International Journal of Engineering Trends and Technology (IJETT) – Volume15Number 7 – Sep 2014
A Simple Storage Assessment Protocol for Multiple
Owners
1
Kodukulla Sireesha
1
1
M.Tech Scholar
Dept of CSE, MVGR of Engineering College, Chintavalasa,AP,India.
Abstract:-In cloud computing data owners store or host their
information and users access that information from cloud. Some
traditional integrity verifying methods and then cannot be applied
to the auditing service until the data in the cloud service can be
dynamically updated. Therefore an efficient and secure dynamic
multi- owner auditing protocol is designed to serve data owners
that the data are correctly stored in the cloud. We designed a
framework that provides privacy preserving and secure storage
and secure verifying protocol. This framework is designed for
auditing multi-owner data storage in cloud service by using
cryptographic methods.
frequently outward and inward commensurate with request.
The capacities are available for providing appear to be limit
less and can be appropriated in any quantity at any time.
e) Measured service. Cloud systems are control and
configure the resource used by a metering capacity at a
point of level of abstraction appropriate to the type of
service such as storageand active user accounts. Resource
usage can be verified and managed by providing the
transparency for both the provider and consumer of the
utilized service.
I. INTRODUCTION
C) Deployment Models
Cloud computing is a representation for sanctioning
flexible on-demand network access to a shared set of
configurable computing resources and that can frequently
provisioned and introduced with minimum maintenance
effort. This model includes of five featuresand three service
models and four deployment models.
A) Private cloud. This topology is given for the usage of
the cloud by unique organization consists of multiple users.
This type of cloud is owned and operated by the
organization or company only.
A)Essential Features:
a)On-demand self-service. A consumer can provide
provision computing capacity such as server processing
time and storage required automatically without human
communication with each service provider.
B)Broad network access.The capacities are available in the
network and accessed using standard methods that is used
by different client domainssuch as mobile phones and
laptops etc.
C)Resource pooling. The service provider computing
resources are grouped to serve different users using a
multi-users model with various physical and virtual
resources dynamically assigned and reassigned based on
consumer demand. There is some idea of location
independence in that the usernormally has no control or
knowledge oncorrect location of the given resources but
may be able to declare the location at a higher level of
extraction such as country, state, or datacenter. There are
some examples of resources consists of storage and
processing, memory and network bandwidth.
d)Rapid elasticity. Capacities are elastically given and
released in some other situations automatically to measure
B) Community cloud. This topology provided for particular
group of customers those are using sharing concerns and
those are maintained by one or more organizations in that
group only.
C) Public cloud.This cloud architecture is provided for
public usage by public users. This type of cloud is
maintained by any organization.
D) Hybrid cloud. Thisarchitecture is the combination of
different architectures including above explained
architectures. It contains unique features and objects gives
data and application portability. It maintains load balancing
and store more amounts of data.
II. RELATED WORK
A) Un-cheatable data transfer
Let us consider request for bandwidth content
distributed network. Consider that Alice has existing
downloaded data and that is requested by Bob. Alice shares
that data with bob by taking currency. This type of data
exchanging is more attractive that leads to increase the
ISSN: 2231-5381http://www.ijettjournal.org
Page 340
International Journal of Engineering Trends and Technology (IJETT) – Volume15Number 7 – Sep 2014
scalability of users and that relieves the network operators
from bandwidth charges. There are two situations such as
1. Alice has lots of static bandwidth but not interesting to
use this in static bandwidth. Therefore she claims to
possess a highly requesteddata but when it is requested by
bob she sends non-relevant data.
2. Bob don’t want to be a part with his bandwidth credits
so the successful receipt ofdata he will claim that the data
was corrupted and don’t agree to handover the credits.
The first situation is avoided by new techniques. Even the
users are able to know the correct data or incorrect data out
of Alice.
1. A centralized server frequently verifies the
hashes for each and every block of data in communication
network. Bob converts the received that data to hash and
store in the server. If the hash values are matched perfectly
he predicts that the data was corrupted and there is no
credits not going to exchange.
