Effective privacy preserving in cloud computing using position aware Merkle tree model

ABSTRACT


INTRODUCTION
Cloud computing (CC) processes a huge amount of data which is collected through IoT.The CC uses network devices for monitoring and controlling the physical entity which helps to make the decisions.It is made to embed resource computing and communication among all the physical devices [1].Cloud computing requires a wide range of services that includes platform as a service (PaaS), desktop as a service (DaaS), software as a service (SaaS), and infrastructure as a service (IaaS) [2].There is a traditional storage technology that is directly attached to the redundant arrays, and to the produced independent disks for generating the storage network area.Cloud storage has provided the users having large storage, the space and access to data among independent geographical locations [3].The private data is integrated with the cloud service providers as well as with the third-party verifier whereas the process of verification is performed to avoid security issues [4].The security of the multimedia data is important with respect to the research direction and information field.Security in the multimedia has mainly 5 aspects namely content confidentiality, multimedia content integrity, controllability, multimedia, and repudiation [5].The impact of cybercrime on the Internet is far-reaching, and CC is an attractive target for various reasons.Major providers such as google, microsoft, and amazon possess robust infrastructures to stand against cyber-attacks, but not ISSN:2302-9285  Effective privacy preserving in cloud computing using … (Shruthi Gangadharaiah) 1425 all cloud services pleased such capabilities.Identifying a provider with vulnerabilities that are easy to exploit makes them a highly visible target for cyber-criminals.Clouds lacking adequate security [6] measures become prime targets for malicious activities, given their architecture allows for simultaneous attacks on multiple websites.Without proper security, a single malicious activity could compromise numerous websites.Cloud computingsecurity encompasses several challenges, including multi-tenancy, data loss [7] and leakage, ease of accessibility, identity management, unsafe APIs, inconsistencies in service level agreements, patch management, and internal threats.Enforcing security measures that provide to the diverse needs of all cloud users is challenging, as different users have varying security demands based on their objectives for using cloud services [8].While previous research in cloud computing has predominantly focused on aspects such as technological architecture, distinguishing features from similar technologies, and security concerns, the paramount criterion that drives adoption remains security.However, it is essential to acknowledge the increasing integration of various intelligent environments like utility computing, smart data centers, pervasive computing, automation, virtualization, and intelligent networks into our daily lives.
The developed provable data possession (PDP) scheme failed to support dynamic auditing for providing data privacy protection [9]- [11].The another developed public auditing protocol, which utilizes a binary binomial tree (BBT)-like data structure along with the boneh-lynn-shacham signature-based homomorphic verifiable authenticator (BLS-HVA) modelfaced an unexpected problem after introducing a third-party auditor [12].The other developed model was efficient for novel auditing methods, in providing security to data in the cloud storage based on convergence and to perform symmetric encryption.However, the model issued data that was lost with the cloud where the data loss process occurred in the infrastructure irrespective of the measures provided by the cloud service providers (CSPs) [13].Shabbir et al. [14] utilized data integrity verification based on the short signature algorithm that provided privacy protection.The model supported public auditing by introducing trusted third party (TPA).An advantage of the developed model was that it solved the problem of reducing the communication overhead and computational overhead, the major challenge faced in IoT storage security.The disadvantage however were the security issues as it was vulnerable to attacks.It was insecure and was unable to resist forgery attacks with key disclosure attacks.The developed model was large for storage overhead and communication overhead and did not implement with public verification.Garg et al. [15] developed data integrity auditing in a cloud computing model efficiently.The objective of the developed protocol was to reduce the client's complexity to set the phase based on auditing protocol.The remote data integrity problem was addressed by the auditing protocol which overcame the data privacy and integrity issues.However, the developed model failed to perform data dynamic operations and failed to consider the static data issues, faced in security.Ping at al. [16] developed secure identity based aggregate signatures (SIBAS) that performed data integrity schemes as per the requirement.It processed the scheme to resort with the trusted execution environment (TEE).The TEE auditor was used to check the data that was outsourced at the local side.The developed model was secure enough to resist the attack from the other node.The developed model solved the problem of delivering data with the unknown cloud services.The developed model integrated the data which had become potentially vulnerable and was based on the assumption of ideal state.However, the security issues were neglected for computer systems which increased the range of attacks.Pitchai et al. [17] developed an availability and integrity verification (AIVP) protocol which was available for predicting the space in cloud.The model verified the integrity and stored the data.The developed model solved the integrity issues for data cloud storage in the cloud with the help of bridge gap techniques.The generated challenges are verified by TPA for cloud computing that overcame the protocol issues.The developed model reduced the issues related to security and replayed the attack and forgery.The diffie-hellman cryptography technique was used for identifying the public key cryptography technique for avoiding cloud computing problems.However, the research issues persisted in the cloud computing, when the accessed data files led to interrupted verifiers, remote servers, disk failure, data files' deletion.
Liu at al. [18] developed an effective data integrity with auditing scheme to edge compute on the basis of multimedia data enterprises securely.The existing multimedia security scheme failed to deal with the general issues of security without tackling the data integrity problems.The developed model solved the security issues for providing multimedia security that reduced the privacy leakage issues and their occurrence.The model improved the service quality for the enterprise but several outside threats led to insecure computation.It lacked service managers to compute and determine the data that suffered from the problem of security.Depending on the layered modeling of the security mechanisms, Shabbir et al. [14] showed how to offer requirement-oriented health information security utilizing modular encryption standard (MES).In rare cases, layered modeling also led to decreased system performance.As a result, including quantum computing into the research schemes increased its effectiveness and improved its suitability for use with mobile and smart products.This method did not take into account the image-oriented data set; it was always explicitly configured for the encoding and decoding of textual data.An effective sequential convex estimation optimization (SCEO) method was created by Anajemba et al. [19] to address this issue and enhance the physical layer (PHY) security in a three-node wireless communications system.The outcomes of the tests showed that the SCEO method provided the best efficiency and improved connectivity for the communication.A quick privacy rate optimization approach for a multiple-input, multiple-output, multipleeavesdropper (MIMOME) environment, which is relevant for security in IoT and 5G systems, was developed by further improving this study.Given that this was the research's ideal area of study, its importance for telecommunications such as the internet of things and the 5G cellular network should not be understated.To improve the security of cloud data, Jayaprakash et al. [20] published cloud data encryption and authentication predicated on enhanced merkle hash tree algorithm.The suggested solution used leaf nodes including a hash tag and a non-leaf node through the use of a database of child hash data to encrypt massive amounts of data.Additionally, it offered effective data mapping and made it simpler to spot changes that were made because of appropriate organization.The created approach allowed public audits to offer a safe cloud storage system while protecting privacy.But however, the suggested technique provided lesser effective huge datasets and insecure data exchange as a one-to-one approach.Lightweight blockchain framework for medical record data integrity was demonstrated by Mardiansyah and Sari [21] to lower the computational cost.The blockchain data was shown using the flask micro web server, and an android application was developed using MIT app inventor to read data from IoT devices.Leading-zero was used as a measure of mining difficulty in the lightweight blockchain to ensure data confidentiality and integrity when constructing a block.Overall, it lasted shorter than the current network for low difficulty levels.At the fifth level of complexity it took longer than ethereum to execute transactions however, it still proved to be faster.Furthermore, the established model was lacking in the ability to computationally determine which data was affected by the security issue.
From the overall analysis, it clearly identified that to provide an effective security to cloud data storage systems, every model is developed using various advanced approaches.Some developed models supported public auditing by introducing trusted third party and solved the problem of communication overhead.Additionally, the remote data integrity problem was addressed by the auditing protocol which overcame the data privacy and integrity issues with the help of bridge gap techniques.The advanced cryptography technique was used for identifying the public key cryptography technique for avoiding cloud computing problems.Similarly, some techniques offered an effective data mapping and made it simpler to spot changes that were made because of appropriate organization.Additionally, including advanced techniques like quantum computing into the research schemes increased its effectiveness and improved its suitability for use with mobile and smart products.On the other side, the developed model failed to perform data dynamic operations and failed to consider the static data issues.More number of developed models are suffering in the time complexity issues.Moreover, the suggested techniques provide ineffective performance and insecure data exchange with computation overhead.In some other, developed models improved the service quality for the enterprise but several outside threats led to insecure computation.The previous researches lacked service managers to compute and determine the data that suffered from the problem of security.So, an effective and reliable plan or strategy is essential to protect data integrity in cases involving public auditing.The suggested solution will assures complete data security and conserves the computed resources of cloud users.To overcome the above stated issues, this research proposes an efficient auditing approach named position aware Merkle tree modelto protect cloud data privacy and data integrity.The major contributions of this manuscript are specified as: − A trusted TPA is developed to support public auditing for the data user and to prevent the failure of incurring additional overhead for data undertaking.− The process of signature is performed for reducing the computational overhead based on the hash function.The experimental results show that the computational time and signature time are minimized by implementing the proposed position-aware Merkle tree and the obtained results are superior to the existing models.− On the other hand, the proposed position-aware Merkle (PMT) method overcomes the storage and complexity problems at the client side and evaluates the performance of the method to provide integrity verification.The structure of the proposed research work is given as follows: section 2 explains the description of proposed method.Section 3 explains the concept of PMT-based data possession verificationand section 4 discusses the results of the present research work.The conclusion and future work of the present research work is given in section 5.

