REVIEW ARTICAL A Novel Privacy-Preserving Public Auditing and Secure Searchable Data Cloud Storage Dumala Harisha 1, V.Gouthami 2 1 Student, Computer Science & Engineering-Department, JNTU Hyderabad India 1 harisha912@gmail.com 2 Associate Professor, Computer Science & Engineering Department, Auroras Research & Technological Institute, Warangal, India 2 gautami.velakanti@gmail.com Abstract In this computer era cloud storage provides users to easily store their data and enjoy the good quality of cloud applications that need not install in local hardware and software systems that gives users with the physical control of their outsourced data which provides control over security problems towards the correctness of the storage data in the cloud for handling the new problem and further achieve the secure and dependable cloud storage services and the main goal of the cloud computing concept is to secure and protect the data and the processes which come under the property of users. In this paper se specify the security of the cloud computing environment is an exclusive research area which requires further development from both the academic and research communities as in the cloud environment the computing resources are under the control of service provider and the third party auditor ensures the data integrity over out sourced data with the process of encryption and the proxy encryption algorithms to protect the privacy and integrity of the outsourced data in cloud environments. Keywords Cloud computing, public auditing, Trusted TPA, security, data Storage, access control. I. INTRODUCTION In the present computer era the Cloud Computing which provides Internet based service and use of computer technology is considered to be a cheaper and stronger processor that works together with the software as a service (SaaS) computing architecture transforms data into the data centers on huge scale. Due to present increasing network and flexible network connections that make it even possible that users can now use high quality services from data and provides remote on data centers. As the availability of storing data into the cloud offers great help to users since they don t have to care about the problems of hardware problems as these internet-based online services do provide huge amounts of storage space and customizable computing resources use this computing platform shift avoids the responsibility of local machines for data maintenance at the same time. As a result of which all the users are at the interest of their cloud service providers for the availability and the integrity of their data where on one hand the cloud services are much more powerful and reliable than the personal computing devices and broad range of both internal and external threats for data integrity still exist. An examples of outages and data loss incidents of noteworthy cloud storage services appear from time to time since users may not keep a local copy of outsourced data as there exist various incentives for cloud service providers (CSP) to behave unfaithfully towards the cloud users regarding the status of their outsourced data. In the present day cloud computing era the cloud data storage contains two entities as cloud user and cloud service provider or the cloud server where a cloud user is a person who stores large amount of data on a cloud server which is managed by the cloud service provider and a user can upload their data on a cloud without worrying about storage and maintenance. Each and every cloud service provider will provide services to cloud users and one of the major issues in cloud data storage is to obtain the correctness and integrity of data stored on the cloud and the Cloud Service Provider (CSP) has to provide some form of mechanism through which a user will get the confirmation that the cloud data is secure or is stored as it is. 73
As there is no data loss or modifications are done the security in the cloud computing environment can be addressed in many ways as an authentication or integrity or the confidentiality as the data integrity or the data correctness is another security issue that needs to be considered. Our proposed scheme [4] specifies that the data storage correctness can be achieved by using SMDS that is Secure Model for cloud Data Storage and it specifies that the data storage correctness can be achieved in two ways firstly as without trusted third party and secondly with trusted third party based on who does the verification. There may be any possible leakage of user s outsourcing data towards the TPA through the auditing protocol that should be prohibited as the TPA s audits the user and can sign a certificate granting audit rights to the TPA s public key and all audits from the TPA are authenticated against such a certificate. Fig.2. Third party auditor with cloud service provider In this paper a novel secure privacy preserving public auditing for cloud Storage has above mentioned model where we propose the following security and performance guaranteed processes. Fig.1. Cloud Architecture The above figure shows the basic cloud architecture and its users who are utilizing the services of a cloud service provider. II. PROBLEM STATEMENT Every cloud user (U) with a large amount of data files to be stored in the cloud at the cloud server (CS) which is managed by the cloud Service provider (CSP) to provide data storage service and Storage space and computation resources as the third party Auditor (TPA) cloud users do not have and is trusted to assess the cloud storage service security on behalf of the user upon request. All the available users rely on the CS for the cloud data storage and maintenance as they dynamically interact with the CS to access and update their stored data for various applications purposes and users may resort to the TPA for ensuring the storage security of their outsourced data while hoping to keep their data private from the TPA. As the TPA is in the business of auditing and is reliable and independent and thus has no incentive to the CS or the users during the auditing process as the cloud data storage without the local copy of data and without bringing in additional on-line burden to cloud users. A. Public Auditability: It allows a third party auditor to verify the correctness of the cloud data on demand without retrieving the copy of the whole data that is available. B. Storage correctness: In order to ensure that there exists no cheating of a cloud server that can pass the audit from third party auditor without indeed storing users. C. Privacy-preserving: In order to ensure that there exists no way for a third party auditor to derive all users data content from the information collected during the auditing process that is being conducted. D. Batch auditing: In order to enable third party auditor with the secure and efficient auditing capability to efficiency with multiple auditing delegation process from possibly larger number of different users simultaneously. 74
Here the user has two types of keys that can be used where one of which is only the owner knows and called as the private key and another one which is known to anyone called public key and we match both the data it must be same as the sent one on the sender cannot deny that they sent it. The downloading of data for its integrity and verification is not feasible for the task since it s very costly because of the transmission cost across the network. A. Public Auditing: The public auditing scheme algorithms are implemented on the following functions Fig.3. Architecture of cloud data storage. As shown in above figure Fig 3 the cloud user is the one who has large amount of data files that are stored in the cloud and the cloud server is the one who provides the data storage service like resources and the desired software to the user as the cloud server is managed by cloud service provider and the third party auditor is the one who has belief to access the cloud storage service for the benefit of user whenever user request for data access. The third party auditor has all the capabilities and competence that the user does not have and they can also interact with cloud server to access the stored data for different purpose in different styles at every time it is not possible for user to check the data which is stored on cloud server that arrives online burden to the user so that s why to reduce online burden and maintain that integrity cloud data. III. PROPOSED SYSTEM The public auditability is considered to be a main drawback of cloud computing technology and in this paper the secure public auditing scheme for cloud storage provide more security compared with the previous technology which discusses two straight forward schemes and their demerits are presented. Then we tend to present our main result for the privacy preserving public auditing to achieve the before mentioned design goals and we also show how to extend our main scheme to the batch auditing approach and encryption algorithms are used. The batch auditing that is used to audit the group of details in the proposed problem which is based on the multi write and the problem of the third-party-auditor is not only uses data but also modify the data than how data owner or user will know about this specific problem. KeyGen(); SigGen(); GenProof (); Verify Proof(); The KeyGen() function is a key generation implementation of the algorithm that is run by the user to setup the scheme then the SigGen() function is used by the user to generate the verification by implementing the meta data and then the GenProof() function is used to run by the cloud server to generate a proof of data storage correctness then the VerifyProof() function is run by the third party auditor to audit the proof from the cloud server. B. Batch Auditing: For implementing a novel secure privacy-preserving public auditing in the cloud computing environment by a third party auditor may concurrently handle multiple auditing delegations upon the different users requests and the individual auditing of these tasks for TPA can be tedious and very inefficient. Suppose the given data of A for auditing delegations on a distinct data files from a different users it is more advantageous for TPA to batch these multiple tasks together and audit at one time. C. Access Control: The access control mechanisms are used by the tools to ensure the authorized user who can access and to prevent unauthorized access to information systems as the following are the six control statements that should be consider for ensuring the proper access of control management as in 1. The Access to information. 2. Manage user access rights. 3. Encourage good access practices. 4. Control access to the operating systems. 75
5. Control access to network services. 6. Control access to applications and systems. In the proposed system the problem can be generalized as how the client can find an efficient way to perform periodical integrity verifications without the local copy of data files as in. Suppose if any of the two users or more users are using a specific data that is one is writing a data while one is reading a data simultaneously than it may be a wrong read by one of the user so to resolve data inconsistency which is considered to be an important task for the data owner and another problem is how to trust on TAP is not calculated. If the third party auditor becomes a intruder and pass the information of data or deleting a data than how owner know about this problem is not yet solved where the integrity and consistency are in the proposed scheme in this virtual machine. An advanced Encryption Standard (AES) is used where client encrypt and decrypt the data file in a virtual machine where this mechanism will solve the problem of unauthorized access of the data which suggests the scheme that can be used for integrity and consistency of the data. Fig.5. Usecase diagram of the proposed system IV. RESULTS We implemented the proposed system in java and attained few results: V. CONCLUSION In this paper we have proposed a cloud data security which is an important aspect for the client while using cloud services as the third party auditor can be used to ensure the security and integrity of the data where the third party auditor can be a trusted third party to resolve the conflicts between the cloud service provider and the client and various schemes are proposed by authors over the years to provide a trusted environment for cloud services. The process of encryption and decryption algorithms are used to provide the security to an user while using the third party auditor and we provide a abstract view of different schemes that are proposed in recent past for cloud data security using third party auditor where most of the authors have proposed schemes which rely on encrypting the data using some encryption algorithm and make use of the third party auditor store a message digest or encrypted copy of the data that is stored with the service provider. Fig.4. Sequence diagram of the proposed system 76
REFERENCES AUTHOR [1] Q.Wang, C.Wang, j.li, K.Ren, and W.lou, Enabling public verifiability and data dynamics for storage security in cloud computing. [2] H.shacham and b.waters compact proofs of retrivability in proc. Of asiascrypt 2008. [3] P.Mell and T,Grance, Draft NIST working definition of cloud computing, referred on june 3rd 2009. [4] M.AShah,R.Swaminathan, and M.Baker privacy-preserving audit and extraction of digital contents. [5] Armbrust, A.Fox, R.Griffith, A.D.Joseph, and M.Zaharia, Above the clouds:a Berkeley view of cloudcomputing, feb 2009 [6] M.A.Shah, M.Baker, J.C.Mogul, and R.swaminathan, Auditing to keep online storageservices honest, in Proc.of hotos 07. [7] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing, Proc. 14th European Symp. Researchin Computer Security (ESORICS 09), pp. 355-370, 2009. [8] M.A. Shah, R. Swaminathan, and M. Baker, PrivacyPreserving Audit and Extraction of Digital Contents, Cryptology eprint Archive, Report 2008/186, 2008. [9] A. Juels and J. Burton, S. Kaliski, PORs: Proofs of Retrievability for Large Files, Proc. ACM Conf. Computer and Comm. Security (CCS 07), pp. 584-597, Oct. 2007. [10] Q. Wang, C. Wang, K. Ren, W. Lou, and J. Li, Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing, IEEE Trans. Parallel Distributed Systems, vol. 22, no. 5,pp. 847-859, May 2011. Dumala Harisha, is presently pursuing her M.Tech degree in Computer Science and Engineering department from Aurora s Research & Technological Institute affiliated to JNTU Hyderabad. V. Gouthami, is presently working as Associate Professor and HOD in department of Computer Science & Engineering at Aurora s Research & Technological Institute and she has a total teaching experience of 8 years 77