An Efficient Distributed Verification Protocol for Data Storage Security in Cloud Computing
Abstract— Data storage is an important application of cloud computing, where clients can remotely store their data into the cloud. By uploading their data into the cloud, clients can be relieved from the burden of local data storage and maintenance. This new paradigm of data storage rvice also introduces new curity challenges. One of the risks that can attack the cloud computing is the integrity of the data stored in the cloud. In order to overcome the threat of integrity of data, the client must be able to u the assistance of a Third Party A uditor (TPA), in such a way that the TPA verifies the integrity of data stored in cloud with the client’s public key on the behalf of the client. The existing schemes with single verifier (TPA) may not scale well for this purpo. In this paper, we propo A n Efficient Distributed Verification Protocol (EDVP) to verify the integrity of data in a distributed manner with support of multiple verifiers (Multiple TPA s) instead of single Verifier (TPA). Through the extensive curity, performance and experimental results, we show that our scheme is more efficient than single verifier bad scheme. Keywords: cloud storage, Integrity, Client, TPA, SUBTPAs, Verification, cloud computing.
I.I NTRODUCTION
Cloud computing is a large-scale distributed computing paradigm in which a pool of computing resources is available to Clients via the Internet. The Cloud Computing resources are accessible as public utility rvices, such as processing power, storage, software, and network bandwidth etc. Cloud storage is a new business solution for remote backup outsourcing, as it offers an abstraction of infinite storage space for clients to host data backups in a pay-as-you-go manner [1]. It helps enterpris and government agencies significantly reduce their financial overhead of data management, since they can now archive their data backups remotely to third-party cloud storage providers
rather than maintaining local computers on their own. For example, Amazon S3 is a well known storage rvice.
The increasing of data storage in the cloud has brought a lot of attention and concern over curity issues of this data. One of important issue is with cloud data storage is that of data integrity verification at untrusted cloud rvers. For example, the storage rvice provider, which experiences Byzantine failures occasionally, may decide to hide the data loss incidents from the clients for the benefit of their own. What is more rious is that for saving money and storage space the rvice provider might neglect to keep or deliberately delete rarely accesd data files which belong to thin c拼搏的英文
lients. Consider the large size of the outsourced data and the client’s constrained resource capability, the main problem can be generalized as how can the client find an efficient way to perform periodical integrity verifications without local copy of data files.
To verify the integrity of data in cloud without having local copy of data files, recently veral integrity verification protocols have been developed under different systems [2-13].
A ll the protocols have verified the integrity of data with single verifier (TPA). However, in single auditor verification systems, they u only one Third Party A uditor (TPA) to verify the Integrity of data bad Challenge-Respon Protocol. In that verification process, the TPA stores the metadata corresponding to the file blocks and creates a challenge and nds to the CSP. The CSP generates the Integrity proof for corresponding challenge, and nd back to the TPA. Then, TPA verifies the respon with the previously stored metadata and gives the final audit result to the client. However, in this single A uditor system, if TPA system will crash due to heavy workload then whole verification process will be aborted. In addition, during the verification process, the network traffic will be very high near the TPA organization and may create network congestion. Thus, the performance will be degrading in single auditor verification schemes. Therefore, we need an efficient distributed verification protocol to verify the integrity of data in cloud.
In this paper, we propo an Efficient Distributed Verification Protocol (EDVP) to verify the integrity of data in a distributed manner with support of multiple verifiers (Multiple TPAs) instead of single Verifier (TPA), which were discusd in existing prior works[2-13]. In our protocol, many number of SUBTPA s concurrently works under the single TPA and workload also must be uniformly distribute among the SUBTPA s, so that each SUBTPA will verify over the whole part, Suppo if TPA fails, one of the SUBTPA will act as TPA. Our protocol would detect the data corruptions in the cloud efficiently when compared to single verifier bad protocols.
Our protocol design is bad on RSA-bad Dynamic Public Audit Service for Integrity Verification of data in cloud propod by Syam et al.[11] in a distributed manner. Here, the n verifiers challenge the n rvers uniformly and if m rver’s respon is correct out of n rvers then, we can say that Integrity of data is ensured. To verify the Integrity of the data, our verification process us multiple TPA s, among the
Syam Kumar.P1尼葛洛庞帝
Dept.of Computer Scince
IFHE(Deemed University)
Hyderabad, India
shyam.1,
Subramanian. R2, Thamizh Selvam.D3
Dept.of Computer Science School of Engineering and Technology,
公证处英文
Pondicherry University, Puducherry, India, rsmanian.csc@pondiuni.edu.in2,3
2013 Second International Conference on Advanced Computing, Networking and Security
multiple TPAs, one TPA will act as main TPA and remaining are SUBTPA s. The main TPA us all SUBTPA s to detect data corruptions efficiently, if main TPA fails, then one of the SUBTPA will act as main TPA. The SUBTPA s do not communicate with each other and they would like to verify the Integrity of the stored data in cloud, and consistency of the provider’s respons. The propo system guarantee the atomic operations to all TPA s; this means that TPA which obrve each SUBTPA operations are consistent, in the n that their own operations plus tho operations who effects they e have occurred atomically in same quence.
In Centrally Controlled and Distributed Data paradigm, where all SUBTPA s are controlled by the TPA and SUBTPA’s communicate to any Cloud Data Storage Server, we consider a synchronous distributed system with multiple TPA s and Servers. Every SUBTPA is connected to Server through a synchronous reliable channel that delivers a challenge to the rver. The SUBTPA and the rver together are called parties P. A protocol specifies the behaviours of all parties. An execution of P is a quence of alternating states and state transitions, called events, which occur according to the specification of the system components. A ll SUBTPA s follow the protocol; in particular, they do not crash. Every SUBTPA has some small local trusted memory, which rves to store distribution keys and authentication values. The rver might be faulty or malicious and deviate arbitrarily from the protocol; such behaviour is also called Byzantine failure.
The Synchronous system comes down to assuming the following two properties:associate是什么意思
1. Synchronous computation. There is a known upper bound on processing delays. That is, the time taken by any process to execute a step is always less than this bound. Remember that a step gathers the delivery of a message (possibly nil) nt by some other process, a local computation (possibly involving interaction among veral layers of the same process), and the nding of a message to some other process.
2. Synchronous communication. There is a known upper bound on challenge/respon transmission delays. That is, the time period between the instant at which a challenge is nt and the time at which the respon is delivered by the destination process is less than this bound.
II.RELATED WORK
Bowers et al. [2] introduced a High Availability Integrity Layer (HAIL) protocol to solve the Availability and Integrity problems in cloud computing using error correcting codes and Universal Hash Functions (UHFs). This scheme achieves the A vailability and Integrity of data. However, this scheme supports private verifiability.
To support public verifiability of data integrity, Barsoum et al. [3] propod a Dynamic Multiple Data Copies over the Cloud Servers, which is bad on multiple replicas. This scheme achieves the Availability and Integrity of data stored in cloud. Public verification enables a third party auditor (TPA) to verify the integrity of data in cloud with the data owner's public key on the behalf of the data owner,. Wang et al. [4] designed an Enabling Public Auditability and Data Dynamics for data storage curity in cloud computing using Merkle Hash Tree (MHT). It achieves the guarantee of the data Integrity with efficient data dynamic operations and public verifiability. Similarly,Wang et al. [5] propos
ed a flexible distributed verification protocol to ensure the dependability, reliability and correctness of outsourced data in the cloud by utilizing homomorpic token and distributed erasure coded data. This scheme allow urs to audit the outsourced data with less communication and computation cost. Simultaneously, it detects the malfunctioning rvers. In their subquent work, Wang et al. [6] developed a privacy-prerving data storage curity in cloud computing. Their construction utilizes and uniquely combines the public key bad homomorpic authenticator with random masking while achieving the Integrity and privacy from the auditor. Similarly, Hao et al. [7] propod a privacy-prerving remote data Integrity checking protocol with data dynamics and public verifiability. This protocol achives the deterministic guaranty of Integrity and does not leak any information to third party auditors. Zhuo et al. [8] designed a dynamic audit rvice to verify the Integrity of outsourced data at untrusted cloud rvers. Their audit system can support public verifiability and timely abnormal detection with help of fragment structure, random sampling and index hash table. Yang et al. [9] propod a provable data posssion of resource-constrained mobile devices in cloud computing. In their framework, the mobile terminal devices only need to generate some cret keys and random numbers with the help of trusted platform model (TPM) chips, and the needed computing workload and storage space is fit for the mobile devices by using bilinear signature and Merkle hash tree (MHT), this scheme aggregates the verification tokens of the data file into one small signature to reduce the communication and storage burden.
Although, all the schemes achieved the Integrity of remote data assurance under different systems, they do not provide a strong integrity assurance to the clients becau their verification process using pudorandom quence. If we u pudorandom quence to verify the remote data Integrity, sometimes they may not detect the data modifications on data blocks. Since pudorandom quence is not uniform (uncorrelated numbers), it does not cover the entire file while generating Integrity proof for a challenge. Therefore, probabilistic Integrity checking methods using pudorandom quence may not provide strong Integrity assurance to ur’s data stored in remotely.
To provide better Integrity assurance, Syam et al. [10] propod a homomorpic distributed verification protocol using Sobol quence instead of pudorandom quence [2-9]. Their protocol ensures the A vailability, Integrity of data and also detects the data corruption efficiently. In their subquent work, Syam et al. [11] described a RSA-bad Dynamic Public Audit protocol for integrity verification of data stored in cloud. This scheme gives probabilistic proofs bad on random challenges and like [10] it also detects the data modification on file. Similarly, Syam et al. [12] developed an Efficient and Secure protocol for both Confidentiality and
Integrity of data with public verifiability and dynamic operations. Their construction us Elliptic Curv
e Cryptography instead of RSA becau ECC offers same curity as RSA with small key size. Later, Syam et al.[13] propod a publicly verifiable Dynamic cret sharing protocol for A vailability, Integrity, Confidentiality of data with public verifiability.
Although all the schemes achieved the integrity of remote data under different systems with Single TPA, but in single auditor verification protocols, they u only one Third Party A uditor (TPA) to verify the Integrity of data bad Challenge-Respon Protocol. However, in this single Auditor system, if TPA system will crash due to heavy workload then whole verification process will be aborted.
III.PROBLEM STATEMENT
A.Problem Definition
In cloud data storage, the client stores the data in cloud via cloud rvice provider. Once data moves to cloud he has no control over no curity for outsourced data stored in cloud, even if Cloud Service Provider (CSP) provides some standard curity mechanism to protect the data from attackers but still there is a possibility threats from attackers to cloud data storage, since it is under the control of third party provider, such as data leakage, data corruption and data loss. Thus, how can ur efficiently and frequently verify that whether cloud rver storing data correctly or not? A nd
will not be tampered with it. We note that the client can verify the integrity of data stored in cloud without having a local copy of data and any knowledge of the entire data. In ca clients do not have the time to verify the curity of data stored in cloud, they can assign this task to trusted Third Party Auditor (TPA). The TPA verifies the integrity of data on behalf of clients using their public key.
B.System Architectureconveying
The network reprentation architecture for cloud data storage, which consists four parts: tho are Client, Cloud Service Provider (CSP), Third Party A uditors (TPA s) and SUBTPAS as depicted in Fig 1:
Fig 1: Cloud Data Storage Architecture Client: - Clients are tho who have data to be stored, and accessing the data with help of Cloud Service Provider (CSP). They are typically desktop computers, laptops, mobile phones, tablet computers, etc.
Cloud Service Provider (CSP):- Cloud Service Providers (CSPs) are tho who have major resources and experti in building, managing distributed cloud storage rvers and provide applications, infrastructure, hardware, enabling technology to customers via internet as a rvice.
Third Party Auditor (TPA):- Third Party Auditor (TPA) who has experti and capabilities that urs may not have and he verify the curity of cloud data storage on behalf of urs. SUBTPAS: the SUBTPA s verifies the integrity of data concurrently under the control of TPA
Throughout this paper, terms verifier or TPA and rver or CSP are ud interchangeably
C.Security Threats
The cloud data storage mainly facing data corruption challenge:
Data Corruption: cloud rvice provider or malicious cloud ur or other unauthorized urs are lf interested to alter the ur data or deleting.
There are two types of attackers are disturbing the data storage in cloud:
1) Internal Attackers: malicious cloud ur, malicious third party ur (either cloud provider or customer organizations) are lf interested to altering the ur’s personal data or deleting the ur data stored in cloud. Moreover they decide to hide the data loss by rver hacks or Byzantine Failure to maintain its reputation
2) External Attackers: we assume that an external attacker can compromi all storage rvers, so that he can intentionally modify or delete the ur’s data as long as they are internally consistent.
