SlideShare a Scribd company logo

Secure auditing and deduplicating data in cloud

Download as DOCX, PDF
N
nexgentech15

Nexgen Technology Address: Nexgen Technology No :66,4th cross,Venkata nagar, Near SBI ATM, Puducherry. Email Id: praveen@nexgenproject.com. www.nexgenproject.com Mobile: 9751442511,9791938249 Telephone: 0413-2211159. NEXGEN TECHNOLOGY as an efficient Software Training Center located at Pondicherry with IT Training on IEEE Projects in Android,IEEE IT B.Tech Student Projects, Android Projects Training with Placements Pondicherry, IEEE projects in pondicherry, final IEEE Projects in Pondicherry , MCA, BTech, BCA Projects in Pondicherry, Bulk IEEE PROJECTS IN Pondicherry.So far we have reached almost all engineering colleges located in Pondicherry and around 90km

Education
1 of 10
SECURE AUDITING AND DEDUPLICATING DATA IN CLOUD Abstract—As the cloud computing technology develops during the last decade, outsourcing data to cloud service for storage becomes an attractive trend, which benefits in sparing efforts on heavy data maintenance and management. Nevertheless, since the outsourced cloud storage is not fully trustworthy, it raises security concerns on how to realize data deduplication in cloud while achieving integrity auditing. In this work, we study the problem of integrity auditing and secure deduplication on cloud data. Specifically, aiming at achieving both data integrity and deduplication in cloud, we propose two secure systems, namely SecCloud and SecCloud+. SecCloud introduces an auditing entity with a maintenance of a MapReduce cloud, which helps clients generate data tags before uploading as well as audit the integrity of data having been stored in cloud. Compared with previous work, the computation by user in SecCloud is greatly reduced during the file uploading and auditing phases. SecCloud+ is designed motivated by the fact that customers always want to encrypt their data before uploading, and enables integrity auditing and secure deduplication on encrypted data.
EXISTING SYSTEM: Since our work is related to both integrity auditing and secure deduplication, we review the works in both areas in the following subsections, respectively. A. Integrity Auditing The definition of provable data possession (PDP) was introduced by Ateniese et al. for assuring that the cloud servers possess the target files without retrieving or downloading the whole data. Essentially, PDP is a probabilistic proof protocol by sampling a random set of blocks and asking the servers to prove that they exactly possess these blocks, and the verifier only maintaining a small amount of metadata is able to perform the integrity checking. After Ateniese et al.’s proposal, several works concerned on how to realize PDP on dynamic scenario: Ateniese et al. proposed a dynamic PDP schema but without insertion operation; Erway et al. improved Ateniese et al.’s work and supported insertion by introducing authenticated flip table; A similar work has also been contributed . Nevertheless, these proposals suffer from the computational overhead for tag generation at the client. To fix this issue, Wang et al. proposed proxy PDP in public clouds. Zhu et al proposed the cooperative PDP in multi-cloud storage. Another line of work supporting integrity auditing is proof of retrievability (POR) . Compared with PDP, POR not merely assures the cloud servers possess the target files, but also guarantees their full recovery. , clients apply erasure codes and
generate authenticators for each block for verifiability and retrievability. In order to achieve efficient data dynamics, Wang et al. improved the POR model by manipulating the classic Merkle hash tree construction for block tag authentication. Xu and Chang proposed to improve the POR schema with polynomial commitment for reducing communication cost. PROPOSED SYSTEM: In this paper, aiming at achieving data integrity and deduplication in cloud, we propose two secure systems namely SecCloud and SecCloud+. SecCloud introduces an auditing entity with a maintenance of a MapReduce cloud, which helps clients generate data tags before uploading as well as audit the integrity of data having been stored in cloud. This design fixes the issue of previous work that the computational load at user or auditor is too huge for tag generation. For completeness of fine-grained, the functionality of auditing designed in SecCoud is supported on both block level and sector level. In addition, SecCoud also enables secure deduplication. Notice that the “security” considered in SecCoud is the prevention of leakage of side channel information. In order to prevent the leakage of such side channel information, we follow the tradition and design a proof of ownership protocol between clients and cloud servers, which allows clients to prove to cloud servers that they exactly own the target data.
Module 1 Bilinear Map and Computational Assumption Definition 1 (Bilinear Map): Let G and GT be two cyclic multiplicative groups of large prime order p. A bilinear pairing is a map e : G × G → GT with the following properties: • Bilinear: e(ga 1 ; gb2 ) = e(g1; g2)ab for all g1; g2 ∈ R G and a; b ∈ R Zp; • Non-degenerate: There exists g1; g2 ∈ G such that e(g1; g2) ̸= 1; • Computable: There exists efficient algorithm to compute e(g1; g2) for all g1; g2 ∈ R G. The examples of such groups can be found in supersingular elliptic curves or hyperelliptic curves over finite fields, and the bilinear pairings can be derived from the Weil or Tate pairings. For more details, see [24]. We then describe the Computational Diffie-Hellman problem, the hardness of which will be the basis of the security of our proposed schemes. Definition 2 (CDH Problem): The Computational Diffie- Hellman problem is that, given g; gx; gy ∈ G1 for unknown x; y ∈ Z∗ p, to compute gxy.
Module2 System Model Aiming at allowing for auditable and deduplicated storage, we propose the SecCloud system. In the SecCloud system, we have three entities: • Cloud Clients have large data files to be stored and rely on the cloud for data maintenance and computation. They can be either individual consumers or commercial organizations; • Cloud Servers virtualize the resources according to the requirements of clients and expose them as storage pools. Typically, the cloud clients may buy or lease storage capacity from cloud servers, and store their individual data in these bought or rented spaces forfuture utilization; • Auditor which helps clients upload and audit their outsourced data maintains a MapReduce cloud and acts like a certificate authority. This assumption presumes that the auditor is associated with a pair of public and private keys. Its public key is made available to the other entities in the system. Module 3 SecCloudDetails
