security in data storage and transmission in cloud...
TRANSCRIPT
© 2016, IJARCSSE All Rights Reserved Page | 190
Volume 6, Issue 3, March 2016 ISSN: 2277 128X
International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com
Security in Data Storage and Transmission in Cloud Computing Tejaswini Malokar
1, Karishma Chakole
2, Prof. Pratibha Ghode
3
1, 2 VIII sem B.E. CE,
3 Assistant Professor,
1, 2, 3 Suryodaya College of Engineering & Technology, Nagpur, Maharashtra, India
Abstract: Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud
applications without the burden of local hardware and software management. Though the benefits are clear, such a
service is also relinquishing users’ physical possession of their outsourced data, which inevitably poses new security
risks towards the correctness of the data in cloud. In order to address this new problem and further achieve a secure
and dependable cloud storage service, we propose in this paper a flexible distributed storage integrity auditing
mechanism, utilizing the homomorphic token and distributed erasure-coded data. The proposed design allows users to
audit the cloud storage with very lightweight communication and computation cost. The auditing result not only
ensures strong cloud storage correctness guarantee, but also simultaneously achieves fast data error localization, i.e.,
the identification of misbehaving server. Considering the cloud data are dynamic in nature, the proposed design
further supports secure and efficient dynamic operations on outsourced data, including block modification, deletion,
and append. Analysis shows the proposed scheme is highly efficient and resilient against Byzantine failure, malicious
data modification attack, and even server colluding attacks.
Keywords: Attribute Based Encryption (ABE), Third Party Auditor (TPA)
I. INTRODUCTION
Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud applications
without the burden of local hardware and software management. Though the benefits are clear, such a service is also
relinquishing users‟ physical possession of their outsourced data, which inevitably poses new security risks toward the
correctness of the data in cloud.
In order to address this new problem and further achieve a secure and dependable cloud storage service, we propose
in this project a flexible distributed storage integrity auditing mechanism, utilizing the homomorphic token and
distributed erasure-coded data.
The proposed design allows users to audit the cloud storage with very lightweight communication and computation
cost. The auditing result not only ensures strong cloud storage correctness guarantee, but also simultaneously achieves
fast data error localization, i.e., the identification of misbehaving server.
Considering the cloud data are dynamic in nature, the proposed design further supports secure and efficient dynamic
operations on outsourced data, including block modification, deletion, and append. Analysis shows the proposed scheme
is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding
attacks.
II. RELATED WORK
“Towards Secure and Dependable Storage Services in Cloud Computing” states that Cloud Computing has emerged
as one of the most influential paradigms in the IT industry for last few years. In such computing the data confidentiality,
flexibility and access control are the main parameters to be considered in the research area. The proposed system
investigate the problem of data security in cloud data storage.To achieve the availability and quality of cloud data storage
service for users, the proposed system designs an distributed scheme with explicit dynamic data support, that includes
block update, delete, and append. It also rely on erasure-correcting code in the file distribution preparation to provide
redundancy parity vectors and guarantee the data dependability. The homomorphic token with distributed verification of
erasure coded data, which achieves the integration of storage. The system ensures the security and dependability for
cloud data storage under the aforementioned adversary model. Analysis shows that this scheme is highly efficient and
resilient against byzantine failure, severals data modification attack and colliding attacks.
“Enhancing Security for Storage Services in Cloud Computing” states that Storage Services in cloud computing
allows users to store away for the high quality cloud applications on-demand to enjoy without the hassle of managing
their own hardware and software their data. While the benefits of these services are more, there are new security threats
in the direction of the accuracy of the data in the cloud due to the physical possession of their outsourced data. To
address this new problem and improved security and reliable cloud storage service to realize, we propose a distributed
storage integrity auditing mechanism, by utilizing the homomorphic token and distributed erasure-coded data in this
article. The proposed design allows users to monitor the cloud storage with very lightweight communication and
computation costs. This provides strong cloud storage accuracy, and also allows for faster fault location data, that is to
Malokar et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(3),
March - 2016, pp. 190-197
© 2016, IJARCSSE All Rights Reserved Page | 191
say, the identification of misbehaving server. The proposed design supports continued safe and efficient dynamic
activities, including block modification, deletion and append. The proposed system is very effective against server
colluding attacks and data modification attacks.
III. PROBLEM DEFINITION
From the perspective of data security, which has always been an important aspect of quality of service, Cloud
Computing inevitably poses new challenging security threats for number of reasons.
