Enhancing Privacy in Cloud Storage

Published: 2021-09-13 20:20:10
essay essay

Category: Technology

Type of paper: Essay

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Hey! We can write a custom essay for you.

All possible types of assignments. Written by academics

GET MY ESSAY
Enhancing Privacy in Cloud Storage
Abstract
Protecting outsourced data in cloud storage with data integrity checking and failure reparation is critical in recent times. Regenerating codes have gained popularity due to their low repair bandwidth . Existing mechanism provide only private auditing for regenerating code. For private auditing, data owner should stay online, perform auditing and regenerate code. This is not always possible. To make this method more efficient, a public auditing methodology is proposed which maintains data integrity even in the absence of data owner. A proxy works on behalf of data owner for regeneration in case of any corruption and a trusted third party auditor comes into picture to perform public auditing. Pseudo random function is applied to preserve data privacy. Secure Storage is provided to data owner in the cloud by following encryption standards. Secure Hash Algorithm (SHA), a cryptographic algorithm is applied to maintain data in a more confidential way. We further extend this TPA to multiple users concurrently and efficiently.
Key Words: Data, cloud computing, privacy, code, audit, proxy,third party auditor , Batch auditingINTRODUCTION
Cloud Computing offers flexible on demand data outsourcing service with appealing benefits. Cloud Computing is one of the finest evolution supporting remote storage and computation. Cloud computing enables on – demand network access to a shared pool of resources. Cloud Computing supports universal data access with location independence and avoids expenditure on hardware, software and personal maintenance. Cloud computing services can be classified into Software as a Service ( SaaS ), Platform as a Service ( PaaS ), Infrastructure as a Service ( Iaas). Software as a Service is designed in regard of end users while Platform as a Service is developed in view of Application Developers. Infrastructure as a service provides storage and network service.
Cloud storage is one of the crucial feature of cloud computing. Data transition between cloud and local server is quite easy. Nevertheless, this new paradigm of data hosting service also brings new security threats towards users data, thus making individual or enterprise still feel hesitant. Protecting outsourced data in cloud storage against corruptions is one of the biggest challenge faced in cloud computing. There should be some mechanism which specifies about correctness and integrity of data. Users have to use the cloud storage without worrying about integrity issues.
Correctness, Integrity, Availability are put at risk if data owners lose control over fate of their outsourced data. If servers modify any part of data, user should be able to detect it. There exists many threats to cloud service in terms of deleting data or corrupting the data by malicious people or software. The providers may act dishonestly, trying to pretend that there is no integrity failure in data for monetary or reputation reasons. So there should exist a protocol which is very much efficient in terms of correctness of data storage in the cloud.
The task of auditing and reparation by data owner is expensive due to large outsourced data and limited resource capabilities by the data owner. There ae certain disadvantages in the cloud which should be overcome. One among them is reducing the operations on data owner side. Data owners doesn’t want themselves to constantly go through correctness and reparation phases. To ensure data integrity along with less burden on user, I propose a public auditing followed by code regeneration. To protect data privacy against Third party auditor we are encrypting the coefficients of user data. This approach is quiet easy to implement when compared to proof of blind technique and data blind method.The data blocks are encrypted as well as signed.
A multi – server scenario is used instead of single server scenario by striping and redundantly storing files across multiple servers. The main focus is on integrity verification problem with functional repair strategy. The coefficients are encrypted using Pseudo random function to enhance privacy of data blocks. This process is lightweight and does not accumulate to any overhead even from the Third Party Auditor perspective. Optimization is performed to improve efficiency and to mitigate computational and communication overhead.
METHODOLOGY
Regenerating Codes are used to reduce the repair bandwidth. They are very much scalable and effective. Cloud storage can be treated as a collection of servers for storage purpose. Data file which the user tries to store in the cloud is encoded and redundantly stored across these servers. When corruption is detected at any of the server, the user tries to reach out to remaining servers which are not corrupted and retrieves the required data.This process takes by regenerating only required data blocks instead of regenerating the entire original file. Thee exists two flavors of repair strategy, one with exact repair and the other is functional repair. Exact repair strategies requires regenerating the code block exactly same as the corrupted block, while functional repair indicates that newly generated blocks are different from corrupted ones with high probability.
Data Owners calculates six coded blocks random linear combination of native three blocks and are distributed across three different servers. When a server gets corrupted, proxy contacts other two servers linearly mixes them to generate new coded blocks from which corrupted data can be regenerated. Linear combination of blocks in masked with random function to make the code blocks more secure. Each coded block represents combination of native blocks in functional repair regenerating strategy. Homomorphic encryption is applied. Remote Auditing protocol is implemented. Public verifiability is one of the key feature of the proposed model. User grants audit rights to the Third Party Auditor. We make sure Third Party Auditor is reliable and independent. Authentication handshakes are omitted to make it a light weight process.
