Article Preview
TopIntroduction
Cloud Storage is the virtualized network of online storage servers that is progressively predominant with all its advantages in terms of agility, scalability, elasticity and multi-tenancy. Outsourcing data storage in the cloud environment has become an apparent service that can facilitate Data Owners (DO) to store their sensitive and non-sensitive data on to the remote servers. Outsourcing financial, health, multimedia, educational data to cloud storage server is beneficial as it eliminates the implications involved in the setup of primary storage infrastructure and its maintenance costs (Mell et al., 201; Yang et al., 2012). The Cloud Storage imposes various security issues which include: Trusting data stored in the cloud, insufficiency of provable security in Cloud Service Provider agreements, Data history, Provable Data Possession, Storage service of cloud used as online slack space, Data integrity, Lock-in, Data Remanence, Provenance, Confidentiality, Absence of User Control and Training Expertise, Addressing Trans-border Restrictions of data flow, Uncertain legal issues, Data disclosure to a government agency, Leaks of Breaches, Data Accessibility, Location of Data, Transfer and Retention (Geeta et al., 2018). Outsourcing data to Cloud Storage Service Provider is the best choice as it will provide gargantuan storage capacity, stable performance, high availability, and economical efforts on data maintenance and management. However, outsourcing data is not trustworthy and raises various security concerns over the data stored. In particular, the integrity of clients’ data is of great concern.
The Data Owners (DO) store enormous data on to the remote cloud servers. The Data Owners stores their sensitive data without holding a copy of the data trusting the storage provided by the Cloud Service Providers (CSP). To verify the data stored and to assure the data owners the soundness of their data there is a need for an integrity verification mechanism. It becomes a cumbersome task for the owners to keep verifying the soundness of their data. So, a Third-Party Auditor (TPA) is employed to carry out the integrity verification mechanism. It is of critical importance to assure the data owners' data are not misused or granted any unauthorized access. Also, the data stored are more vulnerable to drive crashes and can be deleted from the storage servers of the cloud. Data loss can occur in any infrastructure, no matter what kind of committed procedures the CSP’s would take. Several breaches can occur for the data stored. Unauthorized external users may try to achieve access privileges of the stored data. The internal attacks caused by CSPs are to gain control over the data as well as to delete the data to save storage resources. The CSPs to attract more users may delete the data that is less frequently accessed or not at all accessed for a prolonged period. The storage infrastructure can be prone to unexpected hardware faults that lead to data loss. Therefore, assurance to the DO concerning their data are stored without any modifications is critical. Hence there is a significant need for continuously monitoring the correctness of the data stored. The data stored in the cloud needs to be protected. The CSPs who maintains the data should not be able to sense any information form the stored encrypted data. The integrity verification mechanism must ensure privacy. The privacy of the data is ensured by using encryption, hashing and pseudo random functions. Figure 1 shows the entities involved in the cloud storage auditing as a service. The Data Owner (DO) who possess large data file to be stored on the remote cloud storage. There are several cloud servers (CS) that are maintained and managed by the cloud service provider (CSP). The servers maintained by CSPs are highly capable of computational resources as well as processes a large amount of storage space. The third party auditor has rich expertise and capability that the Users and Data Owners do not possess. The TPA is a semi-trusted entity to assess the cloud storage service securely on behalf of the user. The required updates by the users for their dynamic data are given continuously based on the application request. The DO encrypts the data and stores it on the servers at CSP and so the TPA relies only on the metadata and abstract information of the data thus preserving privacy.
Figure 1. Architecture of Cloud Storage Auditing System