IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 398-404

International Journal of Research in Information Technology (IJRIT) www.ijrit.com

ISSN 2001-5569

Privacy Preserving Public Auditing for Secure Cloud Storage Using TPA Sagar Patil1, Sainath Bomble2, Atul Jadhav3 ,Prof. Vidya Chitre4 1

2

Student, Bharati Vidyapeeth College of Engineering, Navi Mumbai, Maharashtra, India [email protected]

Student, Bharati Vidyapeeth College of Engineering, Navi Mumbai, Maharashtra, India [email protected]

3

4

Student, Bharati Vidyapeeth college of Engineering, Navi Mumbai, Maharashtra, India [email protected]

Professor, Bharati Vidyapeeth college of Engineering, Navi Mumbai, Maharashtra, India [email protected]

Abstract Cloud Computing is the new buzz word in today’s computing world. Although there is huge buzz, many people are confused as to exactly what cloud computing is, especially as the term can be used to mean almost anything. Cloud Computing has been envisioned as the next generation architecture of IT Enterprise. It moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. This unique paradigm brings about many new security challenges, which have not been well understood. This work studies the problem of ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the dynamic data stored in the cloud. To securely introduce an effective third party auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) he third party auditing process should bring in no new vulnerabilities towards user data privacy. In this paper, we utilize and uniquely combine the public key based homomorphic authenticator with random masking to achieve the privacy-preserving public cloud data auditing system, which meets all above requirements. Keywords: Key Data storage, privacy preserving, public auditability, cloud computing, delegation, batch verification.

1. Introduction Cloud computing has grown rapidly in recent year due to the advantages of greater flexibility and availability of computer resources at lower cost. It has been envisioned as the next generation computing model for its major advantages in on demand self-service, ubiquitous network access, location independent resource pooling and transference of risk[4]. Cloud Computing is the latest developments of computing models after distributed computing, parallel processing and grid computing. Cloud computing achieve multi-level virtualization and abstraction through effective integration of variety of computing, storage, Sagar Patil,

IJRIT

398

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 398-404

data, applications and other resources, users can be easy to use powerful computing and storage capacity of cloud computing only need to connect to the network. There is no doubt that cloud computing is the most popular topic in IT industry in 2009, Google, Amazon, Yahoo and other Internet service providers, IBM, Microsoft and other IT vendors have put forward their own cloud computing strategy, various telecom operators are also have put a great deal of attention on cloud computing, the very Low cost of cloud computing platform becomes the focus of the industry. Recently many works focus on providing three advanced features for remote data integrity checking protocols: data dynamic, public verifiability and privacy against verifiers. In addition, it can be easily adapted to support data dynamics by using the techniques. Storing the data on cloud is not a big thing but their security issue is the main problem in today’s buzz world. On the other hand, it supports public verifiability, by which anyone (not just the client) can perform the integrity checking operation. To ensure the correctness of data, we consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the data stored in the cloud.TPA audit the data uploaded data and checks the consistency of data and maintains the integrity which improves the security of data stored on the cloud. By utilizing public key based homomorphic authenticator with random masking privacy preserving public auditing can be achieved. Various organization individuals’ users can secure their data by using such auditing mechanism.

2. Literature Review While coming with this paper, we had searched lots of papers, information related with the cloud storage and security. We had also visited small scale industries those are recently using cloud services for outsourcing there confidential data over the cloud and are suffering with some problems while exchanging keys and accessing the services. They are also worried about the recent security techniques, which are currently available. For this paper we have refer the technical paper on Secure Data Access over Cloud Computing and Secure Data Access in Cloud Computing.

2.1 How Cloud works? A cloud user desires a shopper device like a portable computer or personal computer or any computing resource with an internet browser (or alternative approved access route) to access a cloud system via the globe Wide internet. Generally the user can log into the cloud at a service supplier or personal company, like their leader. Cloud computing is works on a client-server basis. The cloud provides server-based applications and everyone information services to the user, with output displayed on the shopper device [2].

Sagar Patil,

IJRIT

399

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 398-404

Figure: Working Of Cloud If the user desires to make a document employing an application programmer for instance cloud provides appropriate application running on the server that shows the work done by the user on the shopper browser display.

