International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013

Enable open Veriability and Data Dynamics for Storage protection in Cloud Computing
1

G.RajaMohan, 2K.VenkataRaju, 3G.chaitanya

M.Tech student at Department of Computer Science Engineering, K.L.University,India 2 Associate professor at Department of Computer Science Engineering, K.L.University,India 3 M.Tech student at Department of Computer Science Engineering, KL University, India

Abstract: Cloud Computing has been envision as the next-generation structural design of IT Enterprise. It moves the purpose software and databases to the centralized large data centers, where the organization of the data and services may not be fully reliable. This unique paradigm brings about many new protection challenges, which have not been well implicit. This work studies the problem of ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the dynamic data store in the cloud. The beginning of TPA eliminates the association of client through the auditing of whether his information stored in the cloud is indeed intact, which can be significant in achieving economies of scale for Cloud Computing. The support for data dynamics via the most universal forms of data operation, such as block modication, addition and removal, is also a signicant step toward expediency, since services in Cloud Computing are not incomplete to archive or backup data only. While prior works on ensuring remote data reliability often lacks the support of either public veriability or dynamic data functions, this paper achieves both. We rst identify the diculties and potential protection problems of direct extension with fully dynamic data updates from prior works and then show how to construct an elegant verication method for seamless integration of these two salient features in our protocol design. In particular, to achieve ecient data dynamics, we get better the Proof

of Retrievability model by manipulating the model Merkle Hash Tree (MHT) construction for block tag authentication. Wide spread security and performance analysis show that the proposed scheme is highly ecient and provably protected. Keywords: Data storage, data integrity privacypreserving, public auditability, cryptographic protocols, cloud computing. 1. Introduction A number of trends are opening up the era of Cloud Computing, which is an Internet- base growth and use of computer technology. The ever cheaper and extra powerful processors, together with the software as a service (SaaS) computing architecture, are transforming data centers into pools of compute service on a huge scale. denote while, the increasing network bandwidth and dependable yet flexible network relations make it even potential that clients can now subscribe high quality services from data and software that be located in solely on remote data centers. Though envisioned as a talented service platform for the Internet, this new data storage paradigm in Cloud brings about many difficult design issues which have deep influence on the security and performance of the overall scheme. One of the main concerns with cloud data storage space is that of data integrity verification at Untrusted servers. For example, Page 823

ISSN: 2231-2803 http://www.ijcttjournal.org

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013 the storage space service provider, which experience Byzantine failures infrequently, may make a decision to hide the data errors from the clients for the advantage of their own. What is more serious is that for saving cash and storage space the service source might ignore to keep or deliberately delete infrequently accessed data files which belong to an normal client. Consider the big size of the outsourced electronic data and the clients controlled resource capability, the core of the problem can be widespread as how can the client find an efficient way to achieve periodical integrity verifications without the limited copy of data files. In order to solve this problem, many schemes are proposed under dissimilar systems and safety models. In all these works, great efforts are made to design solutions that meet various requirements: high scheme efficiency, stateless verification, boundless use of queries and Retrievability of data, etc. Allowing for the role of the verifier in the representation, all the model presented before fall into two categories: private verifiability and public verifiability. Although schemes with private verifiability can realize higher scheme efficiency, public verifiability allows anyone, not just the client (data owner), to challenge the cloud server for correctness of data storage while keeping no private information. Then, clients are able to delegate the evaluation of the service performance to an independent third party auditor (TPA), without devotion of their computation resources. In the cloud, the clients themselves are unreliable or cannot afford the overhead of performing frequent integrity checks. Thus, for practical use, it seems more rational to equip the verification protocol with public verifiability, which is expected to play a more important role in achieving economies of scale for Cloud Computing. That is, the outsourced data themselves should not be required by the verifier for the verification purpose. In the context of public verification, the importance of blocklessness goes even additional because a TPA should not be allowable to possess the original data files for the noticeable security anxiety.

Cloud data storage architecture 2. Design Goals Our plan goals can be summarized as the following: (1) Public verification for storage accuracy guarantee: to allow everyone, not just the clients who initially stored the file on cloud servers, to have the ability to verify the rightness of the stored data on demand; (2) Dynamic data functions support: to permit the clients to execute block-level functions on the data files while maintaining the same level of data correctness assurance. The design should be as well-organized as possible so as to guarantee the seamless integration of public verifiability and dynamic data functions support; (3) Block less authentication: no challenged file blocks are supposed to be retrieved by the verifier (e.g., TPA) during verification process for both effectiveness and protection concerns. (4) Stateless authentication: to eliminate the need for state in sequence maintenance at the verifier side connecting audits all through the long term of data storage space.

