- Open Access
- Total Downloads : 361
- Authors : Sharmishtha D. Ronge, Mrs. C. A. Laulkar
- Paper ID : IJERTV3IS110964
- Volume & Issue : Volume 03, Issue 11 (November 2014)
- Published (First Online): 24-11-2014
- ISSN (Online) : 2278-0181
- Publisher Name : IJERT
- License: This work is licensed under a Creative Commons Attribution 4.0 International License
Data Dynamic and Batch Auditing Supporting Privacy Preserving Cloud Computing
Sharmishtha D. Ronge
Department of Computer Network Engineering Sinhgad College of Engineering
Pune, India
Mrs. C. A. Laulkar
Department of Computer Network Engineering Sinhgad College of Engineering
Pune, India
Abstract Its emotional into next generation with cloud computing being completed. The manner application software package and databases are holding on has been modified. Currently they're hold on in cloud information centers during which security could be a concern from consumer purpose of read. The new development that is employed to store and manage information while is not capital investment has brought several security challenges that aren't completely understood. This paper focuses on the protection and integrity {of information of knowledge of information} holds on in cloud data servers. The info integrity verification is finished by employing a third party auditor WHO is allowed to ascertain integrity of knowledge sporadically on behalf of consumer.
The consumer of {the information the info the information} gets notifications from third party auditor once data integrity is lost. Not solely verification of knowledge integrity, the planned system conjointly supports information dynamics. The work that has been tired this line lacks information dynamics and true public audit ability. The auditing task monitors information modifications, insertions and deletions. The planned system is capable of supporting each public audit ability and information dynamics. The review of literature has discovered the issues with existing systems which is that the motivation behind seizing this work. Merkle Hash Tree is employed to boost block level authentication. So as to handle auditing tasks at the same time, additive mixture signature is employed. This permits TPA to perform auditing at the same time for multiple purchasers. Thus here Im presenting the analysis of multi user primarily based TPA system. The experiments reveal that the planned system is incredibly economical and conjointly secure.
Keywords Cloud computing, information dynamic, Batch Auditing, Privacy protective.
-
INTRODUCTION
One of future generations IT Enterprise is Cloud Computing that moves the applying software package and information bases to the centralized giant data centers, wherever the management of the info and services might not be totally trustworthy. Many trends are gap up the age of Cloud Computing, that is associate degree Internet-based development and use of technology. The ever cheaper and a lot of powerful processors, beside the software as a service (SaaS) computing design, are reworking information centers into pools of computing service on an enormous scale. Meanwhile, the increasing network information measure and reliable nevertheless versatile network connections create it
even attainable that purchasers will currently subscribe top quality services from information and software package that reside entirely on remote information centers. Though unreal as a promising service platform for the web, the new information storage paradigm in Cloud brings regarding several difficult style problems that have profound influence on the protection and performance of the system. One amongst the most important considerations with cloud information storage is that of knowledge integrity verification at untrusted servers. Whats a lot of serious is that for saving cash and space for storing the service supplier may neglect to stay or deliberately delete seldom accessed information files that belong to a normal consumer. contemplate the big size of the outsourced electronic information and therefore the clients affected resource capability, the core of the matter are often generalized as however will the consumer realize associate degree economical thanks to perform periodical integrity verifications while not the native copy of knowledge files. Considering the role of the champion within the model is all the schemes conferred before constitute 2 categories: personal audit ability and public audit ability. Though themes with personal audit ability can do higher scheme potency, public audit ability permits anyone, not simply the consumer (data owner), to challenge the cloud server for correctness data} storage whereas keeping no personal information. Then, purchasers are able to delegate the analysis of the service performance to associate degree freelance third party auditor (TPA), while not devotion of their computation resources. Within the cloud, the purchasers themselves are unreliable or might not be able to afford the overhead of playacting frequent integrity checks.