2. Alice encodes the data before sending top bob.
After sending of data bob hashes the received data and
compares with the Alice hash value of encrypted data. If it
matches correctly Alice send decryption key to bob. This
scheme is secure againstscenario 2 but not 1 and since
Alice might have encrypted random or unrequesteddata.
This could be combined with the first protocol by hashing
the decrypteddata; however the scheme would again be
insecure against scenario 2.
Method 1: It is purely secure method but further it
leads to overload for the server and it requirestoring a
correct copy of every block of data being trade in the
network. Here we show howintra hashing and block
ciphers can be used to remove this requirement.Let d be the
data of interest and f(k) be a stream cipher. It gives
abitstring s of arbitrary length which is based on k. For our
requirement this bitstring is compressedto match the size of
d. d and s would be merged by the XOR operationSince we
have a hash H which is under integer addition.We
willinterpret both d and s as bitwise integers, and we define
c = s + d as the ciphertext where +is integer addition.
The centralized server must create an RSA
modulus n = pq, where p and q are primes and (n) =
(p−1)(q−1). The modulus n is public integer, but p, q, (n)
are kept as secret.Every block of data d is hashed as h(d) =
d mod (n) and this resulted value stored by theserver.
Alice sends data to Bob according to the following
protocol:
Method 1.1(Data transfer).
1. Alice selects a key k at randomly for stream cipher f(k),
and calculates thebitstring s and the ciphertext c = s + d
using this key.
2. Alice sends s and rA = H(c) to Bob.
3. Bob computes rB = H(c).
4. If rA = rB thenBob send request decryption key k from
Alice.
5. Bob decrypt the data by calculating the binarystring s
and d = c − s and verifiesthe combination of d by a
traditional hash function.
If a situation arises concerning the combination of
data transfer the belowprotocol is executed:
Method 1.2(Data transfer verification).
1. Alice or Bob sends k and r to the central server;
2. The server calculates the binarystring s and its hash H(s);
3. The server calculatesrS = H(c) = H(s). h(d);
4. If r = rS, the server predicts that Alice correctly sent the
data.
The remaining step is that may needproof then
Step 3. Recallthat (n) is the order of (Z/nZ) (the group
over which arithmetic takes place), and byabstraction
ofh(d) d (mod (n)), so that bh(d) .bd (mod n). Since H(d)
= bd mod n,we have that H(c) = H(s + d) = H(s)H(d) =
H(s)h(d) using the uniqueproperty of H.
We show that the server can reduce the
computation of H(s) by computingH(s mod (n)). We posit
that working is not an issue since thisprotocol will be
executed rapidly.
In our proposed system we introduced a novel
architecture for verifying the authentication and secure
transferring of data. Reducing the impersonation and data
leakage in transmission we adapted cryptographic methods
in our architecture. We introduced a trusted member to
verify the data is correct or not. We call that trusted
member as auditor or verifier. It verifies the signature
generated from the content stored in cloud and from the
data owner.
III. PROPOSED SYSTEM
In proposed work we designed a protocol that we have
three roles such as clients, cloud service provider, and
verifier. The client store data in cloud service provider.
There are multi-owners present in the network in the cloud.
The client store data in encrypted format in cloud service
provider.