In this subsection, we respectively describe the three protocols including file uploading protocol, integrity auditing protocol and proof of ownership protocol in SecCloud. Before our detailed elaboration, we firstly introduce the system setup phase of SecCloud, which initializes the public and private parameters of the system. • System Setup. The auditor working as an authority picks a random integer _ ∈R Zp as well as random elements g; u1; u2; : : : ut ∈ R G, where t specifies the maximum number of sectors in a file block. The secret key sk is set to be _ and kept secret, while the public key pk = (g_; {ui}t i=1) is published to other entities. 1) File Uploading Protocol: Based on the public and private parameters generated in system setup, we then describe the file uploading protocol. Suppose the uploading file F has blocks: B1;B2; : : : ;Bs, and each block Bi for i = 1; 2; : : : ; s contains t sectors: Bi1;Bi2; : : : ;Bit. Let n be the number of slave nodes in the MapReduce cloud. As declared in Section IV-A, the file uploading protocol involves three phases. The client runs the deduplication test by sending hash value of the file Hash(F) to the cloud server. If there is a duplicate, the cloud client performs Proof of Ownership protocol with the cloud server which will be described later. If it is passed, the user is authorized to access this stored file without uploading the file.
Module 4 Seccloud We specify that our proposed SecCloud system has achieved both integrity auditing and file deduplication. However, it cannot prevent the cloud servers from knowing the content of files having been stored. In other words, the functionalities of integrity auditing and secure deduplication are only imposed on plain files. In this section, we propose SecCloud+, which allows for integrity auditing and deduplication on encrypted files. A. System Model Compared with SecCloud, our proposed SecCloud+ involves an additional trusted entity, namely key server, which is responsible for assigning clients with secret key (according to the file content) for encrypting files. This architecture is in line with the recent work. But our work is distinguished with the previous work by allowing for integrity auditing on encrypted data. SecCloud+ follows the same three protocols (i.e., the file uploading protocol, the integrity auditing protocol and the proof of ownership protocol) as with SecCloud. The only difference is the file uploading protocol in SecCloud+ involves an additional phase for communication between cloud client and key server. That is, the client needs to communicate with the key server to get the convergent key for
encrypting the uploading file before the phase 2 in SecCloud. Unlike SecCloud, another design goals of file onfidentiality is desired in SecCloud+ as follows. • File Confidentiality. The design goal of file confidentiality requires to prevent the cloud servers from accessing the content of files. Specially, we require that the goal of file confidentiality needs to be resistant to “dictionary attack”. That is, even the adversaries have pre-knowledge of the “dictionary” which includes all the possible files, they still cannot recover the target file. B. SecCloud+ Details We introduce the system setup phase of SecCloud+ as follows. • System Setup. As with SecCloud, the auditor initializes the public key pk = (g_; {ui}t i=1) and private key sk = _, where g; u1; u2; : : : ; ut ∈ R G. In addition, to preserve the confidentiality of files, initially, the key server picks a random key ks for further generating file encryption keys, and each client is assigned with a secret key ck for encapsulating file encryption keys. CONCLUSION Aiming at achieving both data integrity and deduplication in cloud, we propose SecCloud and SecCloud+. SecCloud introduces an auditing entity with
maintenance of a MapReduce cloud, which helps clients generate data tags before uploading as well as audit the integrity of data having been stored in cloud. In addition, SecCoud enables secure deduplication through introducing a Proof of Ownership protocol and preventing the leakage of side channel information in data deduplication. Compared with previous work, the computation by user in SecCloud is greatly reduced during the file uploading and auditing phases. SecCloud+ is an advanced construction motivated by the fact that customers always want to encrypt their data before uploading, and allows for integrity auditing and secure deduplication directly on encrypted data. REFERENCES [1] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A view of cloud computing,” Communication of the ACM, vol. 53, no. 4, pp. 50–58, 2010. [2] J. Yuan and S. Yu, “Secure and constant cost public cloud storage auditing with deduplication,” in IEEE Conference on Communications and Network Security (CNS), 2013, pp. 145–153.
[3] S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg, “Proofs of ownership in remote storage systems,” in Proceedings of the 18th ACM Conference on Computerand CommunicationsSecurity. ACM, 2011, pp. 491–500. [4] S. Keelveedhi, M. Bellare, and T. Ristenpart, “Dupless: Serveraided encryption for deduplicated storage,” in Proceedings of the 22Nd USENIX Conference on Security, ser. SEC’13. Washington, D.C.: USENIX Association, 2013, pp. 179– 194. [Online]. Available: https://www.usenix.org/conference/usenixsecurity13/technicalsessions/ presentation/bellare [5] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted stores,” in Proceedings of the 14th ACM Conference on Computer and Communications Security, ser. CCS ’07. New York, NY, USA: ACM, 2007, pp. 598– 609. [6] G. Ateniese, R. Burns, R. Curtmola, J. Herring, O. Khan, L. Kissner, Z. Peterson, and D. Song, “Remote data checking using provable data possession,” ACM Trans. Inf. Syst. Secur., vol. 14, no. 1, pp. 12:1–12:34, 2011. [7] G. Ateniese, R. Di Pietro, L. V. Mancini, and G. Tsudik, “Scalable and efficient provable data possession,” in Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, ser. SecureComm ’08. New York, NY, USA: ACM, 2008, pp. 9:1–9:10.

