2017 International Conference on circuits Power and Computing Technologies [ICCPCT]

An Efficient Auditing Scheme for Data Storage Security in Cloud

Jayashree Agarkhed Ashalatha R.

Professor, Department of Computer Science, Research Scholar, Department of Computer Science,
Poojya Doddappa Appa College of Engineering Poojya Doddappa Appa College of Engineering
Kalaburagi, Karnataka, India Kalaburagi, Karnataka, India
[email protected] [email protected]

user and their data over the cloud. Cloud computing has
Abstract — Cloud computing provides tremendous data
become more and more advanced in the recent years. As the
storage and computing capabilities to its users. Large
resources are becoming dynamic, scalable and virtualized, the
amount of people can store various data onto the cloud
data has to be more secured in cloud. Therefore, auditing is
without any hesitation or limitations. Additional security
taking more attention for increased complexity of cloud
requires a secure cloud storage system with independent
resources for the researchers today. The auditing method
efficient auditing service to check the correctness of
makes storing and sharing of data easier in cloud [1].
outsourced data. Enormous users keep sending the data
over Internet and they are made stored in cloud data
centers remotely. The data files can be accessed by
Various cloud computing types include Public, Private, Hybrid
unauthorized users or hackers in the unsecured cloud
and Community based clouds used for various purposes
network. This leads in leaking of confidential data or data
globally. The security and privacy concern occur due to
loss during the transmission over the network. Hence
transfer of data and applications on network resources and
securing the cloud plays a very important role in cloud
various security policies. Data stored, processing and
environment. The data transfer over wireless network
movement of data outside the controls of an organization
across the globe has to be protected safely from
poses an inherent risk and making it vulnerable to various
unauthorized usage over the cloud. The data files and the
attacks. Privacy preserving is an important issue in business
remote data centers have to be given extra security as well
because the user who is accessing the cloud files may change
as maintenance capabilities from hackers or third party
the contents of the original file which may lead to legal
intruders. In this regard, data auditing along with privacy
consequences in future. Therefore, security is the biggest
preserving, integrity and dynamic capabilities plays as a
concern when it comes to cloud computing environment. The
proficient method for preventing from various cloud
main challenge here is to deal with the security and privacy
attacks which is considered in this work. In this work,
concerns of business thinking of adopting it. Hacking the
efficient auditor plays a crucial role in securing the cloud
cloud systems and network infrastructure would affect many
environment.
business clients as well as their profit which seriously need to
Keywords—Cloud computing, Data Auditing, Network be thought [2].
Security, Hacking, Data Centers
Data Auditability has been designed for cloud storage and
efficient storage auditing protocol has been proposed in this
I. INTRODUCTION
work. The proposed protocol uses dynamic operations with
data integrity and multiple batch auditing process. This work
The Forrester research says “The global cloud computing includes new cryptographic technique for encrypting and
market is going to reach $241 Billion in 2020 as that of $40.7 decrypting the data files in multi cloud environment.
Billion in 2010”.
In section 2, we have discussed the existing work related to
Almost every people who are using the modern technology in cloud security. In section 3, system design is discussed along
today’s world are making use of cloud computing techniques with overall cloud system architecture. Section 4 gives the
internally or externally. This is rated as the advancement in proposed solution for securing the cloud. Section 5 focuses on
storage technology towards cloud computing. Major results. Section 6 gives the conclusion to the work.
cryptographic techniques are proposed for performing security
much stronger way. Therefore, people from different area of II. RELATED WORK
specialization especially for business in companies are relying Many auditing framework has been designed for cloud storage
on cloud. The information of users in cloud servers are kept systems. Privacy preserving storage auditing protocol has been
secret as well as confidential which protects the privacy of given for securing the cloud systems. The cloud computing
security auditing system includes user auditing requirements,

978-1- 5090-4967- 7/17/$31.00 © 2017 IEEE

Authorized licensed use limited to: University of Technology Jamaica. Downloaded on January 24,2023 at 18:16:29 UTC from IEEE Xplore. Restrictions apply.
 2017 International Conference on circuits Power and Computing Technologies [ICCPCT]

current cloud service provider capabilities for meeting

auditing requirements and technical approach for data security
auditing. Two issues of specific auditing process include
infrastructure security and data security auditing. The
infrastructure auditing requirements achieve IT security [3].
The public auditing system of data storage security in cloud
provides privacy preserving auditing protocol. The scheme has
external auditor to audit outsourced data in cloud. The main
goal is to achieve privacy-preserving public auditing system
for cloud data storage. The public auditability allows TPA to
verify correctness of cloud data without downloading data [4].
Privacy preserving public auditability method is highlighted
using TPA who in turn checks the integrity of cloud data. The
TPA verifies cloud data without asking copy of data and also
the auditability issue does not bring any vulnerability for
user’s files. TPA is used to verify integrity of user’s data and
privacy is also preserved as TPA does not have any
knowledge about user’s data [5]. RSA based storage security
(RSASS) scheme uses public auditing of remote data for
providing security. It is a public key cryptography technique
which uses data storage correctness and supports dynamic
operations on data and reduces server computation. RSASS Fig 1: Overall System Architecture
system generates signature using RSA algorithm which
supports large and different size of files [6]. The public 1. Client / Data owner – Clients are the users who wish to
auditing system of data storage security proposes protocol for store data in cloud at the remote data centers. It is also called
fully dynamic data operations of block insertion. It supports as the entity which has huge amount of data files to store in
scalable and efficient public auditing using homomorphic cloud environment. Client usually relies on cloud for data
authenticator’s technique in cloud computing. The scheme maintenance and computations. Client can be adopted as either
also achieves batch auditing for multiple tasks from different single customer or multiple organizations in companies.
users by TPA. The protocol is implemented using Merkle
Hash Tree (MHT) which is used for authentication of files Various operations by owner includes Upload file, Get Alert,
which supports both public auditability and data dynamics Cloud Change, Send Mail, Delete File.
operations [7]. Another work supports remote integrity
checking protocol, efficient and secure cloud storage system. User operations include Get Private Key, Verify File,
The dynamic privacy-preserving audit service is used for Download File, and Check Integrity.
verifying integrity of outsourced storage. It achieves both
public auditability and dynamic data operations over the 2. Cloud storage provider (CSP) – The cloud makes the data
cloud. The privacy-preserving public auditing system is used storage service through CSP. Cloud Storage Server (CSS)
to carry out public auditing on cloud information [8]. entity is maintained by CSP which has great storage space and
computing resources in it. He provides data storage service
III. SYSTEM DESIGN and has enough storage space and computation resources. CSS
has significant storage space and computation resource to
Cloud system model comprises of four entities namely client, maintain the clients’ data.
auditor, hacker and cloud server. The architecture of the
proposed system is indicated in figure 1. Various operations by CSP includes Get Key, Verify file, Try
to modify File, Upload File [9].

3. Third party auditor or TPA – TPA is a specialized auditor

who verifies the user’s data. It has capabilities to manage or
monitor outsourced data under the delegation of data owner.

Various operations of TPA include Download File, Verify file,

Upload File, Audit.

4. Hacker: The hacker or the third party intruder stores

multiple user processes and transactions into the index table.
The abstract information about the cloud hacking is recorded

Authorized licensed use limited to: University of Technology Jamaica. Downloaded on January 24,2023 at 18:16:29 UTC from IEEE Xplore. Restrictions apply.
 2017 International Conference on circuits Power and Computing Technologies [ICCPCT]

in the table. The user processes and administrator process C. Integrity Phase: In integrity phase, the client or TPA
transactions are indicated in this phase [10]. checks the integrity of file blocks by selecting the subset of
Several processing operations under hacking process include those blocks. The data integrity verification is done by TPA by
modifying file, deleting file and uploading data files. challenging the server itself.

D. Hacker phase: The hacker phase stores multiple user

IV. PROPOSED SOLUTION
The public auditing algorithms are mentioned at each of the
phases given below.
A. Setup phase: The user initialization is done in this phase.
KeyGen algorithm is executed in this step using public and
secret parameters of the system. Then SigGen algorithm is
processed using the data files for verification purpose at the
cloud server.
Algorithm 1: Setup phase Algorithm (SPA)
Step 1: Start
Step 2: The user will initialize the generation of public and
private keys by executing Key Generate.
Step 3: Verification metadata will be generated by processing
the data file using Signature Generate.
Step 4: After generating metadata user will upload the data file
and verification metadata on cloud server and deletes the local
copy of the data.
Step 5: Verification metadata can be modified when the data
file is modified.
Step 6: End
processes and transactions into the index table. The abstract
information about the cloud hacking is recorded in the table.
The user processes and administrator process transactions are
indicated in this phase. Hacker phase includes Modifying file,
Deleting file, and Uploading file operations [11].
Design Goals: Privacy preserving data auditing scheme
comprises of various methods for securing the cloud data
storage. The proposed scheme combines seven processing
steps at various levels. The proposed algorithm works as
follows:
Algorithm 3: Cloud security algorithm (CSA):
Step 1: Start
Step 2: Public auditability of data files
Step 3: Checking Data dynamics
Step 4: Verifying Integrity proof
Step 5: Multiple Batch Auditing process
Step 6: Privacy preserving public auditing scheme
Step 7: Cloud data storage scheme
Step 8: Process storage system
Step 9: End

B. Audit phase: Auditor audits the cloud server for the

V. RESULTS
verification of the data files in the audit phase. The server
responds to the audit message using Generation Proof
Following performance has been measured based on the
algorithm. Later auditor executes Verification Proof algorithm
various factors and issues. They are mentioned as follows.
for confirmation of the data files verification.
i. Public Auditing based on Time: Number of clients
Algorithm 2: Audit phase algorithm (APA)
Vs average auditing time for tasks.
Step 1: Start
ii. Public Auditing based on Clients: Single user Vs
Step 2: TPA sends challenge to cloud server for checking the
multiple users.
data integrity.
iii. Comparison between RSASA and DES: Time taken
Step 3: Cloud server will execute Generate-proof by using the
to execute tasks using RSASA algorithm and DES
metadata to generate the proof of data integrity.
algorithm Vs number of tasks taken into
Step 4: TPA runs Verify-Proof to verify the response sent by
consideration.
the cloud server.
iv. Communication Complexity: Number of block size
Step 5: End
Vs communication cost for each task.

Authorized licensed use limited to: University of Technology Jamaica. Downloaded on January 24,2023 at 18:16:29 UTC from IEEE Xplore. Restrictions apply.
 2017 International Conference on circuits Power and Computing Technologies [ICCPCT]
The simulation graph is shown below.
Fig 2: Public Auditing based on Time
Figure 2 depicts the simulation graph which includes number
of clients on y axis and average auditing time taken for each
task on x axis.
Fig 3: Public Auditing based on Clients
Figure 3 gives the graph of public auditing for single user and
multiple users based on the usage per task. X axis contains
time taken by one user and y axis the time taken shows for
number of users in term of seconds.
Figure 4 shows the comparison made between CSA algorithm
with DES (Data Encryption Standard) algorithm. Algorithm in
the proposed work chosen for encrypting and decrypting of
data files in the proposed work is CSA. The CSA algorithm is
compared with DES algorithm which includes time taken from
each algorithm and number of tasks included significantly for
each system.
Authorized licensed use limited to: University of Technology Jamaica. Downloaded on January 24,2023 at 18:16:29 UTC from IEEE Xplore. Restrictions apply.
Fig 4: Comparison between CSA and DES
Fig 5: Communication Complexity
Figure 5 indicates the communication complexity issue which
includes number of block size with communication cost taken
for each task in the system.
VI. CONCLUSION
The public auditing system is presented which provides a
privacy-preserving auditing protocol. The scheme supports a
special auditor to audit the user’s data in the cloud without
accessing the actual data contents. Thus we have made an
attempt to justify the security of proposed scheme using the
comparisons with the state-of-the art in cloud computing
environment.
REFERENCES
[1] M. Nazir, N. Bhardwaj, R.K. Chawda, R.G. Mishra,
“Cloud computing: Reviews, Surveys, Tools, Techniques and
Applications – An open-access ebook by HCTL open” ISBN-
13(PDF): 978-1-62951-802-2.
 2017 International Conference on circuits Power and Computing Technologies [ICCPCT]

[2] K. Ruth Ramya, T. Sasidhar, D. Naga Malleshwari &

M.T.V.S. Rahul, “A review on security aspects of data storage
in cloud computing”, International Jounal of Applied
Engineering Research, Vol 10, No 5, 2015. pp. 13383-13394.

[3] Hassan Rasheed, “Data and Infrastructure security auditing

in cloud computing environments”, International Journal of
Information Management, 2014.pp. 364-368.

[4] C. Wang, Q. Wang, K. Ren and W. Lou, “Privacy-

preserving public auditing for data storage security in cloud
computing”, IEEE INFOCOM 2010, IEEE, 2010.

[5] Sonali. D. Thosar and Nalini.A. Mhetre, “Integrity

checking privacy preserving approach to cloud using third
party auditor”, In proceedings of2015 International conference
on pervasive computing (ICPC), IEEE 2015.

[6] M.Venkatesh, M.R. Sumalatha and C. Selvakumar,

“Improving public Auditability, data possession in data
storage security for cloud computing”, IEEE, 2012.pp. 463-
467.

[7] Q. Wang, C. Wang, K. Ren, W. Lou and J. Li, “Enabling

public Auditability and data dynamics for storage security in
cloud computing”, IEEE TPDS, Vol.22, No.5, IEEE, 2011.pp.
847-859.

[8] A. R. Navajothi and S.J.A. Fenelon, “An efficient,

dynamic, privacy preserving public auditing method on
untrusted cloud storage”, In proceedings of ICICES2014,
IEEE, 2014.

[9] C.Wang, Q.Wang, K.Ren, N.Cao, W.Lou, “Towards

secure and dependable storage services in cloud computing”,
IEEE, 2009. pp. 1-14.

[10] Sravan Kumar. R & Ashutosh Saxena, “Data Integrity

proofs in cloud storage”, IEEE, 2011.

[11] C.Wang & K.Ren, “Toward publicly auditable secure

cloud data storage services”, 2010, IEEE Network. pp. 19-24.

Authorized licensed use limited to: University of Technology Jamaica. Downloaded on January 24,2023 at 18:16:29 UTC from IEEE Xplore. Restrictions apply.