pptcloud
TRANSCRIPT
WELCOME
PRIVACY-PRESERVING
PUBLIC AUDITING FOR DATA STORAGE
SECURITY IN CLOUD
COMPUTING
PRESENTED BYRAFA MAHAMOOD S VSHAMEEMA K VSUMAYYA K P
Introduction System and threat model Proposed scheme Security analysis & performance
evaluation
OUTLINE
Cloud computing gives flexibility to users Users pay as much as they use Users don’t need to set up the large
computers But the operation is managed by the Cloud
Service Provider (CSP) The user give their data to CSP; CSP has
control on the data The user needs to make sure the data is
correct on the cloud Internal (some employee at CSP) and external
(hackers) threats for data integrity CSP might behave unfaithfully
For money reasons, CSP might delete data that’s rarely accessed
CSP might hide data loss to protect their reputation
INTRODUCTION
How to efficiently verify the correctness of outsourced data?Simply downloading the data by the user
is not practical TPA can do it and provide an audit
report TPA should not read the data content
Legal regulations: US Health Insurance Portability and Accountability Act (HIPAA)
This paper presents how to enable privacy-preserving third-party auditing protocolFirst work in the literature to do this
RESPONSIBLE USERS
SYSTEM AND THREAT MODEL U: cloud user has a large amount of data files to
store in the cloud CS: cloud server which is managed by the CSP and
has significant data storage and computing power (CS and CSP are the same in this paper)
TPA: third party auditor has expertise and capabilities that U and CSP don’t have. TPA is trusted to assess the CSP’s storage security upon request from U
SYSTEM ANALYSIS
EXISTING SYSTEM Controlled by the entity,& restricted by them to the
authorised users Delivered via the internet to all users Not secure
10
Uses homomorphic authenticator Also uses a random mask achieved by a Pseudo Random
Function (PRF)
Block 1 Block 2 Block k…
Verification
Metadata
Verification
Metadata
Verification
Metadata
Aggregate Verification Metadata
A linear combination of data blocks can be verified by looking only at the aggregated authenticator
Homomorphic authenticator
PROPOSED SYSTEM
SYSTEM REQUIREMENTS
HARDWARE SPECIFICATION Processor : Pentium IV or
above Memory : 2GB or above Hard Disk : 120 GB or above
RECOMMENDED SOFTWARE
• Operating System : Windows 7• Programming environment : Java• IDE : Eclipse•Java Version : JDK 1.6 or later•Google Pluggin for Eclipse
WHAT IS CLOUD COMPUTING??? With cloud computing, users can remotely
store their data into the cloud and use on-demand high-quality applications
Using a shared pool of configurable computing resources
Data outsourcing: users are relieved from the burden of data storage and maintenance
When users put their data (of large size) on the cloud, the data integrity protection is challenging
Enabling public audit for cloud data storage security is important
Users can ask an external audit party to check the integrity of their outsourced data
Cloud network
datauser
user
user
External Audit party
External audit party is called TPA TPA helps the user to audit the data To allow TPA securely:1) TPA should audit the data from the cloud,
not ask for a copy2) TPA should not create new vulnerability to
user data privacy We presents a privacy-preserving public
auditing system for cloud data storage
THIRD PARTY AUDITOR (TPA)
A NOTE ON AUDITING What’ is auditing?
A PUBLIC AUDITING SCHEME Consists of four algorithms (KeyGen, SigGen, GenProof, VerifyProof)
KeyGen: key generation algorithm that is run by the user to setup the scheme
SigGen: used by the user to generate verification metadata, which may consist of MAC, signatures or other information used for auditing
GenProof: run by the cloud server to generate a proof of data storage correctness
VerifyProof: run by the TPA to audit the proof from the cloud server
18
Setup
Audit
user KeyGen
Public & Secretparameters
SigGen File F
Verification
MetadataTPA
TPA issues an audit message or a challenge to
CSP
GenProof
VerifyProof
CSP
TPA
File F
Response message
Verification Metadata
20
BASIC SCHEME 1
MAC
key
File block
code
Message Authentication Code (MAC)
Block 1 Block nBlock 2 …
File is divided into blocks
Cloud
user
TPA
Block 1 Block n…Block 2
code 1 code n…code 2
-User computes the MAC of every file block-Transfers the file blocks & codes to cloud-Shares the key with TPA
Audit-TPA demands a random number of blocks and their code from CSP-TPA uses the key to verify the correctness of the file blocks
Drawbacks: -The audit demands retrieval of user’s data; this is not privacy-preserving-Communication and computation complexity are linear with the sample size
21
BASIC SCHEME 2Block 1 Block n…Block 2
code 1 code n…code 2
code 1 code n…code 2
code 1 code n…code 2
Key 1
Key 2
Key s
…
user
CloudTPA
Block 1 Block m…Block 2
Setup-User uses s keys and computes the MAC for blocks-User shares the keys and MACs with TPA
Audit-TPA gives a key (one of the s keys) to CSP and requests MACs for the blocks-TPA compares with the MACs at the TPA-Improvement from Scheme 1: TPA doesn’t see the data, preserves privacy-Drawback: a key can be used once.-The TPA has to keep a state; remembering which key has been used-Schemes 1 & 2 are good for static data (data doesn’t change at the cloud)
22
Uses homomorphic authenticator Also uses a random mask achieved by a Pseudo Random
Function (PRF)
Block 1 Block 2 Block k…
Verification
Metadata
Verification
Metadata
Verification
Metadata
Aggregate Verification Metadata
A linear combination of data blocks can be verified by looking only at the aggregated authenticator
Homomorphic authenticator
Proposed scheme
23
Random Mask by PRF
PRIVACY-PRESERVING PUBLIC AUDITING SCHEME
-The PRF function masks the data-It has a property of not affecting the Verification Metadata
Block 1
Verification
Metadata
Block 1 withPRF Mask
Verification
Metadata
Block 1
Equal
- In addition to Aggregate Authenticator, the TPA will receive a linear combination of file blocks:
vi are random numbermi are file blocks
-If TPA sees many linear combinations of the same blocks, it might be able to infer the file blocks
-This, we also use a random mask provided by the Pseudo Random Function (PRF)
r is the mask
24
user KeyGen
Public key (sk)&Secret key (pk)
Setup
SigGenusersk
Block 1 Block 2 Block n…
σ1 …σ2 σn
Block 1 Block n…Block 2
σ1 … σnσ2
1- User generates public and secret
parameters
2- A code is generated for each file block
3- The file blocks and their codes are transmitted to the
cloudAudit
-TPA sends a challenge message to CSP-It contains the position of the blocks that will be checked in this audit
GenProofCSP
Selected blocks in challenge
Aggregate authenticator
-CSP also makes a linear combination of selected blocks and applies a mask. Separate PRF key for each auditing.-CSP send aggregate authenticator & masked combination of blocks to TPA
VerifyProofTPA
Masked linear combination of requested blocks
Aggregate authenticator
Compare the obtained Aggregate authenticator to the one received from CSP
The data sent from CSP to TPA is independent of the data sizeLinear combination with mask
Previous work has shown that if the server is missing 1% of the dataWe need 300 or 460 blocks to detect that
with a probability larger than 95% or 99%, respectively
PROPERTIES
Batch auditing There are K users having K files on the same cloud They have the same TPA Then, the TPA can combine their queries and save in
computation time The comparison function that compares the aggregate
authenticators has a property that allows checking multiple messages in one equation
Instead of 2K operation, K+1 are possible
MORE POSSIBLE EXTENSIONS
Data dynamics The data on the cloud may change according to
applications This is achieved by using the data structure Merkle Hash
Tree (MHT) With MHT, data changes in a certain way; new data is
added in some places There is more overhead involved ; user sends the tree
root to TPA This scheme is not evaluated in the paper
Reference [11] doesn’t have privacy-preserving propertyTPA can read the information
PERFORMANCE
BATCH AUDITING Number of auditing tasks increased from 1
to 200 in multiple of 8 Auditing time per task: total auditing time /
number of tasks
30
PERFORMANCE WITH INVALID RESPONSES
In batch auditing, true means that all of the messages are correct
False means at least one is wrongDivide batch in half, repeat for left- and right partsBinary search
1 2 3 4 5 6 7 8 9 10Wrong
1 2 3 4 5 6 7 8 9 10Wrong
1 2 3 4 5 6 7 8 9 101,2,3 and 9,10
1 2 3 4 5 6 7 8 9 103 and 10
31
The more errors that there is, it takes more time to find them
CONCLUSION Utilize the homomorphic linear authenticator and
random masking to guarantee that the TPA would not learn any knowledge about the data content stored on the cloud server during the efficient auditing process.
Eliminates the burden of cloud user from the tedious and possibly expensive auditing task and alleviates the users’
fear of their outsourced data leakage TPA may concurrently handle multiple audit sessions
from different users for their outsourced data files. Extend our privacy-preserving public auditing protocol
into a multi-user setting, where the TPA can perform multiple auditing tasks in a batch manner for better efficiency
Schemes are provably secure and highly efficient