Australian Journal of Basic and Applied Sciences
ISSN:1991-8178Journal home page: www.ajbasweb.com
Corresponding Author: S.K.Mouleeswaran, Assistant Professor, Department of Computer Science and Engineering, RVS Technical Campus, Coimbatore, TamilNadu, India.
E-mail: [email protected]
Secure and Efficient Dynamic Data Operations in Cloud Computing
1S.K. Mouleeswaran, 2Dr.A. Grace Selvarani, 3J. Kanya Devi1Assistant Professor, Department of Computer Science and Engineering, RVS Technical Campus, Coimbatore, TamilNadu, India.
2Professor & Head, Department of Computer Science and Engineering(PG), Sri Ramakrishna Engineering College, Coimbatore,
TamilNadu, India.
3Assistant Professor, Department of Computer Science and Engineering, Sri Shakthi Institute of Engineering and Technology, Coimbatore,
TamilNadu, India.
A R T I C L E I N F O A B S T R A C T
Article history:
Received 25 June 2014 Received in revised form 8 July 2014
Accepted 25 August July 2014 Available online 29 September 2014
Keywords:
Cloud Computing, Third Party Auditing, Dynamic, Outsourced, Token Pre-Computation.
High quality of remote storage for on demand data without worrying about hardware and software running is provided by cloud computing. The user need not to physically posses their outsourced data since it creates new threats towards the stored data on cloud. A solution to address the new problem for achieving secure and reliable cloud services the paper proposes a trusted third party auditing, token pre-computation and erasure rule data are deployed. The scheme allows users to audit cloud storage with minimum computing and communication costs. The results guarantee storage correctness and fast access to misbehaving servers. The cloud data are considered to be dynamic, the proposed system supports for secure and efficient dynamic operations onto outsourced data including chunk alteration, erasure, add.
© 2014 AENSI Publisher All rights reserved. To Cite This Article: S.K.Mouleeswaran, Dr.A.Grace Selvarani, J.Kanya Devi, Secure and Efficient Dynamic Data Operations in Cloud Computing.Paper title. Aust. J. Basic & Appl. Sci., 8(15): 211-215, 2014
INTRODUCTION
Due to the remarkable growth in computer technology and internet, the age of cloud computing gave arise to software as a service (SaaS) framework. SaaS holds cheaper but powerful processors for converting data centers into massive collection of computer services. It is possible for the users to access high quality services using data and applications which reside on the servers by using flexible and increased bandwidth network connections. It is possible to utilize large storage space and modifiable computing resources with the help of online services. These internet based services eliminates the data maintenance on local machines over a period of time. This is due to the availability and integrity of data over the internet (Sun Microsystems, Inc., 2009). Though the cloud acts as a reliable computing medium than the personal computing techniques the data reliability arises over time (Arrington, M., 2006; Kincaid, J., 2008; Amazon.com, 2008; Wilson, S., 2008; Krebs, B., 2009). The providers of cloud retards access to the rare data over the internet without being detected in order to cut down cost which parallel increases the profit (Juels, A., et al., 2007). The data losses are hidden from the users to retain the name of cloud providers (Ateniese, G., et al., 2007; Shah, M.A., et al., 2007). The cost benefit for long – term data storage is offered by cloud due to outsourcing but it fails to provide data availability. Good cloud storage must be adamant to guarantee availability and integrity of stored data on demand for the users. The users do not physically posses the data (Juels, A., et al., 2007; Ateniese, G., et al., 2007; Shah, M.A., et al., 2007; Shah, M.A., et al., 2008). The cloud is not just a warehouse which allows for accessing the data on demand but also needs to be updated by users involving inserting, deleting, modifying, appending, etc. The key challenge involved here is combining dynamic feature into the cloud. The data can be stored by the user’s surplus across the cloud storage for reducing the data integrity and availability threats. The distributed protocols provide healthy and secure cloud storage.
