International Journal of Engineering Research & Technology (ERT) ISSN: 2278-0181 Vo. 2 Issue 10, October = 2013, Survey on Secure and Data Dynamics Storage in Cloud Computing DERTV2IS 101018, Manasi Dos! PG student of Department of Computer Engineering,SCOE, Pune,India Abstract Cloud computing is the use of computing of sources that are delivered as a service over a network. Cloud enables tusers to store their data, but data is stored at remote location. A major characteristic of the cloud services is that user's data are usually. processed remotely in unknown machines that users do not eperate, So, basic need is t0 provide security to cloud server. One of the ‘most challenging problem in Cloud computing is about the security of the outsourced data which is mainly handled by untrusted parties. Another reason for doing independent literature survey of this is simultaneoity comparison of different papers and to identify the future research areas and methods for improving the existing dravbeacks 1. Introduction In cloud computing we can share our data and pplication at common place. This uses internet and share resources to provide services. Security is important issue because cloud having many benefits so, it have many users and data is remotely located. Various attacks can hamper to original data and may misuse confidential data This paper focuses towards security to cloud, This contains multiple ways of providing security to cloud data 2. Related Work In this section we first review related works addressing security in cloud. Security issue is very important in cloud there are many techniques available so here is review of all these. ‘Swapnaja Hiray Associate Professor of Department of Computer Engineering, SCOE, Pune, India Data security is the major challenge in the cloud computing as user's data reside in the servers which are remotely situated and far away from the end-users. These data may include confidential data (financial data, health records), personal information which may be disclosed to Sompetitors or publicly. So security emerges as the highest priority issue (2]- In [3] Third party auditor for Verification, they describes three network entities ive. client which is user, cloud storage server which is handled by cloud service provider and Third party auditor which is verifier. TPA having public key, itis act with only trusted server, they are not focuses on data privacy. In [4] it defines 2 basic schemes. Scheme 1: User computes the MAC of every file block, Transfers the file blocks & id shares the key with TPA. During the Audit phase, the TPA requests from the cloud server a randomly selected blocks and their corresponding MACS to verify the correctness of the data file, Drawback of this scheme is TPA can see cloud data Scheme 2: In Setup phase, User uses s keys and computes the MAC for blocks and user shares the keys and MACs with TPA. During Audit, TPA gives a key (one of the s keys) to CSP and requests MACS for the blocks. TPA ‘compares with the MACs at the TPA. Improvement from Scheme 1: TPA doesn’t see the data, preserves privacy. Drawback: a key can be used once, Schemes 1 & 2 are good for static data (data doesn’t change at the cloud). In paper [5] they discuss main challenges for achieving ‘cloud computing services, this problem focuses on accountability in cloud computing. Accountability means verification of access control policies. In their subsequent work [6]. propose a dynamic version of the prior PDP scheme. the system does not support fully dynamic data ‘codes to clot number of wowijerongInternational Journal of Engineering Research & Technology (ERT) ISSN: 2278-0181 Vo. 2 Issue 10, October = 2013, DERTV2IS 101018, ‘operations, ie, it only allows very basic block operations with limited functionality, and block insertions cannot be supported, to cloud 3. Reqiurements of security 3.1 Principles of information security 1. Confidentiality It refers to prevention of intentional and unintentional unauthorized access 10 information. Confidentiality in cloud systems. related to areas of traffic analysis ‘encryption and inference. “To ensure confidentiality use ~ Network security protocol = Network authentication services = Data encryption services 2. Integrity It refers. to consistency of actions, values, methods, ‘measures, principles, expectations and outcomes, Cloud information integrity requires following 2 principles to ‘meet modifications are not made to data by unauthorized person and unauthorized modifications are not made to data by authorized person. To ensure integrity use: 3. Auditing ‘To maintain operational assurance, organizations use 2 basic methods: system audits and’ monitoring. These ‘methods can be employed by the cloud customer, cloud provider or both. A system audit is a one time or periodic fevent to evaluate security. Monitoring refers to an ongoing activity that examines either the system or users such as intrusion detection. 4. Accountability to determine the action and behaviours of a ‘dual within the cloud system and to identify that particular individual. Audit tails and logs support accountability, 3.3 Cloud entities ‘There are some entities that are commonly used in cloud client, Third Party Auditor (TPA), Cloud Service Provider (CSP), Cloud Server (CS). 1. Client Client is that entity who is using of cloud services and who has (© store data on cloud, Multiple clients can use cloud storage services. + Firewall services 2. = Communication security management an optional entity. It has expertise and Intrusion detection services 1 expose dummy client. Eg. authentication of client. 3. Availability 1 ensures the reliable and timely access to cloud dita Boe ee or cloud computing resources by appropriate person. It isan entity which provides clou guarantees thatthe systems are functioning properly when services. Eg cient want to upload file then CSP needed and guarantees that security services of cloud sive call 1 CS. system are in working order. 4. 8 ‘To ensure availability use: Fault tolerance for data availability, such as backups and redundant disk system Acceptable logins and performance ‘operating process 3.2 Cloud Security Services R tors that affect cloud software assurance inelude: L. Authentication It is a one way to confirm the identity of person of program. Authentication often involves. verifying the validity of at least one form of identification 2. Authorization Ic refers to specifying access rights to individual that ‘enable access to computer resources and information, CS is an entity which allow client to perform ‘operation on data stored on it 4, Storage techniques in cloud computing 4.1 Secure and Dependable Storage Services in Cloud It is based on distributed storage on particular no, of machines. It uses homomorphie token for checking integrity of data, This helps user low cost communication and computational cost, The auditing result ensures strong cloud storage correctness as well as_ simultaneously achieves fast data error localization, i, the identification of misbehaving server. It allows client to perform secure wowijerong4 Technology (UERT) ISSN: 2278-0181 Vo. 2 Issue 10, October = 2013, Imernational Journal of Engineering Rese DERTV2IS101018 and efficient dynamic operations on outsourced data including block modification, deletion, and append. Figure 1. Secure and Dependable Storage ‘Architecture 4.2 Privacy Preserving Public Auditing for Secure Cloud Storage It consists of four algorithms (KeyGen, SigGen, GenProof, VerifyProo!) Our public auditing system can be constructed from the above auditing scheme in two phases, Setup and Audit: 1. Setup: The user generates the public and secret parameters of the system by executing KeyGen, fand_pre-processes the data file F by. usis SigGen to generate the verification metadata, ‘The user then stores the data file F at the cloud server, delete its local copy, and publish the verification metadata to TPA for later audit. As part of pre-processing, the user may alter the data file F by expanding it or including additional ‘metadata to be stored at server. 2. Audit ‘The TPA issues an audit message or challenge to the cloud server to make sure that the cloud server has retained the data file F properly at the time of the audit. The cloud server will derive a response message from a function of the stored data file F by executing GenProof. Using the verification metadata, the TPA verifies the response via VerifyProof, Basie Scheme I User computes the MAC of every file block. ‘Transfers the file blocks & codes to cloud, shares the key with TPA. During the Audit phase, the TPA requests from the cloud server a number of randomly selected blocks and their corresponding © KeyGen MACS (o verify the correctness of the data file I is nun by the user to generate public and privatt Stace TER ec parameters © SigGen: Basic Scheme IL It used by the user to generate verification metadata, Which may consist of MAC, signatures or other information used for auditing © GenProof I is run by the cloud server to generate a proof of data storage correctness * VerifyProof It is run by the TPA to audit the proof from the cloud wowijerong In Setup phase. User uses s keys and computes the MAC for blocks and user shares the keys and MACS with TPA, During Audit, TPA gives a key (one of the s keys) to CSP and requests MACs for the blocks. TPA compares with the MACs at the ‘TPA. Improvement from Scheme 1: TPA doesn’t see the data, preserves privacy. Drawback: a key can be used onc are good for static data (data doe cloud) chemes | & 2 "change at theInternational Journal of Engineering Research & Technology (ERT) ISSN: 2278-0181 Vo. 2 Issue 10, October = 2013, Table 1. Comparative analysis of existing storage techniques = ona “Storage Scheme | Proposed | Advantag ] Restrictions Approach s Dita Pariioned —| Tn ease wer partitioning | data pieces | forgot where data{10} scheme for | cannot bring | the data stored, online data | outany user | it will become storage information | dificult for ©) ar Wentty-Based | New Weightles | Only ceniticate ‘Authentication 11} | authentication | and more | communication Figure 2. Public Auditing Storage Architecture protocol based | expeditious | is taken into ‘on identity scout which is based 4.3 Public Auditability and Data Dynamics for a Storage Security in Cloud ee Efficient Thint | Novel and | Auditor | Unabie to Public auditing system with protocol that supports | Pary-Auiting | uniform performs | support both complete dynamic data operations is presented (7). To | (TPA)LI2) security inwlting jobs | public accomplish dynamic data support, the existent proofread siructure. | fordifferent_| Verification and of PDP or PoR scheme is improved by spoofing the basic Storage users atthe | dynamic data jarkle Hash Tree for block tag authentication security is | same comectness Mare Has Tres (MIT) for lok tg. tenet so roposed system extended in the direction of allowing aie ‘TPA to perform many aualiting jobs by examining.the Tes bilinear aggregate signature technique. It perforni¥ algorithm blockless verfieation. Fifecive and Ellicient and | Block | Blipiie Curve Secure Storage | secure storage | level data | Cryptography Protocol 3] protocol is | dynamic | scheme is only implemented | operations — | suitable for by utilizing | are alsoused | devices with Elliptic curve | to maintain | restricted low exyplography | thesame | power and Sobol | security Sequence | assurance 5. Conclusion (Cloud Computing is an emerging computing paradigm, allows users to share resources and information from a pool of distributed computing as a service over Internet, Even though Cloud provides benefits to users, security and privacy of stored data in cloud are still major issues in cloud storage.tn this paper, the different mechanisms presented by different authors are analyzed. Finally, presented a comparative analysis on storage techniques, DERTV2IS101018 wowijerong 2404International Journal of Engineering Research & Technology (ERT) ISSN: 2278-0181 Vo. 2 Issue 10, October = 2013, DERTV2IS101018 that includes the proposed approach, advantages and li lations of those storage techniques. References LC. Wang. Q. Wang. K. Ren, N. Cao, WLou “Toward Secure and Dependable Storage Services in Cloud Computing” IEEE transactions on services computing, VOL. 5, NO. 2, APRIL- JUNE 2012 [21 C. Deyan and 2. Hong, "Data Security and Privacy Protection Issues in Cloud Computing,” in Intemational ‘Conference on Computer Scienee and Electronics Engineering LICCSEE), 2012 pp. 647-651 [31 Q, Wang, C, Wang, J. Li, K. Rea, and W. Lou,"Enabling Public Verifibilty and Data Dynamies for Storage Sceurity in ‘Cloud Computing,” Proc. 4th European Conf. Research in Computer Sacurity (ESORICS "09), pp. 355-370, 2009, [4] C. Wang, $.8.M. Chow, Q. Wang, K. Ren, and W Lou, “Privacy- Preserving Public Auditing for Secure Cloud Storage,” TEE Trans. Computers, preprint, 2012, ddo:10.11097TC.201 1.255, {5} Ryan K L Ko, Peter Jagadpramana, Miranda Mowbray, Siani Pearson, Markus Kirchberg, Qianhui Liang and Bu. Sung Lee, TrusiCloud: A Framework Tor Accountability and Trust in ‘Cloud Computing,” 2nd. TEEE Cloud Forum for Practitioners (IEEE ICFP 2011), Washington DC, USA.pp 1. [6]G, Ateniese, RD. Peto, LV, Mancini and G, Tsudik, “Scalable and Fificient Provable Data Possession,” Proc. Fouith Int I Conf. Security and Privacy in Comm. Networks (SeeureComm “08), pp. 1-10, 2008 [7] C. Wang, 8..M. Chow. Q. Wang, K. Ren, and W. Lou. ‘acy. Preserving Public’ Auditing for Secure Cloud Storage,” IEEE Trans. Computers, preprint, 2012, sdoi:10.110971C.201 1.255, [8] Q. Wang. C. Wang, K. Ren, W. Lov, snd J. Li, “Enabling Public Auditablity and Data Dynamics for Storage Security in Cloud Computing.” TEEE Trans. Parallel and Distibuted Systems, vol22,n0. 5, pp.847-859, 2011 [9] Q. Wang, C. Wang, J. Li, K. Rea, and W. Lou,“Enabling Public Verfiabilty and Data Dynamics for Storage Security in Cloud Computing,” Proc. 14th European Conf. Research in ‘Computer Security (ESORICS 09), pp. 385-870, 2009, [10] Parakh A, and Kak $ (2009). Online data storage using implicit security, lnformation Seiences, vol 179(19), 3323-3331 [11] Li, Dai ¥ etal. 2009), Identity-Based Authentication for ‘Cloud Computing, M. G. Jaatun, G. Zo, and C. Rong (Eis. ‘Cloud Computing. Lecture Notes in Computer Science, vol 5931, 157-166 [2] Wang Q. Wang C ct al. (2011). Enabling Public ‘Auditability and Data Dynamies for Storage Security in Cloud ‘Computing, IEEE ‘Transactions on Parallel and Distributed Systems, Vol 22(5), 847-859. [13] Balakrishnan 8, Saranya G, et al. 2011), Introducing Effective Third Party Auditing (TPA) for Data Storage Security in Cloud, International Jounal of Computer Science and Techoology, vol 22), 397-400, [14] Amazon Cloud, btp/faws amazon.com wowijerong