Enabling data dynamic and indirect mutual trust for cloud computing storage systems
- 1. Enabling Data Dynamic and Indirect Mutual Trust for Cloud Computing Storage Systems Abstract: Currently, the amount of sensitive data produced by many organizations is outpacing their storage ability. The management of such huge amount of data is quite expensive due to the requirements of high storage capacity and qualified personnel. Storage-as-a-Service (SaaS) offered by cloud service providers (CSPs) is a paid facility that enables organizations to outsource their data to be stored on remote servers. Thus, SaaS reduces the maintenance cost and mitigates the burden of large local data storage at the organization’s end. A data owner pays for a desired level of security and must get some compensation in case of any misbehavior committed by the CSP. On the other hand, the CSP needs a protection from any false accusation that may be claimed by the owner to get illegal compensations. GLOBALSOFT TECHNOLOGIES IEEE PROJECTS & SOFTWARE DEVELOPMENTS IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS CELL: +91 98495 39085, +91 99662 35788, +91 98495 57908, +91 97014 40401 Visit: www.finalyearprojects.org Mail to:[email protected]
- 3. Existing System: Commonly, traditional access control techniques assume the existence of the data owner and the storage servers in the same trust domain. This assumption, however, no longer holds when the data is outsourced to a remote CSP, which takes the full charge of the outsourced data management, and resides outside the trust domain of the data owner. Existing research close to our work can be found in the areas of integrity verification of outsourced data, cryptographic file systems in distributed networks, and access control of outsourced data. Proposed System: In this paper, we propose a cloud-based storage scheme that allows the data owner to benefit from the facilities offered by the CSP and enables indirect mutual trust between them. The proposed scheme has four important features: (i) it allows the owner to outsource sensitive data to a CSP, and perform full block-level dynamic operations on the outsourced data, i.e., block modification, insertion, deletion, and append, (ii) it ensures that authorized users (i.e., those who have the right to access the owner’s file) receive the latest version of the outsourced data, (iii) it enables indirect mutual trust between the owner and the CSP, and (iv)it allows the owner to grant or revoke access to the outsourced data. We discuss the security issues of the proposed scheme. Besides, we justify its performance through theoretical analysis and experimental evaluation of storage, communication, and computation overheads. Modules : 1. Data Owner Registration 2. Data User Registration 3. TTP (TRUSTED THIRD PARTY) LOGIN 4. CSP(CLOUD SERVICE PROVIDER) LOGIN
- 4. 5. Download File Modules Description Data Owner Registration: In this module if a owner of data have to store data on a cloud server,he/she should register their details first.These details are maintained in a Database.Then he has to upload the file in a file database. The file which are stored in a database are in an encrypted form. Authorized users can only decode it. Data User Registration: In this module if a user wants to access the data which is stored in a cloud server,he/she should register their details first.These details are maintained in a Database. TTP (TRUSTED THIRD PARTY) LOGIN: In this module TTP has monitors the data owners file by verifying the data owner’s file and stored the file in a database .Also ttp checks the CSP(CLOUD SERVICE PROVIDER),and find out whether the csp is authorized one or not. CSP(CLOUD SERVICE PROVIDER) LOGIN: In this module CSP has to get the key first.Then only he can store the file in his cloud server.Ttp can only check the csp whether the csp is authorized csp or not.If its fake,ttp wont allow the file to store in cloud server.
- 5. BASED ON THIS PAPER: We propose a scheme that addresses some important issues related to outsourcing the storage of data, namely data dynamic, newness, mutual trust, and access control. System components and relations : The cloud computing storage model considered in this work consists of four main components as illustrated in Fig. 1: (i) a data owner that can be an organization generating sensitive data to be stored in the cloud and made available for controlled external use; (ii) a CSP who manages cloud servers and provides paid storage space on its infrastructure to store the owner’s files and make them available for authorized users; (iii) authorized users – a set of owner’s clients who have the right to access the remote data; and (iv) a trusted third party (TTP), an entity who is trusted by all other system components, and has expertise and capabilities to detect and specify dishonest parties. In Fig. 1, the relations between different system components are represented by double- sided arrows, where solid and dashed arrows represent trust and distrust relations, respectively. For example, the data
- 6. owner, the authorized users, and the CSP trust the TTP. On the other hand, the data owner and the authorized users have mutual distrust relations with the CSP. Thus, the TTP is used to enable indirect mutual trust between these three components. There is a direct trust relation between the data owner and the authorized users. Security requirements: Confidentiality: outsourced data must be protected from the TTP, the CSP, and users that are not granted access. Integrity: outsourced data is required to remain intact on cloud servers. The data owner and authorized users must be enabled to recognize data corruption over the CSP side. Newness: receiving the most recent version of the outsourced data file is an imperative requirement of cloud-based storage systems. There must be a detection
- 7. mechanism if the CSP ignores any data-update requests issued by the owner. Access control: only authorized users are allowed to access the outsourced data. Revoked users can read unmodified data, however, they must not be able to read updated/newblocks. CSP’s defence: the CSP must be safeguarded against false accusations that may be claimed by dishonest owner/users, and such a malicious behavior is required to be revealed. Download File: If the user is an authorized user,he/she can download the file by using key which has been sent by data owner through email. System Configuration:- H/W System Configuration:- Processor - Pentium –III Speed - 1.1 GHz RAM - 256 MB (min) Hard Disk - 20 GB Floppy Drive - 1.44 MB Key Board - Standard Windows Keyboard
- 8. Mouse - Two or Three Button Mouse Monitor - SVGA S/W System Configuration:- Operating System :Windows95/98/2000/XP Application Server : Tomcat5.0/6.X Front End : HTML, Java, Jsp Scripts : JavaScript. Server side Script : Java Server Pages. Database : My sql Database Connectivity : JDBC. Conclusion: Outsourcing data to remote servers has become a growing trend for many organizations to alleviate the burden of local data storage and maintenance. In this work we have studied different aspects of outsourcing data storage: block-level data dynamic, newness, mutual trust, and access control. We have proposed a cloud-based storage scheme which supports outsourcing of dynamic data, where the owner is capable of not only archiving and accessing the data stored by the CSP, but also updating and scaling this data on the remote servers. The proposed scheme enables the authorized users to ensure that they are receiving the most recent version of the outsourced data. Moreover, in case of dispute regarding data integrity/newness, a TTP is able to determine the dishonest party. The data owner enforces access27control for the outsourced data by combining three cryptographic techniques: broadcast encryption, lazy revocation, and key rotation. We have studied the security features of the proposed scheme. In this paper, we have investigated the overheads added by the proposed scheme when
- 9. incorporated into a cloud storage model for static data with only confidentiality requirement. The storage overhead is _0.4% of the outsourced data size, the communication overhead due to block-level dynamic changes on the data is _ 1% of the block size, and the communication overhead due to retrieving the data is _ 0.2% of the outsourced data size. For a large organization (data owner) with 100,000 users, performing dynamic operations and enforcing access control add about 0.62 seconds of overhead. Therefore, important features of outsourcing data storage can be supported without excessive overheads in storage, communication, and computation.