International Journal of Engineering Trends and Technology (IJETT) – Volume 5 Number 4 - Nov 2013
A Framework for Inspection Approach Over Cloud
Services
Mula Sudhakar *,Chanti.Suragala#
*
*
M.Tech Scholar,#Assistant professor
Department of Software Engineering , SISTAM college, Srikakulam, Andhra Pradesh
#
Dept of CSE , SISTAM college, Srikakulam, Andhra Pradesh
Abstract: There are so many users using third party services
to store their data. Some of them storing data and some of
them are using that data. In this process, there is a security
issue such as storing and retrieve the data securely. For
frequent verification required for the file stored in the third
party services. That verification should be done by trusted
authority between the data owner and cloud service provider.
For achieving these requirements we introduced a framework
that includes secure uploading, retrieving and verification of
data in the cloud services such as third party services.
I.INTRODUCTION
Basically, a cloud storage system can be
considered to be a network of distributed data centres
which typically uses cloud computing technologies like
virtualization offers some kind of interface for storing data.
To increase the availability of the data and may be
redundantly stored at different locations. There are multiple
use cases for cloud storage services used by both
companies and individuals. This is also includes ondemand storage capacities accessible from various
locations (e.g. from mobile and local devices) and the
backup facilities without the need to maintain hardware
devices or appropriate software tools and the
synchronization features allowing the customers to always
have access to the latest version of their data independent
of the device (PC, laptop, smartphone). The following use
cases shall present the potential benefits of such storage
services.
Copy. Bob is a sales representative, working most
of the time out of the office. At the moment he is traveling
home from a two weeks business trip and visited many
customers and this made a lot of notices and sketched some
drafts for potential missions. It was very successful, but
Bob is depressed. It is inattentive while waiting for the
plane and the bag including his laptop has been stolen. It
does not worry about disclosure of data because he uses an
encrypted harddisk, but he is sad when he is thinking about
the results of the last two weeks. Using the copy feature of
a cloud storage service Bob would be able to solve this
problem. In his laptop continuously copies all changes to
existing data and all new files to the cloud service. It is
convenient to recover this data to his new laptop.
Backup. Charlie, an architect, is the owner of a
medium sized and prosperous architectural office. It is
desperately seeking a building plan which he had drawn up
last year. House plan for a customer who has repeatedly
ISSN: 2231-5381
changed his mind and it forcing Charlie to frequently alter
it. Since then the architect has been searching for the digital
version. It protects his data by making copies and storing
them on external devices, he cannot find that particular
version. Are liable cloud backup service and which keeps
all versions of all files, would have enabled Charlie to
restore the building plan from any particular date.
Synchronization of Devices. Diana has worked
the first half of the day in the office on a presentation for
tomorrow. The moment she is traveling to the location of
her speech. It planned to polish her slides in the train. It
worked in the office on her Desktop PC and she forget to
copy the presentation on an USB stick. Using a service that
offers a synchronization feature Diana could solve this
problem. Desktop PC would permanently copy all data to
the cloud and like in the storage scenario above. The
synchronization feature allows the connection of any
number of devices. Service takes care that all devices have
the same data pool. If she creates new files on different
devices while she is offline the service recognizes that.
Even better, if she changes one file on two devices and
service is able to detect version conflicts.
Sharing Files. Eve is a self-employed
photographer. At the moment she is writing a travel guide
and together with Frank a talented writer. They are
working together using email and Both of them are
displeased on this scenario because the book is made of
more then 100 files and it is very cumbersome to send them
via email and to hold them in sync. Using a service that
offers a file sharing feature working on any number of files
would very easy. Eve and Frank could just edit their piece
of work and each computer would copy the results
immediately to the cloud. The other computer would
automatically download the file. They are always in
synchronizing without any pain. And if they accidentally
edit the same file at the same time and the service creates a
notice and offers alternatives how to proceed.
