Download to read offline
![IJSRD - International Journal for Scientific Research & Development| Vol. 2, Issue 08, 2014 | ISSN (online): 2321-0613 All rights reserved by www.ijsrd.com 47 Effective & Flexible Cryptography Based Scheme for Ensuring User’s Data Security in Cloud Dev Raj1 Prof. Kirti Choudhary2 2 Professor Abstract— Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible cryptography based scheme. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against malicious data modification attack. Keywords: Traditional Solutions, Saas, EC2, S3 I. INTRODUCTION Several trends are opening up the era of Cloud Computing, which is an Internet-based development and use of computer technology. The ever cheaper and more powerful processors, together with the software as a service (SaaS) computing architecture, are transforming data centers into pools of computing service on a huge scale. The increasing network bandwidth and reliable yet flexible network connections make it even possible that users can now subscribe high quality services from data and software that reside solely on remote data centers. Moving data into the cloud offers great convenience to users since they don’t have to care about the complexities of direct hardware management. The pioneer of Cloud Computing vendors, Amazon Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2) are both well- known examples. While these internet- based online services do provide huge amounts of storage space and customizable computing resources, this computing platform shift, however, is eliminating the responsibility of local machines for data maintenance at the same time. As a result, users are at the mercy of their cloud service providers for the availability and integrity of their data. From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons. Firstly, traditional cryptographic primitives for the purpose of data security protection can not be directly adopted due to the users’ loss control of data under Cloud Computing. Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the cloud and the demand of long term continuous assurance of their data safety, the problem of verifying correctness of data storage in the cloud becomes even more challenging. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. However, this dynamic feature also makes traditional integrity insurance techniques futile and entails new solutions. Last but not the least, the deployment of Cloud Computing is powered by data centers running in a simultaneous, cooperated and distributed manner. Individual user’s data is redundantly stored in multiple physical locations to further reduce the data integrity threats. Therefore, distributed protocols for storage correctness assurance will be of most importance in achieving a robust and secure cloud data storage system in the real world. However, such important area remains to be fully explored in the literature. Recently, the importance of ensuring the remote data integrity has been highlighted by the following research works. These techniques, while can be useful to ensure the storage correctness without having users possessing data, cannot address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As a complementary approach, researchers have also proposed distributed protocols for ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited. II. RELATED WORK In cloud data storage system, users store their data in the cloud and no longer possess the data locally. Thus, the correctness and availability of the data files being stored on the distributed cloud servers must be guaranteed. One of the key issues is to effectively detect any unauthorized data modification and corruption, possibly due to server compromise and/or random Byzantine failures. Besides, in the distributed case when such inconsistencies are successfully detected, to find which server the data error lies in is also of great significance, since it can be the first step to fast recover the storage errors. To address these problems, our main scheme for ensuring cloud data storage is presented in this section. The first part of the section is devoted to a review of basic tools from coding theory that is needed in our scheme for file distribution across cloud servers. Then, the homomorphic token is introduced. The token computation function we are considering belongs to a family of universal hash function [11], chosen to reserve the homomorphic properties, which can be perfectly integrated with the](https://image.slidesharecdn.com/ijsrdv2i8022-150923082936-lva1-app6891/75/Effective-Flexible-Cryptography-Based-Scheme-for-Ensuring-User-s-Data-Security-in-Cloud-1-2048.jpg)
![Effective & Flexible Cryptography Based Scheme for Ensuring User’s Data Security in Cloud (IJSRD/Vol. 2/Issue 08/2014/011) All rights reserved by www.ijsrd.com 48 verification of erasure-coded data [8] [12].Subsequently, it is also shown how to derive a challenge response protocol for verifying the storage correctness as well as identifying misbehaving servers. III. PROBLEMS IN EXISTING SYSTEM From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons. Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. These techniques, while can be useful to ensure the storage correctness without having users possessing data, can not address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As a complementary approach, researchers have also proposed distributed protocols f o r ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited. IV. PROPOSED SOLUTION we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible cryptography based scheme., We are proposing a novel 3-tier model to provide security to users data in cloud computing. The first tier is responsible for data owner and user of cloud authentication. The second tier is responsible for encrypting data owner’s data. It is also responsible for protecting user’s data from unauthorized access. The third tier is responsible for providing data decryption. It is shown below in figure: Fig. 1: Proposed Model V. PROPOSED SCHEME In our proposed scheme, an authentication module is responsible for user authentication, encryption, and decryption. Our proposed scheme contains a cloud service provider, an auditor, data owner, and data users. Each user is allocated two keys: a public key and a private key. VI. CONCLUSION In this paper, we have introduced the new scheme for realizing scalable, flexible, and fine-grained access control in cloud computing. The new scheme seamlessly incorporates a hierarchical structure of system users by applying a delegation algorithm to attribute based encryption. We have also presented a review of modern cloud security model. Their working, together with their advantages & disadvantages, is also discussed REFERENCES [1] Amazon.com, “Amazon Web Services (AWS),” Online at http://aws. amazon.com,2008. [2] N. Gohring, “Amazon’s S3 down for several hours,” Online at Http://www.pcworld.com/businesscenter/article/1425 49/amazons s3 down for several hours.html, 2008. [3] A. Juels and J. Burton S. Kaliski, “PORs: Proofs of Retrievability for Large Files,” Proc. Of CCS ’07, pp. 584–597, 2007. [4] H. Shacham and B. Waters, “Compact Proofs of Retrievability,” Proc.of Asiacrypt ’08, Dec. 2008. [5] K. D. Bowers, A. Juels, and A. Oprea, “Proofs of Retrievability: Theory and Implementation,” Cryptology ePrint Archive, Report 2008/175,2008, http://eprint.iacr.org/. [6] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z.Peterson, and D. Song, “Provable Data Possession at Untrusted Stores,” Proc. Of CCS ’07, pp. 598–609, 2007. [7] G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, Scalable and Efficient Provable Data Possession,” Proc. of SecureComm ’08, pp. 1– 10, 2008. [8] T. S. J. Schwarz and E. L. Miller, “Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage,” Proc.of ICDCS ’06, pp. 12–12, 2006. [9] M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard, “A Cooperative Internet Backup Scheme,” Proc. of the 2003 USENIX Annual Technical Conference (General Track), pp. 29–41, 2003. [10]K. D. Bowers, A. Juels, and A. Oprea, “HAIL: A High- Availability and Integrity Layer for Cloud Storage,” Cryptology ePrint Archive, Report 2008/489, 2008, http://eprint.iacr.org/.](https://image.slidesharecdn.com/ijsrdv2i8022-150923082936-lva1-app6891/75/Effective-Flexible-Cryptography-Based-Scheme-for-Ensuring-User-s-Data-Security-in-Cloud-2-2048.jpg)
Uploaded byijsrd.com
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Security in Cloud
The document discusses an effective and flexible cryptography-based scheme to enhance data security in cloud computing, addressing unique challenges posed by the shift from traditional data management. It highlights the significance of ensuring data integrity during dynamic updates and proposes a novel three-tier model for user authentication and data encryption to secure users' information. The proposed solution aims to offer scalable and fine-grained access control while reviewing existing cloud security models to identify gaps.
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Security in Cloud
- 1. IJSRD - InternationalJournal for Scientific Research & Development| Vol. 2, Issue 08, 2014 | ISSN (online): 2321-0613 All rights reserved by www.ijsrd.com 47 Effective & Flexible Cryptography Based Scheme for Ensuring User’s Data Security in Cloud Dev Raj1 Prof. Kirti Choudhary2 2 Professor Abstract— Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible cryptography based scheme. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against malicious data modification attack. Keywords: Traditional Solutions, Saas, EC2, S3 I. INTRODUCTION Several trends are opening up the era of Cloud Computing, which is an Internet-based development and use of computer technology. The ever cheaper and more powerful processors, together with the software as a service (SaaS) computing architecture, are transforming data centers into pools of computing service on a huge scale. The increasing network bandwidth and reliable yet flexible network connections make it even possible that users can now subscribe high quality services from data and software that reside solely on remote data centers. Moving data into the cloud offers great convenience to users since they don’t have to care about the complexities of direct hardware management. The pioneer of Cloud Computing vendors, Amazon Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2) are both well- known examples. While these internet- based online services do provide huge amounts of storage space and customizable computing resources, this computing platform shift, however, is eliminating the responsibility of local machines for data maintenance at the same time. As a result, users are at the mercy of their cloud service providers for the availability and integrity of their data. From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons. Firstly, traditional cryptographic primitives for the purpose of data security protection can not be directly adopted due to the users’ loss control of data under Cloud Computing. Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the cloud and the demand of long term continuous assurance of their data safety, the problem of verifying correctness of data storage in the cloud becomes even more challenging. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. However, this dynamic feature also makes traditional integrity insurance techniques futile and entails new solutions. Last but not the least, the deployment of Cloud Computing is powered by data centers running in a simultaneous, cooperated and distributed manner. Individual user’s data is redundantly stored in multiple physical locations to further reduce the data integrity threats. Therefore, distributed protocols for storage correctness assurance will be of most importance in achieving a robust and secure cloud data storage system in the real world. However, such important area remains to be fully explored in the literature. Recently, the importance of ensuring the remote data integrity has been highlighted by the following research works. These techniques, while can be useful to ensure the storage correctness without having users possessing data, cannot address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As a complementary approach, researchers have also proposed distributed protocols for ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited. II. RELATED WORK In cloud data storage system, users store their data in the cloud and no longer possess the data locally. Thus, the correctness and availability of the data files being stored on the distributed cloud servers must be guaranteed. One of the key issues is to effectively detect any unauthorized data modification and corruption, possibly due to server compromise and/or random Byzantine failures. Besides, in the distributed case when such inconsistencies are successfully detected, to find which server the data error lies in is also of great significance, since it can be the first step to fast recover the storage errors. To address these problems, our main scheme for ensuring cloud data storage is presented in this section. The first part of the section is devoted to a review of basic tools from coding theory that is needed in our scheme for file distribution across cloud servers. Then, the homomorphic token is introduced. The token computation function we are considering belongs to a family of universal hash function [11], chosen to reserve the homomorphic properties, which can be perfectly integrated with the
- 2. Effective & FlexibleCryptography Based Scheme for Ensuring User’s Data Security in Cloud (IJSRD/Vol. 2/Issue 08/2014/011) All rights reserved by www.ijsrd.com 48 verification of erasure-coded data [8] [12].Subsequently, it is also shown how to derive a challenge response protocol for verifying the storage correctness as well as identifying misbehaving servers. III. PROBLEMS IN EXISTING SYSTEM From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons. Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. These techniques, while can be useful to ensure the storage correctness without having users possessing data, can not address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As a complementary approach, researchers have also proposed distributed protocols f o r ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited. IV. PROPOSED SOLUTION we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible cryptography based scheme., We are proposing a novel 3-tier model to provide security to users data in cloud computing. The first tier is responsible for data owner and user of cloud authentication. The second tier is responsible for encrypting data owner’s data. It is also responsible for protecting user’s data from unauthorized access. The third tier is responsible for providing data decryption. It is shown below in figure: Fig. 1: Proposed Model V. PROPOSED SCHEME In our proposed scheme, an authentication module is responsible for user authentication, encryption, and decryption. Our proposed scheme contains a cloud service provider, an auditor, data owner, and data users. Each user is allocated two keys: a public key and a private key. VI. CONCLUSION In this paper, we have introduced the new scheme for realizing scalable, flexible, and fine-grained access control in cloud computing. The new scheme seamlessly incorporates a hierarchical structure of system users by applying a delegation algorithm to attribute based encryption. We have also presented a review of modern cloud security model. Their working, together with their advantages & disadvantages, is also discussed REFERENCES [1] Amazon.com, “Amazon Web Services (AWS),” Online at http://aws. amazon.com,2008. [2] N. Gohring, “Amazon’s S3 down for several hours,” Online at Http://www.pcworld.com/businesscenter/article/1425 49/amazons s3 down for several hours.html, 2008. [3] A. Juels and J. Burton S. Kaliski, “PORs: Proofs of Retrievability for Large Files,” Proc. Of CCS ’07, pp. 584–597, 2007. [4] H. Shacham and B. Waters, “Compact Proofs of Retrievability,” Proc.of Asiacrypt ’08, Dec. 2008. [5] K. D. Bowers, A. Juels, and A. Oprea, “Proofs of Retrievability: Theory and Implementation,” Cryptology ePrint Archive, Report 2008/175,2008, http://eprint.iacr.org/. [6] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z.Peterson, and D. Song, “Provable Data Possession at Untrusted Stores,” Proc. Of CCS ’07, pp. 598–609, 2007. [7] G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik, Scalable and Efficient Provable Data Possession,” Proc. of SecureComm ’08, pp. 1– 10, 2008. [8] T. S. J. Schwarz and E. L. Miller, “Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage,” Proc.of ICDCS ’06, pp. 12–12, 2006. [9] M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard, “A Cooperative Internet Backup Scheme,” Proc. of the 2003 USENIX Annual Technical Conference (General Track), pp. 29–41, 2003. [10]K. D. Bowers, A. Juels, and A. Oprea, “HAIL: A High- Availability and Integrity Layer for Cloud Storage,” Cryptology ePrint Archive, Report 2008/489, 2008, http://eprint.iacr.org/.