INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY

VOLUME 4 ISSUE 2 – APRIL 2015 - ISSN: 2349 - 9303

Improving Efficiency of Security in Multi-Cloud
Prashanth.R
Panimalar Engineering College
prashanthrajendiran@gmail.com
1

2

Sridharan.K
Panimalar Engineering College,
sridharank.p@gmail.com

Abstract--Due to risk in service availability failure and the possibilities of malicious insiders in the single cloud, a movement towards
“Multi-clouds” has emerged recently. In general a multi-cloud security system there is a possibility for third party to access the user files.
Ensuring security in this stage has become tedious since, most of the activities are done in network. In this paper, an enhanced security
methodology has been introduced in order to make the data stored in cloud more secure. Duple authentication process introduced in this
concept defends malicious insiders and shields the private data. Various disadvantages in traditional systems like unauthorized access,
hacking have been overcome in this proposed system and a comparison made with the traditional systems in terms of performance and
computational time have shown better results.
Keywords: Cloud Computing , Cloud Security , Cloud Performance, Multi Cloud.

——————————  ——————————

1

In 2012, Zhu et al. proposed the PDP model in
distributed cloud environment from the following aspects: high
security, transparent verification, and high performance. They
proposed a verification framework for multi-cloud storage and
constructed a CPDP scheme which is claimed to be provably
secure in their security model. Their scheme took use of the
techniques: hash index hierarchy (HIH), homomorphic
verifiable response, and multiprover zero-knowledge proof
system. They claimed that their scheme satisfied the security
properties: completeness, knowledge soundness, and zeroknowledge. These properties ensure that their CPDP can
implement the security against data leakage attack and tag
forgery attack.
In this comment, we show that Zhu et al.’s CPDP scheme does
not satisfy the property of knowledge soundness. The malicious
CSPs or organizer can cheat the clients. Then, we discuss the
origin and severity of the security flaws. Our work can help
crypto-graphers and engineers design and implement more
secure.
The intention of this paper is to avoid the unauthorized access
of the cloud storage with the help of authorized person’s details.
The trusted third party can generate the token by the enhanced
technique called randomized algorithm and with the help of that
token the key distribution center (KDC) can generate the key to
the client. The key distribution center can generate the key by
the key generation algorithm called SHA algorithm. The
benefits of this paper is to avoid the data leakage attack and tag
forgery attack.

INTRODUCTION:

n recent years, cloud computing has rapidly expanded as an
alternative to conventional computing model since it can
Iprovide a flexible, dynamic, resilient, and cost-effective
infrastructure. When multiple internal and/or external cloud
services are incorporated, we can get a distributed cloud
environment, i.e., multi-cloud. The clients can access his/her
remote resource through interfaces, for example, Web browser.
Generally, cloud computing has three deployment models:
public cloud, private cloud, and hybrid cloud. Multi-cloud is the
extension of hybrid cloud. When multi-cloud is used to store the
clients’ data, the distributed cloud storage platforms are
indispensable for the clients’ data management. Of course
multi-cloud storage platform is also more vulnerable to security
attacks. For example, the malicious CSPs may modify or delete
the clients’ data since these data are outside the clients. To
ensure the remote data’ security, the CSPs must provide
security techniques for the storage service.
In 2007, Ateniese et al. proposed the PDP model and concrete
PDP schemes. It is a probabilistic proof technique for CSPs to
prove the clients’ data integrity without downloading the whole
data. After that, Ateniese et al. proposed the dynamic PDP
security model and the concrete dynamic PDP schemes. To
support data insert operation, Erway et al. proposed a fulldynamic PDP scheme based on authenticated flip table. Since
PDP is an important lightweight remote data integrity checking
model, many researchers have studied this model.

75

INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY
VOLUME 4 ISSUE 2 – APRIL 2015 - ISSN: 2349 - 9303
2.3 Methodology and Modules:
2

PROPOSED SYSTEM:
2.3.1 Multi cloud storage:

2.1 Architecture:

CSP

CSP

Distributed computing is used to refer to any large
collaboration in which many individual personal computer
owners allow some of their computer's processing time to be put
at the service of a large problem. In our system the each cloud
admin consist of data blocks .The cloud user upload the data
into multi-cloud. Cloud computing environment is constructed
based on open architectures and interfaces, it has the capability
to incorporate multiple internal and/or external cloud services
together to provide high interoperability. We call such a
distributed cloud environment as a multi-Cloud . A multi-cloud
allows clients to easily access his/her resources remotely
through interfaces.

