International Journal of Computer Applications (0975 – 8887)

Volume 70– No.16, May 2013

Cloud Data Security while using Third Party Auditor

Ashish Bhagat Ravi Kant Sahu

Department Of Computer Science & Engineering School of Computer Engineering
Lovely Professional University, India Lovely Professional University, India

ABSTRACT
As in [8] references statistics that suggest one third of
In this paper the computing resources in the form of service breaches due to laptops falling in the wrong hands and about
rather than a utilities and product are provided to users over 16% due to stolen items by employees. It is up to the clients to
internet. The corporate world there are huge number of client decide the vendors depending on how willing they are to
which is accessing there data and modifying the data. The implement secure policies and be subject to 3rd party
cloud is a platform where the data owner remotely stores their verifications. Sales force and Amazon, Google are currently
data in cloud. The goal of cloud computing concept is to providing such services charging clients using an on-demand
secure and protect the data which come under the property of policy Storing the data in the cloud can prevent these issues
users and security of cloud computing environment is altogether. The basic point of view pattern is changing the
exclusive research area into which requires further way it is being focused over cloud. Users view i.e. in addition
development from both academic and research communities. to this advantage it brings forth exclusive and challenging
The cloud application and services move to centralized huge security threats towards user’s outsourced data. Moreover,
data center and services and management of this data may not vendors can update application/OS/middleware security
be trustable into cloud environment the computing resources patches faster because of higher availability of staff and
are under control of service provider and the third-party- resources. Cloud computing change Internet into new
auditor ensures the data integrity over out sourced data. Third- computing platform is business model that achieve purchase
party-auditor not only read but also may be change the data. on-demand and as pay-per-use in network has a broad
Hence a mechanism should be provided who solved the development prospect. The proposed problem is multi write
problem. 1st the examines the problem contradiction between and problem of TPA if Third-party-auditor not only uses data
client CSP new potential securities schemes used to solve but also modify the data than how data owner or user will
problem. the purpose of this paper is attempted to bring know about in this problem. Here user has two types’ keys
greater clarity landscape about cloud computing security and one of which only the owner knows called private key and
their solution at user level using encryption which ensure the another one which is known to anyone called public key.
data owner and client that there data are intact using
algorithm. The third party match both the data it must be same as the sent
one on the sender cannot deny that they sent it (non
Keywords repudiation).Downloading of data for its integrity verification
Data Integrity, Third party Auditor, Cloud Service Provider. is not feasible task since it’s very costly because of the
transmission cost across the network.
1. INTRODUCTION
It is very important to provide public auditing service for
Cloud computing gets name as a metaphor for the Internet. cloud data storage. For well organization it is very essential
The computer industry is the only industry that is more that cloud that allows investigation from a single party audit
fashion-driven than women’s fashion he told to a group of the outsource data to ensure data security and save the data
Oracle analysts. So let’s talk about what cloud computing is storage and user’s computation. That user trusts an
and tighten up definition and understanding of this independent third party auditor (TPA). It provides the
implementation. Cloud computing has become most important reasonable way for users to check the validity of data in cloud.
propaganda issue in since 2007 and many companies used to Check the integrity of data on cloud on the behalf of users.
attempt to use the cloud computing services. Typical cloud Public auditing in addition to user provides the external party
computing services are Amazon EC2 and Google app engine, to verify the correctness of stored data against external attacks
amazons they use the Internet to connect to external users with it’s hard to find. However these schemes, as in [7] don’t
the gadget, economy, high scalability and other advantages, involve the privacy protection of data and a main
Pick up any tech magazine or visit almost any IT website or disadvantage which affect the security of the protocols in
blog and you’ll be sure to see talk about cloud computing. cloud computing. Cloud service provider has significant
Internet is represented in the network diagrams as a cloud, the storage space and computation resource to maintain the user’s
cloud icon represents “all that other stuff” that is makes the data. Also it has expertise in building and managing
network work. It’s kind of like “etc.”It also typically means an distributed cloud storage servers and ability to own and
area of diagram or solution that is somebody else’s concern so operate live cloud computing systems. So users who depend
why diagram it all out? It is probably this notion that is most on only TPA for their security storage want their data to be
applicable to the cloud computing concept and Cloud protected from external auditors. Users who put their large
computing promises to cut capital costs and operational more data files into cloud storage servers can relieve burden of
importantly let IT departments focus on strategic projects storage and computation and at the same time it is important
instead of keeping centralized the data centre running, as in for users to ensure that their data are being stored correctly
[1]. and security check. Users should be beautified with certain

