Anda di halaman 1dari 5

International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 9 Sep 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page3355



Dynamic Auditing for Outsourced Data to Ensure
Data Integrity in Clouds
Yellepiddi Vijayalakshmi
1
, Prof. G. Charles Babu
2

1
pursuing M.Tech(CSE), Holy Mary Institute of Technology and Science (HITS), Hyderabad, Affiliated to JNTU-Hyderabad.
2
working as a Head of Department for CSE at Holy Mary Institute of Technology and Science (HITS), Hyderabad, Affiliated
to JNTU-Hyderabad.
Abstract:-In many ways cloud Computing were gaining
popularity from several years. Cloud computing is a type of
computing that relies on sharing resources in compare to based
on local servers or personal devices to handle applications. In
present implementation of cloud computing, it rapidly increasing
in IT industry and in other organization also. It is a collection of
much number of dedicated distributed databases. Cloud
computing have the number of benefits over single place and
unfortunately that data has been lost then there is no recovery of
data. If a data is store only at single place and unfortunately that
data has been lost then there is no recovery of data. Cloud
computing having one more benefit such that we can store more
than one copy of data, in this manner if a data is going to be loss
at one place that can be retrieved from other place. The problem
of service unavailability has been solved by using cloud
computing, which was a major concern in single cloud. In cloud
computing auditing service for user also becoming a major issue.
When a client is interacting with the cloud it having no physical
association with cloud for a long time, in this case security issue
took a major threat for cloud computing. For this we propose a
novel technique that is Auditing service which ensure the
integrity and availability of outsourced data in cloud computing.
Here we are going to propose Provable Data Possession (PDP)
which using cryptography technique for data possession in cloud
computing. Here we will also show that cost for auditing data by
using PDP is less than the previous one. This technique will be
best for untrusted server for realizing the security threat which
affects the integrity of data into cloud. Using Provable data
procession technique, we will show auditing service in this paper.
Our algorithm also uses some cryptographic techniques.

Keyword:-Cloud Computing, Security, Integrity, Availability.




I-INTRODUCTION

Cloud computing become a big invention of internet in
todays world. Cloud computing having one use that a user
can access his service any where any time. The flexibility of
storing and retrieving data becoming so fast. In traditionally
approach of storing data , user string his data at single place
which is not accessible fromall where ,and once if that data is
loss fromthat place its impossible to take that back. This
issue known as service unavailability. Solution of this come as
a cloud computing. A cloud is pool of number of distributed
database which are linked together in a distributed
environment. There is cloud owner or cloud manager which
having control over all databases, these databases known as
cloud. Cloud computing provide a huge benefit to user. Cloud
computing provides facilities for user to develop and manage
their own applications on the cloud, this enhance the concept
of virtualization of resources. Through virtualization resources
are managed by themselves. The implementation of cloud
computer increased widely in organization. Cloud computing
has started to obtain mass appeal in corporate data centers as it
enables the data center to operate like the Internet through the
process of enabling computing resources to be accessed and
shared as virtual resources in a secure and scalable manner.
For a small and mediumsize business , the benefits of cloud
computing is currently driving adoption. In the small ,medium
sector there is often a lack of time and financial resources to
purchase, deploy and maintain an infrastructure. In cloud
computing, small businesses can access these resources and
expand or shrink services as business needs change. The
common pay-as-you-go subscription model is designed to let
SMBs easily add or remove services and you typically will
only pay for what you do use


Fig 1-cloud computing

International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 9 Sep 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page3356

In cloud computing cloud service is provided by the Cloud
Service provider. Cloud having number of cloud which having
communication with each other .CSP make control over them.
When a end user have to use the cloud service, he interact
with the CSP and place his request to CSP . CSP will decide
the place and cost for using service over cloud towards user.
After approval of it end user can store his data over cloud. But
in this situation there may be a chance of attacking on cloud.
There can be some malware inside the data which can harm
the cloud and also used it for misuse that data . Hence
security also becomes a major concern for that. For this
situation solution some technique has been come already
which checks the data before storing on cloud these services
known as the auditing services. Previously the auditing
technique was depend on Proof of retrivibility(POR) and
probable data procession(PDP).This technique is based on a
probable proof technique that will ensure here that the end
user data will remain in use without downloading from cloud
computing. This technique is also known as verification
without download. For making it easy to use some POR and
POP technique is working on public verification way. By
using this anyone can use this verification technique publicly
for auditing of storage data. Hence we can say that this
technique provide us an effective and efficient approach for
accommodating the requirements from public audit. This
POR/POP approach give us flexibility for evolving around on
untrusted cloud and can check huge amount of data.