CSP

FILE SPILTER/MERGER
PART 1

PART 2

PART 3

2.3.2 Data Integrity:
Data Integrity is very important in database operations
in particular and Data warehousing and Business intelligence in
general. Because Data Integrity ensured that data is of high
quality, correct, consistent and accessible.

HOMOMORPHIC VERIFIABLE
RESPONSE
LOGIN
LCLIENTS

2.3.3 Cooperative PDP:

TRUSTED
THIRD PARTY

Cooperative PDP (CPDP) schemes adopting zeroknowledge property and
three-layered index hierarchy,
respectively. In particular efficient method for selecting the
optimal number of sectors in each block to minimize the
computation costs of clients and storage service providers.
Cooperative PDP (CPDP) scheme without compromising data
privacy based on modern cryptographic techniques.

TOKEN

KEY

KEY
DISTRIBUTION
CENTER(KDC)

2.3.4 Third Party Auditor:

Figure 1: Architecture Diagram for authentication

Trusted Third Party (TTP) who is trusted to store
verification parameters and offer public query services for these
parameters. In our system the Trusted Third Party, view the user
data blocks and uploaded to the distributed cloud. In distributed
cloud environment each cloud has user data blocks. If any
modification tried by cloud owner an alert is send to the Trusted
Third Party.

2.2 Working Principle:
In this paper, the client can get the token from the
trusted third party by giving all his/her personnel details. So, the
trusted third party only knows the personal details of the client
and the token which she/he is generated. The client can give the
key to the token distribution center (KDC) in order to get the
key to access the cloud. The KDC only knows the token which
is given by the client and key which is generated by them with
the help of username and key the client can access the cloud in
order to store, retrieve and process the data and so on.
The token can be generated by the randomized algorithm and
the key can be generated with the help of SHA algorithm, This
implies that the client can access the cloud with high security
the data can be protected by providing various encryption
algorithms like Homomorphic Verifiable Response (HVR) and
Hash Index Hierarchy (HIH).
The files can be splitted and stored in the cloud by inserting the
index value which will be generated by the Hash Index
Hierarchy (HIH). The files can be downloaded with the help of
that index value. The index value can be used to identify the
files in order to merge and to give the original file which will be
uploaded.

2.3.5 Cloud User:
The Cloud User who have a large amount of data to be
stored in multiple clouds and have the permissions to access and
manipulate stored data. The User’s Data is converted into data
blocks .The data blocks is uploaded to the cloud. The TPA view
the data blocks and Uploaded in multi cloud. The user can
update the uploaded data. If the user wants to download their
files, the data’s in multi-cloud is integrated and downloaded.

2.3.6 Token Generation:
The token can be generated with the help of user’s
personnel details. The input will be the user’s personnel details.
The token can be used to generate the key in order to access the

76

INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY
VOLUME 4 ISSUE 2 – APRIL 2015 - ISSN: 2349 - 9303
cloud. The token will be the input to generate the key. Each
time the token will be unique even for the constant user.
String randomString(final int length) {
Random r = new Random();
StringBuilder sb = new Stringbuilder();
for(int i = 0; i < length; i++) {
char c = (char)(r.nextInt((int)
(Character.MAX_VALUE)));
sb.append(c);
}
return sb.toString();}

4 EXPERIMENTAL RESULT:

2.3.7 Key Generation:
The key can be generated in order to access the cloud
storage to download and delete the files. The key can be private
or public. The public key is also called master key, by using that
master key the private key can be generated.
Figure 3: The experiment results of the differents for a 150KBytes file (_ = 0.01 and P = 0.99).