PROPOSED METHOD
In cloud computing, clients might unexpectedly collapse or get overwhelmed by the frequency of integrity checks.Therefore, adding public verifiability to the verification protocol makes sense and is predicted to be useful in achieving cloud computing economies of scale.Therefore, the focus of the current work is on how to create a third-party auditing system that is not dependent on data encryption.The proposed Additionally, given the popularity of cloud computing, TPAs may be assigned an anticipated rise in auditing work from various users.The proposed method's performance is evaluated by using the various parameters which are described in the results section.The proposed method consists of key generation, encryption, and decryption.The key generation includes RSA cryptosystem that has three types of processes, firstly encryption, then key decryption, and the prime key.The process of encryption contains different hash functions that provide secure hash algorithms (SHA-2 and SHA-3) and message digest algorithm 5 (MD5).Multiple-level hash tree that utilises the Merkle hash tree (MHT) algorithm is used efficiently for identifying the data integrity among various servers [22].The MHT provides a persistent data structure for mapping the data among the arbitrary length as binary data.The PMT has nodes in each of the trees that know about the relative position at the parent nodes.The chameleon authentication tree (CAT) is known as an important authenticated data structure for data verification in 5G networks.The process of decryption includes the conversion of data encryption back to the original form.In general, the process of reverse is used in encryption where the recipient receives a window or prompt that has the password for entering and accessing the data for encryption.

Key generation
The present research uses the RSA cryptosystem that includes encryption, decryption, and a prime key.The RSA algorithm does not provide security to attacks that include brute force attack as it is dependent on the RSA for larger prime numbers and is difficult to break.Thus, the proposed RSA generates the key securely and also establishes the public and private keys that are known as the IRSAC algorithm.The IRSAC key generation utilizes 2 random numbers and two prime numbers.

Encryption
The encryption process is as: i) the encryption process has obtained various components as a public key; ii) the messages are represented in the form of plain text that represents a positive integer; iii) the cipher text computed is represented as  =   mod , in which   is known as the encrypted message; and iv) the cipher textis used for forwarding it to a user.

