International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014 Advanced Traceability Mechanism for Shared Data in the Cloud Kedar Jayesh Rasal1, Prof. Sandip A. Kahate2 , 1 2 Computer Engineering, SPCOE, Otur, Pune, Maharashtra, India. Computer Engineering, SPCOE, Otur, Pune, Maharashtra, India. Abstract— With cloud information services, it is very common for information to be not only saved in the cloud, but also distributed across multiple users. Unfortunately, the reliability of cloud information is subject to uncertainty due to the lifestyle of hardware/software problems and human errors. Several systems have been designed to allow both information owners and public verifiers to effectively auditing cloud information integrity without accessing the whole information from the cloud server. However, public auditing on the reliability of distributed information with these existing mechanisms will certainly reveal private information—identity privacy—to public verifiers. This survey recommends a novel privacy-preserving procedure that facilitates public auditing on distributed information saved in the cloud. It manipulates ring signatures to estimate confirmation meta-data needed to audit the correctness of distributed information. With this procedure, the identification of the signer on each block in distributed information is kept private from public verifiers, who are able to effectively confirm distributed information reliability without retrieving the whole file. In addition, this procedure is able to perform several auditing projects at the same time instead of confirming them one by one. Our trial results illustrate the efficiency and usefulness of our procedure when auditing distributed information reliability. Keywords— Public auditing, privacy-preserving, shared data, cloud computing I. INTRODUCTION Cloud companies offer customers effective and scalable data storage space alternatives with a much reduced marginal cost than traditional techniques [2]. It is schedule for customers to leverage cloud storage space alternatives to work together with others in a team, as information discussing becomes a conventional function in most cloud storage space promotions, such as Drop box, Cloud and Google Generate. The reliability of information in cloud storage space, however, is subject to uncertainty and analysis, as information saved in the cloud can easily be missing or damaged due to the unavoidable hardware/ software problems and individual mistakes. To create this matter even more intense, cloud companies may be reluctant to notify customers about these information mistakes to be able to maintain the popularity of their alternatives and prevent losing profits [3]. Therefore, the reliability of cloud information should be verified before any information usage, such as look for or computation over cloud information [4]. The traditional strategy for verifying information correctness is to recover the whole information from the cloud, and then verify data reliability by verifying the correctness of signatures (e.g. RSA) or hash principles (e.g., MD5) of the entire data. Certainly, this traditional strategy is able to successfully check the correctness of cloud information. ISSN: 2231-5381 However the performance of using this traditional strategy on cloud data is in question. The primary purpose is that the size of the cloud information is large in common. Installing the whole cloud information to verify data reliability will price or even spend customer’s quantities of computation and interaction sources, especially when information has been damaged in the cloud. Besides, many uses of cloud information (e.g., information exploration and machine learning) do not actually need customers to obtain the entire cloud information to regional gadgets [2]. It is because cloud providers, such as Amazon, can offer customers computation services straight on largescale information that already existed in the cloud. Recently, many systems [5] have been suggested to allow not only a information proprietor itself but also a public verifier to efficiently perform reliability verifying without downloading the entire information from the cloud, which is generally known as public auditing [3]. In these systems, information is separated into many little prevents, where each prevent is independently signed by the owner; and a unique mixture of all prevents instead of the whole information is recovered during integrity verifying. A public verifier could be a data user (e.g., researcher) who would like to implement the owner’s data via the cloud or a third-party auditor (TPA) who can offer professional reliability verifying alternatives [6]. Moving a advancement, Wang et al. developed an advanced auditing procedure [4] (named as WWRL in this paper), so that during public audit on cloud information, the content of individual information that belong to a individual customer is not disclosed to any public verifiers. Unfortunately, present public auditing alternatives described above only concentrate on personal information in the cloud [1]. This survey believes that discussing information among several customers is perhaps one of the most interesting functions that motivate cloud storage space. Therefore, it is also necessary to create sure the integrity of distributed information in the cloud is appropriate. Current public audit systems can actually be prolonged to verify distributed information reliability [1], [3]. However, a new important comfort problem presented in the situation of shared information