This document summarizes a research paper that proposes a new approach for auditing data stored in the cloud while preserving privacy. It begins with an introduction to cloud computing and common security issues when data is stored remotely. It then discusses existing methods for third-party auditing of cloud data that allow users to verify integrity and correctness, but compromise privacy. The proposed method uses Shamir's secret sharing algorithm to divide user data into shares and store each share on a different cloud server. This allows a third-party auditor to verify integrity without accessing or viewing the actual data contents, thus preserving privacy. The goals and design of the proposed approach are described, including how the secret sharing technique works mathematically to split data into threshold shares.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
Cloud computing refers to a type of networked computing whereby an application can be run on connected
servers instead of local servers. Cloud can be used to store data, share resources and also to provide
services. Technically, there is very little difference between public and private cloud architecture. However,
the security and privacy of the data is a very big issue when sensitive data is being entrusted to third party
cloud service providers. Thus encryption with a fine grained access control is inevitable to enforce security
in clouds. Several techniques implementing attribute based encryption for fine grained access control have
been proposed. Under such approaches, the key management overhead is a little bit high in terms of
computational complexity. Also, secret sharing mechanisms have added complexity. Moreover, they lack
mechanisms to handle existence of traitors. Our proposed approach addresses these requirements and
reduces the overhead of the key management as well as secret sharing by using efficient algorithms and
protocols. Also, a traitor tracing technique is introduced into the cloud computing two layer encryption
environment.
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...IJCNCJournal
Cloud computing is utility-based computing provides many benefits to its clients but security is one aspect which is delaying its adoptions. Security challenges include data security, network security and infrastructure security. Data security can be achieved using Cryptography. If we include location information in the encryption and decryption process then we can bind access to data with the location so that data can be accessed only from the specified locations. In this paper, we propose a method based on the symmetric cryptography, location-based cryptography and ciphertext policy – Attribute-based encryption (CP-ABE) to implements secure access control to the outsourced data. The Symmetric key is used to encrypt that data whereas CP-ABE is used to encrypt the secret key and the location lock value before uploading on the server. User will download encrypted data and the symmetric secret key XORed with the Location Lock value, using his attributes based secret key he can obtain first XORed value of Symmetric secret key and location lock value. Using anti-spoof GPS Location lock value can be obtained which can be used to retrieve the symmetric secret key. We have adopted Massage Authentication Code (MAC) to ensure Integrity and Availability of the data. This protocol can be used in the Bank, government organization, military services or any other industry those are having their offices/work location at a fixed place, so data access can be bounded to that location.
Secure Data Sharing In an Untrusted CloudIJERA Editor
Cloud computing is a huge area which basically provides many services on the basis of pay as you go. One of the fundamental services provided by cloud is data storage. Cloud provides cost efficiency and an efficient solution for sharing resource among cloud users. A secure and efficient data sharing scheme for groups in cloud is not an easy task. On one hand customers are not ready to share their identity but on other hand want to enjoy the cost efficiency provided by the cloud. It needs to provide identity privacy, multiple owner and dynamic data sharing without getting effected by the number of cloud users revoked. In this paper, any member of a group can completely enjoy the data storing and sharing services by the cloud. A secure data sharing scheme for dynamic cloud users is proposed in this paper. For which it uses group signature and dynamic broadcast encryption techniques such that any user in a group can share the information in a secured manner. Additionally the permission option is proposed for the security reasons. This means the file access permissions are generated by the admin and given to the user using Role Based Access Control (RBA) algorithm. The file access permissions are read, write and delete. In this, owner can provide files with options and accepts the users using that option. The revocation of cloud user is a function generated by the Admin for security purpose. The encryption computational cost and storage overhead is not dependent on the number of users revoked. We analyze the security by proofs and produce the cloud efficiency report using cloudsim.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
Cloud computing refers to a type of networked computing whereby an application can be run on connected
servers instead of local servers. Cloud can be used to store data, share resources and also to provide
services. Technically, there is very little difference between public and private cloud architecture. However,
the security and privacy of the data is a very big issue when sensitive data is being entrusted to third party
cloud service providers. Thus encryption with a fine grained access control is inevitable to enforce security
in clouds. Several techniques implementing attribute based encryption for fine grained access control have
been proposed. Under such approaches, the key management overhead is a little bit high in terms of
computational complexity. Also, secret sharing mechanisms have added complexity. Moreover, they lack
mechanisms to handle existence of traitors. Our proposed approach addresses these requirements and
reduces the overhead of the key management as well as secret sharing by using efficient algorithms and
protocols. Also, a traitor tracing technique is introduced into the cloud computing two layer encryption
environment.
