International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013

Privacy preserving public auditing system for data storage security in Cloud Computing G.RajaMohan1, K.VenkataRaju2
1

M.Tech student at Department of Computer Science Engineering, K.L.University,India 2 Associate professor at Department of Computer Science Engineering, K.L.University,India

ABSTRACT-: The cloud computing is the fastest upward idea in IT activity. In That IT environment have realized that the cloud computing is going to be the newest topic in the field of IT. Cloud Computing reduces cost by allocation computing and storage resources, complex with an on demand provisioning mechanism relying on a pay per use business model.TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user. Specifically, our contribution in this work can be summarized as the following aspects: Stimulate the public auditing system of data storage security in Cloud Computing and provide a privacypreserving auditing protocol, i.e., our proposal supports an external auditor to audit users outsourced data in the cloud without learning information on the data content. In Our scheme is the first to support scalable and capable public auditing in the Cloud Computing. In exacting, our scheme achieves batch auditing where several delegated auditing tasks from different users can be performed concurrently by the TPA. Keywords - : Data storage, privacy-preserving, public audit ability, cryptographic protocol, cloud computing.

I.

INTRODUCTION

Cloud Computing has been envisioned as the next-generation information technology (IT) structural design for enterprises, due to its long list of unparalleled advantages in the IT history: ondemand self-service, everywhere network access, location independent reserve pooling, rapid resource flexibility, usage-based pricing and transference of risk. As a disruptive technology with profound implications, Cloud Computing is transforming the very nature of how businesses use information technology. In existing system, the clients store the data in server that server is trustworthy and after the third party auditor can audit the client files. So, the third party auditor can stolen the files. The main Disadvantage of the Existing system can support both features with the help of a third party auditor. Consider a cloud storage system in which there are a client and an untrusted server. The user stores their data in the server without keeping a local copy. Hence, it is of critical importance that the client should be able to verify the integrity of the data stored in the remote untrusted server. If the servers modify any part of the clients data, the user should be able to detect it; furthermore, any third party verifier should also be able to detect it. In case a third party verifier verifies the integrity of the clients data, the data should be kept private against the third party verifier. Advantages of the proposed
Page 828

ISSN: 2231-2803

http://www.ijcttjournal.org

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013

scheme have the following main contributions: Remote data integrity checking protocol for cloud storage. The proposed system inherits the support of data dynamics, and supports public verifiability and privacy against third-party verifiers, while at the same time it doesnt need to use a third-party auditor. Security analysis of the proposed system, which shows that it is secure against the untrusted server and private against third party verifiers.

outsourced data after the audit. To authorize the CS to respond to the audit delegated to TPAs, the user can sign a certificate granting audit rights to the TPAs public key, and all audits from the TPA are authenticated against such a certificate. These authentication handshakes are omitted in the following presentation.

SYSTEM ARCHITECTURE

II. THE SYSTEM AND HAZARD MODEL

We consider a cloud data storage service connecting three different network entities, the cloud user (U), who has bulky amount of data files to be stored in the cloud; the cloud server (CS), which is managed by the cloud service provider (CSP) to provide data storage service and has significant storage space and computation resources (we will not differentiate CS and CSP hereafter); the third party auditor (TPA), who has knowledge and capabilities that cloud users do not have and is trusted to assess the cloud storage service dependability on behalf of the user upon call. Users rely on the CS for cloud data storage and Protection. They may also dynamically interact with the CS to access and update their stored data for various application purposes. To save the computation resource as well as the online burden, cloud users may resort to TPA for ensuring the storage integrity of their outsourced data, while hoping to keep their data private from TPA. Namely, in most of time it behaves correctly and does not move away from the prescribed protocol execution. However, for their own benefits the CS might ignore to keep or purposely delete rarely accessed data files which belong to normal cloud users. Moreover, the CS may decide to hide the data corruptions caused by server hacks or Byzantine failures to continue reputation. We assume the TPA, who is in the production of auditing, is reliable and independent, and thus has no incentive to collude with either the CS or the users during the auditing process. However, it harms the user if the TPA could learn the

III. DESIGN GOALS

To enable privacy-preserving public auditing for cloud data storage under the aforementioned model, our protocol design should achieve the following security and performance guarantees. A. Public Audit ability: to permit TPA to validate the correctness of the cloud data on demand without retrieving a copy of the whole data or introducing additional online burden to the cloud users. B. Storage accuracy: to ensure that there exists no cheating cloud server that can pass the TPAs audit without indeed storing users data intact. C. Privacy-preserving: to guarantee that the TPA cannot derive users data content from the information collected during the auditing process.

