Secure Mobile Data Outsourcing using ABE in Multi-Cloud Environment

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume 14 Issue 2 –APRIL 2015.

Secure Mobile Data Outsourcing using ABE in Multi-Cloud Environment VIJAY H. KALMANI#1 SANJAY SINGLA*2 Research Scholar, School of Engineering & Technology, Suresh Gyan Vihar University, Jaipur - 302025, India * Dean & Professor, School of Engineering & Technology, IET Bhaddal Technical Campus, Ropar, Punjab, India [email protected] #



Multi-Cloud environment can minimize the risk of keeping all the eggs in one basket. Fragmentation process can spilt the file into multiple fragments [7]. It offers a solution to store fragments of user‟s file in multiple servers controlled by a proxy server. Multi-Cloud architecture is definitely a better solution if seamless integration can be provided [2].

Abstract— Cloud Servers provide numerous services to its users including data storage services. Mobile users often rely on these services due to mobility, security and performance. As data storage capacity of mobile devices is comparatively lesser than traditional computing systems, cellular service providers offer users to store their data remotely so that it can be accessed on-demand and with high security. Data privacy is still a matter of concern for mobile users who outsource their multimedia content to remote cloud servers. We identify the threats involved in remote possession of multimedia data by mobile users and develop an architecture which can provide an ABE and multi-cloud based solution to mitigate these problems. There are lots of works done previously on data privacy on single storage servers but very less work on multi cloud servers. Our scheme guarantees complete security of data with privacy and lightweight integrity checking mechanism involving TPA. Experimental results reveal the efficiency of proposed framework and cryptographic security performance on RDA.

Same time due to huge capacity servers and trillions of file storage, data may face some bits corruptions. This has to be verified with integrity check remotely. This remote access for auditing is termed as RDA. In this paper, we propose a system for mobile users where complete confidentiality of their multimedia data can be ensured using multi-cloud servers and novel Remote Data Auditing (RDA) mechanism. Our work majorly concentrates on data privacy on untrusted servers and draws an architecture where a Proxy Server (PS) holds control of data flow among multiple storage servers. To maintain confidentiality of information, PS never stores raw or encrypted file in its own database but rather stores just the information related to file hashes and location details of files on other servers so that authorized access control can be given to data owners only.

Index Terms— Attribute Based Encryption, Multi-Cloud Outsourcing, Remote Data Auditing.

I. INTRODUCTION Cloud servers offer nearly unlimited amount of data storage on their servers and provide on-demand services [1]. Mobile devices carry a lot of multimedia data including images which results in heavy consumption of secondary memory. To offer a better service many service providers offer seamless integration of mobile devices with cloud servers for multimedia data storage. This feature gives user freedom of storing unlimited data on server, which costs as per the usage and can be accessed on-demand. Though having so many advantages in cloud storage, user‟s data always suffer with threats such as security and integrity [3,5].

Remote storage of data on cloud servers involves serious threats on data integrity. Our proposed RDA mechanism needs not require entire file content check but just the original hashes of the encrypted fragments are matched with the current fragment hashes. If the result comes true then files are certified to maintain integrity without any corrupt bits present. TPA need not see content of files here as integrity check can be done only with the hashes so privacy of data is maintained. For generation of hashes SHA-1 algorithm is used which provides feature of one way encryption and can‟t be decrypted.

As the physical possession of data does not exist with the user, there could be a security threat involved in it. Data has to be encrypted on the server for confidentiality maintenance [8, 12]. ABE (Attribute Based Encryption) solves this problem of data security and unauthorized access. ABE has a vital role in mobile data outsourcing. Attributes of user or device such as serial ID can be used for encryption purpose and access policies can be defined to control public access. Data owner has the flexibility to upload their data without worrying about access control rights as it is maintained by the storage servers so that only authorized user can access the data[4,6].

