Index Terms : cloud computing, Distributed Storage, error detection, data recovery, SHA, dynamic block operations



Similar documents
AN EXPOSURE TO RELIABLE STORAGE SERVICES IN CLOUD COMPUTING

Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System

Erasure correcting to enhance data security in cloud data storage

February. ISSN:

Ensuring Data Storage Security in Cloud Computing By IP Address Restriction & Key Authentication

Enhance Data Security in Cloud Computing using Layered Interleaving Approach

Data Storage Security in Cloud Computing

Improving data integrity on cloud storage services

Secure Way of Storing Data in Cloud Using Third Party Auditor

Ensuring Data Integrity in Cloud Computing

Secure Distribution of File on Cloud

SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD

Index Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.

Analysis of Secure Cloud Data Sharing Within a Group

How To Secure Cloud Data Storage

CONSIDERATION OF DYNAMIC STORAGE ATTRIBUTES IN CLOUD

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

Near Sheltered and Loyal storage Space Navigating in Cloud

Efficient Remote Data Possession Checking In Critical Information Infrastructures Ensuring Data Storage Security In Cloud Computing

Data storage security in Cloud

Secure Storage Services and Erasure Code Implementation in Cloud Servers

How To Ensure Data Storage Security In Cloud Computing

Remote Data Integrity Checking in Cloud Computing

ISSN Index Terms Cloud computing, outsourcing data, cloud storage security, public auditability

Index Terms: Data integrity, dependable distributed storage, Cloud Computing

Third Party Auditing For Secure Data Storage in Cloud through Trusted Third Party Auditor Using RC5

Keywords: Cloud Computing, Data Dynamics, Data Integrity, Error Localization, Third Party Auditor.

A Novel Re-Authentication Scheme on Cloud Based Storage Services T.G.V.V.Srinivas 1, P.Suresh Babu 2 1 Final M.Tech Student, 2 Associate professor

Survey Paper on Integrity Auditing of Storage

International Journal of Infinite Innovations in Engineering and Technology. ISSN (Online): , ISSN (Print):

Surveying Cloud Storage Correctness using TPA with BLS

EFFICIENT DISCOVERY OF INTEGRITY AUTOMATION IN HYBRID CLOUD COMPUTING

Data Security And Integrity Of Cloud Storage In Cloud Computing

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

Secrecy Maintaining Public Inspecting For Secure Cloud Storage

Development of enhanced Third party Auditing Scheme for Secure Cloud Storage

SHARED DATA & INDENTITY PRIVACY PRESERVING IN CLOUD AND PUBLIC AUDITING

Enabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens.

IJCSIET-ISSUE4-VOLUME2-SERIES1 Page 1

Cloud Data Service for Issues in Scalable Data Integration Using Multi Authority Attribute Based Encryption

Index Terms: Cloud Computing, Cloud Security, Mitigation Attack, Service Composition, Data Integrity. 1. Introduction

I. Introduction. A. Related Work

How To Secure Cloud Computing, Public Auditing, Security, And Access Control In A Cloud Storage System

Enabling Public Auditing for Secured Data Storage in Cloud Computing

Verifying Correctness of Trusted data in Clouds

Privacy-Preserving Public Auditing & Data Intrgrity for Secure Cloud Storage

Keywords: Cloud Computing, Third Party Auditor, Integrity.

SECURE AND TRUSTY STORAGE SERVICES IN CLOUD COMPUTING

Trusted Public Auditing Process for Secure Cloud Storage

A Survey on Secure Storage Services in Cloud Computing

A Secure and Dependable Cloud Storage Service in Cloud Computing

ADVANCE SECURITY TO CLOUD DATA STORAGE

Dependable and Secure Storage Services in Cloud Computing

INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) PERCEIVING AND RECOVERING DEGRADED DATA ON SECURE CLOUD

PRIVACY PRESERVING PUBLIC AUDITING FOR SECURED DATA STORAGE IN CLOUD USING BLOCK AUTHENTICATION CODE

How To Design A Cloud Data Storage Service For A Cloud Computer System

Data Integrity and Dynamic Storage Way in Cloud Computing

Review On Regenerating Code Based Secure Cloud Storage Using Public Auditing Mr.Satish Shelar 1, Prof.S.Y.Raut 2

Replicated Data Integrity Verification in Cloud

PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING

Performance Evaluation Panda for Data Storage and Sharing Services in Cloud Computing

Secure Privacy Preserving Public Auditing for Cloud storage

How To Ensure Correctness Of Data In The Cloud

Keywords: - Ring Signature, Homomorphic Authenticable Ring Signature (HARS), Privacy Preserving, Public Auditing, Cloud Computing.