Recommended

5. prin credinta sara
5. prin credinta sara5. prin credinta sara
5. prin credinta saraFlorin Enescu
 
Conversión de un numero decimal a binario
Conversión de un numero decimal a binarioConversión de un numero decimal a binario
Conversión de un numero decimal a binarioDarwin Linares
 
Deduplication
DeduplicationDeduplication
Deduplication
Lars Marius Garshol
 
Secure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudSecure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloud
CloudTechnologies
 
an enhanced multi layered cryptosystem based secure
an enhanced multi layered cryptosystem based securean enhanced multi layered cryptosystem based secure
an enhanced multi layered cryptosystem based secure
IJAEMSJORNAL
 
Secure Auditing and Deduplicating Data in Cloud
Secure Auditing and Deduplicating Data in CloudSecure Auditing and Deduplicating Data in Cloud
Secure Auditing and Deduplicating Data in Cloud
1crore projects
 
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET- Secure Data Deduplication for Cloud Server using HMAC AlgorithmIRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET Journal
 
Secure Auditing and Deduplicating Data on Cloud
Secure Auditing and Deduplicating Data on CloudSecure Auditing and Deduplicating Data on Cloud
Secure Auditing and Deduplicating Data on Cloud
IJMTST Journal
 

Recommended

5. prin credinta sara
5. prin credinta sara5. prin credinta sara
5. prin credinta saraFlorin Enescu
 
Conversión de un numero decimal a binario
Conversión de un numero decimal a binarioConversión de un numero decimal a binario
Conversión de un numero decimal a binarioDarwin Linares
 
Deduplication
DeduplicationDeduplication
Deduplication
Lars Marius Garshol
 
Secure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudSecure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloud
CloudTechnologies
 
an enhanced multi layered cryptosystem based secure
an enhanced multi layered cryptosystem based securean enhanced multi layered cryptosystem based secure
an enhanced multi layered cryptosystem based secure
IJAEMSJORNAL
 
Secure Auditing and Deduplicating Data in Cloud
Secure Auditing and Deduplicating Data in CloudSecure Auditing and Deduplicating Data in Cloud
Secure Auditing and Deduplicating Data in Cloud
1crore projects
 
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET- Secure Data Deduplication for Cloud Server using HMAC AlgorithmIRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET- Secure Data Deduplication for Cloud Server using HMAC Algorithm
IRJET Journal
 
Secure Auditing and Deduplicating Data on Cloud
Secure Auditing and Deduplicating Data on CloudSecure Auditing and Deduplicating Data on Cloud
Secure Auditing and Deduplicating Data on Cloud
IJMTST Journal
 
Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...
IJECEIAES
 
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATAEXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
IRJET Journal
 
Secure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudSecure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloud
Pvrtechnologies Nellore
 
IJSRED-V2I2P10
IJSRED-V2I2P10IJSRED-V2I2P10
IJSRED-V2I2P10
IJSRED
 
Enhancing Data Security in Cloud Storage Auditing With Key Abstraction
Enhancing Data Security in Cloud Storage Auditing With Key AbstractionEnhancing Data Security in Cloud Storage Auditing With Key Abstraction
Enhancing Data Security in Cloud Storage Auditing With Key Abstraction
paperpublications3
 
Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...
IJSRED
 
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET Journal
 
Enabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud ServerEnabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud Server
IOSR Journals
 
Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud Computing Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud Computing
IJMER
 
