Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Abstract - Technofist

advertisement 
Automatic Protocol Blocker for Privacy-Preserving
Public Auditing in Cloud Computing
Abstract:
Cloud Computing is the long dreamed vision of computing as a utility, where users can remotely
store their data into the cloud so as to enjoy the on-demand high quality applications and services
from a shared pool of configurable computing resources. By data outsourcing, users can be
relieved from the burden of local data storage and maintenance. However, the fact that users no
longer have physical possession of the possibly large size of outsourced data makes the data
integrity protection in Cloud Computing a very challenging and potentially formidable task,
especially for users with constrained computing resources and capabilities. Thus, enabling public
auditability for cloud data storage security is of critical importance so that users can resort to an
external audit party to check the integrity of
out sourced data when needed. To securely
introduce an effective Third Party Auditor (TPA), the following two fundamental requirements
have to be met: 1) TPA should be able to efficiently audit the cloud data storage without
demanding the local copy of data, and introduce no additional on-line burden to the cloud user;
2) The Third Party Auditing process should bring in no new vulnerabilities towards user data
privacy.
In this paper we are extending the previous system byusing automatic blocker for privacy
preserving public auditing for data storage security in cloud computing. we utilize the public key
based homomorphic authenticator and uniquely integrate it with random mask technique and
automatic blocker. to achieve a privacy-preserving public auditing system for cloud data storage
security while keeping all above requirements in mind. Extensive security and performance
analysis shows the proposed schemes are provably secure and highly efficient.
Introduction:
Cloud Computing has been envisioned as the next-generation architecture of IT enterprise, due to
its long list of unprecedented advantages in the IT history: on-demand self-service, ubiquitous
network access, location independent resource pooling, rapid resource elasticity, usage-based
pric-ing and transference of risk While these advantages of using clouds are unarguable, due to
the opaqueness of the Cloud—as separate administrative entities, the internal operation details of
Cloud Service Providers (CSP) may not be known by cloud users—data outsourcing is also
relinquishing user’s ultimate control over the fate of their data. As a result, the correctness of the
data in the cloud is being put at risk due to the following reasons. First of all, although the
infrastructures under the cloud are much more powerful and reliable than personal computing
devices, they are still facing the broad range of both internal and external threats for data
integrity Examples of outages and security breaches of noteworthy cloud services appear from
time to time. Secondly, for the benefits of their own, there do exist various motivations for cloud
service providers to behave unfaithfully towards the cloud users regarding the status of their
outsourced data. Examples include cloud service providers, for monetary reasons, reclaiming
storage by discarding data that has not been or is rarely accessed or even hiding data loss
incidents so as to maintain a reputation. In short, although outsourcing data into the cloud is
economically attractive for the cost and complexity of long-term large-scale data storage, it does
not offer any guarantee on data integrity and availability.
Thus, it does not completely solve the problem of protecting data privacy but just reduces it to
the one of managing the encryption keys. Unauthorized data leakage still remains a problem due
to the potential exposure of encryption keys. Therefore, how to enable a privacy-preserving
third-party auditing protocol, independent to data encryption, is the problem we are going to
tackle in this paper. Our work is among the first few ones to support privacy preserving public
auditing in Cloud Computing, with a focus on data storage. To address these problems, our work
utilizes the technique of public key based homomorphic authenticator which enables TPA to
perform the auditing without demanding the local copy of data and thus drastically reduces
the communication and computation overhead as compared to the straightforward data auditing
approaches. By integrating the homomorphic authenticator with random mask technique, our
protocol guarantees that TPA could not learn any knowledge about the data content stored in the
cloud server during the efficient auditing process. The aggregation and algebraic properties of
the authenticator further benefit our design for the batch auditing. Specifically, our contribution
in this work can be summarized as the following three aspects: [a]. Here by following the aspects
and we are using automatic blocker to the cloud environment, which particularly blocks the
auditing protocols from unauthorized access from the external user for privacy preserving for
data.
Literature Survey:
1.Enabling Public Verifiability and Data Dynamics for Storage Security in
Cloud Computing
Cloud Computing has been envisioned as the next-generation architecture of IT Enterprise. It
moves the application software and databases to the centralized large data centers, where the
management of the data and services may not be fully trustworthy. This unique paradigm brings
about many new security challenges, which have not been well un- derstood. This work studies
the problem of ensuring the integrity of data storage in Cloud Computing. In particular, we
consider the task of allow- ing a third party auditor (TPA), on behalf of the cloud client, to verify
the integrity of the dynamic data stored in the cloud. The introduc- tion of TPA eliminates the
involvement of client through the auditing of whether his data stored in the cloud is indeed
intact, which can be impor- tant in achieving economies of scale for Cloud Computing. The
support for data dynamics via the most general forms of data operation, such as block
modification, insertion and deletion, is also a significant step to- ward practicality, since services
in Cloud Computing are not limited to archive or backup data only. While prior works on
ensuring remote data integrity often lacks the support of either public verifiability or dynamic
data operations, this paper achieves both.We first identify the difficulties and potential security
problems of direct extensions with fully dynamic data updates from prior works and then show
how to construct an el- egant verification scheme for seamless integration of these two salient
features in our protocol design. In particular, to achieve efficient data dynamics, we improve the
Proof of Retrievability model [1] by manip- ulating the classic Merkle Hash Tree (MHT)
construction for block tag authentication. Extensive security and performance analysis show that
the proposed scheme is highly efficient and provably secure.