9
 International Journal of Computer Applications (0975 – 8887)
Volume 70– No.16, May 2013

security means so that they can make sure their data is safe Advanced Encryption Standard (AES) are used where client
and Cloud service provider always online & assumed to have encrypt and decrypt the file. In this vm, this mechanism solves
abundant storage capacity and computation power. Third party the problem of unauthorised access of data in this suggested
auditor is invariably online too and It makes every data access scheme that can be used for integrity and consistency of data.
be in control.
3. PRESENT WORK
TPA eliminates the involvement of client through auditing of
whether his data stored in cloud are indeed intact which can In this paper we know about cloud computing security and
important in achieving economies of scale for Cloud find the problem in cloud data security using third party
Computing third party auditor who will audit the data of data auditor and what is work of TPA and CSP and how can solve
owner or client so that it will let off the burden of the problem when client and csp share the data in network and
management of data of data owner. Released audit report literature review.
would not only help owners to evaluate the risk of their
subscribed cloud data services, but also be beneficial for cloud 4. PROBLEM FORMULATION
service provider to improve their cloud based service
platform, as in [7].This public auditor will help to data owner
When two or more users are using data any time then
that his data are safe in cloud with use of TPA management of
consistency of data is more important because unauthorised
data will be easy and less burdening to data owner but without
person can use data and it can change or modify data or delete
encryption of data, how data owner will ensures that his data

Sending of file 3
Cloud data storage
Figure 1: Client ask file from CSP with (via CDS)
Root node

Node 2 Node 3

Client ask file 3 File 1 File 2 File 3 File 4

Figure 2: CSP send file to Client

are in a safe hand. the data. New data storage paradigm in cloud computing bring
Two or more user is using the data any time than consistency about many challenging design issues which has profound
of data is important because any time anyone unwanted influence on the performance and security of overall system.
person can use data and change or modify the data or delete If two or more users are using data, user one is writing a data
data. If two user or more is using a data user one is reading a while other is reading data then it may lead to incompatibility.
data while another one is writing a data than it may be wrong So resolving data inconsistency becomes an important task of
read by one user. So that resolve data inconsistency becomes data owner so that TPA can be used as an intermediate party
an important task of the data owner. between the user and the Cloud Service Provider. An another
problem of TPA not only use data but also modify data than
2. REVIEW OF LITERATURE how data owner or user will know about this problem and
contradiction between them and another problem is multi-
Using Third Party Auditor as in [6] this the problem can be
write problem is important issue.
generalized as how can the client find an efficient way to
perform periodical integrity verifications without the local
copy of data files, as in [2]. If two users or more users are Machine by means of Software as a service this use a new
using a data, one is writing a data while one is reading a data algorithm to improve the security check the integrity of data.
than it may be wrong read by 1 user, so to resolve data The researcher find out the problem which is security issues
inconsistency is become an important task of the data owner. and third party auditor services and to manage this data using
Another problem how to trust on TAP is not calculated. If TAP that provides the security and also some key security in
TPA become intruder and pass information of data or deleting cloud computing security is most crucial task. Cloud
a data than how owner know about this problem are not computing entrusts services with users data, software and
solved Consistency and Integrity. Proposed scheme in this vm, computation on a published application programming