1. Firstly, traditional cryptographic primitives for the purpose of data security protection cannot be directly adopted due
to the users‟ loss control of data under Cloud Computing. Therefore, verification of correct data storage in the cloud must
be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the
cloud and the demand of long term continuous assurance of their data safety, the problem of verifying correctness of data
storage in the cloud becomes even more challenging.
2. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently
updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage
correctness under dynamic data update is hence of paramount importance.
These techniques, while can be useful to ensure the storage correctness without having users possessing data, cannot
address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of
them do not consider dynamic data operations. As an complementary approach, researchers have also proposed
distributed protocols for ensuring storage correctness across multiple servers or peers. Again, none of these distributed
schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically
limited.
IV. PROJECT OBJECTIVES
We focus on cloud data storage security, which has always been an important aspect of quality of service.
To ensure the correctness of users‟ data in the cloud, we propose an effective and flexible distributed scheme with two
salient features, opposing to its predecessors.
By utilizing the Attribute Based Encryption(ABE) Algorithm, we encrypt the Users‟ Private Data into Byte Code.
By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the
integration of storage correctness insurance and data error localization.
V. PROPOSED WORK
In this project, we propose an effective and flexible distributed scheme with explicit dynamic data support to ensure
the correctness of users‟ data in the cloud. We rely on erasure correcting code in the file distribution preparation to
provide redundancies and guarantee the data dependability.
This construction drastically reduces the communication and storage overhead as compared to the traditional
replication-based file distribution techniques. By utilizing the homom orphic token with distributed verification of
erasure-coded data, our scheme achieves the storage correctness insurance as well as data error localization: whenever
data corruption has been detected during the storage correctness verification, our scheme can almost guarantee the
simultaneous localization of data errors, i.e., the identification of the misbehaving server(s).
Compared to many of its predecessors, which only provide binary results about the storage state across the
distributed servers, the challenge-response protocol in our work further provides the localization of data error.
Unlike most prior works for ensuring remote data integrity, the new scheme supports secure and efficient dynamic
operations on data blocks, including: update, delete and append. Extensive security and performance analysis shows that
the proposed scheme is highly efficient and resilien against Byzantine failure, malicious data modification attack, and
even server colluding attacks.
i) System Architecture
Fig. System Architecture
ii) Algorithm
*Attribute Based Encryption(ABE)
Step 1:- Key : y 2 {0,1}n (Boolean variables)
Step 2:- CT : x = (M, Á )
Malokar et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(3),
March - 2016, pp. 190-197
© 2016, IJARCSSE All Rights Reserved Page | 192
Step 3:- f( x =(M, Á ), y) = M , Á if Á(y) = true
Á if Á(y) = false
“ciphertext policy”
Step 4:- Key : y = Á
Step 5:- CT: x = (M, X 2 {0, 1}n )
“key policy”
Step 6:- f( x=(M,X ), y) = M , Á if Á(X) = true
X if Á(X) = false
iii) Modules Description
In this application there are following modules which is used for user interface.
1) Cloud User
2) Third Party Auditor (TPA)
3) Admin
4) Emergency
HOME PAGE:-
When you go through our modules first you will see our Home Page as given in the Snapshot.
1) Cloud User:-
Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual
consumers and organizations.
User Login Page:-
This is the User Login Page.
User Registration Page:-
When user not Registered themselves then they must go through signup process, By using following Registration form.
Malokar et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(3),
March - 2016, pp. 190-197
© 2016, IJARCSSE All Rights Reserved Page | 193
After User Login
After Login Process, user can Entry their records i.e. uploading their data on the Cloud Server.
They also Maintain their Records.
They can Search and Download their Data by using the Symmetric key.
Uploading Process:-
When user uploads their data on the cloud server the data will be automatically converted into the Byte Code by using
ABE Algorithm.
2) Third Party Auditor (TPA):-
An optional TPA, who has expertise and capabilities that users may not have, is trusted to assess and expose risk of
cloud storage services on behalf of the users upon request.
Malokar et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(3),
March - 2016, pp. 190-197
© 2016, IJARCSSE All Rights Reserved Page | 194
In case the user does not have the time, feasibility or resources to perform the storage correctness, verification, he
can optionally delegate this task to an independent third party auditor, making the cloud storage publicly verifiable.
TPA Login Page:-
This is the TPA Login Page.
TPA Registration Page:-
This is the TPA Registration Page as same as the User Registration Page.
After TPA Login:-
After Login Process the TPA can see all the User who was Registered and their Records also.
TPA can also block the user when anyone misuse of the user‟s Private Data.
