35
Keyword Based Search and Secured Data Storage
in Cloud using Hashing and BTA Techniques
R. Amsaleka1, M .Saratha2, P. Periyasamy3
P.G (Scholar), Dept.Computer Science and Engineering, Vivekanandha College of Technology For Women1 Asst.Professor, Dept.Computer Science and Engineering, Vivekanandha College Of Technology For Women2
Pre Press, Lovely Offset Printers Pvt. Ltd., sivakasi3
Email Id : [email protected], [email protected], [email protected]
ABSTRACT
Cloud contains large amount of data but there is a still challenging issues to keep data in Secure and privacy manner. In existing system access control in clouds are centralized. The scheme uses a symmetric key approach and can not support authentication. Symmetric key algorithm uses same key for both encryption and decryption.In centralized approach a single key distribution center distributes secret keys to all authorized users. A new decentralized access control scheme used for storing the data in secure mannar in clouds. The authorty of the user also verified. In this scheme using Secure Hash algorithm for authentication purpose is the one of several cryptographic hash functions, most often used to verify that a file has been unaltered. This system maintains the hash value for each block of user’s data. So any modification in the user’s content can be easily pin pointed by the auditor. This cryptosystem is a probabilistic asymmetric algorithm for public key cryptography. This work also keyword based file searching scheme so that an user can recognize a file using their own keywords
Cloud computing allows companies to avoid upfront infrastructure costs and also focus the projects to differentiate the businesses instead of infrastructure. In cloud computing the applications should run faster and improved manageability with less maintenance. It rapidly adjust resources to meet fluctuating and unpredictable business demand. Cloud providers use a pay as you go method.
Now a days high-capacity networks, storage devices and low-cost computers are the hardware virtualization widespread adoption, service-oriented architecture, autonomic and utility computing have a high growth in cloud computing
Cloud computing providers provides three services models:
Infrastructure as a service (IaaS)
Index Terms - Batch Auditing of client Data, Merkle Hash Tree construction, Advanced Encryption Standard
I. INTRODUCTION
Cloud computing is one of the computing in which large number of servers connected in a network.It allow
centralized data storage. These information are accessed through the online by using computer services or any other resources. Clouds are classified into public, private or hybrid. Cloud computing used for sharing the resources to achieve utility, coherence and economies of scale.
Cloud computing focus to maximizing the effectiveness of the shared resources. Cloud resources are not only shared by multiple users but also dynamically reallocated based on demand.It used to allocating resources to user. For example, the cloud computer facility are it serves Indian users during Indian business hours with a specific application (e.g., gmail) may reallocate the same resources to serve London users during London business hours with a different application (e.g., image process). It maximize the use of computing power and reduce the environmental damage use less power and air conditioning. It required for a variety of functions. In cloud computing, single server can accessed by multiple users for retrieve the data and update the data without purchasing licenses.
Infrastructure as a service is the most basic cloud-service model. The providers of IaaS offer computers and virtual or physical machines and other resources. (A hypervisor, such as VMware ESX/ESXi, Xen, KVM, Oracle VirtualBox, or Hyper-V runs the virtual machines.
Cloud Clients
(Web Browser)
SaaS
(Mail, Virtual Desktop)
PaaS
(DataBase, Web Browser)
IaaS
36
The hypervisors within the cloud operational support-system supports more numbers of virtual machines and the ability to fine the services up and down according to customer requirements. The customers requirements are varied. Infrastructure as a service clouds offer some valuable additional resources such as a raw block storage, virtual local area networks (VLANs) virtual machine disk image library, and object storage or file, load balancers firewalls, IP addresses, and software bundles. Infrastructure as a service cloud providers these resources installed of data centers. For wide-area connectivity, customers use either the carrier clouds or the Internet
The cloud users install the operating-system images and their application software on the cloud infrastructure. In this model, the cloud user control and maintains the operating systems(os) and application software. Cloud providers bill the IaaS services based on the utility computing basis: cost based on the amount of resources allocated and consumed.
Platform as a service (PaaS)
In the Platform as a service model cloud providers provides a computing platform, including programming language execution environment, operating system, database,and web server. Application developers can develop and run the software solutions on the cloud platform costless and complexity of buying and managing the hardware and software layers. PaaS offers like Google App Engine, underlying computer Microsoft Azure and the storage resources scale automatically to match application. So that the cloud user does not allocate resources manually. It latter has also been proposed by an architecture to facilitate real-time in the cloud environments.
The PaaS provides a key chimney and computing platform. It joins with software as a service and infrastructure as a service model of cloud computing.
Software as a service (SaaS)
The business model using software as a service (SaaS) users are provided access to databases application and software. Cloud providers manage the infrastructure and platforms it used to run the applications. SaaS is referred to as on-demand software.It priced on a pay-per-use basis. SaaS providers generally price applications based on subscription fee.