with the use of existing systems is the leakage of identification comfort to public verifiers [1]. To fix the above comfort problem on shared data, survey scheme recommend Oruta, a novel privacy-preserving public auditing procedure. More particularly, it implement ring signatures [7] to create homomorphic authenticators in Oruta, so that a community verifier is able to confirm the integrity of http://www.ijettjournal.org Page 235 International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014 distributed information without accessing the entire data— while the identification of the signer on each prevent in shared information is kept personal from the community verifier. Moreover, further increase its procedure to support batch audit, which is capable of doing several audit tasks simultaneously and enhance the performance of verification for several audit projects. Meanwhile, Oruta is compatible with unique covering up [3], which has been used in WWRL and can protect information comfort from community verifiers. Moreover, it also makes use of catalog hash platforms from a previous community audit remedy to back up dynamic data. II. LITERATURE SURVEY Ring Signatures The idea of ring signatures was first recommended by Rivest et al. [12] in 2001. With ring signatures, a verifier is assured that a signature is calculated using one of team members’ personal important factors, but the verifier is not able to decide which one. More concretely, given a ring signature and a number of d customers, a verifier cannot differentiate the signer’s identification with a possibility more than 1=d. This residence can be used to secure the identification of the signer from a verifier. The ring signature plan presented by Boneh et al. [11] (referred to as BGLS in this paper) is designed on bilinear charts. We will increase this ring signature plan to create our community audit procedure. A) b) Audit Phase: TPA problem is review idea to CS. The CS will obtain a reaction idea by executing Genproof. TPA confirms the reaction using F and its verification meta-data. TPA is stateless i.e. no need to sustain or upgrade the state information of review stage. Public key centered homomorphic linear confirmation with unique covering up strategy is used to accomplish comfort preserving community audit. TPA checks the reliability of the contracted details saved on reasoning without accessing real material. Current study of evidence of retrievable ability (PoR) [14] or Evidence of Data Ownership (PDP) technique doesn’t consider details comfort issue. PDP scheme first recommended by Ateniese et al. used to identify huge amount corruption in contracted details. It uses RSA based Homomorphic confirmation for audit the reasoning details and randomly testing a few prevents of data files. A Second technique proposed by Juels as Evidence of retrievability (PoR) allows user to recover data files without any details reduction or corruptions. It uses spot verifying & mistake solving requirements are used to make sure both “Possession” and “Retrievability”. To accomplish Zero knowledge comfort, specialist recommended Aggregatable Signature Based Transmitted (ASBB). It provides completeness, comfort and soundness. It uses 3 algorithms as Keygen, Gentag and Audit. C) B) Privacy Protecting Public Auditing Proposed by Cong Wang Public audit allows TPA (Third Party Auditor) along with customer to examine the integrity of the contracted details saved on reasoning & Privacy Preserving allows TPA to do audit without inquiring for local duplicate of the details. Through this plan [1], TPA can audit the details and reasoning details comfort is managed. It contains 4 methods as- Using Exclusive Machine Abhishek Mohta recommended Exclusive devices which uses RSA criteria, for customer data/file protection and decryptions [4]. It also uses SHA 512 criteria which creates message digest and examine the details reliability. The Digital signature is used as identification evaluate for customer or details proprietor. It solves the issue of reliability, illegal accessibility, comfort and consistency. 1) Keygen: It is a key creation criteria used by the user to create the plan. 2) Singen: It is used by the customer to produce verification metadata which may consist of electronic signature. 3) GenProof: It is used by CS to produce a evidence of data storage correctness. 4) Verify proof: Used by TPA to review the proofs It is separated into two areas as installation stage and review stage. a) Setup Phase: Public and key factors are initialized by using keygen and details f are preprocesses by using singen to produce verification metadata at CS & remove its regional duplicate. In preprocessing customer can modify details F. ISSN: 2231-5381 Fig 1.0: Architecture of Cloud server with CU and TPA D) Non Straight line Authentication Shrinivas recommended Homomorphic non linear authenticator with unique covering up methods to achieve cloud protection [5]. K. Gonvinda recommended electronic signature method to secure the comfort and reliability of http://www.ijettjournal.org Page 236 International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014 details. It uses RSA criteria for protection and decryption which follows the procedure of electronic signatures for idea confirmation. Wang et al. [9] leveraged homomorphic tokens to ensure the correctness of erasure codes-based data distributed on multiple servers. This mechanism is able not only to support dynamic data, but also to identify misbehaved servers. To minimize communication overhead in the