2.1 Services Of Cloud Computing The Cloud Computing generally consist of 3 categories: • Infrastructure-as-a-Service (IaaS) • Platform-as-a-Service (PaaS) • Software-as-a-Service (SaaS)

Infrastructure-as-a-Service : It provides virtual server instances with distinctive IP addresses and blocks of storage on demand. Customers use the suppliers computer program interface to begin, stop, access and set up their virtual servers and storage. Infrastructure as a service delivers a platform virtualization environment as a service. Rather than purchasing servers, software, data center space or network equipment. The advantages of IaaS are pay per use, instant scalability, security, reliability, Application Programming Interfaces (APIs) and the examples are flexi scale, AWS: EC2 etc. Platform as a Service: Service Its another SaaS and this kind of cloud computing provide development environment as a service. We can use the middleman’s equipment to develop Sagar Patil,

IJRIT

400

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 398-404

our own program and deliver it to the users through Internet and servers. The advantages of PaaS are no need to buy special hardware and software to develop and deploy enterprise applicationns, pay per use, instant scalability, security, reliability; the popular services are storage, database, scalability etc. and the examples are Google Apps, Microsoft Windows Azure etc. Software as a Service: It is the software that is deployed over the internet and/or is deployed to run behind a firewall in our local area network or personal computer. This is a “pay as- you-go” model. The advantage of SaaS are no need of specific hardware to run software, pay per use instant scalability security reliability, examples are CRM financial planning, human resources, word processing, commercial services are sales force.com, email cloud etc. SalesForce CRM is an example of SaaS provider [4].

3. Problem Statement 3.1 System model and Threat Cloud Computing is the latest developments of computing models after distributed computing, parallel processing and grid computing. Cloud computing achieve multi-level virtualization and abstraction through effective integration of variety of computing, storage, data, applications and other resources, users can be easy to use powerful computing and storage capacity of cloud computing only need to connect to the network. The Cloud security responsibilities can be taken on by the customer, if he is managing the cloud, but in the case of a public cloud, such responsibilities are more on the cloud provider and the customer can just try to assess if the cloud provider is able to provide security. Because security is the main threat in cloud computing model, Storing data on the cloud server is not a difficult task but to provide security is a big challenge. This threat we overcame in our paper, by using challenge response mechanism. Cloud data storage service involving three different entities. the cloud user, who has large amount of data files to be stored in the cloud; the cloud server , which is managed by cloud service provider (CSP) to provide data storage service and has significant storage space and computation resources.The third party auditor (TPA), who has expertise and capabilities that cloud users do not have and is trusted to assess the cloud storage service security on behalf of the user upon request. Cloud users dynamically interact with the CS to access and update their stored data for various application purposes. The System model consist of following modules are as follows: Owner: File Upload: The owner is facilitated here to securely store the data it wants to distribute for public access. The key associated with the data is then distributed across users for accessing the data Generation of public and private keys: This module involves the generation of security keys required to access the data. These keys after generation are distributed using a specific mechanism wherein the private key is stored at cloud server and the hash of public key stored for the TPA. View Verification Status: The admin is facilitated here to continuously analyze the audits performed by the TPA and get a better understanding of the security status of the documents. TPA: The third party auditor (TPA), who has expertise and capabilities that cloud users do not have and is trusted to assess the cloud storage service security on behalf of the user upon request. Users rely on the CS for cloud data storage and maintenance. They may also dynamically interact with the CS to access and update their stored data for various application purposes. The users may resort to TPA for ensuring the storage security of their outsourced data, while hoping to keep their data private from TPA. TPA do following: 1.View the Files 2. Verify the Files User: Sagar Patil,

IJRIT

401

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 398-404

Download File: This module facilitates the user to get a view of all data on the server verified by the TPA and thus, facilitates User access to the cloud data.

3.2 Design Goals To enable privacy-preserving public auditing for cloud data storage under the aforementioned model, our protocol design should achieve the following security and performance guarantees: 1. Public auditability: to allow TPA to verify the correctness of the cloud data on demand without retrieving a copy of the whole data or introducing additional online burden to the cloud users. 2. Storage correctness: to ensure that there exists no cheating cloud server that can pass the TPA’s audit without indeed storing users’ data intact. It ensures data correctness that is stored on the cloud. 3. Privacy preserving: to ensure that the TPA cannot derive users’ data content from the information collected during the auditing process. 4. Reliable auditing: to enable TPA with secure and efficient auditing capability to cope with multiple auditing delegations from possibly large number of different users simultaneously. Data uploaded by the owner can be securely audited by the user each time in efficient manner.

3.3 Existing System The Existing scenarios of data storage in cloud environments do not provide any kind of assurity in terms of security of data to the user. There are chances of data access by someone in between, or data loss. These environments store data publicly accessible environments and do not perform any audit related operations. The data integrity during the cloud lifetime is not assured and invalid distribution is a major concern in these environments.

3.4 Proposed System The proposed system facilitates data owners to have an assurity of validity of data due to the implementation of the Audit Mechanism. The TPA user is facilitated here to verify the validity of data along with maintenance of the System. This section presents our public auditing scheme which provides a complete outsourcing solution of data not only the data itself, but also its integrity checking. After introducing notations and brief preliminaries, we start from an overview of our public auditing system and discuss two straightforward schemes and their demerits. Then, we present our main scheme and show how to extent our main scheme to support batch auditing for the TPA upon delegations from multiple users. Finally, we discuss how to generalize our privacy-preserving public auditing scheme and its support of data dynamics.