IMPLEMENTATION CONCEPT FOR ADVANCED CLIENT REPUDIATION DIVERGE AUDITOR IN PUBLIC CLOUD

DESIGN AND IMPLEMENTATION OF A SECURE MULTI-CLOUD DATA STORAGE USING ENCRYPTION

How To Ensure Data Integrity In Clouds

Dynamic Data Storage for Trustworthy Cloud

PRIVACY PRESERVING AND BATCH AUDITING IN SECURE CLOUD DATA STORAGE USING AES

Keywords-- Cloud computing, Encryption, Data integrity, Third Party Auditor (TPA), RC5 Algorithm, privacypreserving,

Public Auditability and Privacy preserving in Cloud Storage

A Survey on Privacy-Preserving Techniques for Secure Cloud Storage

A Review on Towards Audit of Secure Storage Correctness Verification and Dependable Storage Error Recovery in Cloud Computing

Authorized Auditing of Big Data Stored on Cloud with Auditability Aware Data Scheduling

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

SECURE AND EFFICIENT PRIVACY-PRESERVING PUBLIC AUDITING SCHEME FOR CLOUD STORAGE

Transcription:

Revisiting Secure Cloud Storage by Replacing Token Generation With SHA Ms. Bhagyashree Alhat (1), Prof. Amar Buchade(2) Pune Institute of Computer Technology, University of Pune,PG Student(1), Assistant Professor(2) bhagyashrialhat@gmail.com, amar.buchade@gmail.com A B S T R A C T Using Cloud storage, user can upload the data without the burden of software and hardware management. To achieve security in data storage, data is stored in a distributed manner at different servers. While storing a data file onto cloud with unique identification it is divided into blocks each kept at different servers for which tokens are generated. These tokens are used in error detection and recovery mechanism. We implemented this system with token generation and replaced token by hash value and the comparative study was done which says Secured Hash Algorithm (SHA1) is better to achieve more security. Analysis shows that proposed system is more efficient against database attacks and server crash events. Index Terms : cloud computing, Distributed Storage, error detection, data recovery, SHA, dynamic block operations I. INTRODUCTION Users can remotely store their data in cloud storage without having physical possession of the outsourced data. This encounters security risks in integrity and availability of the data. In distributed storage, data is divided into blocks and these blocks are kept at different servers. While storing these blocks they are assigned with some token to achieve security. In this paper, we propose a system which replaces these tokens with hash values. Analysis shows that it is more efficient than token generation. The system supports dynamic operations on outsourced data such as block modification and deletion. Cloud storage provides high quality applications and services due to improvement in network bandwidth and reliable and flexible network connections. It is more convenient for users to store data remotely since they need not to take care of hardware. Though, various cloud service providers provide more reliable and powerful cloud infrastructure, it also introduces the internal and external threats as users no longer have physical possession of outsourced data. Also it may happen, to increase the profit, the cloud service provider may hide data loss incidents or they may delete the rarely accessed data. To handle such type of threats and to provide secure and reliable cloud service, researchers have provided number of systems [2]-[8] with which one can assure the data integrity and dependability. But these systems consider only static data but when data is going to be changed with insertion and deletion operations, these systems will not work, hence to address this problem; the research work [27] was carried out with dynamic data consideration. We implemented this system [27] with extension of data recovery mechanism by using token generation algorithm and by replacing token generation algorithm with Secured Hash Algorithm(SHA), with which the whole data can be easily recovered when any server get crashed or failed and also in database hack events. II. LITERATURE SURVEY To remotely store any data at cloud, the cloud service provider should give assurance about data integrity, data security and dependability [25]-[26] as user is not having physical possession of the outsourced data. Recent research works address this issue of security by providing some enhanced 14 2015, IJAFRSE All Rights`` Reserved www.ijafrse.org

