univ proj review
TRANSCRIPT
-
7/31/2019 Univ Proj Review
1/57
MANAKULA VINAYAGAR INSTITUTE OF
TECHNOLOGY
Effective Remote Data Integrity Detection For DataLevel Dynamics And Retaining Privacy
DOMAIN:NETWORKS
SUB-DOMAIN:CLOUD COMPUTING
BATCH NO:12
PROJECT GUIDE:
Miss.Vijayalakshmi
BATCH MEMBERS:
A.NANGAI
R.PREMA
S.BHUVANESWARI
S.THENMOZHI
-
7/31/2019 Univ Proj Review
2/57
OUTLINE
Abstract Literature review
Existing System
Proposed System
Module description
Screen shots
System diagram
System requirements
Conclusion
References
-
7/31/2019 Univ Proj Review
3/57
Cloud Computing
Cloud computing refers to the logical computationalresources (data, software) accessible via a computer network(through WAN or Internet etc.), rather than from a localcomputer
Data are stored on Server Farms generally located in thecountry of the service provider. The on-line service isoffered from a cloud provider.
TYPES OF CLOUD COMPUTING
Public cloud
Community cloud
Hybrid cloud
Private cloud
-
7/31/2019 Univ Proj Review
4/57
ABSTRACT
Existing protocols can support both features with the help ofa third party auditor. In previous work they Propose a remotedata integrity checking protocol that supports data dynamics.
In our project, we adapt a protocol to support public
verifiability. The proposed protocol supports publicverifiability without help of a third party auditor.
In addition, the proposed protocol does not leak any privateinformation to third party verifiers. Through a formalanalysis, we show the correctness and security of the
protocol.After that, through theoretical analysis and experimentalresults, we demonstrate that the proposed protocol has agood performance.
-
7/31/2019 Univ Proj Review
5/57
LITERATURE SURVEY
Ensuring Data Storage Security in Cloud Computing
Privacy-Preserving Public Auditing for Secure Cloud
Storage
Auditing to Keep Online Storage Services Honest
-
7/31/2019 Univ Proj Review
6/57
Cloud computing moves the application software anddatabases to the centralized large data centers, where the
management of the data and services may not be fully
trustworthy. This unique paradigm brings about many
new security challenges, which have not been wellunderstood
we consider the task of allowing a third party auditor
(TPA), on behalf of the cloud client, to verify the
integrity of the dynamic data stored in the cloud. Theintroduction of TPA eliminates the involvement of the
client through the auditing of whether his data stored in
the cloud is indeed intact
Chance for loss of information through TPA
ENSURING DATA STORAGE
SECURITY IN CLOUD COMPUTING
-
7/31/2019 Univ Proj Review
7/57
SYSTEM ARCHITECTURE FOR
CLOUD DATA
-
7/31/2019 Univ Proj Review
8/57
Advantages: We extend our scheme to support scalable and efficient
public auditing in Cloud Computing. In particular, ourscheme achieves auditing tasks from different users can
be performed simultaneously by the TPA.
We prove the security of our proposed construction and
justify the performance of our scheme through concreteimplementation and comparisons.
Disadvantages:Loss of valuable information through TPA
-
7/31/2019 Univ Proj Review
9/57
PRIVACY-PRESERVING PUBLIC AUDITIN
FOR SECURE CLOUD STORAGE One of the important concerns that need to be addressed
is to assure the customer of the integrity i.e. correctness
of his data in the cloud
This proof can be agreed upon by both the cloud and the
customer and can be incorporated in the Service level
agreement (SLA)
It is important to note that our proof of data integrity
protocol just checks the integrity of data i.e. if the data
has been illegally modified or deleted.
-
7/31/2019 Univ Proj Review
10/57
SYSTEM ARCHITECTURE
-
7/31/2019 Univ Proj Review
11/57
Advantages Apart from reduction in storage costs data outsourcing to
the cloud also helps in reducing the maintenance.
Avoiding local storage of data. By reducing the costs of storage, maintenance and
personnel.
It reduces the chance of losing data by hardware failures.
Not cheating the owner.
Disadvantages The main drawback of this scheme is the high resource
costs it requires for the implementation.
Also computing hash value for even a moderately largedata files can be computationally burdensome for someclients (PDAs, mobile phones, etc).
Data encryption is large so the disadvantage is smallusers with limited computational power (PDAs, mobilephones etc.).
-
7/31/2019 Univ Proj Review
12/57
AUDITING TO KEEP ONLINE
STORAGE SERVICES HONEST
we propose a dynamic audit service for verifying the
integrity of untrusted and outsourced storage.
Our audit service, constructed based on the techniques,
fragment structure and index-hash table, can supportprovable updates to outsourced data, and timely
abnormal detection
Not only validate the effectiveness of our approaches, but
also show our audit system has a lower computationoverhead, as well as a shorter extra storage for audit
metadata.
-
7/31/2019 Univ Proj Review
13/57
SYSTEM ARCHITECTURE
-
7/31/2019 Univ Proj Review
14/57
Advantage A fragment technique is introduced in this paper to
improve performance and reduce extra storage.
The audit activities are efficiently scheduled in an auditperiod, and a TPA needs merely access file to performaudit in each activity.
Disadvantage Lack of rigorous performance analysis for constructed
audit system greatly affects the practical application ofthis scheme.
It is crucial to develop a more efficient and securemechanism for dynamic audit services, in which possibleadversary advantage through dynamic data operations
should be prohibits.
-
7/31/2019 Univ Proj Review
15/57
SUMMARY
From the papers used in literature survey we can
understand the problems that they face to check the data
integrity and make the cloud secure.
We are going to use their protocols to make our
proposed system more secure, By adapting their
protocols, it easy for us to rectify the current problem in
our project.
From the papers adapted we are using the data insertion,
modification, deletion at the block level and public
verifiability support.
This helps our proposed protocol to be secure against an
untrusted server. The adapted protocols are used in our
models. By adapting their protocols, it easy for us to
rectify the current problem in our project.
-
7/31/2019 Univ Proj Review
16/57
EXISTING SYSTEM
The Existing system uses Sebe et al protocol for remote data
integrity checking .
In remote data integrity checking protocols, the clientchallenges the server about the integrity of a certain data file,
and the server generates responses proving that it has access to
the complete and uncorrupted data.
The existing protocol derived by Sebe et al supports both
data dynamics and public verifiability with the help of a
TPA(Third party Auditor)
-
7/31/2019 Univ Proj Review
17/57
PROPOSED SYSTEM
In this project we propose a remote data integrity checking
protocol for cloud storage, which can be viewed as anadaptation of Sebe et als protocol.
The proposed protocol inherits the support of data
dynamics and public verifiability, At the same time itdoesnt need to use a third-party auditor.
We give a security analysis of the proposed protocol, which
shows that it is secure against the untrusted server and thirdparty verifiers.
-
7/31/2019 Univ Proj Review
18/57
MODULES
Key and Metadata Generation
Dynamic Data Operation with Integrity Assurance
Privacy against Verifiers
-
7/31/2019 Univ Proj Review
19/57
Key and Metadata Generation
Each and every time a secret key is sent to the clientsemail toperform the integrity checking operation.
The Secret key is generated using HMAC( Hash Based
Message Authentication Code).
In HMAC we are using the following functions:
message encryption message authentication code (MAC) and
hash function
-
7/31/2019 Univ Proj Review
20/57
Message Encryption
Message encryption by itself provides a measure of
authentication
if symmetric encryption is used then:
receiver know sender must have created it
since only sender and receiver now key used
know content cannot of been altered
Provides both: sender authentication and message authenticity.
-
7/31/2019 Univ Proj Review
21/57
Key and Metadata Generation cont
If public-key encryption is used:
Encryption provides no confidence of sender
Since anyone potentially knows public-key
However if
sender signs message using his private-key
then encrypts with recipients public key
have both secrecy and authentication
but at cost of two public-key uses on message
-
7/31/2019 Univ Proj Review
22/57
Dynamic Data Operation with Integrity
Assurance
Now we show how our scheme can explicitly and efficiently
handle fully dynamic data operations including data
modification (M), data insertion (I) and data deletion (D) for
cloud data storage.
Note that in the following descriptions, we assume that the
file F and the signature are generated and properly stored at
server.
The root metadata R has been signed by the client and stored
at the cloud server, so that anyone who has the clients public
key can challenge the correctness of data storage.
-
7/31/2019 Univ Proj Review
23/57
Privacy Against Verifiers
Under the semi-honest model, a third party verifier cannot get
any information about the clients data m from the protocol
execution.
Hence, the protocol is private against third party verifiers. If the
server modifies any part of the clients data, the client is be able
to detect it.
In case a third party verifier verifies the integrity of the clients
data, the data should be kept private against the third party
verifier.
-
7/31/2019 Univ Proj Review
24/57
MODULE1 -KEY GENERATION
First module is key generation whichincludes home page,admin page and newaccount creation page.
Home page includes login form whereexisting user can enter directly whereas newuser can create a new account.