Position-aware Merkle tree
The major theme of PMT is retrieving the data quickly and evaluating the position of encrypted data.Additionally, the PMT method overcomes cloud data storage and complexity problems by efficiently verifying the integrity of data in a cloud environment.It achieves this through a hierarchical tree structure where each leaf node represents a data block and each non-leaf node is a hash of its child nodes.This structure ensures data integrity and enables quick verification of any data modification or corruption.The position-aware feature allows the merkle tree to efficiently handle dynamic data changes.When data is inserted, modified, or deleted, only the affected branches and nodes need to be recalculated, minimizing computational overhead.This reduces the complexity of verification operations, making it scalable and suitable for large datasets in the cloud.PMT tree consists of nodes and each of the nodes is aware of the parent nodes' relative positions.Thus, the integrity verification phase is used in the proposed approach, wherein the complete retrieval of MT is not required [23].The PMT node in the MT is tracked based on the position of the parent node relatively.A node   has PMT records that update the position in the tree that is expressed as a 3-tuple   (  .,   .,   .).From the expression,   . is known as the relative position of the parent nodes of   .  . is the product of the leaf nodes and   .The nodes are labeled from the position of left to right at every layer.  .,   .,   . are calculated as shown in ( 1) to (3): PMT has allowed the generation of integrity based on the authentication path for performing data verification based on the direct computation from the root to the tree.The model is rooted without the tree structure querying.The proposed research uses each node's awareness based on position, considering the overall structure of the tree as it has not utilized the data semantics.The model uses the position of data items that are present on the tree.Also, the merkle tree PMT does not provide the data order as it is independent of the integrity proofs [24].Each node knows the positions and items that have been accessed for the positioning scheme.The memberships proofs are obtained as data items which are checked for their presence.This takes the time of (1) and thus it is supported as the new data is inserted into the tree.Therefore, the complexities in generation, insertion, and the query runtime are generated which are the same as the merkle tree and Figure 1 shows the PMT structure.The position-aware merkle tree [25] is provided as  1 which is a leaf node which is indexed with the file block  1 and  1 is known as the left subtree based on its node  9 from the parental node.Thus, as per the above formula,  1 . = 0,  1 . = 1 and  1 . = ℎ(0|| 1 ||1).Similarly, the solution is obtained for  2 = (1,1, ℎ(1|| 2 ||1) and  9 = (0,2, ℎ(0|| 1 .|| 2 .||2)).

PMT-BASED DATA POSSESSION VERIFICATION
The present subsection describes the data possession verification which is processed using the PMT.The user keeps the root node   = (  .,   ,   .), and the outsource server frames the file block represented as  = { 1 ,  2 , . .,   }}.The user needs to check the integrity of the  ℎ file block that is represented as   that sends the request vector.It is represented as {, ""}at the server and the server returns the integrity path correspondingly represented as {  , }.The user can execute the algorithm as ((  ,   , ) → {"", ""}) for the calculation of the root node which is represented as   .This is based on the response {  , } that is provided for the server.The user compares the root with the original root which is represented as it is kept locally.In case,   =   , then the server sends a correct response.Thus, the results are passed to the server for integrity verification and the verification algorithm has been outputted with "" else it is represented as "".Therefore, the verification algorithm introduced clarifies the symbols, and the total number of tree nodes are represented as   .

Decryption
The process of converting the encrypted data to its original form is called the process of decryption.Thus, the general process of encoding and reversing is known as encryption and decryption, and message received for the corresponding process in the cloud comes with a prompt or window having a password entered for accessing the data for encryption.The message recipient decrypts the information back to the form of original and readable formats.Further, the messages are passed in a system which are also encrypted.The process is as follows; i) the decryption process utilizes the user's private key (, ); ii) the message  =   mod  is computed; and iii) the plain texts extract the message .
The proposed IRSAC mainly performs key generation, encryption and decryption that are explained as follows: PSEUDO CODE P and Q are prime numbers and P ≠Q are selected Calculate n where n =P*Q The Random E is selected in such a way that gcd (Φ(n), E) =1, 1 &lt; E&lt; Φ(n)

RESULTS AND DISCUSSION
The proposed model is simulated on a computing system with Intel Core i9 processor, 128 GB random access memory, and windows 10 (64bit) operating system.The proposed method's performance is evaluated by using the parameters of: − Operation time: is defined as the time interval present among the instants between the occurrence, which specifies the condi on of a system and the instant of completion with respect to the specified operation.− Signature time: the forger acquires multiple message signatures that are performed on the polynomial function from a signed message that has only the public key.− Computation time: is the length of time required to perform the hash function's computational process.

Quantitative analysis
Table 1 shows the operation time evaluated in terms of computation time (ms) with respect to the data block size ranging from 0 to 70.The computation time consumed by each of the data blocks varies from 0 to 0.004529 milliseconds.As the size of the data block increases from 0 to 70, the computation time also increases with respect to the data blocks.Figure 2 represents the computation time evaluated by the proposed method.If the size of user's data block is increased, the data blocks numbers are also increases accordingly.The signature time is the time consumed by the signature scheme.The proposed model consumed less signature time than the existing models, which is graphically represented in Figure 3. Table 2 illustrates the simulation outcomes in terms of signature time.The calculation time varies (increase/decrease) whenever the structure of the tree size changes, for example, if a new branch is extended, time increases, and if a branch is split, it will take less time.The calculation time based on the proposed method is lower and the proposed method uses hash-based operation in the scheme.Table 3 and Figure 4 represent the calculation time of the proposed method, which is evaluated with respect to various data block sizes.

