International Journal of Computer Engineering and Technology ENGINEERING (IJCET), ISSN 0976INTERNATIONAL JOURNAL OF COMPUTER 6367(Print), ISSN 0976

6375(Online) Volume 4, Issue 2, March April (2013), IAEME & TECHNOLOGY (IJCET)

ISSN 0976 6367(Print) ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), pp. 454-458 IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2013): 6.1302 (Calculated by GISI) www.jifactor.com

IJCET
IAEME

DATA INTEGRITY PROOF TECHNIQUES IN CLOUD STORAGE

Ms.RohiniG.Khalkar1 and Prof. Dr. S.H.Patil2
M. Tech. Computer Student, Bharati Vidyapeeth Deemed University College of Engineering, Pune 2 HOD, Computer Engineering Department, Bharati Vidyapeeth Deemed University College of Engineering, Pune
1

ABSTRACT Cloud Computing has been unreal as the next generation architecture of IT Enterprise. Clients release their work of storing and maintaining the data regionally by storing it over the cloud. As cloud provides several advantages, it conjointly brings sure challenges. Though clients cannot physically access the information from the cloud server directly, without clients information, cloud supplier will modify or delete information which are not used by client from a long a time or occupies large space. Hence, there is a requirement of checking the information periodically for correction purpose which is called information integrity. This paper contains survey on the different techniques of information integrity. The basic schemes for information integrity in cloud are Proof of Retrievability (PoR) and Provable information Possession (PDP). These two schemes are most active space of analysis in the cloud information integrity field. The objective of this survey is to supply new researchers a guideline, and to perceive the analysis work carried out in previous few years. Keywords: Data integrity, Proof of Retrievability, Provable information Possession I: INTRODUCTION Cloud computing aims to provide reliable, customized and guaranteed computing dynamic environment to the end users. Virtualized resources in the cloud can be dynamically reconfigured to regulate a variable load (scale). It also allows for an optimum resource utilization. End users can access the services available in the internet without knowing location and management of these resources. Cloud storage moves the clients data to large data centers, which are remotely located, on which user does not have any control. In this paper we will discuss privacy concerns of cloud environment. This paper mainly focuses on the survey of the various privacy techniques.
454

International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), IAEME

II. DATA INTEGRITY PROVING SCHEMES 2.1 Provable Data Possession (PDP) Definition: A PDP scheme checks that a file, which consists of a collection of n blocks is retained by a remote cloud server . The data owner processes the information file to generate some metadata to store it locally. The file is then sent to the server, and the owner delete the native copy of the file. The owner verifies the possession of file in using challenge response protocol. This technique is used by clients to check the integrity of the data and to periodically check their data that is stored on the cloud server. So this technique ensure server security to the client. PDP scheme supports dynamic expansion. Ateniese et al. [8] are the first to consider public auditability in their defined provable data possession model for ensuring possession of files on untrusted storages. In their scheme, they utilize Homomorphic Verifiable Tags for auditing outsourced data, to achieve public auditability. However, Ateniese et al. do not consider the case of dynamic data storage, and the direct expansion of their scheme from static data storage to dynamic case may suffer design and security .In their subsequent work [9], Ateniese et al. proposed a dynamic version of the prior PDP scheme problems. The system does not support fully dynamic data operations. In [4], Wang et al. consider the proposed challenge-response protocol can both determine the data correctness and locate possible errors. Erway et al. [5] were the first to explore constructions for dynamic provable data possession. They extend the PDP model in [8] to support provable updates to stored data files using rank-based authenticated skip lists. This scheme is essentially a complete dynamic version of the PDP solution. They remove the index information in the tag computation in Atenieses PDP model [8] to support update for block insertion, and employ authenticated skip list data structure to authenticate the tag information of challenged or updated blocks first before the verification procedure. Feifei Liu[7] were proposed an improved dynamic model that reduce the computational and communication complexity to constant by using Skip-List, Block, Tag and Hash method. PDP provides following techniques to perform integrity check on the data. 2.2 Methods used in the PDP Schemes. 2.2.1 Proof of Retrievability (PoR) Definition: In PoR Scheme a cloud server proves to a data owner that a target file is unbroken, in the sense that the client can retrieve the complete file from the server with high probability. Hence, PoR guarantees not only correct data possession but it also assures retrievability upon some data corruptions. To address concerns of corruption PoR scheme also includes error-correcting codes. It supports only a limited number of queries as a challenge since it deals with a finite number of check blocks (sentinels). Juels and Kaliski [1] describe a proof of retrievability model in which spot-checking and error correcting codes are used to ensure both possession and retrievability of data files on archive service systems. For detection purpose some special blocks called sentinels are randomly embedded into the data file F, and to protect the positions of these special blocks file F is encrypted. Shacham and Waters [10] design an improved PoR scheme with full proofs of security in the security model defined in [1]. They use
455