A Novel Method of Directly Auditing Integrity On Encrypted Data
A Novel Method of Directly Auditing Integrity On Encrypted DataA Novel Method of Directly Auditing Integrity On Encrypted Data
A Novel Method of Directly Auditing Integrity On Encrypted Data
IRJET Journal
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
Vasanth Mca
 
Hybrid Cloud Approach for Secure Authorized Deduplication
Hybrid Cloud Approach for Secure Authorized DeduplicationHybrid Cloud Approach for Secure Authorized Deduplication
Hybrid Cloud Approach for Secure Authorized DeduplicationPrem Rao
 
IRJET- Anchoring of Cloud Information under Key Presentation
IRJET- Anchoring of Cloud Information under Key PresentationIRJET- Anchoring of Cloud Information under Key Presentation
IRJET- Anchoring of Cloud Information under Key Presentation
IRJET Journal
 
Enabling cloud storage auditing with verifiable
Enabling cloud storage auditing with verifiableEnabling cloud storage auditing with verifiable
Enabling cloud storage auditing with verifiable
Kamal Spring
 
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
cscpconf
 
1-160730050929.pptx dynamic hash table info
1-160730050929.pptx dynamic hash table info1-160730050929.pptx dynamic hash table info
1-160730050929.pptx dynamic hash table info
MdjunaidAli3
 
1z0-997-21 (4).pdf
1z0-997-21 (4).pdf1z0-997-21 (4).pdf
1z0-997-21 (4).pdf
MohamedHusseinEid
 
Identity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud StorageIdentity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud Storage
1crore projects
 
IEEE paper 2014 abstract
IEEE paper 2014 abstractIEEE paper 2014 abstract
IEEE paper 2014 abstract
Senthilvel S
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
B Navya
 
Subgraph matching with set similarity in a
Subgraph matching with set similarity in aSubgraph matching with set similarity in a
Subgraph matching with set similarity in a
nexgentech15
 
Rule based method for entity resolution
Rule based method for entity resolutionRule based method for entity resolution
Rule based method for entity resolution
nexgentech15
 

More Related Content

Similar to Secure auditing and deduplicating data in cloud

Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...
IJECEIAES
 
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATAEXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
IRJET Journal
 
Secure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudSecure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloud
Pvrtechnologies Nellore
 
IJSRED-V2I2P10
IJSRED-V2I2P10IJSRED-V2I2P10
IJSRED-V2I2P10
IJSRED
 
Enhancing Data Security in Cloud Storage Auditing With Key Abstraction
Enhancing Data Security in Cloud Storage Auditing With Key AbstractionEnhancing Data Security in Cloud Storage Auditing With Key Abstraction
Enhancing Data Security in Cloud Storage Auditing With Key Abstraction
paperpublications3
 
Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...
IJSRED
 
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET Journal
 
Enabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud ServerEnabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud Server
IOSR Journals
 
Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud Computing Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud Computing
IJMER
 
A Novel Method of Directly Auditing Integrity On Encrypted Data
A Novel Method of Directly Auditing Integrity On Encrypted DataA Novel Method of Directly Auditing Integrity On Encrypted Data
A Novel Method of Directly Auditing Integrity On Encrypted Data
IRJET Journal
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
Vasanth Mca
 
Hybrid Cloud Approach for Secure Authorized Deduplication
Hybrid Cloud Approach for Secure Authorized DeduplicationHybrid Cloud Approach for Secure Authorized Deduplication
Hybrid Cloud Approach for Secure Authorized DeduplicationPrem Rao
 
IRJET- Anchoring of Cloud Information under Key Presentation
IRJET- Anchoring of Cloud Information under Key PresentationIRJET- Anchoring of Cloud Information under Key Presentation
IRJET- Anchoring of Cloud Information under Key Presentation
IRJET Journal
 
Enabling cloud storage auditing with verifiable
Enabling cloud storage auditing with verifiableEnabling cloud storage auditing with verifiable
Enabling cloud storage auditing with verifiable
Kamal Spring
 
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
cscpconf
 
1-160730050929.pptx dynamic hash table info
1-160730050929.pptx dynamic hash table info1-160730050929.pptx dynamic hash table info
1-160730050929.pptx dynamic hash table info
MdjunaidAli3
 
Identity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud StorageIdentity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud Storage
1crore projects
 
IEEE paper 2014 abstract
IEEE paper 2014 abstractIEEE paper 2014 abstract
IEEE paper 2014 abstract
Senthilvel S
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
B Navya
 

Similar to Secure auditing and deduplicating data in cloud (20)

Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...
 
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATAEXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
EXPLORING WOMEN SECURITY BY DEDUPLICATION OF DATA
 
Secure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudSecure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloud
 
IJSRED-V2I2P10
IJSRED-V2I2P10IJSRED-V2I2P10
IJSRED-V2I2P10
 
Enhancing Data Security in Cloud Storage Auditing With Key Abstraction
Enhancing Data Security in Cloud Storage Auditing With Key AbstractionEnhancing Data Security in Cloud Storage Auditing With Key Abstraction
Enhancing Data Security in Cloud Storage Auditing With Key Abstraction
 
Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...
 
IRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud StorageIRJET - Confidential Image De-Duplication in Cloud Storage
IRJET - Confidential Image De-Duplication in Cloud Storage
 
Enabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud ServerEnabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud Server
 
Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud Computing Towards Secure and Dependable Storage Services in Cloud Computing
Towards Secure and Dependable Storage Services in Cloud Computing
 
A Novel Method of Directly Auditing Integrity On Encrypted Data
A Novel Method of Directly Auditing Integrity On Encrypted DataA Novel Method of Directly Auditing Integrity On Encrypted Data
A Novel Method of Directly Auditing Integrity On Encrypted Data
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
 
Hybrid Cloud Approach for Secure Authorized Deduplication
Hybrid Cloud Approach for Secure Authorized DeduplicationHybrid Cloud Approach for Secure Authorized Deduplication
Hybrid Cloud Approach for Secure Authorized Deduplication
 
IRJET- Anchoring of Cloud Information under Key Presentation
IRJET- Anchoring of Cloud Information under Key PresentationIRJET- Anchoring of Cloud Information under Key Presentation
IRJET- Anchoring of Cloud Information under Key Presentation
 
Enabling cloud storage auditing with verifiable
Enabling cloud storage auditing with verifiableEnabling cloud storage auditing with verifiable
Enabling cloud storage auditing with verifiable
 
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
An Comparison with Property Based Resource Attestation to Secure Cloud Enviro...
 
1-160730050929.pptx dynamic hash table info
1-160730050929.pptx dynamic hash table info1-160730050929.pptx dynamic hash table info
1-160730050929.pptx dynamic hash table info
 
1z0-997-21 (4).pdf
1z0-997-21 (4).pdf1z0-997-21 (4).pdf
1z0-997-21 (4).pdf
 
Identity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud StorageIdentity-Based Distributed Provable Data Possession in Multicloud Storage
Identity-Based Distributed Provable Data Possession in Multicloud Storage
 
IEEE paper 2014 abstract
IEEE paper 2014 abstractIEEE paper 2014 abstract
IEEE paper 2014 abstract
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
 

More from nexgentech15

Subgraph matching with set similarity in a
Subgraph matching with set similarity in aSubgraph matching with set similarity in a
Subgraph matching with set similarity in a
nexgentech15
 
Rule based method for entity resolution
Rule based method for entity resolutionRule based method for entity resolution
Rule based method for entity resolution
nexgentech15
 
Privacy policy inference of user uploaded
Privacy policy inference of user uploadedPrivacy policy inference of user uploaded
Privacy policy inference of user uploaded
nexgentech15
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile apps
nexgentech15
 
Provable multicopy dynamic data possession
Provable multicopy dynamic data possessionProvable multicopy dynamic data possession
Provable multicopy dynamic data possession
nexgentech15
 
Orchestrating bulk data transfers across
Orchestrating bulk data transfers acrossOrchestrating bulk data transfers across
Orchestrating bulk data transfers across
nexgentech15
 
New algorithms for secure outsourcing of
New algorithms for secure outsourcing ofNew algorithms for secure outsourcing of
New algorithms for secure outsourcing of
nexgentech15
 
Identity based encryption with outsourced
Identity based encryption with outsourcedIdentity based encryption with outsourced
Identity based encryption with outsourced
nexgentech15
 
Cost effective authentic and anonymous
Cost effective authentic and anonymousCost effective authentic and anonymous
Cost effective authentic and anonymous
nexgentech15
 
Control cloud data access privilege and
Control cloud data access privilege andControl cloud data access privilege and
Control cloud data access privilege and
nexgentech15
 
A trusted iaa s environment
A trusted iaa s environmentA trusted iaa s environment
A trusted iaa s environment
nexgentech15
 
A profit maximization scheme with guaranteed
A profit maximization scheme with guaranteedA profit maximization scheme with guaranteed
A profit maximization scheme with guaranteed
nexgentech15
 
User defined privacy grid system
User defined privacy grid system User defined privacy grid system
User defined privacy grid system
nexgentech15
 
Learning to rank image tags with limited
Learning to rank image tags with limitedLearning to rank image tags with limited
Learning to rank image tags with limited
nexgentech15
 
Detecting malicious facebook applications
Detecting malicious facebook applicationsDetecting malicious facebook applications
Detecting malicious facebook applications
nexgentech15
 
Collusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sumCollusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sum
nexgentech15
 
Automatic face naming by learning discriminative
Automatic face naming by learning discriminativeAutomatic face naming by learning discriminative
Automatic face naming by learning discriminative
nexgentech15
 
A computational dynamic trust model
A computational dynamic trust modelA computational dynamic trust model
A computational dynamic trust model
nexgentech15
 
Space efficient verifiable secret sharing
Space efficient verifiable secret sharingSpace efficient verifiable secret sharing
Space efficient verifiable secret sharing
nexgentech15
 
