Panda: Public Auditing for Shared Data with Efficient
User Revocation in the Cloud
ABSTRACT:
With data
storage and sharing services in the cloud, users can easily modify and share
data as a group. To ensure shared data integrity can be verified publicly,
users in the group need to compute signatures on all the blocks in shared data.
Different blocks in shared data are generally signed by different users due to
data modifications performed by different users. For security reasons, once a
user is revoked from the group, the blocks which were previously signed by this
revoked user must be re-signed by an existing user. The straightforward method,
which allows an existing user to download the corresponding part of shared data
and re-sign it during user revocation, is inefficient due to the large size of
shared data in the cloud. In this paper, we propose a novel public auditing
mechanism for the integrity of shared data with efficient user revocation in
mind. By utilizing the idea of proxy re-signatures, we allow the cloud to
resign blocks on behalf of existing users during user revocation, so that existing
users do not need to download and re-sign blocks by themselves. In addition, a
public verifier is always able to audit the integrity of shared data without
retrieving the entire data from the cloud, even if some part of shared data has
been re-signed by the cloud. Moreover, our mechanism is able to support batch
auditing by verifying multiple auditing tasks simultaneously. Experimental
results show that our mechanism can significantly improve the efficiency of
user revocation.
EXISTING SYSTEM:
In existing
mechanisms, a signature is attached to each block in data, and the integrity of
data relies on the correctness of all the signatures. One of the most
significant and common features of these mechanisms is to allow a public
verifier to efficiently check data integrity in the cloud without downloading
the entire data, referred to as public auditing. This public verifier could be
a client who would like to utilize cloud data for particular purposes or a
thirdparty auditor (TPA) who is able to provide verification services on data
integrity to users. With shared data, once a user modifies a block, she also
needs to compute a new signature for the modified block. Due to the
modifications from different users, different blocks are signed by different
users. For security reasons, when a user leaves the group or misbehaves, this
user must be revoked from the group. As a result, this revoked user should no
longer be able to access and modify shared data, and the signatures generated
by this revoked user are no longer valid to the group. Therefore, although the
content of shared data is not changed during user revocation, the blocks, which
were previously signed by the revoked user, still need to be re-signed by an
existing user in the group. As a result, the integrity of the entire data can
still be verified with the public keys of existing users only.
DISADVANTAGES
OF EXISTING SYSTEM:
1. Straightforward
method may cost the existing user a huge amount of communication and
computation resources.
2. The number of
re-signed blocks is quite large or the membership of the group is frequently
changing.
PROPOSED SYSTEM:
In this paper,
we propose Panda, a novel public auditing mechanism for the integrity of shared
data with efficient user revocation in the cloud. In our mechanism, by
utilizing the idea of proxy re-signatures, once a user in the group is revoked,
the cloud is able to resign the blocks, which were signed by the revoked user, with
a re-signing key. As a result, the efficiency of user revocation can be significantly
improved, and computation and communication resources of existing users can be
easily saved. Meanwhile, the cloud, which is not in the same trusted domain
with each user, is only able to convert a signature of the revoked user into a
signature of an existing user on the same block, but it cannot sign arbitrary
blocks on behalf of either the revoked user or an existing user. By designing a
new proxy re-signature scheme with nice properties, which traditional proxy
resignatures do not have, our mechanism is always able to check the integrity
of shared data without retrieving the entire data from the cloud. Moreover, our
proposed mechanism is scalable, which indicates it is not only able to
efficiently support a large number of users to share data and but also able to
handle multiple auditing tasks simultaneously with batch auditing. In addition,
by taking advantages of Shamir Secret Sharing, we can also extend our mechanism
into the multi-proxy model to minimize the chance of the misuse on re-signing keys
in the cloud and improve the reliability of the entire mechanism.
ADVANTAGES
OF PROPOSED SYSTEM:
1. It follows
protocols and does not pollute data integrity actively as a malicious
adversary.
2. Cloud data
can be efficiently shared among a large number of users, and the public
verifier is able to handle a large number of auditing tasks simultaneously and
efficiently.
SYSTEM
REQUIREMENTS:
HARDWARE REQUIREMENTS:
Ø
System : Pentium IV 2.4 GHz.
Ø
Hard Disk :
40 GB.
Ø
Floppy Drive : 1.44
Mb.
Ø
Monitor : 15
VGA Colour.
Ø
Mouse :
Logitech.
Ø Ram : 512 Mb.
SOFTWARE
REQUIREMENTS:
Ø Operating system : Windows
XP/7.
Ø Coding Language : ASP.net,
C#.net
Ø Tool : Visual Studio 2010
Ø Database : SQL
SERVER 2008
REFERENCE:
Boyang Wang,
Baochun Li, Member, IEEE, and Hui Li, Member, IEEE “Panda: Public Auditing
for Shared Data with Efficient User Revocation in the Cloud ”IEEE Transactions
on Services Computing,
VOL. X, NO. X, XXXX 2014
No comments:
Post a Comment