Implementation of Decentralized Access Control with Anonymous Authentication in Cloud

Similar documents
DATA SECURITY IN CLOUDS USING DECENTRALIZED ACCESS CONTROL, ANONYMOUS AUTHENTICATION AND RSA BASED ENCRYPTION

Decentralized Access Control of Data Stored In Cloud Using Encryption

Attribute Based Encryption with Privacy Preserving In Clouds

Decentralized Access Control scheme for secure Data Stored in Clouds. Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College

Attribute Based Encryption with Privacy Protection in Clouds

A Novel Distributed Access Control of Data Stored Clouds through Anonymous Authentication

EFFICIENT DATA SHARING WITH ATTRIBUTE REVOCATION FOR CLOUD STORAGE

Secure Data Storage in Clouds by Using Decentralized Access Control Scheme

INFS 214: Introduction to Computing

ISSN: (Online) Volume 3, Issue 6, June 2015 International Journal of Advance Research in Computer Science and Management Studies

A Procedural Based Encryption Technique for Accessing Data on Cloud

ISSN Vol.04,Issue.05, May-2016, Pages:

Decentralized Anonymous Authentication of Data Stored in Clouds Praveen.N, Krishna Kumar.P.R, Vinitha V Yadav

Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds

A LTERATURE SURVEY ON REVOCABLE MULTIAUTHORITY CIPHER TEXT-POLICY ATTRIBUTE-BASED ENCRYPTION (CP-ABE) SCHEME FOR CLOUD STORAGE

Multi Attribute Based Security and Key Distribution for Secure Storage in Clouds

HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES

Enhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms

Decentralized Access Control with Anonymous Authentication of Data Stored in Cloud

Secure Cloud Storage Using Decentralized Access Control with Anonymous Authentication

ROBUST AND ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS WITH DECENTRALIZED ACCESS CONTROL

User Revocation And Fine Grained Access Control Of Phr In Cloud Using Hasbe

Fortified and Revocable Access Control for Multi- Authority Cloud Storage using CPABE

System Approach for Single Keyword Search for Encrypted data files Guarantees in Public Infrastructure Clouds

Assistant Professor, Dept of CSE, Vasireddy Venkatadri Institute of Technology (VVIT), Nambur (v), Guntur, Andhra Pradesh, India

Introduction to data centers

Abstract. Asia-pacific Journal of Convergent Research Interchange Vol.2, No.2, June 30 (2016), pp

International Journal of Advance Engineering and Research Development. AN Optimal Matrix Approach for virtual load allocation and data sharing

Secure Data Storage and Data Retrieval in Cloud Storage using Cipher Policy Attribute based Encryption

Session Based Ciphertext Policy Attribute Based Encryption Method for Access Control in Cloud Storage

Enhanced Novel Multilevel Secure User Authentication Scheme in Cloud.

Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing

An Approach towards Securing Data in Cloud Computing

To Enhance Homomorphic Encryption scheme for Key Management and Key Sharing in Cloud Computing

Introduction to Cloud Computing. [thoughtsoncloud.com] 1

IMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING

A Methodology for Assigning Access Control to Public Clouds

Decentralized Access Control Based Crime Analysis

ISSN Vol.08,Issue.16, October-2016, Pages:

A Less Weight Secure Data Sharing Scheme for Mobile Cloud Computing

FAC-MACS: Fortified Access Control for Multi-Authority Cloud Storage Using CPABE

Three Levels of Access Control to Personal Health Records in a Healthcare Cloud

Secure Data Sharing using Attribute Based Encryption with Revocation in Cloud Computing

DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE

CHEM-E Process Automation and Information Systems: Applications

ABSTRACT I. INTRODUCTION

Secure Token Based Storage System to Preserve the Sensitive Data Using Proxy Re-Encryption Technique

International Journal of Advance Engineering and Research Development

PRIVACY PRESERVING RANKED MULTI KEYWORD SEARCH FOR MULTIPLE DATA OWNERS. SRM University, Kattankulathur, Chennai, IN.

