The Dynamic Storage In Cloud Computing

Published Date: 02 Nov 2017

Abstract- Cloud computing brings the new technology for the IT environment. Cloud Computing maintains software and database in the centralized large data centers. Using cloud computing, we can share our resources and services from different location, in open environment. It is very challenging part t keep safely all required data that are needed in many applications for user in cloud storing our data in cloud may not fully trustworthy. We may face some security problems, when we develop such cloud applications, as everything is stored in the large data centers. The services from these data centers cannot be trusted. In cloud environment security is the main challenge. So we have o ensure the integrity on data storage in cloud computing on behalf of the cloud client, we allow the TPA to verify the integrity of dynamic data stored in cloud. TPA eliminates the involvement of client to audit their data, which is stored in the cloud server. Data are stored in form of Merkle – Hash tree structure. TPA checks the integrity of the data with help of the bilinear aggregate Signature for multi user setting and carries multiple auditing tasks simultaneously. Our proposed scheme achieves batch auditing for multiple physical locations (multi server). If there occurs any server failure, using this schemes data to maintain integrity. By this scheme the data can be recovered automatically in cloud serverNo delegation for TPA to audit user’s data.

Index Terms--- Cloud Server, public auditability, batch auditing.

I. Introduction

Cloud is one of the powerful technologies in current trends. Cloud computing is delivery of computing as a service rather than product, whereby shared resources, software, and information are provided to computers and other devices as utility over a network. Cloud computing provides combination software, data access, and storage service hat do not require end-user knowledge of physical location and configuration of the system that delivers the services. Cloud computing is different from hosting services and assets at ISP data center. It is all about computing systems are logically at one place or virtual resources forming a cloud and user community accessing with intranet or internet.

Cloud computing is different from hosting services and asses at ISP data center. It is all about computing systems are logically at one place or virtual resources forming a cloud and user community accessing with intranet or internet. So it means cloud reside in-premises or off-premises at service provider location.

At the foundation of cloud computing is the broader concept of infrastructure convergence (or Converged Infrastructure ) and shared services. This type of data center environment allows enterprises to get their applications up and running faster, with easier manageability and less maintenance, and enables IT o more rapidly adjust IT resources(such as servers, storage and networking) o meet fluctuating and unpredictable business demand

The Cloud computing Provides Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS).Among these Software as a Service is powerful Architecture. Cloud computing providers deliver applications via the internet, which are accessed from web browsers, desktop and mobile application while the business software and data are stored on servers at a remote location. Clients are in the need of High quality of services. They may be data and software. They are on remote data centers.

When we design cloud, we may face some problems. And one of the main Problems in Cloud is Security. The Security will bring new problems especially, in case of performance of the overall system, as data are stored in the server. In cloud the servers are not trusted by the client and so the servers are in critical positions. We often check the data integrity at untrusted servers. To check data integrity many schemes are proposed for different security models[3][7][6][4].Various requirements for the security models are high schemes efficiency, stateless verification, unbounded use of queries and retrivability of data etc.

In real world, we have two schemes for auditing. They are private auditability and public auditability. By using private auditability we may achieve the high scheme efficiency. Private auditability is not applicable for all clients. So public auditability is offer to the client. Here we make public auditability rich to maintain data. Most of times the client cloudn’t do computation resources. In order to do the checking process of data integrity, We maintain Third Party Auditor (TPA). It eliminates the client’s burden by providing frequent integrity checks.

And its major concern is to support dynamic data operation for cloud data storage applications. We have two files one is static data, next is dynamic data. The State of art fully focused on static data which is stored in cloud and here we pay attention to dynamic data. So this model supports dynamic data-update, delete, and modification. From we achieve proof of data retrievability (or) provable data possession with Security.

II. RELATED WORK

The Data is stored in remote server. So we have to do data verification often. Q.Wang et al[5] are who first considered public verifiability and Data Dynamics for Storage Security in Cloud Computing. It ensure the integrity of data. But the Data Storage process is complex. Ateniese at al [3] are who first considered the public auditability in their defined provable data possession. This is to ensure possession of files on untrusted storage. By using RSA based homomorphic tags, we achieve public auditability, where dynamic data are no supported. Improved PoR Scheme used security model[1] uses homomorphic authenticators built BLS Signature[2]. By using it achieve public retrievability. Improved schemes use spot-checking and error- correcting codes were used for both possession and retrievability provable data possession models of Ateniese’s[3] has authenticated skip list data structure to authenticate the tag information of updated block, the efficiency of their schemes remains unclear.

This paper have the extended abstract[5] and its compare the technical details[5]. The MAC based and signature based schemes used for realizing data auditability and it support of data dynamics in PoR and PDP models. Extended data auditability schemes for the single client and explicitly include a concrete description of the multi client data auditing scheme. Finally extract the comparison between the multi client data auditing scheme and the individual schemes.

III. THE PROPOSED APPROACH

A. System Model

Following figure1 represent the network architecture for cloud data storage.

The Entities of network classified as follows.

1. Client, 2.Cloud Storage Server(CSS), 3.Third Party Auditor(TPA).

1. Client

Client is having the large data files to be stored in the cloud, which will do data maintenance and computation. It may do by either individual consumers or organizations.

2. Cloud Storage Server (CSS)

It will have the space for store and maintain data. This is done by the cloud service provider (CSP).

3. Third Party Auditor

Behalf of the client, it checks the integrity of the data. And it eliminates the risk of accessing the cloud server.

The Client is in the burden of storage and Computation. The client has to ensure that their data are being correctly stored and maintained. The Client has to periodically verify the Correctness of the remote data. So this added extra burden for client. So far we don’t have the monitoring of data.