ISSN: 2231-2803

http://www.ijcttjournal.org

Page 829

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013

D. Group auditing: to enable TPA with secure and efficient auditing capability to cope with multiple auditing delegations from possibly large number of different users simultaneously. E. Lightweight: to permit TPA to do auditing with minimum communication and computation overhead.

[1, n]. For each element i I, the TPA also chooses a random value _i (of bit length that can be shorter than |p|, as explained in [13]). The message chal specifies the positions of the blocks that are required to be checked. The TPA sends chal = {(i, _i)}i I to the server. B. Setup segment: fundamentally, the users just perform Setup independently. Suppose there are K users in the system, and each user k has a data file Fk = (mk,1, . . . ,mk,n) to be outsourced to the cloud server, where k {1, . . . ,K}. For simplicity, we assume each file Fk has the same amount of n blocks. For a exacting user k, denote his/her secret key as (ik, sskk), and the corresponding public parameter as (spkk, vk, g, uk, e(uk, vk)) where vk = gIK. Similar to the single user case, each user k has already arbitrarily chosen a different (with overwhelming probability) name namek Zp for his/her file Fk, andhas correctly generated the consequent file tag tk = namek||SSigsskk (namek). Then, each user k runs SigGen and computes k,i for block mk,i: k,i (H(namek||i) umk,I, k )ik = (H(Wk,i) umk,I k )ik G1 (i {1, . . . , n}), where Wk,i = namek||i. Finally, each user k sends file Fk, set of authenticators k, and tag tk to the server and deletes them from local storage.

IV. The privacy-preserving auditing protocol

public

1. Retrieve file tag t, verify its signature, and quit if fail; 2. Generate a random challenge chal = {(i,vi)}i I; 3. Compute = i I VImi, and also

i I

I VI,

4. Randomly pick r Zp, and compute R = e(u, v)r and = h(R); 5. Compute = r + mod p ; 6. Compute = h(R), and then verify {,,R}

4. VI. Running a public auditing system consists A. Audit segment: The TPA first retrieve the file of two Phases, Setup and Audit: tag t. With respect to the mechanism we explain in the Setup phase, the TPA verifies the mark 6 SSigssk(name) via spk, and quits by emit FALSE if the verification fails. or else, the TPA recovers name. Now it comes to the core part of the auditing process. To produce the challenge message for the audit chal, the TPA picks a random c-element subset I = {s1, . . . , sc} of set A. Setup: The client initializes the public and secret parameters of the system by executing KeyGen, and pre-processes the data file F by with SigGen to generate the verification metadata. The user then store the data file F and the verification metadata at the cloud server, and deletes its local copy. As part of pre-processing, the user may alter the data file F by expanding it or as well as additional metadata to be stored at server.
Page 830

ISSN: 2231-2803

http://www.ijcttjournal.org

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013

B. Audit: The TPA issues an audit communication or challenge to the cloud server to make sure that the cloud server has retained the data file F correctly at the time of the audit. The cloud server will derive a reply message from a function of the stored data file F and its verification metadata by executing GenProof. The TPA then verifies the reply via Verify Proof.

that stands for the untrusted server. Client doesnt request any secret key from third party.

C. METADATA KEY CREATION

Let the verifier V requirements to the store the file F. Let this file F consist of n file blocks. Initially pre-process the file and create metadata to be append to the file. Let each of the n data blocks have m bits in them. A typical data file F which the client requirements to store in the cloud. Each of the Meta data from the data blocks mi is encrypted by using a RSA algorithm to give a new adapted Meta data Mi. Without loss of generalization Show this procedure. The encryption method can be unprepared to provide still stronger security for Clients data. All the Meta data bit blocks that are generated using the method are to be concatenated together. This concatenated Meta data should be append to the file F before storing it at the cloud server. The file F along with the append Meta data with the cloud.