In the Software as a service model, the cloud providers install the application software and operate in the cloud. The cloud users access the software from cloud customers. Cloud users can not manage the cloud platform and cloud infrastructure where the application runs. It eliminates the need to install the application and run the application on the cloud user personal computers. It simplifies support and maintenance. Cloud applications are different from other applications. It can be achieved by cloning tasks and multiple virtual machines at run-time to achive changing work demand. Load balancers distribute their work to the set of virtual
machines. This process is transparent to all cloud users and users sees only a single access point. The cloud used by a large number of cloud users so that cloud applications are multitenant. The machine serves more than one cloud users organization. The price of SaaS applications is based on monthly or yearly flat free users. The price is adjustable if users are added or removed at any particular point.
The Software as a service allows a business the potential to reduce IT operational costs by outsourcing software and hardware maintenance then it support to the cloud provider. It enable the business for reallocating IT operation costs from hardware and software spending and personnel expenses, towards achieving other goals. One disadvantage of SaaS is the users' data are stored in the cloud provider's server. It have a chance for authorized access. To avoid this problem users are use intelligent third-party key management systems for securing the data.
Now a days Introduce a dynamic audit service for verification of untrusted cloud and outsourced data storages. Cloud audit system based on novel audit system architecture. It can support dynamic data operation. It also support timely abnormal detection with effective techniques, like as random sampling , index-hash table and fragment structure. Then it propose an efficient approach based probabilistic periodic verification and query for improving audit services performance. It focus on Rivest Shamir Adleman based Encryption with outsourced decryption. To find the performance of our RSAED algorithm scheme with verifiable outsourced decryption. The user experimental results not only validate the effectiveness of user approaches. But system show the lower computation cost and shorter extra storage for verification.
Providers will not give auditing interfaces. Mechanisms to provide such motivation are like social than technical. These behaviour is to change the mechanism either use incentives or combination or a penalties. For example laws, regulations or loss of reputation are the penalty based mechanism. Market forces need to obtain cost effective insurance. It can create the incentives. It motivate the auditing for support the online service based economy. It highlight the internal and external auditing. The detail ways used for auditing online storage services.
II . PROPOSED TECHNIQUE
A.
Batch Auditing of client Data37 the entire document. But in this batch auditing algorithm it can easily find the exact block modification. Then it will be intimated to the user. It reduces the validating time.
Fig.1 System Architecture
B.
Merkle Hash Tree constructionThis technique is used for generating the hash value for each block of document. Initially the document will be divided into n number of blocks. Each and every block have a equal size. After dividing the blocks the Merkle Hash Tree construction is used to generate a hash value for each block. so that each and every block contains unique value. The Merkel tree is also called as hash tree. In cryptography, The Merkle tree is a tree in which every non-leaf node is labelled with the hash values of its particular child node. Hash trees allow secure and efficient verification of the content of large data. Hash trees are the generalization of hash chains and hash lists. Demonstrating that the leaf node is a part of the given hash tree. It processing amount of data proportional to the logarithm of the number of nodes of the coresponding tree. This contrasts with hash lists. where the amount of data is proportional to the number of nodes.
C.
AES (ADVANCED ENCRYPTIONSTANDARD)
Advanced Encryption Standard algorithm is a symmetric-key algorithm. In this the same key is used for both encrypting the data and also decrypting the data. It is a specification for encryption of electronic data. It established in the year of 2001 by the U.S. National
Institute of Standards and Technology (NIST). AES operates on 4×4 matrix of bytes. It termed as state. It have some versions of Rijndael. It have a larger block size and also have additional columns in the particular state. Most of AES calculations are done in special finite field.
The key size used in AES cipher for specifing the number of repetitions of during the transformation rounds. It convert the input into the final output. The input is called as plain text and the output is called as cipher text.
The steps for converting the plain text into cipher text are given below
1. Take any one of the user information like Username, mobile number, password , document size ,uploaded document name etc
2. Convert bit into byte by using conversion
3. The Byte conversion answers are placed in 64*64 cells
4. Insertion is not a unique order.
5. Re order the cell elements and placed the elements in outside the cell
6. Finally add the document size or mobile number into reorder element
The number of cycles is used for repetition is as follows:
128-bit keys for 10 cycles of repetition.
192-bit keys for 12 cycles of repetition.
256-bit keys for 14 cycles of repetition.
Each round consists of more number of processing steps. Each step containing four similar but different stages. It including one that have a encryption key itself. A set of reverse rounds are applied to ciphertext for converting the cipher text into original plaintext. It use same key for both encryption and decryption.
High-level description algorithm
1. Key Expansion — By using the Rijndael's key schedule for round keys derived from cipher key. AES requires a separate 128-bit round key for each round and one more.