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...IJCNCJournal
Cloud computing is utility-based computing provides many benefits to its clients but security is one aspect which is delaying its adoptions. Security challenges include data security, network security and infrastructure security. Data security can be achieved using Cryptography. If we include location information in the encryption and decryption process then we can bind access to data with the location so that data can be accessed only from the specified locations. In this paper, we propose a method based on the symmetric cryptography, location-based cryptography and ciphertext policy – Attribute-based encryption (CP-ABE) to implements secure access control to the outsourced data. The Symmetric key is used to encrypt that data whereas CP-ABE is used to encrypt the secret key and the location lock value before uploading on the server. User will download encrypted data and the symmetric secret key XORed with the Location Lock value, using his attributes based secret key he can obtain first XORed value of Symmetric secret key and location lock value. Using anti-spoof GPS Location lock value can be obtained which can be used to retrieve the symmetric secret key. We have adopted Massage Authentication Code (MAC) to ensure Integrity and Availability of the data. This protocol can be used in the Bank, government organization, military services or any other industry those are having their offices/work location at a fixed place, so data access can be bounded to that location.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
A PRACTICAL CLIENT APPLICATION BASED ON ATTRIBUTE-BASED ACCESS CONTROL FOR UN...cscpconf
One of widely used cryptographic primitives for the cloud application is Attribute Based Encryption (ABE) where users can have their own attributes and a ciphertext encrypted by an access policy. Though ABE provides many benefits, the novelty often only exists in an academic world and it is often difficult to find a practical use of ABE for a real application. In this paper, we discuss the design and implementation of a cloud storage client application which supports the concept of ABE. Our proposed client provides an effective access control mechanism where it allows different types of access policy to be defined thus allowing large datasets to be shared by multiple users. Using different access policy, each user only needs to access only a small part of the big data. The goal of our experiment is to explore the right set of strategies for developing a practical ABE-based system. Through the implementation and evaluation, we have determined the various characteristics and issues associated with developing a practical ABEbased
application.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
A robust and verifiable threshold multi authority access control system in pu...IJARIIT
Attribute-based Encryption is observed as a promising cryptographic leading tool to assurance data owners’ direct
regulator over their data in public cloud storage. The former ABE schemes include only one authority to maintain the whole
attribute set, which can carry a single-point bottleneck on both security and performance. Then, certain multi-authority
schemes are planned, in which numerous authorities distinctly maintain split attribute subsets. However, the single-point
bottleneck problem remains unsolved. In this survey paper, from another perspective, we conduct a threshold multi-authority
CP-ABE access control scheme for public cloud storage, named TMACS, in which multiple authorities jointly manage a
uniform attribute set. In TMACS, taking advantage of (t, n) threshold secret allocation, the master key can be shared among
multiple authorities, and a lawful user can generate his/her secret key by interacting with any t authorities. Security and
performance analysis results show that TMACS is not only verifiable secure when less than t authorities are compromised, but
also robust when no less than t authorities are alive in the system. Also, by efficiently combining the traditional multi-authority
scheme with TMACS, we construct a hybrid one, which satisfies the scenario of attributes coming from different authorities as
well as achieving security and system-level robustness.
Achieving Secure, sclable and finegrained Cloud computing reportKiran Girase
cloud computing is also facing many challenges that, if not well resolved, may impede its fast growth. Data security, as it exists in many other applications, is among these challenges that would raise great concerns from users when they store sensitive information on cloud servers. These concerns originate from the fact that cloud servers are usually operated by commercial providers which are very likely to be outside of the trusted domain of the users. Data confidential against cloud servers is hence frequently desired when users outsource data for storage in the cloud.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Cloud Computing is the most emerging trend in Information Technology now days. It is attracting the organizations due to its advantages of scalability, throughput, easy and cheap access and on demand up and down grading of SaaS, PaaS and IaaS. Besides all the salient features of cloud environment, there are the big challenges of privacy and security. In this paper, a review of different security issues like trust, confidentiality, authenticity, encryption, key management and resource sharing are presented along with the efforts made on how to overcome these issues.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
A PRACTICAL CLIENT APPLICATION BASED ON ATTRIBUTE-BASED ACCESS CONTROL FOR UN...cscpconf
One of widely used cryptographic primitives for the cloud application is Attribute Based Encryption (ABE) where users can have their own attributes and a ciphertext encrypted by an access policy. Though ABE provides many benefits, the novelty often only exists in an academic world and it is often difficult to find a practical use of ABE for a real application. In this paper, we discuss the design and implementation of a cloud storage client application which supports the concept of ABE. Our proposed client provides an effective access control mechanism where it allows different types of access policy to be defined thus allowing large datasets to be shared by multiple users. Using different access policy, each user only needs to access only a small part of the big data. The goal of our experiment is to explore the right set of strategies for developing a practical ABE-based system. Through the implementation and evaluation, we have determined the various characteristics and issues associated with developing a practical ABEbased
application.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the user’s and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
A robust and verifiable threshold multi authority access control system in pu...IJARIIT
Attribute-based Encryption is observed as a promising cryptographic leading tool to assurance data owners’ direct
regulator over their data in public cloud storage. The former ABE schemes include only one authority to maintain the whole
attribute set, which can carry a single-point bottleneck on both security and performance. Then, certain multi-authority
schemes are planned, in which numerous authorities distinctly maintain split attribute subsets. However, the single-point
bottleneck problem remains unsolved. In this survey paper, from another perspective, we conduct a threshold multi-authority
CP-ABE access control scheme for public cloud storage, named TMACS, in which multiple authorities jointly manage a
uniform attribute set. In TMACS, taking advantage of (t, n) threshold secret allocation, the master key can be shared among
multiple authorities, and a lawful user can generate his/her secret key by interacting with any t authorities. Security and
performance analysis results show that TMACS is not only verifiable secure when less than t authorities are compromised, but
also robust when no less than t authorities are alive in the system. Also, by efficiently combining the traditional multi-authority
scheme with TMACS, we construct a hybrid one, which satisfies the scenario of attributes coming from different authorities as
well as achieving security and system-level robustness.