String password = "123456";
MessageDigest md = MessageDigest
.getInstance("SHA-256");
md.update(password.getBytes());
byte byteData[] = md.digest();
StringBuffer sb = new StringBuffer();
for (int i = 0; i < byteData.length; i++){
sb.append(Integer.toString((byteData[i]&0xff)
+ 0x100, 16).substring(1));
}
return sb.toString();

we evaluated the performance of our scheme in terms
of computational overhead. For the sake of comparison, our
experiments were executed in the following scenario: a fixedsize file is used to generate the tags and prove data possession
under the different number of sectors s. For a 150K-Bytes file,
the computational overheads of the verification protocol are
shown in Figure 3(a) when the value of s is ranged from 1 to 50
and the size of sector is 20-Bytes. Moreover, there exists an
optimal value of s from 15 to 25. The computational over-heads
of the tag generation are also shown in Figure 3(b). The results
indicate that the overheads are reduced when the values of s are
increased. Hence, it is necessary to select the optimal number of
sectors in each block to minimize the computation costs of
clients and storage service providers.

3 WORK FLOW DIAGRAM:

5 CONCLUSION:
This paper shows the security of constant user’s in order
to access the cloud storage. And customers only need to deal
with that service provider, using very simple and unified service
interface, without concerning the internal processes between
heterogeneous clouds. This model can ensure high data
reliability, low compilation time and high security by using
intelligent data security strategies.
6 REFERENCES:
[1]
A. Bajpai, P. Rana, and S. Maitrey, Remote
mirroring:A disaster recovery technique
in
cloud
computing, International Journal of Advance Research in
Science and Engineering, vol. 2, no. 8, 2013.
[2]
Y. Tan, H. Jiang, D. Feng, L. Tian, and Z. Yan,
CABdedupe: A causality-based de-duplication performance
booster for cloud backup services, in Parallel & Distributed
Processing Symposium (IPDPS),2011, pp. 1266-1277.
[3]
W. Li, Y. Yang, and D. Yuan, A novel cost-effective
dynamic data replication strategy for reliability in cloud data
centers, in IEEE Ninth International Conference on
Dependable, Autonomic and Secure Computing ( DASC),2011,
pp. 496-502.

Figure 2: Architecture Flow of the System

77

INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY
VOLUME 4 ISSUE 2 – APRIL 2015 - ISSN: 2349 - 9303
[4]

J. Zhang and N. Zhang, cloud computing-based data
storage and disaster recovery, in IEEE International Conference
on Future Computer Science and Education(ICFCSE), 2011,
pp. 629-632.
[5]
T. Wood, H. A. Lagar-Cavilla, K. K. Ramakrishnan,
P. Shenoy, and J. Van der Merwe, PipeCloud: Using causality
to overcome speed-of-light delays in cloudbased disaster
recovery, in Proceedings of the 2nd ACMSymposium on Cloud
Computing, 2011, p. 17.
[6]
D. Bermbach, M. Klems, S. Tai, and M.
Menzel,Metastorage: A federated cloud storage system to
manage consistency-latency tradeoffs, in IEEE International
Conference on Cloud Computing (CLOUD), 2011, pp.452-459.
[7]
H. Wang, Q. Jing, R. Chen, B. He, Z. Qian, and L.
Zhou, Distributed systems meet economics: Pricing in the
cloud, in Proceedings of the 2nd USENIX Conference on
HotTopics in Cloud Computing, Boston, USA, 2010, p. 6.
[8]
T. Nguyen, A. Cutway, and W. Shi, Differentiated
replication strategy in data centers, in Proc. the IFIP
International Conference on Network and ParallelComputing,
Guangzhou, China, 2010, pp. 277-288.
[9]
T. Wood, E. Cecchet, K. K. Ramakrishnan, P. Shenoy,
J. Van der Merwe, and A. Venkataramani, Disaster recovery as
a cloud service: Economic benefits & deployment challenges, in
2nd USENIX Workshop on HotTopics in Cloud Computing,
Boston, USA, 2010.
[10]
C. Cachin, R. Haas, and M. Vukolic, Dependable
storage in the Intercloud, IBM Research, vol. 3783, pp. 1-6,
2010.
[11]
M. Vrable, S. Savage, and G. M. Voelker, Cumulus:
Filesystem backup to the cloud, ACM Transactions onStorage
(TOS), vol. 5, no. 4, p. 14, 2009.
[12]
A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski,
G. Lee, and I. Stoica, Above the clouds: A Berkeley view of
cloud computing, Dept. Electrical Eng. and Comput. Sciences,
University of California, Berkeley,Rep. UCB/EECS, 2009.

78

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.