-
LITERATURE SURVEY
Recently, abundant of growing interest has been pursued within the context of remotely hold on information verification. Ateniese et al. [1] are the primary to think about public audit ability in their outlined provable information possession (PDP) model for making certain possession of files on untrusted storages. In their theme, utilize RSA primarily based similarity tags for auditing outsourced information, so public audit ability is achieved. However, Ateniese et al. don't contemplate the case of dynamic information storage, and therefore the direct extension of their theme from static information storage to dynamic case could suffer style and security issues. In their resultant work [2],
Ateniese et al. propose a dynamic version of the previous PDP theme. However, the system imposes a priori sure on the amount of queries and doesn't support totally dynamic information operations, i.e., it solely permits terribly basic block operations with restricted practicality, and block insertions cannot be supported. In [20], Wang et al. on template dynamic information storage during a distributed state of affairs, and therefore the planned challenge-response protocol will each verify the info correctness and find attainable errors. Just like [2], they solely contemplate partial support for dynamic information operation. Juels et al. [10] describe a proof of irretrievability (PoR) model, wherever spot-checking and error-correcting codes are wont to guarantee each possession and irretrievability of knowledge files on archive service systems. Specifically, some special blocks referred to as sentinels are indiscriminately embedded into the info file F for detection purpose, and F is more encrypted to guard the positions of those special blocks. However, like [2], the amount of queries a consumer will perform is additionally a hard and fast priori, and therefore the introduction of recomputed sentinels prevents the event of realizing dynamic information updates.
In addition, public audit ability isn't supported in their
theme. Shacham et al. [16] style associate degree improved PoR theme with full proofs of security within the security model outlined in [10]. They use publically verifiable similarity authenticators engineered from BLS signatures [4], supported that the proofs are often collective into satiny low critic price, and public retrieve ability is achieved. Still, the authors solely contemplate static information files. Erway et al. [9] was the primary to explore constructions for dynamic demonstrable information possession. They extend the PDP model in [1] to support demonstrable updates to hold on information files victimization rank-based etch skip lists. The theme is actually a completely dynamic version of the PDP resolution. To support updates, particularly for block insertion, they eliminate the index ifo within the tag computation in Atenieses PDP model [1] and use etch skip list organization to certify the tag info of challenged or updated blocks 1st before the verification procedure. However, the potency of their theme remains unclear. Though the present schemes aim at providing integrity verification the various information in storage system is the matter of supporting each public audit ability and information dynamics is has not been totally self- addressed. The way to attain a secure associate degreed economical style to seamlessly integrate these 2 vital parts for information storage service remains an open difficult task in Cloud Computing. 2 basic solutions (i.e., the MAC-based and signature primarily based schemes) for realizing information audit ability and discuss their demerits in supporting public audit ability and information dynamics. Secondly, generalize the support {of information of knowledge of information} dynamics to each proof of retrieve ability (PoR) and demonstrable information possession (PDP) models and discuss the impact of dynamic data operations on the system potency each.
In specific, emphasize that whereas dynamic
information updates are often performed with efficiency in PDP models a lot of economical protocols ought to be designed for the update of the encoded files in PoR models.
-
PROPOSE APPLICATION FRAMEWORK
-
drawbacks Statement and Scope
The integrity of knowledge in cloud storage, however, is subject to skepticism and scrutiny, as information hold on in associate degree untrusted cloud will simply be lost or corrupted, as a result of hardware failures and human errors [1]. To guard the integrity of cloud information, it's best to perform public auditing by introducing a 3rd party auditor (TPA), WHO offers its auditing service with a lot of powerful computation and communication skills than regular users.
Fig1. Show proposed architecture
As are often seen in fig. 1, it's evident that purchasers store their information into cloud storage servers provided by cloud service supplier. This model assumes 2 things. Theyre a) the cloud information supplier could delete files of consumer. B) Cloud information supplier could hide potential issues within the information center. Keeping these assumptions in mind, the mechanisms within the planned system are designed.
-
Operating of Audit method (TPA):
In this method the integrity is of shared information within the cloud with static teams. It means that the cluster is pre-defined before shared information is formed within the cloud and therefore the membership of users within the cluster isn't modified throughout information sharing. The initial user is answerable for deciding WHO is ready to share her information before outsourcing information to the cloud. Another fascinating drawback is the way to audit the integrity of shared information within the cloud with dynamic teams a brand new user are often additional into the cluster associate degreed an existing cluster member are often revoked throughout information sharing whereas still protective identity privacy.