Achieving Secure, sclable and finegrained Cloud computing reportKiran Girase
cloud computing is also facing many challenges that, if not well resolved, may impede its fast growth. Data security, as it exists in many other applications, is among these challenges that would raise great concerns from users when they store sensitive information on cloud servers. These concerns originate from the fact that cloud servers are usually operated by commercial providers which are very likely to be outside of the trusted domain of the users. Data confidential against cloud servers is hence frequently desired when users outsource data for storage in the cloud.
Comparison of data security in grid and cloud computingeSAT Journals
Abstract In the current era, Grid computing and cloud computing are the main fields in the research work. This thesis define which are the main security issues to be considered in cloud computing and grid computing, and how some of these security issues are solved. Comparative study shows the grid security is tighter than the cloud. It also shows cloud computing is less secure and faced security problems. This research work is based on main security problems in cloud computing such as authentication, authorization, access control and security infrastructure (SLA). Cloud infrastructure is based on service level agreement; simply cloud providers provide different services to cloud’s users and organizations with an agreement known SLA. So the security and privacy of user’s data is the main problem, because unauthorized person can’t access the data of cloud user. Hacking and data leakage are the common threats in cloud computing. As the security due to hackers increase over internet and the cloud computing is totally on internet. At this time, cloud computing demand the tight password protection and strong authentication and authorization procedure. For an increased level of security, privacy and password protection, we provide a new strong authentication model named “Two factor authentications using graphical password with pass point scheme”. This authentication model includes the login procedure, access control that is based on service level agreement (SLA) in cloud computing. Index Terms: Cloud computing, Authentication, login, Recognition, Recall, Pass point, security, Cloud Provider, Service level Agreement, Two Factor Authentication
Cloud Computing is the most emerging trend in Information Technology now days. It is attracting the organizations due to its advantages of scalability, throughput, easy and cheap access and on demand up and down grading of SaaS, PaaS and IaaS. Besides all the salient features of cloud environment, there are the big challenges of privacy and security. In this paper, a review of different security issues like trust, confidentiality, authenticity, encryption, key management and resource sharing are presented along with the efforts made on how to overcome these issues.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
A proposed Solution: Data Availability and Error Correction in Cloud ComputingCSCJournals
Cloud Computing is the hottest technology in the market these days, used to make storage of huge amounts of data and information easier for organizations. Maintaining servers to store all the information is quite expensive for individual and organizations. Cloud computing allows to store and maintain data on remote servers that are managed by Cloud Service Providers (CSP) like Yahoo and Google. This data can then be accessed through out the globe. But as more and more information of individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. In this paper we discussed security issues and requirements in the Cloud and possible solutions of some the problems. We develop an architecture model for cloud computing to solve the data availability and error correction problem.
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEditor IJMTER
Cloud computing is a model for enabling for on demand network access to shared
configurable computing resources (e.g. networks, servers, storage, applications, and services).It is
based on virtualization and distributed computing technologies. Cloud Data storage systems enable
user to store data efficiently on server without any trouble of data resources. User can easily store
and retrieve their data remotely. The two biggest concerns about cloud data storage are reliability and
security. Clients aren’t like to entrust their data to another third party or companies without a
guarantee that they will be able to access therein formations whenever they want. In the existing
system, the data are stored in the cloud using dynamic data operation with computation which makes
the user need to make a copy for further updating and verification of the data loss. Different
distributed storing auditing techniques are used for overcoming the problem of data loss. Recent
work of this paper has show that data partitioning technique used for data storage by providing
Digital signature to every partitioning data and user .this technique allow user to upload or retrieve
the data with matching the digital signatures provided to them. This method ensures high cloud
storage integrity, enhanced error localization and easy identification of misbehaving server and
unauthorized access to the cloud server. Hence this work aims to store the data securely in reduced
space with less time and computational cost.
