Privacy preserving delegated access control in public clouds
Download as DOCX, PDF1 like1,131 views
The document discusses a proposed two-layer encryption approach for fine-grained access control in cloud computing, aimed at minimizing the overhead for data owners while ensuring data confidentiality. The method allows the cloud to handle the fine-grained encryption, alleviating issues associated with single-layer encryption which requires data owners to manage all encryption activities. This approach enhances privacy protection and reduces communication costs by enabling updates only at the outer encryption layer.
Privacy preserving delegated access control in public clouds
- 1. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts PRIVACY PRESERVING DELEGATED ACCESS CONTROL IN PUBLIC CLOUDS ABSTRACT Current approaches to enforce fine-grained access control on confidential data hosted in the cloud are based on fine-grained encryption of the data. Under such approaches, data owners are in charge of encrypting the data before uploading them on the cloud and re-encrypting the data whenever user credentials or authorization policies change. Data owners thus incur high communication and computation costs. A better approach should delegate the enforcement of fine-grained access control to the cloud, so to minimize the overhead at the data owners, while assuring data confidentiality from the cloud. We propose an approach, based on two layers of encryption, that addresses such requirement. Under this approach, the data owner performs a coarse-grained encryption, whereas the cloud performs a fine-grained encryption on top of the owner encrypted data. A challenging issue is how to decompose access control policies (ACPs) such that the two layer encryption can be performed. This method utilizes an efficient group key management scheme that supports expressive ACPs. This system assures the confidentiality of the data and preserves the privacy of users from the cloud while delegating most of the access control enforcement to the cloud.
- 2. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts EXISTING SYSTEM Single layer encryption (SLE) approaches Single layer encryption (SLE) approaches require the data owner to enforce access control through encryption performed at the data owner. However, while SLE addresses some limitations of previous approaches, it still requires the data owner to enforce all the ACPs by fine-grained encryption, both initially and subsequently after users are added/revoked or the ACPs change. All these encryption activities have to be performed at the owner that thus incurs high communication and computation cost. Disadvantages As the data owner does not keep a copy of the data, whenever the user dynamics or ACPs change The data owner needs to download and decrypt the data, re-encrypt it with the new keys, and upload the encrypted data. Notice also that this process must be applied to all the data items encrypted with the same key. This is inefficient when the data set to be re-encrypted is large. In order to issue the new keys to the users, the data owner needs to establish private communication channels with the users.
- 3. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts The privacy of the identity attributes of the users is not taken into account. Therefore the cloud can learn sensitive information about the users and their organization. All these encryption activities have to be performed at the owner that thus incurs high communication and computation cost. PROPOSED SYSTEM Two layer encryption (TLE) Scheme The approach is based on two layers of encryption applied to each data item uploaded to the cloud. Two layer encryption (TLE), the data owner performs a coarse grained encryption over the data in order to assure the confidentiality of the data from the cloud. Then the cloud performs fine grained encryption over the encrypted data provided by the data owner based on the ACPs provided by the data owner. Advantages When the policy or user dynamics changes, only the outer layer of the encryption needs to be updated. Since the outer layer encryption is performed at the cloud, no data transmission is required between the data owner and the cloud.
- 4. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts The data owner and the cloud service utilize a broadcast key management scheme whereby the actual keys do not need to be distributed to the users. Instead, users are given one or more secrets which allow them to derive the actual symmetric keys for decrypting the data. SYSTEM ARCHITECTURE
- 5. LeMeniz Infotech 36, 100 feet Road, Natesan Nagar(Near Indira Gandhi Statue, Next to Fish-O-Fish), Pondicherry-605 005 Call: 0413-4205444, +91 99625 88976, 95663 55386. For More Projects Titles Visits : www.lemenizinfotech.com | Call Us : 9962588976 /9566355386 Do Your Projects With Domain Experts HARDWARE SPECIFICATION Processor : Any Processor above 500 MHz. Ram : 128Mb. Hard Disk : 10 GB. Input device : Standard Keyboard and Mouse. Output device : VGA and High Resolution Monitor. SOFTWARE SPECIFICATION Operating System : Windows Family. Pages developed using : Java Server Pages and HTML. Techniques : Apache Tomcat Web Server 5.0, JDK 1.5 or higher Web Browser : Microsoft Internet Explorer. Data Base : MySQL 5.0