VI. MODULE DESCRIPTION

There are four modules in 1. Data Dynamics i. Block addition ii. Block adaption iii. Block removal 2. public verifiability 3. Metadata creation 4. Privacy beside Third Party Verifiers

A. DATA DYNAMICS
Data dynamics resources after clients store their data at the isolated server, they can dynamically update their data at later times. At the block level, the main functions are block addition, block adaption and block removal. Block addition: The Server can everything o+n the clients file. Block removal: The Server can anything on the clients file. 3. 2. 1.

RSA ALGORITHM
RSA involves a public key and a private key. The public key can be known to everybody and is used for encrypting communication. Messages encrypted with the public key can only be decrypted by the private key. The keys for the RSA algorithm are generated the following way: 1. Choose two distinct prime numbers p and q. For safety purposes, the integers p and q should be chosen at random, and should be of similar bit-length. 2. Compute n = pq. n is used as the modulus for equally the public and private keys 3. Compute (n) = (p1)(q1), where is Euler's totient function.

insert

remove

Block adaption: The Server can be change anything on the clients file.

B. PUBLIC VERIFIABILITY
Each and every time the secret key sent to the clients email and can perform the integrity checking function. In this definition, it has two entities: a challenger that stands for either the client or any third party verified, and an adversary

ISSN: 2231-2803

http://www.ijcttjournal.org

Page 831

International Journal of Computer Trends and Technology (IJCTT) - volume4Issue4 April 2013

4. Choose an integer e such that 1 < e < (n) and greatest common divisor of (e, (n)) = 1; i.e., e and (n) are co prime. e is free as the public key exponent. 5. Determine d as: d= e-1 (mod(n)) i.e., d is the multiplicative inverse of e mod (n). 1) Encryption Encryption is the procedure of converting plain text into cipher text. C=Me.(mod n) 2) Decryption Decryption is the procedure of converting cipher text into plain text M=Cd (mod n) D. PRIVACY AGAINST THIRD PARTY VERIFIER Under the semi-honest model, a third party verifier cannot get any information about the clients data m from the system completing. Hence, the system is private adjacent to third party verifiers. If the server modifies any part of the clients data, the client must be able to detect it; furthermore, any third Party verifier must also be able to detect it. In case a third party verifier verifies the reliability of the clients data, the data must be kept private against the third party verifier.

supports public verifiability. The proposed system is proved to be secure against an untrusted server. Future development the client file has been modified to clients does not show what alteration is done in client file by server, if the user needs to know the modification only way to download the matching file. In future will show what modification is done in the client file by server to the client.

REFERENCES
[1] C.Wang, Q.Wang, K. Ren, and W. Lou, Ensuring data storage security in cloud computing, in Proc. of IWQoS09, July 2009,pp. 19. [2]C. Wang, Q. Wang, K. Ren, and W. Lou, Privacy-preserving public auditing for storage security in cloud computing, in Proc. of IEEE INFOCOM10, San Diego, CA, USA, March 2010. [3] Q. Wang, C. Wang, J. Li, K.Ren, and W. Lou, Enabling public veriability and data dynamics for storage security in cloud computing, in Proc. of ESORICS09, volume 5789 of LNCS. Springer Verlag, Sep. 2009, pp. 355370. [4]. M. A. Shah, R. Swaminathan, and M. Baker, Privacy preserving audit and extraction of digital contents, Cryptology ePrint Archive, Report 2008/186, 2008. [5].Q. Wang, C. Wang, J. Li, K.Ren, and W. Lou, Enabling public verifiability and data dynamics for storage security in cloud computing, in Proc. Of ESORICS09, volume 5789 of LNCS SpringerVerlag, Sep. 2009, pp. 355370.

VII. CONCLUSION
We propose a privacy-preserving public auditing system for data storage security in Cloud Computing. The proposed organization is suitable for providing integrity protection of customers significant data. And also supports data addition, alteration and removal at the block stage, and also

ISSN: 2231-2803

http://www.ijcttjournal.org

Page 832