Achieving Cloud Security Using a Third Party Auditor and Preserving Privacy for Shared Data Over a Public Cloud

Achieving Cloud Security Using a Third Party Auditor and Preserving Privacy for Shared Data Over a Public Cloud

Vitthal Sadashiv Gutte (Amity University Mumbai, Mumbai, India) and Sita Devulapalli (Amity University Mumbai, Mumbai, India)
Copyright: © 2020 |Pages: 19
DOI: 10.4018/IJKSS.2020010104

Abstract

Correctness of data and efficient mechanisms for data security, while transferring the file to and from Cloud, are of paramount importance in today's cloud-centric processing. A mechanism for correctness and efficient transfer of data is proposed in this article. While processing users request data, a set of attributes are defined and checked. States with attributes at different levels are defined to prevent unauthorized access. Security is provided while storing the data using a chunk generation algorithm and verification of chunks using lightweight Third-Party Auditor (TPA). TPA uses digital signatures to verify user's data that are generated by RSA with MD5 algorithms. The metadata file of generated chunks is encrypted using a modified AES algorithm. The proposed method prevents unauthorized users from accessing the data in the cloud environment, in addition to maintaining data integrity. Results of the proposed cloud security model implementation are discussed.
Article Preview
Top

1. Introduction

Cloud computing enabled distributed data storage and at the same time reduced the usage costs. Cloud facilitated access to data anytime from anywhere and also from multiple locations. The user is relieved of the complexities of hardware and software needs for data storage and sharing mechanisms and enjoys data -storage location independence. The user can simply utilize the services provided by the different organizations offering cloud services for data storage and access. With ease of access and storage on cloud, the issues of usage authorization and data security pop up. Typically, authorized users, are allowed to access cloud storage with restrictions at different levels, with the access control being managed by the system administrator. One of the restrictions that helps securing data is providing access to usage of data for a particular use and to restrict the user's number approaches that can be used for access and usage. Attributes are the deciding factor for some of the user level grouping formation. Content storage and content sharing for different purposes being the major use of cloud, data security while transferring or storing the file is an area of concern requiring efficient solutions. Amazon simple storage services and amazon elastic compute cloud have enabled users from different segments like entertainment, legal, product development and business organizations to store and access different types of data. The process of maintaining data security is generally not a concern for the user once the system is driven by the cloud with the cloud security model for data being in place. Yet, security concerns remain a higher priority for the data on the cloud in terms of external attacks on the cloud data that corrupts the content and violates the integrity of cloud storage (Dr. Nashaat el-Khameesy, 2012). As the correctness of user data is not maintained by the cloud security systems, the users would need mechanisms to address the data security in the cloud system (Kan Yang, 2013). These mechanisms should not require the users of cloud to manage the data at frequent intervals. In this paper, we propose a method that includes cryptography mechanism with significant modifications. In addition, a third-party auditor (TPA) is introduced to monitor/ keep watch on the system. The proposed method offers data confidentiality and integrity for the data in the cloud.

TPA checks integrity and secure storage of data in the cloud. The auditing proof generation can be generated in two different mechanisms: first, the user carries out the procedure to verify the correctness of data that is stored in the cloud. That is, the cloud data owner checks the data - leading to a time and cost burden for user every time a check is carried out. Alternately, in the second method, the TPA verifies the data for secure storage for all the users in a single instance. This batch processing method helps TPA execute the procedure for all users in a single turn. The TPA proposed can check data for many users in a single instance and generate a report for all users. The method proposed in this work for cloud data security uses multiple data security attributes as described in section 3. The level of security is further checked by the outside agent TPA to keep watch on every step. This process ensures that integrity of data is maintained and, also, every user’s data correctness is maintained. In addition, authentication is provided in the system to allow only authorized users, the access to stored data on the cloud. The proposed method offers efficiency with the addition of TPA supporting dynamic and batch processing of auditing of data for many users.

In the paper the background work is discussed in section 2. The proposed system is discussed in section 3. The proposed architecture and framework is explained in section 6. The result analysis is discussed in the section 7. The conclusion of research work with future work is explained in section 8.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 12: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 11: 4 Issues (2020): 3 Released, 1 Forthcoming
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing