International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 7 – Sep 2014
A Secure Protocol for Monitoring Data Components
over Cloud
1
1,2
D.Chandrika1, N.Satyanarayana2
Final year M.tech Student, 2Asst. Professor
Computer Sci. & Engg., Sanketika Vidya Parishad Engg. College, Pothina Mallayya Palem, Visakhapatnam ,AP,India
Abstract: Data monitoring over cloud is an interesting and
important research issue in the field of cloud computing.
Data owner maintains the data component at cloud service
provider end by segmenting the blocks of data component
and uploads to server whenever required. In this paper we
are proposing an efficient protocol for auditing or
Monitoring for data components which are uploaded by
data owners and monitoring process can be done by the
third party Auditor with Meta data and authentication
parameters.
I.
INTRODUCTION
Cloud is a resource area works as pay and use
policy. It can be available in various services like
Operating System (OS), Infrastructure, Application
oriented and back end. Cloud computing is a next
generation architecture for IT enterprise and industries ,
provides an efficient on demand service
on-demand
service, location independent, resource pooling, rapid
resource elasticity and usage -based pricing available in
Cloud computing. Cloud technology provides a flexible
and cost effective features to IT industries and end users,
end users can store and access remote data universally
without losing data integrity and data confidentiality.
Cloud is cost effective in terms of hardware and software
resources.
Batch Auditing: In this method, the groups of files are
verified and the efficiency is increased. It allows
performing verification in multiple verifying task parallel.
Data Dynamics: It allows the user can update the data and
store the data in cloud. It allows stream based
manipulations.
Cloud service provider that gives dome sort of
method which user get the confirmation is secure and
stored correctly. Companies give different services to
Users which is cloud services. The combination of data
should ensure the data and the secure application on a
cloud. There is a possibility that cloud service provider not
leak the data or cannot manipulate the content. The
malicious attack can log into communication. The CSP
support to store the data objects that allows TPA to verify
the objects is authenticated.
The data is major service supports the owners to
move data from their calculations to be the cloud services.
Increasing the owners initialize the store the content in the
cloud. This topology of the data deploys the service and
also novel security services and challenges. The data
owners have some doubt about the data and that would be
lost in the cloud services. This is all because of the data
loss in the cloud services.
II. RELATED WORK
Present days there is increasing technology
because of its specialized properties such as storage of data
is used as application and it is also used as operating
system. The service providers used to pay to maintain with
clients but the users can browse the application by
validating where it required with their authentication
credentials.
Data Owner: In service providers the data consists of two
properties as user and service provider. And the user is a
person and stores more amounts of data on service
providers which is uploading data. The authenticated user
can upload the data without storage and maintenance. It
will provide service and the main situation is data storage
and get the combination of stored on cloud services.
Third Party Auditor: There are the trusted member who
verifies the data correctness and combination of the data
and the he verifies the data objects are uploaded by the data
owner.
ISSN: 2231-5381
To maintain data integrity and save the cloud users’
computation resources are complex in online , it is of
critical importance to enable public auditing service for
cloud data storage, so that users may resort to an auditor
),to audit the outsourced data when needed. The TPA, who
has expertise and capabilities that users do not, can
periodically check the integrity of all the data stored in the
cloud on behalf of the users, which provides a much more
easier and affordable way for the users to ensure their
storage correctness in the cloud. Moreover, in addition to
help users to evaluate the risk of their subscribed cloud
data services, the audit result from TPA would also be
beneficial for the cloud service providers to improve their
cloud-based service platform, and even serve for
independent arbitration purposes [10]. In a word, enabling
public auditing services will play an important role for this
nascent cloud economy to become fully established .
http://www.ijettjournal.org
Page 321
International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 7 – Sep 2014
This scheme contains four methods such as (key_Gen,
Sig_Gen, Gen_Proof and Verify_Proof)
Key_Gen is a method that generates key at the time of
execution scheme.
Sig_Gen : It is a process to generate signatures over blocks
of data component .
GenProof : it is a process which is used to generate the
blocks and server to generate a proof of data storage.
VerifyProof is a process, run by auditor to monitor the
proof from cloud service provider .
There are two stages in this method such as setup and
Auditing:
In setup stage user generates public and secret variables to
generate key. The signature is generated using Sig_Gen to
verify the data at cloud. It deletes the temporary at the time
of execution. The cloud services Including the meta data..
In during the process the server of the system, his data id
proposed by the server make sure and that cloud server
returns file to at the time of execution.
