ID-DPDP scheme for

Storing authorized
Distributed data in
Cloud

Under the guidance of: Presented By

Mr.R.G.Suresh Kumar J.Suganthi
HOD M.Tech-Final Year(CSE)
Agenda
 Abstract (Base Paper)
 Abstract (Proposed System)
 Cloud Computing
 Objectives
 Literature survey
 Problem Identification
 Problem solution
 Architecture Diagram
 Challenges
 Conclusion
 Plan for phase-II
 References
Abstract (Base Paper)
 Cloud computing will provide various elastic and IT
scalable services in a pay-as-you-go fashion. Users of cloud
storage services no longer physically maintain direct control
over their data, which makes data security one of the major
concerns of using cloud. In this paper they describes a
formal analysis for possible types of fine-grained data
updates and propose a provable data possession(PDP)
scheme that can fully support authorized auditing and fine-
grained update requests.
Abstract (Proposed System)
 In cloud computing environment, data owners usually host
extensive data on the cloud servers where clients access the data
without knowing actual location. Due to this data outsourcing on
un-trusted servers, efficient and reliable verification of the
outsourced data becomes an open challenge in data security of
Cloud Storage. The existing system does not provide security for
attacks in storing data in clouds. The proposed system can
provide security against for Collusion attack, DDOS attack. For
achieving the efficiency of cloud storage, the proposed scheme
ID-DPDP (Identity based Distributed Provable Data Possession)
will provides flexible data segmentation with additional
authorization process among the three participating parties of
client, server and a third-party auditor (TPA).
Cloud Computing
 Cloud Computing is a technology to deliver applications as a
services over the Internet and the hardware and system
software in data centers that provide those services.

 The Cloud services are provided in form of,

Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Objectives
 To formally analyze different types of fine grained dynamic data
update requests on varying block sizes in a single data set.

 To eliminate the unauthorized audit challenges from malicious or

fake third party auditors.

 To improve the authorization process between the auditor and cloud

service provider.

 To improve the security of outsourcing data in cloud.

Literature Survey
Reference paper - 1
 Title - Cooperative Provable Data Possession for Integrity Verification
in Multi cloud Storage

 Abstract
Provable data possession (PDP) is a technique for ensuring the
integrity of data in storage outsourcing. In this paper, they address the
construction of an efficient PDP scheme for distributed cloud storage
to support the scalability of service and data migration, in which they
consider the existence of multiple cloud service providers to
cooperatively store and maintain the clients’ data. They present a
cooperative PDP (CPDP) scheme based on homomorphic verifiable
response and hash index hierarchy and prove the security of proposed
scheme based on multiprover zero-knowledge proof system.
Cont…
Advantages
 The CPDP approach allows parallel computing and provides support
for large file storage on cloud.
 In CPDP the data integrity verification can be done in parallel and
data storages can be on multiple clouds.

Disadvantages
 The Existing PDP schemes mainly focus on single cloud storage.
 The numbers of updates and challenges are limited.
Cont…
 Conclusion
In this paper, they presented the construction of an
efficient PDP scheme for distributed cloud storage. Based on
homomorphic verifiable response and hash index hierarchy,
they have proposed a cooperative PDP scheme to support
dynamic scalability on multiple storage servers.
Reference paper - 2
 Title - scalable and efficient provable data possession

 Abstract
In storage outsourcing the main issue is how to frequently,
efficiently and securely verify that a storage server is faithfully
storing its client’s (potentially very large) outsourced data. The
problem is exacerbated by the client being a small computing
device with limited resources. In this paper they construct a
highly efficient and provably secure PDP technique based
entirely on symmetric key cryptography, while not requiring any
bulk encryption.
Cont…
Advantages
 The SPDP scheme, as relies only on efficient symmetric key
operations in both setup and verification phases.

 It does not requires bulk encryption of outsourced data.

Disadvantage
 It does not support fully dynamic data operations.
Cont..
Conclusion
They developed and presented a step-by-step design of a very
light-weight and provably secure PDP scheme. However, since it
is based upon symmetric key cryptography, it is unsuitable for
public (third-party) verification.
Reference paper - 3
 Title - Remote Data Checking Using Provable Data
Possession

 Abstract
A client that has stored data at an untrusted server can verify that
the server possesses the original data without retrieving it. The
client maintains a constant amount of metadata to verify the proof.
Thus, the PDP model for remote data checking is lightweight and
supports large data sets in distributed storage systems. They
propose a generic transformation that adds robustness to any
remote data checking scheme based on spot checking.
Cont…
Advantages
 Spot checking allows clients to randomly check data

integrity.
 PDP model for remote data checking is lightweight and

supports large data sets in distributed storage systems.

