Data integrity proof techniques in cloud storage

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-
6367(Print), ISSN 0976 – 6375(Online) Volume 4, Issue 2, March – April (2013), © IAEME
454
DATA INTEGRITY PROOF TECHNIQUES IN CLOUD STORAGE
Ms.RohiniG.Khalkar1
and Prof. Dr. S.H.Patil2
1
M. Tech. Computer Student, Bharati Vidyapeeth Deemed University College of Engineering,
Pune
2
HOD, Computer Engineering Department, Bharati Vidyapeeth Deemed University College of
Engineering, Pune
ABSTRACT
Cloud Computing has been unreal as the next generation architecture of IT Enterprise.
Clients release their work of storing and maintaining the data regionally by storing it over the
cloud. As cloud provides several advantages, it conjointly brings sure challenges. Though
clients cannot physically access the information from the cloud server directly, without
client’s information, cloud supplier will modify or delete information which are not used by
client from a long a time or occupies large space. Hence, there is a requirement of checking
the information periodically for correction purpose which is called information integrity. This
paper contains survey on the different techniques of information integrity. The basic schemes
for information integrity in cloud are Proof of Retrievability (PoR) and Provable information
Possession (PDP). These two schemes are most active space of analysis in the cloud
information integrity field. The objective of this survey is to supply new researchers a
guideline, and to perceive the analysis work carried out in previous few years.
Keywords: Data integrity, Proof of Retrievability, Provable information Possession
I: INTRODUCTION
Cloud computing aims to provide reliable, customized and guaranteed computing
dynamic environment to the end users. Virtualized resources in the cloud can be
dynamically reconfigured to regulate a variable load (scale). It also allows for an optimum
resource utilization. End users can access the services available in the internet without
knowing location and management of these resources.
Cloud storage moves the client’s data to large data centers, which are remotely
located, on which user does not have any control. In this paper we will discuss privacy
concerns of cloud environment. This paper mainly focuses on the survey of the various
privacy techniques.
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING
& TECHNOLOGY (IJCET)
ISSN 0976 – 6367(Print)
ISSN 0976 – 6375(Online)
Volume 4, Issue 2, March – April (2013), pp. 454-458
© IAEME: www.iaeme.com/ijcet.asp
Journal Impact Factor (2013): 6.1302 (Calculated by GISI)
www.jifactor.com
IJCET
© I A E M E

455
II. DATA INTEGRITY PROVING SCHEMES
2.1 Provable Data Possession (PDP)
Definition: A PDP scheme checks that a file, which consists of a collection of n blocks
is retained by a remote cloud server . The data owner processes the information file to
generate some metadata to store it locally. The file is then sent to the server, and the
owner delete the native copy of the file. The owner verifies the possession of file in using
challenge response protocol. This technique is used by clients to check the integrity of the
data and to periodically check their data that is stored on the cloud server. So this technique
ensure server security to the client. PDP scheme supports dynamic expansion.
Ateniese et al. [8] are the first to consider public auditability in their defined
“provable data possession” model for ensuring possession of files on untrusted storages. In
their scheme, they utilize Homomorphic Verifiable Tags for auditing outsourced data, to
achieve public auditability.
However, Ateniese et al. do not consider the case of dynamic data storage, and the
direct expansion of their scheme from static data storage to dynamic case may suffer design
and security .In their subsequent work [9], Ateniese et al. proposed a dynamic version of
the prior PDP scheme problems. The system does not support fully dynamic data
operations. In [4], Wang et al. consider the proposed challenge-response protocol can
both determine the data correctness and locate possible errors. Erway et al. [5] were the
first to explore constructions for dynamic provable data possession. They extend the
PDP model in [8] to support provable updates to stored data files using rank-based
authenticated skip lists. This scheme is essentially a complete dynamic version of the
PDP solution. They remove the index information in the “tag” computation in
Ateniese’s PDP model [8] to support update for block insertion, and employ authenticated
skip list data structure to authenticate the tag information of challenged or updated
blocks first before the verification procedure. Feifei Liu[7] were proposed an improved
dynamic model that reduce the computational and communication complexity to
constant by using Skip-List, Block, Tag and Hash method.
PDP provides following techniques to perform integrity check on the data.
2.2 Methods used in the PDP Schemes.
2.2.1 Proof of Retrievability (PoR)
Definition: In PoR Scheme a cloud server proves to a data owner that a target file is
unbroken, in the sense that the client can retrieve the complete file from the server with high
probability. Hence, PoR guarantees not only correct data possession but it also assures
retrievability upon some data corruptions. To address concerns of corruption PoR scheme
also includes error-correcting codes. It supports only a limited number of queries as a
challenge since it deals with a finite number of check blocks (sentinels).
Juels and Kaliski [1] describe a “proof of retrievability” model in which spot-checking
and error correcting codes are used to ensure both “possession” and “retrievability” of data
files on archive service systems. For detection purpose some special blocks called
“sentinels” are randomly embedded into the data file F, and to protect the positions of these
special blocks file F is encrypted. Shacham and Waters [10] design an improved PoR
scheme with full proofs of security in the security model defined in [1]. They use

