This document proposes a privacy-preserving public auditing system for data storage security in cloud computing. It describes a system with four entities - the data owner who stores data in the cloud, the cloud service provider who provides storage, a third party auditor who verifies the integrity of stored data on behalf of owners, and granted applications that can access the stored data. The system uses secret keys to preprocess and encrypt the owner's data before storage. It allows the third party auditor to efficiently verify the correctness and integrity of stored data through proof of irretrievability protocols, while preserving the privacy of the owner's data. The system aims to ensure data security and privacy during public auditing in cloud storage.
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Secure Cloud Storage Privacy-Preserving Public Auditing
1. B ANNAPURNA, et al , International Journal of Computers Electrical and Advanced Communication Engineering
[IJCEACE]TM
Volume 1 , Issue 7, PP: 04 - 09 , JAN – JUL’ 2015.
International Journal of Computers Electrical and Advanced Communications Engineering
Vol.1 (7), ISSN: 2250-3129, JAN – JUL’ 2015.
04 - 09
SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC
AUDITING FOR DATA STORAGE SECURITY IN CLOUD
B ANNAPURNA 1*, G RAVI 2*,
1. II-M.Tech –Student , MRCET
2. Assoc. Prof, Dept. of CSE, MRCET, Telangana, India
Abstract- Cloud Computing is an emerging technology to minimizing user burden by using an
internet based computing which enables sharing of services. Cloud Allows users to access
application without installing application and access their data at any computer with internet
access. Many more users stores their data in cloud, so correctness of data and security is the
primary aspect. Instead of local data storage and maintenance, the user is associates with the
cloud storage so that the user can remotely store their data and enjoy the on-demand high
quality application from a shared resources. The data storage must be protected in the cloud
storage. To enhance the correctness of data, auditing process is done which is carried out by
Third Party Auditing. The TPA must be efficient to audit without demanding the local copy of
data. In this paper a secure cloud storage system describes privacy-preserving public auditing.
The result is to enable the TPA to perform audits for multiple users simultaneously and
efficiently.
Keywords- Cloud computing, Encryption, Data integrity, Third Party Auditor, privacy-preserving,
public audit ability.
I.Introduction
Cloud computing is dreamed vision of
computing utility, which enable the sharing
of services throughout the internet. Cloud
computing is a long dreamed vision of
computing utility, which enable the sharing
of services over the internet. Cloud is a
large group of interconnected computers,
which is a major change in how we store
information and run application. Cloud
computing is a shared pool of configurable
computing resources, on-demand network
access and provisioned by the service
provider[1]. The advantage of cloud is cost
savings. The prime disadvantage is
security. Cloud computing is used by many
software industries. Since the security is not
provided in cloud, many companies adopt
their unique security structure. Cloud
computing is used by many software
industries now a days as a new technology.
Cloud computing gives flexibility to the user,
2. B ANNAPURNA, et al , International Journal of Computers Electrical and Advanced Communication Engineering
[IJCEACE]TM
Volume 1 , Issue 7, PP: 04 - 09 , JAN – JUL’ 2015.
International Journal of Computers Electrical and Advanced Communications Engineering
Vol.1 (7), ISSN: 2250-3129, JAN – JUL’ 2015.
04 - 09
when users put their data in the cloud, they
need not manage the information stored in
cloud storage. Cloud computing lets you
access all your application and document
from anywhere in the world. The advantage
of cloud computing are cost saving,
unlimited storage capacity, improved
performance. Reduced software cost,
increased data reliability and flexibility.
Disadvantage of cloud computing is the
security, stored data might not be secure it
may get lost.
