International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
A Secure & Efficient Integrity Checking Mechanism With Data Dynamics In
Cloud Computing
Sree S Bhagya[1], Meharuniza Nazeem[2]
Asst.Prof. College of Engineering Karunagappally
Abstract
Cloud computing has become a significant technology
trend. The boom in cloud computing has brought lots of
security challenges for the consumers and service
providers. This study aims to identify the most
vulnerable integrity threats in cloud computing. In
order to achieve a secure and dependable cloud
storage service, a flexible distributed storage integrity
auditing mechanism, utilizing the homomorphic token
T
and distributed erasure coded data, is used. The
auditing result not only ensures strong cloud storage
SR
correctness guarantee, but also simultaneously
achieves fast data error localization and further
supports secure and efficient dynamic operations on
IJC
outsourced data.
1. Introduction
Cloud computing is the long dreamed vision of
computing as a utility [4], where data owners can
remotely store their data in the cloud to enjoy on-
demand high-quality applications and services from a
shared pool of configurable computing resources.
While data outsourcing relieves the owners of the
burden of local data storage and maintenance, it also
eliminates their physical control of storage
dependability and security, which traditionally has been
expected by both enterprises and individuals with high
service-level requirements.
Figure 1. A cloud environment
IJCSRTV1IS050077 www.ijcsrt.org
Vol. 1 Issue 5, October - 2013
Cloud Computing refers to both the applications
delivered as service over the Internet and the hardware
and systems software in the datacenters that provide
those services. The services themselves have long been
referred to as Software as a Service (SaaS), Platform as
a Service (PaaS), Infrastructure as a Service (IaaS). A
cloud storage system, consisting of a collection of
storage servers, provides long-term storage services
over the Internet having properties:
 On-demand Services.
 Hardware management is abstracted from
the customers.
 Infrastructure capacities are elastic and
can easily scale up and down.
 Omnipresent network access
 Location-independent resource pooling
 Rapid elasticity
 Measured service
One of the biggest concerns with cloud storage is
that of data integrity verification at untrusted servers
[6]. So here defining a generalization of how the clients
find an efficient way to perform periodic integrity
checks without the local copy of data. For this using a
flexible distributed auditing mechanism using erasure
coded data [3]. To enable public auditability utilize the
concept of Third Party Auditor (TPA) [1],[2]. Assume
that the TPA is reliable and independent and thus have
no incentive to collude with either the Cloud Servers or
Users. Also need to support dynamic operations on
cloud data files while maintaining the storage
correctness assurance since they can be of vital
importance to the practical application of storage
outsourcing services. Here assume that our scheme the
tokens cover random file rows. Thus need to perform
fewer computations and require less storage space for
the pre-computed tokens. The main advantage is that
the error detection probability in our scheme will be
very high than that of [2] & [3].
58

