Cloud Storage with Data Dynamics
Using Secure Network Coding Technique
M. SIVARAM, AVR PHANI KUMAR, G. NAGA JASWANTH RAJU, CH. KRISHNA CHAITANYA
Department Of Electrical and Electronics Engineering,
Sree Venkateswara College of Engineering, Nellore, Andhra Pradesh.
Email: sivarammalisetty1234@gmail.com
krishnachaitanya8352@gmail.com
avrphanikumar@gmail.com
nagajaswanthrajugobburi@gmail.com.
Abstract:
The age of cloud computing, cloud customers with restricted garage can outsource their information to
far flung servers. These servers, in lieu of economic benefits, provide retrievability in their clients’
information at any factor of time. Secure cloud garage protocols allow a consumer to test integrity of
outsourced information. In this article, we discover the opportunity of building a steady cloud garage
for dynamic information via way of means of leveraging the algorithms concerned in steady community
coding. Cloud Storage Services are becoming more popular and very efficient way for enterprises and
individual users to store their data in the cloud storage with no more effort for manage and other related
costs. Beside many features of cloud computing, security comes to be a big concern that makes it
debatable to users to move their data into cloud storage. One of the basic security issues is data integrity,
to check data integrity in cloud storage many techniques have been proposed by researcher. We display
that a number of the steady community coding schemes may be used to assemble green steady cloud
garage protocols for dynamic information, and we assemble the sort of protocol (DSCS I) primarily
based totally on a steady community coding protocol. To the quality of our knowledge, DSCS I is the
primary steady cloud garage protocol for dynamic information built the usage of steady community
coding strategies that is steady withinside the trendy model. Although regularly occurring dynamic
information help arbitrary insertions, deletions and modifications, append-most effective information
located several programs withinside the actual world. We assemble every other steady cloud garage
protocol (DSCS II) unique to append-most effective information — that overcomes a few obstacles of
DSCS I. Finally, we offer prototype implementations for DSCS I and DSCS II so that it will examine
their performance.
Keywords: Cloud computing, network, data, protocol
Introduction:
With the arrival of cloud computing, cloud servers provide to their clients (cloud users) diverse offerings
that encompass delegation of massive quantity of computation and outsourcing huge quantity of
records. For example, a patron having a clever tele-cell-smart-phone with a low-overall performance
processor or restrained garage can't accomplish heavy computation or save huge quantity of records.
Under such circumstances, she will be able to delegate her computation/garage to the cloud server. In
case of garage outsourcing, the cloud server shops huge records on behalf of its clients. However, a
malicious cloud server can delete a number of the patron’s records to keep a few-gap. Secure cloud
garage protocols offer a mechanism to hit upon if the server shops the patron’s records un tampered.
Based on the character of the outsourced records, those protocols are label as: steady cloud garage
protocols for static records [1], [2], [3] and for dynamic records (DSCS). For static records, the patron
can't ex-trade her records after the preliminary outsourcing (e.g., backup/archival records). Dynamic
records are greater well-known in that the patron can adjust her records as regularly as wanted. In steady
cloud garage protocols, the patron can audit the outsourced records without having access to the
complete records report, and nevertheless be capable of hit upon undesirable modifications in records
completed via way of means of a malicious server. During an audit, the patron venture to the server
which produces proofs of garage similar to that venture. Secure cloud garage protocols are publicly
verifiable if an audit may be executed via way of means of any (TPA) the usage of; or privately
verifiable if an auditor wishes a few mystery facts of the patron. The entities concerned in a steady
cloud garage protocol and the interplay amongst them. In a community coding protocol, every [4],[5]
intermediate node on a community direction combines incoming packets to output any other packet.
These protocols experience better throughput, performance and scalability than the save-and-ahead
routing, however they're susceptible to pollutants assaults via way of means of malicious intermediate
nodes injecting invalid packets. These packets produce greater such packets downstream, and the
receiver won't subsequently decode the report despatched via way of means of the sender node. Secure
community coding (SNC) protocols use cryptographic strategies to save you those assaults: the sender
authenticates every packet via way of means of attaching a small tag to it. These authentication tags are
generated the usage of homomorphic message authentication codes or homomorphic signatures. Due to
homomorphic property, an intermediate node can integrate incoming packets right into a packet and its
tag. In this work, we examine the trouble of building a steady cloud garage protocol for dynamic records
assemble a green DSCS protocol the usage of an SNC protocol. In a preceding work, Chen et al. screen
a dating among steady cloud garage and steady community coding. In particular, they display that you'll
be able to take advantage of a number of the algorithms concerned in an SNC protocol as a way to
assemble a steady cloud garage protocol for static records. However, their production does now no
longer manage dynamic records — that makes it inadequate in lots of packages in which a patron wishes
to update. The faraway records efficiently. Further investigations are wanted toward green DSCS
production the usage of a steady community coding protocol. Network coding strategies had been used
to assemble allotted garage structures [6],[7] in which the patron’s records are disseminated throughout
more than one server. However, they by and large intention to lessen the restore bandwidth while a
number of the servers fail. On the opposite hand, we discover whether or not we will take advantage of
the algorithms concerned in an SNC protocol to assemble green and steady cloud garage protocol for
dynamic records. Although dynamic records are well-known withinside the feel that they guide arbitrary
update (insertion, deletion and modification) operations, append-handiest records discover several
packages as well.
1. BACKGROUND
This segment of the article describes the concepts of cloud computing and their services.
1.1 Cloud Computing
CC has emerged as the latest utility-oriented distributed computing model and has been envisioned as
a significant shift of IT, with the aim of augmenting abilities of the client devices by providing access
to a shared pool of rented platforms, applications, and infrastructures without having to actually own
them. The different service models of the cloud offer on-demand, affordable, rapid elasticity, ubiquitous
resource access and measured service. The cloud ¨ systems have the capability of conveniently adjusting
the virtual allocated resources on the basis of the current requirements with a minimal managerial effort
and service interruption. Such elastic characteristics reduce the wastage of resources in case of over
provisioning the cloud service models rely on a pricing model of pay as you go that charges the clients
on the basis of the amount of usage and some service metrics. For example, the Dropbox service can be
measured as gigabytes per year. The CC also has led to the appearance of a new type of collaboration
and communication service by creating social networks and online communities, which facilitates
scientists’ constructing research communities by sharing data and analysis tools. The virtualization of
resources is the core technology of cloud computing to inculcate a vision of infinite resources to the
clients.
1.2 Distributed Storage Systems
Distributed storage systems are created by combining networking and storage to allow users to remotely
store data and provide novelty services, such as archiving, publishing, federation, and anonymity. The
advances in networking technology have directly caused the emergence of new distributed storage
systems. For example, a new generation of distributed system reappeared by evolving the networks
from the Local Area Networks (LANs) to public global Wide Area Networks (WANs), such as the
Internet Distributed storage systems are classified into the following groups based on the application’s
functional requirements: (1) Archival: The archival system is introduced as a storage, in which the users
are able to store, retrieve, and back up files. The stored data in such systems rarely needs to make
updates and has write-once and read-many workloads. Examples of archival storage include a largescale peer-to-peer persistent storage utility (PAST) and Cooperative File System (CFS). (2) Filesystem:
The systems that fall in this category offer persistent storage with a file system for the users and permit
the applications to use storage without having to modify the rebuild, such as the SUN Network File
System (NFS).
2. CLOUD SERVICES:[8]
The services of the cloud may be classified into the 3 classes specifically software system as a Service,
Platform as a Service, Infrastructure as a Service. All the services are based mostly upon the “Pay-peruse” model.
2.1 Software system as Service: In SaaS, AN application is hosted by service supplier and so
accessed via the planet wide internet by a client. These are principally designed for finish users.
Customers needn't install the applying on the native pc there by eliminating installation and maintenance
cost. The change of software is taken care by the SaaS provider. Most of the SaaS solutions belong to
multitenant architecture. because the software system is managed at central location, client will access
to the applying at any time and place, the sole issue needed is access to the internet. a number of the
SaaS suppliers are Google Apps, overview, Microsoft workplace live Business, Amazon, Workday.
Usage of SaaS is beneficiary once there's important would like for mobile or web access like mobile
sales management software, significant interaction between organization and out of doors world like
email, applications like tax or request software used once during a month [8].
2.2 Platform as a Service: With this type of union facilities, one will deploy the application while
not putting in the platform on the native system that's software system may be deployed in cloud
infrastructure. the most concerning} victimisation PaaS is that developer needn't worry about the
platform updates, storage. These options are taken by PaaS suppliers. Some PaaS providers provide
prebuilt practicality in order that users can avoid building everything from the scratch. Some of the
PaaS providers additionally provide on-line community wherever developers can share best practices
can get ideas, ask for recommendation from others. The implementation of PaaS is completely different
from one supplier to a different giver. Amazon webservices, Google, OpenStack, Flexi scale, Long
Jump are a number of the PaaS providers [8].
2.3 Infrastructure as a Service:
In contrast to SaaS and PaaS, IaaS provide hardware resources as service. The resources embrace
memory, servers, networking devices, process power. These are accustomed deploy the application.
