19-04-2013, 03:43 PM
Data Integrity Proofs in Cloud Storage
Data Integrity Proofs.pdf (Size: 148.78 KB / Downloads: 30)
Abstract
Cloud computing has been envisioned as the de-facto
solution to the rising storage costs of IT Enterprises. With the
high costs of data storage devices as well as the rapid rate at
which data is being generated it proves costly for enterprises
or individual users to frequently update their hardware. Apart
from reduction in storage costs data outsourcing to the cloud
also helps in reducing the maintenance. Cloud storage moves the
user’s data to large data centers, which are remotely located,
on which user does not have any control. However, this unique
feature of the cloud poses many new security challenges which
need to be clearly understood and resolved.
INTRODUCTION
Data outsourcing to cloud storage servers is raising trend
among many firms and users owing to its economic advantages.
This essentially means that the owner (client) of the
data moves its data to a third party cloud storage server which
is supposed to - presumably for a fee - faithfully store the data
with it and provide it back to the owner whenever required.
As data generation is far outpacing data storage it proves
costly for small firms to frequently update their hardware
whenever additional data is created. Also maintaining the
storages can be a difficult task. Storage outsourcing of data
to a cloud storage helps such firms by reducing the costs
of storage, maintenance and personnel. It can also assure a
reliable storage of important data by keeping multiple copies
of the data thereby reducing the chance of losing data by
hardware failures.
RELATED WORK
The simplest Proof of retrivability (POR) scheme can be
made using a keyed hash function hk(F). In this scheme the
verifier, before archiving the data file F in the cloud storage,
pre-computes the cryptographic hash of F using hk(F) and
stores this hash as well as the secret key K. To check if the
integrity of the file F is lost the verifier releases the secret key
K to the cloud archive and asks it to compute and return the
value of hk(F). By storing multiple hash values for different
keys the verifier can check for the integrity of the file F for
multiple times, each one being an independent proof.
Though this scheme is very simple and easily implementable
the main drawback of this scheme are the high resource
costs it requires for the implementation. At the verifier
side this involves storing as many keys as the number of checks
it want to perform as well as the hash value of the data file
F with each hash key. Also computing hash value for even a
moderately large data files can be computationally burdensome
for some clients(PDAs, mobile phones, etc ). As the archive
side, each invocation of the protocol requires the archive
to process the entire file F. This can be computationally
burdensome for the archive even for a lightweight operation
like hashing. Furthermore, it requires that each proof requires
the prover to read the entire file F - a significant overhead for
an archive whose intended load is only an occasional read per
file, were every file to be tested frequently[3].
A DATA INTEGRITY PROOF IN CLOUD BASED ON
SELECTING RANDOM BITS IN DATA BLOCKS
The client before storing its data file F at the client should
process it and create suitable meta data which is used in the
later stage of verification the data integrity at the cloud storage.
When checking for data integrity the client queries the cloud
storage for suitable replies based on which it concludes the
integrity of its data stored in the client.
CONCLUSION AND FUTURE WORKS
In this paper we have worked to facilitate the client in
getting a proof of integrity of the data which he wishes
to store in the cloud storage servers with bare minimum
costs and efforts. Our scheme was developed to reduce the
computational and storage overhead of the client as well as
to minimize the computational overhead of the cloud storage
server. We also minimized the size of the proof of data
integrity so as to reduce the network bandwidth consumption.
At the client we only store two functions, the bit generator
function g, and the function h which is used for encrypting
the data. Hence the storage at the client is very much minimal
compared to all other schemes [4] that were developed. Hence
this scheme proves advantageous to thin clients like PDAs and
mobile phones.