Preserving Privacy Policy- Preserving public auditing for data in the cloudinventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
Insuring Security for Outsourced Data Stored in Cloud EnvironmentEditor IJCATR
The cloud storage offers users with infrastructure flexibility, faster deployment of applications and data, cost
control, adaptation of cloud resources to real needs, improved productivity, etc. Inspite of these advantageous factors, there
are several deterrents to the widespread adoption of cloud computing remain. Among them, security towards the correctness
of the outsourced data and issues of privacy lead a major role. In order to avoid security risk for the outsourced data, we
propose the dynamic audit services that enables integrity verification of untrusted and outsourced storages. An interactive
proof system (IPS) with the zero knowledge property is introduced to provide public auditability without downloading raw
data and protect privacy of the data. In the proposed system data owner stores the large number of data in cloud after e
encrypting the data with private key and also send public key to third party auditor (TPA) for auditing purpose. TPA in
clouds and it’s maintained by CSP. An Authorized Application (AA), which holds a data owners secret key (sk) and
manipulate the outsourced data and update the associated IHT stored in TPA. Finally Cloud users access the services through
the AA. Our system also provides secure auditing while the data owner outsourcing the data in the cloud. And after
performing auditing operations, security solutions are enhanced for the purpose of detecting malicious users with the help of
Certificate Authority
Security Check in Cloud Computing through Third Party Auditorijsrd.com
In cloud computing, data owners crowd their data on cloud servers and users (data consumers) can access the data from cloud servers. Due to the data outsourcing, however, it requires an independent auditing service to check the data integrity in the cloud. Some existing remote integrity checking method scan only serve for static records data. Thus, cannot be used in the auditing service since the data in the cloud can be animatedly updated. Thus, an efficient and secure dynamic auditing protocol is required to convince data owners that the data are correctly stored in the cloud. In this paper, we first design an auditing framework for cloud storage systems for privacy-preserving auditing protocol. Then, we extend our auditing protocol to support the data dynamic operations, which is efficient to secure the random model.
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. The occupier need not be concerned with how the Paas system achieves expansion under high load.MAC systems differ as security policy is defined for the entire system, typically by administrators. Information flow control (IFC) is a MAC approach, developed originally from military information management methodologies. IFC can be used to enforce more general policies, using appropriate labeling and checking schemes. The labels can be used to manage both confidentiality and integrity concerns, tracking “secrecy†and “quality†of data, respectively. Decentralized Information Flow Control (DIFC) is an approach to security that allows application writers to control how data flow between the pieces of application and the outside world. As applied to privacy DIFC allows un trusted software to compute with private data while trusted security code controls the release of that data. As applied to integrity DIFC allows trusted code to protect un trusted software from unexpected inputs.
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
The Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and
flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts
such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set
of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other
words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the
other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in
a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also
describe other application of our schemes. In particular, our schemes give the first public-key patient controlled encryption for flexible
hierarchy, which was yet to be known.
Cloud computing is the technology which enables obtaining resources like so services,
software, hardware over the internet. With cloud storage users can store their data remotely and
enjoy on-demand services and application from the configurable resources. The cloud data storage
has many benefits over local data storage. Users should be able to just use the cloud storage as if it is
local, without worrying about the need to verify its integrity. The problem is that ensuring data
security and integrity of data of user. Sohere, I am going to have public audit ability for cloud storage
that users can resort to a third-party auditor (TPA) to check the integrity of data. This paper gives the
various issues related to privacy while storing the user’s data to the cloud storage during the TPA
auditing. Without appropriate security and privacy solutions designed for clouds this computing
paradigm could become a big failure. I am a giving privacy-preserving public auditing using ring
signature process for secure cloud storage system. This paper is going to analyze various techniques
to solve these issues and to provide the privacy and security to the data in cloud
Survey on securing outsourced storages in cloudeSAT Journals
Abstract Cloud computing is one of the buzzwords of technological developments in the IT industry and service sectors. Widening the social capabilities of servicing for a user on the internet while narrowing the insufficiency to store information and provide facilities locally, computing interests are shifting towards cloud services. Cloud services although contributes to major advantages for servicing also incurs notification to major security issues. The issues and the approaches that can be taken to minimise or even eliminate their effects are discussed in this paper to progress toward more secure storage services on the cloud. Keywords: Cloud computing, Cloud Security, Outsourced Storages, Storage as a Service
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology
Similar to Cloud Auditing With Zero Knowledge Privacy (20)
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
1. Shilpa Dilip Sapatnekar Int. Journal of Engineering Research and Applications www.ijera.com
ISSN: 2248-9622, Vol. 5, Issue 7, (Part - 3) July 2015, pp.46-51
www.ijera.com 46 | P a g e
Cloud Auditing With Zero Knowledge Privacy
Shilpa Dilip Sapatnekar, Prajakta Kanase
(Department of Computer Science,College of Engineering,Pandharpur, Solapur University, Solapur)
(Department of Computer Science,College of Engineering,Pandharpur, Solapur University, Solapur)
Abstract-
The Cloud computing is a latest technology which provides various services through internet. The Cloud server
allows user to store their data on a cloud without worrying about correctness & integrity of data. Cloud data
storage has many advantages over local data storage. User can upload their data on cloud and can access those
data anytime anywhere without any additional burden. The User doesn’t have to worry about storage and
maintenance of cloud data. But as data is stored at the remote place how users will get the confirmation about
stored data. Hence Cloud data storage should have some mechanism which will specify storage correctness and
integrity of data stored on a cloud. The major problem of cloud data storage is security .Many researchers have
proposed their work or new algorithms to achieve security or to resolve this security problem. In this paper, we
proposed a Shamir’s Secrete sharing algorithm for Privacy Preservation for data Storage security in cloud
computing. We can achieve confidentiality, integrity and availability of the data. It supports data dynamics
where the user can perform various operations on data like insert, update and delete as well as batch auditing
where multiple user requests for storage correctness will be handled simultaneously which reduce
communication and computing cost.