A Survey on Secure Sharing In Cloud Computing

1/10/2011. Topics. What is the Cloud? Cloud Computing

ABSTRACT I. INTRODUCTION. Telangana, India 2 Professor, Department of Computer Science & Engineering, Shadan College of Engineering & Technology,

Programowanie w chmurze na platformie Java EE Wykład 1 - dr inż. Piotr Zając

Rijndael Encryption Technique for User Authentication in Cloud Computing

Sharing of PHR s in Cloud Computing

ENCRYPTED DATA MANAGEMENT WITH DEDUPLICATION IN CLOUD COMPUTING

Cloud Computing. Grace A. Lewis Research, Technology and Systems Solutions (RTSS) Program System of Systems Practice (SoSP) Initiative

CLOUD COMPUTING. Lecture 4: Introductory lecture for cloud computing. By: Latifa ALrashed. Networks and Communication Department

AES and DES Using Secure and Dynamic Data Storage in Cloud

Cloud security is an evolving sub-domain of computer and. Cloud platform utilizes third-party data centers model. An

JAVA IEEE TRANSACTION ON CLOUD COMPUTING. 1. ITJCC01 Nebula: Distributed Edge Cloud for Data Intensive Computing

I. INTRODUCTION CLOUD COMPUTING BLOCKS. ISSN: Page 25

Secure Role-Based Access Control on Encrypted Data in Cloud Storage using ARM

IJSRD - International Journal for Scientific Research & Development Vol. 3, Issue 10, 2015 ISSN (online):

Efficient Auditable Access Control Systems for Public Shared Cloud Storage

Security Weaknesses of an Anonymous Attribute Based Encryption appeared in ASIACCS 13

International Journal of Computer Science Trends and Technology (IJCST) Volume 5 Issue 4, Jul Aug 2017

Introduction To Cloud Computing

Mobile Cloud Computing

SEGMENT STATURE HASH TABLE BASED COST EFFICIENT DATA SHARING IN CLOUD ENVIRONMENT

Community Clouds And why you should care about them

A Comparative Study of Various Computing Environments-Cluster, Grid and Cloud

A compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems.

Volume 6, Issue 1, January 2018 International Journal of Advance Research in Computer Science and Management Studies

SURVEY PAPER ON CLOUD COMPUTING

EFFICIENT RETRIEVAL OF DATA FROM CLOUD USING DATA PARTITIONING METHOD FOR BANKING APPLICATIONS [RBAC]

ADVANCES in NATURAL and APPLIED SCIENCES

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

Time-Based Proxy Re-encryption Review

Self Destruction Of Data On Cloud Computing

DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems

Module: Cloud Computing Security

ENSURING PRIVACY OF E-MEDICAL HEALTH RECORDS USING TRIPLE- DES ALGORITHM

Fine-Grained Data Updates on Cloud with Authorized Public Auditing

An Improvised Ibkem Approach Using Multiple Key Distributed For Health Care Application

A STUDY OF CLOUD MODELS & COMPARISON BETWEEN DIFFERENT CLOUD PLATFORMS

A Two-Fold Authentication Mechanism for Network Security

Analysis of Attribute Set-Based Encryption Solution for Access Control in Cloud Computing

Secure Data De-Duplication With Dynamic Ownership Management In Cloud Storage

Usage of Honeypot to Secure datacenter in Infrastructure as a Service data

Survey Paper on Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud

Combining Two Factor Authentication and Public Key Encryption to Ensure the Authentication in Cloud Computing

DISCLOSURE PROTECTION OF SENSITIVE ATTRIBUTES IN COLLABORATIVE DATA MINING V. Uma Rani *1, Dr. M. Sreenivasa Rao *2, V. Theresa Vinayasheela *3

