IAETSD

1. TIME CONSTRAINED SELF-DESTRUCTING
DATA SYSTEM (SeDaS) FOR DATA PRIVACY
1
S. Savitha, PG Scholar,
Department of CSE,
Adhiyamaan College of Engineering,
Hosur-635109, Tamil Nadu, India.
1
savithasclick@gmail.com
2
Dr. D. Thilagavathy, Professor,
Department of CSE,
Adhiyamaan College of Engineering,
Hosur-635109, Tamil Nadu, India.
2
thilagakarthick@yahoo.co.in
Abstract--Development of Cloud and popularization of mobile
Internet, Cloud services are becoming more and more important
for people’s life where they are subjected to post personal
credentials like passwords, account number and many more.
These details are cached and archived by cloud service providers
where security is an important issue to be taken into
consideration. Self-destructing data aims at providing privacy to
these data which becomes destructed after a user-specified time.
The data along with its copies becomes unreadable after a certain
period of time. To meet this challenge some cryptographic
techniques with active storage framework is used. The
performance for uploading/downloading the files has also been
achieved better compared to the previous system. Thus the paper
tells a short analysis of how the research has been carried out in
these areas with various techniques.
Index Terms--cloud computing, time constrained self-destruction,
active storage, data privacy
I. INTRODUCTION
Internet-based development and use of computer technology
has opened up to several trends in the era of cloud computing.
The software as a service (SaaS) computing architecture
together with cheaper and powerful processors has
transformed the data centers into pools of computing service
on a huge scale. Services that reside solely on remote data
centers can be accessed with high quality due to increased
network bandwidth and reliable network connections. Moving
data into the cloud offers great convenience to users since they
don’t have to care about the complexities of direct hardware
management.
Cloud computing vendors like Amazon Simple Storage
Service (S3), Amazon Elastic Compute Cloud (EC2) are well
known to all. When people rely more and more on internet
and cloud technology the privacy of the users must be
achieved through an important issue called security. When
data is transformed and processed it is cached and copied on
many systems in the network which is not up to the
knowledge of the users. So there are chances of leaking the
private details of the users via Cloud Service Providers
negligence, hackers’ intrusion or some legal actions.
Vanish [1] provides idea for protecting and sharing privacy
where the secret key is divided and stored in a P2P system
with distributed hash table (DHTs).
Fig. 1. The Vanish system architecture [1]
In order to avoid hopping attacks which is one kind of Sybil
attack [18],[19] we go for a new scheme, called Self Vanish
[4] by extending the length range of key shares along with
some enhancement on Shamir secret sharing algorithm [2]
implemented in vanish system.
Fig. 2(a). The push operation in the VuzeDHT network.
INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
31

2. Fig. 2(b). Hopping Attack
Fig. 3. Increasing the length of range of key shares [4]
II. RELATED WORK
In cloud, providing privacy to the data stored in it is a major
task where performance measures are also important to be
done to achieve excellence. So accordingly storage and
retrieval plays an important role where the use of Object-
based storage (OBS) [21] uses an object-based storage device
(OSD) [22] as the underlying storage device. The T10 OSD
standard [22] is being developed by the Storage Networking
Industry Association (SNIA) and the INCITS T10 Technical
Committee. Each OSD consists of a CPU, network interface,
ROM, RAM, and storage device (disk or RAID subsystem)
and exports a high-level data object abstraction on the top of
device block read/write interface.
Another scenario for storing the data and files is active storage
framework which has become one of the most important
research branches in the domain of intelligent storage systems.
For instance, Wickremesinghe et al. [34] proposed a model of
load-managed active storage, which strives to integrate
computation with storage access in a way that the system can
predict the effects of offloading computation to Active Storage
Units (ASU). Hence, applications can be configured to match
hardware capabilities and load conditions. MVSS [35], a
storage system for active storage devices, provided a single
framework 2550 IEEE TRANSACTIONS ON MAGNETICS,
VOL. 49, NO. 6, JUNE 2013 to support various services at the
device level. MVSS separated the deployment of services
from file systems and thus allowed services to be migrated to
storage devices.