Figure 3: Architecture of Cloud Data Storage. The above proposed system is consist of the Challenge-Response Mechanism through which it can securely store the data and makes the user tension free about their confidential data. Challenge-Response Mechanism :

Sagar Patil,

IJRIT

402

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 398-404

This mechanism basically includes some steps which are required in auditing process of stored data on cloud.It performs the encryption of data with the help of hashing by using public and private keys. 1.Uploading of data on server.Keys are generated,one key goes to the TPA and another with HASH tag stored on system. 2.Encryption of private and public keys. 3.TPA initiates the Verification Process

3.5 Framework of System In this system, A public auditing scheme consists of four algorithms (KeyGen, SigGen, GenProof, VerifyProof). KeyGen is a key generation algorithm that is run by the user to setup the scheme. SigGen is used by the user to generate verification metadata, which may consist of digital signatures.GenProof is run by the cloud server to generate a proof of data storage correctness, while VerifyProof is run by the TPA to audit the proof. Running a public auditing system consists of two phases, Setup and Audit: Setup: The user initializes the public and secret parameters of the system by executing KeyGen, and preprocesses the data file F by using SigGen to generate the verification metadata. The user then stores the file F and the verification metadata at the cloud server, and deletes its local copy. As part of preprocessing, the user may alter the data file F by expanding it or including additional metadata to be stored at server. Audit: The TPA issues an audit message or challenge to the cloud server to make sure that the cloud server has retained the data file F properly at the time of the audit. The cloud server will derive a response message by executing GenProof using F and its verification metadata as inputs. The TPA then verifies the response via VerifyProof. Our framework assumes that the TPA is stateless; i.e.TPA does not need to maintain and update state between audits, which is a desirable property especially in the public auditing system [3]. Note that it is easy to extend the framework above to capture a stateful auditing system, essentially by splitting the verification metadata into two parts which are stored by the TPA and the cloud server, respectively.

Figure 4 : Architecture Of cloud Framework of system is functionally attached with the system architecture and it performs the following tasks which are done by the every module.Below figure shows the task perform by the each module. Advantages of the System 1. Remote data integrity checking protocol for cloud storage. The proposed system inherits the support of data dynamics, and supports public verifiability and privacy against third-party verifier.. 2. Perform Audit on the Server 3. Ensure Privacy of data during the Audit Process. 4. Security analysis of the proposed system, which shows that it is secure against the untrusted server and private against third party verifiers.

Sagar Patil,

IJRIT

403

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, March 2014, Pg: 398-404

4. Conclusions In this paper, we have analyzed data storage correctness issue in reference of cloud computing. We have provided the mechanism for trusted and secure data storage model with new scheme with integrity verification. The features of algorithm are useful to reduce computational cost for the client who may not have much security processing power. Using TPA we can audit the data on the server, and can preserve the privacy in data communication. The data owners have an assurity of validity of data due to the implementation of the Audit Mechanism. Thus we can secure our data on the cloud servers using this Mechanism.

5. References [1] G.Ateniese et al., Provable Data Possession at Untrusted Stores, Proc. ACM CCS ‗07, Oct. 2007, pp. 598–209 [2] H.Shacham and B.Waters,“Compact Proofs of Retrievability,” Proc. Int’l Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (Asiacrypt), vol. 5350, pp. 90-107,Dec. 2008 [3] G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, “Scalable and efficient provable data possession,” [4]C.Wang, Q.Wang, K. Ren, and W.Lou,”Privacy Preserving Public Auditing for storage security in Cloud computing” in Proc of IEEE INFOCOM’10, March2010.

Sagar Patil,

IJRIT

404

Privacy Preserving Public Auditing for Secure ... - IJRIT

data, applications and other resources, users can be easy to use powerful ... of PaaS are no need to buy special hardware and software to develop and.

717KB Sizes 1 Downloads 318 Views

Recommend Documents

Privacy Preserving Public Auditing for Secure Cloud Storage Using TPA
the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the dynamic data stored in the cloud. To securely introduce an ...

Oruta Privacy-Preserving Public Auditing for Shared Data in the ...
Oruta Privacy-Preserving Public Auditing for Shared Data in the Cloud.pdf. Oruta Privacy-Preserving Public Auditing for Shared Data in the Cloud.pdf. Open.

Automatic Protocol Blocker for Privacy-Preserving Public Auditing in ...
Automatic Protocol Blocker for Privacy-Preserving Public Auditing in Cloud Computing.pdf. Automatic Protocol Blocker for Privacy-Preserving Public Auditing in ...