Multiple users will use infrastructure through the utilization of virtual machines. so as to manage these
virtual machines, a governance framework is required, which helps in avoiding uncontrolled access to
the sensitive information. Utilization of this service can facilitate in reducing the initial investment in
company’s hardware. The service relies on “pay-peruse” model. Amazon internet Services EC2 and S3
are best examples for IaaS [8].
3. CLOUD STORAGE STANDARDS
Businesses, governments, non-profit organizations and individual shoppers are all facing growing
challenges in storing, managing, protective and mining the explosion of information being generated
in more and more digital world. Cloud storage standards can facilitate these teams address the
accessibility, security, and movableness and price problems related to the unrelentingly growing pools
of data. Cloud storage standards can even help outline roles and responsibilities for data ownership,
archiving, discovery, retrieval and shredding/retirement. Service level agreements (SLAs) around data
storage assessments, assurance and auditing also should be outlined during a consistent manner. Four
key teams will profit from the CDMI standard:
3.1 Cloud storage subscribers (users): Service-level expectations for cloud storage security,
portability, protection, performance and alternative criteria among different cloud storage services are
best queried and compared over a typical interface. CDMI provides cloud storage subscribers with a
simple, common interface to assist them discover the suitable set of compatible cloud storage service
suppliers for his or her specific requirements [9].
3.2 Cloud storage service providers:
commercial enterprise cloud storage service capabilities via a standard interface helps ensure broad
market coverage for service suppliers. CDMI provides a standard interface for cloud storage service
providers to advertise their specific capabilities and facilitate subscribers discover them. CDMI helps
service providers advertise as several or as few capabilities PRN matching their targeted subscriber
bases. CDMI additionally provides unique, non-standard extensions for service providers that wish to
differentiate while not sacrificing broad market addressability [9].
3.3 Cloud storage service developer:
operational systems like Windows, Solaris, UNIX system and Apple' iPhone have established the
worth of normal interfaces for application developers. The success of the cloud can so rely on
customary interfaces for computing, networking and storage. CDMI provides the sole multivendor,
industry-standard development interface for application developers that wish to store information
within the cloud. CDMI additionally ensures a broad infrastructure of compatible service suppliers for
application developers, thereby making the broadest doable market of potential subscribers to cloud
application developers [9].
3.4 Cloud storage service brokers: as subscribers entrust a lot of necessary data to cloud storage
providers, the necessity to "de-risk" the link between subscribers and providers becomes paramount.
Enterprises or government entities may additionally have advanced cloud storage necessities that
exceed the capabilities of anyone cloud storage supplier. in this case, a set of united cloud storage
services could also be required. Cloud storage service brokers will step in and supply "middle-man"
services to subscribers. For example, brokers may offer "cloud insurance" via CDMI by combining a
primary and secondary set of cloud storage suppliers to the broker' customers (subscribers). If the first
cloud storage service provider has an outage or terminates the service altogether, the broker allotted
secondary cloud storage service will take over in step with the SLAs. Similarly, cloud storage brokers
can use the invention interfaces of CDMI to assemble a custom suite of services. That custom "cloud
suite" would be a federation of many distinct cloud storage service providers, bestowed as one cloud
storage service by the broker to the subscriber [9].
4. ATTACKS ON THE CLOUD
The attacker aim in the cloud is to drop the useful information of genuine users or consumes the
available resources of cloud. Each attacker has different in network. The following are some examples
of attacks in cloud
4.1 DDoS (Distributed Denial of Service)
Assault DDoS attacks are often divided into three types: traffic attacks, denial of service attacks, and
distributed denial of service attacks. There are two sorts of attacks: bandwidth attacks and application
attacks. A distributed denial of service (DDoS) attack is a type of DoS attack that targets many
machines. Database servers, web servers, cloud computing servers, and other network connected
systems are now under attack from network-based attackers. To counter a DDoS assault, a large number
of internet devices must be used in tandem to overload a target online service with fictional data flow.
4.2 SQL Injection Attack
A code injection attack is one in which malicious code is introduced into a computer by introducing
harmful code strings into instructions. SQL injection is an example of code injection attack. The goal
of this vulnerability is to steal information from the user's computer. It is possible to modify the nature
of a standard SQL query by injecting malicious code into it. As a result, hackers are able to acquire
access to a database, which they can then use to perform their own malicious SQL query.
5. ENCRYPTION / DECRYPTION SERVICE
This module describes with respect to writing and technical writing confidential preliminary data key.
Key technical writing is required while the information and data are stored together required secret
writing while information retrieval. Once it has been the user's login with success verified, and if the
CRM service system wants to consumer information from the user, it sends you need to share data (for
writing and secret encryption) to the storage service system.