Disadvantages
 The Existing PDP model supports limited data sets.
 The Existing challenge/response protocol transmits a

small, constant amount of data, which minimizes

network communication.
Cont…
 Conclusion:
In this paper they introduced a model for provable data
possession (PDP), in which it is desirable to minimize the file
block accesses, the computation on the server, and the client–
server communication. Key components of our schemes are
the support for spot checking, which ensures that the schemes
remain lightweight, and the homomorphic verifiable tags,
which allow to verify data possession without having access to
the actual data file.
Reference paper - 4
 Title - Dynamic Data Possession Checking for Secure Cloud
Storage Service

 Abstract
Using cloud storage service, data owners can access their data
anywhere at any time and enjoy the on demand high quality
applications and services, without the burden of local data
storage and maintenance. To verify the integrity of data stored in
cloud and relieve the security concerns of customers, a privacy
preserving possession checking (DPC) scheme is presented. This
scheme uses Merkle Hash Tree to support fully dynamic data
operations.
Cont…
Advantages
 The proposed scheme , privacy preserving data possession
checking (DPC) preserves the privacy of the data in cloud
storage.
 Based on bilinear map and Merkle Hash Tree, support fully
dynamic data operations.

Disadvantage
 In Existing System there is a the risk of losing data stored in

cloud storage.
Cont…
Conclusion:
In this paper, the proposed dynamic data possession
checking scheme has several advantages over existing
techniques. It uses BLS signature technique to enable public
checking, which also preserves the privacy from checkers. It
fully supports the dynamic data operation.
Reference paper - 5
 Title - Public Auditing of Big Data with Fine Grained Updates
on Cloud

 Abstract
Now a days various data will be generated by the organization,
government or business industry are managed by a external
storage provider called CSS (Cloud Storage Service). As the TPA
is an external agent, it can also be malicious or it can misuse the
user’s data stored in Cloud storage. So this paper focuses on
checking the authenticity of the TPA and the proposed scheme will
support fine grained data updates with less communication
overhead.
Cont…
Advantages
 Proposed system implemented some methodology (SLA
signing) to verify TPA’s integrity.
 It support fine-grained data update with less communication
overhead .

Disadvantage
 TPA is an external agent, it can also be malicious or it can

misuse the user’s data stored in Cloud storage.

Cont…
 Conclusion
This paper presents an overview of trusting a third party.
The proposed system uses a signature scheme which cannot be
forged so that it will prevent malicious TPAs. It provides a
feature of fine-grained dynamic data update which increases
the efficiency of update process.
Problem Identification
 Problem 1: The Existing authorization scheme could not focuses on server-
side protection.

 Problem 2: In authentication process some computations are performed in

transparent way.

 Problem 3: Existing data auditing schemes already have various properties,

potential risks and inefficiency such as security risks in unauthorized
auditing requests and inefficiency in processing small updates still exist.

 Problem 4: The verification for proper data tends to be very simple, so that
unauthorized person sends auditing service message to server. This creates
many issue like distributed denial of service.
Problem Solution
 Solution for problem 4: To achieve scalability and efficiency of
a cloud storage server, our proposed schemes utilizes a flexible
data segmentation strategy by ID-DPDP (Identity-Based
Distributed Provable Data Possession).

 Based on the client’s authorization, the proposed ID-DPDP

protocol can realize private verification, delegated verification
and public verification.
Architecture Diagram
 Request Phase
4.Splitted CS 1
PRIVATE KEY meta data
GENERATOR

1.Sending 2.Sending 6.Transfers

request private 3.Client
COMBINER CS2
for private key to sends meta
key data with Challenge
client .
block tag query
.
pair to .
.
combiner .
.
5.Sends the
challenge query CS n
CLIENT’S
CLIENT DATA to combiner

VERIFIER
 Response Phase
Cs1 7.Aggregates the result

10.Finally
Client
Cs2 COMBINER Stores the
data
.
. in Cloud
. Storage
.
. 8.Sending the
CLOUD
result to the 9.If the result
Csn STORAGE
verifier & is valid means
then verifier it allow the
verifies the client to store
result the data
Cont…
 Step 1: In the phase Extract, PKG creates the private key for the client.
Based on the symmetric key algorithm, the secret key will be generated.

