SLGP Header

Auditing Protocol for Secured Data Storage in Cloud

IJCSEC Front Page

Abstract
On cloud servers the data are hosted by the data owners and the data are accessed by the users from the cloud servers in cloud computing. As the data are outsourced, there are new security challenges been introduced by the new data hosting service that requires an independent auditing service in cloud to check the data integrity. There exist few remote integrity methods used for checking which can only serve for static archive data and hence cannot be applied to the auditing service as the data in the cloud can be updated dynamically. Thus, a new dynamic protocol which is secure and efficient is designed in order to make data owners believe that in cloud, the data are stored correctly. In this paper, first design a framework which would audit the data stored on the cloud servers and then a protocol which would be efficient in preserving the private data of the data owners.. The auditing protocol is extended to support the dynamic data operations, which is provable secure and efficient in the random oracle model. Also, the auditing protocol is extended to support batch auditing for multiple owners, without using any trusted organizer. The simulation and analysis results show that the proposed auditing protocols are efficient and secure, especially it reduces the computation cost of the auditor.
Keywords: Auditing Service, Remote Integrity, Dynamic Auditing Protocol, Batch Auditing, Data Dynamic Operations, Privacy, Cloud Computing, Access Control.
I.Introduction
The important service of cloud computing is cloud storage wherein the owners of data can move data to cloud from the local computing device. Day by day more owners started to store the important data in the cloud. However, this is a new paradigm in which the data hosting service introduces new challenges in data security. There is a chance of losing data which worry the owners of data. The loss of data would happen in any infra structure even there are very high reliable measures in place by the cloud service providers, can be due to dishonest service providers. The cloud service providers could remove the data from the cloud which are very rarely accessed in order to save the cloud storage space, however the data owners would still believe that their data are in cloud. Owners need to be convinced that in cloud, their private data are stored correctly. In cloud storage, it is inappropriate for the auditing to be performed either by cloud service providers or owners of the data to perform any auditing as both of them could be biased in providing auditing result. In such situation, were the data owners and service providers are not trustable, the choice would be third party auditing which assures the confidentiality of the data. A third party auditor can be more efficient as the TPA has the necessary expertise and capabilities in order to convince the owners and cloud service providers.
The cloud storage service (CSS) mitigates the load of maintenance and storage management. However, if such a significant service is weak to attacks or failures, it would take permanent losses to users since their data or records are stored into an unsure storage space pool outside the enterprises. These security risks move about in the direction of from the following reasons: the cloud infrastructures are much more authoritative and reliable than personal computing devices. If they are still susceptible to security threats both from inside and outside the cloud for the benefits of their control, there exist various motivations for cloud service providers (CSP) to behave falsely toward the cloud users in addition, the dispute infrequently suffers from the lack of trust on cloud service provider. As a result, their behaviours may not be known by the cloud users. Therefore, it is necessary for cloud service providers to offer a scalable audit service to check the integrity and accessibility of the stored data. While Cloud Computing makes these advantages more appealing than ever, it also brings new challenging security threats towards users’ outsourced data. Since cloud service provider is separate administrative units, outsourcing the data is actually resigning user’s control over the destiny of their data. The correctness of the data in the cloud is being put at risk due to the subsequent reasons. First of all, although the infrastructures beneath the cloud are much more powerful and reliable than private computing devices, they are silent facing the broad range of both internal and external threats for data integrity.
A protocol which is secure, efficient and dynamic, which can be used in auditing is proposed, which can meet the data owners need. To solve the data privacy problem, a new method is defined which would generate a proof with a challenge stamp in an encrypted form by using the Rijndael Managed object, which would not allow the auditor to decrypt and view the data, however, the auditor can only verify the correctness of the proof. Without using the mask technique, the method does not require any trusted organizer during the batch auditing for multiple clouds. On the other hand, in the method, let the server compute the proof as an intermediate value of the verification wherein the auditor can directly use this intermediate value to verify the correctness of the proof. Therefore, the method can greatly reduce the computing loads of the auditor by moving it to the cloud server. The aim of this paper is to design a framework and a protocol which would audit the private data stored by the data owners on the cloud servers.. Auditing protocol ensures the data privacy by using cryptography method and the Rijndael Managed object, instead of using the mask technique. Auditing protocol incurs less communication cost between the auditor and the server. By moving it to the server, it also reduces the computing loads of the auditor. Extend the protocol which is used to perform auditing on the private data to also perform the data dynamic operations, which would be secure and efficient. Extend auditing protocol to support batch auditing for not only multiple clouds but also multiple owners. The multi cloud batch auditing does not require any additional trusted organizer. The auditing performance can be improved by the multi owner batch auditing, especially in large-scale cloud storage systems.

References:

  1. M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A. Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A View of Cloud Computing,” Comm. ACM, vol. 53, no. 4, pp. 50-58, 2010.
  2. G. Ateniese, S. Kamara, and J. Katz, “Proofs of Storage from Homomorphic Identification Protocols,” Proc. Int’l Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology, M. Matsui, ed., pp. 319-333, 2009.
  3. Ateniese et al. G. Ateniese, R.D. Pietro, L.V. Mancini, and G. Tsudik, “Scalable and Efficient Provable Data Possession,” IACR Cryptology ePrint Archive, vol. 2008, p. 114, 2008.
  4. C.C. Erway, A. Kupcu , C. Papamanthou, and R. Tamassia, “Dynamic Provable Data Possession,” Proc. ACM Conf. Computer and Comm. Security, E. Al-Shaer, S. Jha, and A.D. Keromytis, eds., pp. 213-222, 2009.
  5. Kan Yang, “An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing”, IEEE Transactions on Parallel and Distributed Systems, Sep. 2013.
  6. P. Mell and T. Grance, “The NIST Definition of Cloud Computing,” technical report, Nat’l Inst. of Standards and Technology,2009.
  7. M. Naor and G.N. Rothblum, “The Complexity of Online Memory Checking,” J. ACM, vol. 56, no. 1, article 2, 2009.
  8. R. Ostrovsky, A. Sahai, and B. Waters, “Attribute-Based Encryption with Non-Monotonic Access Structures,” Proc. ACM Conf. Computer and Comm. Security (CCS ’07), P. Ning, S.D.C. di Vimercati, andP.F. Syverson, eds., Oct. 2007.
  9. F. Sebe´, J. Domingo-Ferrer, A. Martı´nez-Balleste´, Y. Deswarte, and J.-J. Quisquater, “Efficient Remote Data Possession Checking in Critical Information Infrastructures,” IEEE Trans. Knowledge Data Eng., vol. 20, no. 8, pp. 1034-1038, Aug. 2008.
  10. M.A. Shah, M. Baker, J.C. Mogul, and R. Swaminathan, “Auditing to Keep Online Storage Services Honest,” Proc. 11th USENIX Workshop Hot Topics in Operating Systems (HOTOS), G.C. Hunt, ed., 2007.
  11. T. Velte, A. Velte, and R. Elsenpeter, Cloud Computing: A Practical Approach, first ed., ch. 7. McGraw-Hill, 2010.
  12. C. Wang, S.M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure Cloud Storage,” IEEECS Log Number TC-2010-11-0627, 2013.
  13. C. Wang, Q. Wang, K. Ren, W. Lou, and J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing,” IEEE Trans. Parallel Distributed Systems, vol. 22, no. 5, pp. 847-859, May 2011.
  14. C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,” Proc. IEEE INFOCOM, pp. 525-533, 2010.
  15. C. Wang, K. Ren, W. Lou, and J. Li, “Toward Publicly Auditable Secure Cloud Data Storage Services,” IEEE Network, vol. 24, no. 4, pp. 19-24, July/Aug. 2010.
  16. K. Yang and X. Jia, “Data Storage Auditing Service in Cloud Computing: Challenges, Methods and Opportunities,” World Wide Web, vol. 15, no. 4, pp. 409-428, 2012.
  17. S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained access control in cloud computing,” in Proc. of IEEE INFOCOM’10, San Diego, CA, USA, March 2010.
  18. K. Yang and X. Jia, “Data Storage Auditing Service in Cloud Computing: Challenges, Methods and Opportunities,” World Wide Web, vol. 15, no. 4, pp. 409-428, 2012.
  19. Y. Zhu, H. Hu, G. Ahn, and M. Yu, “Cooperative Provable Data Possession for Integrity Verification in Multi-Cloud Storage,” IEEE Trans. Parallel and Distributed Systems, vol. 23, no. 12, pp. 2231-2244, Dec. 2012.
  20. Y. Zhu, H. Wang, Z. Hu, G.-J. Ahn, H. Hu, and S.S. Yau, “Dynamic Audit Services for Integrity Verification of Outsourced Storages in Clouds,” Proc. ACM Symp. Applied Computing, W.C. Chu, W.E. Wong, M.J. Palakal, and C.-C. Hung, eds., pp. 1550-1557, 2011.