It pp hybrid attribute- and re-encryption-based key management for secure and scalable mobile applications in clouds
Download as PPT, PDF0 likes359 views
The document presents a protocol for secure and efficient data outsourcing to cloud providers, focusing on attribute-based encryption to safeguard sensitive information accessed by mobile users. It highlights the need for enhanced data security against unauthorized access and provides a mechanism for user revocation without compromising operational efficiency. The proposed system demonstrates improvements in security and cost-effectiveness alongside a scalable architecture suitable for resource-constrained mobile applications.
It pp hybrid attribute- and re-encryption-based key management for secure and scalable mobile applications in clouds
- 1. HYBRID ATTRIBUTE- AND RE-ENCRYPTION-BASED KEY MANAGEMENT FOR SECURE AND SCALABLE MOBILE APPLICATIONS IN CLOUDS Presented by: LansA Informatics Pvt Ltd
- 2. ABSTRACT Outsourcing data to the cloud are beneficial for reasons of economy, scalability, and accessibility, but significant technical challenges remain. Sensitive data stored in the cloud must be protected from being read in the clear by a cloud provider that is honest but curious. Additionally, cloud-based data are increasingly being accessed by resource-constrained mobile devices for which the processing and communication cost must be minimized. Novel modifications to attribute-based encryption are proposed to allow authorized users access to cloud data based on the satisfaction of required attributes such that the higher computational load from cryptographic operations is assigned to the cloud provider and the total communication cost is lowered for the mobile user.
- 3. Abstract cont’d • Furthermore, data re-encryption may be optionally performed by the cloud provider to reduce the expense of user revocation in a mobile user environment while preserving the privacy of user data stored in the cloud. • The proposed protocol has been realized on commercially popular mobile and cloud platforms to demonstrate real-world benchmarks that show the efficacy of the scheme. • A simulation calibrated with the benchmark results shows the scalability potential of the scheme in the context of a realistic workload in a mobile cloud computing system
- 4. EXISTING SYSTEM Data outsourcing to a cloud is appropriate for any class of applications that requires data to be kept in storage and disseminated to many users. Clients that engage a cloud provider typically only pay for the amount of storage, related computation, and amount of network communication actually consumed; they do not incur the capital and maintenance costs of an in-house solution. In addition, the cloud provider offers the advantages of automatic backup and replication to ensure the safety, longevity, and high accessibility of the user data. A major concern that is typically not sufficiently addressed in practice, however, is that data, by default, are stored in the clear; it may be accessed and read by a cloud administrator without knowledge of the client. A cloud administrator may not be trusted despite the presence of contractual security obligations, if data security is not further enforced through technical means. An additional risk is that sensitive data carry the persistent risk of being intercepted by an unauthorized party despite safeguards promised by the provider. Therefore, it is useful to apply software techniques, such as encryption key management, to ensure that the confidentiality of cloud data is preserved at all times. It is especially crucial to safeguard sensitive user data such as e-mails, personal customer information, financial records, and medical records
- 5. DIS ADVANTAGES • It is not secure. • There is no confidentiality. • It is especially crucial to safeguard sensitive user data
- 6. PROPOSED SYSTEM A protocol for outsourcing data storage to a cloud provider in secure fashion is provided. The provider is unable to read stored data; authorized users may do so based on qualification through possession of the right attributes without arbitration by the data owner. The protocol is designed to be efficient for resource-constrained mobile users by delegating computation and requests to a cloud provider or trusted authority, where appropriate, without compromising security. An improvement is made over a traditional attribute based encryption scheme, such that responsibility over key generation is divided between a mobile data owner and a trusted authority; the owner is relieved of the highest computational and messaging burdens. Additional security is provided through a group keying mechanism; the data owner controls access based on the distribution of an additional secret key, beyond possession of the required attributes. This additional security measure is an optional variant applicable to highly sensitive data subject to frequent access. Re-encryption, as a process of transforming the stored ciphertext, permits efficient revocation of users; it does not require removal of attributes and subsequent key regeneration, and may be administered by a trusted authority without involvement of the data owner
- 7. ADVANTAGES • It is more secure. • It reduces data traffic. • Cost efficient
- 9. SYSTEM CONFIGURATION • HARDWARE REQUIREMENTS:- • Processor - Pentium –IV • Speed - 1.1 Ghz • RAM - 512 MB(min) • Hard Disk - 40 GB • Key Board - Standard Windows Keyboard • Mouse - Two or Three Button Mouse • Monitor - LCD/LED SOFTWARE REQUIREMENTS: • Operating system : Windows XP • Coding Language : Java • Data Base : MySQL • Tool : Net Beans IDE
- 10. REFERENCE Piotr K.Tysowski and M.Anwarul Hasan “Hybrid Attribute- and Re-Encryption-Based Key Management for Secure and Scalable Mobile Applications in Clouds” IEEE TRANSACTIONS ON CLOUD COMPUTING, VOL. 1, NO. 2, JULY-DECEMBER 2013
- 11. JOIN US! OFFICE ADDRESS: LansA Informatics Pvt ltd No 165, 5th Street, Crosscut Road, Gandhipuram, Coimbatore - 641 015 OTHER MODE OF CONTACT: Landline: 0422 – 4204373 Mobile : +91 90 953 953 33 +91 91 591 159 69 Email ID: studentscdc@lansainformatics.com web: www.lansainformatics.com Blog: www.lansastudentscdc.blogspot.com Facebook: www.facebook.com/lansainformatics Twitter: www.twitter.com/lansainformatic