Decentralized access control with anonymous authentication of data stored in clouds
Download as DOCX, PDF1 like631 views
The document proposes a decentralized access control scheme for secure data storage in clouds, which enables anonymous authentication without revealing user identities. This system addresses critical issues such as access control, authentication, and privacy protection, while providing robust security against various attacks. It outlines advantages such as distributed access control, collusion resistance, and protection against replay attacks, with costs comparable to centralized approaches.
Decentralized access control with anonymous authentication of data stored in clouds
- 1. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts DECENTRALIZED ACCESS CONTROL WITH ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS ABSTRACT A new decentralized access control scheme is proposed for secure data storage in clouds that supports anonymous authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before storing data. Access control is enabled, in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. Authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable to centralized approaches. AIM The problems of access control, authentication, and privacy protection should be solved simultaneously.
- 2. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts INTRODUCTION Research in cloud computing is receiving a lot of attention from both academic and industrial worlds. In cloud computing, users can outsource their computation and storage to servers (also called clouds) using Internet. This frees users from the hassles of maintaining resources on-site. Clouds can provide several types of services like applications, infrastructures, and platforms to help developers write applications. Much of the data stored in clouds is highly sensitive, for example, medical records and social networks. Security and privacy are, thus, very important issues in cloud computing. In one hand, the user should authenticate itself before initiating any transaction, and on the other hand, it must be ensured that the cloud does not tamper with the data that is outsourced. User privacy is also required so that the cloud or other users do not know the identity of the user. The cloud can hold the user accountable for the data it outsources, and likewise, the cloud is itself accountable for the services it provides. The validity of the user who stores the data is also verified. Apart from the technical solutions to ensure security and privacy, there is also a need for law enforcement.
- 3. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts SCOPE OF WORK Access control in clouds is gaining attention because it is important that only authorized users have access to valid service. A huge amount of information is being stored in the cloud, and much of this is sensitive information. Care should be taken to ensure access control of this sensitive information which can often be related to health, important documents or even personal information. There are broadly three types of access control: user-based access control (UBAC), role-based access control (RBAC), and attribute-based access control (ABAC). In UBAC, the access control list contains the list of users who are authorized to access data. This is not feasible in clouds where there are many users. In RBAC, users are classified based on their individual roles. Data can be accessed by users who have matching roles. The roles are defined by the system. ABAC is more extended in scope, in which users are given attributes, and the data has attached access policy.
- 4. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts EXISTING SYSTEM Secure and dependable cloud storage Cloud servers prone to Byzantine failure, where a storage server can fail in arbitrary ways. The cloud is also prone to data modification and server colluding attacks. In server colluding attack, the adversary can compromise storage servers, so that it can modify data files as long as they are internally consistent. To provide secure data storage, the data needs to be encrypted. However, the data is often modified and this dynamic property needs to be taken into account while designing efficient secure storage techniques. Privacy preserving search The clouds should not know the query but should be able to return the records that satisfy the query. This is achieved by means of searchable encryption. The keywords are sent to the cloud encrypted, and the cloud returns the result without knowing the actual keyword for the search. The problem here is that the data records should have keywords associated with them to enable the search.
- 5. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts Drawbacks The correct records are returned only when searched with the exact keywords. Storage security Reed-Solomon erasure-correcting codes were used. Many homomorphic encryption techniques have been suggested to ensure that the cloud is not able to read the data while performing computations on them. Using homomorphic encryption, the cloud receives ciphertext of the data and performs computations on the ciphertext and returns the encoded value of the result. The user is able to decode the result, but the cloud does not know what data it has operated on. In such circumstances, it must be possible for the user to verify that the cloud returns correct results. Disadvantages Accountability of clouds is a very challenging task and involves technical issues and law enforcement. Neither clouds nor users should deny any operations performed or requested.
- 6. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts Proposed system To propose ABS scheme to achieve authenticity and privacy. This is resistant to replay attacks, in which a user can replace fresh data with stale data from a previous write, even if it no longer has valid claim policy. This is an important property because a user, revoked of its attributes, might no longer be able to write to the cloud. This scheme also allows writing multiple times which was not permitted in earlier work. Advantages Distributed access control of data stored in cloud so that only authorized users with valid attributes can access them. Authentication of users who store and modify their data on the cloud. The identity of the user is protected from the cloud during authentication. The architecture is decentralized, meaning that there can be several KDCs for key management.
- 7. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts The access control and authentication are both collusion resistant, meaning that no two users can collude and access data or authenticate themselves, if they are individually not authorized. Revoked users cannot access data after they have been revoked. The proposed scheme is resilient to replay attacks. A writer whose attributes and keys have been revoked cannot write back stale information. The protocol supports multiple read and write on the data stored in the cloud. The costs are comparable to the existing centralized approaches, and the expensive operations are mostly done by the cloud.
- 8. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts LITERATURE SUMMARY ABE was proposed by Sahai and Waters. In ABE, a user has a set of attributes in addition to its unique ID. There are two classes of ABEs. Key-policy ABE (KP-ABE) o Sender has an access policy to encrypt data. A writer whose attributes and keys have been revoked cannot write back stale information. The receiver receives attributes and secret keys from the attribute authority and is able to decrypt information if it has matching attributes. Ciphertext-policy (CP-ABE) o Receiver has the access policy in the form of a tree, with attributes as leaves and monotonic access structure with AND, OR and other threshold gates. Chase proposed a multiauthority ABE, in which there are several KDC authorities which distribute attributes and secret keys to users. Multiauthority ABE protocol was studied, which required no trusted authority which requires every user to have attributes from at all the KDCs.
- 9. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts Lewko and Waters proposed a fully decentralized ABE where users could have zero or more attributes from each authority and did not require a trusted server. In all these cases, decryption at user’s end is computation intensive. Green et al. proposed to outsource the decryption task to a proxy server, so that the user can compute with minimum resources. However, the presence of one proxy and one KDC makes it less robust than decentralized approaches. Both these approaches had no way to authenticate users, anonymously. Yang et al. presented a modification, authenticate users, who want to remain anonymous while accessing the cloud. To ensure anonymous user authentication ABSs were introduced by Maji et al. This was also a centralized approach. A recent scheme by Maji et al. takes a decentralized approach and provides authentication without disclosing the identity of the users. However, as mentioned earlier in the previous section it is prone to replay attack.
- 10. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts Hardware requirements: Processor : Any Processor above 500 MHz. Ram : 128Mb. Hard Disk : 10 Gb. Compact Disk : 650 Mb. Input device : Standard Keyboard and Mouse. Output device : VGA and High Resolution Monitor. Software requirements: Operating System : Windows Family. Language : JDK 1.5 Database : MySQL 5.0 Tool : HeidiSQL 3.0