2. System Model
2.1. System Architecture
Figure 2. Cloud storage service architecture
Three different network entities can be identified as
follows [2], [3]:
• User: an entity, who has data to be stored in the
cloud and relies on the cloud for data storage and
computation, can be either enterprise or individual
customers.
• Cloud Server (CS): an entity, which is managed by
cloud service provider (CSP) to provide data storage
service and has significant storage space and
computation resources (we will not differentiate CS
and CSP hereafter.).
T
• Third Party Auditor (TPA): an optional TPA, who
SR
has expertise and capabilities that users may not have,
is trusted to assess and expose risk of cloud storage
services on behalf of the users upon request.
IJC
2.2. Design Goals
• Storage correctness: to ensure users that their data are
indeed stored appropriately and kept intact all the time
in the cloud.
• Fast localization of data error: to effectively locate the
malfunctioning server when data corruption has been
detected.
• Dynamic data support: to maintain the same level
of storage correctness assurance even if users
modify, delete or append their data files in the
cloud.
• Dependability: to enhance data availability against
Byzantine failures, malicious data modification and
server colluding attacks, i.e. minimizing the effect
brought by data errors or server failures.
• Lightweight: to enable users to perform storage
correctness checks with minimum overhead.
2.3. Notations and Preliminaries
F – The data file to be stored. F can be denoted as a
matrix of m equal-sized data vectors, each
consisting of l blocks.
A – The dispersal matrix used for Reed-Solomon
Coding.
G – The encoded file matrix, which includes a set of n,
IJCSRTV1IS050077
International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013
n = m + h vectors, each consisting of l blocks.
(·) – Pseudorandom function (PRF), which is
defined as f: × key → GF ( ).
(·) – Pseudorandom permutation (PRP), which is
defined as 𝞥: × key → .
3. Secure Cloud Storage
The correctness and availability of the data files
being stored on the distributed cloud servers must be
guaranteed. The key issues that are to be solved are:
 Effectively detect any unauthorised data
modification and corruption.
 To find which server the data error lies in.
 To recover the storage errors.
3.1. File Distribution
We rely on erasure correcting code in the file
distribution preparation. This provides redundancy and
guarantees the data dependability. Disperse F
redundantly across n = m+h servers. Reed Solomon
code R (m+h, h) can be used to derive h parity vectors
[7]. Thus the encoded file G = F. A will be stored in
cloud.
Figure 3. File Distributions
3.2. Challenge Token Pre-computation
To verify the correctness of cloud data we rely on
pre- computed tokens [2], [3]. Tokens are calculated
before the file distribution [5].
Algorithm: Token Pre-computation
1. Let r be the number of rows of file matrix
and t be the number of tokens such that
t< = r;
2. for vector , j ⟵ 1, n do
3. for round i ⟵ 1, t do
4. Derive random challenge value =
(i) and from .
www.ijcsrt.org 59

5. Compute tokens using
6. end for
7. end for
8. Store all the 𝒗i’s locally.
9. end procedure
Each token covers the random file rows, not
random subset of data blocks. After token generation,
they can be kept by the user locally or in cloud in
encrypted form, which is further used for the cloud data
correctness evaluation. For the data in the cloud, he
challenges the cloud servers with a set of randomly
generated block indices. Upon receiving challenge,
each cloud server computes a short “signature” over the
specified blocks and returns them to the user. The
values of these signatures should match the
corresponding tokens pre-computed by the user.
3.3. Correctness Verification & Error
Localization
For the correctness verification we are employing a
challenge-response protocol. Whenever we need to
check the correctness, make challenge to cloud servers
T
and compare the responses with the pre-computed
tokens. If they are matching, there will be no error; else
SR
the file is corrupted in those servers which sent
nonmatching response. Thus the scheme gives
information to locate potential data errors. Here the
IJC
challenge made will specify a particular file row index.
3.4. File Retrieval & Error Recovery
Once the data corruption is detected, next important
step is to recover the corrupted data and bring data
storage back to consistent state. User can recover the
corrupted data from those servers who sent correct
response. The newly recovered blocks can then be
redistributed to the misbehaving servers to maintain the
correctness of storage.
3.5. Third Party Auditing
The correctness validation and misbehaving server
identification for TPA is just similar to the previous
scheme. The only difference is that TPA does not have
to take away the blinding values in the servers’
response but verifies directly. As TPA does not know
the secret blinding key, there is no way for TPA to
learn the data content information during auditing
process. Therefore, the privacy preserving third party
auditing is achieved.
IJCSRTV1IS050077 www.ijcsrt.org
International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013
4. Dynamic Data Operations
It is crucial to consider the dynamic case, where a
user may wish to perform various block-level
operations of update, delete, append and insert to
modify the data file while maintaining the storage
correctness assurance. Dynamic operations are
performed by constructing the update matrix, where 0’s
indicate unchanged blocks of the data file.
4.1. Update
In cloud data storage, sometimes the user may
need to modify some data block(s) stored in the cloud,
from its current value to a new one, + Δ j. We
refer this operation as data update.
4.2. Delete
Sometimes, after being stored in the cloud, certain
data blocks may need to be deleted. The delete
operation considering here is a general one, in which
user replaces the data block with zero or some special
reserved data symbol. From this point of view, the
delete operation is actually a special case of the data
update operation.
4.3. Append
The user may want to increase the size of his
stored data by adding blocks at the end of the data file,
which we refer as data append. We anticipate that the
most frequent append operation in cloud data storage is
bulk append, in which the user needs to upload a large
number of blocks (not a single block) at one time.
4.4. Insert
An insert operation to the data file refers to an
append operation at the desired index position while
maintaining the same data block structure for the whole
data file, i.e., inserting a block F[j] corresponds to
shifting all blocks starting with index j + 1 by one slot.
Thus, an insert operation may affect many rows in the
logical data file matrix F, and a substantial number of
computations are required to renumber all the
subsequent blocks as well as re-compute the challenge-
response tokens. Hence, a direct insert operation is
difficult to support.
60
 International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013

6. Conclusion
In this paper the problem of data security in cloud
data storage (which is essentially a distributed storage
system) is investigated. To achieve the assurances of
cloud data integrity and availability and enforce the
quality of dependable cloud storage service for users,
an effective and flexible distributed scheme with
explicit dynamic data support, including block update,
delete, and append is proposed. This relies on erasure-
Figure 4. Logical Representation of Data Dynamics correcting code in the file distribution preparation to
provide redundancy parity vectors and guarantee the
data dependability. By utilizing the homomorphic
token with distributed verification of erasure-coded
5. Performance Analysis
data, this scheme achieves the integration of storage
In order to make the performance evaluation of
correctness insurance and data error localization. It also
the research work, we have to study the influence of
provides the extension to support third-party auditing.
following factors:
Through detailed security and extensive experiment
 number of misbehaving servers, ns
results, it is shown that the scheme is highly efficient.
 number of challenges required, nc
 file size, F
 number of blocks modified, nb
7. References
[1] Balakrishnan.S, Saranya.G, Shobana.S, Karthikeyan.S,
“Introducing Effective Third Party Auditing (TPA) for Data
T
Storage Security in Cloud,” in IJCST Vol. 2, Issue 2, June
SR
2011.
[2] Cong Wang, Qian Wang, Kui Ren, Ning Cao, Wenjing
Lou, “Towards Secure and Dependable Storage Services in
Cloud Computing ,” IEEE T. Services Computing 5(2): 220-
IJC

232 (2012)
[3] C. Wang, Q. Wang, K. Ren, and W. Lou, “Ensuring
data storage security in cloud computing,” in Proc. of
IWQoS’09, July 2009, pp.1–9.
Figure 5. The detection probability against data [4] Michael Armbrust, Armando Fox, Rean Griffith,
modification with ns=1 Anthony D. Joseph, Randy Katz, Andy Konwinski, Gunho
Lee, David Patterson, Ariel Rabkin, Ion Stoica, and Matei,
“Above the Clouds: A View of Cloud Computing,” UC
Berkeley Reliable Adaptive Distributed systems Laboratory
7
(RAD Lab).
6 [5] Venkatesha Kumar, Poornima G, “Ensuring Data
5
Conclusion Integrity in Cloud Computing,” EICA2012-4, February, 2012.
4
[6] Dalia Attas, Omar Batrafi, “Efficient Integrity Checking
1 KB
10KB
Technique for Securing Client Data in Cloud Computing,”
3
20 KB IJECS-IJENS Vol: 11 No: 05.
2 [7] S P Jaikar, M V Nimbalkar, “Securing Cloud Data
1
Storage,” ISSN: 2278-0661, Vol: 1, Issue 6, July 2012
[8] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou,
0
1 2 3 “Enabling Public Verifiability and Data Dynamics for
Storage Security in Cloud Computing,” in Proc. of
ESORICS’09, volume 5789 of LNCS. Springer- Verlag, Sep.
Figure 6. The detection probability 2009, pp. 355–370.
against data modification with nc=1 [9] M. A. Shah, M. Baker, J. C. Mogul, and R.
Swaminathan, “Auditing to Keep Online Storage Services
Honest,” in Proc. of HotOS’07. Berkeley, CA, USA:
USENIX Association, 2007, pp. 1–6.
[10] Kayalvizhi S, Jagadeeswari S, “Data Dynamics for
Storage Security and Public Auditability in Cloud
Computing,” Journal of Computer Applications ISSN: 0974 –
1925, Volume-5, Issue EICA2012-1, February 10, 2012.

IJCSRTV1IS050077 www.ijcsrt.org 61