II. RELATED WORKS & PROBLEM ANALYSIS Related Works Cloud storage brings many security concerns and challenges. The problems could be anything like inappropriate trust level for the storage service provider or threats from hackers and attacker who misuse the information available on server or corrupt the precious data of user. The major issue on mobile data outsourcing could be misuse of it or violation in integrity of data.

92

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume 14 Issue 2 –APRIL 2015. The major concern is that of protected outsourcing of confidential and personal important files [10, 11]. To make the illicit user stay away from the cipher-processed files in the cloud storage, a Data Owner (DO) utilizes the ABE for admission control of encrypted files. In the previous research works, many cryptographic methods were analyzed which can offer good security, promise data secrecy, and avert conspiracy and attacks. Among those a cryptographic mechanism is ABE (Attribute-Based Encryption).

Privacy: Privacy of data can be provided by access controls so that only authorized people can access the data. Also for TPA verification of data, data owner identity should not be disclosed. There are lot of mechanisms available through which privacy can be maintained but still works are going on to make it stronger. Efficiency: Application needs efficiency in operations to maintain user‟s interest in using them. Efficiency can be enhanced by optimizing the code and normalizing the DB with indexing of the pages. But still if better results are expected then application use mechanisms which are most efficient and achieve required objectives within record time.

The initial idea of ABE was offered by Sahai and Waters in 2005 [14]. And after that a lot of ABE mechanisms were introduced. Access policy methods can be classified into two kinds, the key-policy and cipher text-policy ABE schemes. In Attribute-Based Encryption mechanisms, there are certificate issuers, DO (Data Owner) and users of the service (receiver) in this mechanism, and issuer‟s job is to produce keys for DO and receivers to cipher or decipher data.

Integrity: As data possession is on remote server, there is always a threat of data mishandling or corruption of files. To ensure the integrity various mechanisms are introduced till date which either lack in performance, time efficiency or privacy. There should be a mechanism which could balance all these with satisfactory results.

Multi-Cloud approach is a new mechanism to provide additional security on outsourced data. Encrypted fragments can be stored in multiple cloud servers in parts [9]. Alliance between numerous cloud-providers, like Amazon, Dropbox, MS Azure, offers new prospect for CSPs to present services that will help to give technology new trend and client‟s better service.

III. ABE IN MULTI-CLOUD SCHEME A. Multi-Cloud

In cloud storage servers, RDA (Remote Data Auditing) verification is a significant security aspect. The Data Owner‟s huge data would be out of their possession. The untrusted cloud server may alter the user‟s data to get benefits. Lots of scholars proposed the different schemes and security methods. In 2007, PDP (Provable Data Possession) concept was introduced by Ateniese et al. [15]. As per the PDP scheme, the auditor can remotely verify the genuineness of file with a good probability. Depending on the Rijndael scheme, they created 2 provably safe PDP mechanisms. Next, Ateniese et al. introduced dynamic PDP scheme and concrete method [16] though it doesn‟t carry insert function. Subsequent Ateniese et al.‟s innovative models, several RDA mechanisms and practices have been introduced [17, 18, 19, 20, 21, 22]. Shacham offered the initial POR (Proof of Retrievability) mechanism with provable security in 2008 [23]. As per the mechanism of POR, the auditor can verify the genuineness of remote data as well as fetch the remote data as and when required. The pioneering work can be seen in [24, 25, 26, 27]. In few scenarios, the user may hand over the remote verification task to TPA (Third Party Auditor). It is also considered as Third Party Auditing in Cloud Storage Technology [28, 29, 30, 13].

A universal concept behind using multi-cloud approach is to make data more secure and resilient from hacks. Multi-cloud offers us facility to store fragments of data on different storage servers. But the same time it requires a centralized authority called Proxy Server (PS). PS is the controlled head of the application which is responsible for all communications between storage servers and clients. The task of PS is to split the files into multiple fragments, generate and save hashes of the fragments using SHA-1 and send fragments to the CSPs for storage.