ISSN: 2231-2803 http://www.ijcttjournal.org

Page 824

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013 3. The Proposed Scheme Merkle Hash Tree. A Merkle Hash Tree (MHT) is a well-studied authentication structure , which is intended to capably and securely confirm that a set of elements are intact and unchanged. It is constructed as a binary tree where the leaves in the MHT are the hashes of authentic data principles. While MHT is frequently used to authenticate the principles of data blocks, however, in this paper we further employ MHT to authenticate both the values and the positions of data blocks. We treat the leaf nodes as the left-to-right sequence, any leaf node can be exceptionally determined by following this sequence and the way of compute the root in MHT. 4. classification (pk, sk) KeyGen(1k). This probabilistic algorithm is sprint by the client. It takes as input security constraint 1k, and income public key pk and private key sk. (, sigsk(H(R))) SigGen(sk, F). This algorithm is sprint by the client. It takes as input private key sk and a file F which is an controlled collection of blocks {mi}, and outputs the signature set , which is an planned collection of signatures { i} on {mi}. It also outputs metadata-the signature sigsk(H(R)) of the root R of a Merkle hash tree. In our building, the leaf nodes of the Merkle hash tree are hashes of H(mi). (P) GenProof(F, , chal). This algorithm is sprint by the server. It takes as input a file F, its signatures , and a challenge chal. It outputs a data reliability proof P for the blocks individual by chal. {TRUE, FALSE} V erifyProof(pk, chal, P). This algorithm can be sprint by moreover the client or the third party auditor ahead receiving of the proof P. It takes as input the public key pk, the challenge chal, and the proof P return from the server, and outputs TRUE if the reliability of the file is verified as accurate or FALSE or else. (F, , Pupdate) ExecUpdate(F, , update). This algorithm is sprint by the server. It takes as input a file F, its signatures , and a data functions call for update from client. It outputs an efficient file F, updated signatures and a proof Pup date for the functions. {(TRUE, sigsk(H(R))), FALSE} V verify Update (pk, update, Pup date). This algorithm is sprint by the client. It takes as input public key pk, the signature sigsk(H(R)), an operation request update, and the proof Pup date from server. If the verification success, it outputs a signature sigsk(H(R)) for the original root R, or FALSE or else. 5. Dynamic Data function with Integrity guarantee: At the moment we show how our scheme can openly and efficiently handle fully dynamic data functions including data alteration (M), data addition (I) and data removal (D) for cloud data storage. Note that in the following descriptions for the protocol design of dynamic function, we assume that the file F and the signature have previously been generated and correctly stored at server. The origin metadata R has been signed by the client and stored at the cloud server, so that everyone who has the clients public key can challenge the accuracy of data storage. 1.Data addition: Compared to data modification, which does not change the logic structure of clients data file, another general form of data operation, data insertion, refers to inserting new blocks after some specified positions in the data file F. 2. Data removal: Data removal is just the opposite function of the data addition. For single block removal, it refers to deleting the specified block and moving all the latter blocks one block onward. 3. Data alteration: We start from data alteration, which is one of the most normally used functions in cloud data storage. A basic data alteration operation refers to the replacement of particular blocks with new ones.

ISSN: 2231-2803 http://www.ijcttjournal.org

Page 825

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013 Now we show how to build upon the existing work and adapt our main scheme to support data dynamics, including block level functions of modification, deletion and insertion. , In data dynamics support In , data dynamics support is achieved by replacing the index information i with mi in the computation of block authenticators and using the classic data structure Merkle hash tree (MHT) [22] for the underlying block sequence enforcement. As a result, the authenticator for each block is changed to _i = (H(mi) umi)x. We can adopt this technique in our design to achieve privacypreserving public risk auditing with support of data dynamics. Specifically, in the Setup phase, the user has togenerate and send the tree root TRMHT to TPA as additional metadata, where the leaf nodes of MHT are values of H(mi). In the Audit phase, besides {, _,R}, the servers response should also include {H(mi)}iI and their corresponding auxiliary authentication information aux in the MHT. Upon receiving the response, TPA should first use TRMHT and aux to authenticate {H(mi)}iI computed by the server. Once {H(mi)}iI are authenticated, TPA can then perform the auditing on {, _,R, {H(mi)}iI} 7. Conclusion To ensure cloud data storage protection, it is critical to enable a third party auditor (TPA) to evaluate the service quality from an objective and independent perception. Public verifiability also allows clients to delegate the integrity verification tasks to TPA while they themselves can be unreliable or not be able to commit necessary computation resources performing continuous verifications. Another major concern is how to construct verification protocols that can accommodate dynamic data files. Our building is deliberately designed to meet these two significant goals while efficiency being kept closely in mind. We extended the PoR model by using an elegant Merkle hash tree construction to achieve fully dynamic data operation. Experiments show that our construction is Page 826

Fig: MHT update under block modification function. Here, ni and n i are used to denote H(mi) and H(m i), correspondingly.

Fig: MHT update under block insertion operation. Here, ni and n are used to denote H(mi) and H(m ), correspondingly.

Fig: MHT update under block deletion operation. 6. Support for Data Dynamics In Cloud Computing, outsourced data might not only be accessed but also updated frequently by users for various application purposes .Hence, supporting data dynamics for privacy preserving public auditing is also of paramount importance.

ISSN: 2231-2803 http://www.ijcttjournal.org

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013 efficient in supporting data dynamics with demonstrable verification. References [1] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, Enabling public verifiability and data dynamics for storage security in cloud computing, Cryptology ePrint Archive, Report 2009/281, 2009. [2] C.Wang, Q.Wang, K. Ren, andW. Lou, Ensuring data storage s ecurity in cloud computing, in Proc. of IWQoS09, July 2009, pp. 19. [3]. C. Wang, Q. Wang, K. Ren, and W. Lou, Privacy-preserving public auditing for storage security in cloud computing, in Proc. of IEEE INFOCOM10, San Diego, CA, USA, March 2010 [4]. A. Juels and B. S. Kaliski, Jr., Pors: proofs of retrievability for large files, in Proc. of CCS07. New York, NY, USA: ACM, 2007, pp. 584597. [5]. C. Wang, K. Ren, and W. Lou, Towards secure cloud data storage, Proc. Of IEEE GLOBECOM09, submitted on March 2009.

ISSN: 2231-2803 http://www.ijcttjournal.org

Page 827