How To Ensure Data Integrity In Clouds

Transcription

1 Proficient Audit Services Outsourced for Data Availability in Clouds N Praveen Kumar Reddy #1, Dr Subhash Chandra *2 N Praveen Kumar Reddy, pursuing M.Tech from Holy Mary Institute of Technology and Science,, Affiliated to JNTU Hyderabad, A.P., India Dr Subhash Chandra, working as Principal, at Holy Mary Institute of Technology and Science,, Affiliated to JNTU Hyderabad, A.P., India Abstract:- Cloud computing popularity increased from past several year in huge manner. Cloud computing is a type of computing that relies on sharing resources in compare to based on local servers or personal devices to handle applications. Presently implementation of cloud computing has increased rapidly in IT industry and in other organization also. Cloud is a collection of number of dedicated distributed database. Cloud computing having number of benefit over previous single database such as low cost and accessibility of data. If a data is store only at single place and unfortunately that data has been lost then there is no recovery of data. Cloud computing having one more benefit such that we can store more than one copy of data, in this manner if a data is going to be loss at one place that can be retrieved from other place. The problem of service unavailability has been solved by using cloud computing, which was a major concern in single cloud. In cloud computing auditing service for user also becoming a major issue. When a client is interacting with the cloud it having no physical association with cloud for a long time, in this case security issue took a major threat for cloud computing. For this we propose a novel technique that is Auditing service which ensure the integrity and availability of outsourced data in cloud computing. Here we are going to propose Provable Data Possession(PDP) which using cryptography technique for data possession in cloud computing. Here we will also show that cost for auditing data by using PDP is less than the previous one. This technique will best for untrusted server for realizing the security threat which effect the integrity of data into cloud. In this paper we will show auditing service using by Provable data procession technique. It also use some encryption technique. database which are linked together in a distributed environment. There is cloud owner or cloud manager which having control over all databases, these databases known as cloud. Cloud computing provide a huge benefit to user. Cloud computing provides facilities for user to develop and manage their own applications on the cloud,this enhance the concept of virtualization of resources. Through virtualization resources are managed by themselves. The implementation of cloud computer increased widely in organization. Cloud computing has started to obtain mass appeal in corporate data centers as it enables the data center to operate like the Internet through the process of enabling computing resources to be accessed and shared as virtual resources in a secure and scalable manner. For a small and medium size business, the benefits of cloud computing is currently driving adoption. In the small,medium sector there is often a lack of time and financial resources to purchase, deploy and maintain an infrastructure. In cloud computing, small businesses can access these resources and expand or shrink services as business needed change. The common pay-as-you-go subscription model is designed to let SMBs easily add or remove services and you typically will only pay for what you do use Keyword:-Cloud Computing, Security, Integrity, Availability. I-INTRODUCTION Cloud computing become a big invention of internet in today s world. Cloud computing having one use that a user can access his service any where any time. The flexibility of storing and retrieving data becoming so fast. In traditionally approach of storing data, user string his data at single place which is not accessible from all where,and once if that data is loss from that place its impossible to take that back. This issue known as service unavailability. Solution of this come as a cloud computing. A cloud is pool of number of distributed Fig 1-cloud computing ISSN: Page3365

