Advanced Traceability Mechanism for Shared Data in the Cloud ,

advertisement
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014
Advanced Traceability Mechanism for Shared Data in the Cloud
Kedar Jayesh Rasal1, Prof. Sandip A. Kahate2 ,
1
2
Computer Engineering, SPCOE, Otur, Pune, Maharashtra, India.
Computer Engineering, SPCOE, Otur, Pune, Maharashtra, India.
Abstract— With cloud information services, it is very common
for information to be not only saved in the cloud, but also
distributed across multiple users. Unfortunately, the reliability of
cloud information is subject to uncertainty due to the lifestyle of
hardware/software problems and human errors. Several systems
have been designed to allow both information owners and public
verifiers to effectively auditing cloud information integrity
without accessing the whole information from the cloud server.
However, public auditing on the reliability of distributed
information with these existing mechanisms will certainly reveal
private information—identity privacy—to public verifiers. This
survey recommends a novel privacy-preserving procedure that
facilitates public auditing on distributed information saved in the
cloud. It manipulates ring signatures to estimate confirmation
meta-data needed to audit the correctness of distributed
information. With this procedure, the identification of the signer
on each block in distributed information is kept private from
public verifiers, who are able to effectively confirm distributed
information reliability without retrieving the whole file. In
addition, this procedure is able to perform several auditing
projects at the same time instead of confirming them one by one.
Our trial results illustrate the efficiency and usefulness of our
procedure when auditing distributed information reliability.
Keywords— Public auditing, privacy-preserving, shared data,
cloud computing
I.
INTRODUCTION
Cloud companies offer customers effective and scalable
data storage space alternatives with a much reduced marginal
cost than traditional techniques [2]. It is schedule for
customers to leverage cloud storage space alternatives to work
together with others in a team, as information discussing
becomes a conventional function in most cloud storage space
promotions, such as Drop box, Cloud and Google Generate.
The reliability of information in cloud storage space, however,
is subject to uncertainty and analysis, as information saved in
the cloud can easily be missing or damaged due to the
unavoidable hardware/ software problems and individual
mistakes. To create this matter even more intense, cloud
companies may be reluctant to notify customers about these
information mistakes to be able to maintain the popularity of
their alternatives and prevent losing profits [3]. Therefore, the
reliability of cloud information should be verified before any
information usage, such as look for or computation over cloud
information [4].
The traditional strategy for verifying information
correctness is to recover the whole information from the cloud,
and then verify data reliability by verifying the correctness of
signatures (e.g. RSA) or hash principles (e.g., MD5) of the
entire data. Certainly, this traditional strategy is able to
successfully check the correctness of cloud information.
ISSN: 2231-5381
However the performance of using this traditional strategy on
cloud data is in question.
The primary purpose is that the size of the cloud
information is large in common. Installing the whole cloud
information to verify data reliability will price or even spend
customer’s quantities of computation and interaction sources,
especially when information has been damaged in the cloud.
Besides, many uses of cloud information (e.g., information
exploration and machine learning) do not actually need
customers to obtain the entire cloud information to regional
gadgets [2]. It is because cloud providers, such as Amazon,
can offer customers computation services straight on largescale information that already existed in the cloud.
Recently, many systems [5] have been suggested to allow
not only a information proprietor itself but also a public
verifier to efficiently perform reliability verifying without
downloading the entire information from the cloud, which is
generally known as public auditing [3]. In these systems,
information is separated into many little prevents, where each
prevent is independently signed by the owner; and a unique
mixture of all prevents instead of the whole information is
recovered during integrity verifying. A public verifier could
be a data user (e.g., researcher) who would like to implement
the owner’s data via the cloud or a third-party auditor (TPA)
who can offer professional reliability verifying alternatives [6].
Moving a advancement, Wang et al. developed an advanced
auditing procedure [4] (named as WWRL in this paper), so
that during public audit on cloud information, the content of
individual information that belong to a individual customer is
not disclosed to any public verifiers. Unfortunately, present
public auditing alternatives described above only concentrate
on personal information in the cloud [1].
This survey believes that discussing information among
several customers is perhaps one of the most interesting
functions that motivate cloud storage space. Therefore, it is
also necessary to create sure the integrity of distributed
information in the cloud is appropriate. Current public audit
systems can actually be prolonged to verify distributed
information reliability [1], [3]. However, a new important
comfort problem presented in the situation of shared
information with the use of existing systems is the leakage of
identification comfort to public verifiers [1].
To fix the above comfort problem on shared data, survey
scheme recommend Oruta, a novel privacy-preserving public
auditing procedure. More particularly, it implement ring
signatures [7] to create homomorphic authenticators in Oruta,
so that a community verifier is able to confirm the integrity of
http://www.ijettjournal.org
Page 235
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014
distributed information without accessing the entire data—
while the identification of the signer on each prevent in shared
information is kept personal from the community verifier.