Fig 2. Data Sharing
When a user (either the first user or a bunch user) desires to ascertain the integrity of shared information, she initial sends AN auditing request to the TPA. When receiving the auditing request, the TPA generates AN auditing message to the cloud server, and retrieves an auditing proof of shared information from the cloud server. Then the TPA verifies the correctness of the auditing proof. Finally, the TPA sends AN auditing report back to the user supported the results of the verification.
-
Security Analysis and Performance
-
As the initial identity privacy-preserving public auditing mechanism for shared information within the cloud, Route enjoys several fascinating properties of a cloud auditing system as well as correctness, enforceability, identity privacy and information privacy, and it also can be extended to support batch auditing. Informally, correctness means the auditor is in a position to properly observe whether or not there's any corrupted block in shared information [16]. Relating to the correctness of the outsourced information, 2 varieties of threats were thought of in Route. First, AN oppose could attempt to corrupt the integrity of shared information and forestall users from mistreatment information properly. Second, the cloud server could unknowingly corrupt or perhaps take away information in its storage attributable to hardware failures and human errors. However, below we have a tendency to show that once a full of life oppose, like a bug planted within the package running on the cloud server by a malicious coder or a hacker, is concerned within the auditing method, Route would fail to realize the property of correctness. Specifically, the opposes will indiscriminately modify or tamper the outsourced information and fool the auditor to believe the information area unit well preserved within the cloud. All recognize ledge the data oppose needs to know is however the information area unit changed.
3.4 projected Work
In this paper I gift a framework and an economical construction for seamless integration of those 2 parts in our protocol style. Our contribution is summarized as follows:
-
I propose a general formal PoR model with public verifiability for cloud information storage, within which block less verification is achieved;
-
I equip the projected PoR construction with the operate of supporting for totally dynamic information operations, particularly to support block insertion, that is missing in most existing schemes;
-
I prove the safety of our projected construction and justify the performance of our theme through concrete implementation and comparisons with the progressive.
-
I improve the present proof of storage models by manipulating the classic Merkle Hash Tree construction for block tag authentication to realize economical information dynamics.
-
I additional explore the technique of linear mixture signature to increase our main result into a multiuser setting,
wherever TPA will perform multiple auditing tasks at the same time.
-
In depth security and performance analysis show that the projected theme is very economical and incontrovertibly secure.
3.3 Approach
I enhance the theme with specific and economical dynamic information operations for information storage security in Cloud Computing. Therefore, it's crucial to think about the dynamic case, wherever a user might need to perform varied block-level operations of update, delete and append to change the information file whereas maintaining the storage correctness assurance. The easy and trivial thanks to support these operations are for user to transfer all the information from the cloud servers and re-compute the full parity blocks still as verification tokens.
-
Mathematical Model:
Input Data: file, User name, Pass Output Data: Secured File
-
Generate the random set
-
Compute
-
Compute
-
Compute R using
-
Verify
Output FALSE if fails
-
Verify
-
-
Current standing
The contribution is summarized as follows:
-
To inspire the general public auditing system of information storage security in Cloud Computing, and propose a protocol supporting for totally dynamic information operations, particularly to support block insertion, that is missing in most existing schemes;
-
To increase the theme to support ascendable and economical public auditing in Cloud Computing. Specially, the theme achieves batch auditing wherever multiple delegated auditing tasks from completely different user are performed at the same time by the TPA.
-
To prove the safety of the projected construction and justify the performnce of the theme through concrete implementation and comparisons with the progressive.
-
-
sensible surroundings and Result
In this section we have a tendency to area unit presenting sensible surroundings.
Fig 3: Admin Login
Here we display randomly selected admin login window
Fig 4: Start Service
Fig 5. Result Graph
Performance comparison is between individual auditing and the batch auditing.
-
Input:
File, User name, Pass.
-
Hardware and Software Used
-
Processor : Pentium IV 2.6 GHz Ram : 512 mb dd ram
Monitor : 15 color Hard disk : 20 GB
Keyboard : standard 102 keys
Software Configuration
-
Operating System: Windows XP/7/8
-
Programming Language: C#.Net
-
DATABASE: SQL Server 2008
-
Tool: Visual Studio 2010.