2 In cloud computing cloud service is provided by the Cloud Service provider. Cloud having number of cloud which having communication with each other.csp make control over them. When a end user have to use the cloud service, he interact with the CSP and place his request to CSP. CSP will decide the place and cost for using service over cloud towards user. After approval of it end user can store his data over cloud. But in this situation there may be a chance of attacking on cloud. There can be some malware inside the data which can harm the cloud and also used it for misuse that data. Hence security also become a major concern for that. For this situation solution some technique has been come already which check the data before storing on cloud these services known as the auditing services. Previously the auditing technique was depend on Proof of retrivibility(por) and probable data procession(pdp).this technique is based on a probable proof technique that will ensure here that the end user data will remain in use without downloading from cloud computing. This technique is also known as verification without download. For making it easy to use some POR and POP technique is working on public verification way. By using this anyone can use this verification technique publicly for auditing of storage data. Hence we can say that this technique provide us an effective and efficient approach for accommodating the requirements from public audit. This POR/POP approach give us flexibility for evolving around on untrusted cloud and can check huge amount of data. The already existing approach do not have complete proof about deception and forgery of untrusted cloud. The possibility of data leakage at verification point also come across in several experiments. These drawbacks greatly effect the impact of auditing services over cloud. Hence a new technique is required for enabling the security on public verification protocol in cloud auditing service. Here in proposed system we also focus on how to improve the performance of auditing services. II -- SYSTEM ARCHITECTURE In this section we are showing system architecture for Auditing service in cloud computing. In cloud computing environment ultimately end user have to store the data in cloud. For this cloud service provider having control over it. Here we are going to explain the system architecture for Auditing service. The following figure will show the basic architecture of auditing service. Fig 2-Auditing Architecture In cloud computing Normally in cloud computing user of cloud give their data to cloud manager and also give the information that in how many cloud data should have to store. Cloud manager having communication with numerous of clouds, he store the information given by user to some of those clouds and also give the accessibility control to user. Whenever user want to retrieve his data he can retrieve from any of those cloud which increases the potential and availability of data. The information or data which are store inside clouds can contain sensitive information. The cloud provider all the time not trusted, they can be untrusted which make a security threat to user data. In this paper we are presenting a technique by using which we can assure sensitivity of data will not loose. The auditing service architecture consist of component that component devided into mainly four component. First we are going to discuss the functionality and responsibility of those components. 1-Data Owner 2-Cloud Service Provider(CSP) 3-Third Party Auditor(TPA) 4-Granted Application. A.Data Owner:-Data owner is an end user who want to store his data on the cloud. The simple functionality of any business application is that it consist of huge amount of data which can be related with the admin and also the user of the business. This data contain important and secret data also. The data should have to store for future reference. The previous technique was storing the data into a business dedicated database server. The issue with previous one was that if that server will stop working whole of the data will loose and ISSN: Page3366

3 making setup for this also economical not less otherwise it is so costly.cloud computing become a huge solution for this problem. In cloud computing number of distributed databse are connected together and having single control overthem. The cost for storing data of end user is comparatively too less than the previous existing system. Availability and efficiency of data storing and retrieving is also very high in cloud computing. So we can say that cloud computing is an best place to store the data for Data owner. B.Cloud Service Provider(CSP):-The second component of our architecture is cloud service provider. It is very well known that cloud computing is a collection of number of distributed database, these database is known as the cloud. In a Cloud computing environment some database are communicating and sharing each other resources, the controlling of all cloud having with one entity that entity is known as Cloud Service Provider. It also act as a bridge between Dataowner and clouds. An end User or Data owner place his requests for storing his data into clouds with CSP.The responsibility of CSP is that he must have to take data from user and also have to take information thatin how many clouds he want to store his information after getting those information,csp pass those data to that many number of cloud. After storing data CSP provide authenticity to Granted user and they only can retrieve data from cloud.so CSP is major component in our cloud computing architecture and for making authenticity and security he is responsible one. C.Third party Auditor(TPA):-Third component of our architecture is Third party Auditor. In cloud computing environment huge amount of data is stored on cloud, the security of data also become an vital issue from past some year. One of the security threat is that an end user can send malware with his data to the clouds which can effect performance and integrity of other data. For this issue only we proposed an efficient audit service functionality for security of data. In our architecture we made a component TPA which having communication between dataowner and cloud service provider both. TPA is a third party who having relation with dataowner and CSP. TPA also verify entity from both, means both of them having agreement and TPA can audit the data of user. In architecture when dataowner sending his data to clouds,first of all that data is going to varifiy by the Third party auditor for that purpose TPA using some technique. After that data is get verify in all parameter of TPA,then only it can reach to the CSP and CSP can save it into corresponding clouds. The benefit of implementing this component in cloud environment is that no one can make security threat from user end with the incoming data towards cloud. D.Grant Application:- The last and fourth component of our architecture is Grant Application.The Grant Application is one who having authentication from Data owner and from CSP for communicating with the data on cloud. In most of the case GA are end user of the Business whose owner is end user of Cloud. There are some other also in our architecture like Auditwithout-downloading which going to allow Third party auditor to verify the authenticity of cloud data on demand without getting a duplicate copy of complete data or making extra functionality on-line burden to the cloud users. One other issue like verification-correctness which is used to prove that there is no cheating with user. CSP that can pass the audit from Third party auditor without indeed storing user s data intact. privacy-preserving: to ensure that there exists no way for TPA to derive users data from the information collected during the auditing process and High-performance which allow third party auditor to perform auditing with minimum overheads in storage, computation and communication, and to support statistical audit sampling and optimized audit schedule with a long\ enough period of time. III- IMPLEMENTATION OF AUDIT SERVICE In this section we will discuss system implementation of interactive audit scheme, in which we using interative PDP technique to support our auditing architecture on cloud. The basic fundamental construction model for this system is based on interactive proof system. This basis having surety about confidentiality about secret data and also having the undeceivability of invalid tag, which is also known as Zeroknowledge propert and Soundness property. Definition of Interactive Audit Service A cryptographic interactive audit scheme (S) is a collection of collection of two algorithm and and an interactive proof system. S = (K, T, P): A.KeyGen(1 s ):-Key generation is first algorithm in which it going to take one security parameter (s),and after processing it going to return a public secret keypair which is (pk,sk). B.TagGen(sK,F):- This one is second algorithm will use in auditing service system. In this algorithm it going to take the secret key (sk) and a file F, and it going to return triple values set (γ, φ, σ) where γ denotes the secret used to generate verification tags, φ denotes the set of public verification parameter u and index information and σ denoted the set of verification tags. C.Proof(CSP,TPA):- This is an interactive proof system. It is a public two party proof protocol of retrievability between Cloud service provider who working as a prover and Third party authority who working as a verifier. Here Cloud service provider takes as input a file F and a set of tags σ,and a public key pk and s set of parameters φ are the common input between prover and verifier. At the ending of the protocol run, ISSN: Page3367

