Data storage & Third Party Auditing Services in
Cloud Computing: A Review
Dandawate Vrushali Vilas Pathan Noumankhan Sayeedkhan
Information Technology Department Information Technology Department
SGGS IE&T SGGS IE&T
Vishnupuri, Nanded Vishnupuri, Nanded
dandawatevrushali@yahoo.in noumanps@gmail.com
Abstract-- Cloud computing technology today seen as the next-
generation architecture of IT solution. Cloud computing is the
way of providing computing resources in the form of service
rather than a product. It also enables its user to store and access
their data anywhere and anytime, and these services are
provided to the users over internet. To do so Users move their
data and application software to the internet network. Due to this
it brings many new different security challenges. Ensuring data
storage security and maintaining the integrity stored data are the
more crucial of them. A Third party auditor between data owner
and cloud service provider is something which ensures the
integrity of the user data stored on the network, and reduces the
burden of data owner to audit the data in the cloud and it also
make the data owner free from worrying about the data lose in
cloud storage.
Index Terms—Cloud Computing, Third party auditor , cloud
service provider
I. INTRODUCTION
Cloud computing is a specific style of computing in which
everything from computing power to infrastructure are
provided as a service. Also cloud computing name comes from
the use of cloud-shaped symbol as an abstraction for the
complex infrastructure it contains in system diagrams. In cloud,
shared resources, software and information is provided as a
metered service. Cloud computing has been envisaged as the
most promising technology of IT enterprise. It manages and
schedules the computing resources through network, and
composes a large computing resources pool which can provide
service to users on their demand. Users can update
application/OS/middleware security patches faster because of
higher availability of staff and resources. The most
representative commercial cloud platforms are Amazon Elastic
Compute Cloud (EC2) and Amazon Simple Storage System
[1], Google App Engine [2], and Microsoft Azure [3]. The
increasing network bandwidth and reliable yet flexible network
connections make it even possible that users can now subscribe
high quality services from data and software that reside solely
on remote data centers. In cloud everything from storage to
computation is provided as a service. Depending on the nature
of service, it is divided into following services:
o Infrastructure as a Service (IaaS): IaaS provides an
access to the hardware resources such as storage or
computing hardware services.
DR. R. C. Thool
Information Technology Department
SGGS IE&T
Vishnupuri, Nanded
rcthool@yahoo.in
o Software as a Service (SaaS): Saas provides a
software services to the end user. Web –based email
and Google documents are best example of this
service. End user gets access to this software service
but he/she cannot modify this software utility
.Software is configured on cloud utility not installed
on end user computer.
o Platform as a Service (PaaS): PaaS provides a
platform or an environment on which end user can
develop his own application. User is transparent about
the location of the platform whether it is hosted on
cloud or (not).Google App engine is an example of
PaaS.
End users access cloud based applications through a web
browser or a light weight desktop or a mobile app while the
business software and data are stored on servers at a remote
location. Cloud application provider attempts to give the same
or better service and performance than if the software programs
were installed. Cloud computing entrusts services with user’s
data, software and computation on a published application
programming interface over a network. The data is often of
great value and its irrecoverable loss or damage could be a total
disaster for its owner.
The main goal of cloud computing concept is to secure,
defend the data and also the processes which come under the
property of users [4]. Cloud storage is built on the network
computing environment. There are many benefits to move data
into the cloud. For example, users do not have to care about the
complexities of direct hardware management. But since users
stored their data in the cloud, it means that they will lose the
control of them and more and more worries will come out
about the data security. Such fear is becoming a barrier to
cloud services provider. There are following two issues [5]:
o Data handling can be done by the cloud service
provider (CSP) to other cloud users (i.e. entities) and
these cloud users may hand over to the other users so
on.
o Cloud made the users whenever they can join and
leave the cloud in the flexible manner.
These problems make the data handling as a lot of complex
and tedious task within the cloud.
The importance of ensuring the data security in cloud
computing has been highlighted by researchers and enterprises.