Keywords — Privacy Preserving, Public Auditing, TPA, Data Security
I. INTRODUCTION
Cloud Computing is using hardware and software
as computing resources to provide service through
internet. Cloud computing provides various service
models as platform as a service (PaaS), software as a
service (SaaS),
Infrastructure as a service (Iaas), storage as a service
(STaaS), security as a service (SECaaS), Data as a
service (DaaS) & many more. Out of this Paas, SaaS
and IaaS are most popular.
Cloud computing has four models as Public cloud:
though which the service is available to all public use.
Private cloud: Through which service is available to
private enterprise ororganization. Community Cloud :
It allows us to share infrastructure among various
organizations through which we can achieve security.
We can achieve security by internal members or else
by external Third party vendor. Hybrid cloud : it is a
combination of public and private cloud. Cloud
computing has many advantages as : we can easily
upload and download the data stored in the cloud
without worrying about security. We can access the
data from anywhere, any time on demand. Cost is low
or pay per usage basis. Hardware and software
resources are easily available without location
independent. The major disadvantages of cloud
computing is security.
II. LITERATURE SURVEY
2.1 Security Issues
The security is a major issue in cloud computing.
It is a sub domain of computer security, network
security or else data security. The cloud computing
security refers to a broad set of policies, technology &
controls deployed to protect data, application & the
associated infrastructure of cloud computing. Some
security and privacy issues that need to be considered
are as follows
1) Authentication: Only authorized user can
access data in the cloud
2) Correctness of data: This is the way through
which user will get the confirmation that the
data stored in the cloud is secure
3) Availability: The cloud data should be easily
available and accessible without any burden.
The user should access the cloud data as if he
is accessing local data
4) No storage Overhead and easy maintenance:
User doesn’t have to worry about the storage
requirement & maintenance of the data on a
cloud
5) No data Leakage: The user data stored on a
cloud can accessed by only authorize the user
or owner. So all the contents are accessible by
only authorize the user
6) No Data Loss: Provider may hide data loss on
a cloud for the user to maintain their
reputation.
RESEARCH ARTICLE OPEN ACCESS
2. Sina Rezaei-Gomari et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN: 2248-9622, Vol. 5, Issue 7, (Part - 3) July 2015, pp.46-51
www.ijera.com 47 | P a g e
In cloud computing, cloud data storage contains
two entities as cloud user and cloud service provider
or cloud server. Cloud user is a person who stores
large amount of data on cloud server which is
managed by the cloud service provider. User can
upload their data on cloud without worrying about
storage and maintenance. A cloud service provider
will provide services to cloud user. The major issue in
cloud data storage is to obtain correctness and
integrity of data stored on the cloud. Cloud Service
Provider (CSP) has to provide some form of
mechanism through which user will get the
confirmation that cloud data is secure or is stored as it
is. No data loss or modification is done.
Security in cloud computing can be addressed in
many ways as authentication, integrity,
confidentiality. Data integrity or data correctness is
another security issue that needs to be considered.
The proposed scheme [4] specifies that the data
storage correctness can be achieved by using SMDS
(Secure Model for cloud Data Storage). It specifies
that the data storage correctness can be achieved in 2
ways as 1) without trusted third party 2) with trusted
third party based on who does the verification.
Fig 1: cloud architecture
It provides data confidentiality in two stages as 1)
Data at rest 2) Data in transmission.
1) Data at rest: Symmetric key encryption
technique
(i.e. AES, TDES, and DES) are recommended which
are
secure but more time consuming.
2) Data in transmission: Secure Socket Layer
(SSL)
protocol is used for integrity verification. It uses a
two
different hash function such as Secure Hash
Algorithm (SHA1) for digital signature and Message
Digest (MD5) is a cryptographic hash function which
is used to check the data integrity.
Balkrishna and Hoka address problem of access
control using cryptographic techniques which
degrades performance and increase the computation
cost of managing all keys at Cloud Server and at the
user[13][22]. They proposed Diffie Hellman key
exchange scheme for sharing symmetric key securely.
Researchers of [4] specify way to achieve storage
correctness without Trusted Third Party (TTP).
Following are major goals of proposed schemes as
CS neither should learn any information from user’s
data nor should misuse the same.
The User selects the encryption option for their data
Secure key management
Flexible access right managements
It aims to achieve light weight integrity verification
process for checking the unauthorized change in the
original data without requesting a local copy of the
data.
It uses public key encryption technique to encrypt
the data for data storage correctness. It achieves the
following goals as data confidentiality, security, light
weight verification, key management, access right
and no data duplication.
