Department of Computing Science

Gov. College University Faisalabad

SYNOPSIS FOR MS(CS)

TITLE: An efficient approach for Data Storage security in the Cloud

Computing of IoT

Name of Student: Muti ur Rasool

Roll #: 2501

Supervisor: Dr. Saman Iftikhar

Supervisor Signature: _______________

Abstract
IoT is now a day an emerging field because of its performance, high availability, low cost. In IoT
many services are provided to the client by the cloud. Data store is main future that the cloud
service provides to the companies to store huge amount of storage capacity. But still many
companies are not ready to implement the cloud technology due to lack of proper security control
policy and weakness in protection which lead to many challenge in the cloud. The purpose of this
research is to prevent data access from unauthorized user, propose a distributed scheme to provide
security of the data in the cloud.This could be achieved by using homomorphism token with
distributed verification of erasure-coded data. The propose scheme perfectly stores data and
identifies any tamper at the cloud server. Thisresearch provides a process to avoid collision to
attack of server modification by unauthorized users.
Keyword: The CloudComputing in IoT, The Cloud Computing, Authentication, Homomorphism
Token, Collusion Attacks.
Introduction
The Internet of Things (IoT), sometimes referred to as the Internet of Objects, will
changeeverything—including ourselves. This may seem like a bold statement, but consider
theimpact the Internet already has had on education, communication, business,
science,government, and humanity. Clearly, the Internet is one of the most important and
powerfulcreations in all of human history.Now consider that IoT represents the next evolution of
the Internet, taking a huge leap in itsability to gather, analyze, and distribute data that we can turn
into information, knowledge,and, ultimately, wisdom. In this context, IoT becomes immensely
important.
In its broadest form, a ‘the cloud’ can be defined as “an elastic execution environmentof resources
involving multiple stakeholders and providing a metered serviceat multiple granularities for a
specified level of quality (of service).” .It is up to debate whether the Internet of Things is related
to the cloud systemsat all: Whilst the Internet of Things will certainly have to deal with
issuesrelated to elasticity, reliability and data management etc., there is an implicitassumption that
resources in the cloud are of a type that can host and/orprocess data—in particular storage and
processors that can form a computationalunit (a virtual processing platform). However, specialized
the clouds maye.g., integrate dedicated sensors to provide enhanced capabilities and the
issuesrelated to reliability of data streams etc. are principally independent of the typeof data source.
Though sensors as yet do not pose essential scalability issues,metering of resources will already
require some degree of sensor informationintegration into the cloud. The clouds may furthermore
offer vital support to theInternet of Things, in order to deal with a flexible amount of data
originating from the diversity of sensors and “smart things/objects.”Similarly, the cloud
conceptsfor scalability and elasticity may be of interest for the Internet of Thingsin order to better
cope with dynamically scaling data streams.
The cloud is a building block of the Future Internet and it is expectedthat the IoT will be the biggest
consumer of the cloud. The IoTapplications are composed of many detectors and services to
manage them andare very dynamic involving rapidly varying data volumes and rates. The
cloudsprovide an elastic facility to manage this variability. Of course a the cloud environmentcan
also provide the services for analysis of the data streams often associated with synchronous
simulation to aid the provision of information tothe end-user in an optimal form. The business
benefit occurs in applicationssuch as environmental monitoring, healthcare monitoring where the
high volumesand rates of data need rapid processing to information for understanding.
 Non Exhaustive view on the main aspect forming a the cloud System
Today, the 14th largest software company by market capitalization operates almost entirely in the
cloud, Gartner predicts that the bulk of new IT spending by 2016 will be for the cloud computing
platforms and applications with nearly half of large enterprises having the cloud deployments by
the end of 2017. "With 30 large public companies collectively representing more than $100 billion
in market capitalization and $12.5 billion in estimated 2013 revenue, the cloud computing industry
has officially come of age,". Yet despite the trumpeted business and technical advantages of the
cloud computing, many potential the cloud users have yet to join the cloud, and those major
corporations that are the cloud users are for the most part putting only their less sensitive data in a
the cloud. Lack of control in the cloud is the major worry. One aspect of control is transparency in
the cloud implementation – somewhat contrary to the original promise of the cloud computing in
which the cloud implementation is not relevant.
Transparency is needed for regulatory. The cloud represents a recent paradigm shift for the
provision of computing infrastructure which outsources computation and storage requirements of
applications and services to a managed infrastructure. Security Availability and Reliability are the
major concerns of cloud service users. The cloud computing inevitably poses new challenging
security threats for number of reasons.
 Cryptographic primitives for the purpose of data security protection ca not be directly
adopted due to the users‟ loss control of data in the cloud computing. The problem of
verifying correctness of data storage in the cloud is becomes even more challenging.
 The cloud computing is not just a third party data warehouse. The data stored in the cloud
may be frequently updated by the users, like deleting, modification, insertion, recording,
etc.to ensure storage correctness under dynamic data update, this dynamic feature also
makes traditional integrity insurance technique futile and entails new solutions.
In this research, we propose an effective and flexible distributed scheme with explicit dynamic
data support to ensure the correctness of users‟ data in the cloud .we rely on erasure correcting
code in the file distribution preparation to provide redundancies and guarantee the data
dependability. This construction drastically reduces the communication and storage overhead as
compared to the traditional replication-based file distribution techniques. By utilizing the
homomorphic token with distributed verification of erasure-coded data, our scheme achieves the
storage correctness insurance as well as data error localization: whenever data corruption has been
detected during the storage correctness verification, our scheme can almost guarantee the
simultaneous localization on data errors, i.e., the identification of the misbehaving server(s).
Review of Literature
(K.Divya et al, Sep-2014) Cloud storage enables users to remotely store their data and enjoy the
on-demand high quality cloud applications without the burden of local hardware and software
management. Though the benefits are clear, such a service is also relinquishing users’ physical
possession of their outsourced data, which inevitably poses new security risks towards the
correctness of the data in cloud. In order to address this new problem and further achieve a secure
and dependable cloud storage service, we propose in this paper a flexible distributed storage
integrity auditing mechanism, utilizing the homomorphic token and distributed erasure-coded data.
The proposed design allows users to audit the cloud storage with very lightweight communication
and computation cost. The auditing result not only ensures strong cloud storage correctness
guarantee, but also simultaneously achieves fast data error localization, i.e., the identification of
misbehaving server. Considering the cloud data are dynamic in nature, the proposed design further
supports secure and efficient dynamic operations on outsourced data, including block
modification, deletion, and append. Analysis shows the proposed scheme is highly efficient and
resilient against Byzantine failure, malicious data modification attack, and even server colluding
attacks.
(K.Gayathri et al, Dec-2013) Cloud Computing has been envisioned as the next-generation
architecture of IT Enterprise. It moves the application software and databases to the centralized
large data centers, where the management of the data and services may not be fully trustworthy.
This unique paradigm brings about many new security challenges, which have not been well
understood. This work studies the problem of ensuring the integrity of data storage in Cloud
Computing. The introduction of TPA eliminates the involvement of the client through the auditing
of whether his data stored in the cloud is indeed intact, which can be important in achieving
economies of scale for Cloud Computing. The support for data dynamics via the most general
forms of data operation, such as block modification, insertion and deletion, is also a significant
step toward practicality, since services in Cloud Computing are not limited to archive or backup
data only. We first identify the difficulties and potential security problems of direct extensions
with fully dynamic data updates from prior works and then show how to construct an elegant
verification scheme for the seamless integration of these two salient features in our protocol design.
In particular, to achieve efficient data dynamics, we improve the existing proof of storage models
by manipulating the classic Merkle Hash Tree construction for block tag authentication
(B.Anjani Kumar et al, Oct-2013) propose a flexible distributed storage integrity auditing
mechanism, utilizing the homomorphic token and distributed erasure-coded data. The proposed
design allows users to audit the cloud storage with very lightweight communication and
computation cost. The proposed scheme is highly efficient and resilient against Byzantine failure,
malicious data modification attack, and even server colluding attacks.
(Suganya, S. & Damodharan, P. Jul-2013) The proposed design allows users to monitor the
cloud storage with very lightweight communication and computation costs. This provides strong
cloud storage accuracy and also allows for faster fault location data, that is to say, the identification
of misbehaving server. The proposed design supports continued safe and efficient dynamic
activities, including block modification, deletion and append. The proposed system is very
effective against server colluding attacks and data modification attacks.
(Dr. Vinay Chavan & Prof Shubhangi A Shinde, Apr-2013) Cloud adoption may lead to
efficiency and effectiveness in developing and deploying the applications which leads to cost
benefit. According to the recent study the main obstacles for adopting cloud computing are
security, privacy and legal matters as it provides marginal solutions for adoption of cloud. The
main challenges faced by cloud adoption are data loss, data leakage, data integrity and data
availabilityUsers of the cloud want to ensure that data in the cloud are subject to unauthorized
access or corruption or modification and disclosure.In this paper we have discussed data security
challenges in cloud computing and implications associated with it.
(Rampal Singh et al, Dec-2012) proposed discussion on the cloud data storage security. The
security is an important aspect of quality of services. To ensures the correctness of user data in
cloud. They propose an effective and flexible distribution scheme two way handshakes based on
token management. By utilizing the homomorphic token with distributed verification of erasure-
coded data, our scheme achieves the integration of storage correctness insurance and data error
localization i.e., the identification of misbehaving server(s).
Material and Method
In the cloud data storage system, users store their data in the cloud and no longer possess the data
locally. Thus, the correctness and availability of the data files being stored on the distributed the
cloud servers must be guaranteed. Main scheme for ensuring the cloud data storage is presented in
this section.

First Phase

This part of the section is devoted to a review of basic tools from coding theory that is needed in
this scheme for file distribution across the cloud servers.

Second Phase

In this part of the section the homomorphic token will introduce. The token computation function
is considering that belongs to a family of universal hash function, chosen to preserve the
homomorphic properties, which can be perfectly integrated with the verification of erasure-coded
data. Subsequently, it is shown how to derive a challenge-response protocol for verifying the
storage correctness as well as identifying misbehaving servers.

Third Phase

Finally the procedure for file retrieval and error recovery based on erasure- correcting code will
also be outlined.

Final Phase

In this research propose a distributed scheme through homomorphism token with distributed
verification of erasure-coded data. Additionally, the technique provides a process to avoid
colluding attacks of server modification byunauthorized users.
REFERENCES
B.Anjani Kumar, K.Hari Prasad, C.Subash Chandra, “Homomorphic Token and Distributed
Erasure-Code for cloud” International Journal of Research in Computer and Communication
Technology, Vol 2, Issue 10, October- 2013.
K.Divya, P.Navya Sri, Tejavath Charan Singh, “Data Storage Transparent Security in Cloud
Computing” International Journal of Ethics in Engineering & Management Education, Volume 1,
Issue 9, September 2014.
K.Gayathri, P.Umamaheswari, P.Senthilkumar “Enabling Efficiency in Data Dynamics for
Storage Security in Cloud Computing” International Journal of Advanced Research in Computer
and Communication Engineering Vol. 2, Issue 12, December 2013.
Rampal Singh, Sawan Kumar, Shani Kumar Agrahari “Ensuring Data Storage Security in Cloud
Computing” IOSR Journal of Engineering, Vol. 2, Issue 12, December 2012.
Suganya, S. & Damodharan, P. “Current Trends in Engineering and Technology (ICCTET), 2013
International Conference” on 3 July 2013
Vinay Chavan, Prof Shubhangi A Shinde “Data Security in Cloud Computing: Major Concerns
and Implications” in National Conference on Emerging Trends: Innovations and Challenges in IT,
19 -20, April 2013.