univ proj review

7/31/2019 Univ Proj Review

1/57

MANAKULA VINAYAGAR INSTITUTE OF

TECHNOLOGY

Effective Remote Data Integrity Detection For DataLevel Dynamics And Retaining Privacy

DOMAIN:NETWORKS

SUB-DOMAIN:CLOUD COMPUTING

BATCH NO:12

PROJECT GUIDE:

Miss.Vijayalakshmi

BATCH MEMBERS:

A.NANGAI

R.PREMA

S.BHUVANESWARI

S.THENMOZHI


2/57

OUTLINE

Abstract Literature review

Existing System

Proposed System

Module description

Screen shots

System diagram

System requirements

Conclusion

References


3/57

Cloud Computing

Cloud computing refers to the logical computationalresources (data, software) accessible via a computer network(through WAN or Internet etc.), rather than from a localcomputer

Data are stored on Server Farms generally located in thecountry of the service provider. The on-line service isoffered from a cloud provider.

TYPES OF CLOUD COMPUTING

Public cloud

Community cloud

Hybrid cloud

Private cloud


4/57

ABSTRACT

Existing protocols can support both features with the help ofa third party auditor. In previous work they Propose a remotedata integrity checking protocol that supports data dynamics.

In our project, we adapt a protocol to support public

verifiability. The proposed protocol supports publicverifiability without help of a third party auditor.

In addition, the proposed protocol does not leak any privateinformation to third party verifiers. Through a formalanalysis, we show the correctness and security of the

protocol.After that, through theoretical analysis and experimentalresults, we demonstrate that the proposed protocol has agood performance.


5/57

LITERATURE SURVEY

Ensuring Data Storage Security in Cloud Computing

Privacy-Preserving Public Auditing for Secure Cloud

Storage

Auditing to Keep Online Storage Services Honest


6/57

Cloud computing moves the application software anddatabases to the centralized large data centers, where the

management of the data and services may not be fully

trustworthy. This unique paradigm brings about many

new security challenges, which have not been wellunderstood

we consider the task of allowing a third party auditor

(TPA), on behalf of the cloud client, to verify the

integrity of the dynamic data stored in the cloud. Theintroduction of TPA eliminates the involvement of the

client through the auditing of whether his data stored in

the cloud is indeed intact

Chance for loss of information through TPA

ENSURING DATA STORAGE

SECURITY IN CLOUD COMPUTING


7/57

SYSTEM ARCHITECTURE FOR

CLOUD DATA


8/57

Advantages: We extend our scheme to support scalable and efficient

public auditing in Cloud Computing. In particular, ourscheme achieves auditing tasks from different users can

be performed simultaneously by the TPA.

We prove the security of our proposed construction and

justify the performance of our scheme through concreteimplementation and comparisons.

Disadvantages:Loss of valuable information through TPA


9/57

PRIVACY-PRESERVING PUBLIC AUDITIN

FOR SECURE CLOUD STORAGE One of the important concerns that need to be addressed

is to assure the customer of the integrity i.e. correctness

of his data in the cloud

This proof can be agreed upon by both the cloud and the

customer and can be incorporated in the Service level

agreement (SLA)

It is important to note that our proof of data integrity

protocol just checks the integrity of data i.e. if the data

has been illegally modified or deleted.


10/57

SYSTEM ARCHITECTURE


11/57

Advantages Apart from reduction in storage costs data outsourcing to

the cloud also helps in reducing the maintenance.

Avoiding local storage of data. By reducing the costs of storage, maintenance and

personnel.

It reduces the chance of losing data by hardware failures.

Not cheating the owner.

Disadvantages The main drawback of this scheme is the high resource

costs it requires for the implementation.

Also computing hash value for even a moderately largedata files can be computationally burdensome for someclients (PDAs, mobile phones, etc).

Data encryption is large so the disadvantage is smallusers with limited computational power (PDAs, mobilephones etc.).


12/57

AUDITING TO KEEP ONLINE

STORAGE SERVICES HONEST

we propose a dynamic audit service for verifying the

integrity of untrusted and outsourced storage.

Our audit service, constructed based on the techniques,

fragment structure and index-hash table, can supportprovable updates to outsourced data, and timely

abnormal detection

Not only validate the effectiveness of our approaches, but

also show our audit system has a lower computationoverhead, as well as a shorter extra storage for audit

metadata.


13/57

SYSTEM ARCHITECTURE


14/57

Advantage A fragment technique is introduced in this paper to

improve performance and reduce extra storage.

The audit activities are efficiently scheduled in an auditperiod, and a TPA needs merely access file to performaudit in each activity.

Disadvantage Lack of rigorous performance analysis for constructed

audit system greatly affects the practical application ofthis scheme.

It is crucial to develop a more efficient and securemechanism for dynamic audit services, in which possibleadversary advantage through dynamic data operations

should be prohibits.


15/57

SUMMARY

From the papers used in literature survey we can

understand the problems that they face to check the data

integrity and make the cloud secure.

We are going to use their protocols to make our

proposed system more secure, By adapting their

protocols, it easy for us to rectify the current problem in

our project.

From the papers adapted we are using the data insertion,

modification, deletion at the block level and public

verifiability support.

This helps our proposed protocol to be secure against an

untrusted server. The adapted protocols are used in our

models. By adapting their protocols, it easy for us to

rectify the current problem in our project.


16/57

EXISTING SYSTEM

The Existing system uses Sebe et al protocol for remote data

integrity checking .

In remote data integrity checking protocols, the clientchallenges the server about the integrity of a certain data file,

and the server generates responses proving that it has access to

the complete and uncorrupted data.

