How To Ensure Correctness Of Data In The Cloud



Similar documents
How To Ensure Correctness Of Data In The Cloud

Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System

Ensuring Data Storage Security in Cloud Computing

Data Storage Security in Cloud Computing

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE

Analysis of Secure Cloud Data Sharing Within a Group

Ensuring Data Storage Security in Cloud Computing By IP Address Restriction & Key Authentication

Secure Way of Storing Data in Cloud Using Third Party Auditor

Verification of Data Reliability and Secure Service for Dynamic Data in Cloud Storage

How To Design A Cloud Data Storage Service For A Cloud Computer System

Index Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.

A Secure and Dependable Cloud Storage Service in Cloud Computing

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

February. ISSN:

Index Terms: Data integrity, dependable distributed storage, Cloud Computing

INTEGRATED SECURITY SERVICE FOR ON DEMAND SERVICES IN IAAS CLOUD AUTHOR

Near Sheltered and Loyal storage Space Navigating in Cloud

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens.

Secure cloud access system using JAR ABSTRACT:

Security in Data Storage and Transmission in Cloud Computing

Erasure correcting to enhance data security in cloud data storage

Dependable and Secure Storage Services in Cloud Computing

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

An Efficient Data Correctness Approach over Cloud Architectures

PRIVACY ASSURED IMAGE STACK MANAGEMENT SERVICE IN CLOUD

How To Secure Cloud Data Storage

Privacy preserving technique to secure cloud

Improving data integrity on cloud storage services

A survey on cost effective multi-cloud storage in cloud computing

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

Ensuring Security in Cloud with Multi-Level IDS and Log Management System

Index Terms: Cloud Computing, Third Party Auditor, Threats In Cloud Computing, Dynamic Encryption.

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS

CLOUD COMPUTING SECURITY - DATA STORAGE AND TRANSMISSION

Scalable Distributed Service Integrity Attestation for Software-as-a-Service Clouds

CloudFTP: A free Storage Cloud

Keywords Cloud Computing, Cloud computing Architecture, Intruder, Security Issues.

Cloud Data Storage Services Considering Public Audit for Security

Online Student Attendance Management System using Android

Performance Evaluation Panda for Data Storage and Sharing Services in Cloud Computing

AN INVESTIGATION OF SECURITY THEME FOR CLOUD COMPUTING

SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD

A Secure Intrusion detection system against DDOS attack in Wireless Mobile Ad-hoc Network Abstract

Efficient Remote Data Possession Checking In Critical Information Infrastructures Ensuring Data Storage Security In Cloud Computing

Distributing, Ensuring and Recovery of Data Stored in Cloud

Monitoring Data Integrity while using TPA in Cloud Environment

Keywords: Cloud Computing, Data Dynamics, Data Integrity, Error Localization, Third Party Auditor.

Resource Allocation Based On Agreement with Data Security in Cloud Computing

Chapter 1 Introduction

RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

An Approach for Data Storage Security in CloudComputing M.PAVITHRA III YEAR CSE IFET COLLEGE OF ENGINEERING

Android City Tour Guide System

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

ADVANCE SECURITY TO CLOUD DATA STORAGE

Keywords : audit, cloud, integrity, station to station protocol, SHA-2, third party auditor, XOR. GJCST-B Classification : C.2.4, H.2.

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Enhancing Data Integrity in Cloud Storage by Ensuring Maximum Availability

Data storage security in Cloud

Ensuring Data Storage Security in Cloud Computing

Verifying Correctness of Trusted data in Clouds

Data Integrity and Dynamic Storage Way in Cloud Computing

Data Integrity Check using Hash Functions in Cloud environment

Data Security And Integrity Of Cloud Storage In Cloud Computing

International Journal of Infinite Innovations in Engineering and Technology. ISSN (Online): , ISSN (Print):

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

Secure Distribution of File on Cloud

DYNAMIC GOOGLE REMOTE DATA COLLECTION

AN EXPOSURE TO RELIABLE STORAGE SERVICES IN CLOUD COMPUTING

Taxonomic Modeling of Security Threats in Software Defined Networking

PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING

Secrecy Maintaining Public Inspecting For Secure Cloud Storage

Chapter 1: Introduction

SHARED DATA & INDENTITY PRIVACY PRESERVING IN CLOUD AND PUBLIC AUDITING

Secure Storage Services and Erasure Code Implementation in Cloud Servers

Enabling Public Auditing for Secured Data Storage in Cloud Computing

Transcription:

Ensuring Data Storage Security in Cloud Computing ABSTRACT Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible distributed scheme with two salient features, opposing to its predecessors. By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server (s). Unlike most prior works, the new scheme further supports secure and efficient dynamic operations on data blocks, including: data update, delete and append. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks.