technique to be used for data security and integrity [4]-[20]. These techniques ensure the data security and integrity but all these are focusing on single server storage. And as we talk about cloud storage it is distributed storage with multiple servers [29]-[30]. Also, these systems work with static data or archival data [28]. Hence, their ability to handle dynamic or changing data is unclear. So, these systems are not fully applicable to cloud storage applications. To address these issues a new enhanced system was introduced in [27] which is capable to handle dynamic data, that means after storing data at cloud servers, users can append, delete or update that outsourced data which deals with dynamic block operations [31]. Also, Public auditability and private auditability solve the data integrity problem [21]-[22]. Private auditability provides greater efficiency while public verifiability allows any one, not just the client to challenge the cloud server for correctness of the data storage while keeping no private information. In public auditability [28], the client delivers the generated public key to the third party auditor (TPA). The TPA monitors the stored file in the remote server and informs the client about the stored file security [1]. Using this method the server computation time is much reduced and can be applied to variable size file blocks. Though it is providing more security it handles only static or archival data. When user wants to update or modify the outsourced data, these systems remains unclear to handle dynamic data. Since users no longer having physical possession of data, it prohibits the direct adoption of traditional cryptographic primitives for data integrity protection [1][24]. Hence, verification of cloud storage correctness should be done without knowledge of whole data files [12]-[14]. Hence this dynamic feature should be adapted by the cloud storage correctness assurance which makes the system design more difficult. Also the deployment of cloud computing is powered by data centers running in distributed manner. It is more advantageous for individual user to store data redundantly across multiple servers as it reduces data integrity and availability threats. With the proposed system using Secured Hash Generation we can achieve data integrity and availability. When data corruption is detected while storage correctness verification, the system guarantees the localization of data errors i.e. identification of misbehaving servers. We also provide support of third party auditing where user can safely assign integrity checking task to third party auditor. Our scheme ensures remote data integrity and supports secure and efficient dynamic operations on data blocks such as update delete and append. Security analysis shows that the system is highly efficient against database attack and server crash events as compared to token generation. III. IMPLEMENTATION DETAILS Implementation includes the three different network entities as follows, 1. User, who has data to be stored in the cloud and relies on the cloud for data storage and computation, can be either enterprise or individual customers. 2. Cloud service provider (CSP), to provide data storage service and has significant storage space and computation resources. 3. Third Party Auditor (TPA), an optional TPA, who has expertise and capabilities that users may not have, is trusted to assess and expose risk of cloud storage services on behalf of the users upon request. In cloud data storage, a user stores his data through a CSP into a set of cloud servers, which are running in a simultaneous, cooperated and distributed manner. Data redundancy can be handled with technique of erasure correcting code to tolerate server crash events. For application purposes, the user interacts with the cloud servers via CSP to access or retrieve his data. In some cases, the user may need to perform block level operations on his data. The most general forms of these operations we are considering are block update, delete, insert and append. Hence, we put more focus on the support of file oriented cloud applications other than non-file application data. As users no longer possess their data, it is important to 15 2015, IJAFRSE All Rights`` Reserved www.ijafrse.org

ensure users that their data are being correctly stored and maintained. Also, users should be assured with security of their stored data even without backup of data. In case those users do not necessarily have the time, feasibility or resources to monitor their data online, they can hand over the data auditing tasks to an optional trusted TPA of their own choice. However, to securely introduce such a TPA, any possible leakage of user s outsourced data towards TPA through the auditing protocol should be prohibited. In our model, we assume that the point-to-point communication channels between each cloud server and the user is authenticated and reliable. Figure 1 shows the class diagram of the proposed system. Figure 1. Class diagram showing file upload mechanism User sought to upload the data to cloud, sends the file to CSP which will be assigned with unique identification. CSP then divide the uploaded file into three blocks. Then each data block is converted into hash digest and kept each at different server. Remaining of the implementation will be same as described in [31]. The Algorithm for the proposed system is as follows, Algorithm: File upload with ComputeHash() 1. Pad the data to be uploaded with zeroes until the final block has 448 bits. 2. Append the size of original data as an unsigned 64-bit integer. 3. Initialize the five hash blocks (h 0,h 1,h 2, h 3,h 4) to the specific constants defined in the SHA1 standard. 16 2015, IJAFRSE All Rights`` Reserved www.ijafrse.org

4. Calculate hash for each 512-bit block. 5. Allocate an array of 80 words. 6. Form the first 16 words to 512-bit block 7. Generate the rest of words as, word[i-3] XOR word[i-8] XOR word [i-14] XOR word [i-16] and rotate 1-bit to the left. 8. for( i=0;i<80;i++) { Calculate SHA function() and the constant k based on the current round number. e=d d=c c=b b=a a=a(rotated left 5) + SHA Function() + e + k +word[i] } 9. Add a, b, c, d and e to get the hash output. Output will be the concatenation of h 0,h 1,h 2, h 3,h 4,which will be the data converted into another form i.e. corresponding hash value. IV. RESULTS AND ANALYSIS The system was initially implemented with token generation i.e. data blocks are uploaded to cloud by computing token and assigning that token to each data block which will help to recover data in case of server crash and database hack events. The enhancement was made by applying Secured Hash Algorithm replacing token generation algorithm. The following data set is obtained by applying both these algorithms. Table 1. Data set obtained with Token Generation and Hash generation File Size in KB File Uploading Time using Token Generation File Uploading Time using Hash Generation 200 0.7644 0.5621 300 0.8052 0.6042 400 0.9801 0.7608 500 1.0004 0.8471 600 1.5461 0.9821 Figure 2 and 3 show the graphs of comparison of Token Generation and Secured Hash Algorithm SHA1. It implies that SHA1 takes lesser time than token generation. 17 2015, IJAFRSE All Rights`` Reserved www.ijafrse.org

Figure 2. Uploading Time comparison between Token Generation and SHA-1 Figure 3. Auditing Time comparison between Token Generation and SHA-1 V. CONCLUSION AND FUTURE SCOPE With the proposed system it became possible to recover the data in less time as compared to token generation. The system is highly efficient against server crash and database hack events. We implemented this system as an extension to the distributed storage system for secure and dependable cloud storage in which dynamic data is considered which is more efficient than the previous existing systems which were designed by considering static data only. Though the system is implemented with dynamic data support the cloud data is not expected to be rapidly changing like social networking data. In future the system can be enhanced with non file data and rapidly changing data also. Also, the newer versions of SHA i.e. SHA2, SHA3 can be applied to enhance the system. VI. REFERENCES [1] Cong Wang, Sherman S.M.Chow, Q. Wang, K. Ren, and W. Lou Privacy-Preserving Public Auditing for Secure Cloud Storage, in Proc. of IWQoS 2013,February 2013 18 2015, IJAFRSE All Rights`` Reserved www.ijafrse.org

[2] C. Wang, Q. Wang, K. Ren, and W. Lou, Ensuring data storage security in cloud computing, in Proc. of IWQoS 09, July 2009, pp.1 9. [3] Sun Microsystems, Inc., Building customer trust in cloud computingwith transparent security, Online at https://www.sun.com/offers/details/sun transparency.xml, November 2009. [4] A. Juels and J. Burton S. Kaliski, Pors: Proofs of retrievability for large files, in Proc. of CCS 07, Alexandria, VA, October 2007, pp.584 597. [5] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson,and D. Song, Provable data possession at untrusted stores, in Proc. of CCS 07, Alexandria, VA, October 2007, pp. 598 609. [6] M. A. Shah, M. Baker, J. C. Mogul, and R. Swaminathan, Auditing to keep online storage services honest, in Proc. of HotOS 07.Berkeley, CA, USA: USENIX Association, 2007, pp.1 6. [7] M. A. Shah, R. Swaminathan, and M. Baker, Privacy-preservingaudit and extraction of digital contents, Cryptology eprint Archive, Report 2008/186, 2008, http://eprint.iacr.org/. [8] G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, Scalable and efficient provable data possession, in Proc. of SecureComm 08,2008, pp. 1 10. [9] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, Enabling public verifiability and data dynamics for storage security in cloud computing, in Proc. of ESORICS 09, volume 5789 of LNCS. Springer- Verlag, Sep. 2009, pp. 355 370. [10] C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia, Dynamic provable data possession, in Proc. of CCS 09, 2009, pp. 213 222. [11] H. Shacham and B. Waters, Compact proofs of retrievability, in Proc. of Asiacrypt 08, volume 5350 of LNCS, 2008, pp. 90 107. [12] K. D. Bowers, A. Juels, and A. Oprea, Proofs of retrievability:theory and implementation, in Proc. of ACM workshop on Cloud Computing security (CCSW 09), 2009, pp. 43 54. [13] R. Curtmola, O. Khan, R. Burns, and G. Ateniese, Mr-pdp: Multiple-replica provable data possession, in Proc. of ICDCS 08.IEEE Computer Society, 2008, pp. 411 420. [14] K. D. Bowers, A. Juels, and A. Oprea, Hail: A high-availability and integrity layer for cloud storage, in Proc. of CCS 09, 2009, pp. 187 198 [15] T. Schwarz and E. L. Miller, Store, forget, and check: Using algebraic signatures to check remotely administered storage, in Proc. of ICDCS 06, 2006, pp. 12 12. [16] M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard, A cooperative internet backup scheme, in Proc. of the 2003 USENIX Annual Technical Conference (General Track), 2003, pp. 29 41. [17] M. Castro and B. Liskov, Practical byzantine fault tolerance and proactive recovery, ACM Transaction on Computer Systems, vol. 20, no. 4, pp. 398 461, 2002. [18] J. Hendricks, G. Ganger, and M. Reiter, Verifying distributed erasure-coded data, in Proc. of 26th ACM Symposium on Principles of Distributed Computing, 2007, pp. 139 146. 19 2015, IJAFRSE All Rights`` Reserved www.ijafrse.org