Admin page includes work of administrator
with his own password to enter .New account page includes entering detailsand passcode is generated for the user frommail and registration is done successfully.
-
7/31/2019 Univ Proj Review
25/57
HOME
-
7/31/2019 Univ Proj Review
26/57
ADMIN
-
7/31/2019 Univ Proj Review
27/57
ACCOUNT CREATION
-
7/31/2019 Univ Proj Review
28/57
-
7/31/2019 Univ Proj Review
29/57
REGSUCCESS
-
7/31/2019 Univ Proj Review
30/57
PASSCODE FROM EMAIL
-
7/31/2019 Univ Proj Review
31/57
UPLOAD DETAILS
-
7/31/2019 Univ Proj Review
32/57
MODULE 2ENCRYPTION & DEVRYPTION
Second module is encryption which includes file
upload,my account, user management and file
management.
In file upload we can upload the file from our pcwith browse option.
In my account user can view the account,edit and
can change the existing password. User can view his details or the file details with
the help of user id and file type respectively
-
7/31/2019 Univ Proj Review
33/57
-
7/31/2019 Univ Proj Review
34/57
-
7/31/2019 Univ Proj Review
35/57
-
7/31/2019 Univ Proj Review
36/57
MYACCOUNT
-
7/31/2019 Univ Proj Review
37/57
-
7/31/2019 Univ Proj Review
38/57
-
7/31/2019 Univ Proj Review
39/57
MODULE3-PUBLIC VERIFIABILTY
-
7/31/2019 Univ Proj Review
40/57
-
7/31/2019 Univ Proj Review
41/57
-
7/31/2019 Univ Proj Review
42/57
-
7/31/2019 Univ Proj Review
43/57
-
7/31/2019 Univ Proj Review
44/57
-
7/31/2019 Univ Proj Review
45/57
ADMIN MANAGEMENTVIEW
-
7/31/2019 Univ Proj Review
46/57
-
7/31/2019 Univ Proj Review
47/57
-
7/31/2019 Univ Proj Review
48/57
ADMINFILEMANAGEMENT
-
7/31/2019 Univ Proj Review
49/57
-
7/31/2019 Univ Proj Review
50/57
DATABASE
NEW ACCOUNT TABLE
-
7/31/2019 Univ Proj Review
51/57
Tblfiles table
-
7/31/2019 Univ Proj Review
52/57
-
7/31/2019 Univ Proj Review
53/57
SYSTEM ARCHITECTURE
-
7/31/2019 Univ Proj Review
54/57
SYSTEM ARCHITECTURE
Cloud Untrust
Server
Client
OutsourcesData
Files
Third
Party
Verifiers
Cloud Service Provider
SYSTEM REQUIREMENTS
-
7/31/2019 Univ Proj Review
55/57
Q
Software Interface
FRONT-END - ASP.NET WITH C# BACK-END - MySQL
FRONT-END SERVER - MICROSOFT VISUAL STUDIO2008
BACK-END SERVER - SQL SERVER 2005
OPERATING SYSTEM - WINDOWS XP
BROWSER - INTERNET EXPLORER 6.0
Hardware Interface
PROCESSOR - PENTIUM IV 2.6 GHz
RAM - 512 MB RAM
MONITOR - 15 COLOR
HARD DISK - 40 GB
KEYBOARD - STANDARD 102 KEYS
MOUSE - 3 BUTTON
-
7/31/2019 Univ Proj Review
56/57
CONCLUSION
Proposed Protocol is proved to be secure against untrust server
& TPA
Protocol supports both data dynamics and public verifiability
without TPA
The protocol propose has very good effiency and this makes
data storage as very secured
-
7/31/2019 Univ Proj Review
57/57
REFERENCES
[1]A Privacy-Preserving Remote Data Integrity CheckingProtocol with Data Dynamics and Public Verifiability
Zhuo Hao, Sheng Zhong, Nenghai Yu Q. Wang, C. Wang, J. Li,K. Ren, and W. Lou,
[2] Enabling public verifiability and data dynamics for storagesecurity in cloud computing in 14th European Symposium on
Research in Computer Security,pp. 355370, Springer Berlin /Heidelberg, September 2009. C. Wang, Q. Wang, K. Ren, and W.Lou,
[3] Privacy-preserving public auditing for data storage security
in cloud computing, inInfoCom2010, IEEE, March 2010. M. A.Shah, M. Baker, J. C. Mogul, and R. Swaminathan,
[4] Auditing to keep online storage services honest, in Proc. ofHotOS XIUsenix, 2007.