Automatic Protocol Blocker for Privacy-Preserving Public Auditing in Cloud Computing

Abstract: Cloud Computing is the long dreamed vision of computing as a utility, where users can remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the possibly large size of outsourced data ma es the data integrity protection in Cloud Computing a very challenging and potentially formidable tas , especially for users with constrained computing resources and capabilities. !hus, enabling public auditability for cloud data storage security is of critical importance so that users can resort to an e"ternal audit party to chec the integrity of outsourced data when needed. !o securely introduce an effective !hird #arty $uditor %!#$&, the following two fundamental requirements have to be met' (& !#$ should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user) *& !he !hird #arty $uditing process should bring in no new vulnerabilities towards user data privacy. +n this paper we are e"tending the previous system by using automatic bloc er for privacy preserving public auditing for data storage security in cloud computing. we utilize the public ey based homomorphic authenticator and uniquely integrate it with random mas technique and automatic bloc er. to achieve a privacy-preserving public auditing system for cloud data storage security while eeping all above requirements in mind. ,"tensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.

Architecture:

Algorithms: 1. KeyGen Algorithm -ey.en is a ey generation algorithm that is run by the user to setup the scheme. 2. SigGen Algorithm /ig.en is used by the user to generate verification metadata, which may consist of 0$C, signatures, or other related information that will be used for auditing. 3. GenProof Algorithm .en#roof is run by the cloud server to generate a proof of data storage correctness. 4. VerifyProof Algorithm 1erify#roof is run by the !#$ to audit the proof from the cloud server 5. Protocol Verifier Algorithm #rotocol verifier is used by the cloud server.

!isting System: 2irst of all, although the infrastructures under the cloud are much more powerful and reliable than personal computing devices, they are still facing the broad range of both internal and e"ternal threats for data integrity. ,"amples of outages and security breaches of noteworthy cloud services appear from time to time. /econdly, for the benefits of their own, there do e"ist various motivations for cloud service providers to behave unfaithfully towards the cloud users regarding the status of their outsourced data. ,"amples include cloud service providers, for monetary reasons, reclaiming storage by discarding data that has not been or is rarely accessed or even hiding data loss incidents so as to maintain a reputation.
"isA#$antages:

(. 3ata 4oss. *. +t does not offer any guarantee on data integrity and availability. 5. 3o not support the privacy protection of users6 data against e"ternal auditors 7. 8o /ecurity. 9. 8o Correctness and 1erification proof.

Pro%ose# System: :ur public auditing system and discuss two straightforward schemes and their demerits. !hen we present our main result for privacy-preserving public auditing to achieve the aforementioned design goals. ;e also show how to e"tent our main scheme to support batch auditing for !#$ upon delegations from multi-users. 2inally we adopt the automatic bloc er at the cloud server, whenever a unauthorized user access the users data from cloud storage, the system runs an tiny application to monitor the user inputs, it matches to give access otherwise does not give user access by bloc ing the protocols.

A#$antages:

(. <elief of the burden for storage management. *. Bloc unauthorized user access. 5. protecting data privacy 7. storage security of their data

&o#ules: !he system is proposed to have the following modules along with functional requirements. 1.'hreat &o#el ;e consider a cloud data storage service involving three different entities, as illustrated in fig. (' the cloud user %=&, who has large amount of data files to be stored in the cloud) the Cloud /erver %C/&, which is managed by Cloud /ervice #rovider %C/#& to provide data storage service and has significant storage space and computation resources %we will not differentiate C/ and C/# hereafter.&) the !hird #arty $uditor %!#$&, who has e"pertise and capabilities that cloud users do not have and is trusted to assess the cloud storage service security on behalf of the user upon request. 2. Public Au#itability !o allow !#$ to verify the correctness of the cloud data on demand without retrieving a copy of the whole data or introducing additional on-line burden to the cloud users. 3. Storage (orrectness !o ensure that there e"ists no cheating cloud server that can pass the audit from !#$ without indeed storing users6 data intact.

4. Pri$acy)Preser$ing !o ensure that there e"ists no way for !#$ to derive users6 data content from the information collected during the auditing process) 5. *atch Au#iting !o enable !#$ with secure and efficient auditing capability to cope with multiple auditing delegations from possibly large number of different users simul-taneously. +. Setu% !he user initializes the public and secret parameters of the system by e"ecuting -ey.en, and pre-processes the data file 2 by using /ig.en to generate the verification metadata. !he user then stores the data file 2 at the cloud server, delete its local copy, and publish the verification metadata to !#$ for later audit. $s part of pre-processing, the user may alter the data file 2 by e"panding it or including additional metadata to be stored at server. ,. Au#it !he !#$ issues an audit message or challenge to the cloud server to ma e sure that the cloud server has retained the data file 2 properly at the time of the audit. !he cloud server will derive a response message from a function of the stored data file 2 by e"ecuting .en#roof. =sing the verification metadata, the !#$ verifies the response via 1erify#roof. -. P*loc.er :nce the user initializes the parameters the system chec s the all the specified parameters and validates the protocol for proper users, it bloc s the unauthorized users -if the user newly access the cloud servers, the system prompts for security parameters, previously assigned by the system during the user creation.

Soft/are 0e1uirements: !echnologies 3atabase +3, 2ar#/are 0e1uirements: #rocessor <$0 ' #entium +1 ' (.B ' $sp .8et and C>.8et ' 0/-/?4 /erver *@@9A*@@B ' 1isual /tudio *@@B