II. RELATED WORK
Before customers are able to use a cloud storage
provider to synchronize or back up personal data, they have
to complete a registration process. Cloud storage providers
usually require the creation of a user account before any
services can be used. On the one hand, it is in the interest
of the service provider to establish a single point of contact
through which all subsequent configuration, logging and —
http://www.ijettjournal.org
Page 203
International Journal of Engineering Trends and Technology (IJETT) – Volume 5 Number 4 - Nov 2013
above all — accounting will take place. On the other hand,
a customer who wishes to entrust personal data to the
service provider wants to be certain that he communicates
with the intended service and — above all — establishes a
relationship of trust and contracts the service provider to
perform its duties as pledged. During the registration
process, the service provider and the new customer agree
upon credentials↑ – these must later be used to log in and
use the service. If at any time an attacker is able to
eavesdrop on the communication, he might obtain the
credentials, compromise the account and gain access to
uploaded data. Beyond that, if an attacker is able to
manipulate the messages exchanged between customer and
service provider, he might act as a proxy and defraud both
of them. In order to prevent these at- tacks, all
communication between service provider and customer
must be secured in terms of authenticity and confidentiality
and integrity.
The main reason to use a cloud storage provider
— for both individuals and companies — is to always have
a backup of valuable data which is off-premises yet easily
accessible. Arguably a reason for this is that personal data
or sensitive company data is highly valuable in either
sentimental or financial terms. Before cloud storage
became popular, individuals and companies had personal
backup strategies to pro- tect against data loss, but these
almost always relied on additional physical devices usually
at the same location as the original data. Since the stored
data was under the control of its owner, protection of the
data itself was not always regarded as imperative.
Nowadays, data is often entrusted to cloud storage
providers on servers visible on the public Internet. Frequent
discoveries of security vulnerabilities facilitate successful
external attacks with ensuing data thefts. Additionally,
there can be internal attacks from within the cloud storage
provider itself. Therefore, the data itself should be
protected in such a way that even in the event of a
successful attack, the contents of the stored data remain
confidential. To this end, all data needs to be stored on the
remote servers in encrypted form. There are several
cryptographically secure encryption schemes available
which can be used freely. Cloud storage providers often
offer a general encryption of all data stored on their servers
using a company key which is known only to them. This
may prevent data theft from external attackers, but does not
protect against any attacks which include theft of the
encryption key or internal attacks conducted by personnel
who are able to gain access to these keys. Therefore, all
data should be encrypted on the client system before the
data is transmitted into the cloud using a key unknown to
the service provider. Stand- alone software may be used to
encrypt all data on the client system, but this has
drawbacks: The software has to be installed, administrated
and operated on all client systems in addition to the client
software of the cloud storage provider. The key used to
encrypt the data needs to be distributed to all devices which
are used to access the stored data. In the event that this key
ISSN: 2231-5381
is lost, the data can never be decrypted again. As a
precautionary measure, all keys used to encrypt data could
be integrated into some kind of key escrow system to guard
against data loss. All keys that are used for encryption
should be generated at random resp. pseudo random. This
requirement ensures that two cryptograms of the same clear
text are different.
III. PROPOSED WORK
In our proposed work the framework contains safe
upload and retrieving of data upload. In our framework
there are four main features such as file encryption, file
upload, file decryption, and file download.
There are three types of users such as data owner,
Auditor and user.
Data owner initially selects file and generates
transformation key to encrypt selected file. After that data
owner encrypts the selected file and generates signature for
encrypted file. He sends Meta data to auditor such as file
index, file name, and signature.
Auditor is the trusted authority of the cloud
service provider. He frequently verifies files in the cloud
service using the Meta data sent by the data owner. He can
send status of the verification such as auditing to data
owner using simple mail transfer protocol.
In this verification auditor again generates
signature to the file in the cloud and compares with the
signature sent by the data owner. If the signatures are same
the file in the cloud service is secure otherwise he decides
that file was corrupted.
5. Get signatures
2.File Metadata
6. Auditing status
cloud
1.Encrypted File and
signatures
3. Request
for file
4.Response
Users
Fig 2: Block diagram for Data correctness over cloud
User view list of files and request to cloud service,
cloud service checks authentication and sends decrypted
file to download the requested file.
http://www.ijettjournal.org
Page 204
International Journal of Engineering Trends and Technology (IJETT) – Volume 5 Number 4 - Nov 2013
In our work we introduced a block based signature
algorithm to generate signatures. In we divide the
encrypted file into equal number of blocks. And generate
signature to each and every block of the divided file.
