JECET; June – August-2013; Vol.2.No.3, 883-888.
Journal of Environmental Science, Computer Science and Engineering & Technology
An International Peer Review E-3 Journal of Sciences and Technology
Available online at www.jecet.org Computer Science
Research Article
JECET; June – August 2013; Vol.2.No.3, 883-888. 883
Trusted and Secure Model for Cloud Data Storage
Jitendra Singh Rajawat1 and Sanjay Gaur2
1Pacific Institute of Technology, Udaipur, India
2Faculty of Computer Application, Pacific University, Udaipur, India
Received: 18 July 2013; Revised: 14 August 2013; Accepted: 22 August 2013
Abstract: Cloud Computing has been envisioned as the next- generation architecture of Information Technology enterprises. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, Cloud Computing moves the application software and databases to the large data centers, where some times the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. Security challenges in Cloud Computing are authentication, integrity, confidentiality and many more. Data correctness and integrity are one of the prime issues related to some unauthorized changes without prior permission of the data holder. Sometimes these are violated through unsecured and none trusted authorities or due to lacking of efficient security algorithms. In this paper we pay attention to the security of the storage correctness in cloud computing. In that context we proposed an algorithm which is used to build an effective solution for solving data correctness and maintain integrity of data in cloud.
Keywords: Trusted, Security, Cloud, Integrity, Authentication, Encryption, Algorithm, Server
INTRODUCTION
Cloud computing is general term that involves delivering hosted services over the internet and network also. A cloud service has distinct characteristics that differentiate it from traditional hosting.
It is sold on demand, typically by the minute or the hour. A user can opt a service as they want at any time which is fully managed as per the consumer needs nothing but a personal computer and Internet
JECET; June – August 2013; Vol.2.No.3, 886-888. 884 access. The advantage of cloud computing are cost saving, unlimited storage capacity, improved performance, reduced software cost, increased data reliability and flexibility. The disadvantage of cloud computing is security of data, integrity of data on cloud, less control, confidentiality and many more.
One of the biggest concerns with cloud computing is data storage correctness or so called data integrity verification. The end user or customer may not be know where data stored even he is not having his control over own data. How would the data holder make sure that his data has not been modified or altered during the storage period?
Data storage correctness can be done with Trusted Third Party (TTP). In case of TTP, an Third Party Auditor (TPA) is appointed to check the availability of data and its correctness. TPA verifies the data stored in the cloud and communicate with the consumer (client). The client application provides all the cryptographic functionalities to achieve the goal of integrity, authentication and confidentiality.
As in traditional network security, we try to protect the confidentiality of data in its two stages of data life cycle viz. data at rest and data in transition. For data at rest, symmetric key encryption techniques are recommended, which are secure but having more time consuming approaches. For data in transition, we recommend SSL kind of already available secure protocols. For integrity verification, we rely on hash functions. Here in trusted secure model for cloud data storage we provide algorithm and its explanation with various steps. Keywords or notation are separately given in notation table.
The operational details are also including herewith, finally conclusion is given at the end of paper.
Review of literature and references are also presented as per their suitability.
Review Of Literature: Data storage using cloud computing is discussed by Kajendran et al.1 to frame out the security model. Cryptography is again an important issue related to security of data on cloud, authors of2-5, discussed it in their respective works. Author of6,7 address problem of access mechanism using cryptography technique . Author of2, 8-11 proposed a data storage security model provides storage correctness while maintaining communication between cloud server and user.
Privacy protection, storage security and integrity are the major discussion point of the rest of papers referenced in this paper.
Fig 1: Cloud data storage architecture
JECET; June – August 2013; Vol.2.No.3, 886-888. 885 Operational Steps: The proposed algorithm for Trusted and secure model for cloud data storage is working in three major elements:
• Cloud server (CS): CS is the central component that provides storage as a service and works as connection between Information Holder and Information Client.
• Information Holder (IH): IH stores data on cloud and can allow accessing of its data to other cloud users.
• Information Client (IC): IC use tha data based on ID received from the Information Holder ALOGORITHM
1. Produce key pair by IH/IC
2. (i) Snd {Pbk}, obtain ID ,again Snd {ID,password,email etc} to CS (ii) CS Str Info and Snd Ack.
3. (i) Encr_fl<-Encr(Pbk &Prk)
(ii) CHash <- Hash((SHA-256/MD5(Encr_fl))) and Snd Encr_fl (iii) CS Str (Encr_fl) , update DB
4. (i) Snd {IH_ID}
(ii) Fl_lst <- Produce file list from {IH_ID}
Snd{Fl_lst}
(iii) Recv(fl_lst)
(iv) DO Snd{ File,(Grant/Deny) } If Grant then
Snd{Smtk} to IC
5. Snd {File Name & File data}
6. (i) Enc_fl <- Encr(Pbk & Prk(File))
(ii) CHash <- Hash((SHA-256/MD5(Encr_fl))) (iii) CS Check for rights
If (true) admit request and update DB else refuse alteration
7. Snd{Hash} , Ret and Update DB 8. End
JECET; June – August 2013; Vol.2.No.3, 886-888. 886 Table- 1: Notation
PbK Public Key PrK Private Key Encr Encryption
IH Information Holder IC Information Client
CS Cloud Server
CHASH Hash Code at Client SHASH Hash at Server
IH_ID Information Holder ID IC_ID Information Client ID Smtk Symmetric Key
Ret Retrieve
Recv Receive
Snd Send
Ack Acknowledge
Str Store
Info Information
In this Algorithm its consist of seven phases .The details of phases are given below:
1) In phase 1: Generation of key pair by IH/IC using a public key encryption which is used to encrypt the data during transmission.
2) In phase 2: Get ID from Cloud Server and send registration detail on Cloud Server. We get same using two steps. In first step, IH send public key to the Cloud Server. Cloud server Generate ID store key and IH send registration details like Password, Mail id etc to Cloud server. In step 2 Cloud Server store information and send acknowledgement
3) Goal of phase 3: To create data locally and send it on Cloud server. In step 1 information holder encrypt the file using public and private key by different available encryption algorithm. In step 2 hash code calculated from encrypted file which is produce in step 1 and send to Cloud Server . In last step Cloud Server stores the file and makes necessary change in database and sends confirmation to Information Holder.
4) Goal of phase 4: To send request for rights. In step 1 Client send ID of Holder to Cloud Holder from whom it want file access. In step 2 Cloud servers generate file list from id and send file back to Client .Client select file from the list and send selection with request rights. In step 3 Client receives files which it demand. In step 4 Information Holder grant or deny the request and send status to Cloud Server .If it grant then send symmetric key to Client.
5) In phase 5: Download file from Cloud Server .Client send filename to Cloud Server and CS send file contents to client.
6) Goal of phase 6: To manage data which is altered by client The first two steps are similar to phase third expect 3.In step 3 the Client rights for file modifications are checked by Cloud Server
JECET; June – August 2013; Vol.2.No.3, 886-888. 887 before overwriting the file on Cloud storage.
7) Aim of phase 7: To provide hash of modified file to holder and after verification holder update hash in local database.
Examination of Design: Following paragraph illustrates the security and general examination of the system and how we achieve the goals mentioned former
1) Information Privacy: Data stored on the cloud is encrypted so cloud server can’t miss use or learn the data; hence the data is confidential and unknown from Cloud Server.
2) Security Alternatives: Sometimes data stored on the cloud may not be sensitive enough in that case we choose cryptographic algorithm for the data holder by taking inputs.
3) Key Supervision: Encrypting the data in symmetric way and the key used to transfer the data to the client is done in asymmetric way. By using this fusion approach our encrypted data is secure and thus fast operation for key transfer is also adopted.
4) Data Correctness: For data correctness, Information Holder/Client can send request to CS for computing and submitting hash code of his encrypted file. Upon checking some validations, CS computes a hash code of the file and returns the same to the client. The size of this code is very small (in terms of few bytes) which reduces communication overhead. Also note that, computing the hash code is an offline function at CS side. In this way, we save computation plus communication time, hence improve performance.
5) Access Rights: Access rights can be granted from Information Holder to information client with the help of small SQL grant operations. In case of revoking a grant, again the same kind of SQL revoke statement can be used. Important, thing here to mention is, in case of granting operation, information holder may be talking to information client, but in case of revoking the rights, it will issue instructions directly to Cloud server, of course through SQL statement.
Hence, it is quite a simple operation.
6) No Data Redundancy: Correctness of encrypted data can be measure even without asking local copy of data. The decryption is also done offline at the site of IH/IC. Hence data are not moving from one position to another in unencrypted format.
CONCLUSION
In this paper, we have analyzed data storage correctness issue in reference of cloud computing. We have provided an algorithm for trusted and secure data storage model with new encryption scheme with integrity verification. The features of algorithm are useful to reduce computational cost for the client who may not have much security processing power. Authentication, access control and non duplication are handled with symmetric key and public key cryptography. Analysis of proposed model gives almost all the features which required making a complete solution for trusted and secure data storage on cloud. Although the proposed model gives a theoretical and analytical satisfaction but real state will be reflect after its practical implementation.
REFERENCES
1. S.Kamara, K.Lauter, K.: "Cryptographic cloud storage". In: Proceedings of the 14th international conference on Financial cryptography and data security, Springer-Verlag, Berlin, Heidelberg FC'10,2010,136-149.
2. C. Wang, Q. Wang, K.Ren, W. Lou, "Privacy-Preserving Public Auditing for Data Storage
JECET; June – August 2013; Vol.2.No.3, 886-888. 888 Security in Cloud Computing", in IEEE INFOCOM 2010, San Diego, CA, March 2010.
3. Advanced encryption standard ,aes, fips pub 197, 2001.
4. FIPS 46-3: Data Encryption Standard (DES), fips pub 46- 3, 1999.
5. Goyal, V., Pandey, O., Sahai, A., Waters, B.: "Attribute- based encryption for fine-grained access control of encrypted data" In Proceedings of the 13th ACM conference on Computer and communications security CCS 06, 2006, 89.
6. C. Hota, S. Sanka, M. Rajarajan, S. Nair, "Capability- based Cryptographic Data Access Control in Cloud Computing", in International Journal of Advanced Networking and Applications,1(1), 2011.
7. Balakrishnan. S, Saranya. G, Shobana. S, Karthikeyan.S, "Introducing Effective Third Party Auditing (TPA) for Data Storage Security in Cloud" In International Journal of Computer Science and Technology, 2(2), 2011.
8. B.Hiren Patel, R. Dhiren, Patel, Bhavesh Borsania, Avi Patel "Data Storage Security Model for Cloud Computing" In CNC-2012
9. K. Kajendran, J. Jeyaseelan, J. Joshi, "An Approach for secures Data storage using Cloud Computing" In International Journal of Computer Trends and Technology- May to June Issue 2011
10. S. Kumar, A. Saxena, "Data Integrity Proofs in Cloud Storage", in IEEE Conference, 2011.
*Corresponding Author: Dr. Sanjay Gaur; Faculty of Computer Application, Pacific University, Udaipur, Rajasthan, India