Fig1. Cloud computing Architecture
This new economic and computing model is
commonly referred to as cloud computing
and includes various types of services such
as: infrastructure as a service (IaaS), where
a customer makes use of a service
provider's computing, storage or networking
infrastructure; platform as a service (PaaS),
where a customer leverages the provider's
resources to run custom applications; and
software as a service (SaaS), where
customers use software that is run on the
providers infra-structure. Cloud
infrastructures can be roughly categorized
as either private or public. In a private cloud,
the infrastructure is managed and owned by
the customer and located on-premise (i.e.,
in the customers region of control). In
particular, this means that access to
customer data is under its control and is
only granted to parties it trusts. In a public
cloud the infrastructure is owned and
managed by a cloud service provider and is
located o_-premise (i.e., in the service
provider's region of control). This means
that customer data is outside its control and
could potentially be granted to un-trusted
parties. Third Party Auditor is kind of
inspector. There are two categories: private
audit ability and public audit ability. Although
private audit ability can achieve higher
scheme efficiency, public audit ability allows
anyone, not just the client (data owner), to
challenge the cloud server for the
correctness of data storage while keeping
no private information. To let off the burden
of management of data of the data owner,
TPA will audit the data of client. It eliminates
the involvement of the client by auditing that
whether his data stored in the cloud are
indeed intact, which can be important in
achieving economies of scale for Cloud
Computing. The released audit report would
help owners to evaluate the risk of their
subscribed cloud data services, and it will
also be beneficial to the cloud service
provider to improve their cloud based
service platform [3]. Hence TPA will help
data owner to make sure that his data are
safe in the cloud and management of data
will be easy and less burdening to data
owner.
II. Related Work
We consider a cloud data storage service
involving three different entities: the cloud
user, who has large amount of data files to
3. B ANNAPURNA, et al , International Journal of Computers Electrical and Advanced Communication Engineering
[IJCEACE]TM
Volume 1 , Issue 7, PP: 04 - 09 , JAN – JUL’ 2015.
International Journal of Computers Electrical and Advanced Communications Engineering
Vol.1 (7), ISSN: 2250-3129, JAN – JUL’ 2015.
04 - 09
be stored in the cloud; the cloud server,
which is managed by the cloud service
provider to provide data storage service and
has significant storage. Space and
computation resources (we will not
differentiate CS and CSP hereafter); the
third-party auditor, who has expertise and
capabilities that cloud users do not have
and is trusted to assess the cloud storage
service reliability on behalf of the user upon
request. Users rely on the CS for cloud data
storage and maintenance. They may also
dynamically interact with the CS to access
and update their stored data for various
application purposes. As users no longer
possess their data locally, it is of critical
importance for users to ensure that their
data are being correctly stored and
maintained. In short, although outsourcing
data to the cloud is economically attractive
for long-term large-scale storage, it does not
immediately offer any guarantee on data
integrity and availability. This problem, if not
properly addressed, may impede the
success of cloud architecture. To save the
computation resource as well as the online
burden potentially brought by the periodic
storage correctness verification, cloud users
may resort to TPA for ensuring the storage
integrity of their out sourced data. Public
audit ability allows an external party, in
addition to the user himself, to verify the
correctness of remotely stored data.
However, most of these schemes, do not
consider the privacy protection of users’
data against external auditors. Cloud
Computing has been envisioned as the
next-generation architecture of IT
Enterprise. It moves the application
software and databases to the centralized
large data centers, where the management
of the data and services may not be fully
trust worthy. This unique paradigm brings
about many new security challenges, which
have not been well understood. This work
studies the problem of ensuring the integrity
of data storage in Cloud Computing. In
particular, we consider the task of allowing a
Third Party Auditor (TPA), on behalf of the
cloud client, to verify the integrity of the
dynamic data stored in the cloud. The
introduction of TPA eliminates the
involvement of the client through the
auditing of whether his data stored in the
cloud is indeed intact, which can be
important in achieving economies of scale
for Cloud Computing. The support for data
dynamics via the most general forms of data
operation, such as block modification,
insertion and deletion, is also a significant
step toward practicality, since services in
Cloud Computing are not limited to archive
or backup data only. While prior works on
ensuring remote data integrity often lacks
the support of either public audit ability or
dynamic data operations, this paper
achieves both. We first identify the
difficulties and potential security problems of
direct extensions with fully dynamic data
updates from prior works and then show
how to construct an elegant verification
scheme for the seamless integration of
these two salient features in our protocol
design. In particular, to achieve efficient
data dynamics, we improve the existing
proof of storage models by manipulating the
classic Merkle Hash Tree construction for
block tag authentication. To support efficient
handling of multiple auditing tasks, we
further explore the technique of bilinear
aggregate signature to extend our main
result into a multi-user setting, where TPA
4. B ANNAPURNA, et al , International Journal of Computers Electrical and Advanced Communication Engineering
[IJCEACE]TM
Volume 1 , Issue 7, PP: 04 - 09 , JAN – JUL’ 2015.
International Journal of Computers Electrical and Advanced Communications Engineering
Vol.1 (7), ISSN: 2250-3129, JAN – JUL’ 2015.
