Scribd
Upload
9 views21 pages

j3cc03 FR

The document presents a dynamic audit service for verifying the integrity of outsourced cloud storage, employing techniques such as fragment structure and random sampling to enhance performance and anomaly detection. It addresses limitations of traditional cryptographic methods for data integrity and proposes a more efficient system that reduces computation overhead and storage requirements for audit metadata. Experimental results validate the effectiveness of the proposed system, highlighting its potential for public auditability and improved resource provisioning in cloud environments.

Uploaded by

vinoth
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
9 views21 pages

j3cc03 FR

The document presents a dynamic audit service for verifying the integrity of outsourced cloud storage, employing techniques such as fragment structure and random sampling to enhance performance and anomaly detection. It addresses limitations of traditional cryptographic methods for data integrity and proposes a more efficient system that reduces computation overhead and storage requirements for audit metadata. Experimental results validate the effectiveness of the proposed system, highlighting its potential for public auditability and improved resource provisioning in cloud environments.

Uploaded by

vinoth
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 21

Dynamic Audit Services for

Outsourced Storages in Clouds


ABSTRACT

A dynamic audit service for verifying the integrity of an untrusted and

outsourced storage. Our audit service is constructed based on the

techniques, fragment structure, random sampling, and index-hash table,

supporting provable updates to outsourced data and timely anomaly

detection. In addition, we propose a method based on probabilistic query

and periodic verification for improving the performance of audit services.

Our experimental results not only validate the effectiveness of our

approaches, but also show our audit system verifies the integrity with lower

computation overhead and requiring less extra storage for audit metadata.
EXISTING SYSTEM
The traditional cryptographic technologies for data integrity and availability, based on Hash

functions and signature schemes cannot work on the outsourced data. it is not a practical solution

for data validation by downloading them due to the expensive communications, especially for

large size files. Moreover, the ability to audit the correctness of the data in a cloud environment

can be formidable and expensive for the cloud users. Therefore, it is crucial to realize public

audit ability for CSS, so that data owners may resort to a third party auditor, who has expertise

and capabilities that a common user does not have, for periodically auditing the outsourced data.

This audit service is significantly important for digital forensics and credibility in clouds. To

implement public audit ability, the notions of proof of retrievability and provable data possession

have been proposed by some researchers. Their approach was based on a probabilistic proof

technique for a storage provider to prove that clients’ data remain intact
DISADVANTAGES

1. Lack of rigorous performance analysis for constructed audit system greatly affects

the practical application of this scheme.

2. It is crucial to develop a more efficient and secure mechanism for dynamic audit

services, in which possible adversary advantage through dynamic data operations

should be prohibits.
PROPOSED SYSTEM

In this paper, we introduce a dynamic audit service for integrity verification of

untrusted and outsourced storages. Our audit system, based on novel audit system

architecture, can support dynamic data operations and timely abnormal detection

with the help of several effective techniques, such as fragment structure, random

sampling, and index-hash table. Furthermore, we propose an efficient approach

based on probabilistic query and periodic verification for improving the performance

of audit services. A proof of- concept prototype is also implemented to evaluate the2

feasibility and viability of our proposed approaches. Our experimental results not

only validate the effectiveness of our approaches, but also show our system has a

lower computation cost, as well as a shorter extra storage for integrity verification.
ADVANTAGES

1. A fragment technique is introduced in this paper to improve performance and


reduce extra storage.
2. The audit activities are efficiently scheduled in an audit period, and a TPA
needs merely access file to perform audit in each activity.
SYSTEM REQUIREMENTS:
SOFTWARE REQUIREMENTS:
• Front End : Java
• Environment : Eclipse/Net
Beans
• Back End : SQL Server 2005
• Operating System : Windows XP
HARDWARE REQUIREMENTS:
• Processor : Pentium IV
• RAM : 512 MB
• Hard Disk : 80 GB
Problem Analysis
Resource allocation problem in cloud systems emphasizes how to
harness the multiattribute resources by multiplexing operating systems. In
recent years, various enhancements on resource isolation techniques have been
proposed to achieve fine-grained dynamic resource provisioning. But the
solutions create an unprecedented opportunity to maximize resource utilization,
which were not possibly applied in most Grid systems that usually treat the
underlying resources as indivisible ones and prevent simultaneous access to
them. Today’s cloud architectures are not without problems. Most cloud
services built on top of a centralized architecture may suffer denial-of-service
(DoS) attacks , unexpected outages, and limited pooling of computational
resources. On the contrary, volunteer computing systems (or Desktop Grids)
can easily aggregate huge potential computing power to tackle grand challenge
science problems.
Introduction
The clouds are typically large scale virtualized datacenters hosting
thousands of servers. While there are several advantages of these virtualized
infrastructures such as on-demand scalability of resources, there are still
issues which prevent their widespread adoption in clouds. In particular, for a
commercial success of this computing paradigm, the cloud datacenters need
to provide a better and strict Quality of Service (QoS) guarantees. With virtual
machine (VM) technology, we are able to multiplex several operating systems
on the same hardware and allow task execution over its VM substrates
without performance interference. Fine-grained resource sharing can be
achieved as each VM substrate can be configured with proper shares of
resources (such as CPU, memory, storage, network bandwidth) dynamically.
Modules:
Resource Provisioning in SOC Clouds:
In modern virtualization based soc clouds, applications share the
underlying hardware by running in isolated Virtual Machines (VMs). Each
VM, during its initial creation, is configured with a certain amount of
computing resources (such as CPU, memory and I/O). A key factor for
achieving economies of scale in a soc cloud is resource provisioning,
which refers to allocating resources to VMs to match their workload.
Typically, efficient provisioning is achieved by dynamic resource
provisioning. VM capacity is dynamically adjusted to match workload
fluctuations.
Random route query messaging:
The proposed PG-CAN range query protocol in this work aims to find

the qualified resources with minimized contention among requesters based on


task’s demand. It is unique in that for each task, there is only one query message
propagated in the network during the entire course of discovery. This is different
from most existing multiattribute range query solutions that require to propagate
multiple subqueries along multiple dimensions in parallel. To mitigate the
contention problem due to analogous queries in CAN, our range query protocol
proactively diffuses resource indexes over the network and randomly route
query messages among nodes to locate qualified ones that satisfy tasks’ minimal
demands.
Load Distribution:

