-

Transcription

1 International Journal Of Scientific Research And Education Volume 2 Issue 10 Pages October-2014 ISSN (e): Website: Multi-Cloud Storage Data Possession Based Data Integrity Verfication And Security Cooperative Schedule Authors E Ashwini Kumari 1, N. Chandra Sekhar Reddy 2, E Uma shankari 3, 1 M.Tech CSE Dept. Institute of Aeronautical Engineering, HYD, AP, India. 2 CSE Dept. Institute of Aeronautical Engineering, HYD, AP,India. 3 CSE Dept.,HYD, AP, India. - [email protected],[email protected] [email protected] ABSTRACT:- Now a days in any site for every data transfer we are using cloud data transfer[1]. But previously we used distributed data transfer. Now we must concentrate on security[1][2]. we have many techniques to provide the security. In this paper we are using Provable data possession (PDP) technique [4][3]for the data integrity in outsourcing storage. we present a schema for the construction of an effective PDP schema. This schema is used for distributed cloud storage[5] to support the scalability of service and data migration[3][6]. In this we consider the existence of multiple cloud service providers to store the data cooperatively[7] and maintain the client s data. Now we present a cooperative PDP (CPDP) scheme [5][7]based on verifiable response using hash index hierarchy[6][8] and cryptography[9]. The security of our schema based on zero-knowledge proof system[1][10], which can satisfy knowledge soundness, completeness and zero- knowledge properties. We are using AES method for cryptographic. The results of our experiment shows us that our solution introduces lower computation and communication overheads in comparison with non-cooperative approaches. Key words: Storage security, Provable data possession, zero-knowledge, cryptography, Encryption, AES algorithm. 1.INTRODUCTION Data storage on cloud is one of the popular services offered by cloud computing, because data storage on cloud is one of the popular services that are offered by the cloud computing[1][2]. These services subscribers do not have to store their own data on local servers. Instead their data will be stored on the cloud service provider s servers. Cloud storage[3] make that possible to every user to remotely store their data on th cloud and enjoy the on-demand high quality applications of the cloud without any burden of local software and hardware management[5]. These boasts number of advantages such as unlimited storage E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page 2019

2 capability, you can access anywhere etc..since cloud Computing environment [4] is constructed on open architectures and interfaces,. It have the potential to incorporate multiple external or internal cloud services together to provide high interoperability. This type of cloud distribution environment is called as multicloud. A multi-cloud approach]10] is one of where an enterprise users two or more cloud services, therefore reducing the risk of lose of the data in the cloud that is stored by the user using the trusted third party]6]. Loss may happen due to the failure of single cloud computing environment. widespread data loss or outage due to a component failure in a single cloud computing environment. Frequently, by using virtual infrastructure management (VIM) [1], a multi-cloud allows clients to easily access his/her resources remotely through interfaces such as Webservices provided by Amazon EC2. There exist various tools and technologies for multi-cloud, such as VMware vsphere, 2. EXISTING SYSTEM:- In cloud computing the outsourcing data owner scenario in on cloud. CSP stores [7]that data on the single available server, but there can be the chances of crashing the server. It leads into loss of valuable data which threatens[7] the availability. Also there are chances of directly or indirectly corruption of owner s data. CSP can access the valuable data and also do the misuse of it, which threatens the integrity of data. So this problem can be solved by storing data on multiple clouds. The proposed Advanced CPDP model [4][7][9]is totally based on the CPDP with enhancement in the form of implementation with replacing simulator. 3. PROPOSED SYSTEM:- To check the availability and integrity of outsourced data in cloud storages, researchers have proposed two basic approaches called Provable Data Possession and Proofs of retrival. First proposed the PDP model for ensuring possession of files on untrusted storages and provided an RSA-based scheme for a static case that achieves the communication cost. They also proposed a publicly verifiable version, which allows anyone, not just the owner, to challenge the server for data possession..they proposed a lightweight PDP scheme based on cryptographic hash function and symmetric key encryption, but the servers can deceive the owners by using previous metadata or responses due to the lack of randomness in the challenges. The numbers of updates and challenges are limited and fixed in advance and users cannot perform block insertions anywhere. 4. RELATED WORK Security in cloud is indispensible. To check the availability and integrity of outsourced data in cloud storages,researchers have suggested two basic approaches called Provable Data Possession (PDP) [2] and Proofs of Retrievability (POR) [3]. Ateniese et al. [2] first proposed the PDP model for ensuring possession of files on untrusted. It provide low-cost, scalable location independent platform for managing client s E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page 2020

3 data, current cloud storage systems adopt several new distributed file system, for example, Apache Hadoop Distribution file system(hdfs). File Division The Cloud User who has a large amount of data to be stored in multiple clouds and has the permissions to access and manipulate stored data[8]. The User s Data is converted into data blocks of different sizes for improving the efficiency of storage[9] and as well as to improve the security of file. Registration The user can store the file into the cloud storage only if he/she is a registered owner of this web application[8]. The registration can be made as either free or a paid registration depending on the organization s requirement. File Upload Not all files are directly stored in multiple clouds, but only the files that are verified by the trusted TPA are uploaded. If any corrupted file is loaded, then that file cannot be saved instead they may be deleted by the TPA. The File may be encrypted using the cryptographic key which is randomly generated. File verification Using the cryptographic key the file is encrypted and by using this key the file contents may be decrypted by the TPA for the verification process File download Only the verified Files can be downloaded by the File Owner. If the user wants to download their files, the data stored in multi-cloud is integrated and downloaded[10]. Fig 1 : Architecture of multipule cpu s. View All Files All the Files in the web including verified and not-verified are viewed by the Administrator[11]. View File Owners E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page 2021

4 Registered File Owners are viewed by the Administrator[10]. Admin can have the facility to contact the file owners and can monitor the storage space used by the file owners. File Deletion The Uploaded file can be deleted by the File Owner. The security can be increased if we are making key verification along with the deletion process. One problem can arise is in the case of key remembrance. Fig 2 : Advanced CPDP Model Architecture 4.1 Definition Of Cooperative PDP In order to prove the integrity of data stored in a multi-cloud environment, we define a framework for CPDP[2][11] based on interactive proof system (IPS) and multi prove zero-knowledge proof system(mpzkps)[11]. storages without retrieving it. Client maintains constant amount of metadata to verify proof. This PDP approach[2][3] has also provided an RSA-based scheme [5]for a static case that achieves the(1) communication cost. They also suggested a publicly verifiable version, which allows client (data owner) as well as anyone other than owner, to challenge the server for data possession. However, these strategies are insecure against replay attacks in dynamic scenarios. Moreover, they do not fit for multi-cloud storage due to the loss of homomorphism property[7][8] in the verification process Ateniese et al. developed a dynamic PDP solution called Scalable PDP [4]. This highly efficient and provably secure PDP technique is based entirely on symmetric key. E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page 2022

5 Storage Service Express Layer layer layer Csp1 Csp2 Csp3 Fig 3 : Hash indexing function. TPA Creation and deletion TPA is one of the users in this application. TPA is used to verify the files that are uploaded by the User. The User file is uploaded to the cloud storage by the TPA only after the verification. TPA [11][10]can view the file content without downloading; he can decrypt the information by using the corresponding encrypted key. TPA creation is done by the Administrator for reducing the overhead in managing each cloud user. Encrypted format using the Cryptographic key[5][6]. So file security is ensured and no one can decrypt or hack the file. Fig 4 : Process Architecture. E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page 2023

6 5. ALGORTHIMS USED Table 1. Evaluation of Related Work Algorithm Description Evaluation PDP Ensuring possession of files on untrusted storages and provided an RSAbased scheme for communication. Insecure again replay attacks dynamic scenarios. Compact Scalable PDP DPDP Improved DPDP Cooperative PDP Uses homomorphic a proof in authenticator value with O(1) and t challenge blocks O(t). Suitable for the limited dynamic nature and require pre-computed answers as metadata which allows limited and fixed a prior no of updates and challenges. Based on PDP model for dynamic files which can be updated online. Improved the model based on DPDP model, and reduces the computational and communication complexity to constant. Provable data possession in distributed cloud environments from the aspects : high security, transparent verification, and high performance. Supports only for static data and could not prevent the leakage of data blocks in the verification. Requires lot off pre computations to improve the performance and supporting only append type insertions. Complexity of the order of O(log n ). E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page Model is evaluated on simulator by using hadoop file system.

7 6. LITERATURE SURVEY This system architecture involves three different entities:clients who have a large amount of data to be stored in multi-cloud[1][5] and have the permissions to access and manipulate stored data[11]. Cloud Service Providers (CSPs) who work together to provide data storage services have enough storages and computation resources. Trusted Third Party (TTP)[5] is trusted to store verification parameters for integrity checking and offer public query services for these parameters. This architecture Fig.1 has considered the existence of multiple CSPs to cooperatively store and maintain the data outsourced by client. A cooperative PDP is used to verify the integrity and availability of their stored data in all CSPs. As Data Owner Cannot fully trust to the CSP[6] so here we will use trusted third party for security of outsourced data. This system will also make use of back up servers. The verification method is described as follows: Firstly, a client (data owner) [3][4]uses the secret key to pre-process a file which consists of a group ofblocks, produces a set of public verification information that is stored in TTP, transfers the file and some verification tags to CSPs, and may delete its local copy; Then, by using a verification protocol, the clients can issue a challenge for one CSP[6] to check the integrity and availability of outsourced data with respect to public information stored in TTP. 7.CONCLUSION We presented the construction of an efficient PDP scheme for distributed cloud storage. Based on homomorphic verifiable response and hash index hierarchy, we have proposed a cooperative PDP scheme to support dynamic scalability on multiple storage servers. We also showed that our scheme provided all security properties required by zero knowledgeinteractive proof system, so that it can resist various attacks even if it is deployed as a public audit service in clouds. Further more. we optimized the probabilistic query and periodic verification to improve the audit performance. Our experiments clearly demonstrated that our approaches only introduce a small amount of computation and communication overheads. Therefore, our solution can be treated as a new candidate for data integrity verification in outsourcing data storage systems. As part of future work, we would extend our work to explore more effective CPDP constructions. Finally, it is still a challenging problem for the generation of tags with the length irrelevant to the size of data blocks. We would explore such a issue to provide the support of variable-length block verification. E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page 2025

8 REFRENCES [1] B. Sotomayor, R. S. Montero, I. M. Llorente, and I. T. Foster, Virtual infrastructure management in private and hybrid Clouds, IEEE Internet Computing, vol. 13, no. 5, pp , [2] G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, and D. X. Song, Provable data possession at untrusted stores, in ACM Conference on Computer and Communications Security, P. Ning, S. D. C. di Vimercati, and P. F. Syverson, Eds ACM, 2007, pp [3] L. Fortnow, J. Rompel, and M. Sipser, On the power of multiprover Interactive protocols, in Theoretical Computer Science, 1988, pp [4] Y. Zhu, H. Hu, G.-J. Ahn, Y. Han, and S. Chen, Collaborative Integrity verification in hybrid clouds, in IEEE Conference on the 7 th International Conference on Collaborative Computing: Networking Applications and Worksharing, CollaborateCom, Orlando, Florida, USA, October 15-18, 2011, pp [5] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M Zaharia, Above the clouds: A berkeley view of cloud computing, EECS Department, University of California, Berkeley, Tech. Rep., Feb [6 ]. Boneh and M. Franklin, Identity-based encryption from the weil pairing, in Advances in Cryptology (CRYPTO 2001), vol of LNCS, 2001, pp [7] Q. Wang, C.Wang, J. Li, K. Ren, and W. Lou, Enabling public Verifiability and data dynamics for storage security in cloud Computing, in ESORICS, ser. Lecture Notes in Computer Science, M Backes and P. Ning, Eds., vol Springer, 2009, pp [8] Y. Zhu, H. Wang, Z. Hu, G.-J. Ahn, H. Hu, and S. S. Yau, Dynamic audit services for integrity verification of outsourced Storages in clouds, in SAC, W. C. Chu, W. E. Wong, M. J. Palakal, and C.- Hung, Eds. ACM, 2011, pp [9] K. D. Bowers, A. Juels, and A. Oprea, Hail: a high-availability and integrity layer for cloud storage, in ACM Conference on Computer and Communications Security, E. Al-Shaer, S. Jha, and A. D. Keromytis, Eds. ACM, 2009, pp [10] Y. Dodis, S. P. Vadhan, and D. Wichs, Proofs of retrievability via hardness amplification, in TCC, ser. Lecture Notes in Computer Science, O. Reingold, Ed., vol Springer, 2009, pp [11] Yashaswi Singh, Farah Kandah, Weiyi Zhang, A secured cost effective multi-cloud storage in cloud computing, IEEE INFOCOM 2011 Workshop on Cloud Computing. E Ashwini Kumari et al IJSRE Volume 2 Issue 10 October 2014 Page 2026