[19] J. S. Plank and Y. Ding, Note: Correction to the 1997 tutorial on reed-solomon coding, University of Tennessee, Tech. Rep. CS-03 504, April 2003. [20] C. Wang, Q. Wang, K. Ren, and W. Lou, Privacy-preserving public auditing for storage security in cloud computing, in Proc.of IEEE INFOCOM 10, San Diego, CA, USA, March 2010. [21] C. Wang, K. Ren, W. Lou, and J. Li, Towards publicly auditable secure cloud data storage services, IEEE Network Magazine, vol. 24, no. 4, pp. 19 24, 2010. [22] Q. Wang, K. Ren, W. Lou, and Y. Zhang, Dependable and secure sensor data storage with dynamic integrity assurance, in Proc. Of IEEE INFOCOM 09, Rio de Janeiro, Brazil, April 09. [23] J. S. Plank, S. Simmerman, and C. D. Schuman, Jerasure: A library in C/C++ facilitating erasure coding for storage applications - Version 1.2, University of Tennessee, Tech. Rep. CS-08-627, August 2008. [24] M. Bellare, O. Goldreich, and S. Goldwasser, Incremental cryptography: The case of hashing and signing, in Proc. Of CRYPTO 94, volume 839 of LNCS. Springer-Verlag, 1994, pp. 216 233. [25] D. L. G. Filho and P. S. L. M. Barreto, Demonstrating data possession and uncheatable data transfer, Cryptology eprint Archive, Report 2006/150, 2006, http://eprint.iacr.org/. [26] Yang Tang, PatrikP.C.Lee, John C.S.Lui, Radia Perlman, Secure Overlay Cloud Storage with Access Control And Assured Deletion,IEEE Transactions on dependable and Secure computing,vol 9, No.6, November/December 2012 [27] C. Wang, Q. Wang, K. Ren, Ning Cao and W. Lou, Towards secure and dependable storage services in cloud computing, in Proc.of IEEE IWQoS 09, published in IEEE transactions in March 2012. [28] M.Venkatesh, M.R.Sumalatha, Mr.C.Selva Kumar, Improving Public Auditability, Data Possession indata Storage Security for Cloud Computing, in Proc.of IEEE ICRTIT-2012, ISBN: 978-1-4673-1601-9/12/$31.00 2012 IEEE [29] Michael Miller, Cloud computing- Web based Applications That change the way you work and collaborate online, Pearson Education, ISBN: 978-81-317-2533-7 [30] Barrie Sosinsky, Cloud Computing Bible, Wiley India Edition, ISBN : 978-81-265-2980-3 [31] Alhat Bhagyashree, Amar Buchade, Secure Cloud Storage with Efficient Data Recovery Mechanism, published in International J. of Multidispl.Research & Advcs. in Engg.(IJMRAE), ISSN 0975-7074, Vol. 7, No. I (January 2015), pp. 105-116 20 2015, IJAFRSE All Rights`` Reserved www.ijafrse.org

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information