High-speednetworks and ubiquitous Internet access become available to users foraccess anywhere at any time. Cloud computing is a concept that treatsthe resources on the Internet as a unified entity, a cloud.
Cloudstorage isa model of networked onlinestorage wheredata is stored in virtualized pools of storage which are generallyhosted by third parties. Hosting companiesoperate large data centers, and people who require their data to behosted buy or lease storage capacity from them.The datacenter operators,in the background, virtualize theresources according to the requirements of the customer and exposethem as storage pools, which the customers can themselves use tostore files or data objects. Physically, the resource may span acrossmultiple servers.Datarobustness is a major requirement for storage systems. There havebeen many proposals of storing data over storage servers. One way toprovide data robustness is to replicate a message such that eachstorage server stores a copy of the message. A decentralized erasurecode is suitable for use in a distributed storage system.
KEYWORDS: decentralized, erasure code, internet access, cloud storage,data robustness. INTRODUCTIONDesigninga cloud storage system for robustness, confidentiality andfunctionality. The proxy re-encryption scheme supports encodingoperations over encrypted messages as well as forwarding operationsover encoded and encrypted messages. To provide data robustness is toreplicate a message such that each Storage server stores a copy ofthe message. It is very robust because the message can be retrievedas long as one storage server survives.Thenumber of failure servers is under the tolerance threshold of theerasure code, the message can be recovered from the code word symbolsstored in the available storage servers by the decoding process. Thisprovides a tradeoff between the storage size and the tolerancethreshold of failure servers.
Adecentralized erasure code is an erasure code that independentlycomputes each code word symbol for a message. A decentralized erasurecode is suitable for use in a distributed storage system.Astorage server failure is modeled as an erasure error of the storedcode word symbol.Weconstruct a secure cloud storage system that supports the function ofsecure data forwarding by using a threshold proxy re-encryptionscheme.Theencryption scheme supports decentralized erasure codes over encryptedmessages and forwarding operations over encrypted and encodedmessages.Oursystem is highly distributed where storage servers independentlyencode and forward messages and key servers independently performpartial decryption. LITERATURE SURVEY 1. Weconsider the problem of constructing an erasure code for storage overa network when the data sources are distributed.
Specifically, we assume that there are nstoragenodes with limited memory and k< n sourcesgenerating the data. We want a data collector, who can appearanywhere in the network, to query anykstoragenodes andbe able to retrieve the data. We introduce Decentralized ErasureCodes, which are linear codes with a specific randomized structureinspired by network coding on random bipartite graphs.
We show thatdecentralized erasure codes are optimally sparse, and lead to reducedcommunication, storage and computation cost over random linearcoding.2. Plutus is a cryptographicstorage system that enables secure file sharing without placing muchtrust on the file servers. In particular, it makes novel use ofcryptographic primitives to protect and share files. Plutus featureshighly scalable key management while allowing individual users toretain direct control over who gets access to their files. We explainthe mechanisms in Plutus to reduce the number of cryptographic keysexchanged between users by using file groups, distinguish file readand write access, handle user revocation efficiently, and allow anuntrusted server to authorize file writes. We have built a prototypeof Plutus on OpenAFS.
Measurements of this prototype show that Plutusachieves strong security with overhead comparable to systems thatencrypt all network traffic.3.Availability is a storagesystem property that is both highly desired and yet minimallyengineered.
While many systems provide mechanisms to improveavailability– such as redundancy and failure recovery – how tobest configure these mechanisms is typically left to the systemmanager. Unfortunately, few individuals have the skills to properlymanage the trade-offs involved, let alone the time to adapt thesedecisions to changing conditions. Instead, most systems areconfigured statically and with only a cursory understanding of howthe configuration will impact overall performance or availability.While this issue can be problematic even for individual storagearrays, it becomes increasingly important as systems are distributed– and absolutely critical for the wide area peer-to-peer storageinfrastructures being explored. This paper describes the motivation,architecture and implementation for a new peer-to-peer storagesystem, called TotalRecall that automatesthe task of availability management.
