Imperial Journal of Interdisciplinary Research (IJIR) Vol-3, Issue-2, 2017 ISSN: 2454-1362, http://www.onlinejournal.in
Privacy-Preserving Public Auditing for Secure Data Outsourcing on Cloud Mr. Shrikant D. Telkar1, Prof. Mrs. Swati S. Joshi2 1
P.G. Scholar, Department of Computer Science & Engineering, N. B. Navale Sinhgad College of Engineering, Solapur,Solapur University, Solapur, Maharashtra, India 2 Assistant Professor, Department of Computer Science & Engineering, N. B. Navale Sinhgad College of Engineering, Solapur, Solapur University, Solapur, Maharashtra, India. Abstract: Cloud computing allow the sharing of different services on internet. Multiple user stores data on cloud. To achieve data integrity protection is challenging one. Also correctness of data and security is major issue. This paper includes the concept of integrity and security of data storage on cloud. We are signing the data blocks before sending it on cloud for Security achievements. User has remote access to cloud data. We propose a privacypreserving public auditing system for secure data outsourcing on cloud. We use the homomorphic linear authenticator (HLA) and random masking which assure that the Trusted Third Party Auditor (TPA) is not able to modify the data content stored on the cloud server throughout auditing process. This technique save the time of user for auditing process. Thus user can appeal to Trusted TPA for audit process.
data stored in the cloud on approval of the users, which is one of the easy and low-cost ways for the users to ensure their storage correctness in the cloud. The audit result generated by TPA is useful for cloud service provider too in order to proved best security service [10]. So that other users can trust on cloud services offered by CSP.
1. Introduction
2. Literature Survey
Cloud Computing is based on Internet and computer technology [3] which provides SaaS, PaaS, IaaS [1]. Due to Networking Technology, clients can now remotely access these services from cloud storages.We have to also consider the security and functioning of the cloud system. Data integrity is biggest concern with cloud storage For example; the storage service provider can hide or read data for his own profit. Suppose cloud contains user’s data; the problem is how to perform periodical integrity verifications without the local copy of data files. As users no longer physically own the storage, the simple cryptography techniques cannot be directly followed [11]. Retrieving the data from cloud server for audit process is also not feasible solution as it cost large and may possibility of data loss or corrupt [12][8]. To save data retrieving time and other loss we hire trusted TPA for auditing of cloud data. So that users may appeal to a trusted third-party auditor (TPA) to audit the outsourced data independently and whenever needed. In Figure1, The TPA, who is skillful, can periodically check the integrity of all the
The team of R. Burn [9] are the first who thought the about auditing in their “provable data possession” (PDP) model for ensuring ownership of data files on untrusted storages. They used RSA-based homomorphic linear authenticators for auditing outsourced data and also suggest randomly sampling a few blocks of the file. Juels et al.[11] depict a “proof of retrievability”(PoR) model for possession and recoverability. But user can perform limited no of audit challenge and no public audit. They also describe Merkle-tree construction for public PoRs, for encrypted data. Shacham and Waters [13] worked on PoR scheme built from BLS signatures [19] with proofs of security in the security model defined in [11]. Similar to the scheme in [9], they use publicly verifiable homomorphic linear authenticators which are built from provably secure BLS signatures and public audit is started. Again, the approach was not privacy preserving due to the same reason as [9]. Shah et al. [10], [15] introduced a TPA. The scheme first performs encryption on data and calculates a number of symmetric-keyed hashes over these
Imperial Journal of Interdisciplinary Research (IJIR)
Figure 1: Trusted Third Party Auduiting System
Page 234
Imperial Journal of Interdisciplinary Research (IJIR) Vol-3, Issue-2, 2017 ISSN: 2454-1362, http://www.onlinejournal.in encrypted data which finally sent to the auditor. The auditor checks the key to verify data integration. Scheme works only for encrypted data and state should be maintained which increase online Burdon server.Ateniese et al. [21] also proposed a halfly dynamic version of existing PDP scheme, which conatin symmetric key cryptography and limited no of audit is presented. In [22], Wang et al. provided support to this scheme in a distributed area with the characteristic of error localization. In addition to this, Wang et al. [8] proposed merging of BLS-based HLA with MHT to support fully data dynamics. parallaly, Erway et al. [22] developed a skip listbased scheme to also enable demonstrable data possession with full dynamics support. However, both the scheme contains the linear combination of sampled blocks as an input, similar to the designs in [9], [13], and thus unable to support privacypreserving auditing.Sebe et al. [24] proposed protocol supports unlimited times of file integrity verifications and removed a local storage burden at the user side. Schwarz and Miller[23] proposed algebraic signatures for checking the integrity of the remotely stored data across multiple distributed servers and used similar aggregation property as the homomorphic authenticator implemented in our scheme.All mentioned scheme gives efficient auditing processes and assurance on data integrity of data storage.Here our scheme highly reduce the while our scheme can greatly reduce the computing cost on the TPA at the time of no of audit phase. Further, in our project, the major betterments are as follows: First, we introducing privacy preserving public auditing scheme through which the third party auditor can check data correctness without accessing local data (also referred as zero-knowledge leakage) second, based on the main auditing scheme,we furnish a new secure batch auditing protocol ,to deal with multiple user’s auditing processes simultaneously.Third, we further extend our main scheme to confirm data dynamic operations.Fourth, we are introducing Administrator and he will be looking after all the accessibilities of the website. Finally, we take result of formal analysis of privacypreserving guarantee and storage correctness.
3. Problem Statement Cloud Service Provider (CSP): The Organizational vendors who provide various computing services to cloud users. The role of CSP is to maintain Confidentiality and integrity of cloud data but for self benefit CSP can hide or read data. Cloud Server (CS): The remote storage area where user can store and access data. The expectations of user from CSP are that data must be correctly stored and maintained and should not be accessed,
Imperial Journal of Interdisciplinary Research (IJIR)
modified, loss by hackers. Some of the data integrity threats toward users’ data may be both internal and external attacks at CS [5][6].I.e. software bugs, hardware failures, network path error etc. Cloud User: they act on CS to access and update their stored data for respective application purposes. Attackers can try to get authenticate data like username and password. Use of encryption technique is major issue [4]. Trusted Third Party Auditor (TPA): User depends on TPA who does independent auditing process to achieve data integrity. it may hurt the user if the TPA could try to learn the outsourced data at the time of the audit.
4. Objective and Scope 1. Privacy preserving public audit ability: The third party auditor can check data correctness without accessing local data 2. Batch auditing: Based on the main auditing scheme, we furnish a new secure batch auditing protocol, to deal with multiple users’ auditing processes simultaneously. 3. Data Dynamics: Data operations include data modification, data insertion and data download for cloud data storage. 4. Administrator: To allow user to register and access the cloud data. Also check the status of the user table
5. Methodology 5.1. Privacy Preserving Public Auditing Scheme Scheme permits TPA to check data conformity without accessing local data on CS. We pertain the technique which gives unique integration of homomorphic authenticator with random masking. In our system, the linear combination of sampled blocks in the server’s response is masked with randomness generated by a server. With random masking, the TPA no longer has all the necessary information to build up a correct group of linear equations and therefore cannot derive the user’s data content, no matter how many linear combinations of the same set of file blocks can be collected. Meanwhile, due to the algebraic property of the homomorphic authenticator, the correctness validation of the block-authenticator pairs will not be affected by the randomness generated from a server Specifically, we use the HLA proposed in [13], which is based on the short signature scheme proposed by Boneh, Lynn, and Shacham (hereinafter Page 235
Imperial Journal of Interdisciplinary Research (IJIR) Vol-3, Issue-2, 2017 ISSN: 2454-1362, http://www.onlinejournal.in referred as BLS signature) [19].The Boneh–Lynn– Shacham signature scheme allows a user to verify that a signer is authentic ( Figure 2 ).
5.2. Module Description 1. Public audit ability for storage correctness assurance: TPA gets the alert messages when anyone tries to modify the block data at CS without accessing local copy. 2. Batch Auditing: Client can perform block level operations of file. 3.Dynamic Data Operation with Integrity Assurance: Our Scheme can perform Modification as well as download for cloud data.
6. Conclusion
Figure 2: Setup and Audit phase
A public auditing scheme consists of four algorithms (KeyGen, SigGen, GenProof, VerifyProof) KeyGen- key generation algorithm (run by the user) to setup the scheme. SigGen-to generate verification metadata (used by the user) GenProof-to generate a proof of data storage correctness (run by the cloud server) VerifyProof -to audit the proof (run by the TPA) from the cloud server Two phases, Setup and Audit (Figure 2): To run public auditing system Setup Phase: User initiates the public and secret arguments of the system by implementing KeyGen (with secrete Key) User Litigate the data file F by using SigGen which results the verification metadata (Data block in decrypted form). User then upload the data files F and the verification metadata at the cloud server via Trusted TPA. Audit Phase: TPA-Maintain record about the cloud server to make sure that the cloud server has maintained the data file F correctly. Cloud Server-execute GenProof to create a response message from a function of the stored data file F and its verification metadata. TPA then verifies the response via VerifyProof (By getting alert message)
Imperial Journal of Interdisciplinary Research (IJIR)
We propose a privacy-preserving public auditing system for data storage security in Cloud Computing. We utilize the homomorphic linear authenticator and random masking to guarantee that the TPA would not modify any knowledge about the data content stored on the cloud server during the efficient auditing process, which not only eliminates the burden of cloud user from the tedious and possibly expensive auditing task, but also alleviates the users’ fear of their outsourced data leakage. Considering TPA may concurrently handle multiple audit sessions from different users for their outsourced data files, we further extend our privacy-preserving public auditing protocol into a multi-user setting, where the trusted TPA can perform multiple auditing tasks in a batch manner for better efficiency.
7. References [1]C. Wang, S. Chow,Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure Cloud Storage,” Proc. IEEE Trans.Vol 62,No 2, Feb. 2013. [2]C. Wang, Q. Wang, K. Ren, and W. Lou, “PrivacyPreserving Public Auditing for Storage Security in Cloud Computing,” Proc. IEEE INFOCOM ’10, Mar. 2010. [3]M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A. Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I. Stoica, and M.Zaharia, “Above the Clouds: A Berkeley View of Cloud Computing,” Technical Report UCBEECS-2009-28, Univ. of California, Berkeley, Feb. 2009. [4]Cloud Security Alliance, “Top Threats to Cloud Computing” http://www.cloudsecurityalliance.org, 2010. [5]M. Arrington, “Gmail Disaster: Reports of Mass Email Deletions,” [6]J. Kincaid, “MediaMax/TheLinkup Closes Its Doors,” http://www.techcrunch.com/2008/07/10/mediamaxthelinku p-closes-its-doors/, July 2008. [7]Amazon.com, “Amazon s3 Availability Event: July 20, 2008,” http://status.aws.amazon.com/s3-20080720.html, July 2008. [8]Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Page 236
Imperial Journal of Interdisciplinary Research (IJIR) Vol-3, Issue-2, 2017 ISSN: 2454-1362, http://www.onlinejournal.in Storage Security in Cloud Computing,” IEEE Trans. Parallel and Distributed Systems, vol. 22, no. 5, pp. 847859, May 2011. [9].G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable Data Possession at Untrusted Stores,” Proc. 14th ACM Conf. Computer and Comm. Security (CCS ’07), pp. 598-609, 2007. [10]M.A. Shah, R. Swaminathan, and M. Baker, “PrivacyPreserving Audit and Extraction of Digital Contents,” Cryptology ePrint Archive, Report 2008/186, 2008. [11].A. Juels and J. Burton, S. Kaliski, “PORs: Proofs of Retrievability for Large Files,” Proc. ACM Conf. Computer and Comm. Security (CCS ’07), pp. 584-597, Oct. 2007.
Computing,” IEEE Trans. Service Computing, vol. 5, no. 2, 220-232, Apr.-June 2012. [22]C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia, “Dynamic Provable Data Possession,” Proc. ACM Conf. Computer and Comm. Security (CCS ’09), pp. 213-222, [23]T. Schwarz and E.L. Miller, “Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage,” [24]F. Sebe, J. Domingo-Ferrer, A. Martı´nez-Balleste, Y. Deswarte, and J.-J. Quisquater, “Efficient Remote data possession checking in critical information infrastructure,”IEEE Trans.
[12]Cloud Security Alliance, “Security Guidance for Critical Areas of Focus in Cloud Computing,” http://www.cloudsecurityalliance. org, 2009. [13]H. Shacham and B. Waters, “Compact Proofs of Retrievability,”Proc. Int’l Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (Asiacrypt), vol. 5350, pp. 90-107, Dec. 2008. [14]C. Wang, K. Ren, W. Lou, and J. Li, “Towards Publicly Auditable Secure Cloud Data Storage Services,” IEEE Network Magazine, vol. 24, no. 4, pp. 19-24, July/Aug. 2010. [15]M.A. Shah, M. Baker, J.C. Mogul, and R. Swaminathan, “Auditing to Keep Online Storage Services Honest,” Proc. 11th USENIX Workshop Hot Topics in Operating Systems (HotOS ’07), pp. 1-6, 2007. [16]104th United States Congress, “Health Insurance Portability and Accountability Act of 1996 (HIPPA),” http://aspe.hhs.gov/ admnsimp/pl104191.htm, 1996. [17]R. Curtmola, O. Khan, and R. Burns, “Robust Remote Data Checking,” Proc. Fourth ACM Int’l Workshop Storage Security and Survivability (StorageSS ’08), pp. 63-68, 2008. K.D. Bowers, A. Juels, and A. Oprea, “Proofs of Retrievability:Theory and Implementation,” Proc. ACM Workshop Cloud Computing Security (CCSW ’09), pp. 43-54, 2009. [18]D. Boneh, B. Lynn, and H. Shacham, “Short Signatures from the Weil Pairing,” J. Cryptology, vol. 17, no. 4, pp. 297-319, 2004. [19]A.L. Ferrara, M. Green, S. Hohenberger, and M. Pedersen, “Practical Short Signature Batch Verification,” Proc. Cryptogra-phers’ Track at the RSA Conf. 2009 on Topics in Cryptology (CT-RSA), [20]G. Ateniese, R.D. Pietro, L.V. Mancini, and G. Tsudik, “Scalable and Efficient Provable Data Possession,” Proc. Int’l Conf. Security and Privacy in Comm. Networks (SecureComm ’08), 1-10, 2008. [21]C. Wang, Q. Wang, K. Ren, and W. Lou, “Towards Secure and Dependable Storage Services in Cloud
Imperial Journal of Interdisciplinary Research (IJIR)
Page 237