State-of-art in Storage Model using Encryption Technique for privacy preserving in Cloud Computing V.K.Saxena 1 and Shashank Pushkar 2 1 School of Engineering & Technology, Vikram University, Ujjain, M.P., India 2 Birla Institute of Technology, Mesra, Ranchi, Jharkhand, India Abstract: Now-a-days cloud computing is showing consistent growth in the field of computing. Users can utilize these services on pay-per-use basis. When data is exchanged in cloud, there exists the problem of disclosure of privacy. The idea is to build privacy preserving storage model where data sharing services can update and control the access and limit the usage of their shared data. Preserving privacy is an important issue for cloud computing and it needs to be considered at every phase of design. This paper proposes a metadata based data segregation and storage methodology along with an encryption technique to provide additional security. This would serve as a helping note in the progress of strengthening the privacy preserving approaches in cloud computing. Keywords: Cloud computing, data privacy, data security, data storage I. INTRODUCTION In large data centre, cloud computing moves the application software and databases, where the management of data and services are not reliable. This unique attribute poses many security challenges [15]. To realize the tremendous potential, business must address the privacy questions raised by the new computing model [4]. The metadata based storage model is based on the information which is valuable only as long as the fragments of the information are related to each other. For example, credit card information without its corresponding information like card holder name, Card Verification Value (CVV) and validity date is invaluable. The information becomes valuable only when these fragments of information are mapped. The mapped information about elements is required only for authenticated users and owners of the relevant information. In recent times, a well known instance of intrusion of user information is recorded by Sony PS Network [8]. In this situation, there is no necessity that data should be stored in a mapped manner, but the mapping is needed at the point of usage. Juels et.al., [10] described a formal “Proof of Retrievability” (POR) model for ensuring the remote data integrity. Their scheme combines spot- checking and error-correcting code to ensure both possession and retrievability of files on archive service systems. The time of usage of the information is apparently very less in comparison to the time that data is present at the storage location. Thus two types of security concerns arise. One concern is during data usage, i.e. during transmission and secondly, static phase of the data, i.e. during residing at storage centers. With respect to the data security during transmission in the cloud, Subashini S.,et.al.,[13] proposed a layered framework to deliver security as a service in cloud environment. This framework consists of a security service which provides a multi-tier security based on the need of the transaction. The framework provides dynamic security to users based on their security requirements, thus enabling localized level of security and thereby reducing the cost of security for applications requiring less security and providing robust security to applications. Hose et.al.[9] proposes a model to fragment data horizontally or vertically with relation to the tuples so that data can be accessed or updated in an optimized manner. Subashini S., et.al.[14], proposed the model in which the data has to be segregated and further fragmented into smaller units until each fragment does not have any value individually. In addition to the fragmentation, we propose an encryption technique which provides additional security. This encryption allows only to data that is fragmented as ‘sensitive’ by the data migration environment. Although existing privacy preserving query processing approaches, such as [1], [2], [3], [7], [11], [12], [16], can evaluate a query on randomized data, none of them can handle a series of queries, where some queries need other queries results as input. In [5], a symmetric searchable encryption scheme and an asymmetric searchable encryption scheme are proposed to store user’s data in a third party. This paper proposes a secure query plan executor which can execute query plans without additional information about the data of data sharing services. The rest of the paper is organized as follows: Section II presents system architecture, section III analyzes metadata based storage model, section IV provides the methodology, section V provides privacy preserving query plan with data storage, Section VI analyzes our approach for privacy preservation, section VII analyzes the stirring example for data privacy, and section VIII concludes the paper. II. SYSTEM ARCHITECTURE Now-a-days in existing data integration systems, it is understood that there is a central and trusted authority collecting all data from data sharing services and computing integration results for users based on the collected data. We assume that our data storage will correctly construct the V.K.Saxena et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 5 (1) , 2014, 64-69 www.ijcsit.com 64