JAVA IEEE TRANSACTION ON CLOUD COMPUTING. 1. ITJCC01 Nebula: Distributed Edge Cloud for Data Intensive Computing

Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage

A Review on Secure Multi Owner Multi-keyword Ranked Search Scheme Over Encrypted Cloud Data By Using 3DES Approach

DATA INTEGRITY TECHNIQUES IN CLOUD: AN ANALYSIS

SCRIBBLE LEGALIZATION CRYPTOGRAPHIC ASPECT BASED ON DATA ACCESS CONTROL FOR STEAM COUNT

Deploying File Based Security on Dynamic Honeypot Enabled Infrastructure as a Service Data Centre

Improving data integrity on cloud storage services

Transcription:

Volume-5, Issue-6, December-2015 International Journal of Engineering and Management Research Page Number: 210-214 Implementation of Decentralized Access Control with Anonymous Authentication in Cloud Dr. M. Sreenivasulu 1, K. Krishna Mohan 2 1 Professor & Head of Department (CSE), KSRMCE, KADAPA, INDIA 2 M.Tech (Student), KSRMCE, KADAPA, INDIA ABSTRACT Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing is a metaphor for the internet. It is a internet based computing. Heart of cloud computing is virtualization.the data stored in cloud is a very sensitive for example medical records, social records. In traditional days access control used in cloud are centralized in nature and it uses a single KDC. The project is based on decentralized access control scheme for secure data storage in clouds that maintain anonymous verification. In this project, the cloud verifies the authenticity of the series without knowing the user s identity before storing data. It provides decentralized authentication and registered users can access the data from cloud. It also has the added feature of access control in which only authorized users are able to decrypt the stored information. It supports creation, modification and reading the data stored in cloud. The communication, computation, and storage overheads are similar to centralized approaches. Keywords Cloud Computing, KDC (Key Distribution Centre), Access control, Cloud storage. I. INTRODUCTION In cloud computing, users can outsource their computation and storage to servers (also called clouds) using Internet. This frees users from the hassles of maintaining resources on-site. Clouds can provide several types of services like applications (e.g., Google Apps, Microsoft online), infrastructures (e.g., Amazon s EC2, Eucalyptus, Nimbus), and platforms to help developers write applications (e.g., Amazon ss3, Windows Azure). Much of the data stored in clouds is highly sensitive, for example, medical records and social networks. Security and privacy are thus very important issues in cloud computing. In one hand, the user should authenticate itself before initiating any transaction, and on the other hand, it must be ensured that the cloud does not tamper with the data that is outsourced. User privacy is also required so that the cloud or other users do not know the identity of the user. The cloud can hold the user accountable for the data it outsources, and likewise, the cloud is itself accountable for the services it provides. The validity of the user who stores the data is also verified. Apart from the technical solutions to ensure security and privacy, there is also a need for law enforcement. Clouds are being used to store sensitive information about patients to enable access to medical professionals, hospital staff, researchers, and policy makers. It is important to control the access of data so that only authorized users can access the data. Using ABE, the records are encrypted under some access policy and stored in the cloud. Users are given sets of attributes and corresponding keys. Only when the users have matching set of attributes, can they decrypt the information stored in the cloud. Access control in health care has been studied in [1]. Access control is also gaining importance in online social networking where users (members) store their personal information, pictures, videos and share them with selected groups of users or communities they belong to. Access control in online social networking has been studied in [2]. Such data are being stored in clouds. It is very important that only the authorized users are given access to those information. Existing work [4], [1], [3], on access control in cloud are centralized in nature. Except [4], all other schemes use attribute based encryption (ABE). The scheme uses a symmetric key approach and does not support authentication. The schemes [1], [3], do not support authentication as well. 210 Copyright 2011-15. Vandana Publications. All Rights Reserved.

