Secure and Dependable Storage
Services in Cloud Computing
ABSTRACT:
Cloud
storage enables users to remotely store their data and enjoy the on-demand high
quality cloud applications without the burden of local hardware and software
management. Though the benefits are clear, such a service is also relinquishing
users’
Physical possession of their
outsourced data, which inevitably poses new security risks towards the
correctness of the data in cloud.
In order to address this new problem and further achieve a secure and
dependable cloud storage service, we propose in this paper a flexible
distributed storage integrity auditing mechanism, utilizing the homomorphism
token and distributed erasure-coded data.
The proposed design allows users to audit the cloud storage with very
lightweight communication and computation cost. The auditing result not only
ensures strong cloud storage correctness guarantee, but also simultaneously
achieves fast data error localization, i.e., the identification of misbehaving
server. Considering the cloud data are dynamic in nature, the proposed design
further supports secure and efficient dynamic operations on outsourced data,
including block modification, deletion, and append. Analysis shows the proposed
Scheme is highly efficient and resilient against Byzantine failure, malicious
data modification attack, and even server colluding attacks.
INTRODUCTION:
Several trends are opening up the era of Cloud
Computing, which is an Internet- based development and use of computer
technology. The ever cheaper and more powerful processors, together with the
software as a service (SaaS) computing architecture, are transforming data
centers into pools of computing service on a huge scale. The increasing network
bandwidth and reliable yet flexible network connections make it even possible
that users can now subscribe high quality services from data and software that
reside solely on remote data centers.
In this
paper, we propose an effective and flexible distributed storage verification
scheme with explicit dynamic data support to ensure the correctness and
availability of users’ data in the cloud. We rely on erasure correcting code in
the file distribution preparation to provide redundancies and guarantee the
data dependability against Byzantine servers , where a storage server may fail
in arbitrary ways.
This construction
drastically reduces the communication and storage overhead as compared to the
traditional replication-based file distribution techniques. By utilizing the homomorphic
token with distributed verification of erasure-coded data, our scheme achieves
the storage correctness insurance as well as data error localization: whenever
data corruption has been detected during the storage correctness verification,
our scheme can almost guarantee the simultaneous localization of data errors,
i.e., the identification of the misbehaving server(s).
In order
to strike a good balance between error resilience and data dynamics, we further
explore the algebraic property of our token computation and erasure-coded data,
and demonstrate how to efficiently support dynamic operation on data blocks, while
maintaining the same level of storage correctness assurance.
In order
to save the time, computation resources, and even the related online burden of
users, we also provide the extension of the proposed main scheme to support
third-party auditing, where users can safely delegate the integrity checking
tasks to third-party auditors and be worry-free to use the cloud storage services.
Our work is among the first few ones in this field to consider distributed data
storage security in Cloud Computing.
Our contribution can be summarized as the following three aspects:
1)
Compared to many of its predecessors, which only provide binary results about
the storage status across the distributed servers, the proposed scheme achieves
the integration of storage correctness insurance and data error localization,
i.e., the identification of misbehaving server(s).
2)
Unlike most prior works for ensuring remote data integrity, the new scheme
further supports secure and efficient dynamic operations on data blocks,
including: update, delete and append.
3) The
experiment results demonstrate the proposed scheme is highly efficient.
Extensive security analysis shows our scheme is resilient against Byzantine
failure, malicious data modification attack, and even server colluding attacks.
SYSTEM ARCHITECTURE
G
H I=J K>?L@A=B?MNCDOEFP J IMQ =
No comments:
Post a Comment