Malokar et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(3),
March - 2016, pp. 190-197
© 2016, IJARCSSE All Rights Reserved Page | 195
After clicking the Search Records TPA can search users‟ record as given in screenshot.
3) Admin:-
Admin is a broad job category that designates an individual who provides the various kinds of administrative
supports to people.
Admin Login Page
This is the Admin Login Page.
After Admin Login:-
After Login Process the Admin can see all the User and TPA who was Registered and their Records also.
Admin gives the Symmetric key to the Emergency clients who forget their key.
Malokar et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(3),
March - 2016, pp. 190-197
© 2016, IJARCSSE All Rights Reserved Page | 196
After clicking the Cloud Record, Record Owner Details Admin can see all the user and TPA Record Details.
4) Emergency:-
This module is used for the Emergency Clients.
When any User forget or miss their key they can click on Emergency option.
After clicking Emergency the user have to fill some fields like email id, name and secrete word.
Malokar et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(3),
March - 2016, pp. 190-197
© 2016, IJARCSSE All Rights Reserved Page | 197
VI. CONCLUSION
Cloud Computing is an area full of challenges and of paramount importance. System uses encryption/ decryption
keys of user„s data and stores it on remote server. It reliefs the client from maintaining any kind of key information and
allowing the client for using any browser enabled device to access the cloud services. Cryptographic techniques are used
to provide secure communication between the client and the cloud.
REFERENCES
[1] Cong Wang; Qian Wang; Kui Ren; Ning Cao;Wenjing Lou; , "Toward Secure and Dependable
Storage Services in Cloud Computing," Services Computing, IEEE Transactions on , vol.5, no.2,
pp.220-232, April-June 2012
[2] Towards Secure and dependable storage service in cloud computing by cong wang , Qian wang,
Kui Ren , Ning Cao, Winjing Lou,2011
[3] “Ensuring Data Storage security in cloud computing” by C Wang , Q Wang
[4] “Auditing to keep online storage service honest “ by M.A. Shah , R Swaminathan.
[5] Ateniese.G, Burns.R, Curtmola.R, Herring.J, Kissner.L, Peterson.Z, and Song.D, “Provable Data Possession at
UntrustedStores,” Proc. 14th ACM Conf. Computer and Comm. Security (CCS‟07), pp. 598-609, Oct. 2007.
[6] Bowers.K.D, Juels.A, and Oprea.A, “HAIL: A High-Availability and Integrity Layer for Cloud Storage,” Proc.
ACM Conf. Computer and Comm. Security (CCS ‟09), pp. 187-198, 2009.
[7] Erway.C, Kupcu.A, Papamanthou.C, and Tamassia.R, “Dynamic Provable Data Possession,” Proc. 16th ACM.
[8] Hendricks.J, Ganger.G, and Reiter.M, “Verifying Distributed Erasure-Coded Data,” Proc. 26th ACM Symp.
Principles of Distributed Computing, pp. 139-146, 2007.
[9] uels.A and Kaliski.B.S Jr., “PORs: Proofs of Retrievability for Large Files,” Proc. 14th ACM Conf. Computer
and Comm. Security (CCS ‟07), pp. 584-597, Oct. 2007.
[10] Plank.J.S and Ding.Y, “Note: Correction to the 1997 Tutorial on Reed-Solomon Coding,” Technical Report CS-
03-504, Univ. of Tennessee, Apr. 2003.
[11] Schwarz.T and Miller.E.L, “Store, Forget, and Check: Using Algebraic Signatures to Check Remotely
Administered Storage,” Proc. IEEE Int‟l Conf. Distributed Computing Systems (ICDCS ‟06), pp. 12-12, 2006.
[12] Wang.Q, Wang.C, Li.J, Ren.K, and Lou.W, “Enabling Public Verifiability and Data Dynamics for Storage
Security in Cloud Computing,” Proc. 14th European Conf. Research in Computer Security (ESORICS ‟09), pp.
355-370, 2009.WANG ET AL.: TOWARD SECURE AND DEPENDABLE STORAGE SERVICES IN
CLOUD COMPUTING 231
[13] Wang.C, Wang.Q, Ren.K, and Lou.W, “Privacy-Preserving Public Auditing for Storage Security in Cloud
Computing,” Proc. IEEE INFOCOM, Mar. 2010.
[14] Wang.C, Ren.K, Lou.W, and Li.J, “Towards Publicly Auditable Secure Cloud Data Storage Services,” IEEE
Network Magazine, vol. 24, no. 4, pp. 19-24, July/Aug. 2010.