figure 4.6.1.3: Successfully transfer to Ubuntu-Slave1

Figure 4.6.1.4: Successfully transfer to Ubuntu-Slave2

Figure 4.6.1.3 and figure 4.6.1.4 show that sample6.sql successfully transferred into Ubuntu-Slave 1 and Ubuntu-Slave 2 from Ubuntu-Master.

34

4.6.2 Slave Configuration

For backup database server which are Ubuntu-Slave 1 and Ubuntu-Slave 2 also made some changes in MySQL configuration file using same command as master, sudo nano /etc/mysql/my.cnf. Next, bind the server to the local host by replacing the bind-address with the IP address of the server as in the figure 4.6.2.1 and 4.6.2.2

Figure 4.6.2.1: bind-address Ubuntu-Slave 1

Figure 4.6.2.2: bind-address Ubuntu-Slave 2

In mysqld section of the /etc/mysql/my.cnf file, the server-id was uncommented and set as 2 while slave 2 as 3. The number of server id must not same with server-id. The line log_bin was aslo uncommented. Changes were made and saved as shown in the figure 4.6.2.3

Figure 4.6.2.3: Server-id Ubuntu-Slave 1

35

Figure 4.6.2.4: Server-Id Ubuntu-Slave 2

After that, restart MySQL by using this command, sudo service mysql restart. Next, same goes to slave server user needs to insert file sample2.sql that has been retrieved into MySQL by using command, sudo mysql –u root –p < sample6.sql. User can used command ls to check if that file (sample6.sql) is done transferred. This is also show the data successfully replicate either in Ubuntu- Slave 1 or Ubuntu-Slave 2. Then user can check their database by write command mysql –u root –p to log in into MySQL terminal.

36

4.7 AES Encryption and Decryption

4.7.1 Encryption

Encryption is technique to translate data or messages that people can read which also known as plaintext into unreadable data which is cipher text. To secure the data replication during transmission, AES encryption is used. To generate AES algorithm, it needs Ccrypt‟s help. Ccrypt is one of the famous UNIX commands that do an exchange command. Ccrypt is an utility for scrambling and decoding files and streams. It was created to replace the standard UNIX crypt utility, which is famous for using a very weak encryption algorithm. This cipher is believed to provide very strong cryptographic security.

After export all databases into sql file named as sample6.sql, user can proceed with encryption process. The figure 4.7.1.1 below show that fzcompany database saved in sample6.sql at Ubuntu-Master server.

Fgure 4.7.1.1: original file sample6.sql

37

As mentioned earlier, Ccrypt is a tool of encryption that securing files with AES algorithm. File named sample6.sql will encrypt using this tool. First, user need to install mcrypt by typing this command sudo apt-get install ccrypt.

Figure 4.7.1.2: Export databases

Figure 4.7.1.2 show from the process of export all databases in mysql into sql file, encryption and send encrypyed file to backup databases. For encryption command, –f and –K were used. User also used –K in encryption command which means user don‟t have to enter passphrase (password).

Next, user will send the encrypted file into Ubuntu-Slave 1 and Ubuntu-Slave 2. The encrypted file will change to sample6.sql.cpt .User will used command scp sample6.sql.cpt and behind that encrypted file with ip address Ubuntu-slave 1 and Ubuntu-slave2. For information, this command has been mentioned earlier in subtopic Mysql Replication which means the data is replicate. But, the difference is the file has been sent earlier not in encrypted state. In this encryption process, it is also show that the encrypted file successfully sends to Ubuntu-Slave 1 and Ubuntu-Slave 2. In other words, the figure shows that the encrypted file is done transfer to Ubuntu-Slave1. The same process happened to Ubuntu-Slave2. User can also checked at Slave servers either the encrypted file was successfully transferred by typing command ls.

38

Then, user needs to decrypt sample6.sql.cpt file so that it can be read by user. Since the encrypted file is retrieved by Ubuntu-Slave 1 and Ubuntu-Slave2. Thus specific command is used to perform the decryption operation.

Figure 4.7.1.3: Decryption of file sample6.sql.cpt at Ubuntu-Slave1

Figure 4.7.1.4: Decryption of file sample6.sql.cpt at Ubuntu-Slave2

In figure 4.7.1.3 and 4.7.1.4, also show that the encrypted file sample6.sql.cpt is successfully transferred from Ubuntu-Master. The decryption operation is done by using command, ccdecrypt –f sample6.sql.cpt –K farah123. In addition, it is proved that the file is successful decrypt.

39

Figure 4.7.1.5

Then user can check their database by write command mysql –u root –p < sample6.sql to log in into MySQL terminal. After that, user can show all databases and tables as shown as figure 4.7.1.5 above. Figure above also shows that table employee from Ubuntu Master Server that successful replicated into Ubuntu- Slave1 and Ubuntu Slave2 server.

40

4.8 Scripting

A bash script is a plain text file with contain a series of commands. These commands are mixture of commands that normally user type itself on the command line. Anything can run normally on the command line can be put into a script and it will do exactly the same thing. Similarly, anything user put into a script can also be run normally on the command line and it will do exactly the same thing.

In this project, user needs to create scripting file of an extension of .sh(shell script). There are seven scripting file were created. Five scripting files created in Ubuntu-Master while another two in backup server with each server has one scripting file. Scripting file start.sh which is located at master server that contains some commands is connected to each script that involved. However, only the main scripting file will run and executed the result.

Running a bash script is fairly easy. Before user can execute a script it must have the execute permission set for safety reasons. If user forgot to grant this permission before running the script, then user will get an error message. Running the script file above, user need to put ./ in front of file‟s name. In this project, user only run start.sh script because in that scripting involved all the processes.

Figure 4.8.1: Main Scripting File 41

In figure 4.8.1 shows that the main scripting file which is located at Ubuntu- Master will process the whole operation of Encryption and Decryption of Data Replication. Inside this scripting, there are another two scripting which are start2.sh and start3.sh that support the main processes. They are connected because the main scripting file will processes and run those two scripting files before executed the output. Later, there will be explanations about those scripting. Although there are two scripting in Ubuntu-Master but they have the same function.

Figure 4.8.2: start2.sh scripting file

In figure 4.8.2 show the flow of the processes starting from export all databases in mysql into text file which is the extension used is .sql. Next user encrypts the text file using ccrypt tools that generate AES algorithm. After that, send the encrypted file to Ubuntu-Slave1 with ip address, 192.168.224.128. Then set timeout for 2 seconds. Lastly expect program.exp which is also another scripting file that created. User will explained about program.exp at next paragraph. The same processes happened at start3.sh at figure 4.8.3 but it is belongs to Ubuntu-Slave2 42

which means the encrypted files will send to Ubuntu-Slave2 but expect command make it run automatically and transferred the decrypted file to backup server.

Figure 4.8.3: start3.sh scripting file

43

Figure 4.8.4: program.exp connected to Ubuntu-Slave1

Figure 4.8.5: program2.exp used connected to Ubuntu-Slave2

44

Explanation for those scripting program.exp and program2.exp. They have same command since it work the same things. Thus, user needs to know their characteristic for each command so that the scripting can run and connected to each other. The process are below:

1. #!/bin/bash/expects –user need to declare the bash scripting and using expects 2. Set prompt tu – user need to set that prompt which is the same as one of the symbol in “ “. 3. Thus, if user want to call ssh in automatically, user must use spawn ssh then proceed with ip address that want to send the encrypted file. 4. Next, user need expect whenever used spawn ssh ip slave. After that ssh will asked password of ip address that user want to ssh. Thus , it can access through master. So user need to password of slave server. Besides, \r is needed because when the file is sent, system will read \r as enter. So automatically the password will insert. 5. In addition user also used –re which means as equal. If the user had enter at slave server that has been used ssh, user will see anything like prompt. For example, farah@ubuntu~$ 6. The used of $ in the prompt, user will send command ./start2.sh\r. so scripting will run until it finished. After it finished user will see that prompt again. If user see anything like prompt, user need to send exit \r. thus, in automatically user will exit from ssh slave server and back to master.

45

Figure 4.8.6: Scripting for decryption in Ubuntu-Slave1

Figure 4.8.7: Scripting for decryption Ubuntu-Slave2

From figure 4.8.6 and 4.8.7 show the processes of scripting files which are contains command for decrypt files using tools ccrypt. After the decryption process is successful, the decrypted files will import into mysql. This is also show data replicate successfully because it stored and shared same information as Ubuntu-Master.

46

As a result, decrypted file sample6.sql was successfully sent to Ubuntu-Slave1 and Ubuntu-Slave2. Since user used expect command that will automatically run the process of transfer decrypted file to backup server.

Figure 4.8.8: Result for Ubuntu-Slave1

Figure 4.8.9: Result for Ubuntu-Slave2

The figures above show that the result after run start.sh script files. From start.sh scripting, it will link with 2 main scripting in master which is start2.sh and start3.sh. Firstly it will run start2.sh which scripting about extract database from mysql, encrypt the file, send the encrypted .sql file to slave1 and it will link with another scripting which called program.exp. In program.exp, the process happened is automatic spawn ssh, submit password, and run the scripting exist in slave server which called start2.sh. in start2.sh at slave 1 server. In this scripting, the process happened is decrypt the encrypted mysql file received from master, and import the

47

decrypted file into slave1‟s mysql. And after this process happened, the command will exit from ssh and back to master. Same goes to start3.sh which connects with another slave which is slave 2. The flow will be from start3.sh will connect with program2.exp scripting and then connect with start2b.sh. All the process same with slave 1

48

CHAPTER 5

RESULT AND DISCUSSION

5.1 Introduction

This chapter will discuss a result of this project and the content on this chapter are results and discussion for the whole of this project, project contribution and some suggestion.

As a result there server which are Ubuntu-Master, Ubuntu-Slave1 and Ubuntu- Slave2 are successfully connected to each other. Besides, AES algorithm successfully implemented though encryption tools named as Ccrypt. Ccrypt tools used for securing files with AES cryptography. From that tool AES is able to encrypt and decrypt the data in this project. The data was replicated and encrypted from master server to the other slave servers and decrypted immediately after it arrived at slave servers.

Figure 5.1.2: Encrypted file sample.sql.cpt

49

Figure 5.1.2: Decrypted file that retrieved at Ubuntu-Slave1

AES turned the data into an unreadable formed as shown in the figure above. The data is useless to the unauthorized people since the data is not understandable. To retrieve the data, AES decryption was done. Decryption decrypted the data into the readable formed using the same key in encryption. The data was retrieved successfully as shown in the figure 5.1.2.

50

The key used for encryption and decryption must be strong. A strong key is a combination of characters, numbers and symbol with a larger key length. The key should also be changed every year since people may crack the key successfully.

5.2 Discussion

This project is about to encryption and decryption of data replication between three database servers, so user need to do some encryption before data replication. This project was implement AES encryption algorithm for secure data replication. So, the discussion will be focus on some concern that related to the project which is Encryption and Decryption of Data Replication. There were three problems or concern that want to discuss which are incident 1 there are no replication, incident 2 there are replication occur incident 3 there are replication with Encryption. Here are all about the concern: I. No replication: Can imagine or not if in this large industry such as digital finances or banking do not apply data replication in their business. If there are no replications, the existing data may easily loss. Data replication need as a backup so that user can access another server if there are servers down or interrupted by other problem. Next, if there are no replicas, the lower are the chances that required data is found where the transaction is executing. As conclusion, there are not relevant if there is no replication.

II. Replication: Replication is the way toward duplicating and keeping up database objects, for example, tables in various databases that make up a dispersed database. Some of the common reasons for using replication are the availability, performance and network load reduction and mass deployment. Replication can provide high availability and performance at once by shared data to a local access because it balances activity over multiple site. For example, users can access one server while other users access different server. Thereby this two common reasons reducing the load at all server. But data replication sometimes not successful secured replicate into another server. Sometimes it might data loss when replication process occurs.

51

III. Replication with Encryption: this incident is related to this project which is secure data replication. Secured data replication can be implemented with encryption algorithm technique. User need to concerned about the data security, both physical server security and logical data security. With implemented encryption in data replication, there are increased the availability and security of the data itself. For example, if there are data replication with encryption and data might be stolen or lose in the middle of network, the data still safe because user implement the encryption technique. Encryption technique shows you data will display in unreadable and cannot to be understood. The security of data increased with the setup password as a key of encryption. At the moment of encryption, user had setup a key and replicate to the other server and can be opened with the same key. Refer to the problem above about data might be loss or stolen by others, this problem will not arise as long as the key cannot be break.

IV. Expect command- In program.exp, the process happened is automatic spawn ssh, submit password, and run the scripting exist. Thus the scripting will run automatically. If user did not use this method, user needs to run the script one by one as it is manual scripting.

52

CHAPTER 6

CONCLUSION AND FUTURE WORK

6.1 Conclusion

As a conclusion, hopefully that this project can be upgraded using the suggestion method or other suitable method that can increase the availability of the data. Besides, this project can be improved with the solution to the situation and focus more on big data. This is because the real world now requires the replicating of data in financing or banking.

The cryptographic algorithm, Advance Encryption Standard (AES) had been proposed and used in this project. Data replication is more secured by using AES as AES provides a strong level of security. To prevent the data sent through the unsecured channel, data encryption is very useful. Encryption turns the readable data into unreadable form. Data becomes useless since people do not understand. To retrieve the encrypted data, user must have the key to perform decryption.

6.2 Future work

Database replication is a technique that widely deployed by the organizations. Database replication provides data consistency and synchronization and helps to ensure there is no data loss where the master server is down. In this project, master-slave replication was implemented. Although there are two slave servers were built to back up the data, some problems may arise when the master server is down. There is no guarantee of all slave servers receive all the binlog events from the crashed master. Data become inconsistent when the master server is down. In this project, for the future work, the data replication will be real time processing. Since we use the scripting which need to be run before data replication happens which is manually and not real times. Maybe in the scripting, it can be set the time whenever changes have been made in master

53

database, the slave will be automatically gain the changes at the same time. So that, the data replication process will be more real times. Also, doing some fragmentation will help improve the security. Instead of copy all the data in database, fragmentation will help to copy data partially which be more secure. For example, if network have been breached and the „guest‟ get the data, the data is not complete and doesn‟t give more information to the „guest‟. So from fragmentation we can enhance the security of data replication.

54

REFERENCES

[1] William Stallings, Cryptography and Network Security Principles and Practice, seventh edition, 2017. [2] Beg, A.H, Noraziah, A.Abdulla, A.N and Rabbi, K.F, Framework of Resistance layer synchronous replication to improve data availability into a heterogeneous system, international journal of computer theory on engineering, 5(4), 611, 2013. [3] Nidhi Singhal and J.P.S.Raina, Comparative analysis AES and RC4 for better Utilization, International Journal of Computer Trends and Technology, July to Aug Issue 2011. [4] M.Pitchaiah, Philemon Daniel and Praveen, Implementation of Advanced Encryption Standard (AES) Algorithm, International Journal of Scientific & Engineering Research Volume 3, Issue 3, March, 2012. [5] Nishtha Mathura and Rajesh Bansodeb, AES Based Text Encryption Using 12 Rounds with Dynamic Key Selection, 7th International Conference on Communication, Computing and Virtualization, 2016. [6] Manju Suresh and Neema M, 4 Hardware implementation of Blowfish algorithm for the secure data Transmission in Internet of Things, Global Colloquium in Recent Advancement and Effectual Researches in Engineering, Science and Technology, RAEREST, 2016. [7] S.Suganya and R.Kalaiselvan, An Optimization and Security of Data Replication in Cloud Using Advanced Encryption algorithm, International Journal of Engineering and Computer Science ISSN: 2319-7242 Volume 5 Issues, 6 June 2016. [8] Amandeep Kaur and Sarpreet Singh, Improved Storage Security Scheme using RSA & Twofish algorithm at Window Azure Cloud, International Journal of Computer Trends and Technology (IJCTT), volume 4 Issue, July 2013. [9] Sumalatha Potteti and Namita Parati, Secured Data Transfer for Cloud Using Blowfish algorithm, International Journal of Soft Computing and Artificial Intelligence, ISSN: 2321-404X, Volume-3, Issue-2, and November, 2015.

55

[10] Neha and Mandeep Kaur Enhanced Security using Hybrid Encryption Algorithm, International Journal of Innovative Research in Computer and Communication Engineering, (An ISO 3297: 2007 Certified Organization)Vol. 4, Issue 7, July, 2016. [11] M Rama Raju and J Purna Prakash Protecting Data in Cloud Storage Using Blowfish Encryption Algorithm and Image-Based One-Time Password CSE Department, Christu Jyothi Institute of Technology & Science, 2016. [12] Sakshi Joshi Arpit Agrawal, Secure Storage and Replication Using Hybrid Cryptographic Algorithm for Cloud Environment, International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 7, Issue 1, January, 2018.

[13] Rizky Riyaldhi, Rojali and Aditya Kurniawan, Improvement of Advanced Encryption Standard Algorithm with Shift Row and S.Box Modification Mapping In Mix Column, 2nd International Conference on Computer Science and Computational Intelligence 2017, ICCSCI 2017, 13-14 October 2017, Bali, Indonesia. [14] P. Princy, a Comparison of Symmetric Key Algorithms Des, Aes, Blowfish, Rc4, Rc6: A Survey, Research Scholar, School of Computer Science, Engineering and Applications, Bharathidasan University, Trichy, India and May, 2015. [15] Ayush Kesarwani and Milind Mathur, Comparison between Des, 3des, Rc2, Rc6, Blowfish and Aes, Proceedings of National Conference on New Horizons in IT - NCNHIT 2013. [16] Singh, G. (2013). A study of encryption algorithms (RSA, DES, 3DES and AES) for information security. International Journal of Computer Applications, 67(19). [17] http://shodhganga.inflibnet.ac.in/bitstream/10603/42667/9/09_chapter%201.pdf [18] https://ubuntuforums.org/archive/index.php/t-922217.html

[19] https://www.linuxtrainingacademy.com/mysql-master-slave-replication-ubuntu- linux/

[20] http://manpages.ubuntu.com/manpages/trusty/man1/ccrypt.1.html

56

APPENDICES

Task W1 W2 W3 W4 W6 W7 W8 W9 W10 W11 W12 W13 W14 W15 W15 Discussion title with supervisor Abstract & title submission LR discussion & problem statement Proposal preparation & slide Proposal

presentation Proposal correction Methodology Framework design Implementation of algorithm Conference preparation Conference academic project (framework) Proposal draft submission Proposal correction Proposal report submission Gantt chart FYP 1

57

Task W1 W2 W3 W4 W5 W6 W7 W8 W9 W10 Project meeting with supervisor Project Development: Create server and Installation Project Development: Encryption Progress Presentation Project Development

continued: Data replication Project Development continued: decryption Testing encryption algorithm Scripting Final Presentation Documentation of Proposal Submission proposal report Report amendment Final Submission of Project Report Submit Report Thesis Gantt chart FYP II

58