International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), IAEME

publicly verifiable homomorphic authenticators built from BLS signatures [6], based on which the proofs can be aggregated into a small authenticator value. Table 1. Shows comparison of different Methods used in the PoR Scheme Techniques Used Symmetric key Cryptography, Error Coding BLS signatures, Pseudorandom Functions (PRFs) Generate, Encrypt and Append Metadata Fragment structure, Random Sampling and index-hash table Bi-Linear Map,Merkle Hash Tree 2.2.2 Public Auditability No Yes Static/Dynamic Operation Static Static Unbounded Queries No -

No Yes Yes

Static Dynamic Dynamic

No Yes

Naive Method Comparison of data is the main idea behind this method. In NAIVE method client will compute the hash value for the file F and having key K (i.e. h(K,F)) and later it will send the file F to the server. Clients are having different assortment of keys and hash values so it will perform multiple check on the file F. Whenever client desires to check the file it release key K and sends it to the server, which is then asked to recomputed the hash value, supported F and K. Then server provides reply back to the client with hash value for comparison. This method gives the strong proof that server is having the original file F. However this method has high overhead as each time hashing process is run over the entire file. It requires high computation cost. 2.2.3 Original Provable Data Possession In this method, the data is pre-processed before sending it to the cloud server. Here the data is filled with some tag value to verify at the client side. Complete data is sent over to the server and at the client side meta-data is stored. This meta-data is used for the verification as per user need. To check the integrity user will sends the challenge to the server at that time server will respond with the data. Then the client will compare the reply data with the local meta-data. In this way client will check that the data is modified or not. Original PDP has low computation and storage overhead. It supports both encrypted data and plain data. It provides public verifiability. It is efficient because small portion of the file needs to be accessed to generate proof on the server. This technique is only applicable to the static files. Homomorphic hashing technique is employed to compose multiple block inputs into a single value to reduce the size of proof. 2.2.4 Scalable PDP Scalable PDP is an extended version of the original PDP. Original PDP uses public key to reduce computation overhead whereas Scalable PDP uses the symmetric encryption. Scalable PDP provides dynamic operation on remote data. Bulk encryption is not required by scalable PDP. It uses the symmetric-Key which is more efficient than public-Key encryption.
456

International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), IAEME

2.2.5. Dynamic PDP Dynamic PDP supports full dynamic operations like insert, update, modify, delete etc. In this technique the dynamic operation permits the authenticated insert and delete functions with rank-based authenticated directories and with a skip list. Though DPDP has some procedure quality it is still economical. For example, to generate the proof for 1GB file, DPDP only produces 415KB proof data and 30ms procedure overhead. It provides comparatively greater computational, communication, and storage overhead. 2.3 Other Auditing Methods 2.3.1 Message Authentication Code (MAC) Method The outsourced data file F consists of a finite ordered set of blocks m1; m2; . . . mn. One simple way to ensure the data integrity is to pre-compute MACs for the complete file. Before data outsourcing, the data owner pre-computes MACs of F with a set of secret keys and stores them locally. During the auditing process each time , the data owner reveals a secret key to the cloud server and asks for a fresh keyed MAC to verify it. This method provides deterministic data integrity assurance because the verification covers all the data blocks. However, the number of verifications can be performed in this solution is limited by the number of secret keys. Once the keys are exhausted, the data owner has to retrieve the entire file of F from the server in order to estimate new MACs, which is usually impractical due to the large communication overhead. Private keys are required for verification so public audit ability is not supported. 2.3.2 Signature Method The data owner pre-computes the signature of each block and sends both F and the signatures to the cloud server for storage. Data owner can adopt a spot-checking approach to verify correctness of F. i.e., requesting a number of randomly selected blocks and their corresponding signatures to be returned. Note that above methods can only support the static data and also a large communication overhead that greatly affects system efficiency.