It’sto be encrypted by random alphabetic encryption
process which is shown below:
Random Alphabetical Encryption and Decryption
Algorithm :
ISSN: 2231-5381http://www.ijettjournal.org
Page 341
International Journal of Engineering Trends and Technology (IJETT) – Volume15Number 7 – Sep 2014
Encryption: P=plain Text
Key with variable length (128,192, 256 bit)
• Rappresented with a matrix (array) of bytes with 4 rows
andNk columns, Nk=key length / 32
• key of 128 bits= 16 bytes Nk=4
• key of 192 bits= 24 bytes Nk=6
• key of 256 bits= 32 bytes Nk=8
Block of length 128 bits=16 bytes
• Represented with a matrix (array) of bytes with 4 rows
andNb columns, Nb=block length / 32
• Block of 128 bits= 16 bytes Nb=4
State = X
1. AddRound_Key(State, Key0)
for r = 1 to (Nr - 1)
a. Sub_Bytes(State, S-box)
b. Shift_Rows(State)
c. Mix-Columns(State)
d. Add-RoundKey(State, Keyr)
end for
2. Sub_Bytes(State, S-box)
3. Shift_Rows(State)
4. Add-RoundKey(State, KeyNr)
Y = State
5. Collect signatures from receivers
6. Monitor files
Auditor
User
7. Send Status
4. Receive signatures
from multiple
8. Decrypted file
7. Send Status
2. Send meta details
Data Owner 1
3. Send encrypted File
Cloud service
Data owner 2
1.Encrypt file, generate signature
Signature Generation Algorithm:
KeyGeneration(Ks)→(p k , sk , skh). The key generation
algorithm takes no input other than the implicit security
parameter Ks. It randomly chooses two random numbers
for selecting random numbers generate two prime numbers
from P. Then calculate primitive roots of the two prime
numbers and those two primitive roots are st ,shrepectively
and belongs to Prime number group as the tag key and the
hash key.
It outputs the public tag key as pt = gsKs mod G2,
the secret tag key st and the secret hash key sh. Then
generate hash for sh is calculated by using simple hash
function which means second random value given input to
hash function that explains as follows. For example
consider that each input is an integer I in the range 0 to
N−1, and the output must be an integer h in the range 0 to
n−1, where N is much larger than n. Then the hash function
could be h = I mod n (the remainder of I divided by n), or h
………..
= (I × n) ÷N (the value z scaled down by n/N and truncated
to an integer) or so many other formulas.
Signature Generation (M, st ,sh) → T. The
signature generation algorithm takes each data component
M, the secret tag key st and the secret hash key sh as inputs.
It first chooses s random values r1, r2, …. , xn є I and
computes uj = gxj mod G1 for all j є [1, n]. For each data
block mi(i є [1,n]), it computes a data challenge as:-
C=({c1}I€SChal,{rn} n€j
where Wi = FID||i (the “||” denotes the concatenation
operation), in which FID is the identifier of the data and i
represents the block number of mi. It outputs the set of data
tags T = {ti}iє[1,n]. Chall(Minfo) → C. The algorithm takes
the brief information of the data Minfo as the input And it
selects some different data blocks to construct the
Challenge Set Q and generates a random number for each
chosen data block mi(i є Q). It computes the challenge
ISSN: 2231-5381http://www.ijettjournal.org
Page 342
International Journal of Engineering Trends and Technology (IJETT) – Volume15Number 7 – Sep 2014
stamp R = (pt)r by randomly choosing a number r є Z*p. It
outputs the challenge as
Tp=∏
€
Proof(M,T,C) → P. The proving algorithm takes as inputs
the data M and the received. The proof consists of the tag
proof TP and the data proof DP. The challenge proof is
generated as
To generate the data proof it first computes the sector
linear combination of all the challenged data blocks MPj for
each j є [1, s] as
Mpj=Vj.Mij
Then, it generates the data proof DP as
DProof=∏
( , )Mpj
It outputs the proof P = (TP,DP).
Verify(C,P, sh, pt ,Minfo ) → 0/1. The verification
algorithm takes as inputs the challenge C, the proof P, the
secret hash key sh, the public tag key pt and the abstract
information of the data component. Initially itcomputes the
identifier hash values hash(sh,Wi) of all the challenged data
blocks such as hash value is calculated by using SHA256
method and computes the challenge hash Hchallange as
Hchal=∏ € (h(Skh,Wi))
Then it verifies the proof from the server by the following
verification equation:
Vp=e(HChallenge,pt)=e(Tp,gr2)
If the above verification equation holds it outputs 1.
Otherwise it results 0.