The already existing approach do not have complete proof
about deception and forgery of untrusted cloud. The
possibility of data leakage at verification point also comes
across in several experiments. These drawbacks greatly effect
the impact of auditing services over cloud. Hence a new
technique is required for enabling the security on public
verification protocol in cloud auditing service.
Here in proposed system we also focus on how to improve
the performance of auditing services.


II-SYSTEM ARCHITECTURE

In this section we are showing system architecture for
Auditing service in cloud computing. In cloud computing
environment ultimately end user have to store the data in
cloud. For this cloud service provider having control over it.
Here we are going to explain the system architecture for
Auditing service. The following figure will show the basic
architecture of auditing service.

In cloud computing normally in cloud computing user of
cloud give their data to cloud manager and also give the
information that in how many cloud data should have to store.
Cloud manager having communication with numerous of
clouds , he store the information given by user to some of
those clouds and also give the accessibility control to user.
Whenever user want to retrieve his data he can retrieve from
any of those cloud which increases the potential and
availability of data. The information or data which are store
inside clouds can contain sensitive information. The cloud
provider all the time not trusted, they can be untrusted which
make a security threat to user data.





Fig 2-Auditing Architecture

In this paper we are presenting a technique by using which we
can assure sensitivity of data will not lose.
The auditing service architecture consist of component that
component divided into mainly four component. First we are
going to discuss the functionality and responsibility of those
components.

1-Cloud Service Provider (CSP)
2-Data Owner
3-Granted Application.
4-Third Party Auditor (TPA)

A. Cloud Service Provider (CSP):-The second component of
our architecture is cloud service provider. It is very well
known that cloud computing is a collection of number of
distributed database, these database is known as the cloud. In
a Cloud computing environment some database are
communicating and sharing each other resources, the
controlling of all cloud having with one entity that entity is
known as Cloud Service Provider. It also act as a bridge
between Data owner and clouds. An end User or Data owner
place his requests for storing his data into clouds with
CSP.The responsibility of CSP is that he must have to take
data fromuser and also have to take information that in how
many clouds he want to store his information after getting
those information, CSP pass those data to that many number
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 9 Sep 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page3357

of cloud. After storing data CSP provide authenticity to
Granted user and they only can retrieve data from cloud. So
CSP is major component in our cloud computing architecture
and for making authenticity and security he is responsible one.

B.Data Owner:-Data owner is an end user who wants to store
his data on the cloud. The simple functionality of any business
application is that it consists of huge amount of data which
can be related with the admin and also the user of the
business. This data contain important and secret data also. The
data should have to store for future reference. The previous
technique was storing the data into a business dedicated
database server. The issue with previous one was that if that
server will stop working whole of the data will lose and
making setup for this also economical not less otherwise it is
so costly. Cloud computing become a huge solution for this
problem. In cloud computing number of distributed database
are connected together and having single control over them.
The cost for storing data of end user is comparatively too less
than the previous existing system. Availability and efficiency
of data storing and retrieving is also very high in cloud
computing. So we can say that cloud computing is an best
place to store the data for Data owner.


C.Grant Application:- The last and fourth component of our
architecture is Grant Application. The Grant Application is
one who having authentication fromData owner and from
CSP for communicating with the data on cloud. In most of the
case GA are end user of the Business whose owner is end user
of Cloud.

D.Third party Auditor (TPA):-Third component of our
architecture is Third party Auditor. In cloud computing
environment huge amount of data is stored on cloud , the
security of data also become an vital issue frompast some
year. One of the security threats is that an end user can send
malware with his data to the clouds which can effect
performance and integrity of other data. For this issue only we
proposed efficient audit service functionality for security of
data. In our architecture we made a component TPA which
having communication between data owner and cloud service
provider both. TPA is a third party who having relation with
data owner and CSP. TPA also verify entity from both ,
means both of themhaving agreement and TPA can audit the
data of user. In architecture when data owner sending his data
to clouds, first of all that data is going to verify by the Third
party auditor for that purpose TPA using some technique.
After that data is get verify in all parameter of TPA, then only
it can reach to the CSP and CSP can save it into
corresponding clouds. The benefit of implementing this
component in cloud environment is that no one can make
security threat fromuser end with the incoming data towards
cloud.


There is some other also in our architecture like Audit-
without-downloading which going to allow Third party
auditor to verify the authenticity of cloud data on demand
without getting a duplicate copy of complete data or making
extra functionality on-line burden to the cloud users. One
other issue like verification-correctness which is used to prove
that there is no cheating with user. CSP that can pass the audit
fromThird party auditor without indeed storing users data
intact. privacy-preserving: to ensure that there exists no way
for TPA to derive users data fromthe information collected
during the auditing process and High-performance which
allow third party auditor to performauditing with minimum
overheads in storage, communication and computation, and to
support statistical audit sampling and optimized audit
schedule with a long\ enough period of time.