Problem Analysis B. ECC Algorithm

In spite of having too many advantages of remote data storage on cloud servers, there are four major threats involved in remote outsourcing of data on untrusted servers.

ECC is a well recognized algorithm which balances both security and efficiency metrics in encryption or decryption process. ECC is always used in combination with other algorithms such as DSA, AES, RSA, etc. With the study done previously on various algorithms performance, AES was concluded as one among the best so we proposed here to use ECIES i.e. ECC & AES combination to make sure better security and efficiency.

Security: The first and foremost threat is security of data. As mobile user doesn‟t have physical possession of data so data should always be in encrypted format on server and key should not be disclosed to the server also so that complete confidentiality of data can be maintained. Also data should not be stored on the single server so as to be secured from hackers. 93

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume 14 Issue 2 –APRIL 2015. De-Serialization 𝐹𝑖𝑙𝑒𝐼𝑛𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚 𝑓𝑖𝑙𝑒𝐼𝑛 = 𝒏𝒆𝒘 𝐹𝑖𝑙𝑒𝐼𝑛𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚(𝑭𝒊𝒍𝒆_𝑵𝒂𝒎𝒆); 𝑂𝑏𝑗𝑒𝑐𝑡𝐼𝑛𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚 𝑖𝑛 = 𝒏𝒆𝒘 𝑂𝑏𝑗𝑒𝑐𝑡𝐼𝑛𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚(𝑓𝑖𝑙𝑒𝐼𝑛); 𝑑𝑒𝑐 = (𝐸𝐶𝐼𝐸𝑆) 𝑖𝑛. 𝑟𝑒𝑎𝑑𝑂𝑏𝑗𝑒𝑐𝑡();

C. Fragmentation Fragmentation is a process where a file is split into multiple parts. This process is little critical due the complexities involved in it. As the file data has to be parsed in bits, there could be chances of a missing bit, which can corrupt entire file. Fragmented chunks again can be joined together to form an entire file.

E. RDA Remote Data Auditing (RDA) is a process in which user can check for integrity of their data without downloading entire file to their system. This mechanism is purely online and sometimes involves TPA (Third Party Auditor) entity for verification. There exists a major requirement for confidentiality of data from TPA. User‟s data or User‟s Identity should not be disclosed to the TPA. To achieve this function we use hash code matching technique which is highly efficient and robust. As fragments are generated from the file, hashes are generated through SHA-1 algorithm and are saved in proxy server for future verification purpose. In future if user requests for their file integrity check then the hash stored in DB is matched with the current hash of data and result is passed to the user.

D. Serialization & De-serialization

IV. SEF-MC ALGORITHM (STORAGE OF ENCRYPTED FRAGMENTS ON MULTI CLOUD)

Serialization is a process of storing data of an object in physical memory as a file. After the encryption process we get an object which hold all the encryption information regarding data and security certificates which has to be made persistent so that it can be used anytime after that. Reading the persistent file and converting its data to an object is known as de-serialization.

A. Preliminary Notations Notations 𝑈 𝐼𝑀𝐺 𝐼𝑀𝐺’ 𝐵 | 𝐵𝐼𝑀𝐺 𝐸𝑛𝑐(. . , . . ) 𝐷𝑒𝑐(. . , . . ) 𝐴 𝐶 | 𝐶𝐼𝑀𝐺 𝑆 | 𝑆𝐼𝑀𝐺

Serialization 𝐹𝑖𝑙𝑒𝑂𝑢𝑡𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚 𝑓𝑖𝑙𝑒𝑂𝑢𝑡 = 𝒏𝒆𝒘 𝐹𝑖𝑙𝑒𝑂𝑢𝑡𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚(𝑭𝒊𝒍𝒆_𝑵𝒂𝒎𝒆); 𝑂𝑏𝑗𝑒𝑐𝑡𝑂𝑢𝑡𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚 𝑜𝑢𝑡 = 𝒏𝒆𝒘 𝑂𝑏𝑗𝑒𝑐𝑡𝑂𝑢𝑡𝑝𝑢𝑡𝑆𝑡𝑟𝑒𝑎𝑚(𝑓𝑖𝑙𝑒𝑂𝑢𝑡); 𝑜𝑢𝑡. 𝑤𝑟𝑖𝑡𝑒𝑂𝑏𝑗𝑒𝑐𝑡(𝑒𝑛𝑐);

94

Meaning User Raw Image Encrypted Image Binary | Binary of Image Encryption Function Decryption Function Attribute Cipher Size | Size of Image

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume 14 Issue 2 –APRIL 2015. 𝐹𝑅 𝑇𝐹 𝐻 | 𝐻𝐹𝑅 O SHA ECC CS | PS

Fragment Total Number of Fragments Hash | Hash of Fragment Original Secure Hashing Algorithm Elliptic Curve Cryptography Cloud Server | Proxy Server

D. Implementation The above architecture represents a system where high level of security has to be implemented on Mobile User‟s outsourced multimedia data (images) over cloud storage. The system is majorly divided into four parts i.e. „n‟ number of data owners, one proxy server and two cloud data storage servers and one TPA. As users can access the application through Proxy server so as TPA too can access it from proxy server for verification of user‟s data. Data owners are allowed to stored the image files on server and retrieve it anytime for viewing. Proxy sever is liable to communicate with Cloud storage servers for storage and retrival of data as and when required. Cloud servers are used for storage of data. For encryption and decryption of data ECC algorithm is proposed to use and for hash generation SHA-1 algorithm.

B. Algorithm For Encryption and Upload 𝑈 ↑ (𝐼𝑀𝐺, 𝐴) 𝐼𝑀𝐺 → |𝐵𝐼𝑀𝐺 | 𝑊ℎ𝑒𝑟𝑒 𝐵𝐼𝑀𝐺 = {𝐵𝐼𝑀𝐺 𝑖 , 𝐵𝐼𝑀𝐺 𝑖+1 , . . , 𝐵𝐼𝑀𝐺𝑛 } ∀ 𝐵𝐼𝑀𝐺 𝑖 ∈ 𝐵𝐼𝑀𝐺 𝑑𝑜 𝐶𝐼𝑀𝐺 𝑖 = 𝐸𝑛𝑐(𝐵𝐼𝑀𝐺 𝑖 , 𝐴) |𝐶𝐼𝑀𝐺 = |𝐶𝐼𝑀𝐺 ∪ 𝐶𝐼𝑀𝐺 𝑖 𝑒𝑛𝑑 |𝐶𝐼𝑀𝐺 | → 𝐼𝑀𝐺′ 𝐼𝑀𝐺 ′ = 𝐹𝑅𝑖 , 𝐹𝑅𝑖+1 . . . , 𝐹𝑅𝑛 𝑊ℎ𝑒𝑟𝑒 𝐹𝑅𝑖 = 𝐼𝑀𝐺′𝑆(𝐼𝑀𝐺 ′ )/𝑇𝐹 𝐻𝐹𝑅 = 𝐻𝐹𝑅𝑖 , 𝐻𝐹𝑅𝑖+1 , 𝐻𝐹𝑅𝑛 𝑊ℎ𝑒𝑟𝑒 𝐻𝐹𝑅𝑖 = 𝑆𝐻𝐴 𝐹𝑅𝑖 𝐶𝑆 = {𝐶𝑆𝑖 , … , 𝐶𝑆𝑛 } ∀ 𝐹𝑅 ∈ 𝐹𝑅 𝑑𝑜 𝐹𝑅𝑖 → 𝐶𝑆𝑖 , … , 𝐹𝑅𝑛 → 𝐶𝑆𝑛 𝑃𝑆𝑠𝑎𝑣𝑒 (𝐻𝐹𝑅 ,𝐶𝑆 𝑖 ,𝑁𝑎𝑚𝑒 𝐼𝑀𝐺 ,𝑇𝑖𝑚𝑒𝑆𝑡𝑎𝑚𝑝 )

There would be four major process involved in entire work and are as follows: i)

Application provide option for new user registration. Mobile Users and TPA must be registered with unique Login ID and password with the proxy server. Cloud storage provider‟s IP address, database name and user id/password of database should be registered on proxy server.

𝑖

𝑒𝑛𝑑

Registration

ii) File Upload For Decryption and Download 𝑈 ↑ (𝐼𝐷𝐼𝑀𝐺 , 𝐴) 𝐹𝑅 = 𝑃𝑆𝑅𝑒𝑡𝑟𝑖𝑒𝑣𝑒 𝑛

𝐼𝑀𝐺 ′ =

Mobile User need to login with their registered userid and password.Serial ID of the device is sent to the server as an attribute for message security key. At the time when data owner upload their image file, Proxy Server (PS) encrypt the data inside the file through attribute key using ECC algorithm. Server generated a unique ID for that file so that the file can be referenced in future using that ID. PS divides the encrypted file in two fragments and generates hash code of each file using SHA-1 Algorithm. PS stores file information such as File ID, Filename, hash key and timestamp of file upload. PS sends first fragment to first cloud server and second fragment to second cloud server for storage.

𝐶𝑆 𝑖 𝐹𝑅𝑖 ,… ,𝐶𝑆𝑛 𝐹𝑅𝑛

𝐹𝑅𝑖 𝑖=1

𝐼𝑀𝐺 ′ → 𝐵𝐼𝑀𝐺 𝐵𝐼𝑀𝐺 ′ = 𝐵𝐼𝑀𝐺 ′𝑖 , … , 𝐵𝐼𝑀𝐺 ′ 𝑛 ∀ 𝐵𝐼𝑀𝐺′𝑖 ∈ 𝐵𝐼𝑀𝐺′ 𝑑𝑜 𝑂𝐼𝑀𝐺 𝑖 = 𝐷𝑒𝑐(𝐵𝐼𝑀𝐺′𝑖 , 𝐴) |𝑂𝐼𝑀𝐺 = |𝑂𝐼𝑀𝐺 ∪ 𝑂𝐼𝑀𝐺 𝑖 𝑒𝑛𝑑 |𝑂𝐼𝑀𝐺 | → 𝐼𝑀𝐺 𝑈 ↓ 𝐼𝑀𝐺

iii) File Download Before downloading the file Data Owner(DO) need to login with their credentials. DO has to provide information of the file such as filename or file id and key to the proxy server. Proxy Server(PS) stores the attribute key in session and matches with DB, if it matches then user request is considered. PS collects both the fragments from cloud servers and joins it in one file. After joining, file is decrypted using user provided key (from session) and decrypted file is sent to the user.

C. Architecture

iv) TPA Verification Data Owner login to the system and selects option to verify authenticity of file. DO provides file ID or name and key for validation. TPA encodes the key and matches in its DB, if it comes genuine then request is sent to the PS for authentication. TPA requests Proxy server to get both 95

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume 14 Issue 2 –APRIL 2015. fragments. PS gets both fragments from Cloud storage and gets Hash code of both fragments. PS sends new hashes as well as old hashes. TPA matches the hashes and sends status of authenticity to the Data Owner.

80000 60000

66168

40000

Encryption Time

20000

V. EXPERIMENT EVALUATION A. Experiment Settings

0

1609 100kb

For conducting the experiments, an initial setup is done which includes an android OS mobile device, an app which allows the user to achieve required functionalities, one proxy server having tomcat where application is deployed in it and two storage servers having database software. Images of different sizes (100kb and 500kb) where chosen so that efficiency in operations can be measured for different file sizes.

30 25 20 15 10 5 0

B. Experiment Process and Results Experiment process involves many transactions. User is allowed to register and login so that their homepage opens up and shows option to upload or download files. Application accesses the image gallery of the user and user is asked to upload an image. We calculate the timestamps of image upload stat time and server‟s response on finish upload time, the time difference is considered as total upload time, similarly, time efficiency is calculated for next processes, such as, conversion of image to binary format, encryption, serialization, fragmentation, hash code generation using SHA-1, multi-cloud storage of fragments, retrieval, merging fragments, decryption and download. Again the same sets of experiments are carried out using other file sizes.

27 Serialization Time

15

100kb

30 25 20 15 10 5 0

500kb

500kb

25 Fragmentation Time

13

100kb

500kb

5000 4000

15

3000

4322

2000 1000

1938

Fil Upload Time

0

500kb

3 100kb

1.2 1 0.8 0.6 0.4 0.2 0

1

350 300 250 200 150 100 50 0

1 Binary Conversion Time

100kb

SHA hash generation Time

5

0 100kb

13

10

500kb

305 244 PS Update Time

100kb

96

500kb

500kb

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume 14 Issue 2 –APRIL 2015. 600

VI. CONCLUSIONS AND FUTURE WORK

500

Multi-cloud architecture is obviously a boon in the field of cloud storage technology. It not only provides security to data but also ensures privacy and integrity. Experimental results prove the efficiency of SEF-MC algorithm on different sizes of the data being outsourced to the server through mobile device. Performance of application still can be made better by deploying server side script to best configuration hardware server with broadband connection internet. Future works can be carried out to do the encryption in mobile device itself instead of server to maintain security on flow channel too.

512

400 300

Remote Storage Time

200 100

203

0 100kb

500kb

REFERENCES

200 187

150 100

103

[1] P. Mell and T. Grance, “The NIST Definition of Cloud Computing, Version 15,” Nat‟l Inst. of Standards and Technology, Information Technology Laboratory, vol. 53, p. 50, http://csrc.nist.gov/groups/SNS/cloud-computing/, 2010. [2] Jens-Matthias Bohli, Nils Gruschka, Meiko Jensen, Member, IEEE,Luigi Lo Iacono, and Ninja Marnau,” Security and Privacy-Enhancing Multicloud Architectures” IEEE Transactions On Dependable And Secure Computing, Vol. 10, No. 4, July/August 2013 [3] D. Hubbard and M. Sutton, “Top Threats to Cloud Computing V1.0,” Cloud Security Alliance, http://www Cloud security alliance.org/top threats, 2010 [4] C. C. Chang, I. C. Lin, and C. T. Liao, “An access control system with time-constraint using support vector machines”, International Journal of Network Security, vol. 2, no. 2, pp. 150-159, 2006. [5] M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “On Technical Security Issues in Cloud Computing,” Proc. IEEE Int‟lConf. Cloud Computing (CLOUD-II), 2009. [6] S. F. Tzeng, C. C. Lee, and T. C. Lin, “A novel key management scheme for dynamic access control in a hierarchy”, International Journal of Network Security, vol. 12, no. 3, pp. 178-180, 2011. [7] L.Wiese, “Horizontal Fragmentation for Data Outsourcing with Formula-Based Confidentiality Constraints,” Proc. Fifth Int‟l Workshop Security (IWSEC ‟10), pp. 101-116, 2010. [8] S. Kamara and K. Lauter, “Cryptographic Cloud Storage,” Proc. 14th Int‟l Conf. Financial Cryptography and Data Security, pp. 136-149, 2010. [9] Valentina Ciriani, Sabrina De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati, Combining fragmentation and encryption to protect privacy in data storage, ACM Trans. Inf. Syst. Secur. 13 (2010), 22:1-22:33. [10] Lori M. Kaufman, Data security in the world of cloud computing , IEEE Security and Privacy 7 (2009), 61-64. [11] Sean Carlin Kevin Curran and Mervyn Adams, Security issues in cloud computing, Elixir 38 (2011), 4069-4072. [12] Hassan Takabi, James B. D. Joshi, and Gail-Joon Ahn, Security and privacy challenges in cloud computing environments , IEEE Security and Privacy 8 (2010), 24-31. [13] Y. Zhu, G.J. Ahn, H. Hu, S.S. Yau, H.G. An, S. Chen, “Dynamic Audit Services for Outsourced Storages in Clouds,” IEEE Transactions on Services Computing, 2011. http://doi.ieeecomputersociety.org/10.1109/TSC.2011.51 [14] A. Sahai and B. Waters, “Fuzzy identity based encryption, "Advances in Cryptology VEUROCRYPT, vol. 3494 of LNCS, pp. 457-473, 2005. [15] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, D. Song, “Provable Data Possession at Untrusted Stores”, CCS’07, pp. 598-609, 2007. [16] G. Ateniese, R. DiPietro, L. V. Mancini, G. Tsudik, “Scalable and Efficient Provable Data Possession”, SecureComm 2008, 2008. [17] Y. Zhu, H. Wang, Z. Hu, G. J. Ahn, H. Hu, S. S. Yau, “Efficient Provable Data Possession for Hybrid Clouds”, CCS’10, pp. 756-758, 2010. [18] R. Curtmola, O. Khan, R. Burns, G. Ateniese, “MR-PDP: Multiple-Replica Provable Data Possession”, ICDCS’08, pp. 411-420, 2008. [19] A. F. Barsoum, M. A. Hasan, “Provable Possession and Replication of Data over Cloud Servers”, CACR, University of Waterloo, Report2010/32,2010. Available at http://www.cacr.math.uwaterloo.ca/techreports /2010/cacr2010-32.pdf.