04 - 09
can perform multiple auditing tasks
simultaneously. Extensive security and
performance analysis show that the
proposed schemes are highly efficient and
provably secure[1]. We introduce a model
for Provable Data Possession (PDP) that
allows a client that has stored data at an un-
trusted server to verify that the server
possesses the original data without
retrieving it. The model generates
probabilistic proofs of possession by
sampling random sets of blocks from the
server, which drastically reduces I/O costs.
The client maintains a constant amount of
metadata to verify the proof. The
challenge/response protocol transmits a
small, constant amount of data, which
minimizes network communication. Thus,
the PDP model for remote data checking
supports large data sets in widely-
distributed storage systems. We present
two provably-secure PDP schemes that are
more efficient than previous solutions, even
when compared with schemes that achieve
weaker guarantees. In particular, the
overhead at the server is low (or even
constant), as opposed to linear in the size of
the data. Experiments using our
implementation verify the practicality of PDP
and reveal that the performance of PDP is
bounded by disk I/O and not by
cryptographic computation[2].
III. Public Auditing System
We follow the similar definition of previously
proposed schemes in the context of remote
data integrity checking [6], [10], [11] and
adapt the framework for our privacy-
preserving public auditing system.
1. Audit Service System:
In this module we provide an efficient and
secure cryptographic interactive audit
scheme for public audit ability. We provide
an efficient and secure cryptographic
interactive retains the soundness property
and zero-knowledge property of proof
systems. These two properties ensure that
our scheme can not only prevent the
deception and forgery of cloud storage
providers, but also prevent the leakage of
outsourced data in the process of
verification.
2. Data Storage Service System:
In this module, we considered FOUR
entities to store the data in secure manner:
1. Data owner (DO): Who has a large
amount of data to be stored in the cloud.
2. Cloud service provider (CSP): Who
provides data storage service and has
enough storage
spaces and computation resources.
3. Third party auditor (TPA):Who has
capabilities to manage or monitor –
outsourced data
under the delegation of data owner.
4. Granted applications (GA):
Who have the right to access and
manipulate stored data. These applications
can be either inside clouds or outside
clouds according to the specific
requirements.
3. Audit Outsourcing Service System:
In this module the client (data owner) uses
the secret key to preprocess the file, which
consists of a collection of blocks, generates
a set of public verification information that is
stored in TPA, transmits the file and some
verification tags to Cloud service provider
CSP, and may delete its local copy. At a
later time, using a protocol of proof of
irretrievability, TPA (as an audit agent of
5. B ANNAPURNA, et al , International Journal of Computers Electrical and Advanced Communication Engineering
[IJCEACE]TM
Volume 1 , Issue 7, PP: 04 - 09 , JAN – JUL’ 2015.
International Journal of Computers Electrical and Advanced Communications Engineering
Vol.1 (7), ISSN: 2250-3129, JAN – JUL’ 2015.
04 - 09
clients) issues a challenge to audit (or
check) the integrity and availability of the
outsourced data in terms of the public
verification information. It is necessary to
give an alarm for abnormal events.
4. Secure and Performance Analysis:
In this module, we considered to secure the
data and give performance to the following:
To allow TPA (or other clients with the help
of TPA) to verify the correctness of cloud
data on demand without retrieving a copy
of whole data or introducing additional on-
line burden to the cloud users.
Verification-correctness:
To ensure there exists no cheating CSP that
can pass the audit from TPA without indeed
storing users’ data intact.
Privacy-preserving:
To ensure that there exists no way for TPA
to derive users data from the information
collected during the auditing process.
IV. Conclusion
We propose a privacy-preserving public
auditing system for data storage security in
Cloud Computing. We believe that data
storage security in Cloud Computing is an
emerging computing paradigm, allows users
to share resources and information from a
pool of distributed computing as a service
over Internet. Cloud storage is much more
beneficial and advantageous than the
earlier traditional storage systems especially
in scalability, cost reduction, portability and
functionality requirements. Cloud
Computing is an area full of challenges and
of paramount importance, is still in its
infancy now, and many research problems
are yet to be identified. System uses
encryption/decryption keys of user’s data
and stores it on remote server. Considering
TPA may concurrently handle multiple audit
sessions from different users for their
outsourced data files, we further extend our
privacy-preserving public auditing protocol
into a multi-user setting, where the TPA can
perform multiple auditing tasks in a batch
manner for better efficiency. Extensive
analysis shows that our schemes are
provably secure and highly efficient.