This model encompasses four entities – Data owner, Third Party Auditor, Proxy , Cloud storage. Data owner owns large amounts of files which he wishes to store in the cloud which is managed by Cloud service provider. Cloud service provider possess resources to compute as well as storage space. The Third Party Auditor performs public auditing on the data stored to verify the integrity. Third Party Auditor is unbiased and trusted. Proxy is semi trusted. This acts on behalf of data owner in the case of integrity failure. Proxy is much more powerful than data owner and less powerful than cloud storage in terms of memory and computation. Proxy would always be online to handle integrity failure scenario but data owner cannot always stay online to protect his data.
Compared to conventional model, our proposed model introduces proxy which thereby reduces burden on data owner. Threat in this model may arise from trusted Third Party Auditor or from semi trusted proxy. There is a probability of replace , replay , forge and pollution attacks. Third Party Auditor may be trusted but there is a probability that it may act curious and these attacks may arise. Auditing should not bring in any new vulnerabilities
To overcome these, the key design criteria to be followed while implementing this idea is – public audibility, which verifies integrity as well as reduces burden on data owner to stay online. Auditing step is never bypassed to maintain storage soundness. Privacy is maintained by neither allowing auditor or proxy to derive the content from data blocks. Authenticator should constantly work to ensure correctness at any time frame. Error location is quickly located. For public and private key generation, data owner takes polynomial time. Data Owner delivers partial secret key to proxy in a secure way. Cloud Server and Third Party Auditor interact with each other in audit phase.
Repair phase outputs new blocks which vary from corrupted ones with high probability. This is one of the challenge faced initially. Replace and Replay attack are overcome by maintaining the details regarding indexes of servers, blocks and segments in the authenticator. Data owner transmits the secret key in an encrypted format to the proxy using proxy’s public key. Proxy decrypts and stores the secret key in the local storage. Third Party Auditor sends an alert to proxy as soon as it detects corrupted block. Third Party Auditor cannot get the original data through solving linear equations. Third Party Auditor cannot recover the authentic coefficients of data as it is unaware of secret key. Though proxy possess a part of secret key, it still cannot get the original data content.
Public Auditing scheme makes use of four algorithms namely Key Generation, Signature Generation , Generate Proof , Verify Proof . Signature Generation is used by the data owner to generate verification metadata like Message Authentication Code signatures. Generate Proof algorithm is executed by cloud server to generate a proof of correctness for the data in the cloud. This model can be easily integrated without requiring complex modifications. The main advantage of this approach is to reduce the burden on the user and make the storage process in the cloud more user friendly. Third Party Auditor performs random checking on coded blocks to improve efficiency.
DISCUSSION
This section describes the correctness of verification of our auditing scheme conducted. There are two verification schemes, one during Audit Phase and another during repair strategy. Third Party Auditor verifies the possession of data blocks during audit phase. Third Party Auditor can check the correctness of data on demand without retrieving whole copy of data. Our proposed scheme supports batch auditing where it can handle large number of users simultaneously. Third Party Auditor can perform auditing without much communication and computation overhead thereby making it light weight. Proxy checks the integrity of data blocks downloaded during repair phase.
Auditing Protocol satisfies soundness. For the setup key generation algorithm is used to generate a pair consisting of public and private key. Hash Oracle is used to produce hash value of the input. Authenticator is secured by applying Computational Diffie – Hellman. Third Party Auditor possess resistance towards replay attack. Our proposed methodology reduces the data owner from the burden of being online as well as preserves privacy compared to previous traditional methods. Our model exhibits O(1) that is linear time complexity to locate faulty server.
CONCLUSION
In this paper, a public auditing scheme for regenerating code based cloud storage is proposed where the data owners trust third party auditor to perform integrity checking. Cloud Computing security is the major issue that should be addressed. In order to ensure data privacy, coefficients are randomized initially. This random masking technique makes our code blocks more secure. Considering the fact that data owner cannot always stay online to verify his storage against a malicious corruption, a semi trusted proxy is introduced which handles the process of data regeneration in case of integrity failure on behalf of data owner. Authenticator is deigned based on BLS signature. Extensively analysis indicates that this idea is secure , highly efficient and can be easily integrated into cloud storage. Third party auditor can handle multiple user requests at the same time thereby reducing computation overhead and reducing the time taken for the integrity checking process.

Warning! This essay is not original. Get 100% unique essay within 45 seconds!

GET UNIQUE ESSAY

We can write your paper just for 11.99$

i want to copy...

This essay has been submitted by a student and contain not unique content

People also read