Inspiration For The Work:
It is important to highlight the data integrity for inaccessible information under different working conditions (Dodis, Y., et al., 2009). On focusing the single server situation it is possible to ensure storage correctness by restricting the user’s to posses local data. The drawback occurs here is the data availability during server failure. By applying these techniques directly over multiple servers it happen increased operating costs between linear servers. The solution to this problem is provided by the distributed protocols which guarantee data availability
within these multiple servers (Bowers, K.D., et al., 2009; Schwarz, T. and E.L. Miller, 2006; Lillibridge, M., et al., 2003). The solution remains unfinished since their capacity for handling the dynamic data is not clear which limits the usage in cloud storage. The paper proposes a scheme for dynamic data support for making the user data available on cloud. For situations like storage failure it depends upon erasure accuracy code. The file distribution deploys redundancy for data availability in complex servers (Castro, M. and B. Liskov, 2002). It indirectly reduces the operating costs needed for communication and storage as compared to traditional replication mechanism which guarantee the recognition of misbehaving servers using erasure rule data along with distributed verification. A good relation between the erasure rule data and dynamic data is achieved by performing further studies upon algebraic property of token computing and erasure rule data.
Challenges In Solution:
Dependability on data and guarantee in security for cloud storage needs a dynamic data authentication. The key challenges addressed are, the foremost is ensuring the user data stored in appropriate place. Second is the ability to identify malfunctioning server. Third is that the data must be stored at same location over a period of time even after every update, deletion, modification to the data. The fourth is to ensure data availability during complex server failures. Finally the user should gain access to the stored data with operation costs.
Challenges In Solution:
The user storage space provided by the cloud providers runs continuously in a distributed manner. For which, erasure rule is deployed for handling server crashes to address the growth in size and importance of user data. During demand user contacts the provider of cloud for access and retrieval of data. For handling chunk operations like delete, update, insert, modify the data will not be stored locally so, the stored data of the user and its maintenance must be guaranteed. The data storage on cloud must remain secured for which a trusted third party agent is introduced which avoids the data leakage while outsourcing and sustains upon internal and external attacks.
A. Guarantee for Cloud Data Storage:
The key feature of cloud is that it eliminates the need of storing user data locally, which literally means that the availability of data stored on distributed storage must be guaranteed. The key task to focus is unfaithful modification to data and data corruption due to server compromise will arise. These inconsistencies like error in particular server must be addressed to recover from threats/storage losses. The addresses to the key problems are,
A1. File Sharing:
The erasure correction rule handles multiple failures within a distributed cloud storage system. This technique is utilized to route the data file ‘DF’ surplus across the ‘n’ distributed servers. These n distributed servers are accounted as n = d + r, where n stands for distributed servers and‘d’ is the data vectors. The original data d is reconstructed from any‘d + r’ data and redundancy vectors. By placing these ‘d + r’ vectors on n different servers without any data loss it survives failure.
Let d = {d1, d2, ….., dn} and dx = {d1x, d2x,……, dxn}T where {x ϵ [1,…..,n]}. Here, dx represents the
column vector and ‘l’ represents the data vector size in chunks. Then d(d+r) is achieved by,
The encoded file are obtained as,
C = d . A = { C(1), C(2),……, C(n), C(n+1), C(m)} = {d1,d2,…..,dn, C(m+1),…., C(n)}
Here, the original data is obtained by multiplication. ‘C’ term is generated based on d.
A2. Token Pre-Computing:
This technique acts as a verification scheme to assure exactness in stored data and data error localization. Initially, before signaling the file sharing for each and every vector C(j) the token is computed by the user by taking random sets of data chunks. The exactness on stored data can be performed by the cloud server using a signature over the chunk after which is returned back to the user. The value of signature will match the pre-computed user tokens. Since the user utilizes a random set of generated chinks, the response to the request should also be valid. After generation of token the user can hold the pre-computed token either locally (or)
since, it is a dynamic data operation. Upon calculation of all the tokens and before file sharing is to screen similarity in C(m+1),…., C(n) by,
Cx(i) Cx(i) + fsi (Csxi), i ϵ [i,…, l]
Here, si is the secret key, Csxi denotes the cloud server and gx(i) is the encoded vector.
A3. Error Localization:
The per-requirements for eliminating errors in storage are locating the errors. The threats from external factors must also be focused equally. The paper defines a challenge reply protocol where the values are returned by the servers upon every challenge. It verifies the correctness in stored data and also contains the description for locating possible errors in data.
A4. Revival of Errors:
The proposed verification scheme is based on unsystematic spot checking, the exactness guarantee is achieved by allowing enough verification time so, that it guarantee successful file retrieval. During corruption by comparing pre-computed tokens and the reply values from servers guarantee the identification of misbehaving servers. The user can request the server to send the chunks back as specified in challenge and regenerate chunks using erasure alteration.
