SURVEY ON PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE

Transcription

1 RESEARCH PAPER PAPER ID: 2015/MH/IJCITE/V2-E3-01 PAGE NO: ISSN (Online): SURVEY ON PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE *Rahul Mahajan, M.Tech Scholar, Department of Computer Science & Engineering Patel Institute of Engineering and Science Bhopal, India **Dipak Rathore Assistant Professor Department of Computer Science & Engineering Patel Institute of Engineering and Science Bhopal, India Abstract: Cloud storage can be useful for users to store their data remotely and access the on-demand applications and services from shared pool of configurable computational resources, therefore no need of local data storage and maintenance. However there is situation in this that the user does not have the physical possession of the outsourced data therefore the data integrity protection and data consistency protection is very important task, especially for the users who possess limited number of computing resources. Moreover the cloud users must be able to use the cloud storage just like the local storage, without worrying about to the need to verify the data integrity and data consistency. To achieve this public auditability for cloud storage can be useful. Users can rely on the third party auditor (TPA) on the behalf of cloud user so that the cloud user is worry free. By introducing TPA the care should be taken so that new vulnerabilities towards data privacy should not be added and also no additional online communication burden to cloud user. In this paper we proposed a privacy preserving third party auditing for securing users data on cloud storage. We further enhance our system to enable the TPA to perform multiple auditing tasks simultaneously and effectively. Index Terms Homomorphic Linear Authenticator; Public Auditing; Data Dynamics; Cloud Computing; Clustered TPA I. INTRODUCTION Cloud computing has been critical importance in the new era of information technology. It enables the users to store their data on the remote cloud storage space which is available on the cloud server. By storing data on the cloud server user has no need to maintain the local copy of such data thus saving the resources of user also user is free to access its data anytime anywhere on-demand. When data stored on the cloud storage it is critical importance for cloud service provider (CSP) to provide user the environment like the users data stored on the local storage. Though user s data stored on the cloud storage it must appear as it is local to user. User must able to do all the operations on the data which can be performed on it when it is local without affecting the users experience for accessing, updating and retrieving the data. To ensure user for integrity, consistency and privacy of user s remote data there must be some provision to verify data integrity, data consistency and correctness. The traditional approach to achieve this is to retrieve complete data from cloud storage to the local storage and verify it. This method is tedious and inefficient and it has to use higher communication and computational overhead on network. In case of dynamic data this method is of highly impractical. One solution for this is to perform auditing task by third party auditor (TPA). TPA can perform the auditing on behalf of user and provide audit report to the user. This technique is also useful for cloud service provider (CSP) to maintain its reputation by getting higher reliability, consistency and data integrity ratings or certificates from TPA, So as to improve their business on commercial point of view. But this approach does not consider the data privacy protection of the user s data on the cloud storage. TPA can leak user s data intentionally for achieving profit from selling the users private data. II. LITERATURE SURVEY The public auditability, i.e. provable data possession (PDP) is a model that ensures possession of data files on un-trusted cloud storages. The scheme utilizes the RSA based homomorphic non-linear authenticators for auditing outsourced cloud data and it will randomly samples some 11

2 blocks of the file. However, in this public auditing process linear combination of sampled file blocks are exposed to third party auditor. That s why, this protocol is not privacy preserving, and can leak users data to third party auditor. Ateniese et al. [4] describes a proof of retrievability (PoR) based model, in which spot-checking mechanism and error-correcting codes are used to make sure that both possession and retrievability of cloud data files on remote cloud server. But in this approach the number of audit challenges which the TPA can made are fixed priori and their main scheme does not support public auditing. They also described the Merkle-tree construction approach for public PoRs, but it cannot work with simple non encrypted data. Jachak et al. [7] designed a scheme with an improved PoR with full proofs of security as in the security model defined which is described in [11]. Cong Wang et al. [16] studied