The existing protocol derived by Sebe et al supports both

data dynamics and public verifiability with the help of a

TPA(Third party Auditor)


17/57

PROPOSED SYSTEM

In this project we propose a remote data integrity checking

protocol for cloud storage, which can be viewed as anadaptation of Sebe et als protocol.

The proposed protocol inherits the support of data

dynamics and public verifiability, At the same time itdoesnt need to use a third-party auditor.

We give a security analysis of the proposed protocol, which

shows that it is secure against the untrusted server and thirdparty verifiers.


18/57

MODULES

Key and Metadata Generation

Dynamic Data Operation with Integrity Assurance

Privacy against Verifiers


19/57

Key and Metadata Generation

Each and every time a secret key is sent to the clientsemail toperform the integrity checking operation.

The Secret key is generated using HMAC( Hash Based

Message Authentication Code).

In HMAC we are using the following functions:

message encryption message authentication code (MAC) and

hash function


20/57

Message Encryption

Message encryption by itself provides a measure of

authentication

if symmetric encryption is used then:

receiver know sender must have created it

since only sender and receiver now key used

know content cannot of been altered

Provides both: sender authentication and message authenticity.


21/57

Key and Metadata Generation cont

If public-key encryption is used:

Encryption provides no confidence of sender

Since anyone potentially knows public-key

However if

sender signs message using his private-key

then encrypts with recipients public key

have both secrecy and authentication

but at cost of two public-key uses on message


22/57

Dynamic Data Operation with Integrity

Assurance

Now we show how our scheme can explicitly and efficiently

handle fully dynamic data operations including data

modification (M), data insertion (I) and data deletion (D) for

cloud data storage.

Note that in the following descriptions, we assume that the

file F and the signature are generated and properly stored at

server.

The root metadata R has been signed by the client and stored

at the cloud server, so that anyone who has the clients public

key can challenge the correctness of data storage.


23/57

Privacy Against Verifiers

Under the semi-honest model, a third party verifier cannot get

any information about the clients data m from the protocol

execution.

Hence, the protocol is private against third party verifiers. If the

server modifies any part of the clients data, the client is be able

to detect it.

In case a third party verifier verifies the integrity of the clients

data, the data should be kept private against the third party

verifier.


24/57

MODULE1 -KEY GENERATION

First module is key generation whichincludes home page,admin page and newaccount creation page.

Home page includes login form whereexisting user can enter directly whereas newuser can create a new account.

Admin page includes work of administrator

with his own password to enter .New account page includes entering detailsand passcode is generated for the user frommail and registration is done successfully.


25/57

HOME


26/57

ADMIN


27/57

ACCOUNT CREATION


28/57


29/57

REGSUCCESS


30/57

PASSCODE FROM EMAIL


31/57

UPLOAD DETAILS


32/57

MODULE 2ENCRYPTION & DEVRYPTION

Second module is encryption which includes file

upload,my account, user management and file

management.

In file upload we can upload the file from our pcwith browse option.

In my account user can view the account,edit and

can change the existing password. User can view his details or the file details with

the help of user id and file type respectively


33/57


34/57


35/57


36/57

MYACCOUNT


37/57


38/57


39/57

MODULE3-PUBLIC VERIFIABILTY


40/57


41/57


42/57


43/57


44/57


45/57

ADMIN MANAGEMENTVIEW


46/57


47/57


48/57

ADMINFILEMANAGEMENT


49/57


50/57

DATABASE

NEW ACCOUNT TABLE


51/57

Tblfiles table


52/57


53/57

SYSTEM ARCHITECTURE


54/57

SYSTEM ARCHITECTURE

Cloud Untrust

Server

Client

OutsourcesData

Files

Third

Party

Verifiers

Cloud Service Provider

SYSTEM REQUIREMENTS


55/57

Q

Software Interface

FRONT-END - ASP.NET WITH C# BACK-END - MySQL

FRONT-END SERVER - MICROSOFT VISUAL STUDIO2008

BACK-END SERVER - SQL SERVER 2005

OPERATING SYSTEM - WINDOWS XP

BROWSER - INTERNET EXPLORER 6.0

Hardware Interface

PROCESSOR - PENTIUM IV 2.6 GHz

RAM - 512 MB RAM

MONITOR - 15 COLOR

HARD DISK - 40 GB

KEYBOARD - STANDARD 102 KEYS

MOUSE - 3 BUTTON


56/57

CONCLUSION

Proposed Protocol is proved to be secure against untrust server

& TPA

Protocol supports both data dynamics and public verifiability

without TPA

The protocol propose has very good effiency and this makes

data storage as very secured


57/57

REFERENCES

[1]A Privacy-Preserving Remote Data Integrity CheckingProtocol with Data Dynamics and Public Verifiability

Zhuo Hao, Sheng Zhong, Nenghai Yu Q. Wang, C. Wang, J. Li,K. Ren, and W. Lou,

[2] Enabling public verifiability and data dynamics for storagesecurity in cloud computing in 14th European Symposium on

Research in Computer Security,pp. 355370, Springer Berlin /Heidelberg, September 2009. C. Wang, Q. Wang, K. Ren, and W.Lou,

[3] Privacy-preserving public auditing for data storage security

in cloud computing, inInfoCom2010, IEEE, March 2010. M. A.Shah, M. Baker, J. C. Mogul, and R. Swaminathan,

[4] Auditing to keep online storage services honest, in Proc. ofHotOS XIUsenix, 2007.

univ proj review

Documents