Security is consequently a major element in any cloud
computing infrastructure, because it is important to ensure that
only authorized access is permitted and secure behavior is
accepted. All members in the cloud computing environment
should be trusted by each other, and importantly the members
that have communication in between should be trusted by each
other. Trust is the major concern of the consumer and provider
of services that participate in a cloud computing environment.
Representative solution for ensuring data safety is utilizing a
trustful third party auditor to assess and expose risk of cloud
storage services on behalf of the users upon request. Third
party auditor(TPA) between data owner and cloud service
provider(CSP) is proposed which reduce the burden of data
owner to audit the data in the cloud and it also make the data
owner free from worrying about the data lose in cloud storage .
The rest of this paper is organized as follows: Section 2
discusses storage as a service in cloud computing. Section 3
provides the different challenges in maintaining data integrity
in cloud. Section 4 analyzes third party auditing services in
cloud. Section 5 gives the final conclusion of this paper.
II. STORAGE AS A SERVICE
Basically a cloud storage system can be considered as a
distributed data centers which typically use cloud computing
technologies and offers some kind of interface for storing and
accessing data. To increase the availability, the data may be
stored at different locations. User-friendly, easily accessible
and money-saving ways of storing and automatically backing
up arbitrary data are available on-demand on the Internet. A
customer simply accesses cloud storage provider’s website and
rents storage space as necessary by selecting one of the
provider's packages.
Many cloud storage providers are active on the market who
offers various kinds of services to their customers. Basic cloud
storage services are generally not designed to be accessed
directly by users but rather incorporated into custom software
using application programming interfaces (API)". Amazon
S34, Rackspace5 and Nirvanix6 are some examples of such
basic cloud storage services. These services should have the
typical features of cloud storage services such as copy, backup,
synchronization and sharing. A particular service should offer a
minimum of one in all these features, and may supply multiple
features at the same time.
The data is often of great value and its irrecoverable loss or
damage could be a total disaster for its owner. This requires
secure methods of preserving important data in order to prevent
irrecoverable data loss, whilst constantly keeping up with
increasing demands for storage space [6].It is necessary to
often create additional copies of the information, so as to be
ready to restore it to an earlier version required. These copies
further increase the demand for storage space.
Private and business users demand an easy way to
synchronize and access their data independent of both device
and location. Additional requirements arise from the variety of
devices used to access the data simultaneously. The software
providing these features must also be tailored to the needs of
the individual with no technical background.
III. CHALLENGES IN MAINTAINING DATA INTEGRITY IN CLOUD
Data integrity means ensuring that data is identically
maintained during any operation (such as transfer, storage or
retrieval). We can simply say that data integrity is assurance
that the data is consistent and correct. Ensuring the integrity of
the data actually means that it changes only in response to
authorized transactions.
Cloud storage is built on the network computing
environment. There are many benefits to move data into the
cloud. For example, users do not have to care about the
complexities of direct hardware management. But since users
stored their data in the cloud, it means that they will lose the
control of them and more and more worries will come out
about the data security.
The main challenge of cloud storage is guaranteeing
control, and the necessary integrity and confidentiality of all
stored data. Also cloud faces challenges such as Security and
privacy, lack of standards, continuously evolving, compliance
concerns, data recovery and availability, management
capabilities etc. As users don’t possess the storage of data
physically, we cannot follow the traditional cryptographic
primitives for data security protection [4]. Again, in case of
maintaining the integrity of the data, we cannot trust the
service provider to handle the data, as cloud provider himself
can modify the original data and the integrity of the data may
be lost. If a smart hacker hacks the cloud server and steals the
data and modifies it then in some cases this modification is not
even identified by the cloud provider. So, in such case, we need
to take the help of a trusted third party auditor which checks for
the integrity of our data. In the corporate world there are a
huge number of clients which are accessing the data and
modifying it. In the cloud, application and services move to
centralized huge data center and services and management of
this data may not be trustworthy [7].
Cloud data security is a major concern for the client while
using the services provided by the cloud service provider.
There may be some security issues and conflicts between the
client and the service provider. To resolve those issues, we can
use a third party as an auditor.
IV. THIRD PARTY AUDITING SERVICES
In conventional practice, the third party auditor is operated
by an institute which is not related to the cloud service
provider. Third party auditor can be a trusted third party to
resolve the conflicts between the cloud service provider and the
client. Over the years various schemes are proposed by authors
to provide a trusted environment for cloud services. Various
Encryption and Decryption algorithms are being used to
provide the security to user while using third party auditor [7].
For well organization it is very essential that cloud that
allows investigation from a single party, audit the outsource
data to ensure the data security and save the user’s computation
and data storage. It is very essential to provide public auditing
service for cloud data storage, in order that the user trusts an
independent third party auditor (TPA). TPA checks the
integrity of data on the cloud on the behalf of the users, and it
provides the reasonable way for the users to ascertain the
validity of data in the cloud. In all, enabling public auditing
services plays a very important role in establishing cloud
economy, it provides users a way to assess the risk and gain
faith in the cloud [4]. Public auditing along with the user
provides the external party to verify the correctness of stored
data against the external attacks.
Users would try to access data either within or outside the
scope of their access privilege. The cloud service provider is
more interested in user access privilege, public/private key and
other information stored in the third party auditor than any
other secret information [8].
The representative (traditional) architecture for cloud data
storage is shown in Figure 1.
Figure 1 Representative traditional architecture
Traditional architecture consists of three different network
entities which are users, cloud service provider and third party
auditor [9].
(1) Users are active participants. They have data to be
stored in the cloud and rely on the cloud for data maintenance
and computation. Both individual consumers and organizations
can be the users.
(2)Cloud service provider has significant storage space and
computation resource to maintain the users’ data. It also has
expertise in building and managing distributed cloud storage
servers and the ability to own and operate live cloud computing
systems.
(3)Third party auditor has expertise and capabilities that
users do not have and it is trusted to assess and expose risk of
cloud storage services on behalf of the users upon request.
Users who put their large data files in the cloud storage
servers can relieve the burden of storage and computation. At
the same time, it is critically important for users to ensure that
their data are being stored correctly and securely. This third
party auditor takes care of data and makes sure that data
integrity is maintained. The procedure of integrity checking is
viewed as a key’s proficiency within software, platform, and
infrastructure security focus area of new cloud architecture.
Cloud service provider is always online so as the third party
auditor. It makes every data access be in control.
In cloud environment the computing resources are under
control of service provider and the third-party-auditor ensures
the data integrity over out sourced data
Being outside the cloud service provider this third party
auditor may produce wasting of resource and slowness of
response under the circumstances. In the meantime, the
possibility of the stoppage of the third party auditor may lead a
potential instability to the system. It obviously obstructs the
development and application of the cloud storage.
Third-party-auditor not only read but also may be change
the data. Therefore a certain mechanism should be provided to
solve the problem.
An effective and novel scheme about the third party auditor
for cloud data storage has been proposed that would ensure the
security of the data stored in cloud. An efficient mechanism for
moving the third party auditor functions into the cloud service
provider and achieve the following goals is designed:
(1) Access control safety: to ensure both users and cloud
service provider must communicate with each other with a
privilege given by a certain authentication module.
(2) Authentication data trustful in cloud storage servers: to
forbid the users and cloud service provider to acquire any
authentication information which they are not wanted to.
(3) Authentication information efficiently in use: to
exchange and make backups authentication information validly
in cloud service provider, design a reasonable method to make
cloud service provider interior can operate efficiently.
For the third party auditing in cloud storage systems, there
are several important requirements which have been proposed
in some previous works [10, 11]. The auditing protocol should
have the following properties:
(1) Confidentiality: The auditing protocol should keep
owner’s data confidential against the auditor.