on different types of PoR with private auditability. Same as the construction described in [8], they use homomorphic non-linear authenticators that are constructed from provably secured BLS signature. Based on BLS signatures, a portable and public auditing scheme is developed. Also, this approach would not support privacy preserving public auditing for the same reason as in the [8]. This scheme first encrypt the user s data file and then sends number of pre-defined symmetric key hashes for the encrypted data to auditor. The auditor verifies consistency and integrity of the cloud data files and matches with the server s previously computed decryption keys. The above can scheme only works for encrypted files and it has a disadvantage that the auditors state fullness as well as bounded usage, which may bring unnecessary online impasse to users when that hash keys are used up. The dynamic version of the prior PDP scheme is with the use of symmetric key cryptography but by using limited number of audits. Wang et al. [2] proposed to combine the BLS based homomorphic linear authenticator with Merkle Hash Tree for supporting both public auditability and to support full data dynamics. However, the verification used for these two protocols needs the linear combination of sampling blocks just like in [8], [13], and therefore cannot provide privacy preserving auditability, Another approach for this is a privacypreserving public audit scheme [16] for cloud data security in cloud computing. By using this approach homomorphic linear authenticator with random masking technique is used to make sure that the TPA [1] would not get any knowledge about the data stored on the cloud server during the cloud data auditing process. It reduces the users dilemma about expensive auditing process and outsourced data leakage. All the above schemes provide methods are able to provide efficient auditing and assure the correctness of remotely stored cloud users data stored on cloud, no scheme will meet all the necessities for privacy preserving public auditing for cloud based system. An important point for consideration is that, no scheme focuses on batch auditing, which can to a great extent decrease the computational cost on the TPA when deal with a large number of audit. A. MAC Based Solution It is used for authenticating user s data. This scheme can be used with message authentication code (MAC). User has to upload all the data blocks and its associated MAC s to cloud server and provides the secret key SK to TPA. Then TPA has to regain data blocks and its allied MAC arbitrarily and uses SK for validating exactness of stored information on the cloud. Problems with this system are listed below as it introduces additional online burden to users due to limited use (i.e. Bounded usage) and stateful verification. Communication & computation complexity TPA requires knowledge of data blocks for verification Limitation on data files to be audited as secret keys are fixed After usages of all possible secret keys, the user has to download all the data to recomputed MAC & republish it on CS. TPA should maintain & update states for TPA which is very difficult. It supports only for static data not for dynamic data. B. HLA Based Solution It is the Homomorphic linear authenticator (HLA). It supports efficient public auditing without need of retrieving data block. It can be aggregated and required constant bandwidth. It is possible to compute an aggregate HLA which is used to authenticate the linear arrangement of the single information block. HLAs are used extensively for authenticating number of data blocks at a time in this approach each and every block has its own secret key which can be used for checking the correctness of individual data blocks as well as the aggregated keys can be used for checking overall data. 12

3 Using Virtual Machine Figure 1: Cloud Server Architecture Abhishek Mohta proposed Virtual machines which uses RSA algorithm, for client data/file encryption and decryptions [5]. It also uses SHA 512 algorithm which makes message digest and check the data integrity. The Digital signature is used as an identity measure for client or data owner. It solves the problem of integrity, unauthorized access, privacy and consistency C. Non Linear Authentication Shrinivas suggested Homomorphic non linear authenticator with random masking techniques to achieve cloud security [7]. K. Gonvinda proposed digital signature method to protect the privacy and integrity of data [8]. It uses RSA algorithm for encryption and decryption which follows the process of digital signatures for message authentication. D. Using EAP S.Marium proposed the scheme in which the Extensible authentication protocol (EAP) with three ways hand shakings with RSA algorithm. They use APCC [9] protocol for authentication. APCC protocol is simple, efficient and trivial as compared to secure socket layer (SSL) authentication protocol. In this scheme they used, Challenge handshake authentication protocol (CHAP) to authenticate. The steps are as follows When Client request for any service to cloud service provider, SPA send a CHAP request / challenge to the client. The Client sends CHAP response/ challenges which is calculated by using a hash function to SPA SPA checks the challenge value with its own calculated value. If they are matched then SPA sends CHAP success message to the client. Implementation of this EAP-CHAP in cloud computing provides authentication of the client. Using this approach the extensible authentication protocol provides simple and efficient approach as in the APCC protocol It provides security against spoofing identity theft, data tempering threat and DoS attack. The data is being transferred between client and cloud providers. To provide security, asymmetric key encryption (RSA) algorithm is used. B. Dhiyanesh proposed the scheme based on MAC and signature for recognize data auditability and during audit user has to provide a secret key to cloud server and ask for a MAC key for verification [11]. E.Using Automated Protocol Blocker Figure 2:Automatic Protocol Blocker Balkrishna proposed another approach for error correction in this data storage correctness is checked [09]. Kiran Kumar proposed automated protocol blocker method. [08]. If the unauthorized user tries to access cloud users data, a small software application executes and verifies users inputs, It checks if the users input matches or not, if it matched then user is allowed for accessing data else user is blocked automatically. Protocol Verifier is used by CS. It contains three phases as Setup, Audit and PBlock. F. Random Masking Technique Jachak K. B. proposed privacy preserving Third party auditing without data encryption. In this a linear combination of sampled block for server s reply is masked by randomly generated with the help of a pseudo random function (PRF) [07]. 13

4 Homomorphic Authenticator Figure 4: The architecture of Cloud data service Figure 3: Homomorphic Authenticator Researchers of [05] use the concept of virtual machines, The RSA algorithm is used to encode and decode the data and SHA 512 algorithm is used for message digest which check the integrity of information Dr. P.K. Deshmukh uses the new password at each instance which will be transferred to the mail server for each request to obtain data security and data integrity of cloud computing [06]. This protocol is secure against an untrusted server as well as third party auditor. Client as well as trusted third party verifier should be able to detect the changes done by the third party auditor. The client data should be kept private against third party verifier. This protocol does not leak any information to the third party verifier to obtain data security. This proposed protocol is secure against the untrusted server and private against third party verifier and support data dynamics. In this system, the password is generated and that will be transferred to address of the client. Every time a key is used to perform various operations such as insert, update delete on cloud data. It uses time based UUID algorithm for key generation based on pseudo random numbers. If an intruder tries to access the users data on a cloud, that IP address will be caught and transferred to the user. III. PROBLEM DEFINITION A. System and Threat Model Consider a cloud data storage system which has three entities, as illustrated in Fig. the cloud user (U), who stores large quantity of data files online to the cloud server; the cloud server which is maintained by CSP and is liable to provide different services to cloud users such as storage space on cloud and various computational resources, the third party auditor (TPA), are the expert and are able to verify the reliability and integrity of users cloud data on behalf of the user whenever requested. Users can also able to interact to CS dynamically for accessing and updating their stored cloud data. For reducing the online data usage cloud users may rely on the TPA for verification of integrity and correctness of their data, while assuming its data to be private from TPA. The data integrity threats may be internal or external, which may be: hardware problems, network problems, hackers, malicious or accidental errors, etc. Also there are chances that, CS for maintaining reputation in business world can hide data loss or damage incidents from users. Considering that TPA is reliable and trustworthy. But the system fails if TPA learns the users data after the audit. Note that in our project, beyond users reluctance to leak data to TPA; it is also assumed that cloud servers have no incentives to reveal their hosted data to external parties. On the one hand, there are regulations, e.g., HIPAA [2], requesting CS to maintain users data privacy. On the other hand, as users data belong to their business asset [3], there also exist financial incentives for CS to protect it from any external parties. Therefore neither CS nor TPA has motivations to collide with each other during the auditing process. IV. DESIGN GOALS To make use of privacy-preserving open auditing for cloud data storage under the abovementioned model,our protocol should have the following reliability, security and performance guarantee. Public auditability: Allowing TPA to audit cloud data whenever demanded but without accessing a cloud data copy. Should not introduce additional burden of online access to cloud users. Storage correctness: Design should ensure that cloud server should not bypass TPA s audit process and should maintain users data integrated. 14