Query aware determinization of uncertain
Query aware determinization of uncertainQuery aware determinization of uncertain
Query aware determinization of uncertain
nexgentech15
 

More from nexgentech15 (20)

Subgraph matching with set similarity in a
Subgraph matching with set similarity in aSubgraph matching with set similarity in a
Subgraph matching with set similarity in a
 
Rule based method for entity resolution
Rule based method for entity resolutionRule based method for entity resolution
Rule based method for entity resolution
 
Privacy policy inference of user uploaded
Privacy policy inference of user uploadedPrivacy policy inference of user uploaded
Privacy policy inference of user uploaded
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile apps
 
Provable multicopy dynamic data possession
Provable multicopy dynamic data possessionProvable multicopy dynamic data possession
Provable multicopy dynamic data possession
 
Orchestrating bulk data transfers across
Orchestrating bulk data transfers acrossOrchestrating bulk data transfers across
Orchestrating bulk data transfers across
 
New algorithms for secure outsourcing of
New algorithms for secure outsourcing ofNew algorithms for secure outsourcing of
New algorithms for secure outsourcing of
 
Identity based encryption with outsourced
Identity based encryption with outsourcedIdentity based encryption with outsourced
Identity based encryption with outsourced
 
Cost effective authentic and anonymous
Cost effective authentic and anonymousCost effective authentic and anonymous
Cost effective authentic and anonymous
 
Control cloud data access privilege and
Control cloud data access privilege andControl cloud data access privilege and
Control cloud data access privilege and
 
A trusted iaa s environment
A trusted iaa s environmentA trusted iaa s environment
A trusted iaa s environment
 
A profit maximization scheme with guaranteed
A profit maximization scheme with guaranteedA profit maximization scheme with guaranteed
A profit maximization scheme with guaranteed
 
User defined privacy grid system
User defined privacy grid system User defined privacy grid system
User defined privacy grid system
 
Learning to rank image tags with limited
Learning to rank image tags with limitedLearning to rank image tags with limited
Learning to rank image tags with limited
 
Detecting malicious facebook applications
Detecting malicious facebook applicationsDetecting malicious facebook applications
Detecting malicious facebook applications
 
Collusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sumCollusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sum
 
Automatic face naming by learning discriminative
Automatic face naming by learning discriminativeAutomatic face naming by learning discriminative
Automatic face naming by learning discriminative
 
A computational dynamic trust model
A computational dynamic trust modelA computational dynamic trust model
A computational dynamic trust model
 
Space efficient verifiable secret sharing
Space efficient verifiable secret sharingSpace efficient verifiable secret sharing
Space efficient verifiable secret sharing
 
Query aware determinization of uncertain
Query aware determinization of uncertainQuery aware determinization of uncertain
Query aware determinization of uncertain
 

Recently uploaded

GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
Nguyen Thanh Tu Collection
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
AzmatAli747758
 
Introduction to Quality Improvement Essentials
Introduction to Quality Improvement EssentialsIntroduction to Quality Improvement Essentials
Introduction to Quality Improvement Essentials
Excellence Foundation for South Sudan
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Ethnobotany and Ethnopharmacology ......
Ethnobotany and Ethnopharmacology ......Ethnobotany and Ethnopharmacology ......
Ethnobotany and Ethnopharmacology ......
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumers
PedroFerreira53928
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)
rosedainty
 
How to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsHow to Break the cycle of negative Thoughts
How to Break the cycle of negative Thoughts
Col Mukteshwar Prasad
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
Anna Sz.
 
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdfESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
Fundacja Rozwoju Społeczeństwa Przedsiębiorczego
 

Recently uploaded (20)

GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
 
Introduction to Quality Improvement Essentials
Introduction to Quality Improvement EssentialsIntroduction to Quality Improvement Essentials
Introduction to Quality Improvement Essentials
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Ethnobotany and Ethnopharmacology ......
Ethnobotany and Ethnopharmacology ......Ethnobotany and Ethnopharmacology ......
Ethnobotany and Ethnopharmacology ......
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumers
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)
 
How to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsHow to Break the cycle of negative Thoughts
How to Break the cycle of negative Thoughts
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
 
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdfESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
 