IV. CONCLUSION
In this paper, we proposed an efficient secure dynamic
verifying protocol. It defends the data privacy over the
auditor by combining the cryptography method, rather than
using the mask technique. Our multi-cloud batch verifying
protocol does not require any additional organizer. Our
batch verifying protocol can also support the batch auditing
for multiple owners. Our auditing scheme less
communication cost and less computation complexity of
the auditor by moving the computing calculations of
auditing from the auditor to the server which is greatly
increases the efficiency auditing performance and applied
to large-scale cloud storage systems.
REFERENCES
[1] P. Mell and T. Grance, “The NIST Definition of Cloud
Computing,”technical report, Nat’l Inst. of Standards and
Technology,2009.
[2] M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz,
A.Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I. Stoica, and
M.Zaharia, “A View of Cloud Computing,” Comm. ACM, vol. 53,no. 4,
pp. 50-58, 2010.
[3] T. Velte, A. Velte, and R. Elsenpeter, Cloud Computing: A
PracticalApproach, first ed., ch. 7. McGraw-Hill, 2010.
[4] J. Li, M.N. Krohn, D. Mazie`res, and D. Shasha, “Secure
UntrustedData Repository (SUNDR),” Proc. Sixth Conf. Symp.
OperatingSystems Design Implementation, pp. 121-136, 2004.
[5] G.R. Goodson, J.J. Wylie, G.R. Ganger, and M.K. Reiter,
“EfficientByzantine-Tolerant Erasure-Coded Storage,” Proc. Int’l
Conf.Dependable Systems and Networks, pp. 135-144, 2004.
[6] V. Kher and Y. Kim, “Securing Distributed Storage:
Challenges,Techniques, and Systems,” Proc. ACM Workshop Storage
Securityand Survivability (StorageSS), V. Atluri, P. Samarati, W. Yurcik,
L.Brumbaugh, and Y. Zhou, eds., pp. 9-25, 2005.
[7] L.N. Bairavasundaram, G.R. Goodson, S. Pasupathy, and J.Schindler,
“An Analysis of Latent Sector Errors in Disk Drives,”Proc. ACM
SIGMETRICS Int’l Conf. Measurement and Modeling ofComputer
Systems, L. Golubchik, M.H. Ammar, and M. Harchol-Balter, eds., pp.
289-300, 2007.
[8] B. Schroeder and G.A. Gibson, “Disk Failures in the Real World:What
Does an MTTF of 1,000,000 Hours Mean to You?” Proc.USENIX Conf.
File and Storage Technologies, pp. 1-16, 2007.
[9] M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard,“A
Cooperative Internet Backup Scheme,” Proc. USENIX Ann.Technical
Conf., pp. 29-41, 2003.
[10] Y. Deswarte, J. Quisquater, and A. Saidane, “Remote
IntegrityChecking,” Proc. Sixth Working Conf. Integrity and Internal
Controlin Information Systems (IICIS), Nov. 2004.
BIOGRAPHIES
Mr. P.S.SITARAMA RAJU, well known
and excellent Teacher received M.Tech
(CSE) from CENTRAL UNIVERSITY,
Hyderabad. He is working as professor
(H.O.D)
Dept
of
CSE
at
MaharajVijayaramGajapathi Raj College of
Engineering. He has 161/2 years of
industrial and teaching experience and to his credit couple of
publications both national and international conferences/journals.
His area of interest includes Object Oriented software &
languages, System Architecture System Software.
KodukullaSireesha
is
a
student
MaharajVijayaramGajapathi
Raj
of
Engineering
College,
Chintavalasa.
Presently she is pursuing his M.Tech
[Computer Science] from this college and
he received his B.Tech from Gokul Institute
of Technology and sciences, affiliated to JNTU Kakinada, Piridi
in the year 2009. Her area of interest includes Computer
Networks and DBMS all current trends techniques in Computer
science.
ISSN: 2231-5381http://www.ijettjournal.org
Page 343
International Journal of Engineering Trends and Technology (IJETT) – Volume15Number 7 – Sep 2014
ISSN: 2231-5381http://www.ijettjournal.org
Page 344