networks and ubiquitous Internet access become available to users for
access anywhere at any time. Cloud computing is a concept that treats
the resources on the Internet as a unified entity, a cloud. Cloud
a model of networked online
data is stored in virtualized pools of storage which are generally
hosted by third parties. Hosting companies
operate large data centers, and people who require their data to be
hosted buy or lease storage capacity from them.
in the background, virtualize the
resources according to the requirements of the customer and expose
them as storage pools, which the customers can themselves use to
store files or data objects. Physically, the resource may span across
robustness is a major requirement for storage systems. There have
been many proposals of storing data over storage servers. One way to
provide data robustness is to replicate a message such that each
storage server stores a copy of the message. A decentralized erasure
code is suitable for use in a distributed storage system.
WORDS: decentralized, erasure code, internet access, cloud storage,
a cloud storage system for robustness, confidentiality and
functionality. The proxy re-encryption scheme supports encoding
operations over encrypted messages as well as forwarding operations
over encoded and encrypted messages. To provide data robustness is to
replicate a message such that each Storage server stores a copy of
the message. It is very robust because the message can be retrieved
as long as one storage server survives.
number of failure servers is under the tolerance threshold of the
erasure code, the message can be recovered from the code word symbols
stored in the available storage servers by the decoding process. This
provides a tradeoff between the storage size and the tolerance
threshold of failure servers.
decentralized erasure code is an erasure code that independently
computes each code word symbol for a message. A decentralized erasure
code is suitable for use in a distributed storage system.
storage server failure is modeled as an erasure error of the stored
code word symbol.
construct a secure cloud storage system that supports the function of
secure data forwarding by using a threshold proxy re-encryption
encryption scheme supports decentralized erasure codes over encrypted
messages and forwarding operations over encrypted and encoded
system is highly distributed where storage servers independently
encode and forward messages and key servers independently perform
consider the problem of constructing an erasure code for storage over
a network when the data sources are distributed.
Specifically, we assume that there are n
nodes with limited memory and k
< n sources generating the data. We want a data collector, who can appear anywhere in the network, to query any k storage nodes and be able to retrieve the data. We introduce Decentralized Erasure Codes, which are linear codes with a specific randomized structure inspired by network coding on random bipartite graphs. We show that decentralized erasure codes are optimally sparse, and lead to reduced communication, storage and computation cost over random linear coding. 2. Plutus is a cryptographic storage system that enables secure file sharing without placing much trust on the file servers. In particular, it makes novel use of cryptographic primitives to protect and share files. Plutus features highly scalable key management while allowing individual users to retain direct control over who gets access to their files. We explain the mechanisms in Plutus to reduce the number of cryptographic keys exchanged between users by using file groups, distinguish file read and write access, handle user revocation efficiently, and allow an untrusted server to authorize file writes. We have built a prototype of Plutus on OpenAFS. Measurements of this prototype show that Plutus achieves strong security with overhead comparable to systems that encrypt all network traffic. 3. Availability is a storage system property that is both highly desired and yet minimally engineered. While many systems provide mechanisms to improve availability– such as redundancy and failure recovery – how to best configure these mechanisms is typically left to the system manager. Unfortunately, few individuals have the skills to properly manage the trade-offs involved, let alone the time to adapt these decisions to changing conditions. Instead, most systems are configured statically and with only a cursory understanding of how the configuration will impact overall performance or availability. While this issue can be problematic even for individual storage arrays, it becomes increasingly important as systems are distributed – and absolutely critical for the wide area peer-to-peer storage infrastructures being explored. This paper describes the motivation, architecture and implementation for a new peer-to-peer storage system, called Total Recall that automates the task of availability management. In particular, the Total Recall system automatically measures and estimates the availability of its constituent host components, predicts their future availability based on past behavior, calculates the appropriate redundancy mechanisms and repair policies, and delivers user-specified availability while maximizing efficiency. 4. This paper sketches the design of PAST, a large-scale, Internet-based, global storage utility that provides scalability, high availability, persistence and security. PAST is a peer-to-peer Internet application and is entirely self or gaining. PAST nodes serve as access points for clients, participate in the routing of client requests, and contribute storage to the system. Nodes are not trusted, they may join the system at any time and may silently leave the system without warning. Yet, the system is able to provide strong assurances, efficient storage access, load balancing and scalability. 5. Storage outsourcing is a rising trend which prompts a number of interesting security issues, many of which have been extensively investigated in the past. However, Provable Data Possession (PDP) is a topic that has only recently appeared in the research literature. The main issue is how to frequently, efficiently and securely verify that a storage server is faithfully storing its client's (potentially very large) outsourced data. The storage server is assumed to be untrusted in terms of both security and reliability. (In other words, it might maliciously or accidentally erase hosted data; it might also relegate it to slow or off-line storage.) The problem is exacerbated by the client being a small computing device with limited resources. Prior work has addressed this problem using either public key cryptography or requiring the client to outsource its data in encrypted form. In this paper, we construct a highly efficient and provably secure PDP technique based entirely on symmetric key cryptography, while not requiring any bulk encryption. RELATED WORK 1. EXISTING WORK In Existing System we use a straightforward integration method. In straightforward integration method Storing data in a third party's cloud system causes serious concern on data confidentiality. In order to provide strong confidentiality for messages in storage servers, a user can encrypt messages by a cryptographic method before applying an erasure code method to encode and store messages. When he wants to use a message, he needs to retrieve the Code word symbols from storage servers, decode them, and then decrypt them by using cryptographic keys. General encryption schemes protect data confidentiality, but also limit the functionality of the storage system because a few operations are supported over encrypted data. A decentralized architecture for storage systems offers good scalability, because a storage server can join or leave without control of a central authority. DISADVANTAGE: The user can perform more computation and communication traffic between the user and storage servers is high. The user has to manage his cryptographic keys otherwise the security has to be broken. The data storing and retrieving, it is hard for storage servers to directly support other functions. PROPOSED SYSTEM In our proposed system we address the problem of forwarding data to another user by storage servers directly under the command of the data owner. We consider the system model that consists of distributed storage servers and key servers. Since storing cryptographic keys in a single device is risky, a user distributes his cryptographic key to key servers that shall perform cryptographic functions on behalf of the user. These key servers are highly protected by security mechanisms. Here Storage system has allocates by different data container. Once owner uploads the data with AES encryption mechanism, system again takes the data and makes Secure Data segregation process. All the data pieces will be save in different location in cloud storage. Here public distributor monitors all the data and corresponding positions where it is saved. When a proper client asking the data, cloud system will provide the data in reversible manner. So our system will prevent our data from both Inside and Outside attackers. ADVANTAGE Tight integration of encoding, encryption, and forwarding makes the storage system efficiently meet the requirements of data robustness, data confidentiality, and data forwarding. The storage servers independently perform encoding and re-encryption process and the key servers independently perform partial decryption process. More flexible adjustment between the number of storage servers and robustness. CONCLUSION Erasure codes are promising for improving the reliability of the storage system due to its space efficiency compared to the replication methods. Traditional erasure codes split data into equalsized data blocks and encode strips in different data blocks. This brings heavy repairing traffic when clients read parts of the data, since most strips read for repairing are not in the expected blocks. This paper proposes a novel discrete data dividing method to completely avoid this problem. The key idea is to encode strips from the same data block. We could see that for repairing failed blocks, the strips to be read are either in the same data block with corrupted strips or from the encoded strips. Therefore, no data is wasted. We design and implement this data layout into a HDFS-like storage system. Experiments over a small-scale testbed shows that the proposed discrete data divided method avoids downloading data blocks that are not needed for clients during the repairing operations.