Identity based secure distributed data storage schemes
Download as DOCX, PDF0 likes136 views
This document proposes two identity-based secure distributed data storage schemes. The schemes allow a file owner to independently decide access permissions for receivers without help from a private key generator. When a receiver queries the system, they can only access one of the owner's files, not all files. The schemes also protect against collusion attacks where receivers cannot obtain the owner's secret key even if they compromise proxy servers. The first scheme provides confidentiality against chosen plaintext attacks, while the second achieves security against chosen ciphertext attacks. To the best of the authors' knowledge, this is the first scheme that allows file-level access control and protects against collusion attacks in the standard model.
Identity based secure distributed data storage schemes
- 1. Identity-Based Secure Distributed Data Storage Schemes ABSTRACT: Secure distributed data storage can shift the burden of maintaining a large number of files from the owner to proxy servers. Proxy servers can convert encrypted files for the owner to encrypted files for the receiver without the necessity of knowing the content of the original files. In practice, the original files will be removed by the owner for the sake of space efficiency. Hence, the issues on confidentiality and integrity of the outsourced data must be addressed carefully. In this paper, we propose two identity-based secure distributed data storage (IBSDDS) schemes. Our schemes can capture the following properties: (1) The file owner can decide the access permission independently without the help of the private key generator (PKG); (2) For one query, a receiver can only access one file, instead of all files of the owner; (3) Our schemes are secure against the collusion attacks, namely even if the receiver can compromise the proxy servers, he cannot obtain the owner’s secret key. Although the first scheme is only secure against the chosen plaintext attacks (CPA), the second scheme is secure against the chosen cipher text attacks (CCA). To the best of our knowledge, it is the first IBSDDS schemes where an access
- 2. permissions is made by the owner for an exact file and collusion attacks can be protected in the standard model. EXISTING SYSTEM: Cloud computing provides users with a convenient mechanism to manage their personal files with the notion called database-as-a-service (DAS). In DAS schemes, a user can outsource his encrypted files to untrusted proxy servers. Proxy servers can perform some functions on the outsourced ciphertexts without knowing anything about the original files. Unfortunately, this technique has not been employed extensively. The main reason lies in that users are especially concerned on the confidentiality, integrity and query of the outsourced files as cloud computing is a lot more complicated than the local data storage systems, as the cloud is managed by an untrusted third party. After outsorcing the files to proxy servers, the user will remove them from his local machine. Therefore, how to guarantee the outsoured files are not accessed by the unauthorized users and not modified by proxy servers is an important problem that has been considered in the data storage research community. Furthermore, how to guarantee that an authorized user can query the outsourced files from proxy servers is another concern as the proxy server only maintains the outsourced ciphertexts. Consequently, research around these topics grows significantly.
- 3. DISADVANTAGES OF EXISTING SYSTEM: Users are especially concerned on the confidentiality, integrity and query of the outsourced files as cloud computing is a lot more complicated than the local data storage systems, as the cloud is managed by an untrusted third party. The outsoured files are not accessed by the unauthorized users and not modified by proxy servers is an important problem that has been considered in the data storage research community. PROPOSED SYSTEM: In this paper, we propose two identity-based secure distributed data storage (IBSDDS) schemes in standard model where, for one query, the receiver can only access one of the owner’s files, instead of all files. In other words, an access permission (re-encryption key) is bound not only to the identity of the receiver but also the file. The access permission can be decided by the owner, instead of the
- 4. trusted party (PKG). Furthermore, our schemes are secure against the collusion attacks. ADVANTAGES OF PROPOSED SYSTEM: It has two schemes of security,the first scheme is CPA secure, the second scheme achieves CCA security. To the best of our knowledge, it is the first IBSDDS schemes where an access permission is made by the owner for an exact file and collusion attacks can be protected in the standard model. To achieve a stronger security and implement filebased access control, the owner must be online to authenticate requesters and also to generate access permissions for them. Therefore, the owner in our schemes needs do more computations than that in PRE schemes. Although PRE schemes can provide the similar functionalities of our schemes when the owner only has one file, these are not flexible and practical.
- 9. SYSTEM CONFIGURATION:- HARDWARE CONFIGURATION:- Processor - Pentium –IV Speed - 1.1 Ghz RAM - 256 MB(min) Hard Disk - 20 GB Key Board - Standard Windows Keyboard Mouse - Two or Three Button Mouse Monitor - SVGA
- 10. SOFTWARE CONFIGURATION:- Operating System : Windows XP Programming Language : JAVA Java Version : JDK 1.6 & above. REFERENCE: Jinguang Han, Student Member, IEEE, Willy Susilo, Senior Member, IEEE, and Yi Mu, Senior Member, IEEE-“Identity-Based Secure Distributed Data Storage Schemes”-IEEE TRANSACTIONS ON COMPUTERS, 2013.