An Proposed System Explanation

Published Date: 02 Nov 2017

1st author's affiliation

1st line of address

2nd line of address

1st author's email address

2nd Author

2nd author's affiliation

1st line of address

2nd line of address

2nd E-mail

3rd Author

3rd author's affiliation

1st line of address

2nd line of address

3rd E-mail

ABSTRACT

Cloud storage helps us to store data remotely without the help of the hardware locally and software management. Though it has some benefits of outsourced data, it also has some risks on correctness of data present in the cloud. To remove this problem we proposed a method called as a flexible integrity auditing mechanism in distributed storage. It uses the homomorphic token and Erasure-coded data. This method allows us to audit data of very lightweight communication and computation cost. This method not only achieves fast data error localization but also guarantees strong cloud storage. It also supports efficient dynamic operations on outsourced data, including deletion, block modification and append. This is more effective for finding the Byzantine failure, ever server colluding and Data modification attack.

Keywords

Error localization, cloud computing, data integrity, dependable storage, data dynamics

INTRODUCTION

Cloud computing includes several trends till now, which act as an internal-based development. The processors together along with the software converting the data centers into computation service. The high technologies and network bandwidth help the users to subscribe high quality data from remote[1].

Data movement provides great convenience and not focusing on direct hardware management, examples are Amazon simple storage service[2]. This service provides high access of storage space but reducing the data maintenance of the local machine. As a result, they want some integrity of data. However, the clouds are much powerful in comparing with the personal computing devices. The integrity of data still exists[3].

A Cloud service provider (CSP) discards the data which were rarely accessed to reduce the profit margin by cost. It may also hide data to maintain a reputation. Thus outsourcing of cloud is always attractive. Economically, it reduces strong data integrity.

Thus to improve the data integrity we have to provide some efficient methods of data verification and correctness. We can use the direct adoption of cryptography to data integrity. Data files should not be included in security. It’s not a third party warehouse. The data are always updated by the users beyond of accessing it. Thus we must also consider the updated data in the storage correctness. Users can store the data redundantly in many servers for providing data integrity and the correctness. This is provided by cloud deployment[3].

In this paper we propose an effective and flexible method of storage along with dynamic storage. Correcting code in distributed files guarantees the dependent of data in Byzantine servers. When a server fails this construction reduces the communication overhead when compared to traditional methods. By using the homomorphic token along with distributed verification we reduce the data error localization or misbehaving of servers. The algebraic property of token is also used for erasure-coded data. Third party auditing is used for the time and resource computation, which helps users to delegate integrity checking. Thus the users will become worry free to use the cloud services[3].

Cloud computing system relinquishing user’s physical possession of their outsourced data, which inevitably poses new security risks towards the correctness of the data in the cloud. In existing system privacy data will be stolen by network. This cause the identification of misbehaving server[4].

EXISTING SYSTEM TECHNIQUE

The existing technique is client cloud computing which is nothing but the user has been storing the data in the cloud and downloads the data from some other place. So the attackers have been changing the content of the data in the cloud[5].

EXISTING SYSTEM DRAWBACKS

Privacy data will be lost or stolen by anonymous server

The Cloud computing system easily undergoes against Byzantine failure, malicious data modification attack, and even server colluding attacks.

EXISTING CONCLUSION

In this Existing concept, we have stored the data into cloud with less security level. So the privacy data will be lost or stolen by anonymous server. The Cloud computing system easily undergoes against Byzantine failure, malicious data modification attack, and even server colluding attacks.

PROPOSED SYSTEM EXPLANATION

In proposing system an effective and flexible distributed scheme with explicit dynamic data support, including block update , delete and append. By utilizing the homomorphic token with distributed verification of erasure-coded data, our schemes achieve the integration of storage correctness insurance and data error localization, i.e., whenever data corruption has been detected during the storage correctness verification across the distributed servers.

SCOPE OF THE PROJECT

In this paper, we provide the solution of data security in cloud data storage, which is essentially a distributed storage system. To achieve the assurance of cloud data integrity and availability and enforce the quality of dependable cloud storage service for users, we propose an effective and flexible distributed scheme with explicit dynamic data support, including block update, delete and append.

Figure 1: Cloud System Framework

PROPOSED SYSTEM ALGORITHM

Trusted global identity framework providing global interoperability and enabling informed trust decisions on organizations, people and digital entities in the Future Internet. Enabling privacy protection in accordance with EU culture.

Transparency and Accountability of data use in processes, services and policies in ICT systems.

Sound risk management for enterprises and consumers (there is no 100% security).

Governance based on these principles to law enforcement and citizen/infrastructure security.

MD5 ALGORITHM FOR TOKEN GENERATION:

The MD5 algorithm is an extension of the MD4 message –digest algorithm.MD5 is slightly slower than MD4, but is more "conservative"in design.MD5 was designed because it was that MD4 was perhaps being adopted for use more quickly than justified by the existing critical review; because MD4 was designed to be exceptionally fast, it is "at the edge"in terms of risking successful cryptanalytic attack. MD5 backs off a bit, giving up a little in speed for a much greater likelihood of ultimate security. It incorporates some suggestions made by various reviewers, and contains additional optima ions.