Algorithm1: Revival of Errors Procedure
Presume the chunk corruptions have been detected among the specified rl rows;
Presume Csxi < Si servers have been identified as misbehaving;
Download rl rows of chunks from servers;
Treat Csxi servers as erasures and perform chunk recovery;
Resend the recovered chunks to corresponding servers. End procedure
A5. Trusted Party Auditing:
Due the lack of time and resource for the user the verification is performed by a trusted third party agent. The goal of the auditing is to retard new threats to the user data content. It ensures privacy preservation by not considering the blind values from the server reply rather it verifies directly. The third party auditor does not have the knowledge about the secret key so, it is impossible to grasp the information during audition.
Dynamic Data Operations:
The above discussed represents static data scenarios which do not suite all the situations. It occurs some situation in cloud to handle dynamic data where the user performs update, delete, append (or) modify data chunks Fig 1. There are two key challenges one is dynamic data operations since the data are not stored locally. Another is the providers of cloud should the process the request without the knowledge about secret key. These problems can be addressed by verification token. It guarantees that the cloud providers process the dynamic data request else the cloud providers are identified as cheating. It is also not practical to download all the data stored into the cloud and re-computing the verification tokens. The following scheme explains the dynamic data operations onto the data stored into cloud.
B1. Insert Procedure:
It is performed within the same chunk structure for the entire data file by adding at the desired position. Inserting into DF(x) denotes shifting all chunks with addresses x + 1 by one slot.
Drawback:
It can affect many rows in the data file and requires a number of computations to re-number the successive chunks and also re-compute challenge reply token. It is not possible to directly support insert operation.
B2. Update Procedure:
The user may need to modify some of the data chunks stored into cloud. It is performed from its current value to a new one. If the current value is DF(x) it uses linear property of Random Solomon rule for update
operation. It generates updated chunks ∆ DF(x) without the involvement of any unchanged chunks. It means that
DA1* DA2* DA3*
=
DA1 DA2 DA3
+
∆DA1 ∆DA2 ∆DA3
f 21 f 22* f 23 f 21 f 22 f 23 0 ∆f22 0
f 31 f 32 f 33 f 31 f 32 f 33 0 0 0
f 51 f 52 f 53 0 0 0 f 51 f 52 f 53
Fig. 1: Dynamic Data Operation
B3. Delete Procedure;
After finishing storage into cloud, certain chunks may need to be deleted. It is a special case wherein the original data chunks are replaced. The deletion is achieved by replacing the data chunk with zero (or) some reserved symbols.
B4. Append Procedure:
The size of the stored data can be increased by adding chunks to the end of the data file. The most frequent operation in cloud is appending large number of blocks by the user at the same time. The appending procedure is similar to concatenate corresponding row at the end of file. Suppose rl rows in a file be the initial file and ‘n’
blocks are to be appended to the end of file as {DArl+1,1, DArl+1,2,…., DArl+1,n). The newly appended token is
covered by the challenge tokens by slightly modifying the pre-computed tokens.
Performance Analysis:
The analysis is done based on the security and efficiency. The file sharing and token pre-computing is experimented which involves encoding as well as screening the corresponding encoded part. The two sets of parameters‘d’ and ‘r’ are considered with changeable data values. The ‘r’ denotes foremost since before outsourcing the similarity generation. The ‘r’ value increases linearly which requires large number of similar chunks to be screened. Fig 2 represents the scheme is efficient since an additional layer of structure called erasure modification rule is deployed. The traditional two layers of error correction increases the communication and operation costs. But here good balance is maintained by updates to specific row and is sufficiently large and are distributed before the file is being shared.
Fig. 2: Performance comparison between chosen parameters
Conclusion:
In distributed cloud storage system the problem in data security is addressed. The integrity and availability of cloud data impose quality of cloud servers which can be depended by user is a distributed scheme with dynamic data support including chunk update, delete and append. The ensure rule in distributed file sharing is deployed to provide redundancy and ensure data availability. The verification token achieves storage precision and identifies misbehaving servers. A trusted party auditing is provided based upon the user time and resources for tension-free usage of cloud storage. By a detailed analysis the proposed scheme is highly resistant to complex failure, unauthorized modifications to data and even server crash attacks.
REFERENCES
Amazon.com, 2008. Amazon s3 availability event: July 20, 2008. Online at
http://status.aws.amazon.com/s3-20080720.html.