10
 International Journal of Computer Applications (0975 – 8887)
Volume 70– No.16, May 2013

interface over a network. Cloud provides a platform for many access a file from CSP.
types of services and it has a considerable overlap with
software as a service (SaaS) as in [5] End users access cloud 
based applications through a web browser or a light weight
desktop or a mobile app while the business software and data 2) CSP ask client for
are stored on servers at a remote location. The Cloud authentication like
application providers strive to give the same or better service
and performance than if the software programs were installed. login page.
When we are talk about cloud Security and maintaining data
integrity is one of the most important and very hard tasks. 3) Client authentication
When we are talk about cloud users and they are using cloud
services, provided by the cloud provider, as in [5] and again,
CSP by his password.
in the case of maintaining integrity of data so user cannot trust 
the service provider to handle data, as he himself can modify
the original data and integrity may be lost and If a smart 4) Verify password if
hacker hacks the cloud server and steals the data and modifies
it then in some cases this modification is not even identified correct than send a
by the cloud provider. So, in this case, we take the help of a file that he want to
trusted third party auditor to check for the integrity of data.
This third party auditor takes care of data and makes sure that access.
data integrity is maintained. In the view the procedure of
integrity checking as a key’s proficiency within software and Else move to step 2.
platform, infrastructure security focuses area of cloud 5) Client decrypts the file
architecture. In the vision for helping assure ongoing system
integrity in a virtualised environment includes an evolution of by applying RSA
integrity checking competences, as in [5] each phase, in this
evolution relies on secure start up enabled and provides an decryption algorithm.
increasing level of assurance and in this evolution begins with
6) If client modify the
one-time integrity checks at systems or hypervisor start up.
file than he will send
5. RESEARCH METHODOLOGY
file to TPA and CSP
The use methodology to getting results and shows the work of
client, CSP and TPA. with a message like
Md as (C’s M) and
C’ here C’ for
encrypted file s for
ElGamal Digital
Signature and M
denotes for
Client
modification. 
Third Party Auditor 7) CSP check the
signature for
authenticity and
compute the message
Figure 3: Architecture for Client TPA and Service digest to find
provider encrypted file which

6. ALGORITHM is compare with

It checks the integrity of data and maintaining consistency at encrypted file of

cloud data storage for Client and CSP. another message.
For records updating algorithm (1a) 8) If correct it will
Client Side CSP Side change previous file

1) Client request to with this one end

11
 International Journal of Computer Applications (0975 – 8887)
Volume 70– No.16, May 2013

move to step 11. D = 77.

9) Else ask the client to 5). Suppose PT = 10, E=5.

CT=105 mod 119.
follow the step 6
CT= 40. For Encrypt.
10) CSP sends a same 77
6). PT = 40 mod 119
message (C’,
PT = 10. For Decrypt.
Md  (C’,)) to
client after addition Example of ElGamal Digital Signature Algorithm:
of his signature s GF (19) that is q=19.

and TPA.  Primitive roots (2, 3, 10, 13, 14, 15) we choose =10.
1) XA =16 Generate random integer (1<XA<q-1)
11) If C’ file is same as
2) YA =XA mod q
previous one, drop
YA=16 mod 19
this packet and move
YA=1016 mod 19
to step 1 or step 12.
YA= 4.
Else ask CSP to
3) Alice XA =16. Alice public key is {q,
follow. ,YA}={19,10,4}
12) Exit. Message with has value m=14. First computes the
hash m=H (m).
In this way TPA verify encrypted file with message received i. Alice choose K=5, which is relative prime to
from CSP. [q-1 =18].
For example of RSA with ElGamal digital signature ii. 1= k mod q
algorithm. = 105 mod 19
1) Choose the two large prime number p and q. = 3.
Like p=7 and q=17. iii. K-1 mod (q-1)
2) Calculate N= (p*q). N=7*17 N= 119. 5-1 mod (19-1)
3) Select the public key (n) = (p-1)*(q-1) such that it is not a 5-1 mod 18
factor of this. =11
(n) = (7-1)*(17-1) iv. 2 = k-1(m-XA 1)mod (q-1)
(n) = 6*16 =11(14 - (16) (3)) mod (19-1)
(n) = 96 =11(14 - 48) mod 18

Researcher have to choose E such that none of the factor of E =11(-34) mod 18

is 2 and 3 =-374 mod 18

(Can’t choose E= 4, 15, 6….etc) let us choose E = 5. =4

4) (D*E) mod ((p-1)*(q-1)) = 1 calculate D using this Signature consists of the pair (12)
way 96*X+1 =? v. Verify the signature
(D*5) mod ((7-1)*(17-1)) = 1 V1=V2
96*1+1=97 V1 = m mod q.
1014 mod 19 =16
(D*5) mod (6*16) = 1
V2 = (YA) 1 (1) 2 mod q. (43) (34) mod 19
96*2+1=193
64 * 81 mod 19
(D*5) mod 96 = 1
96*3+1=289 5184 mod 19= 16
D = 3855/5
96*4+1=385