5 Privacy-preserving: It has to ensure that from the information collected during audit, TPA should not be able to derive users data content. Lightweight: While audit process by TPA, the cost of communication and computation should be less. A. Definitions and Framework Our auditing design consist of four algorithms namely (KeyGen, SigGen, GenProof, VerifyProof). KeyGen is an algorithm which is run by cloud user for scheme setup. To generate verification metadata the siggen algorithm is used. Cloud server runs the GenProof for generating a verification of data storage exactness, and finally TPA runs the Verify Proof for auditing the proof from the cloud server. Public audit system consists of two phases, which are Setup and Audit: 1) Setup: By using KeyGen the initialization of the public and secret parameters is done by user of the system, and also data file F is preprocessed using SigGen for generating the verification metadata. After this user has to store the data file F and metadata for verification on cloud, and local copy has to be deleted. Pre-processing may include the altering F by expansion or any other operation such as storing of additional metadata on server. 2) Audit: To challenge the cloud server provider for correctness of users data TPA has to make challenge for verification of data file by audit. The CSP then gives response message by execution of GenProof on data file F and its associated verification metadata. By using the VerifyProof protocol the TPA verifies the reply or response from CSP. We consider that the TPA is stateless, i.e., it should not maintain different states between auditing process, which is a crucial property for public audit system [13]. B. Privacy Preserving Public Auditing Scheme Overview: To achieve privacy-preserving scheme for public auditing, we are using the approach of integrating the homomorphic linear authenticator and random masking. In this scheme, the sampled blocks are masked randomly by the server. Because of random masking the TPA does not have the necessary information for getting the linear equations. And hence TPA is unable to derive users private data. We use the HLA based on the short signature based method derived by Boneh, Lynn and Shacham (BLS signature) [17]. Scheme Details: Let s consider that G1, G2 and GT are the multiplicative cyclic groups having p as the prime order, such that e : G1 G 2 GT be a bilinear map. Let g be a generator of G2 and there is secure map-to-point hash function H( ): {0, 1}* G1, this function maps the strings in uniform way to G1. There is one more hash function h( ) : GT Zp for mapping group elements GT in uniform way to Zp. The detailed scheme is as follows: a) Setup phase: KeyGen has to be run by the user for generating public and secret parameters. User has to choose an arbitrary signing key pair (SPK, SSK), an arbitrary x from Zp as (x Zp), an arbitrary element u from G1 as (u G1), and the v is computed as v gx. The secret parameter sk can be calculated as sk = (x, ssk) and the public parameters pk can be calculated like pk = (spk, v, g, u, e(u, v)). Consider that users data file F consist of number of elements as (m 1,..., m n ), the user computes the authenticator for every block mi: αi (H(Wi. umi)xєg1) for i. Here Wi can be defined as name i. Here the user has to choose name uniformly at random from values of Zp, and it serves as the identifier for users file F. A scheme has to define the set of authenticators by Φ = { αi }1 i n. Finally for ensuring of integrity of unique file identifier name we have to calculate t = name SSigssk(name) as the tag for F, Here SSigssk(name) is used as signature for name of file computed with the use of private key ssk. b) Audit phase: The TPA has to retrieve tag t. By following method described in the Setup phase, then TPA has to verify the signature SSigssk(name) by using key spk, and if the reply is False TPA has to quit, else, the TPA get name of file. In final phase of auditing process TPA generates the Challenge for the auditing of users file chal, then it selects an arbitrary value c which is subset of I = {s1... sc} of set [1, n]. For every element i Є I, and also selects an arbitrary value vi. The message chal describes the positions of the blocks which are required to be verification. The TPA sends chal = {(i, vi)}iєi to cloud server. When challenge chal = {(i, _i)}iєi received by the server, the server runs GenProof for generating the response of data storage exactness. Then server has to choose a arbitrary element r Zp, and computes the value of R = e(u, v)r ЄGT. Let μ has been used for linear combination of sampled blocks which are specified in chal such that μ = i Iv imi. To blind μ with r, the server calculates: μ = r+γμ mod p, where γ= h(r) Є Zp. Server also calculates the aggregated authenticator α=πi I αviєg1. It then sends {μ, α, R} as the response to TPA as proof of storage exactness. When TPA receives response it runs VerifyProof for validating it by first calculating γ= h(r) and then checking following verification equation. 15

6 ( ) (( ( ) ) ) ( ) Properties of the Protocol Our protocol achieves the public auditability. We don t need to use secret key or any states in between audits for TPA and our protocol does not put online burden on cloud users. Our approach guarantees the privacy of data of user in auditing process by enforcing a random masking r to hide μ. The point should be noted that the value R in our protocol that is used to achieve the privacy preserving guarantee, will not have an effect on the correctness of the equation, because of the circular relationship between R and in γ = h(r).units V. CONCLUSION We have proposed privacy preserving public audit scheme for security of cloud users data in cloud Computing. The homomorphic linear authenticator and random masking make sure that it is not possible for TPA to learn any understandings about the users data content stored on the cloud server while auditing process, which removes the dilemma of cloud user from the tiresome and possibly complicated auditing task and also removes the users fear of their private data leakage. VI. FUTURE WORK In this system there is more focus on auditing task for improving reliability by adding more complexity in auditing process. We are proposing different approach in which instead of adding more complexity in auditing we focus on adding clustered TPAs and reducing complexity of existing protocol as well as reducing the execution time. REFERENCES [1] G. EasonKrebs, Payment Processor Breach May Be Largest Ever, Online at, pa ymentprocessorbreachmayb.html, Jan [2] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, Enabling public verifiability and data dynamics for storage security in cloud computing, in Proc. Of ESORICS 09, volume 5789 of LNCS Springer-Verlag, Sep. 2009, pp [3] H. Shacham and B. Waters, Compact proofs of retrievability, in Proc. of Asiacrypt 2008, vol. 5350, Dec 2008, pp [4] G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, and D. X. Song. Provable data possession at untrusted stores. In Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, pages ,2007 [5] Cloud Security Alliance, Security guidance for critical areas of focus in cloud computing, 2009, cloudsecurityalliance.org. [6] Dr. P. K. Deshmukh, Mrs. V. R. Desale, Prof. R. A. Deshmukh, Investigation of TPA (Third Party Auditor Role) foe Cloud Data Security, International Journal of Scientific and Engineering Research, vo. 4,no. 2,ISSn , Feb [7] Jachak K. B., Korde S. K., Ghorpade P. P. and Gagare G. J., Homomorphic Authentication with Random Masking Technique Ensuring Privacy & Security in Cloud Computing, Bioinfo Security Informatics, vol. 2, no. 2, pp , ISSN , 12 April 2012 [8] K. Kiran Kumar, K. Padmaja, P. Radha Krishna, Automatic Protocol Blocker for Privacy- PreservingPublic Auditing in Cloud Computing, International Journal of Computer science and Technology, vol. 3 pp,issn (Online), pp , ISSN: (Print), March 2012 [9] Balkrishnan. S, Saranya. G, Shobana. S and Karthikeyan. S, Introducing Effective Third Party Auditing (TPA) for Data Storage Security in Cloud,International Journal of computer science and Technology, vol. 2, no. 2, ISSN (Print) ISSN: (Online), June 2012 [10] Dhiyanesh A Novel Third Party Auditability and Dynamic Based Security in Cloud Computing, International Journal of Advanced Research in Technology, vol. 1,no. 1, pp , ISSN: ,2011 [11] S. Marium, Q. Nazir, A. Ahmed, S. Ahthasham and Aamir M. Mirza, Implementation of EAP with RSA for Enhancing The Security of Cloud Computig,International Journal of Basic and Applied Science, vol 1, no. 3, pp , 2012 [12] K Govinda, V. Gurunathprasad and H. sathishkumar, Third Party Auditing for Secure Data Storage in CloudThrough Digital Signature Using RSA, International Journal of Advanced science and Technical Research, vol 4,no. 2, ISSN: ,4 August 2012 [13] Shrinivas, Privacy-Preserving Public Auditing in Cloud Storage security, International Journal of computer science nad Information Technologies, vol 2, no. 6, pp , ISSN: , 2011 [14] XU Chun-xiang, HE Xiao-hu, Daniel Abraha, Cryptanalysis of Auditing protocol proposed by Wang et al. for data storage security in cloud computing, and cryptologyeprintarchieve: Listing for 2012 [15] Abhishek Mohta, Lalit Kumar Awasti, Cloud Data Security while using Third Party Auditor, International Journal of Scientific & Engineering Research, Volume 3, Issue 6, ISSN June [16] Cong Wang,Sherman S.M. Chow,Qian Wang,Kui Ren and Wenjing Lou, Privacy Preserving Public Auditing for,ieee Transactions on Computers, Vol 62, No 2, February , pp , doi: /scis