Amazon.com, 2009. Amazon web services (aws). Online at http:// aws.amazon.com/.
Arrington, M., 2006. Gmail disaster: Reports of mass email deletions. Online at http://www.techcrunch.com/2006/12/28/gmail-disasterreports-of-mass-email-deletions/.
Ateniese, G., R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson and D. Song, 2007. Provable data possession at untrusted stores. in Proc. of CCS’07, Alexandria. Pp: 598-609.
Ateniese, G., R.D. Pietro, L.V. Mancini and G. Tsudik, 2008. Scalable and efficient provable data possession,” in Proc. of SecureComm’08: 1-10.
Bowers, K.D., A. Juels and A. Oprea, 2009. Hail: A high-availability and integrity layer for cloud storage. in Proc. of CCS’09. pp: 187-198.
Bowers, K.D., A. Juels and A. Oprea, 2009. Proofs of retrievability: Theory and implementation. in Proc. of ACM workshop on Cloud Computing security (CCSW’09). pp: 43-54.
Carter, L. and M. Wegman, 1979. Universal hash functions. Journal of Computer and System Sciences, 18(2): 143-154.
Castro, M. and B. Liskov, 2002. Practical byzantine fault tolerance and proactive recovery. ACM Transaction on Computer Systems, 2(4): 398-461.
Cong Wang, Qiang Wang, Kui Ren, Ning Cao, Wenjing Lou. 17th IEEE International workshop i=on Quality of service.
Curtmola, R., O. Khan, R. Burns and G. Ateniese, 2008. Mr-pdp: Multiple-replica provable data possession. in Proc. of ICDCS’08. IEEE Computer Society. pp: 411-420.
Dodis, Y., S. Vadhan and D. Wichs, 2009. Proofs of retrievability via hardness amplification. in Proc. of the 6th Theory of Cryptography Conference (TCC’09), San Francisco, CA, USA.
Erway, C., A. Kupcu, C. Papamanthou and R. Tamassia, 2009. Dynamic provable data possession. in Proc. of CCS’09. pp: 213-222.
Juels, A., and J. Burton, S. Kaliski, 2007. Pors: Proofs of retrievability for large files. in Proc. of CCS’07, Alexandria, VA. Pp: 584-597.
Kincaid, J., 2008. MediaMax/TheLinkup Closes Its Doors. Online at http://www.techcrunch.com /2008/07/10/ mediamaxthelinkup-closes-its-doors/.
Krebs, B., 2009. Payment Processor Breach May Be Largest Ever. Online at
http://voices.washingtonpost.com/securityfix/2009/01/ payment processor breach may b.html.
Lillibridge, M., S. Elnikety, A. Birrell, M. Burrows and M. Isard, 2003. A cooperative internet backup scheme. in Proc. of the 2003 USENIX Annual Technical Conference (General Track). pp: 29-41.
Schwarz, T. and E.L. Miller, 2006. Store, forget, and check: Using algebraic signatures to check remotely administered storage. in Proc. of ICDCS’06. pp: 12-12.
Shacham, H and B. Waters, 2008. Compact proofs of retrievability. in Proc. of Asiacrypt’08, volume 5350 of LNCS. pp: 90-107.
Shah, M.A., M. Baker, J.C. Mogul and R. Swaminathan, 2007. Auditing to keep online storage services honest,” in Proc. of HotOS’07. Berkeley, CA, USA: USENIX Association. pp: 1-6.
Shah, M.A., R. Swaminathan and M. Baker, 2008. Privacy-preserving audit and extraction of digital contents. Cryptology ePrint Archive, Report 2008/186, 2008, http://eprint.iacr.org/.
Sun Microsystems, Inc., 2009. Building customer trust in cloud computing with transparent security. Online at https://www.sun. com/offers/details/sun transparency.xml.
Wang, C., Q. Wang, K. Ren and W. Lou, 2009. Ensuring data storage security in cloud computing. in Proc. of IWQoS’09: 1-9.
Wang, Q., C. Wang, J. Li, K. Ren and W. Lou, 2009. Enabling public verifiability and data dynamics for storage security in cloud computing. in Proc. of ESORICS’09, volume 5789 of LNCS. Springer- Verlag. pp: 355-370.
Wilson, S., 2008. Appengine outage. Online at http://www. cio-weblog.com/50226711/appengine outage.php.
