International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882

Volume 5, Issue 3, March 2016

A Review on Auditing Protocol for Secure Data Storage in Cloud Computing

1

Anush Sharma 1, Er.Munish Katoch 2

Student M.Tech (CSE), Sri Sai University Palampur (H.P.)
2
Astt. Prof. (CSE), Sri Sai University Palampur (H.P.)

ABSTRACT
In cloud computing, data or information proprietors have
their data on cloud servers and users can get to the data
from cloud servers. Because of the information
outsourcing, in any case, this new worldview of
information facilitating benefit likewise presents new
security challenges, which requires a free inspecting
administration to check the information trustworthiness
in the cloud. Some current remote trustworthiness
checking strategies can serve for static document
information and, along these lines, can't be connected to
the reviewing administration since the information in the
cloud can be dynamically updated. Along these lines, an
efficient and secure dynamic auditing protocol is desired
to convince data owners that the data are correctly stored
in the cloud. It introduced an efficient and inherently
secure dynamic auditing protocol. It protects the data
privacy against the auditor by combining the
cryptography method with the bilinear property of
bilinear paring, rather than using the mask technique.
Furthermore,
auditing
scheme
incurs
less
communication cost and less computation cost of the
auditor by moving the computing loads of auditing from
the auditor to the server, which greatly improves the
auditing performance and can be applied to large-scale
cloud storage systems.
Keywords Cloud Computing, Privacy Preserving
Auditing, Storage Auditing.

I.

INTRODUCTION

Cloud computing is the advancing worldview with

changing definitions however for this examination
venture; it is characterized in the term of a virtual
foundation which can give shared data and
correspondence innovation administrations. Cloud
computing [1] gives a PC client access to Information
Technology (IT) administrations i.e., applications,
servers, information stockpiling, without requiring a
comprehension of the innovation or even responsibility
for foundation. To understand distributed computing, a
similarity to a power processing matrix is to be helpful.
A power organization keeps up and possesses the
framework, an appropriation organization spreads the
power, and the customer only uses the assets without the
proprietorship or operational obligations. Cloud

computing is a membership based administration where

you can get arranged storage room and PC assets. One
approach to consider distributed computing is to
consider involvement with email. Email customer, in the
event that it is Yahoo!, Gmail, Hotmail, etc, deals with
lodging the greater part of the equipment and
programming important to bolster your own email
account. When anybody need to get to email open web
program, go to the email customer, and log in. The most
imperative part of the mathematical statement is having
web access. Email is not housed on physical PC;
customers access it through a web association, and
customer can get to it anyplace. In the event that
anybody on an outing, at work, or down the road getting
espresso, they can check email the length of they have
admittance to the web. Their email is unique in relation
to programming introduced on their PC, for example, a
word preparing program. When they make a report
utilizing word preparing programming, that record keeps
focused gadget that used to make it unless they
physically move it. An email customer is like how cloud
or distributed computing functions. But as opposed to
getting to simply email, they can pick what data they
have entry to inside of the cloud. Additionally, a client's
distributed computing access empowers "shared assets,
programming, and data on-interest" on an expense foradministration premise. There are different cloud
models.
1.1Private Cloud
The cloud base is provisioned for select use by a solitary
association involving different customers (e.g., specialty
units). It might be possessed, overseen, and worked by
the association, an outsider, or some mix of them, and it
might exist on or off premises.
1.2Community Cloud
The cloud infrastructure is provisioned for exclusive use
by a particular group of buyers from associations that
have shared concerns (e.g., mission, security necessities,
strategy, and consistence contemplations). It might be
possessed, overseen, and worked by one or a greater
amount of the associations in the group, an outsider, or
some blend of them, and it might exist on or off
premises.

www.ijsret.org

136

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 5, Issue 3, March 2016

1.3Public Cloud
The cloud infrastructure is provisioned for open use by
the overall population. It might be possessed, overseen,
and worked by a business, scholarly, or government
association, or some mix of them. It exists on the
premises of the cloud supplier.
1.4Hybrid Model
The cloud infrastructure is a is a synthesis of two or
more particular cloud bases (private, group, or open) that
stay one of a kind substances, yet are bound together by
institutionalized or exclusive innovation that empowers
information and application compactness (e.g., cloud
bursting for load balancing between clouds) [3].

II.

AUDITING PROTOCOL

Cloud computing is the developing fields now a days.

The virtualized stage it gives assistance to diminish the
expense and in addition make the viable use of the
equipment and additionally programming.

demanding and reasonable route for clients to their

capacity rightness in cloud. It is likewise useful for the
cloud administration suppliers to enhance their cloud
based administration stage. In other way we can say
inspecting plan assume a huge part in foundation of
secure cloud stage in clients psyche and expansion the
cloud economy ,where clients gets to the danger and
apply their trust in the cloud to store information all the
more correctly. Three principle substances in cloud
environment include:
2.1Cloud Service Provider
It provides data storage service as well as cloud servers
with significant resources.
2.2Data Owner
Proprietors keep their own particular information to the
cloud server and access them when required. They
depend on the cloud for information calculation.
2.3Third party auditor
An optional TPA is trusted to evaluate and uncover
danger of distributed storage administrations in the
interest of the client's open solicitation. It has ability
capacities to persuade both CSP and also Data Owner.

III.

RELATED WORK

It described the system model and gives the definition of

storage auditing protocol. Then, we define the threat
model and security model for a storage auditing system.
3.1System Model
Fig.1: Basics of Cloud

Data storage is the primary most alluring part of the

distributed computing, yet it accompanies some security
challenges as well. The end clients store their
information on cloud server are dependably in stress that
either their information put away is secure or not? As the
information put away is sufficiently expansive so clients
can't check its trustworthiness intermittently. Now and
again cloud administration suppliers might be carry on
unhonest and erase clients information or they neglect to
roll out improvements on the information which
upgraded by the clients as often as possible. So to
conquer these difficulties the Trusted Third Party
Auditor assumes the indispensable part in the interest of
clients. As they guarantee to clients that the information
facilitated on the server is secure. They give the
unprejudiced result likewise the TPA is same like the
administration establishment so they are reliable and it
holds the abilities to persuade cloud administration
supplier too information owner.TPA gives more less

Fig.2: System Model of the Data Storage Auditing

It consider an auditing system for cloud storage as
shown in Figure 2, which involves data owners (owner),
the cloud server (server), and the third-party auditor
(auditor). The owners create the data and host their data
in the cloud. The cloud server stores the owners data
and provides the data access to users (data consumers).
The auditor is a trusted third-party that has expertise and
capabilities to provide data storage auditing service for

www.ijsret.org

137

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 5, Issue 3, March 2016

both the owners and servers. The auditor can be a trusted

association oversaw by the administration, which can
give fair auditing result to both information or data
proprietors and cloud servers.
Before describing the auditing protocol definition, firstly
define some notations as listed in Table 1.
Table 1
Notations

5) Verify (C, P,
,,
) = 0/1
The verification algorithm takes as inputs P from the
server, the secret hash key
, the public tag key
,
and the abstract information of the data
. It outputs
the auditing result as 0 or 1.
3.3Privacy Preserving Auditing Protocol
Figure 3 show framework of privacy preserving auditing
protocol. It consists of three phases: owner initialization,
confirmation auditing, and sampling auditing.

3.2Security Model
We accept the auditor is straightforward yet inquisitive.
It performs truly amid the entire inspecting technique,
yet it is inquisitive about the got information. Be that as
it may, the separate could be exploitative and might
dispatch the accompanying assaults:
1) KeyGen () =
This key era calculation takes no information other than
the understood security parameter . It outputs a secret
hash key
and a couple of secret-public tag key
(
).
2) TagGen (M,
)=T
The tag generation algorithm takes as inputs an
encrypted file M, the secret tag key
and the secret
hash key
. For each data block , it computes a data
tag based on
and
. It outputs a set of data tags

3) Chall (
)=C
The challenge algorithm takes as data the unique data of
information
(e.g., file identity, total number of
blocks, version number, time stamp, etc.). It outputs a
challenge C.
4) Prove (M, T, C) = P
The prove algorithm takes as inputs the file M, the tags
T, and the challenge from the auditor C. It outputs a
proof P.