D.Goals
In order to address the data integrity stored in cloud computing, we propo an Efficient Distribution Verification Protocol for ensuring data storage integrity to achieve the following goals:
Integrity: the data stored safely in cloud and maintain all the time in cloud without any alteration.
Low-Overhead: the propod scheme verifies the curity of data stored in cloud with less overhead.
E.Preliminaries and Notations
•f key(.)- Sobol Random Function (SRF) indexed on some key, which is defined as
f : {0,1}* ×key-GF (2w).
•ʌkey– Sobol Random Permutation (SRP) indexed under key, which is defined as
ʌ : {0,1}log2(l) × key –{0,1}log2(l) .
IV. EFFICENT DISTRIBUTION VERIFICATION
PROTOCOL:EDVP The EDVP protocol is designed bad on RSA -bad Dynamic Public A udit Protocol (RSA -DPA P), which is propod by Syam et al.[11]. In EDVP, we are mainly concentrating on verification pha of RSA -DPA P. The EDVP contains three phas: 1) Key Distribution, 2) Verification Process 3) Validating Integrity. The process of EDVP is: first, the TPA generates the keys and distribute to SUBTPA s. Then the SUBTPA s verify the integrity of data and gives result to main TPA. Finally, the main TPA validates the integrity by obrving the report from SUBTPAs.
A. Key Distribution
In key distribution, the TPA generates the random key
and distributes it to his SUBTPAs as follows:
The TPA first generates the Random key by using Sobol
高二英语完形填空Random Function [15] then Compute
)(1i f K k =
Where1 i n and the key is indexed on some (usually cret) key: f :{0,1}*
× keyĺZ p Then, employ (m, n ) cret sharing scheme [14] and
partition the random key K into n pieces. To divide K into n
pieces, the client lect a polynomial a(x) with degree m-1and
computes the n pieces: −++++=m j i i a i a i a K K (2)
¦
−=+=1
1
m j j j i i a K K (3)
A fter that TPA choos nSUBTPA s and distributes n pieces to them. The procedure of key distribution is given in algorithm 1.
Algorithm 1: Key Distribution
1.
1. Generates a random key K using Sobol Sequence. )(1i f K k =
2. Then, the TPA partition the K into n pieces using (m,
n) cret sharing scheme
3. TPA lect the Number of SUBTPAs: n, and threshold value m;
4. for i ĸ1 to n do
5. TPA nds k i to the all SUBTPA i s
6. end for
7. end
B. Verification Process
In verification process, all SUBTPAs verify the Integrity of data and give results to the TPA, if m SUB
TPAs respons meet the threshold value then TPA says that Integrity of data is valid. At a high level, the protocol operates like this: A TPA assigns a local timestamp to every SUBTPA of its operations. Then, every SUBTPA maintains a timestamp vector T in its
trusted memory. A t SUBTPA i , entry T[j] is equal to the
timestamp of the most recently executed operation by SUBTPA j in some view of SUBTPA i .
To verify the Integrity of data, each SUBTPA creates a challenge and nds to the CSP as follows: first SUBTPA generates t of Random indices c of t [1, n] using Sobol Random Permutation (SRP) with random key
)(c j j K π= (4) Where 1 c l and ʌkey (.) is a Sobol Random Permutation (SRP), which is indexed under key: ʌ : {0,1}log2(l ) ×key–{0,1} log2(l ).
Next, each SUBTPA also choos a fresh random key r j, where
r j = )(2l f k (5)
Then, creates a challenge chal ={j, r j } is pairs of random indices and random values. Each SUBTPA
nds a challenge to the CSP and waits for the respon. The CSP computes a respon to the corresponding SUBTPA challenges and nd respons back to SUBTPAs.
