Public Auditing of Data Stored in Cloud by preserving privacy

Presented by, Shima V

M Roll.No:15

Guided By

Mrs. Lekshmy D KumarAssistant Professor

INTRODUCTION

• Cloud computing is an Internet based computing which enables sharing of services.

• Cloud computing makes computing and storage resources available to users on demand

• Security in cloud is achieved by signing the data block before sending to the cloud.

• Users should be able to just use the cloud storage as if it is local, without worrying about the need to verify its integrity.

INTRODUCTION(contd..)

• Public Auditing mechanism for secure cloud storage.

• Users can resort to a Third Party Auditor (TPA) to check the integrity of outsourced data.

Architecture of Cloud Data Storage

OBJECTIVE

• To set up cloud environment using any available open source cloud.

• To implement Public auditability on cloud data server.

– verify the integrity of the data cloud on demand without having to retrieve a copy of all information

Literature Survey

• MAC based Solution

– Data owner maintains MACs for the data file to be outsourced

– Integrity is checked by recalculating the MAC and compare it with precomputed value

– For very large files MAC cannot be employed

• Proof of Retrievability scheme

– A keyed hash function is used in POR scheme

Literature Survey(contd..)

– Verifier pre-computes the cryptographic hash of file and stores the hash as well as a secret key

– The verifier releases the secret key K to the cloud archive

– Asks cloud archive to compute and return the hash value of file

• Cloud Security using TPA

– Uses RSA algorithm, for client data/file encryption and decryptions

Literature Survey(contd..)

– Also uses SHA-512 which makes message digest and check the data integrity

– Solves the problem of integrity, unauthorized access, privacy and consistency

techniques and details

• The technique of providing more security by using the Third Party Auditor (TPA) .

• Only the user knows the information about the data stored in the cloud.

• When anyone tries to modify or steal the data TPA informs the user by verifying the data.

• The TPA doesn’t even allows the CSP to read the data of the user.

techniques and details

Modules

– KeyGen :- key generation algorithm that is run by the user to setup the scheme.

– SigGen :- SigGen is used by the user to generate verification metadata

– GenProof :- GenProof is run by the cloud server to generate a proof of data storage correctness

– VerifyProof :- Run by the TPA to audit the proof.

techniques and details

• Two phases to construct public Auditing

• SetUp phase

– Achieve public and secret key parameters

– Verification metadata is sent to TPA

• Audit phase

– TPA sends audit message or challenge to the cloud

– Cloud executes GenProof on stored data file as response

– TPA retrieves the file tag for each user

Key Generation Process

Key Generation Process

• KeyGen Algorithm

– Client generates a random signing key pair(spk,ssk)

– Choose random ‘x’ which is an positive integer and ‘u’ є G1

– Compute v=(gx)

– Secret parametre sk=(x,ssk)

– Public parametre pk=(spk,v,g,u)

SigGen Process

SigGen Process

• sigGen Process

– Data file F=(m1,m2….mn)

– Compute authenticator Ϭi=H(Wi).umi)x, Wi=name||i

– For each block there is an authenticator form the set of authenticators denoted as Φ

– Compute the file tag t=Encrypt(hash(name)) using secret key ssk

– User sends Φ,t to server as well as to the TPA

GenProof Process

GenProof Process

VerifyProof Process

VerifyProof Process

• TPA runs VerifyProof to validate it by computing the aggregate authenticator

• Verifies µ and R values send by the server

• If the values matches the file in the server is not corrupted

Auditing using Multicast Batch RSA

• Sender chooses two large prime numbers P and Q

• Calculate N=P*Q

• Calculate two exponents e,d such that e*d=1modΦ(N) where

Φ(N)=(P-1)(Q-1)

• Calculate authenticator for each block and aggregate authenticator is denoted as σ

• Verification is done using

Screen shots

Screen shots

Screen shots

Screen shots

Screen shots

Screen shots

Screen shots

Screen shots

Screen shots

Summary

• In this system a way for providing security to cloud storage by maintaining data integrity and privacy preserving.

• Homomorphic linear authenticator with random masking to provide the guarantee data privacy.

• The users data leakage is prevented.

• A mobile message alert has been implemented to enhance security.

Summary

• In this system a way for providing security to cloud storage by maintaining data integrity and privacy preserving.

• Homomorphic linear authenticator with random masking to provide the guarantee data privacy.

• The users data leakage is prevented.

• Auditing is further enhanced by using Multicast RSA batch authentication scheme

List of publications

• Shima V M and Lekshmy D Kumar “Public Auditing of Data stored in Cloud by Preserving Privacy” International Journal of Engineering and Advanced Technology (IJEAT), Vol. 4, August 2015.

• Shima V M and Lekshmy D Kumar A Survey on “Privacy Preserving Public Auditing for Security of Data” International Journal of Computer and Advanced Engineering Research (IJCAER), Vol. 2, April 2015.

• Shima V M and Jayasudha J S “A survey on Deduplication File System for Virtual Machine Images” International Journal of Technology Enhancement and Emerging (IJTEEE), Vol. 3, July 2015.

REFERENCES

• [1] Cong Wang,Qian Wang,Kui Ren,Wenjing Lou(2010) ”Privacy

Preserving Public Auditing for Data Storage Security in Cloud

Computing”.

• [2] Patrick Honer. ”Cloud Computing security requirements and

• solutions: A systematic literature review”

• [3] Jachak K.B, Korde S.K, Ghorpade P.P and Gagare G.J. ”Homomorphic

authentication with random masking technique ensuring privacy and security in

cloud computing.”

• [4] Sunil Sanka1, Chittaranjan Hota1, Muttukrishnan Rajarajan2 ”Secure Data

Access in Cloud Computing”

Thank You