Fig.3: Framework of Privacy Preserving Auditing

Protocol.
Amid the framework introduction, the proprietor
produces the keys and the labels for the information.
Subsequent to putting away the information on the
server, the proprietor requests that the reviewer direct the
affirmation evaluating to ensure that their information is
accurately put away on the server. Once affirmed, the
proprietor can erase the neighborhood duplicate of the
information. At that point, the inspector leads the
examining evaluating intermittently to check the
information honesty.
Phase 1: Owner Initialization
The owner runs the key generation algorithm KeyGen to
generate the secret hash key
and a pair of secretpublic tag key (
). Then, it runs the tag generation
algorithm TagGen to compute the data tags. After all the
data tags are generated, the owner sends each data
component
and its corresponding data
tags
to the server together with the set of
parameters
. The owner then sends the public tag
key
the secret hash key , and the abstract
information of the data
to the auditor, which

www.ijsret.org

138

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 5, Issue 3, March 2016

includes the data identifier, the total number of data

blocks n.
Phase 2: Confirmation Auditing
The auditing protocol only involves two-way
communication: Challenge and Proof. Amid the
affirmation reviewing stage, the proprietor requires the
inspector to check whether the proprietor's information
are accurately put away on the server.
Phase 3: Sampling Auditing
The auditor will carry out the sampling auditing
periodically by challenging a sample set of data blocks.
The frequency of taking inspecting operation relies on
upon the administration understanding between the
information proprietor and the reviewer (furthermore
relies on upon the amount of trust the information
proprietor has over the server). Like the affirmation
inspecting in Phase 2, the examining evaluating strategy
additionally contains two-route correspondence as
outlined in Figure 3.

IV.

CONCLUSION

A hypothetical overview on secure dynamic auditing

protocol is desired to convince data owners that the data
are correctly stored in the cloud. It introduced an
efficient and inherently secure auditing protocol It
secures the information protection against the reviewer
by consolidating the cryptography strategy with the
bilinearity property of bilinear paring, as opposed to
utilizing the cover procedure. Moreover, auditing
scheme incurs less communication cost and less
computation cost of the auditor by moving the
computing loads of auditing from the auditor to the
server, which greatly improves the auditing performance
and can be applied to large-scale cloud storage systems.

REFERENCES
[1] Kan Yang and Xiaohua Jia, An Efficient and Secure
Dynamic Auditing Protocol for Data Storage in Cloud
Computing, IEEE Transactions on Parallel and
Distributed Systems, Volume.24, September 2013.

[4] Dr. R Manickachezian and S Hemalatha, Dynamic

Auditing Protocol using Improved RSA and CBDH for
Cloud Data Storage, International Journal of Advanced
Research in Computer Science and Software
Engineering, Volume.4, January 2014 ISSN: 2277 128X.
[5] Prof. Umesh B Chavan and Lokesh P Chaudhari,
Survey Paper on Efficient and Secure Dynamic
Auditing Protocol for Data Storage in Cloud,
International Journal of Computer Science and Mobile
Computing, Volume.3, January2014.
[6] T Prasanthi, C Balasubramanian, S Kimsukha Selvi
and K Kala, An Efficient Auditing Protocol for Secure
Data Storage in Cloud Computing Proceedings of the
World Congress on Engineering 2014 Volume.1.
[7] Rakhi Bhardwaj and Vikas Maral, Dynamic Data
Storage Auditing Services in Cloud Computing,
International Journal of Engineering and Advanced
Technology (IJEAT) ISSN: 2249 8958, Volume.2,
April 2013.
[8] Gaurav Raj and Munish Katoch Security
Implementation through PCRE Signature over Cloud
Network, Advanced Computing: An International
Journal (ACIJ) Volume.3, June2012.
[9] J Noorul Ameen, J Jamal Mohammed and Nilofer
Begam, Dynamic Auditing Protocol for Efficient and
Secure Data Storage in Cloud Computing,
COMPUSOFT, An international journal of advanced
computer technology, 3 (6), June2014,Volume.3.
[10] Md. Tajuddin and K China Busi, An Enhanced
Dynamic Auditing Protocol in Cloud Computing,
International Journal of Engineering Trends and
Technology (IJETT) ,Volume.4,July 2013.
[11] R K Ramesh and R Jegadeesan,
Third Party
Auditing For Data Integrity in Cloud, Asia Pacific
Journal of Research Volume.1, January2014 ISSN:
2320-5504, E-ISSN-2347-4793.

[2] Priyanga R, Maheswari B and Karthik S, Efficient

and Secure Dynamic Auditing Protocol for Integrity
Verification In Cloud Storage, Proceedings of
International Conference On Global Innovations In
Computing Technology, Volume.2, March 2014.
[3] Syam Kumar P, Subramanian R, An Efficient and
Secure Protocol for Ensuring Data Storage Security in
Cloud Computing, IJCSI International Journal of
Computer Science Issues, Volume.8, November 2011.

www.ijsret.org

139