456
publicly verifiable homomorphic authenticators built from BLS signatures [6], based on
which the proofs can be aggregated into a small authenticator value.
Table 1. Shows comparison of different Methods used in the PoR Scheme
Techniques Used Public
Auditability
Static/Dynamic
Operation
Unbounded
Queries
Symmetric key Cryptography, Error
Coding
No Static No
BLS signatures, Pseudorandom Functions
(PRFs)
Yes Static -
Generate, Encrypt and Append Metadata No Static No
Fragment structure, Random Sampling and
index-hash table
Yes Dynamic -
Bi-Linear Map,Merkle Hash Tree Yes Dynamic Yes
2.2.2 Naive Method
Comparison of data is the main idea behind this method. In NAIVE method client will
compute the hash value for the file F and having key K (i.e. h(K,F)) and later it will
send the file F to the server. Clients are having different assortment of keys and hash values
so it will perform multiple check on the file F. Whenever client desires to check the file
it release key K and sends it to the server, which is then asked to recomputed the hash value,
supported F and K. Then server provides reply back to the client with hash value for
comparison. This method gives the strong proof that server is having the original file F.
However this method has high overhead as each time hashing process is run over the
entire file. It requires high computation cost.
2.2.3 Original Provable Data Possession
In this method, the data is pre-processed before sending it to the cloud server. Here
the data is filled with some tag value to verify at the client side. Complete data is sent over to
the server and at the client side meta-data is stored. This meta-data is used for the
verification as per user need. To check the integrity user will sends the challenge to the server
at that time server will respond with the data. Then the client will compare the reply data with
the local meta-data. In this way client will check that the data is modified or not. Original
PDP has low computation and storage overhead. It supports both encrypted data and plain
data. It provides public verifiability. It is efficient because small portion of the file needs to
be accessed to generate proof on the server. This technique is only applicable to the static
files. Homomorphic hashing technique is employed to compose multiple block inputs into a
single value to reduce the size of proof.
2.2.4 Scalable PDP
Scalable PDP is an extended version of the original PDP. Original PDP uses public key to
reduce computation overhead whereas Scalable PDP uses the symmetric encryption.
Scalable PDP provides dynamic operation on remote data. Bulk encryption is not required by
scalable PDP. It uses the symmetric-Key which is more efficient than public-Key encryption.

457
2.2.5. Dynamic PDP
Dynamic PDP supports full dynamic operations like insert, update, modify,
delete etc. In this technique the dynamic operation permits the authenticated insert and
delete functions with rank-based authenticated directories and with a skip list. Though
DPDP has some procedure quality it is still economical. For example, to generate the
proof for 1GB file, DPDP only produces 415KB proof data and 30ms procedure
overhead. It provides comparatively greater computational, communication, and storage
overhead.
2.3 Other Auditing Methods
2.3.1 Message Authentication Code (MAC) Method
The outsourced data file F consists of a finite ordered set of blocks m1; m2; . . . mn.
One simple way to ensure the data integrity is to pre-compute MACs for the complete file.
Before data outsourcing, the data owner pre-computes MACs of F with a set of secret
keys and stores them locally. During the auditing process each time , the data owner reveals
a secret key to the cloud server and asks for a fresh keyed MAC to verify it. This method
provides deterministic data integrity assurance because the verification covers all the data
blocks. However, the number of verifications can be performed in this solution is limited by
the number of secret keys. Once the keys are exhausted, the data owner has to retrieve
the entire file of F from the server in order to estimate new MACs, which is usually
impractical due to the large communication overhead. Private keys are required for
verification so public audit ability is not supported.
2.3.2 Signature Method
The data owner pre-computes the signature of each block and sends both F and the
signatures to the cloud server for storage. Data owner can adopt a spot-checking approach
to verify correctness of F. i.e., requesting a number of randomly selected blocks and their
corresponding signatures to be returned.
Note that above methods can only support the static data and also a large
communication overhead that greatly affects system efficiency.
Table 2. shows comparison of different methods used for data integrity
Method Used Public Auditability Static/Dynamic
Operation
Unbounded Queries
RSA assumption Yes Static -
Bloom Filter - Dynamic -
HLAs and RSA signature Yes Dynamic -
Encryption Algorithm Yes -

458
III. CONCLUSION
In this paper we observed that data integrity is emerging area in cloud
computing for security purpose. Researcher proposed efficient new techniques based on the
PDP and PoR schemes. PDP scheme easily support dynamic operation but it doesn’t include
error correcting code. so significant amount of overhead in the PoR scheme comes from the
error-correcting codes which are not present in the PDP scheme. Therefore we can say
that designing efficient, secure and fully dynamic remote data integrity is still open area
of research.
REFERENCES
[1]A. Juels and B.S. Kaliski Jr., “Pors: Proofs of Retrievability for Large Files,” Proc. 14th
ACM Conf. Computer and Comm. Security (CCS ’07), pp. 584-597, 2007
[2]Bo Chen and Reza Curtmola. “Robust Dynamic Provable Data Possession,” 1545-0678/12
$26.00 © 2012 IEEE.
[3]B. Priyadharshini and P. Parvathi, “Data Integrity in Cloud Storage”, ISBN: 978-81-
909042-2-3 ©2012 IEEE [4]C. Wang, Q. Wang, K. Ren and W. Lou, “Ensuring Data
Storage Security in Cloud Computing,” Proc. 17th Int’l Workshop Quality of Service
(IWQoS ’09), 2009.
[5]C. Erway, A. Kupcu, C. Papamanthou, and R. Tamassia,“Dynamic Provable Data
Possession,” Proc. 16th ACM Conf. Computer and Comm. Security (CCS ’09), 2009.
[6]D. Boneh, B. Lynn, and H. Shacham, “Short Signatures from the Weil Pairing,” Proc.
Seventh Int’l Conf. Theory and Application of Cryptology and Information Security:
Advances in Cryptology (ASIACRYPT ’01), pp. 514-532, 2001.
[7]Feifei Liu, Dawu Gu, Haining Lu,” An Improved Dynamic Provable Data Possession
Model,” 978-1-61284-204-2/11/$26.00 ©2011 IEEE
[8]G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song,
“Provable Data Possession at Untrusted Stores,” Proc. 14th ACM Conf. Computer and
Comm. Security (CCS ’07), pp. 598-609, 2007.
[9] G. Ateniese, R.D. Pietro, L.V. Mancini, and G. Tsudik, “Scalable and Efficient Provable
Data Possession,” Proc. Fourth Int’l Conf. Security and Privacy in Comm. Networks
(SecureComm ’08), pp. 1-10.
[10] H. Shacham and B. Waters, “Compact Proofs of Retrievability,” Proc. 14th Int’l Conf.
Theory and Application of Cryptology and Information Security: Advances in
Cryptology (ASIACRYPT ’08), pp. 90-107, 2008.
[11] R Suchithra and Dr.N.Rajkumar, “Virtual Machine Placement in a Virtualized Cloud”,
International journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 3,
2012, pp. 435 - 445, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.
[12] Gurudatt Kulkarni, Jayant Gambhir and Amruta Dongare, “Security in Cloud
Computing”, International journal of Computer Engineering & Technology (IJCET), Volume
3, Issue 1, 2012, pp. 258 - 265, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.
[13] V.Ramesh and P.Dhanalakshmi, “Perceiving and Recovering Degraded Data on Secure
Cloud”, International journal of Computer Engineering & Technology (IJCET), Volume 4,
Issue 2, 2013, pp. 229 - 236, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.

Data integrity proof techniques in cloud storage

Data integrity proof techniques in cloud storage

Data integrity proof techniques in cloud storage

Recomendados

Más contenido relacionado

Was ist angesagt?

Was ist angesagt?(19)

Destacado

Destacado(7)

Similar a Data integrity proof techniques in cloud storage

Similar a Data integrity proof techniques in cloud storage(20)

Más de IAEME Publication

Más de IAEME Publication(20)

Último

Último(20)

Data integrity proof techniques in cloud storage