Client

Third

Party

Auditor

Cloud

Storage

Servers

Data Flow

Security Message Flow

Security Message Flow

Security Message Flow

Fig. 1. Cloud Storage architecture

This is first time we monitor the data, which has stored in cloud server. Just Because of use TPA. TPA receives the encrypted format of data from Cloud Server as well as Client. TPA uses randomly generate key and get the codes. If both codes are same, it declares the integrity of the data. TPA Continues the process whenever the block level operations will be done (modification, insertion, and deletion).

B.Design Goals

Figure2 represents the Data flow for Design goals. And Design goals are classified as follows.

1. Key Generation, 2. Assigning Key, 3. Data storage on Cloud Server, 4.TPA integrity Verification and Dynamic Data Verification, 5.Batch Auditing for Multiple Physical Locations.

1. Key generation

Key plays a vital role in encryption method. First we have decided the data file which is to be in the cloud server. Then the data files are split into multiple data and each data are stored in form of Merkle- Hash tree structure. Finally count the split files and create a secrete key for the split files.

2. Assigning Key

The Secrete keys are assigned to split files. Encrypt the split files using the secrete keys. The secrete keys are stored in hash table. In hash table the keys are stored as index.

Accessing the data using index is less complexity. We cannot do search the whole data, just we search index of the data. Using the index, we can easily access the data. Hence the searching process will be very speed.

3. Data storage on cloud server

Store the encrypted files in different location of the cloud server. The requestor gives the randomly generate keys to the TPA. The TPA uses the key to check the data for verification. But TPA can’t see the original Content of the data. It only checks the validation by using signature schemes in cryptography.

Key Generation

User 1

User 2

User 3

Map Keys to File

Encrypt File and Store

Data Integration

TPA VALID

Replace Data

Data Dyanamics

Insert

Delete

Update

Batch Auditing for multiple physical locations

Fig. 2. Data Flow for Design Goals

4. Integrity verification and dynamic data

TPA gets he encrypted files from the server and the client. By using Random generate key, it checks the integrity of the data integrity is available only if both code size is equal. In further the client can also do data modification, data insertion and data deletion.

Data Modification

A basic data modification operation refers to the replacement of specified blocks with new ones. Suppose the clients want to modify the particular block (position of the data), of message to new message block. For the new block of message the client has to generate corresponding signature.

The clients sends update request message to the server. The update request message has the modification operations. The server runs the update operations and replaces the old block message by new block message. For storage use Merkle hash tree construction that generate the new root for new block of data.Figure3 represent the Data Modification in cloud storage.

Fig. 3.Data Modification in Cloud Storage

Data Insertion

Data insertion doesn’t change the logic structure of client’s data file, when compared with data modification. We can insert the new block after some specified positions in the data file. Figure4 represent the Data insertion in cloud storage.

Fig. 4.Data Insertion in Cloud Storage

Data Deletion

Data deletion is opposite operation of data insertion. Deleting the single block, it moves all later blocks one block forward. If server receives the update message of deletion, it create new root for the later blocks. Figure5 represent the Data Deletion in cloud storage.

Fig. 5.Data Deletion in Cloud Storage

5. Batch Audititng for multiple physical locations

Concurrent client server can handle multiple clients. The server has multiple signatures on multiple data files from multiple clients. The signatures have the characteristics of reduce the communication cost. It also provide the efficient verification for authenticate messages.

In the cloud server, a lot of users store their files. So each user validates their data using batch system. So audit time will be very less

Our proposed system makes the availability of data storage security. And individual user’s data can be redundantly stored in multiple physical locations. If any server crashes occurs, we can tolerate faults in distributed storage system. We have done batch auditing in multiple physical locations simultaneously.

IV CONCLUSION

To give efficient proficiency to user for trustworth manner. So we study the integrity and security of the cloud sorage data. User access their data blocks may do some modificaion, updates and deletions as their reuirements. Here CSP ( Cloud Service Provider),TPA (Third Party Auditor) are trust by the client. Because it use bilinear aggregate signature for the integrity of the data. And its mainly used for the batch auditing. Byzantine, internal,external and malicious attacks are not allowed. Because TPA do the monioring job.

And TPA audit the cloud sroage without demanding local copy of the users.It ensure the no dataleague. TPA have only encryped format of the data. Finally user can be satisfied with strong nature of integrity for their own data with good mainenance through the cloud service provider at multiple server as well as security of stored data for is trustworthmanners.

V REFERENCES

[1] A. Juels and B. S. Kaliski, Jr,( 2007), "Pors: proofs of retrievability for large files," in Proc. of CCS’07. New York, NY, USA: ACM, pp. 584–597.

[2] D. Boneh, B. Lynn, and H. Shacham, (2001), "Short signatures from the weil pairing," in Proc. of ASIACRYPT’01. London, UK: Springer- Verlag, pp. 514–532.

[3] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, (2007),"Provable data possession at untrusted stores," in Proc. of CCS’07. New York, NY, USA: ACM, pp. 598–609.

[4] G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, (2008), "Scalable and efficient provable data possession," in Proc. of SecureComm’08. New York, NY, USA: ACM, pp. 1–10.

[5] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, (2009), "Enabling public verifiability and data dynamics for storage security in cloud computing," in Proc. of ESORICS’09. Saint Malo, France: Springer- Verlag, pp. 355–370.

[6] Q. Wang, K. Ren, W. Lou, and Y. Zhang, (2009), "Dependable and secure sensor data storage with dynamic integrity assurance," in Proc. of IEEE INFOCOM’09, Rio de Janeiro, Brazil, pp. 954– 962.

[7] T. Schwarz and E. L. Miller, (2006), "Store, forget, and check: Using algebraic signatures to check remotely administered storage," in Proc. of ICDCS’06, Lisboa, Portugal, pp. 12–12.