IJCSIET-ISSUE4-VOLUME3-SERIES2 Page 1
Selective dependable storage services for providing security
in cloud computing
Gade Lakshmi Thirupatamma*1, M.Jayaram*2, R.Pitchaiah*3 M.Tech Scholar, Dept of CSE, UCET, Medikondur, Dist: Guntur, AP, India Associate Professor, Dept of CSE, UCET, Medikondur, Dist: Guntur, AP, India Associate Professor, Dept of CSE, UCET, Medikondur, Dist: Guntur, AP, India
ABSTRACT:
Cloud computing is the tremendous distributed technology used by many software companies to get mutual benefits. Cloud computing is an internet based on demand service which is used to store, access and use services. Storing data and providing access services to the users in cloud environment is one of the important services in Infrastructure as service. The data availability and integrity is the major drawback of the cloud services. And the correctness of the user data is also an important issue. We propose a new mechanism flexible distributed storage integrity auditing mechanism to audit the cloud storage with very lightweight communication and computation cost. The mechanism utilizes the homomorphic-token to gather audit information and distributed erasure-coded data for achieving fast data
error localization, i.e., the identification of misbehaving server.
KEYWORDS: Data integrity, cloud computing, cloud security, dependable storage service.
I.INTRODUCTION
Cloud computing is one of the ruling IT technology to make any ones business vision into reality without taking more technical support from different industries. Cloud computing provides a common platform to develop, deploy and host new range of applications by using the help of internet. Cloud computing can be defined in terms cloud and computing. Cloud is a collection of heterogeneous resources connected together to achieve the common goal. It provides an infrastructure for providing services to the end users. Computing specifies set rules and regulations to provide services to the end user by using these resources.
Storing data into the cloud offers is very easy to users because they don’t care about the infrastructure management. All the famous cloud computing vendors like, Amazon Simple Storage Service (S3), and
IJCSIET-ISSUE4-VOLUME3-SERIES2 Page 2
Amazon Elastic Compute Cloud (EC2) are the good examples. These vendors provide large storage space and customizable computing resources but these does not provides the responsibilities of local machines for data maintenance. As a result, users cannot believe completely the cloud service providers (CSP) for the availability and integrity of the data [1], [2]. On the one hand, although the cloud infrastructures are much more powerful and reliable than personal computing devices, broad range of both internal and external threats for data integrity still exist. It is also possible that CSP to discard rarely accessed data without being detected in a timely fashion [3] and may even attempt to hide data loss incidents so as to maintain a reputation.
II.RELATED WORK
There are methods have been proposed to achieve the assurances of cloud data integrity and availability and enforce the quality of cloud storage service. These methods enable on demand data correctness verification on behalf of cloud users. However, the fact that users no longer have physical possession of data in the cloud prohibits the direct adoption of traditional cryptographic primitives for the purpose of data integrity protection. Hence, the verification of cloud storage correctness must be conducted without explicit knowledge of the whole data files [4], [5]. The data stored in the cloud is also frequently updated by user by doing the operations like insertion, deletion, modification, appending etc. It is also
important to provide the dynamic nature to improve the correctness of the user data.
VINITHA S P & GURUPRASAD E [6] proposed scheme achieves authorized access of data stored at the cloud servers through admin module. And proposed scheme also includes storage of data across the clouds not randomly but according to the cost and quality of cloud servers there by achieving efficient storage of cloud data. For more efficiency in this paper schemes has been proposed to support dynamic operations at block level.
In this paper we propose an efficient distributed storage verification scheme with explicit dynamic data support to ensure the correctness of user’s data. The contribution of the work achieves these aspects. Compared to many of its predecessors, which only provide binary results about the storage status across the distributed servers, the proposed scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server(s). Unlike most prior works for ensuring remote data integrity, the new scheme further supports secure and efficient dynamic operations on data blocks, including: update, delete, and append.
III.PROPOSED SYSTEM
The proposed system contains the two modules.
3.1. Cloud storage service system model 3.2. Ensuring cloud data storage
IJCSIET-ISSUE4-VOLUME3-SERIES2 Page 3
3.1 CLOUD STORAGE SERVICE SYSTEM MODEL
Cloud storage service system structure is shown in the below diagram.
Figure 1: Cloud storage service architecture
From the above figure we can simply conclude that the cloud storage service architecture has the three entities.
User: The preliminary entity who stores and access data on the cloud storage.
Cloud Server (CS): The cloud server entity is managed and maintained by cloud service provider to provide storage service and provides large storage space and computational resources.
Third-Party Auditor: an optional TPA, who has expertise and capabilities that users may not have, is trusted to assess and expose risk of cloud storage services on behalf of the users upon request.
3.2 ENSURING CLOUD DATA STORAGE
The proposed system has the following modules as shown in flow chart below.
Figure 2: cloud data storage process
The cloud storage process involves the following phases
3.2.1. File Distribution preparation 3.2.2. Challenge Token Pre-computation
3.2.3. Correctness verification and error localization
3.2.4. File retrieval and error recovery
3.2.5. Third party auditing
3.2.1 FILE DISTRIBUTION PREPARATION
It is also called erasure-correcting code which used to avoid the multiple failures in distributed storage systems. The data file F is dispersed into a set n= m+ k distributed servers which reduces the overall data loss of the system. Here m represents data vectors and k represents parity vectors. The parity vectors mainly used to reconstruct the original data.
IJCSIET-ISSUE4-VOLUME3-SERIES2 Page 4
3.2.2 CHALLENGE TOKEN PRE COMPUTATION
This method is used to assure correctness of data storage and ensures error localization. The main idea is that the user pre-computes a certain number of short verification tokens on individual vector, each token covering a random subset of data blocks before distribution of the files. The cloud servers generated block indices should match with the challenged tokes. The token can be generated by using the following algorithm.
3.2.3 CORRECTNESS VERIFICATION AND ERROR LOCALIZATION
The proposed system ensures the correctness verification and error localization (misbehaving server identification) in our challenge-response protocol: the response values from servers for each challenge not only determine the correctness of the distributed storage, but also contain information to locate potential data error(s). The following algorithm computes the correctness and error localization.
3.2.4 FILE RETRIEVAL AND ERROR RECOVERY
Our verification scheme is based on random spot-checking, so the storage correctness assurance is a probabilistic one. We can guarantee the successful file retrieval with high probability. On the other hand, whenever the data corruption is detected, the comparison of pre-computed tokens and received response values can guarantee the identification of misbehaving server(s) (again with high probability), which will be discussed shortly. The error recovery can be explained by the following algorithm.
IJCSIET-ISSUE4-VOLUME3-SERIES2 Page 5
3.2.5 THIRD PARTY AUDITING
Third party auditing is one which performs auditing scheme upon request from users in order to check and ensure integrity of cloud data. Auditor has to specify file id of corresponding file for which integrity has to be checked as per request from users. Based on file id respective set of file blocks of a particular file along with their redundant copies has to be retrieved from cloud servers. Based on user id corresponding public key is retrieved. Based on file id, for each of file blocks corresponding digital signature and token signature is retrieved.
IV.CONCLUSION
We propose an efficient distributed storage verification scheme with explicit dynamic data support to ensure the correctness of user’s data. The contribution of the work achieves these aspects. Compared to many of its predecessors, which only provide binary results about the storage status across the distributed servers, the proposed scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server(s).
V.REFERENCES
1. [1] Sun Microsystems, Inc., “Building Customer Trust in Cloud Computing with Transparent Security,”
https://www.sun.com/offers/details/s un_transparency.xml, Nov. 2009. 2. [2] K. Ren, C. Wang, and Q. Wang,
“Security Challenges for the Public Cloud,” IEEE Internet Computing, vol. 16, no. 1, pp. 69-73,2012.
3. [3] A. Juels and B.S. Kaliski Jr., “PORs: Proofs of Retrievability for Large Files,” Proc. 14th ACM Conf.
Computer and Comm. Security (CCS ’07), pp. 584-597, Oct. 2007.
4. [4] A. Juels and B.S. Kaliski Jr., “PORs: Proofs of Retrievability for Large Files,” Proc. 14th ACM Conf. Computer and Comm. Security (CCS ’07), pp. 584-597, Oct. 2007.
5. [5] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z.Peterson, and D. Song, “Provable Data Possession at Un trusted Stores,” Proc. 14th ACM Conf. Computer and Comm. Security (CCS ’07), pp. 598-609, Oct. 2007.
6. [6]VINITHA S P & GURUPRASAD E, “SECURE, DEPENDABLE AND SELECTIVE STORAGE SERVICES IN CLOUD COMPUTING”, International Conference on Computer Science and Information Technology, 10th, March 2013, Hyderabad, ISBN: 978-93-82208-70-9.
7. [7] M.A. Shah, M. Baker, J.C. Mogul, and R. Swaminathan, “Auditing to Keep Online Storage Services Honest,” Proc. 11th USENIX Workshop Hot Topics in Operating Systems (HotOS ’07), pp. 1-6, 2007.
8. [8] M.A. Shah, R. Swaminathan, and M. Baker, “Privacy- Preserving Audit and Extraction of Digital Contents,”Cryptology ePrint Archive, Report 2008/186, http://eprint.iacr.org, 2008.
9. [9] G. Ateniese, R.D. Pietro, L.V. Mancini, and G. Tsudik, “Scalable and Efficient Provable Data Possession,” Proc. Fourth Int’l Conf. Security and Privacy in Comm. Netowrks (SecureComm ’08), pp. 1-10, 2008.
10. [10] C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia,
IJCSIET-ISSUE4-VOLUME3-SERIES2 Page 6
“Dynamic Provable Data Possession,” Proc. 16th ACM Conf. Computer and Comm. Security (CCS ’09), pp. 213-222,2009.
11. [11]H. Shacham and B. Waters, “Compact Proofs of Retrievability,” Proc. 14th Int’l Conf. Theory and Application of Cryptology and nformation Security: Advances in Cryptology (Asiacrypt ’08), pp. 90- 107, 2008.
12. [12] Cong Wang, “Toward Secure and Dependable Storage Services in Cloud Computing” IEEE TRANSACTIONS ON SERVICES COMPUTING, VOL. 5, NO. 2, APRIL-JUNE 2012.
13. [13] M. Bellare, R. Canetti, and H. Krawczyk, “Keying Hash Functions
for Message Authentication,” Proc. 16th Ann. Int’l Cryptology Conf. Advances in Cryptology (Crypto ’96), pp. 1-15, 1996.
14. [14] M. Bellare, O. Goldreich, and S. Goldwasser, “Incremental Cryptography: The Case of Hashing and Signing,” Proc. 14th
Ann. Int’l Cryptology Conf. Advances in Cryptology (CRYPTO ’94), pp. 216-233, 1994.
15. [15] D.L.G. Filho and P.S.L.M. Barreto, “Demonstrating Data Possession and Uncheatable Data Transfer,” Cryptology ePrint Archive,Report 2006/150, http://eprint.iacr.org, 2006.