We distributed incoming task to available system resources and

achieving good load balance in a fully decentralized and heterogeneous

cloud environment. Allocate resource for task with its resource requirements

that can minimize a task’s execution time. We investigate three different

policies to control imported tasks or disperse the load distribution, namely

double-check policy, queue-assistant policy, and extra-virtual-dimension

policy.
Minimizing Task Execution Time:

Dynamic optimal proportional-share resource allocation method,


which leverages the proportional share model. The key idea to redistribute
available resources among running tasks dynamically, such that these tasks
could use up the maximum capacity of each resource in a node, while each
task’s execution time can be further minimized in a fair way. DOPS
consists of two main procedures: 1) Slice handler: It is activated
periodically to equally scale the amount of resources allocated to tasks,
such that each running task can acquire additional resources proportional
to their demand along each resource dimension. 2) Event handler: It is
responsible for resource redistribution upon the events of task arrival and
completion.
Fault Tolerance:

Cloud systems usually do not provision physical hosts directly to

users. If the resources provisioned are relatively sufficient, we can guarantee

task’s execution time always within its deadline even under the wrong

prediction about task’s workload. Each task can be guaranteed to be finished

within its original deadline even though task properties cannot be predicted

accurately.
Architecture:
Data flow Diagram
Literature Survey
In Chord: A Scalable Peer-to-peer Lookup Service for Internet
Applications, Ion Stoica and Robert Morris proposed a protocol “Chord”. Many
distributed peer-to-peer applications need to determine the node that stores a
data item. The Chord protocol solves this challenging problem in decentralized
manner. It offers a powerful primitive: given a key, it determines the node
responsible for storing the key’s value, and does so efficiently. Attractive
features of Chord include its simplicity, provable correctness, and provable
performance even in the face of concurrent node arrivals and departures. It
continues to function correctly, albeit at degraded performance, when a node’s
information is only partially correct. There theoretical analysis, simulations, and
experimental results confirm that Chord scales well with the number of nodes,
recovers from large numbers of simultaneous node failures and joins, and
answers most lookups correctly even during recovery.
In Enforcing Performance Isolation Across Virtual Machines in Xen,
Diwaker Gupta and Ludmila Cherkasova proposed two mechanisms –
SEDF-DC and ShareGuard – that improve CPU and network resource
isolation in Xen. Virtualization is fast becoming a commercially viable
alternative for increasing system utilization. But from a customer
perspective, virtualization cannot succeed without providing appropriate
resource and performance isolation guarantees. They demonstrated how
these mechanisms enable new policies to ensure performance isolation

under a variety of configurations and workloads.


Efficient Resource Provisioning in Compute Clouds via VM
Multiplexing by Xiaoqiao Meng and Canturk Isci . This paper advocates
leveraging VM multiplexing to improve resource utilization in compute
clouds. The benefit of VM multiplexing is that when the peaks and troughs in
multiple VMs are temporally unaligned, these VMs can be consolidated and
provisioned together to save capacity. This paper presents three design
modules that enable the concept in practice. Specifically, a new SLA model
reflects application performance requirements; a joint-VM sizing technique
that estimates the aggregate capacity needs for multiplexed VMs; and a VM
selection algorithm for identifying most compatible VM combinations. The
proposed design modules can be seamlessly plugged into existing resource
provisioning applications. VM multiplexing is evaluated with two example
applications: VM capacity planning and providing VM resource guarantees
via reservations. Experiments based on data from an operational cloud
demonstrate that the proposed joint-VM provisioning significantly
outperforms traditional approaches.
In Container-based Operating System Virtualization: A Scalable,
High-performance Alternative to Hypervisors, Stephen Soltesz and Herbert
Pötzl shown the two approaches share traits in their high level
organization. But some features are unique to the platform. This paper has
compared two modern approaches to providing these features while they
balance the tension between complete isolation of co-located VMs and
efficient sharing of the physical infrastructure on which the VMs are
hosted. Xen is able to support multiple kernels while by design VServer
cannot. Xen also has greater support for virtualizing the network stack and
allows for the possibility of VM migration, a feature that is possible for a
COS design, but not yet available in VServer. VServer, in turn, maintains a
small kernel footprint and performs equally with native Linux kernels in
most cases.
In Error-Tolerant Resource Allocation and Payment
Minimization for Cloud System, Sheng Di and Cho-Li Wang propose a
novel resource allocation algorithm for cloud system that supports VM-
multiplexing technology, aiming to minimize user’s payment on his/her
task and also endeavor to guarantee its execution deadline meanwhile.
They prove that the output of their algorithm is optimal based on the
KKT condition, which means any other solutions would definitely cause
larger payment cost. In addition, they analyze the approximation ratio for
the expanded execution time generated by their algorithm to the user-
expected deadline, under the possibly inaccurate task property
prediction. When the resources provisioned are relatively sufficient, they
can guarantee task’s execution time always within its deadline even
under the wrong prediction about task’s workload characteristic.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy