(IJEETE) 03, 04, JUL-AUG, SCRAM BASED SECURITY FOR DATA SHARING IN DYNAMIC CLOUD ENVIRONMENT

Transcription

1 SCRAM BASED SECURITY FOR DATA SHARING IN DYNAMIC CLOUD ENVIRONMENT B.Gunalan CMS College of Science and Commerce, Coimbatore, Tamilnadu Supervisor Dr.T.Christoper,Ph.D Government Arts College, Coimbatore, Tamilnadu ABSTRACT Basically, the cloud data storage process uses the multiple virtualized pools where store the different application and data in term of electronic format which are typically hosted by cloud third party. The main advantage of cloud storage system is minimize the different web application management over the dynamic updates,provide high capacity of cloud storage, provide more flexibility, provide high capacity of cloud storage,reduce IT management of data and hardware (SaranyaEswaran, SunithaAbburu, 2012). However, the Cloud has some disadvantage like unauthorized data access, data integrity, data privacy, data loss and etc.(nedhal A. AL.Saiyd, Nada Sail et al., 2013). Some of the very signification problem ispublic data integrity auditing process. In cloud any kind of process is starts from cloud storage process some of the well-known cloud storage systems are EMC Atmos, Google App Engine Blostrore, icloud, Apple, Amazon S3 and Windows Azure Storage. I. INTRODUCTION In the cloud storage process the cloud data integrity is a vital process among the other kind of cloud storage issues. Because the cloud data integrity creates that ensure that the data is of accessible, high quality, consistent and correct. After the done thedata storage process, start the data transforming to the cloud, during this process the data owner believes that their storage and transmitted application and data are accessed in secured manner (Adarsh R,P. ChidanandaMurthy, 2014) (N.Vidhya and P.Jegathesh, 2014). However, that the data owner s believes may fail in some point of viewmeans the data owner may be deleted or changed that data. In other term the group member may change or deleted that data. From this scenario, the cloud data is significant to verify a twice in term of the data has been tampered or deleted. To validate (examine) the data, often the data owner must download that data. During the data downloading process, In casethe stored in different server mean such kindofdownloading process take much time and this process direct to data integrity (ThombareKishor. Vet. al., 2014), (Siddhartha Rao et al., 2014).Data integrity process may become too expensivebecause of increased time and cost of bandwidth, mainly this process need frequent data checks. II. PROBLEM DEFINITION In cloud environment, the storage service is one of the emerging services which are utilized to give the different services to various kinds of users.additionally, Countless Cloud Service Providers (CSP) provides cloud storage as in term of service. The cloud data is transferred from one cloud user s machine to be stored on huge Data Centers (DC). Even though the CSP often state that they offer authorized environment for data storage. In this environment can find where user s data has been altered or lost because of some human error or some security breach.in the cloud storage services different users ISSN All Rights Reserved 2016 IJEETE Page 233

2 continuously store their high volume of information and altered or updating the information for enhancing the cloud storage services quality. During the cloud storage services, revocation, confidentiality, and data integrity of the shared data is one of the main issues because of different user change their information at the same time. For an improved level of data durability, availability and scalability, some users many need their data to be replicated on multiple servers over the countless data centers. The data replication differs from nature of data and need more duplication process for critical data reproducing process. The more duplications, the CSP is need to store more data and the more cost charged for the cloud users. Different kinds of auditing techniques are processed during the cloud storage process which is also manage the auditing cost, modified data in the cloud, however, it has some limitation in term of client read only data.thus, in this research work mainly focuses a designing issue in dynamic cloud data operation such as the data storage in term of public auditabilityand data dynamics. III. RELATED WORK (Franklin Malugu and K. Suresh Babu, 2015) authors propose privacy preserving auditing scheme which process actsas the ring signature to compute verifications required to audit data integrity access. This proposed method, the find the user who are preserved private from public verification and how the dynamic groups are supported to that user and finds which user newlyadded into the available group and a newly created group member may be revoked during data sharing depends on the data. (Amala. U, 2012)author proposed a scheme byutilizing the Provable Data Possession (PDP)for verifying the integrity of data which is one of the cryptographic method. This proposed work processed in the form of without retrieving an untrusted server and this process achieve zero knowledge property and the minimum communication cost respectively. (GauriThorat,S.R.Todmal, 2015) author analysis the basic problem of cloud computing such as data privacy and data integrity as well as author present the user revocation problem during the data sharing process. Additionally in this work use new public auditing mechanism such as PANDA plus. This process used for maintain the data sharing integrity. This process works depends on the proxy re-signatures concept at the time of user revocation process. The PANDA Plus is term as public auditor who audits the shared data s integrity without retrieving the whole data from the cloud environment. This process simultaneously verifies the multiple auditing tasks. (N. Siva Priya, 2015) author utilizes ring signatures to createholomorphic authenticators because of this process the public verifier can easily audit the integrity of shared data without retrieving the whole data from the cloud environment. From this process cannot differentiate who is singer on each data block in cloud environment. In this proposed work, the Identity Privacy, Unforgeability, Correctness and public auditing process are done by using Oruta. Fragment structure is used for constructed the proposed system and timelyanomaly detection and outsource the data is done by using supporting provable updates. Additionally, in this work use the periodic verification for enhancing the auditing performance. ISSN All Rights Reserved 2016 IJEETE Page 234