2.ENABLING PUBLIC VERIFIABILITY AND DATA DYNAMICS FOR
STORAGE SECURITY IN CLOUD COMPUTING
Remote data integrity checking is a crucialtechnology in cloud computing. Recently many
worksfocus on providing data dynamics and publicverifiability to this type of protocols.
Existingprotocols can support both features with the help of athird party auditor. In a previous
work, Seb´e et al.’spropose a remote data integrity checking protocol that supports data
dynamics. In this paper, adaptingthe Seb´e et al.’s protocol to support public verifiability. The
proposed protocol supports publicverifiability without help of a third party auditor. In addition,
the proposed protocol does not leak anyprivate information to third party verifiers. Through a
formal analysis, the correctness and security of the protocol is being verified. After that, through
theoretical analysis and experimental results, wedemonstrate that the proposed protocol has a
good performance.
3. Privacy-Preserving Audit and Extraction of Digital Contents
A growing number of online services, such as Google, Yahoo!, and Amazon, are starting to charge users
for their storage. Customers often use these services to store valuable data such as email, family photos
and videos, and disk backups. Today, a customer must entirely trust such external services to maintain the
integrity of hosted data and return it intact. Unfortunately, no service is infallible. To make storage
services accountable for data loss, we present protocols that allow a third-party auditor to periodically
verify the data stored by a service and assist in returning the data intact to the customer. Most importantly,
our protocols are privacy-preserving, in that they never reveal the data contents to the auditor. Our
solution removes the burden of verification from the customer, alleviates both the customer’s and storage
service’s fear of data leakage, and provides a method for independent arbitration of data retention
contracts.
4. Provable Data Possession at Untrusted Stores
We introduce a model for provable data possession (PDP) that allows a client that has stored data
at an untrusted server to verify that the server possesses the original data without retrieving it.
The model generates probabilistic proofs of possession by sampling random sets of blocks from
the server, which drastically reduces I/O costs. The client maintains a constant amount of
metadata to verify the proof. The challenge/response protocol transmits a small, constant amount
of data, which minimizes network communication. Thus, the PDP model for remote data
checking supports large data sets in widely-distributed storage systems. We present two
provably-secure PDP schemes that are more efficient than previous solutions, even when
compared with schemes that achieve weaker guarantees. In particular, the overhead at the server
is low (or even constant), as op- posed to linear in the size of the data. Experiments using our
implementation verify the practicality of PDP and re- veal that the performance of PDP is
bounded by disk I/O and not by cryptographic computation.
Existing
System:
When used directly, their protocol is not provably privacy preserving, and thus may leak user
data information to the auditor. Juels et al., describe a “Proof of Retrievability” (PoR) model,
where spot-checking and error-correcting codes are used to ensure both “possession” and
“retrievability” of data files on remote archive service systems. However, the number of audit
challenges a user can perform is a fixed priori, and public auditability is not supported in their
main scheme.
Proposed System:
we present our main result for privacy-preserving public auditing to achieve the aforementioned
design goals. We also show how to extent our main scheme to support batch auditing for TPA
upon delegations from multi-users.Finally we adopt the automatic blocker at the cloud server,
whenever a unauthorized user access the users data from cloud storage, the system runs an tiny
application to monitor the user inputs, it matches to give access otherwise does not give user
access by blocking the protocols.
The System and Threat Model: We consider a cloud data storage service involving three
different entities, the cloud user (U), who has large amount of data files to be stored. in the
cloud; the Cloud Server (CS), which is managed by Cloud Service Provider (CSP) to provide
data storage service and has significant storage space and computation resources (we will not
differentiate CS and CSP hereafter.); the Third Party Auditor (TPA), who has expertise and
capabilities that cloud users do not have and is trusted to assess the cloud storage service security
on behalf of the user upon request.
Public Auditability
to allow TPA to verify the correctness of the cloud data on demand without retrieving a copy of
the whole data or introducing additional on-line burden to the cloud users.
Storage Correctness
to ensure that there exists no cheating cloud server that can pass the audit from TPA without
indeed storing users’ data intact.
Privacy-Preserving
to ensure that there exists no way for TPA to derive users’ data content from the information
collected during the auditing process.
Batch Auditing
to enable TPA with secure and efficient auditing capability to cope with multiple auditing
delegations from possibly large number of different users simul-taneously.
Lightweight
to allow TPA to perform auditing with minimum communication and computation overhead.
Fig.
Software and Hardware Requirement Specifications
SOFTWARE SPECIFICATION:
Operating System : Windows XP
Software
: JAVA ( JDK 1.6.0)
Protocol
: TCP/IP
IDE
: Eclipse
HARDWARE SPECIFICATION:
Processor
:
Pentium-IV
Speed
:
1.1GHz
RAM
:
512MB
Hard Disk
:
40GB
General
:
Keyboard, Monitor, Mouse
Related documents
Slide - People
Slide - People
Cloud Computing - Lutheran Services in America
Cloud Computing - Lutheran Services in America
Lisa Neal-Graves, Director Technology Insights, Intel
Lisa Neal-Graves, Director Technology Insights, Intel
Cisco Video Strategy - Distributed Computing Industry Association
Cisco Video Strategy - Distributed Computing Industry Association
Document
Document
Document
Document
More on the project
More on the project
Download
advertisement