Possession At Untrusted Stores In Cloud Computing

Published Date: 02 Nov 2017

INTRODUCTION TO CLOUD COMPUTING

Cloud Computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). The name comes from the common use of a cloud-shaped symbol as an abstraction for the complex infrastructure it contains in system diagrams. Cloud computing entrusts remote services with a user's data, software and computation.

End users access cloud-based applications through a web browser or a light-weight desktop or mobile app while the business software and user's data are stored on servers at a remote location. Proponents claim that cloud computing allows companies to avoid upfront infrastructure costs, and focus on projects that differentiate their businesses instead of infrastructure. Proponents also claim that cloud computing allows enterprises to get their applications up and running faster, with improved manageability and less maintenance, and enables IT to more rapidly adjust resources to meet fluctuating and unpredictable business demand.

In the business model using software as a service, users are provided access to application software and databases. Cloud providers manage the infrastructure and platforms that run the applications. SaaS is sometimes referred to as "on-demand software" and is usually priced on a pay-per-use basis. SaaS providers generally price applications using a subscription fee.

Proponents claim that the SaaS allows a business the potential to reduce IT operational costs by outsourcing hardware and software maintenance and support to the cloud provider. This enables the business to reallocate IT operations costs away from hardware/software spending and personnel expenses, towards meeting other IT goals. In addition, with applications hosted centrally, updates can be released without the need for users to install new software. One drawback of SaaS is that the users' data are stored on the cloud provider's server. As a result, there could be unauthorized access to the data.

Cloud computing relies on sharing of resources to achieve coherence and economies of scale similar to a utility (like the electricity grid) over a network. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services.

1.2 PROBLEM STATEMENT

In the early stages of security in cloud computing, the privacy preservation is done for user level and the data level. Whereas the each registered users will get the dynamic code for security. Then and there the user has to use that token to enter into the process. Also we used TPA to audit the unauthorized users entering into cloud process. The TPA will display only the ip addresses of the unauthorized users.

1.3 SCOPE OF THE PROJECT

In this project we are extending the previous system by using automatic blocker for privacy preserving public auditing for data storage security in cloud computing. We utilize the public key based homomorphism authenticator and uniquely integrate it with random mask technique and automatic blocker. To achieve a privacy-preserving public auditing system for cloud data storage security while keeping all above requirements in mind. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient. The proposed system incorporates the previous system advantages and extends to find the unauthorized user, to prevent the unauthorized data access for preserving data integrity. The proposed system monitors the user requests according the user specified parameters and it checks the parameters for the new and existing users .The system accepts existing validated user, and prompts for the new users for the parameter to match requirement specified during user creation for new users. If the new user prompts parameter matches with cloud server, it gives privileges to access the Audit protocol author wise the system automatically blocks the Audit protocol for specific user.

1.4 OVERALL DESCRIPTION

Basically the cloud users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in Cloud Computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. To securely introduce an effective Third Party Auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The Third Party Auditing process should bring in no new vulnerabilities towards user data privacy. In this paper we are extending the previous system by using automatic blocker for privacy preserving public auditing for data storage security in cloud computing. We utilize the public key based homomorphism authenticator and uniquely integrate it with random mask technique and automatic blocker. To achieve a privacy-preserving public auditing system for cloud data storage security while keeping all above requirements in mind.

1.5 Perspective

Improve the security in Cloud Storage.

Prevent the unauthorized users using protocol blocker.

1.6 Features

Public Auditability

Storage Correctness

Privacy-Preserving

Audit

Protocol Blocker

CHAPTER – 2

SYSTEM STUDY

2.1 LITERATURE SURVEY

PAPER 1: Hybrid Provable Data Possession at Untrusted Stores in Cloud Computing, 2011

The security risks associated with each cloud delivery model vary and are dependent on a wide range of factors including the sensitivity of information assets, cloud architectures and security controls involved in a particular cloud environment [7].Over time, organizations tend to relax their security posture. To combat a relaxation of security, the cloud provider should perform regular security assessments [3]. Risk management framework is one of security assessment tool to reduction of threats and vulnerabilities and mitigates security risks. The goal of this paper is to present information risk management framework for better understanding critical areas of focus in cloud computing environment, to identifying a threat and identifying vulnerability. This framework is covering all of cloud service models and cloud deployment models. Cloud provider can be applied this framework to organizations to do risk mitigation.

PAPER 2: Ensuring Data Storage Security in Cloud Computing, 2010

Cloud computing is the next stage in evolution of the internet, which provides large amount of computing and storage to customers provisioned as a service over the internet. However, cloud computing facing so many security challenges due to the possible compromise or byzantine failures. In this paper, we focus on Ensuring data storage security in cloud computing, which is an important aspect of Quality of Service (QoS). We propose an effective and flexible distribution verification protocol to address data storage security in cloud computing. In this protocol, we rely on erasure code for the availability, reliability of data and utilize token precomputation using Sobol Sequence to verify the integrity of erasure coded data rather than Pseudorandom Data in existing system. Unlike prior works, our scheme provides more security to user data stored in cloud computing. The performance analysis shows that our scheme is more secure than existing system against Byzantine failure, unauthorized data modification attacks, and even cloud server colluding attacks.