2.Initial Round
Add Round Key — Block of the round key is combined with each byte of the state using bitwise xor operation.
3.Rounds
38
Shift Rows — It is a transposition step.It is used for where the last three rows of the state are shifted cyclically in a certain number of steps.
Mix Columns — In a mixing operation it operates on the columns of the each state. Each state combining the four bytes in each column.
4.Add Round Key
Final Round (no Mixing operation in each Columns)
Sub Bytes
Shift Rows
Add Round Key.
III. SYSTEM MODEL
A.Network architecture for cloud data Storage
The Cloud architecture is a systems architecture of the software systems. It involves the delivery of cloud computing. Multiple cloud components can communicating with each other. To over application programming interfaces, usually use web services. It resembles the UNIX philosophy. It having multiple programs, each doing one thing well and working together to over universal interfaces. Complexity is controlled then the resulting systems are manageable than monolithic counterparts. The two significant components of cloud computing are known as front end and back end.
The front end is seen by the client, i.e. computer user. It includes the client’s network. The applications are used to access the cloud by using a user interface like web browser. The back end of the cloud computing is cloud. To comprising various computers, storage devices servers and data.
B. Verification protocol for data Integrity
The Public Key Cryptography based homomorphic authenticator (e.g., RSA signature-based or BLS signature authenticator) to use the verification protocol with public auditability. The following description, the BLS based scheme used for data dynamics.
Encryption/Decryption Module
Jenkins Hash Function
1. Take any one of the user information like Username, mobile number, password , document size ,uploaded document name etc
2. Convert bit into byte by using conversion
3. The Byte conversion answers are placed in 64*64 cells
4. Insertion is not a unique order.
5. Re order the cell elements and placed the elements in outside the cell.
Fig.1 Framework of authorized keyword search over encrypted cloud data
6. Finally add the document size or mobile number into reorder element
The number of cycles is used for repetition is as follows:
128-bit keys for 10 cycles of repetition.
192-bit keys for 12 cycles of repetition.
256-bit keys for 14 cycles of repetition.
35 C. Merkle Hash Tree for block Tag Authentication
A common form of hash trees is called Merkle hash tree. The root hash value is total size of the file set. The piece size are the only information in the system. It comes from a trusted source. A client that has only the root hash it used for check file at any piece as follows.
It calculates the hash value of the piece of information it received. Specifically, the server
Replaces outputs
Replaces the hash function and
Replaces the block.
D. Block Modification operations
In Our scheme can explicitly and efficiently handle dynamic data operations for cloud data storage:
Data Modification: In data modification, which is one of the most frequently used operations in cloud data storage. A basic data modification operation refers to the replacement of specified blocks with new ones.
Data Insertion: Compared to data modification, which does not change the logic structure of client’s data file, another general form of data operation, data insertion, refers to inserting new blocks after some specified positions in the data file F.
Data Deletion: Data deletion is just the opposite operation of data insertion. For single block deletion, it refers to deleting the specified block and moving all the latter blocks one block forward. The details of the protocol procedures are similar to that of data modification and insertion, which are thus omitted here.
E. Batch Auditing of client Data
As cloud servers may concurrently handle multiple verification sessions from different clients, given K signatures on K distinct data files from K clients, it is more advantageous to aggregate all these signatures into a single short one and verify it at one time. To achieve this goal, the provable data updates and verification in a multi client system is allowed.
This module perform the audition of client data in the batch basis. Using Merkle Hash Tree algorithm hash value will be generated for each block of document. Then the hash value of each block will be maintained individually so that the audition of document for modification would be made easy. If any intruder change the content of the document, the existing system will check the entire document for modification. But in this batch audition it can easily narrow the exact block being modified and will be intimated. This reduces the time of validation.
IV . CONCLUSION
Proposed system define and solve the problem of multi-keyword ranked search over encrypted cloud data, and establish a variety of privacy requirements. Among various multi-keyword semantics,it choose the efficient similarity measure of ―keyword matching‖. For meeting the challenge of supporting multi-keyword semantic without privacy breaches, I propose a basic idea of MHTA using secure inner product computation. Then it give two improved MHTA schemes to achieve various stringent privacy requirements in two different threat models. Thorough analysis investigating privacy and efficiency guarantees of proposed schemes is given, and experiments on the real-world dataset show our proposed schemes introduce low overhead on both computation and communication.
REFERENCES
[1] S. Yu, C. Wang, K. Ren, and W. Lou, ―Achieving secure, scalable, and fine-grained data access control in cloud
computing,‖ in Proc. of INFOCOM. IEEE, 2010, pp. 1–9.
[2] M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, ―Scalable and
secure sharing of personal health records in cloud computing