The MD5 Message-Digest Algorithm is a widely used cryptographic hash function that produces a 128-bit (16-byte )hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check data integrity. However , it has been shown that MD5 is not collision resistant; as such, MD5 is not suitable for application like SSL certificates or digital signatures that rely on this property . An MD5 hash is typically expressed as a 32-digit hexadecimal number.

CHALLENGE TOKEN PRE-COMPUTATION:

In order To give authority of data storage rightness and data error localization at the same time , our project is fully dependents on the pre-computed verification token. The main idea is that :before the process of file distribution the user will pre-computes the correct number of short verification token on individual vector G(j) (j E {1,…., n}), each token has no specific pattern and will cover a random subset of data blocks. After that, when the user wants to check whether the data are stored in a correct manner , he will check the server with a set of randomly generated block indices. While checking, each cloud server will calculate a short ’signature’ over the specified blocks and will give to the user. The values of these signatures should match for the suited token pre-computed by the user. At the same time , as the servers operate over the same subset of the indices, the formally asked response values for integrity check must also be an actual codeword processed by the secret matrix P.

Algorithm 1 Token Pre-computation

1: procedure

2: Choose parameters l, n and function Æ’, ;

3: Choose the number t of tokens;

4: Choose the number r of indices per verification;

5: Generate master key KPRP and challenge key kchal;

6: for vector G(j), j ← 1, n do

7: for round i← 1, t do

8: Derive αi = ƒkchal (i) and from KPRP .

9: Compute

10: end for

11: end for

12: Store all the vi ’s locally.

13: end procedure

In order to ensure the correctness of the data storage in the cloud storage with the time t is impossible by the user. So that the user must ensure the pre-compute t verification tokens for every G(j) (j {1, …, n}), using a PRF f(•), a PRP a challenge key kchal and a master permutation key KPRP. Particularly to generate the ith token for server j, the consumer acts as follows:

1) A random challenge value αi of GF(2p) derived by αi = fkchal (i) and a permutation key

based on KPRP.

2) Set of random choosen indices are computed and represented as r,

{Iq ∈ [1, ..., l]|1 ≤ q ≤ r},where Iq = .

3) Calculate the value of Vi:

where =

The user expects , as the response from the server j while challenging for the specified data blocks, where , is the small size element of GF(2P).

The use can have the option to store the encrypted tokens in the cloud or they can also keep the precomputed tokens locally. In our project we store the tokens locally inorder to avoid encryption which in turn reduce the bandwidth overhead during dynamic operation.

3.3.2 PROPOSED SYSTEM ADVANTAGE

Security enhanced in cloud data storage.

Identification of the misbehaving server(s).

This scheme is highly efficient and resilient to Byzantine failure, malicious data modification attack.

3.3.3 PROPOSED SYSTEM APPLICATION

Banking

Cloud Backup

Cloud Computing Risk Assessment

Google Apps and Government

COMPARISON BETWEEN EXISTING AND PROPOSED SYSTEMS

Existing Technique

Proposed technique

Privacy data will be lost or stolen by anonymous server which inevitably poses new security risks towards the correctness of the data in the cloud.

Privacy is ensured data security which is a protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

The Cloud computing system easily undergoes against Byzantine failure, malicious data modification attack, and even server colluding attacks.

Identification of the misbehaving server. This scheme is to be Byzantine failure, malicious data modification attack using the MD5 algorithm.

Users may not retain a local copy of outsourced data, there exist various incentives for cloud service providers (CSP) to behave unfaithfully towards the cloud users regarding the status of their outsourced data.

Third party access policies require owners of natural monopoly infrastructure facilities to grant access to those facilities to parties other than their own customers, usually competitors in the provision of the relevant services, on commercial terms comparable to those that would apply in a competitive market.

Storage correctness is difficult to identify in client side. Error correction and error detection are difficult to determine in client side.

Storage correctness to ensure users that their data are indeed stored appropriate and kept intact all the time in the cloud. Fast localization of data error to effectively locate the malfunctioning server when data corruption has been detected.

One of the key issues is to effectively detect any unauthorized data modification and corruption, possibly due to server compromise and/or random Byzantine failures.

Besides, in the distributed case when such inconsistencies are successfully detected, to find which server the data error lies in is also of great significance, since it can always be the first step to fast recover the storage errors and/or identifying potential threats of external attacks.

Difficult way to store the data in cloud because the storage correctness is the Heavy weight to users handle

Lightweight to enable users to perform storage correctness check service provider which is used for third party auditing purpose using token generation algorithm.

Conclusion

In traditional model the user stores the data in one place of cloud and download it from another place. So the attacker may easily change the data. In this paper we clearly investigate the problem and overcome by utilizing homomorphic token and third party auditor. By utilizing the homomorphic token with distributed verification of erasure-coded data, our schemes achieve the integration of storage correctness insurance and data error localization. Then utilizing the distributed erasure-coded data homomorphic token, the user can access the cloud with very lightweight communication. This is also quickly locate the misbehaving servers. This is more secure and effective dynamic operations such as deletion, data modification and updating. In future, By utilizing the homomorphic token with distributed verification of erasure-coded data, our schemes achieve the integration of storage correctness insurance and data error localization.