12
 International Journal of Computer Applications (0975 – 8887)
Volume 70– No.16, May 2013

7. SIMULATION AND RESULTS

The implemented RSA-with Elgamal Digital Signature based
instantiations in windows 7. And an experiment is Conducted
using Java on a System with an Intel core i5-2410M processor
running at CPU @ 2.30GHz, installed memory(RAM)
4.00GB, System type: 64-bit OS, Intel® Mobile Express
Chipset SATA AHCI Controller, Device type IDE
UB2
ATA/ATAPI controller, 596.17 GB drive. Algorithms
Elgamal Digital Signature is implemented using CloudSim
and CloudAnalyst with Eclipse.

Initially researcher created one CSP, data owner and TPA.

Data owner gave right to change data to 10 users with identity
number and keys. In this identity number he sends to CSP and
TPA. This user initially gave the file by using algorithm 1a
then applied for all 10 users. Now run algorithms 1a step
number 7 for TPA. TPA found all 10 files in appropriate form. Table 3 Data Center Request Servicing Times
Show on figure 4. Work Simulation. Give the overall response
time and Response Time by Region; User Base Hourly Data Center Avg (ms) Min (ms) Max (ms)
Response Times, Data Center Hourly Loading and also find DC1 0.51 0.02 1.10
that scheme detect error probability about 99%. The data
protecting from CSP and TPA is verified by the simulation as Data Center Hourly Loading
we had converted the file into encrypted form and show the
analysis of response time and data center processing time and DC1
also show response time by region as show on table 1, 2. And
data center request servicing time as show on table 3.

8. CONCLUSION
Conclude that secure auditing protocol to store data and verify
it and make algorithm with example. Use the RSA algorithm
with ElGamal Digital Signature and for the process of
encryption and decryption and which is solve the problem of
integrity, unauthorized access, privacy and consistency. And
in this article first present a network in which cloud
Architecture work and which methodology used, user and
TPA shown after that how file is retrieved. Encryption and
Figure 4: Show Simulation Work decryption of file how to check the integrity of data from csp
and client and how give the control to TAP.
Table 1 Overall Response Time Summary
Avg Min Max 9. REFERENCES
(ms) (ms) (ms)
[1] Elsenpeter Robert ,Anthony T.Velte and Toby J.Velte,
Overall response time: 203.24 39.36 627.6
2010. Cloud Computing A Practical Approach.
1
Data Center processing 0.51 0.02 1.10 [2] Qian Wang and Cong Wang and Kui Ren, Wenjing Lou,
time: Jin Li 2011. Enabling Public Auditability and Data
Dynamics for Storage Security in Cloud Computing in
Table 2 Response Time by Region IEEE transactions on parallel and distributed systems
volume 22, no. 5.
User base Avg (ms) Min (ms) Max (ms) [3] Cong Wang and Kui Ren and Wenjing Lou and Jin Li,
UB1 50.53 39.36 61.71 2010. To ward Publicly Auditable Secure Cloud Data
UB2 502.30 397.61 627.61 Storage Services in IEEE.
[4] M.Ashah and R. Swaminathan and M. Baker, 2011.
User Base Hourly Response Times Privacy-Preserving Audit And Extraction of Digital
Contents”.
UB1
[5] H. Shacham and B. Waters, 2008. Compact Proofs of
Retrivability in proc. of asiascrypt.

13
 International Journal of Computer Applications (0975 – 8887)
Volume 70– No.16, May 2013

[6] Ravi Kant Sahu and Abhishek Mohta, L.K. Awasthi [7] P. Mell and t. Grance 2009. Draft Nist Working
2012. Robust Data Integration While Using Third Party Definition of Cloud Computing, referred.
Auditor For Cloud Data Storage Services, conf.
IJARCSSE, Vol 2, Issue 2,ISSN: 2277 128X. [8] Elinor Mills,2009. Cloud Computing Security Forecast:
Clear Skies"

14