Retrieval Time

50 0 100kb

7 6 5 4 3 2 1 0

500kb

6 Merging Time 1 100kb

500kb

20 19

15 10

5

Deserializatio n Time

7

0 100kb

120 100 80 60 40 20 0

500kb

114 Decryption Time

37 100kb

500kb

97

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume 14 Issue 2 –APRIL 2015. [20] Z. Hao, N. Yu, “A Multiple-Replica Remote Data Possession Checking Protocol with Public Verifiability”, 2010 Second International Symposium on Data, Privacy, and E-Commerce, pp. 84-89, 2010. [21] A. F. Barsoum, M. A. Hasan, “On Verifying Dynamic Multiple Data Copies over Cloud Servers”, IACR eprint report 447, 2011. Available at http://eprint.iacr.org/2011/447.pdf. [22] A. Juels, B. S. Kaliski Jr., “PORs: Proofs of Retrievability for Large Files”, CCS’07, pp. 584-597, 2007. [23] H. Shacham, B. Waters, “Compact Proofs of Retrievability”, ASIACRYPT 2008, LNCS 5350, pp. 90-107, 2008. [24] K. D. Bowers, A. Juels, A. Oprea, “Proofs of Retrievability: Theory and Implementation”, CCSW’09, pp. 43-54, 2009. [25] Q. Zheng, S. Xu. Fair and Dynamic Proofs of Retrievability. CODASPY’ 11, pp. 237-248, 2011. [26] Y. Dodis, S. Vadhan, D. Wichs, “Proofs of Retrievability via Hardness Amplification”, TCC 2009, LNCS 5444, pp. 109-127, 2009. [27] Y. Zhu, H. Wang, Z. Hu, G. J. Ahn, H. Hu, “Zero-Knowledge Proofs of Retrievability”, Sci China Inf Sci, 54(8), pp. 1608-1617, 2011. [28] C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing”, INFOCOM 2010, IEEE, March 2010. [29] Q. Wang, C. Wang, K. Ren, W. Lou, J. Li, “Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing”, IEEETransactions on Parallel And Distributed Systems , 22(5), pp. 847-859, 2011. [30] C. Wang, Q. Wang, K. Ren, N. Cao, W. Lou, “Toward Secure and Dependable Storage Services in Cloud Computing,” IEEE Transactions on Services Computing, 5(2), pp. 220-232, 2012.

98