Automatic Protocol Blocker for Privacy-Preserving Public

Auditing in Cloud Computing

Abstract:

        

Cloud Computing is the long dreamed vision of computing as a utility, where users can  remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in Cloud Computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. Thus, enabling public auditability for cloud data storage security is of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective Third Party Auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The Third Party Auditing process should bring in no new vulnerabilities towards user data privacy. In this paper we are extending the previous system by using automatic blocker for privacy preserving public auditing for data storage security in cloud computing. we utilize the public key based homomorphic authenticator and uniquely integrate it with random mask technique and automatic blocker. to achieve a privacy-preserving public auditing system for cloud data storage security while keeping all above requirements in mind. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.

Architecture:

Algorithms:

1. KeyGen Algorithm

                                KeyGen is a key generation algorithm that is run by the user to setup the scheme.

2. SigGen Algorithm

SigGen is used by the user to generate verification metadata, which may consist of MAC, signatures, or other related information that will be used for auditing.

3. GenProof Algorithm

 GenProof is run by the cloud server to generate a proof of data storage correctness.

4. VerifyProof Algorithm

 VerifyProof is run by the TPA to audit the proof from the cloud server

5. Protocol Verifier Algorithm

Protocol verifier is used by the cloud server.

Existing System:

         First of all, although the infrastructures under the cloud are much more powerful and reliable than personal computing devices, they are still facing the broad range of both internal and external threats for data integrity. Examples of outages and security breaches of noteworthy cloud services appear from time to time. Secondly, for the benefits of their own, there do exist various motivations for cloud service providers to behave unfaithfully towards the cloud users regarding the status of their outsourced data. Examples include cloud service providers, for monetary reasons, reclaiming storage by discarding data that has not been or is rarely accessed or even hiding data loss incidents so as to maintain a reputation.

DisAdvantages:

1.                Data Loss.

2.                It does not offer any guarantee on data integrity and availability.

3.                Do not support the privacy protection of users’ data against external auditors

4.                No Security.

5.                No Correctness and Verification proof.

Proposed System:

Our public auditing system and discuss two straightforward schemes and their demerits. Then we present our main result for privacy-preserving public auditing to achieve the aforementioned design goals. We also show how to extent our main scheme to support batch auditing for TPA upon delegations from multi-users. Finally we adopt the automatic blocker at the cloud server, whenever a unauthorized user access the users data from cloud storage, the system runs an tiny application to monitor the user inputs, it matches to give access otherwise does not give user access by blocking the protocols.

Advantages:

1.                Relief of the burden for storage management.

2.                Block unauthorized user access.

3.                protecting data privacy

4.                storage security of their data

Modules:

The system is proposed to have the following modules along with functional requirements.

1.Threat Model

We consider a cloud data storage service involving three different entities, as illustrated in fig. 1: the cloud user (U), who has large amount of data files to be stored in the cloud; the Cloud Server (CS), which is managed by Cloud Service Provider (CSP) to provide data storage service and has significant storage space and computation resources (we will not differentiate CS and CSP hereafter.); the Third Party Auditor (TPA), who has expertise and capabilities that cloud users do not have and is trusted to assess the cloud storage service security on behalf of the user upon request.

2. Public Auditability

To allow TPA to verify the correctness of the cloud data on demand without retrieving a copy of the whole data or introducing additional on-line burden to the cloud users.

3. Storage Correctness

To ensure that there exists no cheating cloud server that can pass the audit from TPA without indeed storing users’ data intact.

4. Privacy-Preserving

To ensure that there exists no way for TPA to derive users’ data content from the information collected during the auditing process;

5. Batch Auditing

To enable TPA with secure and efficient auditing capability to cope with multiple auditing delegations from possibly large number of different users simul-taneously.

6. Setup

The user initializes the public and secret parameters of the system by executing KeyGen, and pre-processes the data file F by using SigGen to generate the verification metadata. The user then stores the data file F at the cloud server, delete its local copy, and publish the verification metadata to TPA for later audit. As part of pre-processing, the user may alter the data file F by expanding it or including additional metadata to be stored at server.

7. Audit

The TPA issues an audit message or challenge to the cloud server to make sure that the cloud server has retained the data file F properly at the time of the audit. The cloud server will derive a response message from a function of the stored data file F by executing GenProof. Using the verification metadata, the TPA verifies the response via VerifyProof.

8. PBlocker

Once the user initializes the parameters the system checks the all the specified parameters and validates the protocol for proper users, it blocks the unauthorized users -if the user newly access the cloud servers, the system prompts for security parameters, previously assigned by the system during the user creation.

Software Requirements:

               Technologies             : Asp .Net and C#.Net

                                Database                   : MS-SQL Server 2005/2008

                                IDE                          : Visual Studio 2008

 Hardware Requirements:

                                Processor                  : Pentium IV

                                RAM                                        : 1GB