The proposed scheme is compared with different
cloud
service providers like cloudseal, cloud zone, Venus &
EPPS.
It uses symmetric encryption which provides
confidentiality, integrity, and verification With low
cost. It also provides authentication for data owner
and access control through which only authorized
user can access the data.
The correctness of data can be violated due to
internal and external threats and CSP may hide data
loss or damage from users to maintain a reputation.
Major security issues associated with cloud user and
CSP are as follows
1) Cloud Service Provider (CSP): Organization or
enterprises provide various services to cloud users.
Confidentiality and integrity of cloud data should be
maintained by CSP. The Provider should ensure that
user’s data and application are secured on a cloud.
CSP may not leak the information or else cannot
modify or access user’s content. The attacker can log
into network communication [9].
2) Cloud Server (CS): The cloud server where data
being stored and accessed by cloud data owner or
users. Data should not be accessed by unauthorized
users, no data modification or no loss of data.
3) Cloud User: Attackers can access basic
information like username and password [9]. Key
management is major issue in encryption techniques.
Data dynamic issues need to be considered by CSP.
Cloud Computing Threads [9] are as follows:
Spoofing Identity Theft
Data Tempering Threat
Repudiation Attack
Information Disclosure on up/download Intra-Cloud
Denial of Service Attack
3. Sina Rezaei-Gomari et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN: 2248-9622, Vol. 5, Issue 7, (Part - 3) July 2015, pp.46-51
www.ijera.com 48 | P a g e
Log In
To achieve security, we can handover our data to a
third outsource party who will specify the correctness
and integrity of the cloud data. Hence, new concept
arrives as Third party auditor (TPA) who will audit
the user data stored on the cloud, based on the user’s
request. In this case, the Cloud service provider
doesn’t have to worry about the correctness and
integrity of the data. In this technique, TPA will audit
the cloud data to check the integrity or correctness in
two ways as: 1) Download all files and data from the
cloud for auditing. This may include I/O and network
transmission cost. 2) Apply auditing process only for
accessing the data but again in this case, data loss or
data damage cannot be defined for unaccessed data.
Public auditability allows user to check integrity of
outsource data under different system & security
models. We cannot achieve privacy as TPA can see
the actual content stored on a cloud during the
auditing phase. TPA itself may leak the information
stored in the cloud which violate data security. To
avoid this, Encryption technique is used where data is
encrypted before storing it on the cloud.
Through this, they achieved privacy up to certain
extent but which increases complex key management
on user side. This technique cannot be long lasting as
authorized user can easily access original content by
using the decryption key which is easily available.
Hence to achieve privacy preservation with public
auditing using TPA for cloud data storage security,
researchers have proposed various techniques.
III. EXISTING SYSTEM
The cloud data storage service contains 3
different entities as cloud user, Third party auditor &
cloud server / cloud service provider (CSP). Cloud
user stores large amount of data or files on a cloud
server. User can upload their data on cloud server
(CS) and that data will be managed by cloud service
provider. Third party auditors will do the auditing on
users request for storage correctness and integrity of
data.
The proposed system specifies that user can access
the data on a cloud as if the local one without
worrying about the integrity of the data. Hence, Third
Party Auditor allows checking the integrity of data. It
supports privacy preservation.
In cloud, data is stored in a centralized form and
managing this data and providing security is very
difficult. During auditing phase, TPA can read the
user’s data hence can modify. The reliability is
increased as data is handled by TPA but data integrity
is not achieved. It uses encryption technique to
encrypt the contents of the file.
TPA checks the integrity of the data stored on a
cloud but if the TPA itself leaks the user’s data.
Hence the new concept comes as auditing with zero
knowledge privacy where TPA will audit the users’
data without seeing the contents. It uses public key
based homomorphic linear authentication (HLA) [1],
[2] which allows TPA to perform auditing without
requesting for user data. It reduces communication &
computation overhead. In this, HLA with random
masking protocol is used which does not allow TPA
to learn data content.
3.1 Goals
It allows TPA to audit users’ data without knowing
data content
It supports batch auditing where multiple user
requests
for data auditing will be handled simultaneously.
It provides security and increases performance
through
this system.
3.2 Design Goals
1) Public audit ability: Allows third party auditor to
check data correctness without accessing local
data.
2) Storage Correctness: The data stored on a cloud is
as
it. No data modification is done.
3) Privacy preserving: TPA can’t read the users’ data
during the auditing phase.
4) Batch Auditing: Multiple users auditing request is
handled simultaneously.
5) Light Weight: Less communication and
computation
overhead during the auditing phase.
For integrity check user as well as third party
auditor can check the integrity of the data where we
can achieve publicly auditing user data. It supports
data dynamics & batch auditing. The major benefits
of storing data on a cloud is the relief of burden for
storage management, universal data access with
location independent & avoidance of capital
expenditure on hardware, software & personal
maintenance.