A novel algorithm for signature generation
Algorithm:
1. Input file F.
2. Find length of L0.
3. Take Block length BL such as 128/256/512/1024
4. Divide L0 into the given block length BL
Block=L0/BL
5. If there any remaining bits append zeros rounded
to block length BL
6. Then For each block B={b1,b2...bn}
Encrypt block
Benc=Rjn(b)
7. Then for each Encrypted Block generate signature
8. S reverse[∑ nA=1((A XOR B) v (A ∩ B))]
9.
10.
Where B <- to_Integer (to_Char (A)) in
Block benc
11.
12. Sig  Sig+ to-Binary (S)
13.
14. Fn F1 + Sig
For encrypting the file we used advanced AES algorithm
called rijandael algorithm.
Variable block lengths and key lengths supported such
as128, 192, and 256. In this number of columns in the state
and round key arrays depend on the sizes.
Step 1: Byte Sub Transformation
Step 2: Shift Row Transformation
Step 3: Mix Column Transformation
Step 4: Round Key Addition
Final round is a little different and it removes the Mix
Columns step.
In our work file stored in the cloud service is deeply checks
by the auditor and updates to data owner.
IV. EXPERIMENTAL ANALYSIS
In our experimental analysis we take a text file and
followed our proposed process as shown below.
Data Owner:
Auditor:
IV.CONCLUSION
In our framework we used a secure encryption algorithm
with block based signature generation it reduces the man in
the middle attacks in the communication channel and
secure verification process to protect the file in the cloud
service. By providing trusted authority between the users,
data owner and cloud service provides secure
communication between the cloud service and the users.
We tested this frame work in the above experimental
results.
In future work it we can implement any advanced
symmetric key cryptographic algorithm with strong
signature generation algorithm. And there is a chance to
implement secure file transfer protocol algorithm to send
status of the auditing or verification of the files.
REFERENCES
1.
2.
3.
4.
ISSN: 2231-5381
https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_
und_technical_reports/Cloud-Storage-Security_a4.pdf
www.cs.xu.edu/~harnist/AA_Rijndael.ppt
ieeexplore.ieee.org/iel5/4381299/4381300/04381319.pdf?arn
umber...by A Sultana - 2007.
link.springer.com/chapter/10.1007%2F978-3-642-356155_6by HB Patel.
http://www.ijettjournal.org
Page 205
International Journal of Engineering Trends and Technology (IJETT) – Volume 5 Number 4 - Nov 2013
5.
6.
7.
8.
9.
J. Kincaid, “MediaMax/TheLinkup Closes Its Doors,”
http://www.techcrunch.com/2008/07/10/
mediamaxthelinkup-closesits- doors, July 2008.
Amazon.com, “Amazon S3 Availability Event: July 20,
2008,”http://status.aws.amazon.com/s3-20080720.html,
July 2008.
S. Wilson, “Appengine Outage,” http://www.cioweblog.com/ 50226711/appengine_outage.php, June 2008.
B. Krebs, “Payment Processor Breach May Be Largest
Ever,” http://voices.washingtonpost.com/ securityfix/2009/
01/ Jan. 2009.
Juels and B.S. Kaliski Jr., “PORs: Proofs of Retrievability
forLarge Files,” Proc. 14th ACM Conf. Computer and
Comm. Security (CCS ’07), pp. 584-597, Oct. 2007.
Biblography :
Mula Sudhakar is received B.Tech
from Gokul
Institute of
Technology And Management,
Bobbili..He is pursuing M.Tech in
Sarada Institute of Science,
Technology
and Management,
Srikakulam,
Andhra
Pradesh.
Interesting areas are Network security and Data
minig.
Chanti.Suragala is working as a
Asst.professor in Sarada Institute
of Science, Technology And
Management, Srikakulam, Andhra
Pradesh. He received his M.Tech
(CSE) from Aditya Institute of
Technology And Management,
Tekkali. JNTU Kakinada Andhra
Pradesh. His research areas include Image Processing
ISSN: 2231-5381
http://www.ijettjournal.org
Page 206