When the SUBTPA receives the respon message, first he checks the timestamp, it make sure that V T (using vector
comparison) and that V [i] = T[i]. If not, the TPA aborts the
operation and halts; this means that rver has violated the consistency of the rvice. Otherwi, the SUBTP COMMITS the operation and check if stored metadata and respon (integrity proof) is correct or not? If it is correct,
then stores TRUE in its table and nds true message to TPA, otherwi store FALSE and nd a fal signal to the TPA for corrupted file blocks. The detailed procedure of verification process is given in algorithm 2. Algorithm 2: Verification Process 1. Procedure: Verification Process 2. Timestamp T
3. Each SUBTPA i computes
4. Compute )(c j SRP
k π=
5. the Generate the sobol random key r j
antennashop6. Send (Chal=(j, r j ) as a challenge to the CSP;
7. the rver computes the Proof PR i nd back to the
SUBTPAs;
8. PR i ĸReceive(V);
9. If (V T V [i] = T[i]) 10. return COMMIT then
做家教一般多少钱11. if PR i equals to Stored Metadata then 12. return TRUE;
13. Send Signal, (Packet j , TRUE i ) to the
TPA
14. el
bernanke
15. return FALSE;
16. Send Signal, (Packet i , FALSE i ) to the TPA; 17. end if 18. el
19. ABORT and halt the process 20. e nd if 21. e nd
(1)
C.Validating Integrity
To validate the Integrity of the data, the TPA will receive the report from any subt m out of n SUBTPAs and validates the Integrity. If the m SUBTPA s give the TRUE signal to TPA, then the TPA decides that data is not corrupted otherwi he decides that data has been corrupted. In the final step, the TPA will give an A udit result to the Client. In algorithm 3, we given the process of validating the Integrity, in which, we generalize the Integrity of the verification protocol in a distributed manner. Therefore, we can u distribution verification on scheme [11].
Algorithm 3: Validating Integrity
1.Procedure: validation(i)
2.TPA receives the respon from the m SUBTPAs
3.for iĸ1 to m do
4.If(respon==TRUE)
5. Integrity of data is valid
新概念mp36. el if(respon==FALSE)
7. Integrity is not valid
V.A NALYSIS OF EDVP
In this ction, we analy the curity, and performance of EDVP.
A.Security Analysis
In curity analysis, we analyze the Integrity of the data in terms of probability detection.
Probability Detection:
It is very natural that verification activities would increa the communication and computational overheads of the system. To enhance the performance, we ud Secret sharing technique [14] to distribute the Key k that provides minimum communication and tractable computational complexity. Thus, it reduces the communication overhead between TPA and SUBTPAs. For a new verification, the TPA can change the Key K for any SUBTPA and nd only the different part of the multit elements to the SUBTPA. In addition, we ud probabilistic verification scheme bad on Sobol Sequences that provides uniformity not only for whole quences but also for each subquences, so each SUBTPA will independently verify over the entire file blocks. Thus, there is a high probability to detect fault location very quickly. Therefore, a Sobol quence provides strong Integrity proof for the remotely stored data.
The probability detections of data corruptions of this protocol same as previous protocols [9-12].
In EDVP, we u Sobol random quence generator to generate the file block number, becau quence are uniformly distributed over [0, 1] and cover the whole region. To make integers, we multiply constant powers of two with the generated quences. Here, we consider one concrete example, taking 32 numbers from the Sobol quences.
B. B. Performance Analysis and Experimental Results
In this ction, we evaluate the performance of the
verification time for validating Integrity and compare the
experimental results with previous single verifier bad
protocol [11] as shown in Tables 1-3. In Table 4 and 5, we
have shown that the Computation cost of the Verifier and CSP
respectively.
Table 1: Veri ication times (Sec) with 5 veri iers when
different percentages of 100000 blocks are corrupted
Corruption data in percentage
Single Verifier
bad Protocols[11]
EDVP[5 verifiers]
1% 25.99 12.14
5% 53.23 26.55 10% 70.12 38.63
15% 96.99 51.22
20% 118.83 86.44
30% 135.63 102.89
40% 173.45 130.85
50% 216.11 153.81 Table 2: Verif ication times (Sec) with 10 Verif iers
when di f f erent percentages o f 100000 blocks are corrupted
Corruption data in percentage Single Verifier bad
Protocols[11]
EDVP[10
verifiers]
1% 25.99
08.14 5% 53.23
18.55 10% 70.12 29.63 15% 96.99 42.22 20% 118.83 56.44 30% 135.63 65.89 40% 173.45 80.85 50% 216.11 98.81