Fig 3: architecture of data security in cloud using tpa
IV. PROPOSED SCHEME
The data on the cloud has a minimum concern
about sensitive information such as social security
number, medical records, bank transaction and
shipping manifests for hazardous material. We
4. Sina Rezaei-Gomari et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN: 2248-9622, Vol. 5, Issue 7, (Part - 3) July 2015, pp.46-51
www.ijera.com 49 | P a g e
provide additional security by using Shamir’s secret
sharing algorithm. Shamir's Secret Sharing is an
algorithm in cryptography. It is developed by Adi
Shamir.
Secret data is divided into multiple parts or shares,
which will be stored at multiple different clouds. To
reconstruct the original data from multiple shares, we
need to have at least k or more shares. WE cannot
reconstruct the original data with share value than (k-
1).
We don’t need all shares to reconstruct the original
data and therefore the threshold value (k) is used
where any of the parts are sufficient to reconstruct the
original secret.
4.1 Design Goals
The goal is to divide data D (e.g., a safe
combination)
into n pieces D1,….,Dn in such a way that:
1. Knowledge of any k or more Di pieces makes D
easily
computable.
2. Knowledge of any k-1 or fewer pieces leaves D
completely undetermined (in the sense that all its
possible values are equally likely).
This scheme is called (k,n) threshold scheme. If k=n
then all shares are required to reconstruct the original
data.
Advantages of Proposed scheme
1. Secure: Information theoretic security.
2. Minimal: The size of each piece does not exceed
the
size of the original data.
3. Extensible: When k is kept fixed, we can add or
delete
Di shares dynamically without affecting other.
4. Dynamic: We can change the polynomial to
increase
the security and we can reconstruct the new shares.
5. Flexible: for authentication, we can maintent the
security unlock categories based on its hierarchy.
4.2 Mathematical Model
Suppose we want to use a (k,n) threshold scheme
to share our secret S , without loss of generality
assumed to be an element in a finite field F of size
0<k<=n<P where P a prime number.
Choose at random k-1 coefficients a1 ...ak-1 in F, and
Let a0=S. Build the polynomial
F(x)=a0+a1x+a2x2
+a3x3
+.....+akxk-1
Let us construct any n points out of it, for instance
Set i=1,….,n to retrieve (i,f(i)). Every participant is
given a point (a pair of input to the polynomial and
output).with k shares, we can find the coefficients of
the polynomial using interpolation and the secret is
the constant term a0.
4.2.1 Preparation
Suppose that our secret is 1234 (S=1234). We wish to
divide the secret into 6 parts (n=6), where any subset
of 3
parts (k=3) is sufficient to reconstruct the secret. At
random we obtain two (k-1) numbers: 166 and 94.
(a1=166; a2=94)
Our polynomial to produce secret shares (points) is
therefore:
F(x) =1234+a66x+94 x2
From the above polynomial, we construct
following six points:
(1, 1494); (2, 1942); (3, 2578); (4, 3402); (5, 4414);
(6, 5614)
On each cloud will store this shares separately as
(x and f(x)).
4.2.2 Reconstruction
The value of k=3, so we need to have atleast three
shares to reconstruct the original data. Let us consider
(x0,y0)=(2,1942); (x1,y1)=(4,3402); (x2,y2)=(5,4414)
To reconstruct the original data, we use Lagrange
basis polynomials:
Therefore
f (x) =
=1234+166x+94
Recall that the secret is the free coefficient, which
means that S=1234, and we are done.
4.3 Proposed System Workflow
5. Sina Rezaei-Gomari et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN: 2248-9622, Vol. 5, Issue 7, (Part - 3) July 2015, pp.46-51
www.ijera.com 50 | P a g e
Fig 4.1 system workflow
CONCLUSIONS
In this system, we proposed Shamir’s Secrete
sharing algorithm for Privacy Preservation with
Public Auditing for cloud data storage security. Cloud
computing security is a major issue that needs to be
considered. Using TPA, We can verify the
correctness and integrity of data stored on a cloud.
It uses Shamir’s Secrete Sharing algorithm along
with public key based homomorphic linear
authentication (HLA) protocol with random masking
to achieve privacy preservation data security. We
achieved zero knowledge privacy through random
masking technique. The proposed algorithm is very
efficient and strong algorithm through which we have
achieved confidentiality, integrity and availability of
cloud data.
REFERENCES
[1] C wang, Sherman S. M. Chow, Q. Wang, K
Ren and W. Lou, “Privacy-Preserving Public
Auditing for Secure Cloud Storage”, IEEE
Trasaction on Computers I, vol. 62, no. 2,
pp.362-375 , February 2013.
[2] C. Wang, Q. Wang, K. Ren, and W. Lou,
“Privacy-Preserving Public auditing for
storage security in cloud computing”, in
Proc.of IEEE INFOCOM’10, March 2010.