5.1 Encryption
Throughout this (data) storage service, and CRM service system transmits the user's identity storage
system service wherever it looks for user data and compelled the original data, once found, and the
participation of the need to send to / decryption service system in the side of the user's identity. It shows
the death storage of consumer data transmission service system and penalty along on the user's
encryption / decryption service system identity. Here, the user gets sent to the original data encryption,
and keeps in storage service according to the user's request. You cannot break through that data from
one side of the unauthorized and this is a lot of confidential and encrypted.
5.2 Decryption
Throughout this (data retrieval service), if the user demand CRM service to retrieve information unit
area on the contract in the storage service, and customer relationship management sends the user's
identity and together research data to the encryption / decryption service system. It approves or not the
unity of the user's identity and the search data in hand by the user are identical. If documented, and data
encryption of the storage service system to send / decryption technology service system, the key to
writing. Throughout the system, it checks for the key to the secret of writing, if it is OK, and thus
decrypt the encrypted data and compilation of the raw data that was retrieved and sent to the user.
6. SECURITY ANALYSIS
In this part, examine safety depth and robustness is the method with the aid of using us.
6.1 Data Confidentiality: In this potential approach, DO encrypt the facts and save CS. Although
facts encrypted best with the aid of using the symmetric key that DO can best see the facts. CS now no
longer information approximately facts. TPA requests for encrypted facts to CS to test integrity. After
that CS sends encrypted facts to TPA. To covered facts from an outside attacker then CS has once more
encrypted the encrypted facts to the general public key. Because the important thing length may be very
accelerated then now no longer have an effect on the outside assault. In this potential approach, No
information approximately the entire key. They recognise best approximately what they're authorized.
Hence, the collision assault of CS and DO’ s isn't always possible [10].
6.2 Data integrity: The potential approach takes SHA-512 and compute the metadata (message
digest) of facts. DO encrypt facts and metadata (message digest) of facts. DO ship metadata (message
digest) to TPA, encrypt facts sends to CS, TPA save the metadata (message digest) and request
encrypted facts to CS. CS ship the encrypted facts to TPA. Then TPA computes the metadata (message
digest) to simply accept encrypted facts. Data integrity is assured the facts is accurate to compute the
metadata [10].
6.3 Data Access Control: The potential approach takes facts get right of entry to listing and facts
index listing. The Data get right of entry to-listing critical incorporates the DID and BA. This listing
best CS is appearing operation and facts index listing incorporates DID. Only DO has the proper to
carry out any operation. This listing TPA isn't always get right of entry to facts. CS can save the
encrypted facts for the sturdy facts get right of entry to listing. CS can ahead encrypted facts to TPA
what's of their get right of entry to rights [10].
Reference:
[1] "Wikipedia dump service",2013,[online]
Available: http://dumps.wikimedia.org/simplewiki/20130608/.
[2] G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, and D. X. Song,
“Provable data possession at untrusted stores,” in ACM Conference on Computer and Communications
Security, 2007, pp. 598–609.
[3] A. Juels and B. S. Kaliski, “PORs: Proofs of retrievability for large files,” in ACM Conference on
Computer and Communications Security, 2007, pp. 584–597.
[4] H. Shacham and B. Waters, “Compact proofs of retrievability,” Journal of Cryptology, vol. 26, no.
3, pp. 442–483, 2013.
[5] R. Ahlswede, N. Cai, S. R. Li, and R. W. Yeung, “Network information flow,” IEEE Transactions
on Information Theory, vol. 46, no. 4, pp. 1204–1216, 2000.
[6] S. R. Li, R. W. Yeung, and N. Cai, “Linear network coding,” IEEE Transactions on Information
Theory, vol. 49, no. 2, pp. 371–381, 2003.
[7] A. G. Dimakis, B. Godfrey, Y. Wu, M. J. Wainwright, and K. Ramchandran, “Network coding for
distributed storage systems,” IEEE Transactions on Information Theory, vol. 56, no. 9, pp. 4539–4551,
2010.
[8] E.Gorelik, “Cloud Computing Models”, Massachusetts Institute of Technology Cambridge,
MA,2013. Available: http://web.mit.edu/smadnick/www/wp/2013-01.pdf.
[9] http://www.infostor.com/index/articles/display/0442659564/articles/infostor/backupand_recovery/cloud-storage/2010/march-2010/sniadevelops_standards.html
[10]. SK Saroj, G Noida,SK Chauhan, AK Sharma “Threshold cryptography based data security in
cloud computing”.S Vats-2015.