III. DISCUSSION AND RESULT
Various techniques has been covered to provide security for
the data stored in cloud alone with performance evaluation for
uploading and downloading the files. Researchers have mainly
concentrated on the algorithms that is used for key
encryption/decryption and sharing. Let us discuss various
approaches that has been used for the same.
This paper [3] describes vanish implementation that leads to
two Sybil attacks, where the encryption keys are stored in
million-node Vuze Bit Torrent DHT. These attacks happens
by crawling the DHT and saving each stored value before its
time goes out. More than 99% of Vanish messages can be
recovered with the keys efficiently in this method.
According to this paper [5] so as to take advantage of the
process capabilities of service migration they need used a
method known as Active storage. However, in recent analysis,
they have enforced a model of service execution that also
remains passive request-driven mode. In self-management
scenario, a mechanism for automatic service execution has
been implemented which is important. To handle this
drawback they have employed an energetic storage framework
for object-based device that provides a hybrid approach to mix
request-driven model and policy-driven model. Supported the
necessities of active storage, some enhancements area unit
additional into the present version T10 OSD specification
have been given in the paper. Finally, they have shown a
classification system example with the assistance of the active
storage mechanism, network delay may be dramatically
reduced.
INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
32

3. Fig. 4. Active Storage in context of parallel file systems [5], [12]
According to this paper [9] they have introduced parallel I/O
interface that executes data analysis, mining, statistical
operation evaluated on an active storage system. They have
proposed a scheme where common analysis kernels are
embedded in parallel file systems. They have shown
experimentally that the overall performance of the proposed
system improved by 50.9% of all four benchmarks and that
the compute-intensive portion of the k-means clustering
kernel can be improved by 58.4% through GPU offloading
when executed with a larger computational load.
According to this paper [11] so as to reduce the data
management cost and to solve security concerns they have
used a concept called FADE to outsource the data to the third-
party cloud storage services. FADE is designed to be readily
deployable in cloud storage system which focuses on
protecting deleted data with policy-based file assured deletion.
FADE guarantees privacy and integrity of the outsourced data
files using some standard cryptographic techniques encrypts
the outsourced data files. Important of all it assuredly deletes
files to make them unrecoverable to anyone (including those
who manage the cloud storage) when those files are tried to
access. This objective is implemented by a working prototype
of FADE atop Amazon S3 which is one of today’s cloud
storage service uses the working prototype of FADE , which
provides policy based file assured deletion with a minimal
performance overhead. This work provides the insights of
how to incorporate value-added security features into data
outsourcing applications.
According to this paper [18] they have discussed about Sybil
attack in detail as how it occurs in a distributed hash table
(DHTs). Sybil attacks represents the situation where a
particular service in an identity-based system is subverted by
forging identities. The Sybil attack refers to the situation
where an adversary controls a set of fake identities, each
called a Sybil, and joins a targeted system multiple times
under these Sybil identities. In this paper, they have
considered an identity-based systems where each user is
intended to have a single identity and is expected to use this
identity when interacting with other users in the system. In
such systems, we call a user with multiple identities a Sybil
user and each identity the user uses a Sybil identity. The
solution to this attack has been given in the paper Safe Vanish
[4].
IV. PROPOSED WORK
As per the proposed, the security measures have been taken
effectively for the files stored on the cloud server. Hence in
order to avoid unauthorized control over the user’s personal
data SeDas is proposed. Self-Destructing data system aim is to
destruct all the data along with its copies, either cached or
archived after certain period of time so that it becomes
unreadable even to the admin (say CSPs) who maintains it.
Whenever the user uploads/downloads a file SeDas works
such that the ttl (Time-to-Live) parameter will be given for
that particular file. This can be implemented by using Shamir
Secret Sharing algorithm which seems to be one of the
strongest algorithm in usage. An easy solution to this can be
provided by using the spring MVC framework that provides
model-view-controller architecture and ready components
which can be used to develop flexible and loosely coupled
web application which has interceptors as well as controllers,
making it easy to factor out behavior common to the handling
of many requests. It helps to create high performing, easily
testable, reusable code
Fig. 5. SeDaS system architecture
INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
33

4. Storing data in cloud might be safe on one side but on the
other hand what if the confidential data gets misused? There
are also some amount of data residing in the cloud which has
not been used for years and years. This leads to lower
performance in the cloud and issues in network traffic. So this
paper gives the solution for the above problems with the help
of SeDas. Thus the latency and throughput performance
measures are being improved here in this paper.