[3] Wang Shao-hu, Chen Dan-we, Wang Zhi-
weiP, Chang Su-qin, “Public auditing for
ensuring cloud data storage security with zero
knowledge Privacy” College of Computer,
Nanjing University of Posts and
Telecommunications, China, 2009
[4] KunalSuthar, Parmalik Kumar, Hitesh Gupta,
“SMDS: secure Model for Cloud Data
Storage”, International Journal of Computer
applications, vol56, No.3, October 2012
[5] AbhishekMohta, Lalit Kumar Awasti, “Cloud
Data Security while using Third Party
Auditor”, International Journal of Scientific &
Engineering Research, Volume 3, Issue 6, ISSN
2229-8 June 2012.
[6] Q. Wang, C. Wang,K.Ren, W. Lou and Jin Li
“Enabling Public Audatability and Data
Dynamics for Storage Security in Cloud
Computing”, IEEE Transaction on Parallel
and Distributed System, vol. 22, no. 5, pp. 847
– 859,2011.
[7] D. Shrinivas, “Privacy-Preserving Public
Auditing in Cloud Storage security”,
International Journal of computer science and
Information Technologies, vol 2, no. 6, pp.
2691-2693, ISSN: 0975-9646, 2011
[8] K Govinda, V. Gurunath prasad and H. sathish
kumar, “ Third Party Auditing for Secure Data
Storage in Cloud Through Digital Signature
Using RSA”, International Journal of
6. Sina Rezaei-Gomari et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN: 2248-9622, Vol. 5, Issue 7, (Part - 3) July 2015, pp.46-51
www.ijera.com 51 | P a g e
Advanced science and Technical Research, vol
4,no. 2, ISSN: 2249-9954,4 August 2012
[9] S. Marium, Q. Nazir, A. Ahmed, S. Ahthasham
and Aamir M. Mirza, “Implementation of EAP
with RSA for Enhancing The Security of
Cloud Computig”, International Journal of
Basic and Applied Science, vol 1, no. 3, pp.
177-183, 2012
[10] XU Chun-xiang, HE Xiao-hu, Daniel Abraha,
“Cryptanalysis of Auditing protocol proposed
by Wang et al. for data storage security in
cloud computing”,
http://eprint.iacr.org/2012/115.pdf, and
cryptology eprint archive: Listing for 2012.
[11] B. Dhiyanesh“A Novel Third Party
Auditability and Dynamic Based Security in
Cloud Computing” , International Journal of
Advanced Research in Technology, vol. 1,no.
1, pp. 29-33, ISSN: 6602 3127, 2011
[12] C. Wang, Q. Wang and K. Ren, “Ensuring
Data Storage security in Cloud
Computing”,IEEE Conference Publication,
17th
International Workshop on Quality of
Service (IWQoS), 2009
[13] Balkrishnan. S, Saranya. G, Shobana. S and
Karthikeyan. S, “Introducing Effective Third
Party Auditing (TPA) for Data Storage
Security in Cloud”, International Journal of
computer science and Technology, vol. 2, no.
2, ISSN 2229-4333 (Print) | ISSN: 0976-
8491(Online), June 2012
[14] K. Kiran Kumar, K. Padmaja, P. Radha
Krishna, “Automatic Protocol Blocker for
Privacy-Preserving Public Auditing in Cloud
Computing”, International Journal of
Computer science and Technology, vol. 3 pp,
ISSN. 0976-8491(Online), pp. 936-940, ISSN:
2229-4333 (Print), March 2012
[15] LingarajDhabale, PritiPavale, “Providing
Secured Data Storage by Privacy and Third
Party Auditing In Cloud”, International
Conference on Computing and Control
Engineering, ISBN 978-1- 2248-9, 12 & 13
April, 2012
[16] Jachak K. B., Korde S. K., Ghorpade P. P. and
Gagare G. J. ,“Homomorphic Authentication
with Random Masking Technique Ensuring
Privacy & Security in Cloud
Computing”,Bioinfo Security Informatics, vol.
2, no. 2, pp. 49-52, ISSN. 2249-9423, 12 April
2012
[17] Dr. P. K. Deshmukh, Mrs. V. R. Desale, Prof.
R. A. Deshmukh, “Investigation of TPA (Third
Party Auditor Role) foe Cloud Data Security”,
International Journal of Scientific and
Engineering Research, vo. 4,no. 2,ISSn 2229-
5518, Feb 2013.
[18] Gayatri. R, “Privacy Preserving Third Party
Auditing for Dynamic Data”, International
Journal of Communication and engineering,
vol. 1, no. 1, issue: 03, March 2012
[19] Prince Jain “Security Issues and their solution
in cloud computing”, International Journal of
computing and business research, ISSN
(Online): 2229-6166
[20] Amala “Dynamic Audit Services for Achieving
Data Integrity in Clouds”, International
Journal of Advanced Research in Computer
and Communication Engineering, ISSN (Print)
: 2319-5940 ISSN (Online) : 2278-1021
[21] R.Ushadevi V. Rajamani, “A Modified Trusted
Cloud Computing Architecture based on Third
Party Auditor (TPA) Private Key Mechanism”,
International Journal of Computer
Applications (0975 – 8887) Volume 58– No.22,
November 2012