Third Party Auditor: An Integrity Checking Technique for Client Data Security in Cloud Computing Renuka Goyal, Navjot Sidhu Centre for Computer Science and Technology, Central University of Punjab Bathinda, India Abstract— Now-a-days the concept of Cloud Computing is one of the major theories in the world of IT. Its services are now being applied to several IT scenarios. Cloud Computing is the internet based computing which provides users with a number of services. Users store their data in the cloud without the burden of local data storage. As the user no longer have physical possession of data so the integrity and security of data become the major concern in the cloud computing. Data stored on the cloud server may be get corrupted and sometimes even the cloud service provider for his own benefit like for more space on data centre can discard the user data which is not used for a longer time. In order to maintain the integrity of data, the user takes the assistance of a Third Party Auditor (TPA). The TPA checks the integrity of data on user demand and the released audit reports help the user to evaluate the risk of their services. TPA have an experience that user does not have and have capability to check integrity of data which is not easy for the user to check. This paper highlighted the basics of cloud computing, general model and different approaches used for TPA. Index Terms—Cloud computing, Data Integrity, Third Party Auditor, MAC, Digital signatures, Public- auditing. I. INTRODUCTION Cloud Computing gained intention since 2007.It is the general term for anything that involves providing services on internet. It moves the data and computing from desktop to large datacenters. It is combination of parallel, grid and distributed computing. Many big companies such as IBM, Google, Amazon, Microsoft, Yahoo and other move themselves to develop Cloud Computing. These companies have launched their own Cloud Computing infrastructures and services and achieved good application results and social impact, such as Amazon’s EC2 and S3, Google’ Google Apps, Microsoft’ Azure and so on. According to National Institute of Standards and Technology (NIST): "Cloud Computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction”. It also defines Cloud Computing by:  5 essential characteristics  3 cloud service models  4 cloud deployment models Fig. 1: Visual Model of NIST Definition of Cloud Computing A. Cloud Computing Service Models According to [1], [3], [6], [7] a cloud user can subscribe the following types of cloud providers: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). These three types differ in the amount of control that user have over his information and how much user can expect his provider to do for him. In this IaaS is most basic and each higher model abstracts from the details of lower models. 1) Software as a Service (SaaS): In this model, users use the applications of service provider that run on cloud infrastructure. The users need not to install and run the applications on his system. The user can use these applications via any thin and thick client devices. This eliminates the user need to upgrade their applications. The user is billed according to his usage. User does not maintain the underlying the cloud infrastructure including the network, server, operating system, storage or applications. For example: Google Docs, SalesForce , SAP Business by Design etc. 2) Platform as a Service (Paas): In this model user can deploy their applications on cloud infrastructure created using some programming language, libraries and tools provided by cloud service provider. This eliminates the user need to install software and hardware required for it. User does not maintain the underlying the cloud Renuka Goyal et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 5 (3) , 2014, 4526-4530 www.ijcsit.com 4526