Earlier work by Zhao et al. [5] provides privacy preserving authenticated access control in cloud. However, the authors take a centralized approach where a single key distribution center (KDC) distributes secret keys and attributes to all users. Unfortunately, a single KDC is not only a single point of failure but difficult to maintain because of the large number of users that are supported in a cloud environment. II. CLOUD COMPUTING Cloud Computing offers online data storage, infrastructure and application. Cloud computing is a computing paradigm, where a large pool of systems are connected in private or public networks, to provide dynamically scalable infrastructure for application, data and file storage. With the advent of this technology, the cost of computation, application hosting, content storage and delivery is reduced significantly. There isn t a single definition of cloud computing. Partly because cloud computing means different things to different people. For some, as Hakan Erdogmus [6] states in recent IEEE software magazine, cloud computing can mean everything new, cool, and trendy on the Web. Others think cloud computing as scalable Internet-based IT-services and resources. Examples of such resources are computing time and data storage. Whatever the exact definition, one feature is common to all such new technologies - a shift in the geography of computation. [6] application needs to be hosted & maintained. Today SaaS is offered by companies such as Google, Salesforce, Microsoft, Zoho, etc. 2. Platform as a Service (Paas): Here, a layer of software, or development environment is encapsulated & offered as a service, upon which other higher levels of service can be built. The customer has the freedom to build his own applications, which run on the provider s infrastructure. To meet manageability and scalability requirements of the applications, PaaS providers offer a predefined combination of OS and application servers, such as LAMP platform (Linux, Apache, MySql and PHP), restricted J2EE, Ruby etc. Google s App Engine, Force.com, etc are some of the popular PaaS examples. 3. Infrastructure as a Service (Iaas): IaaS provides basic storage and computing capabilities as standardized services over the network. Servers, storage systems, networking equipment, data centre space etc. are pooled and made available to handle workloads. The customer would typically deploy his own software on the infrastructure. Some common examples are Amazon, GoGrid, 3 Tera, etc. Fig.2.Cloud Models III. PROPOSED SYSTEM Fig.1. Structure of Cloud Computing Cloud Computing Models Cloud Providers offer services that can be grouped into three categories. 1. Software as a Service (SaaS): In this model, a complete application is offered to the customer, as a service on demand. A single instance of the service runs on the cloud & multiple end users are serviced. On the customers side, there is no need for upfront investment in servers or software licenses, while for the provider, the costs are lowered, since only a single All the approaches take a centralized approach and allow only one KDC, which is a single point of failure. Chase [8] proposed a multi-authority ABE, in which there are several KDC authorities (coordinated by a trusted authority) which distribute attributes and secret keys to users. Multi-authority ABE protocol which required no trusted authority which requires every user to have attributes from at all the KDCs. Recently, Lewko andwaters [7] proposed a fully decentralized ABE where users could have zero or more attributes from each authority and did not require a trusted server. In all these cases, decryption at user s end is computation intensive. So, this technique might be inefficient when users access using their mobile devices. To get over this problem, Green et al. proposed to outsource the decryption task to a proxy server, so that the user can compute with minimum resources (for example, hand held 211 Copyright 2011-15. Vandana Publications. All Rights Reserved.