Table 2. shows comparison of different methods used for data integrity

Method Used RSA assumption Bloom Filter HLAs and RSA signature Encryption Algorithm Public Auditability Yes Yes Yes Static/Dynamic Operation Static Dynamic Dynamic Unbounded Queries -

457

International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), IAEME

III. CONCLUSION In this paper we observed that data integrity is emerging area in cloud computing for security purpose. Researcher proposed efficient new techniques based on the PDP and PoR schemes. PDP scheme easily support dynamic operation but it doesnt include error correcting code. so significant amount of overhead in the PoR scheme comes from the error-correcting codes which are not present in the PDP scheme. Therefore we can say that designing efficient, secure and fully dynamic remote data integrity is still open area of research. REFERENCES [1]A. Juels and B.S. Kaliski Jr., Pors: Proofs of Retrievability for Large Files, Proc. 14th ACM Conf. Computer and Comm. Security (CCS 07), pp. 584-597, 2007 [2]Bo Chen and Reza Curtmola. Robust Dynamic Provable Data Possession, 1545-0678/12 $26.00 2012 IEEE. [3]B. Priyadharshini and P. Parvathi, Data Integrity in Cloud Storage, ISBN: 978-81909042-2-3 2012 IEEE [4]C. Wang, Q. Wang, K. Ren and W. Lou, Ensuring Data Storage Security in Cloud Computing, Proc. 17th Intl Workshop Quality of Service (IWQoS 09), 2009. [5]C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia,Dynamic Provable Data Possession, Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), 2009. [6]D. Boneh, B. Lynn, and H. Shacham, Short Signatures from the Weil Pairing, Proc. Seventh Intl Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT 01), pp. 514-532, 2001. [7]Feifei Liu, Dawu Gu, Haining Lu, An Improved Dynamic Provable Data Possession Model, 978-1-61284-204-2/11/$26.00 2011 IEEE [8]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, Provable Data Possession at Untrusted Stores, Proc. 14th ACM Conf. Computer and Comm. Security (CCS 07), pp. 598-609, 2007. [9] G. Ateniese, R.D. Pietro, L.V. Mancini, and G. Tsudik, Scalable and Efficient Provable Data Possession, Proc. Fourth Intl Conf. Security and Privacy in Comm. Networks (SecureComm 08), pp. 1-10. [10] H. Shacham and B. Waters, Compact Proofs of Retrievability, Proc. 14th Intl Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT 08), pp. 90-107, 2008. [11] R Suchithra and Dr.N.Rajkumar, Virtual Machine Placement in a Virtualized Cloud, International journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 3, 2012, pp. 435 - 445, ISSN Print: 0976 6367, ISSN Online: 0976 6375. [12] Gurudatt Kulkarni, Jayant Gambhir and Amruta Dongare, Security in Cloud Computing, International journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 1, 2012, pp. 258 - 265, ISSN Print: 0976 6367, ISSN Online: 0976 6375. [13] V.Ramesh and P.Dhanalakshmi, Perceiving and Recovering Degraded Data on Secure Cloud, International journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 2, 2013, pp. 229 - 236, ISSN Print: 0976 6367, ISSN Online: 0976 6375.

458