Moreover, further increase its procedure to support batch audit,
which is capable of doing several audit tasks simultaneously
and enhance the performance of verification for several audit
projects. Meanwhile, Oruta is compatible with unique
covering up [3], which has been used in WWRL and can
protect information comfort from community verifiers.
Moreover, it also makes use of catalog hash platforms from a
previous community audit remedy to back up dynamic data.
II. LITERATURE SURVEY
Ring Signatures
The idea of ring signatures was first recommended by
Rivest et al. [12] in 2001. With ring signatures, a verifier is
assured that a signature is calculated using one of team
members’ personal important factors, but the verifier is not
able to decide which one. More concretely, given a ring
signature and a number of d customers, a verifier cannot
differentiate the signer’s identification with a possibility more
than 1=d. This residence can be used to secure the
identification of the signer from a verifier. The ring signature
plan presented by Boneh et al. [11] (referred to as BGLS in
this paper) is designed on bilinear charts. We will increase this
ring signature plan to create our community audit procedure.
A)
b) Audit Phase:
TPA problem is review idea to CS. The CS will obtain a
reaction idea by executing Genproof. TPA confirms the
reaction using F and its verification meta-data.
TPA is stateless i.e. no need to sustain or upgrade the state
information of review stage. Public key centered
homomorphic linear confirmation with unique covering up
strategy is used to accomplish comfort preserving community
audit. TPA checks the reliability of the contracted details
saved on reasoning without accessing real material. Current
study of evidence of retrievable ability (PoR) [14] or Evidence
of Data Ownership (PDP) technique doesn’t consider details
comfort issue. PDP scheme first recommended by Ateniese et
al. used to identify huge amount corruption in contracted
details. It uses RSA based Homomorphic confirmation for
audit the reasoning details and randomly testing a few
prevents of data files. A Second technique proposed by Juels
as Evidence of retrievability (PoR) allows user to recover data
files without any details reduction or corruptions. It uses spot
verifying & mistake solving requirements are used to make
sure both “Possession” and “Retrievability”. To accomplish
Zero
knowledge
comfort,
specialist recommended
Aggregatable Signature Based Transmitted (ASBB).
It provides completeness, comfort and soundness. It uses 3
algorithms as Keygen, Gentag and Audit.
C)
B)
Privacy Protecting Public Auditing Proposed by
Cong Wang
Public audit allows TPA (Third Party Auditor) along with
customer to examine the integrity of the contracted details
saved on reasoning & Privacy Preserving allows TPA to do
audit without inquiring for local duplicate of the details.
Through this plan [1], TPA can audit the details and reasoning
details comfort is managed. It contains 4 methods as-
Using Exclusive Machine
Abhishek Mohta recommended Exclusive devices which
uses RSA criteria, for customer data/file protection and
decryptions [4]. It also uses SHA 512 criteria which creates
message digest and examine the details reliability. The Digital
signature is used as identification evaluate for customer or
details proprietor. It solves the issue of reliability, illegal
accessibility, comfort and consistency.
1) Keygen:
It is a key creation criteria used by the user to create the
plan.
2) Singen:
It is used by the customer to produce verification metadata
which may consist of electronic signature.
3) GenProof:
It is used by CS to produce a evidence of data storage
correctness.
4) Verify proof:
Used by TPA to review the proofs
It is separated into two areas as installation stage and review
stage.
a) Setup Phase:
Public and key factors are initialized by using keygen
and details f are preprocesses by using singen to produce
verification metadata at CS & remove its regional
duplicate. In preprocessing customer can modify details
F.
ISSN: 2231-5381
Fig 1.0: Architecture of Cloud server with CU and TPA
D) Non Straight line Authentication
Shrinivas recommended Homomorphic non linear
authenticator with unique covering up methods to achieve
cloud protection [5]. K. Gonvinda recommended electronic
signature method to secure the comfort and reliability of
http://www.ijettjournal.org
Page 236
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014
details. It uses RSA criteria for protection and decryption
which follows the procedure of electronic signatures for idea
confirmation.
Wang et al. [9] leveraged homomorphic tokens to ensure
the correctness of erasure codes-based data distributed on
multiple servers. This mechanism is able not only to support
dynamic data, but also to identify misbehaved servers. To
minimize communication overhead in the phase of data repair,
Chen et al. [10] also introduced a mechanism for auditing the
correctness of data under the multi-server scenario, where
these data are encoded by network coding instead of using
erasure codes. More recently, Cao et al. [12] constructed an
LT codes-based secure and reliable cloud storage mechanism.
Compare to previous work [9], [10], this mechanism can
avoid high decoding computation cost for data users and save
computation resource for online data owners during data
repair.
III. PROPOSED WORK
The system style in this paper involves three parties: the
reasoning server, a number of users and a community verifier.