 Step 2: The client creates the block-tag pair using bilinear pairing and
uploads it to combiner.

 Step 3: The combiner distributes the block-tag pairs to the different

cloud servers according to the storage meta data.

 Step 4: The verifier sends the challenge to combiner and the combiner
distributes the challenge query to the corresponding cloud servers
according to the storage meta data.
Cont…
  Step 5: The cloud servers respond the challenge, and send it to the
combiner.

 Step 6: The combiner aggregates these responses from the cloud

servers and sends the aggregated response to the verifier.

 Step 7: Finally, the verifier checks whether the aggregated response

is valid and then the client will stores the data in cloud storage.
Challenges
 Cloud computing systems are based in a large datacenter so there
is difficulty in managing them.

 Transparency of outsourced data will provide security issue in

cloud auditing.

 In cloud third party auditing anyone can challenge the cloud

service provider for a proof of integrity of certain file.
Conclusion
Based on the case study of exiting techniques the major problems
are identified. In these problems some of the problems will be
solve by the proposed scheme ID-DPDP (Identity-Based
Distributed Provable Data Possession). The proposed scheme
that can fully support authorized auditing and full-grained
update requests in big data server. In future I will work on the
other problems.
Plan for phase-II
The main part of phase II is implementation. Implementation part
contains the ID-DPDP scheme which is used for data distribution
in cloud storage. For implementing the ID-DPDP scheme, first
understand the framework of ID-DPDP. Mainly the following
steps are included for builds the proposed scheme.

 Key Generation

 Tag Generation (Split the whole file F into n blocks, i.e., F = (F1,
F2, · · ·, Fn).)

 GenProof
References
 A. Juels and B. S. Kaliski. PORs: Proofs of retrievability for large files.
Cryptology ePrint archive, June 2007. Report 2007/243.
 C. C. Erway, A. Kupcu, C. Papamanthou, R. Tamassia. Dynamic Provable Data
Possession. CCS’09, 213-222, 2009.
 C. Wang, Q. Wang, K. Ren, and W. Lou, “Ensuring Data Storage Security in
Cloud Computing,” Proc. 17th Int’l Workshop Quality of nService (IWQoS
’09), 2009.
 C. Wang, Toward publicly auditable secure cloud data storage services, IEEE
Network, vol. 24, no. 4, pp. 19 24, 2010
 F. Liu, D. Gu and H. Lu, “An improved dynamic provable data possession
model”, Proc. of IEEE CCIS 2011, pp. 290-295, 2011
 G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, D.
Song. Provable Data Possession at Untrusted Stores. CCS’07, pp. 598-609,
2007.
Cont…
 G. Ateniese, R. DiPietro, L. V. Mancini, G. Tsudik. Scalable and Efficient
Provable Data Possession. SecureComm 2008, article 9, 2008.
 J. Yang, “Provable data possession of resource-constrained mobile devices in
cloud computing”,Journal of networks, vol. 6, No. 7, pp. 1033-1040, 2011
 R. Curtmola, O. Khan, R. Burns, G. Ateniese. MR-PDP: Multiple-Replica
Provable Data Possession. ICDCS’08, 411-420,2008.
 Y. Zhu, H. Wang, Z. Hu, G. J. Ahn, H. Hu, S. S. Yau. Efficient Provable Data
Possession for Hybrid Clouds. CCS’10, 756-758, 2010.
  Y. Zhu, H. Hu, G.J. Ahn, M. Yu. Cooperative Provable Data Possession for
Integrity Verification in Multi-Cloud Storage. IEEE Transactions on Parallel
and Distributed Systems, 23(12):2231-224, 2012.
 [21] Y. Deswarte, J. Quisquater, A. Saidane. Remote integrity checking. In
Proc. of Conference on Integrity and Internal Control in Information Systems
(IICIS’03), 2003.
Paper publication
 Published a paper title “Secure and trusty storage services in cloud
computing” in International Journal of Advanced Technology in
Engineering and Technology.

 Published a paper title “Grid computing based RSA security in

telemedicine centre using computer communication network” in
International Journal of Advanced Research in Communication
Engineering.