V. CONCLUSION
In cloud computing environment many a technique have been
used to provide security for the user’s data/files. As of the
above information many researchers have given many
techniques and ideas for the same. According to the above
analysis many techniques has been taken into work where the
data disappears but without the knowledge of the user. SeDas
makes the sensitive information such as credential details to
get self-destructed without any action on the user’s part so that
the details are unreadable to anyone after that supported by
object-based storage technique. The Experimental security
analysis sheds intuitive practicableness of the approach. This
time-constrained system can facilitate to produce researchers
with any valuable expertise to tell future of Cloud services.
REFERENCES
[1] R. Geambasu, T. Kohno, A. Levy, and H. M. Levy,
“Vanish: Increasing data privacy with self-destructing
data,” in Proc. USENIX Security Symp., Montreal,
Canada, Aug. 2009, pp. 299–315.
[2] A. Shamir, “How to share a secret,” Commun. ACM, vol.
22, no. 11, pp. 612–613, 1979.
[3] S. Wolchok, O. S. Hofmann, N. Heninger, E. W. Felten,
J. A. Halderman, C. J. Rossbach, B. Waters, and E.
Witchel, “Defeating vanish with low-cost sybil attacks
against large DHEs,” in Proc. Network and Distributed
System Security Symp., 2010.
[4] L. Zeng, Z. Shi, S. Xu, and D. Feng, “Safevanish: An
improved data self-destruction for protecting data
privacy,” in Proc. Second Int. Conf. Cloud Computing
Technology and Science (CloudCom), Indianapolis, IN,
USA, Dec. 2010, pp. 521–528.
[5] L. Qin and D. Feng, “Active storage framework for
object-based storage device,” in Proc. IEEE 20th Int.
Conf. Advanced Information Networking and
Applications (AINA), 2006.
[6] S. W. Son, S. Lang, P. Carns, R. Ross, R. Thakur, B.
Ozisikyilmaz, W.-K. Liao, and A. Choudhary, “Enabling
active storage on parallel I/O software stacks,” in Proc.
IEEE 26th Symp. Mass Storage Systems and
Technologies (MSST), 2010.
[7] Y. Tang, P. P. C. Lee, J. C. S. Lui, and R. Perlman,
“FADE: Secure overlay cloud storage with file assured
deletion,” in Proc. SecureComm, 2010.
[8] J. R. Douceur, “The sybil attack,” in Proc. IPTPS ’01:
Revised Papers from the First Int. Workshop on Peer-to-
Peer Systems, 2002.
[9] T. Cholez, I. Chrisment, and O. Festor, “Evaluation of
sybil attack protection schemes in kad,” in Proc. 3rd Int.
Conf. Autonomous Infrastructure,Management and
Security, Berlin, Germany, 2009, pp. 70–82.
[10]M. Mesnier, G. Ganger, and E. Riedel, “Object- based
storage,” IEEE Commun. Mag., vol. 41, no. 8, pp. 84–90,
Aug. 2003.
[11]R. Weber, “Information Technology—SCSI object-based
storage device commands (OSD) - vol. 41, no. 8, pp. 84–
90, Aug. 2003.
[12]R. Wickremesinghe, J. Chase, and J. Vitter, “Distributed
computing with load-managed active storage,” in Proc.
11th IEEE Int. Symp. High Performance Distributed
Computing (HPDC), 2002, pp. 13–23
[13]X. Ma and A. Reddy, “MVSS: An active storage
architecture,” IEEE Trans. Parallel Distributed Syst., vol.
14, no. 10, pp. 993–1003, Oct. 2003.
INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ENGINEERING RESEARCH, ICDER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
34