INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
STORAGE PRIVACY PROTECTION AGAINST DATA LEAKAGE THREADS IN CLOUD COMPUTING K ABHINANDAN REDDY M.Tech 2nd Year , CSE abhinandan232@gmail.com __________________________________________________________________________ Abstract - Using Cloud Storage, users can
Index terms – Cloud storage, privacy- protection,
remotely store their data and enjoy the on-
public auditability, cloud computing.
demand high quality applications and services I. INTRODUCTION
from a shared pool of configurable computing resources, without the burden of local data
Cloud computing promises lower costs, rapid
storage and maintenance.However, the fact that
scaling,
users no longer have physical possession of the
availability anywhere, anytime, a key challenge
outsourced
is how to ensure and build confidence that the
data makes the data integrity
protection in Cloud Computing a formidable
easier
maintenance,
and
service
cloud can handle user data securely.
task, especially for users with constrained Cloud computing is transforming the very
computing resources. Moreover, users should be able to just use the cloud storage as if it is local, without worrying about the need to verify its
nature of how businesses use information technology. From user’s prospective, including both individuals and IT enterprises, storing data
integrity
remotely to the cloud in a flexible on-demand This paper proposes privacy preserving public
manner brings appealing benefits: relief of the
auditability for cloud storage is of very
burden for storage management, universal data
importance so that users can arrange to a third
access with independent geographical locations,
party auditor (TPA) to check the integrity of
and
outside data and be worry-free. To securely
hardware, software, and personnel maintenances,
initiate an effective TPA, the auditing process
etc.
avoidance
of
capital
expenditure
on
should bring no new security challenges towards user data privacy and no additional online burden to user. This paper proposes a secure cloud
storage
system
supporting
privacy-
preserving public auditing. We further extend the TPA to perform audits for multiple users simultaneously and efficiently.
While cloud computing makes these advantages more appealing than ever, it also brings new and challenging security threats towards user’s outsourced data. Data outsourcing is actually relinquishing user’s ultimate control over the fate of their data. As a result, the correctness of
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
113
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
the data in the cloud is being put at risk due to
would also beneficial for the cloud service
the following reasons.
providers to improve their cloud based service platform.
i)
The infrastructures under the cloud are much more powerful and reliable than personal
Recently, the notation of public auditability has
computing devices; they are still facing the
been proposed in the context of ensuring
broad range of both internal and external
remotely stored data integrity under different
threats for data integrity.
system and security models. Public auditability
ii) There do exist various motivations for Cloud
allows external party, in addition to the user
Service Provider to behave unfaithfully
himself, to verify the correctness of remotely
towards the cloud users regarding the status
stored data. From the perspective of protecting
of their outsourced data.
data privacy, the users, who own the data and rely on TPA just for the storage security of their
The problem, if not properly addressed, may impede the successful deployment of the cloud architecture. As users have no longer physically
data,
do not
want this auditing process
introducing new vulnerabilities of unauthorized information leakage towards their data security
posses the storage of their data, traditional cryptographic primitives for the purpose of the
Exploiting data encryption before outsourcing is
data security protection cannot be directly
one way to mitigate this privacy concern, but it
adopted. Considering the large size of the
is only complementary to the privacy preserving
outsourced data and the user’s constrained
public auditing scheme to be proposed in this
resource capability, the tasks of auditing the data
paper. Without a properly designed auditing
correctness in cloud environment
can be
protocol, encryption itself cannot prevent data
formidable and expensive for the cloud users.
from “flowing away” towards external parties
Moreover, the overhead of using cloud storage
during the auditing process. Therefore, how to
should be minimized as much as possible, such
enable a privacy-preserving third-party auditing
that user does not need to perform too many
protocol, independent to data encryption, is the
operations to use the data.
problem we are going to tackle in this paper.
To fully ensure the data integrity and save the
To address these problems, our work utilizes the
cloud user’s computation resources as well as
technique of public key based homomorphic
online burden, it is of critical importance to
linear authenticator (or HLA for short), which
enable public auditing service for cloud data
enables TPA to perform the auditing without
storage, so that user’s may resort to an
demanding the local copy of data and thus
independent third party auditor (TPA) to audit
drastically reduces the communication and
the outsourced data when needed. In addition to
computation overhead as compared to the
help users to evaluate the risk of their subscribed
straightforward data auditing approaches. By
cloud data services, the audit result from TPA
integrating the HLA with random masking, our
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
114
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
protocol guarantees that the TPA could not learn
it integrity security. Then we present our main
any knowledge about the data content stored in
scheme and show how to extent our main
the cloud server during the efficient auditing
scheme to support batch auditing for the TPA
process.
upon delegations from multiple users. Finally we discuss how to generalize our privacy-preserving
a) Design Goals
public auditing scheme and its support of data
To enable privacy-preserving public auditing for cloud data storage our protocol design should achieve the following security and performance guarantees.
dynamics. a) Our Framework & Definitions We follow similar definition of previously proposed schemes in the context of remote data
1) Public auditability: to allow TPA to verify the correctness of the cloud data on demand
integrity checking and adapt the framework for our privacy preserving public auditing system.
without retrieving a copy of the whole data or introducing additional online burden to
A public auditing scheme consists of four
the cloud users.
algorithms
2) Storage correctness: to ensure that there
(KeyGen,
SigGen,
GenProof,
VerifyProof).
exists no cheating cloud server that can pass
KeyGen: is a key generation algorithm run by
the TPA’s audit without indeed storing
the user to setup the scheme.
user’s data intact.
SigGen: is used by the user to generate
3) Privacy-preserving: to ensure that the TPA cannot derive user’s data content from information collected during the auditing
verification metadata, which may consist of MAC, signatures, or other related information that will be used for auditing.
process. 4) Batch Auditing: to enable TPA with secure
GenProof: is run by the CS (Cloud server) to
and efficient auditing capability to cope with
generate a proof of data storage correctness,
multiple auditing delegations from possibly
while VerifyProof is run by the TPA to audit the
large
proof from the cloud server.
number
of
different
users
simultaneously. 5) Lightweight: to allow TPA to perform
Running a public auditing system consists of two phases, Setup and Audit:
auditing with minimum communication and computation overhead. II. PRPOSED SCHEMES
Setup: the user initializes the public and secret parameters of the system by executing KeyGen, and pre-processes the data file by using SigGen
This heading presents our public auditing
to generate verification metadata.
scheme which provides a complete outsourcing solution of data -not only the data itself, but also
Audit: the TPA issues an audit message or challenge to the cloud server to make sure that
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
115
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
the cloud server has retained the data file
scheme proposed by Boneh,Lynn and Shacham
properly at the time of the audit. The CS will
(BLS).
derive a response message from a function of the stored data file and its verification metadata by
d) BLS Schema Details
executing GenProof. The TPA then verifies the
Let G1, G2, and GT be multiplicative cyclic group
response via VerifyProof.
of primary order and e: G1 X G2→ GT . the BLS
Our frame work assumes the TPA is stateless,
map as introduced in mainly.
which is a desirable property achieved by our
Setup Phase: the cloud user runs KeyGen
proposed solution. It is easy to extend the
algorithm to generate the public and secrete
framework above to capture a stateful auditing
parameters. A then the user runs SigGen to
system, essentially by splitting the verification
compute authenticator for each block and name
metadata into two parts which are stored by the
is chosen by the user uniformity at random.
TPA and the cloud server respectively. Audit Phase: the TPA first retrieves the file tag. b) Basic Schemes
With respect to the mechanism in the setup
HLA-based solution. To effectively support public auditability without having to retrieve the data blocks themselves, the HLA technique can
phase, the TPA verifies the signature and quits by emitting FALSE if the verification fails. Otherwise, the TPA recovers name.
be user HLA’s like MACs are also some
Now it comes to the core part of the auditing
unforgeable
that
process. To generate the challenge message for
authentication the integrity of a data block. The
the audit, the TPA picks a random element
difference is that HLAs can be aggregate.
subset of set [1, n]. then the TPA sends challenge
verification
c) Privacy-Preserving
metadata
Public
Auditing
Scheme
Upon receiving challenge, the server runs
To achieve privacy-preserving public auditing, we propose to uniquely integrated the homophic linear
authenticator
message to the server.
with random
masking
GenProof to generate a response proof of data storage correctness. b) Support for Batch Auditing
technique. On the other hand, the correctness validation of the block- authenticator pairs can still be carried out in a new way which will be shown shortly, even with the presence of the randomness. Our design makes use of public key based HLA, to equip the auditing protocol with public auditability. Moreover, we use the HLA proposed, which is based on the short signature
With the establishment of privacy-preserving public auditing the TPA concurrently handle multiple upon different user’s delegation. The individual auditing of these tasks for the TPA can be tedious and very inefficient. It is more advantageous for the TPA to batch these multiple tasks together and audit at one time.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
116
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
Keeping this in mind, we slightly modify our
stores,” in Proc. of CCS’07, Alexandria, VA,
protocol in a single user case, and achieve the
October 2007, pp. 598–609.
aggregation of K verification equations into [4] C.Wang, Q.Wang, K. Ren, andW. Lou,
single on.
“Ensuring data storage security in cloud III.
computing,” in Proc. of IWQoS’09, July
CONCLUSION
2009, pp. 1–9. In this paper, we propose a privacy-preserving public auditing system for data storage security
[5] R. C.Merkle, “Protocols for public key
in cloud computing. We utilize the homomorphic
cryptosystems,”
in
Proc.
of
IEEE
linear authenticator and random masking to
Symposium on Security and Privacy, Los
guarantee that TPA would not learn any
Alamitos, CA, USA, 1980.
knowledge about the data content stored on the cloud server during efficient auditing process.
[6]
S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-
And we slight change our protocol, the TPA can
grained access control in cloud computing,”
perform multiple audit sessions from different
in Proc. of IEEE INFOCOM’10, San Diego,
users for their outsourced data files. Extensive
CA, USA, March 2010.
analysis shows that our schemes are provably secure and highly efficient.
AUTHORS
REFERENCES Mr.K [1]Cong Wang, Qian Wang, Kui Ren, Wenjing
REDDY
Lou “Privacy-Preserving Public Auditing for
received
Narayana
Secure Cloud Storage” in Proc. of Compu-
the
Engineering
College, Nellore, B.Tech
ters”, pp. 362-375, 2013. [1] C. Erway, A. Kupcu, C. Papamanthou, and
ABHINANDAN
degree
in
computer
science & engineering from the Jawaharlal
“Dynamic provable data
Nehru technological university Anantapur, in
possession,” in Proc. of CCS’09, 2009, pp.
2012, and received the Audisankara Institute of
213–222.
Technology, Gudur M.Tech degree in computer
R. Tamassia,
science engineering from the Jawaharlal Nehru [2] M. A. Shah, R. Swaminathan, and M. Baker, “Privacypreserving audit and extraction of digital contents,” Cryptology ePrint Archive,
technological university Anantapur in 2014, respectively. He Participated National Level Paper Symposiums in different Colleges.
Report 2008/186, 2008. [3] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
117
www.iaetsd.in