References
[1] Q. Wang, C. Wang, K. Ren, W. Lou, and
J. Li, “Enabling Public Auditability and Data
Dynamics for Storage Security in Cloud
Computing,” IEEE Trans. Parallel and
Distributed Systems, vol. 22, no. 5, pp. 847-
859, May 2011.
[2] G. Ateniese, R. Burns, R. Curtmola, J.
Herring, L. Kissner, Z. Peterson, and D.
Song, “Provable Data Possession at
Untrusted Stores,” Proc. 14th ACM Conf.
Computer and Comm. Security (CCS ’07),
pp. 598-609, 2007.
[3] M.A. Shah, R. Swaminathan, and M.
Baker, “Privacy-Preserving Audit and
Extraction of Digital Contents,” Cryptology
ePrint Archive, Report 2008/186, 2008.
[4] C. Wang, K. Ren, W. Lou, and J. Li,
“Towards Publicly Auditable Secure Cloud
Data Storage Services,” IEEE Network
Magazine, vol. 24, no. 4, pp. 19-24,
July/Aug. 2010.
[5] M.A. Shah, M. Baker, J.C. Mogul, and R.
Swaminathan, “Auditing to Keep Online
Storage Services Honest,” Proc. 11th
USENIX Workshop Hot Topics in Operating
Systems (HotOS ’07), pp. 1-6, 2007.
6. B ANNAPURNA, et al , International Journal of Computers Electrical and Advanced Communication Engineering
[IJCEACE]TM
Volume 1 , Issue 7, PP: 04 - 09 , JAN – JUL’ 2015.
International Journal of Computers Electrical and Advanced Communications Engineering
Vol.1 (7), ISSN: 2250-3129, JAN – JUL’ 2015.
04 - 09
[6] R. Curtmola, O. Khan, and R. Burns,
“Robust Remote Data Checking,” Proc.
Fourth ACM Int’l Workshop Storage
Security and Survivability (StorageSS ’08),
pp. 63-68, 2008.
[7] A.L. Ferrara, M. Green, S. Hohenberger,
and M. Pedersen, “Practical Short Signature
Batch Verification,” Proc. Cryptographers’
Track at the RSA Conf. 2009 on Topics in
Cryptology (CT-RSA), pp. 309-324, 2009.
[8] M.A. Shah, R. Swaminathan, and M.
Baker, “Privacy-Preserving
Audit and Extraction of Digital Contents,”
Cryptology ePrint
Archive, Report 2008/186, 2008.
[9] A. Juels and J. Burton, S. Kaliski,
“PORs: Proofs of Retrievability for
Large Files,” Proc. ACM Conf. Computer
and Comm. Security (CCS
’07), pp. 584-597, Oct. 2007.
[10] Q. Wang, C. Wang, K. Ren, W. Lou,
and J. Li, “Enabling Public
Auditability and Data Dynamics for Storage
Security in Cloud
Computing,” IEEE Trans. Parallel
Distributed Systems, vol. 22, no. 5,
pp. 847-859, May 2011.
[11] C. Wang, Q. Wang, K. Ren, and W.
Lou, “Privacy-Preserving Public
Auditing for Data Storage Security in Cloud
Computing,” Proc. IEEE
INFOCOM, pp. 525-533, 2010.
[12] C. Wang, K. Ren, W. Lou, and J. Li,
“Toward Publicly Auditable
Secure Cloud Data Storage Services,” IEEE
Network, vol. 24, no. 4,
pp. 19-24, July/Aug. 2010.
[13] K. Yang and X. Jia, “Data Storage
Auditing Service in Cloud
Computing: Challenges, Methods and
Opportunities,” World Wide
Web, vol. 15, no. 4, pp. 409-428, 2012.
[14] Q. Wang et al., “Enabling Public
Verifiability and Data Dynamics for
Storage Security in Cloud Computing,”
Proc. ESORICS ‘09, Sept.
2009, pp. 355–70.
[15] C. Erway et al., “Dynamic Provable
Data Possession,” Proc. ACM
CCS ‘09, Nov. 2009, pp. 213–222.
[16] C. Wang et al., “Privacy-Preserving
Public Auditing for Storage
Security in Cloud Computing,” Proc. IEEE
INFOCOM ‘10, Mar.
2010.