4 Third party auditor that is verifier return {0 1} where 1 means the file is correct stored on the server. This model is more efficient model compare to previous existing model for outsourced data. There is no limitation of steps of verification,including scale, sequence and the number of moves in protocol because of verification process is based on interactive protocol. So it has been proved that it have greater convenience for the construction of protocol. Fig 4- ratio of queried block V-CONCLUSION Fig 3-Framework for interactive audit scheme IV-PERFORMANCE EVALUATION The propsed audit service scheme achieves the ddection phenomenon of cloud service provider servers misbehanviour in term of allowing malware towards the cloud in a random experiment sample mode in order to minimize the workload on server. The detection probability is: p = 1 n e t = 1 (1 Pb)t. n Hence the number of queried block is: t log(1 p) /log (1 Pb) In this proposed paper we discussed the construction of an efficient audit service which will work on the data integrity aspect in clouds. Here we proposed an interactive audit protocol for implementing the audit service which having one basic component as Third party auditor, in compare to previous standerd interactive proof system.in this TPA which known as third party auditor going to work as an agent for Data Owner and and for CSP. Here TPA issued a periodic verification to monitor the change of outsourced data by providing an optimized schedule. In this manner we hope that the proposed audit service will work with efficiently and effectively for the data integrity on the clouds in cloud computing environment. REFFERENCES Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.X., Provable data possession at untrusted stores. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Ateniese, G., Pietro, R.D., Mancini, L.V., Tsudik, G., Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm, pp. ISSN: Page3368

5 Barreto, P.S.L.M., Galbraith, S.D., O Eigeartaigh, C., Scott, M., Efficient pairing computation on supersingular abelian varieties. Des. Codes Cryptogr. Beuchat, J.-L., Brisebarre, N., Detrey, J., Okamoto, E., Arithmetic operators for pairing-based cryptography. In: Cryptographic Hardware and Embedded Systems Boneh, D., Boyen, X., Shacham, H.,2004. Short group signatures. In: In Proceedings of CRYPTO 04, LNCS Series. Springer-Verlag, Boneh, D., Franklin, M., Identity-based encryption from the weil pairing. In: Advances in Cryptology (CRYPTO 2001). Bowers, K.D., Juels, A., Oprea, A., Hail: a highavailability and integrity layer for cloud storage. In: ACM Conference on Computer and Communications Security, Cramer, R., Damgård, I., MacKenzie, P.D., Efficient zero-knowledge proofs of knowledge without intractability assumptions. In: Public Key Cryptography, AUTHORS PROFILE N Praveen Kumar Reddy, pursuing M.Tech from Holy Mary Institute of Technology and Science, Hyderabad, Andhra Pradesh, India, Affiliated to JNTU Hyderabad. Dr SUBHASH CHANDRA, working as a Principal, at Holy Mary Institute of Technology and Science, Hyderabad, Andhra Pradesh, India, Affiliated to JNTU Hyderabad. ISSN: Page3369