Privacy Protection on Data Self- Destruction System for Cloud Storage Networks

Transcription

1 ISSN Privacy Protection on Data Self- Destruction System for Cloud Storage Networks #1 Vaishali Hargude, #2 Jyoti Ohol, #3 Sonal Rahinj, #4 Smita Wangale 1 vaishalihargude95@gmail.com 2 jyotiohol95@gmail.com 3 rahinjsonal123@gmail.com 4 smitawangle@gmail.com #1234 Department of Computer Engineering, JSPM s, Imperial College of Engineering and Research, Wagholi ABSTRACT In Cloud Storage we store personal data which contain banking details such as account number, passwords, valuable notes, and other such information that can be misused by hackers. These data are copied and cached by Cloud Service Providers, often without users authentication and control. Self-destruction system mainly aims at securing the user valuable data s privacy. All the information and their copies become destructed.in this paper, we study a system that meets this challenge through integration of active storage techniques. We implemented self destructive system through the different functionality and different security properties evaluations of this system. In addition to this the data privacy can be given to the system by encrypting the data Keywords: Private Data, Self-destruction of data, Cloud Computing, Encryption ARTICLE INFO Article History Received: 24 th April 2017 Received in revised form : 24 th April 2017 Accepted: 28 th April 2017 Published online : 29 th April 2017 I. INTRODUCTION As Cloud computing and mobile Internet are getting popularized, Cloud provides services which are becoming more and most important among people s life. People are requested to submit or post some personal information to the Cloud by the web. When people put their data, they subjectively hope service providers will secure policy to secure their information from leaking, so others user will not retrieve their privacy of data. As people depend more and most on the Internet and Cloud environment, security of their data and privacy is on more threaten. On the another hand, when information is being accessed, transformed and stored by the computer system or network must make cache, copy or stored it. Because these copied information are essential important for systems and the network system. As users who have no information about these copies and could not control them, so these copies can leak their data. On the another hand, their privacy data also can be leaked through Cloud service Providers, hacker intrusion or some unauthorized actions. These problems could occurs challenges to secure people s data privacy. Personal important data stored in the Cloud may contain banking information, passwords, important notes, and other important data that could be used and improper by a unauthorized person, a competitor, or different user. These information or data are cache, copy, and archived by Cloud Service Providers, without users permission and manage. Self-destructing system generally aims at securing the user data s security. Now a days more and more services and applications are emerging in the Internet, exposing sensitive electronic data in the internet has become easier. With development of Cloud computing and popularization of mobile Internet, Cloud services are becoming more and more important for people s life. People are more or less requested to submit or post some personal private information to the Cloud by the Internet. As people rely more and more on 2017, IERJ All Rights Reserved Page 1