In particular, the TotalRecall systemautomatically measures and estimates the availability of itsconstituent host components, predicts their future availability basedon past behavior, calculates the appropriate redundancy mechanismsand repair policies, and delivers user-specified availability whilemaximizing efficiency.4.This paper sketches the design of PAST, a large-scale,Internet-based, global storage utility that provides scalability,high availability, persistence and security. PAST is a peer-to-peerInternet application and is entirely self or gaining.
PAST nodesserve as access points for clients, participate in the routing ofclient requests, and contribute storage to the system. Nodes are nottrusted, they may join the system at any time and may silently leavethe system without warning. Yet, the system is able to provide strongassurances, efficient storage access, load balancing and scalability.5.Storage outsourcing is a rising trend which prompts a number ofinteresting security issues, many of which have been extensivelyinvestigated in the past. However, Provable Data Possession (PDP) isa topic that has only recently appeared in the research literature.
The main issue is how to frequently, efficiently and securely verifythat a storage server is faithfully storing its client’s(potentially very large) outsourced data. The storage server isassumed to be untrusted in terms of both security and reliability.(In other words, it might maliciously or accidentally erase hosteddata; it might also relegate it to slow or off-line storage.) Theproblem is exacerbated by the client being a small computing devicewith limited resources. Prior work has addressed this problem usingeither public key cryptography or requiring the client to outsourceits data in encrypted form. In this paper, we construct a highlyefficient and provably secure PDP technique based entirely onsymmetric key cryptography, while not requiring any bulk encryption.
RELATED WORK 1. EXISTING WORKInExisting System we use a straightforward integration method. Instraightforward integration method Storing data in a third party’scloud system causes serious concern on data confidentiality. In orderto provide strong confidentiality for messages in storage servers, auser can encrypt messages by a cryptographic method before applyingan erasure code method to encode and store messages. When he wants touse a message, he needs to retrieve the Code word symbols fromstorage servers, decode them, and then decrypt them by usingcryptographic keys. General encryption schemes protect dataconfidentiality, but also limit the functionality of the storagesystem because a few operations are supported over encrypted data.
Adecentralized architecture for storage systems offers goodscalability, because a storage server can join or leave withoutcontrol of a central authority.DISADVANTAGE:Theuser can perform more computation and communication traffic betweenthe user and storage servers is high.Theuser has to manage his cryptographic keys otherwise the security hasto be broken.Thedata storing and retrieving, it is hard for storage servers todirectly support other functions. PROPOSED SYSTEM Inour proposed system weaddress the problem of forwarding data to another user by storageservers directly under the command of the data owner.
We consider thesystem model that consists of distributed storage servers and keyservers. Since storing cryptographic keys in a single device isrisky, a user distributes his cryptographic key to key servers thatshall perform cryptographic functions on behalf of the user. Thesekey servers are highly protected by security mechanisms. HereStorage system has allocates by different data container. Once owneruploads the data with AES encryption mechanism, system again takesthe data and makes Secure Data segregation process. All the datapieces will be save in different location in cloud storage. Herepublic distributor monitors all the data and corresponding positionswhere it is saved.
When a proper client asking the data, cloud systemwill provide the data in reversible manner. So our system willprevent our data from both Inside and Outside attackers. ADVANTAGETightintegration of encoding, encryption, and forwarding makes the storagesystem efficiently meet the requirements of data robustness, dataconfidentiality, and data forwarding.Thestorage servers independently perform encoding and re-encryptionprocess and the key servers independently perform partial decryptionprocess.Moreflexible adjustment between the number of storage servers androbustness.
CONCLUSIONErasurecodes are promising for improving the reliability of the storagesystem due to its space efficiency compared to the replicationmethods. Traditional erasure codes split data into equalsized datablocks and encode strips in different data blocks. This brings heavyrepairing traffic when clients read parts of the data, since moststrips read for repairing are not in the expected blocks. This paperproposes a novel discrete data dividing method to completely avoidthis problem.
The key idea is to encode strips from the same datablock. We could see that for repairing failed blocks, the strips tobe read are either in the same data block with corrupted strips orfrom the encoded strips. Therefore, no data is wasted.
We design andimplement this data layout into a HDFS-like storage system.Experiments over a small-scale testbed shows that the proposeddiscrete data divided method avoids downloading data blocks that arenot needed for clients during the repairing operations.