Cloud Storage Service Provider (CSP):
Service provider provides service as storage area,
platform, infrastructure, Virtual machine and operating
system. In our current scenario we are considering it for
data storage, DO uploads data components to storage area
provided by service provider. CSP Verifies the
authentication of auditor with random challenges and hash
code over random challenges.
Third Party Auditor (TPA): A trusted person who
monitors data components of outsourced data under request
of the data owner with authentication parameters. DO
forwards initiation and authentication parameters to TPA.
TPA receives authentication parameters and monitors
assigned data components.
Third Party
Auditor
Ch challenge
&
Response
Response
Initialization
III. PROPOSED WORK
Data Owner
In this paper we are proposing an efficient and
empirical model of monitoring or auditing service with
authentication and data confidentiality of data. Security is
prime concern in proposed architecture. Our proposed
system specifies that user can access the data on a cloud as
if the local one without worrying about the integrity of the
data, to maintain data confidentiality. We enhanced the
traditional approach with simple cryptographic technique
and secure user authentication approach. Dynamically
block gets updated after third party auditor status if any
blocks corrupted in monitored data component.
Roles in cloud architecture as follows Overview of three
roles are as follows
Data owner (DO):
Data owner (DO) is person who is uploading data
components to server with pay and use agreement with
cloud service provider. DO uploads the data component
and updates data component whenever corrupted and
assign monitoring tasks to Third party Auditor (TPA)
ISSN: 2231-5381
Initialization
Fig 1:
CSP
Auditing Architecture
In our proposed approach data owner applies
signature mechanism on individual blocks of the content
and generates the hash code and encrypts the content with
3-DES algorithm and uploads in to the server, Data
components divided into b1,b2….bn & generates random
tag key set(t1,t2…..tn) , Individual block can be encrypted
with tag keys and forward the file meta data information
and key to the third party auditor ,there auditor performs
same signature mechanism and generates signature on the
blocks and then check the both signatures if any block code
is mismatched that can be intimated to the data owner, then
administrator can forward only the corrected information
instead of total content then User can access the
information which is provided by the cloud service
provider.
http://www.ijettjournal.org
Page 322
International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 7 – Sep 2014
Third Party
Auditor
Data Owner
Cloud service
provider
KeyGen
(t1,t2…..tn), RA, RB
H
XOR(RA,RB)
Data component M(m1,m2,m3)
(segmentation/tag gen) process
Owner
Initialization
Minfo RA,T (t1,t2 …. Tn)
M,RBT,H
Minfo, RA(challenge, Auditing Request)
Monitor details
Configuration
Auditing
Minfo, RA( Auditing Response)
Verify (Minfo, RA, RB, H)
Dynamic
Update
0/1
Results (0/1)
Update Corrected block if any
Update status
Fig 2: Framework of Novel Dynamic Auditing Protocol
Symbol
M
T
RA
RB
H(RA,XOR, Ra)
Minfo
n
Meaning
Data component
Set of tag generation keys
Random challenge to Auditor (Large Prime Number)
Random Challenge to Cloud server (Large Prime
Number)
Hash code after XOR Over RA and RB
Meta or abstract informaton of M
Number of blocks in the each component
The above protocol shows entire architecture of the
mechanism, In setup phase DO segments the data
component into number of into number of blocks separated
by a delimiter as space in our context and generates a
random tag key set with key generation process which is
required for encryption of individual blocks respectively to
convert to cipher. DO generates two random challenges for
ISSN: 2231-5381
authentication of third party auditor at cloud service
provider (CSP) while monitoring the data components of
particular data owner along with hash code over random
challenges. After encryption of data component uploads to
the cloud storage area along with Tag key set and
verification parameters and forwards initiation parameters
to the TPA for monitoring of data component.
http://www.ijettjournal.org
Page 323
International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 7 – Sep 2014
Step by Step Process for protocol Implementation:
1: Cloud Data owner segments the Data component M or
Dc into n blocks (b1,b2….bn ).
2: Generates a random tag key set T (t1,t2…..tn ) based on
number of blocks , to encrypt the block with triple DES
algorithm and generates signatures on encrypted blocks, for
authentication.
3: Generates two random challenges RA and RB and then
computes hash value of xor between RA and RB.
x := H ( RA XOR RB )
Where H represents hashing
4: Forward Data component M, set of Tag keys and RB to
CSP and meta information and authentication parameters
(Minfo RA,T (t1,t2 …. Tn) ) to TPA
5: Cloud service provider verifies authentication by recomputation of hash code with auditor RA.
6: TPA again divides data component M in to same number
of blocks at server end, encrypts and applies same
signature mechanism and compares signatures of
corresponding blocks
7: instant auditing status can be forwarded to Data owner
through smtp implementation
8: TPA updates Data component status then Data owner
updates if any blocks corrupted at server end.
TPA receives the basic initiation parameters and
meta-data for monitoring of data component and
authenticate himself at cloud service provider by
forwarding the random challenge (RA). CSP validates the
auditor by generating the hash code of XOR (RA,RB),if
authentication is success, csp allows the author to monitor
the data component and instantly forwards a mail response
to the data owner. Data owner receives monitoring status
from auditor, if uploaded data is same as monitored data
then no issue otherwise data owner updates corrupted block
which is informed by the auditor report.
Computing”, IEEE Transaction on Parallel and Distributed System, vol.
22, no. 5, pp. 847 859,2011.
[3] B. Dhiyanesh “A Novel Third Party Auditability and Dynamic Based
Security in Cloud Computing” , International Journal of Advanced
Research in Technology, vol. 1,no. 1, pp. 29 -33, ISSN: 6602 3127, 2011
[4] P. Mell and T. Grance, “The NIST definition of cloud
computing,”National Institute of Standards and Technology, Tech. Rep.,
2009.
[5] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H.
[6] T. Velte, A. Velte, and R. Elsenpeter, Cloud Computing: A Practical
Approach, 1st ed. New York, NY, USA: McGraw-Hill, Inc., 2010, ch. 7.
Stoica, and M. Zaharia, “A view of cloud computing,” Commun. ACM,
[7] L. N. Bairavasundaram, G. R. Goodson, S. Pasupathy, and J.
Schindler, “An analysis of latent sector errors in disk drives,” in
SIGMETRICS, L. Golubchik, M. H. Ammar, and M. Harchol-Balter, Eds.
ACM, 2007, pp. 289–300.
[8] B. Schroeder and G. A. Gibson, “Disk failures in the real world: What
does an mttf of 1, 000, 000 hours mean to you?” in FAST. USENIX,
2007, pp. 1–16.
[7] M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard, “A
cooperative internet backup scheme,” in USENIX Annual Technical
Conference, General Track.USENIX, 2003, pp. 29–41.
[9] Y. Deswarte, J. Quisquater, and A. Saidane, “Remote integrity
checking,” in The Sixth Working Conference on Integrity and Internal
Control in Information Systems(IICIS). Springer Netherlands, November
2004.
[10] M. Naor and G. N. Rothblum, “The complexity of online memory
checking,” J. ACM, vol. 56, no. 1, 2009.
[11] A. Juels and B. S. K. Jr., “Pors: proofs of retrievability for large
files,” in ACM Conference on Computer and Communications Security,
P. Ning, S. D. C. di Vimercati, and P. F. Syverson, Eds. ACM, 2007, pp.
584–597.
[12] T. J. E. Schwarz and E. L. Miller, “Store, forget, and check: Using
algebraic signatures to check remotely administered storage,” in ICDCS.
IEEE Computer Society, 2006, p. 12.
[13] D. L. G. Filho and P. S. L. M. Barreto, “Demonstrating data
possession and uncheatable data transfer,” IACR Cryptology ePrint
Archive, vol. 2006, p.150, 2006.
[14] F. Seb´e, J. Domingo-Ferrer, A. Mart´ınez-Ballest´e, Y. Deswarte,
and J.-J. Quisquater, “Efficient remote data possession checking incritical
information .
[15] Cong Wang, Sherman S.M, Qian Wang, Kui Ren, Wenjing Lou
“Privacy-Preserving Public Auditing for Secure Cloud Storage”.
IV. CONCLUSION
We are concluding our current research work with
an efficient and novel auditing protocol without losing its
data integrity, In our proposed approach we need not
forward the actual data components to the TPA directly,
but auditing can be done efficiently. We can improve our
approach by increasing the authentication approach rather
than simple random challenges. Like other traditional
approaches we are not completely rely on the TPA, So over
auditing protocol allows the TPA to monitors data
component meta information only that provides the abstract
information of data component and data owner can receive
the regular monitoring details.
REFERENCES
[1] S. Marium, Q. Nazir, A. Ahmed, S. Ahthasham and Aamir M. Mirza,
“Implementation of EAP with RSA for Enhancing The Security of Cloud
Computig”,International Journal of Basic and Applied Science,vol 1, no.
3, pp. 177-183,2012.
[2] Q. Wang, C. Wang,K.Ren, W. Lou and Jin Li “Enabling Public
Audatability and Data Dynamics for Storage Security in Cloud
ISSN: 2231-5381
http://www.ijettjournal.org
Page 324