Hybrid Provable Data Possession at Untrusted Stores In Cloud Computing

Narn - Yih Lee Southern Taiwan University Information Management Department Tainan, Taiwan [email protected]

Yun - Kuan Chang Southern Taiwan University Information Management Department Tainan, Taiwan [email protected].

Ensuring Data Storage Security in Cloud Computing

P. Syam Kumar, R. Subramanian and D. Thamizh Selvam

Department of Computer Science, School of Engineering and Technology, Pondicherry University, Puducherry. India [email protected], [email protected] and [email protected].

2.2 EXISTING SYSTEM:

In the early stages of security in cloud computing, the privacy preservation is done for user level and the data level. Whereas the each registered users will get the dynamic code for security. Then and there the user has to use that token to enter into the process. Also we used TPA to audit the unauthorised users entering into cloud process. The TPA will display only the ip addresses of the unauthorised users.

Fig. 2.1 Architecture for Existing System

Disadvantages:

No user blocking.

No Ip address blocking.

Only Listing the unauthorised users.

2.3 PROPOSED SYSTEM

In this paper we are extending the previous system by using automatic blocker for privacy preserving public auditing for data storage security in cloud computing. We utilize the public key based homomorphism authenticator and uniquely integrate it with random mask technique and automatic blocker. To achieve a privacy-preserving public auditing system for cloud data storage security while keeping all above requirements in mind. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient. The proposed system incorporates the previous system advantages and extends to find the unauthorized user, to prevent the unauthorized data access for preserving data integrity. The proposed system monitors the user requests according the user specified parameters and it checks the parameters for the new and existing users .The system accepts existing validated user, and prompts for the new users for the parameter to match requirement specified during user creation for new users. If the new user prompts parameter matches with cloud server, it gives privileges to access the Audit protocol author wise the system automatically blocks the Audit protocol for specific user.

Fig. 2.2 Architecture for Proposed System

Advantages:

All the above mentioned disadvantages will overcome.

Highly Secure .

User level and Data level Security is available.

2.4 Feasibility Study

Feasibility studies aim to objectively and rationally uncover the strengths and weaknesses of the existing business or proposed venture, opportunities and threats as presented by the environment, the resources required to carry through, and ultimately the prospects for success. In its simplest term, the two criteria to judge feasibility are cost required and value to be attained. As such, a well-designed feasibility study should provide a historical background of the business or project, description of the product or service, accounting statements, details of the operations and management, marketing research and policies, financial data, legal requirements and tax obligations.[1] Generally, feasibility studies precede technical development and project implementation.

2.4.1 Technology and System feasibility

The assessment is based on an outline design of system requirements in terms of Input, Processes, Output, Fields, Programs, and Procedures. This can be quantified in terms of volumes of data, trends, frequency of updating, etc. in order to estimate whether the new system will perform adequately or not. Technological feasibility is carried out to determine whether the company has the capability, in terms of software, hardware, personnel and expertise, to handle the completion of the project.

2.4.2 Economic feasibility

Economic analysis is the most frequently used method for evaluating the effectiveness of a new system. More commonly known as cost/benefit analysis, the procedure is to determine the benefits and savings that are expected from a candidate system and compare them with costs. If benefits outweigh costs, then the decision is made to design and implement the system. An entrepreneur must accurately weigh the cost versus benefits before taking an action.

Cost-based study: It is important to identify cost and benefit factors, which can be categorized as follows: 1. Development costs; and 2. Operating costs. This is an analysis of the costs to be incurred in the system and the benefits derivable out of the system.

2.4.3 Schedule feasibility

A project will fail if it takes too long to be completed before it is useful. Typically this means estimating how long the system will take to develop, and if it can be completed in a given time period using some methods like payback period. Schedule feasibility is a measure of how reasonable the project timetable is. Given our technical expertise, are the project deadlines reasonable? Some projects are initiated with specific deadlines. You need to determine whether the deadlines are mandatory or desirable.

2.5 Problem Description

No user blocking

No Ip address blocking

Only Listing the unauthorised users

Data Integrity is available

Highly Secure

Performance is Good

User level and Data level Security is available

CHAPTER – 3

SYSTEM SPECIFICATION

3.1 SYSTEM REQUIREMENTS

HARDWARE SPECIFICATION

Processor : Pentium IV

Processor Speed : 2.80GHz

Main Storage : 512MB RAM

Hard Disk Capacity : 80GB

SOFTWARE SPECIFICATION

Operating System : Windows 7 / XP

Front End : Visual Studio 2010 .Net Framework 4.0 (ASP.Net)

Scripting : Visual Studio 2010 (C#.Net)

Back End : SQL Server 2005

Other Resources : Cloud Space