phase of data repair, Chen et al. [10] also introduced a mechanism for auditing the correctness of data under the multi-server scenario, where these data are encoded by network coding instead of using erasure codes. More recently, Cao et al. [12] constructed an LT codes-based secure and reliable cloud storage mechanism. Compare to previous work [9], [10], this mechanism can avoid high decoding computation cost for data users and save computation resource for online data owners during data repair. III. PROPOSED WORK The system style in this paper involves three parties: the reasoning server, a number of users and a community verifier. There are two kinds of customers in a group: the unique customer and a number of team customers. The original customer originally makes distributed information in the reasoning, and shares it with team customers. Both the unique customer and group users are associates of the team. Every participant of the group is permitted to accessibility and change distributed information. Shared data and its confirmation meta-data (i.e., signatures) are both stored in the reasoning server. When a community verifier desires to examine the reliability of shared information, it first delivers an audit task to the cloud server. After getting the audit task, the reasoning server reacts to the community verifier with an auditing evidence of the ownership of distributed information. Then, this community verifier assessments the correctness of the entire data by confirming the correctness of the audit evidence. Essentially, the procedure of community audit is a challenge and- response method between a community verifier and the cloud server [6]. Fig 2.0: Our System module includes Cloud, Group of user, Public verifier ISSN: 2231-5381 IV. THREATS IN SYSTEM A) Privacy Risks The identification of the signer on each block in distributed information is personal and personal to the team Once the community verifier shows the identification of the signer on each prevent, it can quickly differentiate a high-value target (a particular customer in the team or a unique prevent in shared data) from others. B) Integrity Threats An attacker may try to damage the reliability of distributed information. Second, the cloud support agency may unintentionally damaged (or even remove) information in its storage space due to components failures and individual mistakes. CONCLUSION These survey paper recommend the Oruta which is privacy-preserving public auditing procedure for distributed information in the reasoning. It utilizes band signatures to create homomorphic authenticators, so that a community verifier is able to review distributed data integrity without accessing the whole information, yet it cannot distinguish who is the signer on each prevent. To improve the performance of confirming several review projects, we further extend our procedure to back up group review. References [1] B. Wang, B. Li, and H. Li, “Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud,” Proc. IEEE Fifth Int’l Conf. Cloud Computing, pp. 295-302, 2012. [2] M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A. Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A View of Cloud Computing,” Comm. ACM, vol. 53, no. 4, pp. 50-58, Apr. 2010. [3] C.Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,” Proc. IEEE INFOCOM, pp. 525-533, 2010. [4] B.Wang, M. Li, S.S. Chow, and H. Li, “Computing Encrypted Cloud Data Efficiently under Multiple Keys,” Proc. IEEE Conf. Comm. and Network Security (CNS ’13), pp. 90-99, 2013. [5] C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia, “Dynamic Provable Data Possession,” Proc. 16th ACM Conf. Computer and Comm. Security (CCS’09), pp. 213222, 2009. [6] C. Wang, S.S. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure Cloud Storage,” IEEE Trans. Computers, vol. 62, no. 2, pp. 362-375, Feb. 2013. [7] D. Boneh, C. Gentry, B. Lynn, and H. Shacham, “Aggregate and Verifiably Encrypted Signatures from Bilinear Maps,” Proc. 22nd Int’l Conf. Theory and Applications of Cryptographic Techniques: Advances in Cryptology (EUROCRYPT’03), pp. 416-432, 2003. [8] R.L. Rivest, A. Shamir, and Y. Tauman, “How to Leak a Secret,” Proc. Seventh Int’l Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’01), pp. 552-565, 2001. [9]Juels, B. Kaliski. “Pors: proofs of retrievability for large files[C]”, Proceedings of CCS 2007. Alexandria, VA, USA, 2007. 584-597. [10] AbhishekMohta, Lalit Kumar Awasti, “Cloud Data Security while using Third Party Auditor”, International Journal of Scientific & Engineering Research, Volume 3, Issue 6, ISSN 2229-8 June 2012. [11] D. Shrinivas, “Privacy-Preserving Public Auditing in Cloud Storage security”, and International Journal of computer science and Information Technologies, vol 2, no. 6, pp. 2691-2693, ISSN: 0975-9646, 2011 [12] K Govinda, V. Gurunathprasad and H. sathishkumar, “ Third Party Auditing for Secure Data Storage in Cloud Through Digital Signature Using RSA”, International Journal of Advanced science and Technical Research, vol 4,no. 2, ISSN: 2249-9954,4 August 2012 [13] Balkrishnan. S, Saranya. G, Shobana. S and Karthikeyan S, “Introducing Effective Third Party Auditing (TPA) for Data Storage Security in Cloud”, International Journal of computer science and Technology, vol. 2, no. 2, ISSN 2229-4333 (Print) | ISSN: 09768491(Online), June 2012 [14]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable Data Possession at Untrusted Stores,” Proc. 14th ACM Conf. Computer and Comm. Security (CCS ’07), pp. 598-610, 2007. http://www.ijettjournal.org Page 237