3 (R.Balachandar et al., 2014)authors propose a new framework such as Secure Flexible Framework (SFF). This SFF is mainly used for achieving the cloud data integrity, fine grained cloud data access control, Usage tracking of actual data from the outsourced data. This proposed work used for cloud user to correctly access their data along with fine grained, flexible and scalable control of outsourced data. (Suresh Kathi and MamidiVeerakumari, 2014) authors presenting a new platform for cloud computing named as Data Protection as a Service. This Data Protection as a Service significantly minimizes the data storage risk as well as this process provides the protection for stored data on the remote system. Additionally, in this work shows the different method for securing data utilizing offensive decoy technology in cloud environment. When suspects the un-authentication access, the challenge question launch in term of decoy information to the attacker, this process help to protect the unauthorized user. IV PROPOSED WORK In this research work two different kinds of efficient user revocation and public auditing process is done by using different kind of techniques is as follows The Homomorphic secret sharing and Salted Challenge Response Authentication Mechanism (SCRAM) techniques is used for secret key authentication and sharing process. In this work used for efficiently manage the cloud data storage process. This proposed authentication technique, authenticate the server and user s secret keys during the process of cloud data modification. This process can be improves the error detection probability from this probability can easily find the un-authorization process. Additionally in this proposed work also consider the efficient public auditing and user revocation process. AModified Boneh-Lynn-Shacham Signing Dynamic Auditing (MBLSSDA) algorithm is proposed for privacy-preserving public auditing process in term of dynamic cloud data storage. To enable the Third Party Auditing(TPA)in term ofsimultaneously and efficiently performs the auditing process for multiple users as well doing the batch auditing for multiple users is efficiently done this proposed work. V. CONTRIBUTION OF THE RESEARCH The contribution of this research work is as follows: The main contribution of this work is as achieve the efficient user revocation and public auditing process. To done this user revocation and public auditability has to made the proper solution and it can meet essential requirement like cloud data retrievability, high process efficiency and public data integrity. In public auditability process has some trouble in term of while keeping user s private information at the time of data storage. Thus, creating the efficient verification protocol with the help of novel approach. Additionally improves the cloud data storage security with the of novel approach A. SCRAM Based Data Sharing In the Dynamic Cloud Environment ISSN All Rights Reserved 2016 IJEETE Page 235

4 In this propose work consider a Salted Challenge Response Authentication Mechanism(SCRAM) Based data sharing in the dynamic cloud environment which is contain three different entities such as TPA, group users, and cloud server is as presented in Figure 1. The SCRAM is part of Simple Authentication and Security Layer (SASL) protocols. In this work proposes a secret key authentication mechanism and a secret key sharing are used to manage the cloud storage data which is done by using the Homomorphic secret sharing and the SCRAM techniques.in this work use well-know Homomorphic Secret Sharing technique such as Shamir Secret Sharing (SSS) for secret key sharing process. Nonetheless, SSS is not a multiplicatively homographic system, is an additively homorophic process so in this work use one added step in this process is termed as degree reduction step is as follows The SSS- Plus Degree Reduction Step 1: Step 2: Step 3: Step4: Step5: Step6: Step7: Step8: Step9: Cloud Storage Server Public Parameter Group Users Revoked Group Users Data Integrity Auditing Results Third Party Auditor Figure 1.System Model of SCRAM Based Data Sharing In the Dynamic Cloud Environment ISSN All Rights Reserved 2016 IJEETE Page 236

5 The proposed SCRAM protocol as presented in Figure 2 and this process offers the following functionalities: 4.2 Modified Boneh-Lynn-Shacham Signing Dynamic Auditing (MBLSSDA)WithRijandael algorithm The SCRAM messages are in text based messages and it containspair of value/ attributes which is divided by commas and each value/attribute has a single-letter name. Here, the authentication is defined by a data owner. Authentication occurs on the group members as well as data owner side and here simultaneouslychecks whetheractually server did hold the proper password. Here, the hash value of cloud file is transparent and this hash value can be modified, as well as what kind of process creates the protocol farther proof. The passwords of group users can be hashed and as well as salted on the server side. User Username, UserNonce Salt, iteration, CombinedNonce UserProof, CombinedNonce Server Signature Figure 2. SCRAM protocol s Authentication Session Server Modified Boneh-Lynn-Shacham signing dynamic auditing process can attain following goal Light Weight: To permit TPA to perform auditing with lowest computation overhead and minimum communicationcost. Privacy preserving: The proposed MBLSSDA work givesproper data security and improves thedata sharing performance and in this work TPA can t read the about the user s data during the auditing phase. Storage Correctness: This process ensures that there isno cheating on cloud servers. Batch auditing: From the batch auditing where simultaneously handled the multiple users request during data auditing process. Public auditability: In this work permits TPA to audit about the user s data without recovering the any copy of the user s data. In this proposed public auditing scheme contain four different processes such as (SigGen, KeyGen, GenProof, and VerifyProof. The KeyGenprocess generates a key which is used to run the user setup. SigGen is utilized by user to create the metadata verification, which may contain signature, MAC, other wanted information for auditing process. GenProof is used for run the loud server and it can create the correctness of data storage proof, while, theverifyproof, the user can verify their data, in this work a batch auditing process is done by using Rijandael algorithm which is known as Advanced Encryption Standard algorithm. The Rijandael algorithm is used for creating the One Time ISSN All Rights Reserved 2016 IJEETE Page 237

6 Key Generation Time (Sec) Authentication Signature International Journal of Exploring Emerging Trends in Engineering (IJEETE) Password (OTP), in this work, the cloud user initially create the registration process, after done the registration process the OTP will created that will be send for data owner s phone or mail. This OTP password can used for upload the file into cloud and as well as during the batch audition process. 5. Experimental Results and Discussion The proposed cloud secure sharing evaluation process is done by using JAVA with JAVA Pairing-Based Cryptography Library (jpbc) (A. De Caro and V. Iovino, 2011) on Amarzon EC2 cloud. On the cloud server, employ nodes running Linux with 32GB memory and 8-core CPU. The group users machines are used as laptops which is using running Linux with 8GB memory, 2.50GHz Intel i5-2520m CPU. The verifier is a set as desktop with running Linux with ASUS Android Iconia A200 Tablet using 1-GHz NvidiaTegra 2 Dual Core Mobile CPU or 16GBmemeroy and 3.4GHz Intel i CPU. In order to compare the two different proposed works such asscram Based Data auditing and Modified Boneh-Lynn-Shacham Signing Dynamic Auditing (MBKSSDA) with the same setup of experiment work. All the experimental results signify the mean of 100 trails SCRA M MBLS SDA Figure 3 Key Generation Time Initially assess the public key and signature generation process of the two different proposed systems such as SCRAM Based Data auditing and Modified Boneh-Lynn- Shacham Signing Dynamic Auditing (MBKSSDA). Figure 3 shows that the public key generation time, here shows that the each proposed systems get the promising result in term of minimum key generation time with small deviations Numerb of Block SCRA M MBLS SDA Figure 4. Authentication Signature Generation Time Figure 4 shows that the signature generation time is comparedwith the block size, here shows that the each proposed systems get the promising result in term of minimum authentication signature generation time with small deviations. Number of Group Users ISSN All Rights Reserved 2016 IJEETE Page 238

7 Communication Cost (KB) User Verification Time (Sec) International Journal of Exploring Emerging Trends in Engineering (IJEETE) Figure 5. User Verification Time Figure 5 shows that the user verification time is comparedwith the file size, here shows that the each proposed systems get the promising result in term of minimum user verification time with small deviations Figure 6 Communication Cost Figure 5 shows the comparison results of two proposed works in term of communication cost. From the results shows that, although proposed SCRAM and MBKSSDA has get tolerable communication cost and when communication cost increases its computational cost also increases on the TPA process. 6. Conclusion File Size (Block Number) SCRAM File Size (Block Number) MBKSSDA In this research work a proposes atwo different efficient and secure cloud auditing process with the intention of data integrity and additionally analysis the dynamic data sharingprocess with group user with kind of modification permission.the Homomorphic secret sharing and Salted Challenge Response Authentication Mechanism (SCRAM) techniques and Modified Boneh-Lynn- Shacham Signing Dynamic Auditing (MBLSSDA) With Rijandael algorithm are proposed in this research work efficiently. In this two proposed work help to share the secret key and authentication process and also it can help of manage the cloud storage data. Thus, the proposed work shows that the efficient public auditing and data integrity process. This public auditing and data integrity is check by using different experimental analysis. Here different kind of metrics are used to analysis the proposed systems such as user verification time, key generation time,authentication signature generation time and communication cost. References [1] Adarsh R,P. ChidanandaMurthy, Secure Storage and Data Integrity Proof in Cloud, International Journal of Computer Science and Information Technologies, Vol. 5, No.4, PP , [2] Amala. U, Dynamic Audit Services for Achieving Data Integrity in Clouds,International Journal of Advanced Research in Computer and Communication Engineering, Vol. 1, Issue 10, PP , [3] R.Balachandar, M.S.Kavitha, K.Seenivasan, An Approach For Broader Range Of Security In Cloud Computing,International Journal of Security, Privacy and Trust ISSN All Rights Reserved 2016 IJEETE Page 239

8 Management ( IJSPTM), Vol 2, No 1, PP.43-54, [4] De Caro and V. Iovino, jpbc: Java pairing based cryptography, 16th IEEE Symp. Comput. Commun. (ISCC), Corfu, Greece, PP , [5] Franklin Malugu, K. Suresh Babu, Public Audit of Cloud Shared Data by Using Efficient Privacy Preserving Scheme,International Journal of Scientific Engineering and Research (IJSER),Vol.3, Issue 4, PP , [6] GauriThorat,S.R.Todmal, A Survey on Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud, International Journal of Computer Science and Information Technologies (IJCSIT), Vol. 6 (1), PP , [7] Nedhal A. AL.Saiyd, Nada Sail, Data Integrity In Cloud Computing Security,Journal of Theoretical and Applied Information Technology,Vol. 58 No.3, PP , [8] Suresh Kathi, MamidiVeerakumari, Data Invulnerability and Data Integrity Verification of Multi Cloud Storage,International Journal of Research in Computer and Communication Technology, Vol 3, Issue 1, PP.70-74, [9] SaranyaEswaran, SunithaAbburu, Identifying Data Integrity in the Cloud Storage,IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 2, No 1, PP , [10] Siddhartha Rao, SavanGujrathi, MithunSanghvi, Shubham Shah, Analysis on Data Integrity in Cloud Environment,IOSR Journal of Computer Engineering (IOSR-JCE), Vol.16, Issue 5, Ver. IX, PP.71-76, [11] N. Siva Priya, Periodic Updation in TPA for Secure Dynamic Audit Services of Outsourced Storages in Clouds,Journal of Network Communications and Emerging Technologies (JNCET), Vol.2, Issue 1, PP , [12] ThombareKishor. V, SuryawanshiNilesh D, Patil Ganesh S, WadnereSwapnil, Data Integrity Proof in Cloud Storage, International Journal of Emerging Technology and Advanced Engineering,Vol.4, Issue 4, PP , [13] N.Vidhya, P.Jegathesh, Secure File Sharing Of Dynamic Audit Services in Cloud Storage,International Journal of Research in Engineering and Technology (IJRET),Vol. 03, Issue.05, ISSN All Rights Reserved 2016 IJEETE Page 240