Homomorphic authentication with random masking technique ensuring privacy
1. HOMOMORPHIC AUTHENTICATION WITH RANDOM MASKING
TECHNIQUE ENSURING PRIVACY & SECURITY IN CLOUD
COMPUTING
ABSTRACT
Cloud computing may be defined as delivery of product rather than service. Cloud
computing is a internet based computing which enables sharing of services. Many users place
their data in the cloud. However, the fact that users no longer have physical possession of the
possibly large size of outsourced data makes the data integrity protection in cloud computing a
very challenging and potentially formidable task, especially for users with constrained
computing resources and capabilities. So correctness of data and security is a prime concern.
This article studies the problem of ensuring the integrity and security of data storage in Cloud
Computing. Security in cloud is achieved by signing the data block before sending to the cloud.
Signing is performed using algorithm which is more secure compared to other algorithms. To
ensure the correctness of data, we consider an external auditor called as third party auditor
(TPA), on behalf of the cloud user, to verify the integrity of the data stored in the cloud. By
utilizing public key based homomorphism authenticator with random masking privacy
preserving public auditing can be achieved. The technique of bilinear aggregate signature is used
to achieve batch auditing. Batch auditing reduces the computation overhead. Extensive security
and performance analysis shows the proposed schemes are provably secure and highly efficient.
2. ALGORITHM:
BLS: Boneh–Lynn–Shacham
Signing is performed using Boneh–Lynn–Shacham (BLS) algorithm which is more secure
compared to other algorithms. To ensure the correctness of data, we consider an external auditor
called as third party auditor (TPA), on behalf of the cloud user, to verify the integrity of the data
stored in the cloud. By utilizing public key based homomorphic authenticator with random
masking privacy preserving public auditing can be achieved. The technique of bilinear aggregate
signature is used to achieve batch auditing. Batch auditing reduces the computation overhead.
Extensive security and performance analysis shows the proposed schemes are provably secure
MODULES:
1. System Model:
Third Party Auditor (TPA): an optional TPA, who has expertise and capabilities that users may
not have, is trusted to assess and expose risk of cloud storage services on behalf of the users
upon request.
1. It supports an external auditor to audit the user’s outsourced data without learning
knowledge on the data content.
2. Achieves batch auditing where multiple delegated auditing asks from different users can
be performed simultaneously by the TPA.
3. Also supports dynamic operations on data blocks i.e. data update, append and delete.
3. 2. File Retrieval and Error Recovery:
Since our layout of file matrix is systematic, the user can reconstruct the original file by
downloading the data vectors from the first m servers, assuming that they return the correct
response values. Notice that our verification scheme is based on random spot-checking, so the
storage correctness assurance is a probabilistic one. We can guarantee the successful file retrieval
with high probability. On the other hand, whenever the data corruption is detected, the
comparison of pre-computed tokens and received response values can guarantee the
identification of misbehaving server(s).
3. Operations:
(1) Update Operation
In cloud data storage, sometimes the user may need to modify some data block(s) stored in the
cloud, we refer this operation as data update. In other words, for all the unused tokens, the user
needs to exclude every occurrence of the old data block and replace it with the new one.
(2) Delete Operation
Sometimes, after being stored in the cloud, certain data blocks may need to be deleted. The
delete operation we are considering is a general one, in which user replaces the data block with
zero or some special reserved data symbol. From this point of view, the delete operation is
actually a special case of the data update operation, where the original data blocks can be
replaced with zeros or some predetermined special blocks.
(3) Append Operation
4. In some cases, the user may want to increase the size of his stored data by adding blocks at the
end of the data file, which we refer as data append. We anticipate that the most frequent append
operation in cloud data storage is bulk append, in which the user needs to upload a large number
of blocks (not a single block) at one time.
EXISTING SYSTEM:
The audit from TPA demands retrieval of user’s data, which should be prohibitive
because it violates the privacy-preserving guarantee.
Its communication and computation complexity are both linear with respect to the sampled data
size, which may result in large communication overhead and time delay, especially when the
bandwidth available between the TPA and the cloud server is limited.
In contrast to traditional solutions, where the IT services are under proper physical, logical and
personnel controls, Cloud Computing moves the application software and databases to the large
data centers, where the management of the data and services
May not be fully trustworthy. This unique attribute, however, poses many new security
challenges which have not been well understood.
PROPOSED SYSTEM:
We consider an external auditor called as third party auditor (TPA), on behalf of the
cloud user, to verify the integrity of the data stored in the cloud. By utilizing public key based
homomorphic authenticator with random masking privacy preserving public auditing can be
achieved. The technique of bilinear aggregate signature is used to achieve batch auditing. Batch
auditing reduces
5. the computation overhead. Extensive security and performance analysis shows the proposed
schemes are provably secure and highly efficient.
We are going to tackle the problem of how to enable a privacy-preserving third-party auditing
protocol, independent to data encryption in this paper. Besides, with the prevalence of Cloud
Computing, a foreseeable increase of auditing tasks from different users may be delegated to
TPA.
Technical contribution in this paper is summarized as follows:
1. It supports an external auditor to audit the user’s outsourced data without learning
knowledge on the data content.
2. Achieves batch auditing where multiple delegated auditing asks from different users
can be performed simultaneously by the TPA.
3. Also supports dynamic operations on data blocks i.e. data update, append and delete.