Secure auditing and deduplicating data in cloud

  • 1. SECURE AUDITING AND DEDUPLICATING DATA IN CLOUD Abstract—As the cloud computing technology develops during the last decade, outsourcing data to cloud service for storage becomes an attractive trend, which benefits in sparing efforts on heavy data maintenance and management. Nevertheless, since the outsourced cloud storage is not fully trustworthy, it raises security concerns on how to realize data deduplication in cloud while achieving integrity auditing. In this work, we study the problem of integrity auditing and secure deduplication on cloud data. Specifically, aiming at achieving both data integrity and deduplication in cloud, we propose two secure systems, namely SecCloud and SecCloud+. SecCloud introduces an auditing entity with a maintenance of a MapReduce cloud, which helps clients generate data tags before uploading as well as audit the integrity of data having been stored in cloud. Compared with previous work, the computation by user in SecCloud is greatly reduced during the file uploading and auditing phases. SecCloud+ is designed motivated by the fact that customers always want to encrypt their data before uploading, and enables integrity auditing and secure deduplication on encrypted data.
  • 2. EXISTING SYSTEM: Since our work is related to both integrity auditing and secure deduplication, we review the works in both areas in the following subsections, respectively. A. Integrity Auditing The definition of provable data possession (PDP) was introduced by Ateniese et al. for assuring that the cloud servers possess the target files without retrieving or downloading the whole data. Essentially, PDP is a probabilistic proof protocol by sampling a random set of blocks and asking the servers to prove that they exactly possess these blocks, and the verifier only maintaining a small amount of metadata is able to perform the integrity checking. After Ateniese et al.’s proposal, several works concerned on how to realize PDP on dynamic scenario: Ateniese et al. proposed a dynamic PDP schema but without insertion operation; Erway et al. improved Ateniese et al.’s work and supported insertion by introducing authenticated flip table; A similar work has also been contributed . Nevertheless, these proposals suffer from the computational overhead for tag generation at the client. To fix this issue, Wang et al. proposed proxy PDP in public clouds. Zhu et al proposed the cooperative PDP in multi-cloud storage. Another line of work supporting integrity auditing is proof of retrievability (POR) . Compared with PDP, POR not merely assures the cloud servers possess the target files, but also guarantees their full recovery. , clients apply erasure codes and
  • 3. generate authenticators for each block for verifiability and retrievability. In order to achieve efficient data dynamics, Wang et al. improved the POR model by manipulating the classic Merkle hash tree construction for block tag authentication. Xu and Chang proposed to improve the POR schema with polynomial commitment for reducing communication cost. PROPOSED SYSTEM: In this paper, aiming at achieving data integrity and deduplication in cloud, we propose two secure systems namely SecCloud and SecCloud+. SecCloud introduces an auditing entity with a maintenance of a MapReduce cloud, which helps clients generate data tags before uploading as well as audit the integrity of data having been stored in cloud. This design fixes the issue of previous work that the computational load at user or auditor is too huge for tag generation. For completeness of fine-grained, the functionality of auditing designed in SecCoud is supported on both block level and sector level. In addition, SecCoud also enables secure deduplication. Notice that the “security” considered in SecCoud is the prevention of leakage of side channel information. In order to prevent the leakage of such side channel information, we follow the tradition and design a proof of ownership protocol between clients and cloud servers, which allows clients to prove to cloud servers that they exactly own the target data.
  • 4. Module 1 Bilinear Map and Computational Assumption Definition 1 (Bilinear Map): Let G and GT be two cyclic multiplicative groups of large prime order p. A bilinear pairing is a map e : G × G → GT with the following properties: • Bilinear: e(ga 1 ; gb2 ) = e(g1; g2)ab for all g1; g2 ∈ R G and a; b ∈ R Zp; • Non-degenerate: There exists g1; g2 ∈ G such that e(g1; g2) ̸= 1; • Computable: There exists efficient algorithm to compute e(g1; g2) for all g1; g2 ∈ R G. The examples of such groups can be found in supersingular elliptic curves or hyperelliptic curves over finite fields, and the bilinear pairings can be derived from the Weil or Tate pairings. For more details, see [24]. We then describe the Computational Diffie-Hellman problem, the hardness of which will be the basis of the security of our proposed schemes. Definition 2 (CDH Problem): The Computational Diffie- Hellman problem is that, given g; gx; gy ∈ G1 for unknown x; y ∈ Z∗ p, to compute gxy.
  • 5. Module2 System Model Aiming at allowing for auditable and deduplicated storage, we propose the SecCloud system. In the SecCloud system, we have three entities: • Cloud Clients have large data files to be stored and rely on the cloud for data maintenance and computation. They can be either individual consumers or commercial organizations; • Cloud Servers virtualize the resources according to the requirements of clients and expose them as storage pools. Typically, the cloud clients may buy or lease storage capacity from cloud servers, and store their individual data in these bought or rented spaces forfuture utilization; • Auditor which helps clients upload and audit their outsourced data maintains a MapReduce cloud and acts like a certificate authority. This assumption presumes that the auditor is associated with a pair of public and private keys. Its public key is made available to the other entities in the system. Module 3 SecCloudDetails
