A Hybrid Cloud Approach for Secure Authorized Deduplication
ABSTRACT:
Data
deduplication is one of important data compression techniques for eliminating
duplicate copies of repeating data, and has been widely used in cloud storage
to reduce the amount of storage space and save bandwidth. To protect the
confidentiality of sensitive data while supporting deduplication, the
convergent encryption technique has been proposed to encrypt the data before
outsourcing. To better protect data security, this paper makes the first
attempt to formally address the problem of authorized data deduplication.
Different from traditional deduplication systems, the differential privileges
of users are further considered in duplicate check besides the data itself. We
also present several new deduplication constructions supporting authorized
duplicate check in a hybrid cloud architecture. Security analysis demonstrates
that our scheme is secure in terms of the definitions specified in the proposed
security model. As a proof of concept, we implement a prototype of our proposed
authorized duplicate check scheme and conduct testbed experiments using our
prototype. We show that our proposed authorized duplicate check scheme incurs
minimal overhead compared to normal operations.
EXISTING SYSTEM:
Ø Data deduplication systems, the private cloud is involved
as a proxy to allow data owner/users to securely perform duplicate check with
differential privileges.
Ø Such architecture is practical and has attracted much
attention from researchers.
Ø The data owners only outsource their data storage by
utilizing public cloud while the data operation is managed in private cloud.
DISADVANTAGES
OF EXISTING SYSTEM:
Ø Traditional encryption, while providing data
confidentiality, is incompatible with data deduplication.
Ø Identical data copies of different users will lead to
different ciphertexts, making deduplication impossible.
PROPOSED SYSTEM:
In this paper, we
enhance our system in security. Specifically, we present an advanced scheme to support
stronger security by encrypting the file with differential privilege keys. In
this way, the users without corresponding privileges cannot perform the
duplicate check. Furthermore, such unauthorized users cannot decrypt the cipher
text even collude with the S-CSP. Security analysis demonstrates that our
system is secure in terms of the definitions specified in the proposed security
model.
ADVANTAGES
OF PROPOSED SYSTEM:
Ø The user is only allowed to perform the duplicate
check for files marked with the corresponding privileges.
Ø We present an advanced scheme to support stronger
security by encrypting the file with differential privilege keys.
Ø Reduce the storage size of the tags for integrity
check. To enhance the security of deduplication and protect the data confidentiality,
SYSTEM
ARCHITECTURE:
MODULES:-
v Cloud Service Provider
v Data Users Module
v Private Cloud Module
v Secure Deduplication System
MODULES DESCRIPTON:-
Cloud Service Provider
ü In this module, we develop Cloud Service Provider module.
This is an entity that provides a data storage service in public cloud.
ü The S-CSP provides the data outsourcing service and
stores data on behalf of the users.
ü To reduce the storage cost, the S-CSP eliminates the
storage of redundant data via deduplication and keeps only unique data.
ü In this paper, we assume that S-CSP is always online and
has abundant storage capacity and computation power.
Data Users Module
ü A user is an entity that wants to outsource data storage
to the S-CSP and access the data later.
ü In a storage system supporting deduplication, the user
only uploads unique data but does not upload any duplicate data to save the
upload bandwidth, which may be owned by the same user or different users.
ü In the authorized deduplication system, each user is
issued a set of privileges in the setup of the system. Each file is protected
with the convergent encryption key and privilege keys to realize the authorized
deduplication with differential privileges.
Private Cloud Module
ü Compared with the traditional deduplication architecture
in cloud computing, this is a new entity introduced for facilitating user’s
secure usage of cloud service.
ü Specifically, since the computing resources at data
user/owner side are restricted and the public cloud is not fully trusted in
practice, private cloud is able to provide data user/owner with an execution
environment and infrastructure working as an interface between user and the
public cloud.
ü The private keys for the privileges are managed by the
private cloud, who answers the file token requests from the users. The interface
offered by the private cloud allows user to submit files and queries to be
securely stored and computed respectively.
Secure Deduplication System
ü We consider several types of privacy we need protect,
that is, i) unforgeability of duplicate-check token: There are two types of
adversaries, that is, external adversary and internal adversary.
ü As shown below, the external adversary can be viewed as
an internal adversary without any privilege.
ü If a user has privilege p,
it requires that the adversary cannot forge and output a valid duplicate token
with any other privilege p′
on any file F, where p does not match p′.
Furthermore, it also requires that if the adversary does not make a request of
token with its own privilege from private cloud server, it cannot forge and
output a valid duplicate token with p on
any F that has been queried.
SYSTEM
REQUIREMENTS:
HARDWARE REQUIREMENTS:
Ø
System : Pentium IV 2.4 GHz.
Ø
Hard Disk :
40 GB.
Ø
Floppy Drive : 1.44
Mb.
Ø
Monitor : 15
VGA Colour.
Ø
Mouse :
Logitech.
Ø Ram : 512 Mb.
SOFTWARE
REQUIREMENTS:
Ø Operating system : Windows
XP/7.
Ø Coding Language : JAVA/J2EE
Ø IDE : Netbeans 7.4
Ø Database : MYSQL
REFERENCE:
Jin Li, Yan Kit
Li, Xiaofeng Chen, Patrick P. C. Lee, Wenjing Lou,“A Hybrid Cloud Approach
for Secure Authorized Deduplication”, IEEE TRANSACTIONS ON
PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 26, NO. 5, MAY 2015.