Efficient Secure Primitive for Privacy Preserving ...
Department of Computer Science and Technology,. University of ... with each other to conduct computations on the union of data they each hold. ... benefits, the hospitals may be unwilling to compromise patients' privacy or vio- late any ... serving h

Secure Adhoc Routing Protocol for Privacy Preservation - IJRIT
In this particular paper, we define stronger privacy requirements relating to ..... “Rumor riding: anonymizing unstructured peer-to-peer systems,” IEEE Trans.

Secure Adhoc Routing Protocol for Privacy Preservation - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 1, Issue 9, .... Communication anonymity in data management has been discussed ..... “Rumor riding: anonymizing unstructured peer-to-peer systems,” IEEE Trans.

Gmatch Secure and Privacy-Preserving Group Matching in Social ...
Each group member generate his pub- lic/private key pair (pki. , ski) for computing ring signatures. The ring signature scheme we used is BGLS [4], which is.

Privacy-Preserving Protocols for Perceptron ... - Semantic Scholar
the case of client-server environment, and it is assumed that the neural ... Section 4 is dedicated ... preserving protocol neural network for client-server environ-.

Privacy-Preserving Protocols for Perceptron ... - Semantic Scholar
School of Information Technology and. Engineering (SITE). University ... to the best of our knowledge, there is no privacy-preserving technique to collaboratively ...

Privacy-Preserving Incremental Data Dissemination
In this paper, we consider incremental data dissemination, where a ..... In other words, the data provider must make sure that not only each ...... the best quality datasets, these data are vulnerable to inference attacks as previously shown.

MobiShare: Flexible Privacy-Preserving Location ...
ests, habits, and health conditions, especially when they are in ... Electronic Frontier Foundation (EFF), can provide the location .... tower keeps a record of A's current location in its user info ..... Social serendipity: Mobilizing social softwar

Privacy Preserving Support Vector Machines in ... - GEOCITIES.ws
public key and a signature can be used. .... authentication code (MAC) which is derived from the ... encryption-decryption and authentication to block the.

Privacy-preserving query log mining for business ... - ACM Digital Library
transfer this problem into the field of privacy-preserving data mining. We characterize the possible adversaries interested in disclosing Web site confidential data and the attack strategies that they could use. These attacks are based on different v

Privacy-preserving weighted Slope One predictor for ...
However, sharing user-item preferential data for use in CF poses significant ... of research in privacy-preserving collaborative filtering are: encryption-based and ...

Slicing: A New Approach for Privacy Preserving Data ...
Computer Science at Purdue University, West Lafayette, IN 47906. E-mail: {li83, ninghui ..... be an original tuple, the matching degree between t and B is the product of ...... online privacy protection, privacy-preserving data publishing, and oper-.

Data Traceability and Privacy Preserving and Accountability for Data ...
verification, they describes three network entities i.e. client which is user, cloud storage server which is handled by cloud service provider and Third party auditor which is verifier.TPA having public key, it is act with only trusted server, they a

Privacy-preserving collaborative filtering for the cloud
Your private rating data may not be safe on the cloud because of insider and outsider threats. Anirban Basu, et al. Cloud based privacy preserving CF. 4/22 ...

A Privacy-Preserving Architecture for the Semantic Web ...
Although RDF provides the technology to describe meaning, the se- mantic Web .... Population Profile. Constructor. Database. Profile Tag. Generator. Profile Tag.

Privacy-Preserving Protocols for Perceptron Learning ...
the neural network learning model already exists. ... can be extended to apply on other types of learning models ... neural network model owned by the server.

A Privacy-Preserving Architecture for the Semantic Web ...
vergence between a user's apparent tag distribution and the population's. Sec. 2 explores the .... tained from specific modules integrated into the user's system. Before giving any .... Population Profile. Constructor. Database. Profile Tag. Generato

Scrambled Number Generator For Secure Image ... - IJRIT
Scrambled Number Generator For Secure Image. Transfer. Y.Chaitanya ... and decryption. Full text: https://sites.google.com/a/ijrit.com/papers/home/V1I1150.pdf.

Scrambled Number Generator For Secure Image ... - IJRIT
The present way of image scrambling technique for a secure data image ... space analysis, statistical analysis, correlation analysis, differential analysis, key ...

Enforcing Message Privacy Using Attribute Based ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 3, .... j ∈ Ai, Ai chooses ri ∈ Zp and a random ki − 1 degree polynomial. 4.

Enforcing Message Privacy Using Attribute Based ... - IJRIT
When making decision on use of cloud computing, consumers must have a clear ... identifier (GID) to bind a user's access ability at all authorities by using an ...