There are two kinds of customers in a group: the unique
customer and a number of team customers. The original
customer originally makes distributed information in the
reasoning, and shares it with team customers. Both the unique
customer and group users are associates of the team. Every
participant of the group is permitted to accessibility and
change distributed information. Shared data and its
confirmation meta-data (i.e., signatures) are both stored in the
reasoning server. When a community verifier desires to
examine the reliability of shared information, it first delivers
an audit task to the cloud server. After getting the audit task,
the reasoning server reacts to the community verifier with an
auditing evidence of the ownership of distributed information.
Then, this community verifier assessments the correctness of
the entire data by confirming the correctness of the audit
evidence. Essentially, the procedure of community audit is a
challenge and- response method between a community
verifier and the cloud server [6].
Fig 2.0: Our System module includes Cloud, Group of user,
Public verifier
ISSN: 2231-5381
IV. THREATS IN SYSTEM
A) Privacy Risks
The identification of the signer on each block in distributed
information is personal and personal to the team Once the
community verifier shows the identification of the signer on
each prevent, it can quickly differentiate a high-value target (a
particular customer in the team or a unique prevent in shared
data) from others.
B) Integrity Threats
An attacker may try to damage the reliability of distributed
information. Second, the cloud support agency may
unintentionally damaged (or even remove) information in its
storage space due to components failures and individual
mistakes.
CONCLUSION
These survey paper recommend the Oruta which is
privacy-preserving public auditing procedure for distributed
information in the reasoning. It utilizes band signatures to
create homomorphic authenticators, so that a community
verifier is able to review distributed data integrity without
accessing the whole information, yet it cannot distinguish who
is the signer on each prevent. To improve the performance of
confirming several review projects, we further extend our
procedure to back up group review.
References
[1] B. Wang, B. Li, and H. Li, “Oruta: Privacy-Preserving Public Auditing for Shared
Data in the Cloud,” Proc. IEEE Fifth Int’l Conf. Cloud Computing, pp. 295-302, 2012.
[2] M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A. Konwinski, G. Lee,
D.A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A View of Cloud Computing,”
Comm. ACM,
vol. 53, no. 4, pp. 50-58, Apr. 2010.
[3] C.Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for
Data Storage Security in Cloud Computing,” Proc. IEEE INFOCOM, pp. 525-533, 2010.
[4] B.Wang, M. Li, S.S. Chow, and H. Li, “Computing Encrypted Cloud Data Efficiently
under Multiple Keys,” Proc. IEEE Conf. Comm. and Network Security (CNS ’13), pp.
90-99, 2013.
[5] C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia, “Dynamic Provable Data
Possession,” Proc. 16th ACM Conf. Computer and Comm. Security (CCS’09), pp. 213222, 2009.
[6] C. Wang, S.S. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public
Auditing for Secure Cloud Storage,” IEEE Trans. Computers, vol. 62, no. 2, pp. 362-375,
Feb. 2013.
[7] D. Boneh, C. Gentry, B. Lynn, and H. Shacham, “Aggregate and Verifiably
Encrypted Signatures from Bilinear Maps,” Proc. 22nd Int’l Conf. Theory and
Applications of Cryptographic Techniques: Advances in Cryptology (EUROCRYPT’03),
pp. 416-432, 2003.
[8] R.L. Rivest, A. Shamir, and Y. Tauman, “How to Leak a Secret,” Proc. Seventh Int’l
Conf. Theory and Application of Cryptology and Information Security: Advances in
Cryptology (ASIACRYPT’01), pp. 552-565, 2001.
[9]Juels, B. Kaliski. “Pors: proofs of retrievability for large files[C]”, Proceedings of
CCS 2007. Alexandria, VA, USA, 2007. 584-597.
[10] AbhishekMohta, Lalit Kumar Awasti, “Cloud Data Security while using Third Party
Auditor”, International Journal of Scientific & Engineering Research, Volume 3, Issue 6,
ISSN 2229-8 June 2012.
[11] D. Shrinivas, “Privacy-Preserving Public Auditing in Cloud Storage security”, and
International Journal of computer science and Information Technologies, vol 2, no. 6, pp.
2691-2693, ISSN: 0975-9646, 2011
[12] K Govinda, V. Gurunathprasad and H. sathishkumar, “ Third Party Auditing for
Secure Data Storage in Cloud Through Digital Signature Using RSA”, International
Journal of Advanced science and Technical Research, vol 4,no. 2, ISSN: 2249-9954,4
August 2012
[13] Balkrishnan. S, Saranya. G, Shobana. S and Karthikeyan S, “Introducing Effective
Third Party Auditing (TPA) for Data Storage Security in Cloud”, International Journal of
computer science and Technology, vol. 2, no. 2, ISSN 2229-4333 (Print) | ISSN: 09768491(Online), June 2012
[14]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song,
“Provable Data Possession at Untrusted Stores,” Proc. 14th ACM Conf. Computer and
Comm. Security (CCS ’07), pp. 598-610, 2007.
http://www.ijettjournal.org
Page 237
Download