# INTRODUCTION loud Computing is emerging as the next evolution of computing for its numerous contribution to the IT enterprise. In contrast to traditional solutions, Cloud Computing has a number of essential characteristics, such as: on-demand self-service, ubiquitous network access, location independent resource pooling, rapid elasticity, and measured service. [3] Figure 1 : Cloud Computing Author ? : Jaspreet Kaur Lecturer, Thapar Polytechnic College M.TECH (Computer Science and Engineering) RIMT-IET, Mandi Gobindgarh, Punjab India. e-mail: kkhushi12@yahoo.co.in Author ? : Jasmeet Singh Asst. Professor(CSE Department) RIMT-IET, Mandi Gobindgarh, Punjab India. e-mail: jasmeetgur m@gmail.com Data outsourcing, one of the fundamental components of Cloud Computing, centralizes users' data to the cloud server (CS). Users including both individuals and enterprises move their data or store their data in cloud storage centers to minimize the costs and enjoy benefits, such as: release the pressure from storage management, universal data access with independent geographical locations. [4] Despite these distinct advantages outsourcing brings, there are also many security issues. 1. Firstly, although the cloud service provider (CSP) can provide more powerful and reliable infrastructures than users, a huge mass of data storing in the CS makes it more vulnerable to active attack. 2. Secondly, towards the cloud users, the CSP may deliberately distort the status of users' outsourced data for some benefits. For example, the CSP may discard the data that users rarely or never access to save costs, or even hide data loss incidents for the sake of reputation . [4] So we can see, although data outsourcing can bring advantages and convenience to users, it can not ensure the integrity of data. But integrity monitoring is essential in cloud storage for the same reasons that data integrity is critical for any data center. Data corruption can happen at any level of storage and with any type of media. The truth is that data corruption can happen anywhere within a storage environment. Data can become corrupted simply by migrating it to a different platform, i.e., sending your data to the cloud. Cloud storage systems are still data centers, with hardware and software, and are still vulnerable to data corruption. [13] Generally speaking, users like to outsource a huge mass of data in the CS, so simply downloading the data to verify the integrity is not a feasible solution. To solve the security problems of data outsourcing mentioned above, researchers proposed auditing protocols to ensure the correctness of the outsourced data. The integrity of data should be guaranteed in a relatively low computation and communication overhead through an efficient auditing protocol. [4] So he appoints a Third Party Auditor to check the availability of data and its correctness without devotion of their computation resources. [1] TPA checks the correctness of data stored in the cloud and communicates this with the client. Whenever the client needs the data the cloud returns the data with full guarantee of delivery, availability and correctness. As TPA verifies for its correctness and availability he considers the data is safe. Figure 2 represents data outsourcing in cloud environment where user delegates task of monitoring integrity to third party auditor(TPA). In Cloud Computing, it is difficult to maintain data integrity because the user usually has no control over the security mechanisms that are used to protect his/her data. User cannot trust cloud service provider to handle the data by himself as he himself can modify or delete the original data and integrity may be lost. If any intruder attacks and steals the data and modifies it then in some cases the modification is not even noticed by the cloud server or data loss or corruption is intentionally hidden. So, user can rely on a trusted third party auditor to check for the integrity of his data. To trust third party entity authentication is needed. For auditing (on user's request or at regular intervals), strong and secure cryptographic hash function is required to check for integrity of cloud data and informs the user about data corruptions or loss if any. # III. Methodology We propose a data correctness scheme which involves verifying integrity of data with the help of third part auditor as shown in figure 3. For ensuring the integrity of the data we will be using combination of three approaches-1. Station-to-Station protocol (based on Diffie-Hellman key exchange algorithm) generates mutual key which is known to both user and auditor. It also provides entity authentication to both. 2. Exclusive-OR (XOR) to perform a xor operation between the message and the key generated using Station-to-Station protocol. 3. Secure Hashing Algorithm (SHA-2) to generate a digest by passing the original message to the hash function. This is done by both the user and the auditor and the value obtained from the hash function by both of them is compared and hence the data integrity is verified. The steps of implementation are as follows- # V. Results The results of the above mentioned system are shown in Table 1 and Figure 7. A secret key generated using STS protocol (that is known to both user and auditor. Also, mutual authentication is done using this protocol. 2. XOR operation is done between the data and the key generated to create cipher text which is stored in cloud. 3. Separately the data is passed in a hash function (using SHA-2) and the hash value is obtained by the user. 4. Auditor gets the cipher text from the cloud and performs an XOR operation with the secret key generated by the station to station protocol and gets a plain text. 5. Auditor passes this plain text to the same hash function (using SHA2) and obtains a hash value. 6. He then compares this hash value with the hash value received from the user .If both the values are identical then the data integrity is maintained else data is tampered. storage services. This scheme reduces the computational and storage overhead of the client as well as the computational overhead of the cloud storage server.. We are trying to improve the scheme for auditing multiple files from multiple clients simultaneously as with the increasing development of Cloud Computing technologies, it is believed that more and more users will prefer to store their data in the cloud. 2![Figure 2 : Data Outsourcing in Cloud](image-2.png "Figure 2 :") 34![Figure 3 : Methodology](image-3.png "Figure 3 :CFigure 4 :") 5![Figure 5 : Cloud page](image-4.png "Figure 5 :") 7![Figure 7 : Graph Showing Results of Encryption, Decryption, Hash Time and Collision If hash of both files matches, collision point is 0. If hash of both files do not match , collision point is 1.VI. Conclusion and Future WorkThis paper focuses on auditing mechanisms (using hash function) to ensure data integrity where users can safely delegate the integrity checking tasks to Third Party Auditors and be worry-free to use the cloud](image-5.png "Figure 7 :") 1File Size( in Bytes)2899124205Encryption Time 1694141211Decryption Time 31141187265Hash Time637893108Collision Point0000 © 2013 Global Journals Inc. (US) Global Journal of Computer Science and Technology © 2013 Global Journals Inc. (US) * A Scheme for Checking Data Correctness in the Cloud MurugesanMalathi International Conference on Information and Network Technology ICINT 2012 * Improving data integrity on cloud storage services .MMiss Sowparnika1 .RProf Dheenadayalu2 International Journal of Engineering Science Invention(ISSN) 2 2 February. 2013 * A Protocol for Ensuring Data Integrity in Cloud Environment NMadhuri TVSuneetha AHaritha PV SLakshmi International Journal of Advanced Research in Computer Science and Software Engineering 3 4 April 2013 * Cryptanalysis of auditing protocol proposed by Wang et al. for data storage security in Cloud Computing Xu Chun-Xiang DanielXiao-Hu Abraha 2006 School of Computer Science and Engineering, University of Electronics Science and Technology of China * Data Auditing in Cloud Environment using Message Authentication Code KGovinda ESathiyamoorthy International Conference on Emerging Trends on Advanced Engineering Research (ICETT) 2012 * Third Party Auditing for Secure Data Storage in Cloud through Digital Signature using RSA KGovinda VGurunathprasad HSathishkumar International Journal of Advanced Scientific and Technical Research 4 2 August 2012 * Cloud Data Security while using Third Party Auditor AbhishekMohta LalitKumar Awasthi International Journal of Scientific and Engineering Research 3 June-2012 * Security Provision in Publicly Auditable Secure Cloud Data Storage Services using SHA-1 Algorithm AkkalaSaibabu TSatyanarayana Murthy International Journal of Computer Science and Information Technologies (IJCSIT) 3 3 2012 * Survey on Data Integrity in Cloud Computing Reenu Sara Georeg SSabitha International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) 2 1 January 2013 * Achieving Secure Cloud Data Storage without using a Trusted Third Party Auditor-A Review HirenPatel DhirenPatel International Journal of Computer Applications Nov.2012 * A DATA INTEGRITY VERIFICATION IN CLOUD COMPUTING SJeyadevan .SDr Patel International Conference on Computing and Control Engineering 13 April,2012 12 ICCCE 2012 * Efficient integrity checking technique for securing client data in cloud computing DaliaAttas OmarBatrafi International Journal of Electrical & Computer Sciences (IJECS-IJENS) 11 5