devices). However, the presence of one proxy and one key distribution center makes it less robust than decentralized approaches. Both these approaches had no way to authenticate users, anonymously. Yang et al. presented a modification, authenticate users, who want to remain anonymous while accessing the cloud. To ensure anonymous user authentication Attribute Based Signatures were introduced by Maji et al.this was also a centralized approach. A recent scheme by the same authors [9] takes a decentralized approach and provides authentication without disclosing the identity of the users. However, as mentioned earlier in the previous section it is prone to replay attack. ARCHITECTURE 4.3 KDC setup: The proposed work based on decentralized approach. It uses several KDCs for keys management. The KDC can receive a token since the user and sees the user request (write/read). Based upon the users request the KDC provides a secret key for the purpose of encryption/decryption of information to be uploaded or retrieved. 4.4 Verify: In this phase, the user s polices are verified. It maintains user s policies and permits the user s request for performing operation on the cloud storage. 4.5. Read/Write: In this module read or write operation performed on cloud storage. When a reader wants to read some data stored in the cloud, it o decrypt it by means of the secret keys. If it has attributes matching with get back policy then decrypt the information stored in clouds. Similarly, when user sends data to the cloud, it encrypt the information using secret key and encrypted information will be saved in cloud. V. IMPLEMENTATION AND RESULTS The proposed system was implemented and provides the authentication users can access the files. It also has the added feature of access control in which only authorized users are able to decrypt the stored information. It supports creation, modification and reading the data stored in cloud. The result screens of the implemented system as shown in below figures. Fig 3. System Architecture IV. MODULES IN PROPOSED SYSTEM 1. User Registration 2. Trustee 3. KDC Setup 4. Verify 5. Read/Write MODULE DESCRIPTION 4.1 User Registration: In this module the user can register with the trustee by providing the details of user. And user saves his user name and passwords with the trustee. The trustee gives token(licence number) to the user. By using of this token, user can create and modify the data on the cloud storage. 4.2 Trustee: The trustee maintains the user details. The trustee can receives the user request since the user for generating the token. And trustee verifies the user s details like user name and password and then generates token(licence number) to the users. Fig.4. User Login Screen 212 Copyright 2011-15. Vandana Publications. All Rights Reserved.

Fig.5.Trustee generate the token Fig.8.File Upload Screen Fig.6. KDC s home page Fig.9.File details screen Fig.7.Report Showing User Keys with Response Fig.10. File download and Decryption Process Screen 213 Copyright 2011-15. Vandana Publications. All Rights Reserved.

Fig.11.Modify the Data [1] M. Li, S. Yu, K. Ren, and W. Lou, Securing personal health records in cloud computing: Patient-centric and finegrained data access control in multiowner settings, in SecureComm, pp. 89 106, 2010. [2] S. Jahid, P. Mittal, and N. Borisov, EASiER: Encryption-based access control in social networks with efficient revocation, in ACM ASIACCS, 2011. [3] S. Ruj, A. Nayak, and I. Stojmenovic, DACC: Distributed access control in clouds, in IEEE TrustCom, 2011. G. Wang, Q. Liu, and J. Wu, Hierarchical attributebased encryption for fine-grained access control in cloud storage services, in ACM CCS,, pp.735 737, 2010. [4]http://securesoftwaredev.com/2012/08/20/xacml-in-thecloud. [5] F. Zhao, T. Nishide, and K. Sakurai, Realizing finegrained and flexible access control to outsourced data with attribute-based cryptosystems, in ISPEC, ser. Lecture Notes in Computer Science, vol. 6672. Springer, pp.83 97, 2011. [6] H. Erdogmus. Cloud computing: Does Nirvana hide behind the Nebula? IEEE Software, 26(2):4 6, 2009. [7] A. B. Lewko and B. Waters, Decentralizing attributebased encryption, in EUROCRYPT, ser. Lecture Notes in Computer Science, vol. 6632. Springer, pp. 568 588, 2011. [8] M. Chase, Multi-authority attribute based encryption, in TCC, ser. Lecture Notes in Computer Science, vol. 4392. Springer, pp. 515 534, 2007. [9] Jin Li, Xiaofeng Chen, Maji et al. Attribute-based signatures, in CT-RSA, ser. Lecture Notes in Computer Science, vol. 6558. Springer, pp. 376 392, 2011. Fig.12.Reader reading the data VI. CONCLUSION In this paper, access to cloud storage have been implemented by using the decentralized approach. Instead of using single KDC (centralized approach) multiple KDCs have been used. This paper provides better security to cloud storage. The authorized users can access data stored in cloud. It also allows the users to create, modify and read the data available in cloud. It has drawback of maintaining multiple KDCs but it provides better authentication of users and security to cloud. REFERENCES 214 Copyright 2011-15. Vandana Publications. All Rights Reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback