Provable data possession (PDP) is a technique for ensuring the integrity of data in storage outsourcing. In this scheme, we address the construction of an efficient PDP scheme for distributed cloud storage to support the scalability of service and data migration, in which we consider the existence of multiple cloud service providers to cooperatively store and maintain the clients’ data. We present a cooperative PDP (CPDP) scheme based on homomorphic verifiable response and hash index hierarchy. We prove the security of our scheme based on multi-prover zero-knowledge proof system, which can satisfy completeness, knowledge soundness, and zero-knowledge properties. In addition, we articulate performance optimization mechanisms for our scheme, and in particular present an efficient method for selecting optimal parameter values to minimize the computation costs of clients and storage service providers. Our experiments show that our solution introduces lower computation and communication overheads in comparison with non-cooperative approaches. Using MR-PDP to store treplicas is computationally much more efficient than using a single-replica PDP scheme to store t separate, unrelated files (e.g., by encrypting each file separately prior to storing it). Another advantage of MR-PDP is that it can generate further replicas on demand, at little expense, when some of the existing replicas fail. The generation of replicas is on demand by the user’s request that is based on the security choice selected by the user at the time of file upload. The user can choose three options Low, Medium, High at the time of file upload. The uploaded file is divided in to N blocks of different sizes to achieve the efficiency in storage and is also used to improve security, here N represent the number of clouds we are using. Low means the file is divided into N blocks (here 3), and each block is stored in N different location of the single cloud. Medium means the file is divided into N blocks and each block is stored in N different clouds which improves the security of data but reduce the availability. High means the file is divided into N blocks and each N block is stored in N different clouds that are we are keeping the replicas of file in N different clouds. The system maintains a download count to dynamically create the replicas in accordance with the users demand.
Table of Contents
Cloud information accountability: an overview
Abstract
1. Introduction
2. System analysis
2.1 Scope
2.3. Preliminary investigation
3. Materials and Methods
3.1 Existing system
3.2 Proposed system
3.3 Feasibility of the study
3.3.1 Operational feasibility
3.3.2 Technical feasibility
3.3.3 Economic feasibility
3.4 Requirement and specifications
3.4.1 Hardware specifications
3.4.2 Software specifications
3.5 About Microsoft Visual Studio 2015
3.5.1 The .Net platform
3.5.2 The .Net frame work
3.5.3 Features of ASP.NET
3.5.4 Common language runtime (CLR)
3.5.5 Microsoft SQL server 2016
3.5.6 C# languages
3.6 Selection of operating system
3.6.1 Windows 10: an overview
3.6.2 Network data security
3.6.3 Internet protocol security
3.6.4 Microsoft edge web browser
3.6.5 Advantages of edge web browser
3.7 System design
3.7.1 Characteristics of design
3.7.2 Design of the proposed system
3.8 Input design
3.9 Use and design of modules
3.9.1 Cooperative accessing
3.9.2 Replica generation
3.9.3 Integrity verification
3.9.4 File Division
3.9.5 Registration
3.9.6 File Upload
3.9.7 File verification
3.9.8 File download
3.9.9 File Deletion
3.9.10 File storage
3.9.11TPA Creation and deletion
3.9.12 View All Files
3.9.13 View File Owners
3.10 Output design
3.11 Database design
3.11.1 Table design
3.11.2 Data flow diagrams
3.11.3 Purpose
3.11.4 Process
3.11.5 Data stores
3.11.6 Data flows
3.11.7 Eternal entity
3.12 Software testing
3.12.1 Testing objectives
3.12.2 Testing principles
3.12.3 Testing strategies
3.12.4 Testing methods
3.12.4.1 White box testing
3.12.4.2 Black box testing
3.12.4.3 Unit testing
3.12.4.4 Integration testing
3.12.5 Output testing
3.13 Implementation
3.13.1 Implementation procedures
3.13.2 Implementation plan
3.13.3 Post implementation review
3.13.4 System maintenance
3.13.5 System security
3.14 Limitations
3.15 Future scope
4. Conclusions
Research Objectives and Core Themes
The primary objective of this work is to develop an efficient Provable Data Possession (PDP) scheme for distributed multi-cloud environments that ensures data integrity and scalability through cooperative storage management.
- Cooperative Provable Data Possession (CPDP) for multi-cloud environments.
- Multiple-Replica Provable Data Possession (MR-PDP) to increase availability and durability.
- Security mechanisms based on homomorphic verifiable response and hash index hierarchy.
- Performance optimization through efficient parameter selection and workload distribution.
- System design using Data Flow Diagrams (DFD) and secure authentication protocols.
Excerpt from the Book
1. Introduction
Provable data possession (PDP) is a technique for ensuring the integrity of data in storage outsourcing. In this scheme, we address the construction of an efficient PDP scheme for distributed cloud storage to support the scalability of service and data migration, in which we consider the existence of multiple cloud service providers to cooperatively store and maintain the clients’ data (Zhu et al., 2012; Zhu et al., 2011; Wei et al., 2014; Juels and Oprea, 2013; Barsoum and Hasan, 2010). We present a cooperative PDP (CPDP) scheme based on homomorphic verifiable response and hash index hierarchy. We prove the security of our scheme based on multi-prover zero-knowledge proof system, which can satisfy completeness, knowledge soundness, and zero-knowledge properties. In addition, we articulate performance optimization mechanisms for our scheme, and in particular present an efficient method for selecting optimal parameter values to minimize the computation costs of clients and storage service providers. Our experiments show that our solution introduces lower computation and communication overheads in comparison with non-cooperative approaches.
Many storage systems rely on replication to increase the availability and durability of data on untrusted storage systems. At present, such storage systems provide no strong evidence that multiple copies of the data are actually stored. Storage servers can collude to make it look like they are storing many copies of the data, whereas in reality they only store a single copy (Curtmola et al., 2008; Bessani et al., 2013; Barsoum and Hasan, 2010; Shraer et al., 2010). We address this short coming through multiple-replica provable data possession (MR-PDP): A provably-secure scheme that allows a client that stores treplicas of a file in a storage system to verify through a challenge-response protocol that each unique replica can be produced at the time of the challenge and that the storage system uses t times the storage required to store a single replica. MR-PDP extends previous work on data possession proofs for a single copy of a file in a client/server storage system.
Summary of Chapters
1. Introduction: Outlines the necessity of Provable Data Possession (PDP) in multi-cloud storage to ensure data integrity and availability against untrusted service providers.
2. System analysis: Defines the core requirements, scoping, and preliminary investigation necessary for building a computer-based system for secure cloud data management.
3. Materials and Methods: Details the architecture, feasibility studies, software/hardware specifications, design modules, and testing strategies for the implemented solution.
4. Conclusions: Summarizes the successful implementation of the web-based application utilizing CPDP and MR-PDP concepts to achieve secure and reliable multi-cloud storage.
Keywords
Data flow diagram, Databases, Cloud computing, Security, C++, Provable data possession, MR-PDP, CPDP, Third party auditor, Homomorphic encryption, Data integrity, Replication, Multi-cloud, ASP.NET, Software testing
Frequently Asked Questions
What is the fundamental purpose of this research?
This work aims to create an efficient and secure scheme for data storage in distributed cloud environments, ensuring integrity and availability through cooperative multi-cloud usage.
What are the core technical themes covered in this paper?
The central themes include Provable Data Possession (PDP), Multiple-Replica PDP (MR-PDP), data security through homomorphic encryption, and system performance optimization.
What is the primary research goal?
The primary goal is to address the risks of data tampering and collusion in untrusted cloud environments by implementing a system that verifies data integrity and maintains multiple replicas on demand.
Which methodologies are employed in the study?
The study employs a systems analysis approach, utilizing Data Flow Diagrams (DFD) for process modeling, zero-knowledge proof systems for security verification, and a multi-prover architecture.
What aspects of the system development are detailed in the main body?
The main body covers feasibility studies, database design (using SQL Server), software specification (.NET Framework/Visual Studio), module design, and comprehensive testing phases.
What are the primary keywords that characterize this work?
Key terms include Data flow diagram, Databases, Cloud computing, Security, C++, Provable data possession, MR-PDP, CPDP, and Third party auditor.
How does the system ensure file security after an upload?
The system encrypts files using a randomly generated cryptographic key. Files are divided into blocks and stored across multiple clouds based on user-selected security levels (Low, Medium, or High).
What role does the Third Party Auditor (TPA) play in this framework?
The TPA acts as an independent entity that verifies the integrity of files uploaded to the cloud and decrypts content for verification without needing to download the entire file.
- Quote paper
- Dr. Prem Jose Vazhacharickal (Author), Sunil K. Joseph (Author), Abhiram Vijayan (Author), 2017, Cloud information accountability. An overview, Munich, GRIN Verlag, https://www.grin.com/document/367199