2 the Internet and Cloud technology, security of their privacy takes more and more risks. On the one hand, when data is being processed, transformed and stored by the current computer system or network, systems or network must cache, copy or archive it. These copies are essential for systems and the network. As people have no knowledge about these copies and cannot control them, so these copies may leak their privacy. Background: Computing capabilities can be delivered as a service by using some phenomenons of distributed, grid and elastic nature introduced in cloud technology. This computing makes the load reduction along with improve computing experiences on browser rather than some stand alone host machines. It is made feasible by using virtualizations and resource pooling. Data is the most valuable asset and the rest of the things are supportive actors for making the data transitions or exchanges, more efficient and secure. All it needs data to be processed by various nodes, has to traverse through various networks, stored on different devices, work simultaneously on multiple copies of data. After the usage period of data is over along with its lifecycle, it should be removed from each and every entity. Normally the lifecycle management includes the production, transfer, use, share, archive and deleted. The information which is mainly used and public will stays for longer phase and the data with fewer use will detached more recurrently. But in contemporary scenarios there are no such guidelines obtainable for effective data demolition. It could be named in several ways by different authors like destruction, deletion, removal, decommissioning, sanitizin g, vanishing, disposal etc. Removing the complete copy of data is a destruction activity and is based on the futuristic aspects and time which defines the scope of its usability. In this paper, we focus on Data Self-Destruction System for Cloud Storage Networks. The rest of the paper is organized as follows: Section 2 present literature survey, Section 3 present proposed system, Section 4 presents our proposed system module, Section 5 system analysis; Section 5 result analysis the and finally, Section 6 concludes the paper. II. LITERATURE SURVEY Dr. Arockiam L et al has focused on issues related to cloud. paper mainly focuses on the issues related to Privacy in cloud computing. Privacy is defined as a fundamental human right related to the collection, use, disclosure, storage and destruction of personal data (Personally Identifiable Information-PII). The American Institute of Certified Public Accountants (AICPA) and Canadian Institute of Charted Accountants (CICA) define that it is the right and obligation of individuals and organizations with respect to the collection, use, retention, and disclosure ofpersonal information. Privacy is the protection of appropriate use of personal information of cloud user. [1] Keiko Hashizume et al has analysed security issues in cloud and as per analysis, Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use.in Cloud computing Security is major factor for transferring the data one to another.this paper presented security issues for cloud models: IaaS, PaaS, and IaaS, which vary depending on the model. In this paper, storage, virtualization, and networks are the biggest security concerns in Cloud Computing. Virtualization which al-lows multiple users to share a physical server is one of the major concerns for cloud users. Also, another challenge is that there are different types of virtualization technologies, and each type may approach security mechanisms in different ways. [3] P. Muralikrishna et al has proposed the system which involves a design of a pre-distribution algorithm using a deterministic approach. Deterministic approach is the process of determining the keys before placing them within the network. A key pre-distribution algorithm using number theory with high connectivity, high resilience and memory requirements is being designed by implementing a deterministic approach.[2] N. Ramakalpana et al have presented an Asymmetric Cryptography in cloud computing i.e. encryption and decryption process.rsa algorithm is used for establishingsecurity in the internet. Its strength is its computational complexity. It is known for its security based on finding the prime factor of very large numbers. [4] Kshama D. Bothra et al have implemented the SeDas system.application client connect through metadata server. In metadata user management, server management, session management, key management.this paper creates multiple nodes for performing the sedas application. Users can perform operation like uploading, downloading or any activity in cloud server then privacy is must for transferring the data. So this paper implementing 2017, IERJ All Rights Reserved Page 2

3 Shamir s Algorithm for performing encryption and decryption operation. [5] III.PROPOSED SYSTEM 2) Authority: Task of authority is to generate, provide and manage private key of users. Authority is an entity which is trusted by all the other users present in the system. 3) Time Server: This server has responsibility regarding time specification. It does not interact with any other entity in the system. 4) Data Users: These are the users who have passed through authentication and access the data which is shared by the data owner. All the data users are able to access shared data by authentication and within authorization period only. Fig 1. System Architecture There are lot more security problems in cloud data access. In this paper it is considered how to resolve all the security problems which user faces. Also how user can specify expiration time for cloud data on which data gets self destructed with all its copies over cloud. It supports user defined authorization period in which fine-grained access control is provided over the period. Author can provide fine-grained access to the entire authorized user having cloud access. Author gives access to user for a specific time period. After that time no user (authorized as well as unauthorized) can access data which is shared by the user. Data is shared over cloud for particular time period which is specified by the author. This shared data is in encrypted form so that no one can read the data without decrypting it. When user specified time expires, shared data gets self-destructed. While deleting data, this system not only delete original data but also all the copies of data which are resided over cloud. IV. MODULE 1) Data Owner: This is user who shares data or files, containing private information with other data users. Data owner stores his/her data over cloud so that other data users can access data from cloud. 5) Cloud Servers: There are the servers where data owner shares his/her data. Cloud servers have almost unlimited storage space. Cloud servers store and manage stored data so that it can be easily available to users who are accessing cloud. V. SYSTEM ANALYSIS We have created system in java. Data is stored in mysql database. We have created a web application with local server. Web application that communicates with local server and Trustee Server using REST API. We have uploaded file on cloud. We have evaluated time required for process generation. Mathematical Model: System Description: Input: Upload file () U : Upload file on cloud. E : Encryption File. S : file for security. D : Decrypt value for each file. Output: Check Encryption file on cloud storage Input: Function Recovery (id, request, file) ID : unique id for each file. Request : User request for recovery of file. File : Check file on cloud. Output: File will recover to data owner. 2017, IERJ All Rights Reserved Page 3

4 Success Conditions: Encryption will done for input file Failure Conditions: Our system fails when no any security policy apply to the input file. Algorithm: Procedure upload ( ,pwd) unique id of the user. Password:secret password for authentication. BEGIN Check the user_id If new user then Register the user to the system validate the user with user id and password check for upload or download if upload then upload(file, key) if triggering parameter expired Delete file from cloud environment; Download file endif endif; END; VI. RESULT Fig 4. Owner login page VII. CONCLUSION In this paper, we study a self-destruction system for dynamic group data sharing in cloud systems. Since shared data items in dynamic groups remains long time in the system will considerably reduce the security and privacy of system with increased complexity in managing data files. REFERENCES [1] Dr. Arockiam L, Parthasarathy G and Monikandan S, Privacy in Cloud Computing : A Survey, Natarajan Meghanathan, et al. (Eds): SIPM, FCST, ITCA, WSE, ACSIT, CS & IT 06, pp , [2] Keiko Hashizume, David G Rosado, Eduardo Fernández-Medina and Eduardo B Fernandez, An Analysis Of Security Issues For Cloud Computing,Hashizume et al. Journal of Internet Services and Applications [3] P.Muralikrishna, S. Srinivasan, N.Chandramowliswaran, Secure Schemes for Secret Sharing and Key Distribution Using Pell s Equation, International Journal of Pure and Applied Mathematics, Volume 85 No Fig 2. User registration page [4] N. RamaKalpana, R. Santhosh, SeDas Self - Destruction Data System for Distributed Object Based Active Storage Framework, International Journal of Software and Web Sciences, 7(1), December February 2014, pp [5] Kshama Bothra, Sudipta Giri, Enhancing Security in Cloud by Self-Destruction, International Journal of Advanced Research in Computer and Communication Engineering Vol. 4, Issue 9, September [6] IEEE paper on A Self-Destructing system Based on Active Storage Framework by: Lingfang Zeng, Shibin Chen, Qingsong Wei, and Dan Feng IEEE TRANSACTIONS ON MAGNETICS, VOL. 49, NO. 6, JUNE Fig 3. User login page 2017, IERJ All Rights Reserved Page 4

5 [7] R. Geambasu, T. Kohno, A. Levy, and H. M. Levy, Vanish: Increasing data privacy with self- destructing data, in Proc. USENIX Security Symp., Montreal, Canada, Aug. 2009, pp [8] Y. Xie, K.-K. Muniswamy-Reddy, D. Feng, D. D. E. Long, Y. Kang, Z. Niu, and Z. Tan, Design and evaluation of oasis: An active storage framework based on t10 osd standard, in Proc. 27th IEEE Symp. Massive Storage Systems and Technologies (MSST), [9] C. Wang, Q. Wang, K. Ren, and W. Lou, Privacypreserving public auditing for storage security in cloud computing, in Proc. IEEE INFOCOM, 2010 [10] Y. Zhang and D. Feng, An active storage system for high performance computing, in Proc. 22nd Int. Conf. Advanced Information Networking and Applications (AINA), 2008, pp [11] T. M. John, A. T. Ramani, and J. A. Chandy, Active storage using object-based devices, in Proc. IEEE Int. Conf. Cluster Computing, 2008, pp , IERJ All Rights Reserved Page 5