System Architecture: Existing System: From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons. 1. Firstly, traditional cryptographic primitives for the purpose of data security protection can not be directly adopted due to the users loss control of data under Cloud Computing. Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the cloud and the demand of long term continuous assurance of their data safety, the problem of verifying correctness of data storage in the cloud becomes even more challenging. 2. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. These techniques, while can be useful to ensure the storage correctness without having users possessing data, can not address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As an complementary approach, researchers have also proposed distributed protocols for ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of

dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited. Proposed System: In this paper, we propose an effective and flexible distributed scheme with explicit dynamic data support to ensure the correctness of users data in the cloud. We rely on erasure correcting code in the file distribution preparation to provide redundancies and guarantee the data dependability. This construction drastically reduces the communication and storage overhead as compared to the traditional replication-based file distribution techniques. By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the storage correctness insurance as well as data error localization: whenever data corruption has been detected during the storage correctness verification, our scheme can almost guarantee the simultaneous localization of data errors, i.e., the identification of the misbehaving server(s). 1. Compared to many of its predecessors, which only provide binary results about the storage state across the distributed servers, the challenge-response protocol in our work further provides the localization of data error. 2. Unlike most prior works for ensuring remote data integrity, the new scheme supports secure and efficient dynamic operations on data blocks, including: update, delete and append. 3. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks. Modules: 1. Client Module: In this module, the client sends the query to the server. Based on the query the server sends the corresponding file to the client. Before this process, the client authorization step is involved.in the server side, it checks the client name and its password for security process. If it is satisfied and then received the queries form the client and search the corresponding files in the database. Finally, find that file and send to the client. If the server finds the intruder means, it set the alternative Path to those intruder.

USER EXISTING USER NON-EXISTING USER ENTER USERNAME & PWD REGISTER WITH THE SERVER NO IS VALID YES CONNECT WITH THE SERVER 2. System Module: Representative network architecture for cloud data storage is illustrated in Figure 1. Three different network entities can be identified as follows: User: Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual consumers and organizations. Cloud Service Provider (CSP): A CSP, who has significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live Cloud Computing systems,. Third Party Auditor (TPA):

An optional TPA, who has expertise and capabilities that users may not have, is Trusted to assess and expose risk of cloud storage services on behalf of the users upon request. 3. Cloud data storage Module: Cloud data storage, a user stores his data through a CSP into a set of cloud servers, which are running in a simultaneous, the user interacts with the cloud servers via CSP to access or retrieve his data. In some cases, the user may need to perform block level operations on his data.. users should be equipped with security means so that they can make continuous correctness assurance of their stored data even without the existence of local copies. In case that users do not necessarily have the time, feasibility or resources to monitor their data, they can delegate the tasks to an optional trusted TPA of their respective choices. In our model, we assume that the point-to-point communication channels between each cloud server and the user is authenticated and reliable, which can be achieved in practice with little overhead. 4. Cloud Authentication Server: The Authentication Server (AS) functions as any AS would with a few additional behaviors added to the typical client-authentication protocol. The first addition is the sending of the client authentication information to the masquerading router. The AS in this model also functions as a ticketing authority, controlling permissions on the application network. The other optional function that should be supported by the AS is the updating of client lists, causing a reduction in authentication time or even the removal of the client as a valid client depending upon the request 5. Unauthorized data modification and corruption module: One of the key issues is to effectively detect any unauthorized data modification and corruption, possibly due to server compromise and/or random Byzantine failures. Besides, in the distributed case when such inconsistencies are successfully detected, to find which server the data error lies in is also of great significance 6. Adversary Module: Security threats faced by cloud data storage can come from two different sources. On the one hand, a CSP can be self-interested, untrusted and possibly malicious. Not only does it desire to move data that has not been or is rarely accessed to a lower tier of storage than agreed for monetary reasons, but it may also attempt to hide a data loss incident due to management errors, Byzantine failures and so on.

On the other hand, there may also exist an economicallymotivated adversary, who has the capability to compromise a number of cloud data storage servers in different time intervals and subsequently is able to modify or delete users data while remaining undetected by CSPs for a certain period. Specifically, we consider two types of adversary with different levels of capability in this paper: Weak Adversary: The adversary is interested in corrupting the user s data files stored on individual servers. Once a server is comprised, an adversary can pollute the original data files by modifying or introducing its own fraudulent data to prevent the original data from being retrieved by the user. Strong Adversary: This is the worst case scenario, in which we assume that the adversary can compromise all the storage servers so that he can intentionally modify the data files as long as they are internally consistent. In fact, this is equivalent to the case where all servers are colluding together to hide a data loss or corruption incident. System Requirements: Hardware Requirements: System : Pentium IV 2.4 GHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 15 VGA Colour. Mouse : Logitech. Ram : 512 Mb. Software Requirements: Operating system : - Windows XP. Coding Language : -JAVA,Swing,RMI,J2me(WirelessToolkit) Tool Used : - Eclipse 3.3

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information