III- IMPLEMENTATION OF AUDIT SERVICE

In this section we will discuss system implementation of
interactive audit scheme, in which we using interactive PDP
technique to support our auditing architecture on cloud. The
basic fundamental construction model for this systemis based
on interactive proof system. This basis having surety about
confidentiality about secret data and also having the
undeceivability of invalid tag, which is also known as Zero-
knowledge property and Soundness property.

Definition of Interactive Audit Service

A cryptographic interactive audit scheme S is a collection of
collection of two algorithmand an interactive proof system.
S = (K,I,P):

A.KeyGen(1
s
):-Key generation is first algorithmin which it
going to take one security parameter (s) ,and after processing
it going to return a public secret key pair which is (pK,sK).

B.TagGen(sK,F):- This one is second algorithm will use in
auditing service system. In this algorithmit going to take the
secret key (sk) and a file F, and it going to return triple values
set (y,,o) where y denotes the secret used to generate
verification tags, denotes the set of public verification
parameter u and index information and o denoted the set of
verification tags.

C.Proof(CSP,TPA):- This is an interactive proof system. It is
a public two party proof protocol of irretrievability between
Cloud service provider who working as a proverb and Third
party authority who working as a verifier. Here Cloud service
provider takes as input a file F and a set of tags o ,and a
public key pK and s set of parameters are the common input
between prover and verifier. At the ending of the protocol run,
Third party auditor that is verifier return {0|1} where 1 means
the file is correct stored on the server.

This model is more efficient model compare to previous
existing model for outsourced data. There is no limitation of
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 9 Sep 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page3358

steps of verification, including scale, sequence and the
number of moves in protocol because of verification process
is based on interactive protocol. So it has been proved that it
have greater convenience for the construction of protocol.


Fig 3-Framework for interactive audit scheme


IV-PERFORMANCE EVALUATION

The proposed audit service scheme achieves the deduction
phenomenon of cloud service provider servers misbehavior in
term of allowing malware towards the cloud in a random
experiment sample mode in order to minimize the workload
on server.
The detection probability is:

p = 1[n
c
n
t = 1 (1Pb)t.

Hence the number of queried block is:

t log(1 p) / log(1Pb)



Fig 4- ratio of queried block


V-CONCLUSION

In this paper we proposed an interactive audit protocol for
implementing the audit service which have one basic
component as Third party auditor, in compare to previous
standard interactive proof system. In this proposed paper we
discussed the construction of an efficient audit service which
will work on the data integrity aspect in cloud. In this TPA
which known as third party auditor going to work as an agent
for Data Owner and for CSP. Here TPA issued a periodic
verification to monitor the change of outsourced data by
providing an optimized schedule. In this manner we hope that
the proposed audit service will work with efficiently and
effectively for the data integrity on the clouds in cloud
computing environment.


REFFERENCES

Dodis, Y., Vadhan, S.P., Wichs, D., 2009. Proofs of
retrievability via hardness amplification. In: Reingold, O.
(Ed.), Theory of Cryptography, 6th Theory of Cryptography
Conference,.

Barreto, P.S.L.M., Galbraith, S.D., OEigeartaigh, C., Scott,
M., 2007. Efficient pairing computation on supersingular
abelian varieties. Des. Codes Cryptography.

Beuchat, J.-L., Brisebarre, N., Detrey, J., Okamoto, E., 2007.
Arithmetic operators for pairing-based cryptography. In:
Cryptographic Hardware and Embedded Systems


Boneh, D., Franklin, M., 2001. Identity-based encryption from
the weil pairing. In: Advances in Cryptology
(CRYPTO2001).
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 9 Sep 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page3359


Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner,
L., Peterson, Z.N.J., Song.

Bowers, K.D., Juels, A., Oprea, A., 2009. Hail: a high-
availability and integrity layer for cloud storage. In: ACM
Conference on Computer and Communications Security.

D.X., 2007. Provable data possession at untrusted stores. In:
Proceedings of the 2007 ACM Conference on Computer and
Communications Security, CCS 2007.

Boneh, D., Boyen, X., Shacham, H.,2004. Short group
signatures. In: In Proceedings of CRYPTO 04, LNCS Series.
Springer-Verlag.

Cramer, R., Damgrd, I., Mackenzie, P.D., 2000. Efficient
zero-knowledge proofs of knowledge without intractability
assumptions. In: Public Key Cryptography.

AUTHORS PROFILE


Yellepeddi Vijayalakshmi,
Pursuing M.Tech(CSE) from
Holy Mary Institute of
Technology and Science,
Keesara, Hyderabad,
Affiliated to JNTU-
Hyderabad.



Prof. G. Charles Babu, is
working as Head of
Department of CSE at Holy
Mary Institute of
Technology and Science,
Keesara, Hyderabad,
Affiliated to JNTU-
Hyderabad.

Anda mungkin juga menyukai