(2) Dynamic Auditing: The auditing protocol should
support the dynamic updates of the data in the cloud.
(3) Batch Auditing The auditing protocol should also be
able to support the batch auditing for multiple owners and
multiple clouds.
This architecture for cloud storage is composed of just two
parts: Users and Advanced Cloud Service Provider. It is
illustrated in Figure 2.
Figure 2 Proposed architecture
All of users, third party auditor and cloud service provider
shown on the figure have the same function discussed above.
The main difference between this architecture and the
traditional one is that the third party auditor function is
combined with the cloud service provider.
Data is indeed stored appropriately and kept intact all the
time in the cloud storage servers. Users modifying, deleting or
appending their data files in the cloud have correctness
assurance. Data is available against Byzantine failures,
malicious data modification and server colluding attacks [12].
Most of the schemes rely on encrypting the data using some
encryption algorithm and make third party auditor store a
message digest or encrypted copy of the same data that is
stored with the service provider.
V. CONCLUSION
Privacy and security are the very important issues of any
technology. The paper provides an abstract view of the
challenges present in maintaining data integrity and different
schemes proposed in recent past for cloud data security using
third party auditor. The paper says that moving third party
auditor function into cloud service provider will increase
response time and may use the resources more effectively
ensuring the data security.
ACKNOWLEDGMENT
“I would like to thank Mr. Chetan R. Solanki, Department
of Information technoly, SGGS IE&T, Vishnupuri, Nanded, for
his valuable suggestions”.
REFERENCES
[1] Amazon Web Services, Online at http://aws.amason.com.
[2] Google App Engine, Online
http://code.google.com/appengine/.
[3] Microsoft Azure, Online athttp://www.microsoft.com/azure/.
[4] K.Govinda, V.Gurunathaprasad, H.Sathishkumar, “THIRD
PARTY AUDITING FOR SECURE DATA STORAGE IN
CLOUD THROUGH DIGITAL SIGNATURE USING RSA” ,
INTERNATIONAL JOURNAL OF ADVANCED
SCIENTIFIC AND TECHNICAL RESEARCH (ISSUE 2,
VOLUME 4- August 2012), ISSN 2249-9954
[5] M.Vanitha, R.Raju, “Data Sharing: Efficient Distributed
Accountability in Cloud Using Third Party Auditor”,
International Journal of Innovative Technology and Exploring
Engineering (IJITEE) ISSN: 2278-3075, Volume-2, Issue-5,
April 2013
[6] Fraunhofer Verlag,” SIT Technical reports On THE Security of
Cloud Storage Services ”
[7] Ashish Bhagat, Ravi Kant Sahu, “Using Third Party Auditor
for Cloud Data Security: A Review” , International Journal of
Advanced Research in Computer Science and Software
Engineering, Volume 3, Issue 3, March 2013 ISSN: 2277 128X
[8] Shuai Han, Jianchuan Xing, “ENSURING DATA STORAGE
SECURITY THROUGH A NOVEL THIRD PARTY
AUDITOR SCHEME IN CLOUD COMPUTING”, Cloud
Computing and Intelligence Systems (CCIS), 2011 IEEE
International Conference, Proceedings of IEEE CCIS2011
[9] Qian Wang, Cong Wang, Jin Li, Kui Ren, Wenjing Lou,
“Enabling Public Verifiability and Data Dynamics for Storage
Security in Cloud Computing”, ESORICS 2009.
[10] Wang, C.,Ren,K., Lou,W., Li, J.: Toward publicly auditable
secure cloud data storage services. IEEE Netw. 24(4), 19–24
(2010)
[11] Yang, K., Jia, X.: Data storage auditing service in cloud
computing: challenges, methods and opportunities. World
at Wide Web 15(4), 409–428 (2012)
[12] Cong Wang, Qian Wang, Kui Ren, Wenjing Lou, “Ensuring
Data Storage Security in Cloud Computing”, IEEE, IWQoS.
17th International 2009.