  • 6. In this subsection, we respectively describe the three protocols including file uploading protocol, integrity auditing protocol and proof of ownership protocol in SecCloud. Before our detailed elaboration, we firstly introduce the system setup phase of SecCloud, which initializes the public and private parameters of the system. • System Setup. The auditor working as an authority picks a random integer _ ∈R Zp as well as random elements g; u1; u2; : : : ut ∈ R G, where t specifies the maximum number of sectors in a file block. The secret key sk is set to be _ and kept secret, while the public key pk = (g_; {ui}t i=1) is published to other entities. 1) File Uploading Protocol: Based on the public and private parameters generated in system setup, we then describe the file uploading protocol. Suppose the uploading file F has blocks: B1;B2; : : : ;Bs, and each block Bi for i = 1; 2; : : : ; s contains t sectors: Bi1;Bi2; : : : ;Bit. Let n be the number of slave nodes in the MapReduce cloud. As declared in Section IV-A, the file uploading protocol involves three phases. The client runs the deduplication test by sending hash value of the file Hash(F) to the cloud server. If there is a duplicate, the cloud client performs Proof of Ownership protocol with the cloud server which will be described later. If it is passed, the user is authorized to access this stored file without uploading the file.
  • 7. Module 4 Seccloud We specify that our proposed SecCloud system has achieved both integrity auditing and file deduplication. However, it cannot prevent the cloud servers from knowing the content of files having been stored. In other words, the functionalities of integrity auditing and secure deduplication are only imposed on plain files. In this section, we propose SecCloud+, which allows for integrity auditing and deduplication on encrypted files. A. System Model Compared with SecCloud, our proposed SecCloud+ involves an additional trusted entity, namely key server, which is responsible for assigning clients with secret key (according to the file content) for encrypting files. This architecture is in line with the recent work. But our work is distinguished with the previous work by allowing for integrity auditing on encrypted data. SecCloud+ follows the same three protocols (i.e., the file uploading protocol, the integrity auditing protocol and the proof of ownership protocol) as with SecCloud. The only difference is the file uploading protocol in SecCloud+ involves an additional phase for communication between cloud client and key server. That is, the client needs to communicate with the key server to get the convergent key for
  • 8. encrypting the uploading file before the phase 2 in SecCloud. Unlike SecCloud, another design goals of file onfidentiality is desired in SecCloud+ as follows. • File Confidentiality. The design goal of file confidentiality requires to prevent the cloud servers from accessing the content of files. Specially, we require that the goal of file confidentiality needs to be resistant to “dictionary attack”. That is, even the adversaries have pre-knowledge of the “dictionary” which includes all the possible files, they still cannot recover the target file. B. SecCloud+ Details We introduce the system setup phase of SecCloud+ as follows. • System Setup. As with SecCloud, the auditor initializes the public key pk = (g_; {ui}t i=1) and private key sk = _, where g; u1; u2; : : : ; ut ∈ R G. In addition, to preserve the confidentiality of files, initially, the key server picks a random key ks for further generating file encryption keys, and each client is assigned with a secret key ck for encapsulating file encryption keys. CONCLUSION Aiming at achieving both data integrity and deduplication in cloud, we propose SecCloud and SecCloud+. SecCloud introduces an auditing entity with
  • 9. maintenance of a MapReduce cloud, which helps clients generate data tags before uploading as well as audit the integrity of data having been stored in cloud. In addition, SecCoud enables secure deduplication through introducing a Proof of Ownership protocol and preventing the leakage of side channel information in data deduplication. Compared with previous work, the computation by user in SecCloud is greatly reduced during the file uploading and auditing phases. SecCloud+ is an advanced construction motivated by the fact that customers always want to encrypt their data before uploading, and allows for integrity auditing and secure deduplication directly on encrypted data. REFERENCES [1] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A view of cloud computing,” Communication of the ACM, vol. 53, no. 4, pp. 50–58, 2010. [2] J. Yuan and S. Yu, “Secure and constant cost public cloud storage auditing with deduplication,” in IEEE Conference on Communications and Network Security (CNS), 2013, pp. 145–153.
  • 10. [3] S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg, “Proofs of ownership in remote storage systems,” in Proceedings of the 18th ACM Conference on Computerand CommunicationsSecurity. ACM, 2011, pp. 491–500. [4] S. Keelveedhi, M. Bellare, and T. Ristenpart, “Dupless: Serveraided encryption for deduplicated storage,” in Proceedings of the 22Nd USENIX Conference on Security, ser. SEC’13. Washington, D.C.: USENIX Association, 2013, pp. 179– 194. [Online]. Available: https://www.usenix.org/conference/usenixsecurity13/technicalsessions/ presentation/bellare [5] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted stores,” in Proceedings of the 14th ACM Conference on Computer and Communications Security, ser. CCS ’07. New York, NY, USA: ACM, 2007, pp. 598– 609. [6] G. Ateniese, R. Burns, R. Curtmola, J. Herring, O. Khan, L. Kissner, Z. Peterson, and D. Song, “Remote data checking using provable data possession,” ACM Trans. Inf. Syst. Secur., vol. 14, no. 1, pp. 12:1–12:34, 2011. [7] G. Ateniese, R. Di Pietro, L. V. Mancini, and G. Tsudik, “Scalable and efficient provable data possession,” in Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, ser. SecureComm ’08. New York, NY, USA: ACM, 2008, pp. 9:1–9:10.