CONCLUSION AND FUTURE WORK
For ensuring security of cloud data storage, it is difficult for enabling a TPA for evaluating the quality of service from an objective and independent point of view. Public audit ability is able to allow clients for delegating the tasks of integrity verification to TPA while they are independently not reliable or cannot commit required resources of computation
performing verifications in a continuous manner. One more important concern is the procedure for construction of verification protocols which can be able to accommodate data files that are dynamic. In this paper, the problem of employing simultaneous public audit ability and data dynamics for remote data integrity check in Cloud Computing is explored. The construction is designed for meeting these two main goals but efficiency is set as the main goal. For achieving data dynamics that are effective, the existing proof of storage models is enhanced through manipulation of the construction of classic Merkle Hash Tree for authentication of block tag. For supporting good handling of multiple numbers of auditing tasks, the method of bilinear aggregate signature is further explored for extending the main result into a multiuser setting, where TPA is able to perform multiple auditing tasks in a simultaneous manner. Huge security as well as performance analysis proves that the proposed scheme is efficient and secure to a greater extent.
As the future work, efficiently audit the integrity of
shared data with dynamic groups while still preserving the identity of the signer on each block from the third party auditor and also include the features to enable dynamic operations (e.g. inserting/deleting data block) in this system
ACKNOWLEDGMENT
We would like to thank Prof. Mr. P. R. Futane, H.O.D, Computer Engineering Department, for his support in helping us complete this paper in due time. We would like to thank the entire support staff of the Computer Engineering department in making sure that all our needs were met and all other issues were dealt with in a smooth and positive manner.
REFERENCES
-
A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, M. Zaharia,
Above the clouds: A Berkeley view of cloud computing, University of California, Berkeley, Tech. Rep, 2009.
-
Cong Wang, Qian Wang, Kui Ren, Wenjing Lou (2009),"Ensuring Data Storage Security in Cloud Computing".
-
Cong Wang, Qian Wang, Kui Ren, Wenjing Lou (2011),"Privacy Preserving Public Auditing for Data Storage Security in Cloud Computing".
-
A. L. Ferrara, M. Green, S. Hohenberger, M. Pedersen (2009), "Practical short signature batch verification", in Proceedings of CT-RSA, volume 5473 of LNCS. Springer-Verlag, pp. 309324.
-
H. Shacham, B. Waters (Dec 2013), "Compact proofs of irretrievability", in Proc. of Asia crypt 2013, vol. 5350, pp. 90107
-
M.A.Shah, R.Swaminathan, M. Baker (2008), "Privacy preserving audit and extraction of digital contents", Cryptology ePrint Archive.
-
M.A. Shah, R. Swaminathan, and M. Baker, Privacy-Preserving Audit and Extraction of Digital Contents, Report 2008/186, Cryptology ePrint Archive, 2008.
-
A. Oprea, M.K. Reiter, and K. Yang, Space-Efficient Block Storage Integrity, Proc. 12th Ann. Network and Distributed System Security Symp. (NDSS 05), 2005.
-
T. Schwarz and E.L. Miller, Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage, Proc. 26th IEEE Intl Conf. Distributed Computing Systems (ICDCS06), p. 12, and 2006.
-
Q. Wang, K. Ren, W. Lou, and Y. Zhang, Dependable and Secure Sensor Data Storage with Dynamic Integrity Assurance, Proc. IEEE INFOCOM, pp. 954-962, Apr. 2009.
-
G. Ateniese, R.D. Pietro, L.V. Mancini, and G. Tsudik, Scalable and Efficient Provable Data Possession, Proc. Fourth Intl Conf. Security and Privacy in Comm. Networks (SecureComm 08), pp. 1-10,2008.
-
C. Wang, Q. Wang, K. Ren, and W. Lou, Ensuring Data Storage Security in Cloud Computing, Proc. 17th Intl Workshop Quality of Service (IWQoS 09), 2009.
-
C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia, Dynamic Provable Data Possession, Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), 2009.
-
K.D. Bowers, A. Juels, and A. Oprea, Hail: A High-Availability and Integrity Layer for Cloud Storage, Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), pp. 187-198, 2013.
-
D. Boneh, C. Gentry, B. Lynn, and H. Shacham, Aggregate and Verifiably Encrypted Signatures from Bilinear Maps, Proc. 22ndIntl Conf. Theory and Applications of Cryptographic techniques (Euro crypt 03), pp. 416-432, 2011.