Comparative analysis
Table 4 represents the comparative results between the proposed and the existing models by means of computation time.Ping et al. [16] developed a secure identity based aggregate signature model.The developed model overhead in storage with other resources, so it was required to perform a specific task, which resulted with 18 seconds of computation time.There was a lack of service managers in edge computing, which determined that the multimedia data suffered from security threats and consumed 18 seconds of computation time.Pitchai et al. [17] developed an effective availability and integrity verification protocol for addressing security and privacy issues in the cloud storage.The simulation results demonstrated that the developed availability and integrity verification protocol consumed 0.30 seconds of computation time, and obtained better performance in terms of other performance measures like throughput and latency.Liu et al. [18] implemented an effective data storage system named one-way linked information table for storing the multimedia data enterprise.The developed storage system has obtained higher efficiency of the data recovery, and consumed 18 seconds of computation time.On the other hand, the proposed PMT consumed 0.00459 milliseconds of computation time, which is better compared to the existing models.[16] 18 Availability and integrity verification protocol [17] 0.3 One-way linked Information table [18] 18 Proposed PMT method 0.00459

Discussion
In this section, the overall discussion about present research is briefly explained and the results are compared with the previous methods such as Secure identity based aggregate signatures [16], Availability and integrity verification protocol [17] as well as one-way linked information table [18].Firstly, the RSA cryptosystem that includes encryption, decryption, and a prime key, is used to generate the key securely and also establish the public and private keys.Then the encryption process has obtained various components as a public key.Then, the PMT is used to retrieve the data quickly and evaluate the position of encrypted data.Where, the PMT method overcomes cloud data storage and complexity problems by efficiently verifying the integrity of data in a cloud environment.Then the decryption process begins which is performed using the IRSAC method because the IRSAC method mainly performs key generation, encryption and decryption.Finally, the performance of the proposed PMT method is analysed and compared with existing methods to determine the proposed system's enhanced performance.From the results, it clearly demonstrates that the proposed PMT consumes a minimum computation time of 0.00459 milliseconds for data recovery.Where, the Secure identity based aggregate signatures [16] consumes a computation time of 18 seconds for data recovery and availability and integrity verification protocol [17] consumes a computation time of 0.3 seconds for data recovery and one-way linked information table [18] consumes a computation time of 18 seconds for data recovery.

CONCLUSION
The proposed PMT method significantly solves privacy and security issues in the cloud storage system.In the present research work, the proposed PMT method is used for reducing the operation time, signature time, and the computation time of the verification process.The available cloud service providers, and storage space are used for data storage in the multi cloud environment.Therefore, the multi cloud environment increases the number of users and also in parallel, increases the value of throughput.The simulation results demonstrated that the proposed PMT effectively reduced operation time, signature time, and computation time related to the existing models.The proposed PMT consumed 0.00459 milliseconds of computation time, which was better compared to the existing models: secure identity based aggregate signatures, availability and integrity verification protocol, and one-way linked information table.
The PMT rely on hash functions to verify the integrity of the data they store.However, not all hash functions are suitable for use with Merkle trees.This can limit the types of data that can be stored using Merkle trees on a blockchain network.As a future work, the current research can be extended by considering the problem of storing different kinds of data, which can be done by using a novel encryption approach.

Figure 2 .
Figure 2. Computation time evaluated by the proposed method

Figure 3 .
Figure 3. Signature time evaluated by the proposed method

Figure 4 .
Figure 4. Calculation time with respect the proposed method

Table 1 .
Simulation results by means of operation time/computation time

Table 2 .
Simulation results by means of signature time

Table 3 .
Simulation results by means of calculation time

Table 4 .
Comparative results between the proposed and the existing methods Effective privacy preserving in cloud computing using … (Shruthi Gangadharaiah) 1431