• No results found

An Efficient Fine-Grained Access Control and the Verifiable Delegation in Cloud Computing

N/A
N/A
Info
Download
Protected

Academic year: 2020

Share "An Efficient Fine-Grained Access Control and the Verifiable Delegation in Cloud Computing"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

An Efficient Fine-Grained Access Control and the Verifiable

Delegation in Cloud Computing

R Sreevani & Mr.V. Sridhar Reddy

1M. Tech Student, Department of CSE, Vignana Bharathi Institute of Technology, Village Aushapur, Mandal

Ghatkesar, District RangaReddy, Telangana, India

2Associate Professor, Department of CSE, Vignana Bharathi Institute of Technology, Village Aushapur, Mandal

Ghatkesar, District RangaReddy, Telangana, India

ABSTRACTRecently, a few studies considers the

hassle of comfy and efficient public information integrity auditing for shared dynamic statistics. But this scheme isn't cozy towards collusion of cloud storage server. An efficient public integrity auditing with a secured organization user revocation based totally on vector commitment and institution consumer revocation. A dispensed key technology algorithm is used to generate authenticated person passwords across a couple of servers and eliminate unmarried factor failures. This scheme helps the public checking and efficient person revocation and also affords confidentiality, efficiency and traceability of relaxed institution user revocation. A homomorphic encryption algorithm is also used for growing particular id for the users. In this paper we propose a concrete circuit ciphertext-coverage attribute-based hybrid encryption with verifiable delegation scheme based totally on the multilinear maps and the verifiable computing technology beneath cloud environment.

1. INTRODUCTION

Cloud computing is innovation which makes use of superior computational electricity as well as stepped

forward garage skills. Cloud computing is an extended dreamed imaginative and prescient of computing software, which permit the sharing of offerings over the internet. Cloud is a big institution of interconnected computer systems, that is a major alternate in how we save information and run software. Cloud computing is a shared pool of

configurable computing assets, on-demand

community gets right of entry to and provisioned by way of the service company. The gain of cloud is price financial savings. The prime drawback is protection. The appearance of cloud computing transports a radical novelty to the organisation of the

records possessions within this calculating

surroundings, the cloud servers can gift unique facts offerings, together with remoted statistics storage and outsourced allocation calculation etc.

(2)

Community). Cloud Security problems are coming from Loss of control, Lack of trust (mechanisms), Multi- tendency. Cloud Security is safety concepts applied to protect data, programs and infrastructure associated within the Cloud Computing technology. Cloud security is crucial for growing usage of Cloud Services in non-conventional area, growing adoption of Cloud Services in authorities departments, upward thrust in Cloud Service-specific Attacks, Growing utilization of Cloud Services of Critical Data Storage. Sharing and coffee help, offers an improved misuse of property. In cloud processing, cloud administration suppliers provide an concept of unending storage room for customers to host facts. It can assist

customers to decrease their economic

straightforwardness of information administrations by exchanging the neighborhood administration's framework into cloud servers. Then again, security worry turns into the fundamental drawback as we now outsource the capability of facts, that's probably agreeable, to cloud suppliers.

Public-Key encryption is a powerful mechanism for defensive the confidentiality of saved and transmitted statistics. Traditionally, encryption is considered as a way for a person to percentage records to a focused user or tool. While that is beneficial for applications wherein the information issuer knows especially which person he desires to percentage with, in lots of programs the provider will need to share statistics in step with some policy primarily based at the receiving person’s credentials.

2. RELATED WORK

ABE is a highly recent method that reconsiders the concept of public-key cryptography. It essentially

offers get right of entry to to a file if and simplest if the consumer attributes (e.G. Email ID, DOB or the u . S . He lives in) satisfies the access policy described by using the owner of the file. Access coverage is the combination of attributes (usually defined the use of AND/OR logical operations) using which the report may be decrypted. One of the main efficiency drawbacks of the prevailing ABE schemes is that decryption includes luxurious pairing operations and the wide variety of such operations grows with the complexity of the get admission to policy.

Recently proposed ABE system with outsourced decryption largely eliminates the decryption overhead of server. In such gadget, the proxy server which includes cloud provider issuer is gift which has a transformation key. Any cipher textual content encrypted the use of ABE with outsourced decryption scheme right into a easy cipher textual content. This intermediate cipher textual content may be converted into plaintext through proxy server. This manner incurs a small computational overhead. Security of an ABE system with outsourced decryption guarantees that an adversary (together with a malicious proxy) will not be able to study something approximately the encrypted message; but, it does now not assure the correctness of the transformation accomplished by means of the cloud. J. Lai, R. H. Deng, C. Guan, and J. Weng taken into consideration a new requirement of ABE with outsourced decryption: verifiability. Informally, verifiability ensures that a person can correctly check if the transformation is performed efficaciously. They gave the formal version of ABE with verifiable outsourced decryption.

(3)

permits customers to encrypt and decrypt messages based on user attributes. For instance, a user can create a cipher text that may be decrypted only through different customers with attributes fulfilling ("Faculty" OR ("PhD Student" AND "Quals Completed")). Given its expressiveness, ABE is currently being considered for lots cloud storage and computing programs. However, one of the predominant efficiency drawbacks of ABE is that the size of the cipher textual content and the time required to decrypt it grows with the complexity of the get right of entry to formula. In this paintings, M. Green, S. Hohenberger and B. Waters proposed a brand new paradigm for ABE that in large part removes this overhead for customers. Suppose that ABE cipher texts are saved within the cloud. They proven how a consumer can provide the cloud with a single transformation key that allows the cloud to translate any ABE cipher text satisfied by means of that user's attributes into a (steady-size) El Gamal-fashion cipher textual content, without the cloud being capable of examine any a part of the consumer's messages. To exactly define and reveal the advantages of this approach, they provide new protection definitions for each CPA and repayable CCA safety with outsourcing, several new constructions, an implementation of our algorithms and detailed performance measurements. In an ordinary configuration, the person saves significantly on each bandwidth and decryption time, without increasing the quantity of transmissions.

A. Lewko and B. Waters proposed a Multi-Authority Attribute-Based Encryption (ABE) device. In their machine, any celebration can turn out to be an authority and there may be no requirement for any

international coordination apart from the creation of an initial set of commonplace reference parameters. A celebration can really act as an ABE authority through growing a public key and issuing non-public keys to extraordinary customers that replicate their attributes. A user can encrypt information in phrases of any Boolean system over attributes issued from any selected set of authorities. Finally, their gadget does not require any central authority. In constructing our machine, our biggest technical hurdle is to make it collusion resistant. Prior Attribute-Based Encryption systems achieved collusion resistance while the ABE device authority "tied" collectively extraordinary additives (representing extraordinary attributes) of a user's non-public key by means of randomizing the key. However, in our machine every factor will come from a probably distinctive authority, where we anticipate no coordination between such authorities. We create new techniques to tie key additives together and prevent collusion attacks between customers with one-of-a-kind global identifiers. We show our machine cozy the usage of the recent dual gadget encryption technique wherein the safety evidence works with the aid of first changing the task cipher text and private keys to a semi-purposeful form after which arguing safety. They observed a latest variant of the twin device proof approach because of Lewko and Waters and build our machine the use of bilinear businesses of Composite order. They show safety below similar static assumptions to the LW paper within the random oracle model.

3. FRAMEWORK

(4)

We firstly gift a circuit cipher text-policy characteristic based hybrid encryption with verifiable delegation scheme. General circuits are used to specific the most powerful shape of get entry to control coverage. The proposed scheme is demonstrated to be secured primarily based on okay-multilinear Decisional Diffie-Hellman assumption. On the alternative hand, we put in force our scheme over the integers. During the delegation computing, a user ought to validate whether the cloud server responds a correct converted cipher text to help him/her decrypt the cipher text without delay and efficaciously.

B. Proposed System Implementation

The proposed system includes 4 entities;

Cloud Storage:

Cloud storage is a version of statistics garage where the digital information is saved in logical swimming pools, the physical garage spans more than one servers (and frequently places), and the bodily surroundings is commonly owned and controlled with the aid of a web hosting organisation. These cloud storage companies are chargeable for keeping the statistics available and accessible, and the physical environment included and jogging. People and agencies buy or lease garage capacity from the companies to save quit person, business enterprise, or utility records.

Data Owner:

The statistics proprietor encrypts his message beneath access coverage, then computes the supplement circuit, which outputs the other little bit of the output

of f, and encrypts a random element R of the same period to under the policy

Data User:

The users can outsource their complicated get right of entry to manipulate coverage selection and component method of decryption to the cloud. Such extended encryption guarantees that the users can gain both the message M and the random element R, which avoids the scenario when the cloud server deceives the customers that they're not happy to the access coverage, however, they meet the get right of entry to policy in reality.

Authority:

Authority generates personal keys for the data proprietor and consumer.

C. Verifiable Computation (VC)

(5)

celebration that has the input for the computation. That is, the delegator chooses from the capabilities which can be made publicly to be had via a third birthday party. Public verifiability enables everyone to affirm the correctness of the back consequences. That is, the position of prover can be separated from the position of delegator, without sharing additional mystery information.

4. EXPERIMENTAL RESULTS

In this experiment, we have an Authority server and new user have registering a user as data owner in this experiment. Data owner can login into the system and he can create his profile.

Data owner can create the access structure for his data. After, data owner can upload the medical history. The uploaded files will be stored in the cloud.

Key authority server is;

Later, login as another user who had access permission to access the data owner’s file and in this experiment the access permission is given to physician so this user can able to access the owner data and also the MAC code generated while uploading is same as while downloading (the

verification success) so we can download successfully.

Now we changed the file at cloud side, now the MAC will changes so the verification will be failed and we are unable to download it.

5. CONCLUSION

We conclude that during this paper we present a circuit ciphertext-coverage attribute-based hybrid encryption with verifiable delegation scheme. General circuits are used to express the most powerful shape of get admission to manipulate policy. Combined verifiable computation and encrypt-then-mac mechanism with our ciphertext-insurance characteristic-based hybrid encryption, we may additionally want to delegate the verifiable partial decryption paradigm to the cloud server. In addition, the proposed scheme is proven to be secured primarily based on k-multilinear Decisional Diffie-Hellman assumption.

REFERENCES

(6)

computing,” Univ. California, Berkeley, CA, USA, Tech. Rep. UCB/EECS- 2009-28, 2009.

[2] M. Green, S. Hohenberger, and B. Waters,

“Outsourcing the decryption of ABE

Ciphertexts,” in Proc. USENIX Security Symp., San Francisco, CA, USA, 2011, p. 34.

[3] J. Lai, R. H. Deng, C. Guan, and J. Weng, “Attribute-based encryption with verifiable outsourced decryption,” IEEE Trans. Inf. Forensics Secur., vol. 8, no. 8, pp. 1343–1354, Aug. 2013.

[4] B. Waters, “Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization,” in Proc. 14th Int. Conf. Practice Theory Public Key Cryptograph. Conf. Public Key Cryptograph., 2011, pp. 53–70. [5] B. Parno, M. Raykova, and V. Vaikuntanathan,

“How to delegate and verify in public: Verifiable computation from attribute-based encryption,” in Proc. 9th Int. Conf. Theory Cryptograph., 2012, pp. 422–439.

[6] S. Yamada, N. Attrapadung, and B. Santoso, “Verifiable predicate encryption and applications to CCA security and anonymous predicate authentication,” in Proc. Int. Conf. Practice Theory Public Key Cryptograph. Conf. Public Key Cryptograph., 2012, pp. 243–261.

[7] J. Han, W. Susilo, Y. Mu, and J. Yan,

“Privacy-preserving decentralized key-policy attribute-based Encryption,” IEEE Trans. Parallel Distrib. Syst., vol. 23, no. 11, pp. 2150–2162, Nov. 2012. [8] S. Garg, C. Gentry, S. Halevi, A. Sahai, and B. Waters, “Attributebased encryption for circuits from multilinear maps,” in Proc. 33rd Int. Cryptol. Conf., 2013, pp. 479–499.

[9] S. Gorbunov, V. Vaikuntanathan, and H. Wee, “Attribute-based encryption for circuits,” in Proc. 45th Annu. ACM Symp. Theory Comput., 2013, pp. 545–554.

References

Download now ( PDF - 6 Page - 1.14 MB )

Related documents

FIREBASE CLOUD MESSAGING (ANDROID)

File can be uploaded and downloaded in a secure manner using firebase storage feature of Firebase and it is not affected by the quality of network .It can also be used to stored

High Gain Step up DC-DC Converter with Different Output Voltage Level

ABSTRACT: In conventional boost converter like switched capacitor converter, switched inductor converter, cascaded boost converter maximum voltage gain is limited due to extreme

Three-Dimensional Genome Organization and Function in Drosophila

Early Evidence for a Role of Chromosome Architecture in Fly Genome Function 6 Partitioning of the Drosophila Genome into Domains with Discrete Chromatin Types 8 The Hierarchical

Diurnal Rainfall Variation of Bangalore HAL Airport

Hu (2003) studied multi-decadal fluctuation in summer season diurnal rainfall in central United States and concluded that in the decades when the southerly

THE PRODUCTION OF HOMOZYGOUS DEFICIENT TISSUES WITH MUTANT CHARACTERISTICS BY MEANS OF THE ABERRANT MITOTIC BEHAVIOR OF RING-SHAPED CHROMOSOMES

When two double-sized sister ring chromosomes each with two spindle fiber regions are present in an anaphase figure, and when each of these is subsequently broken and

The Drosophila CPEB Protein Orb2 Has a Novel Expression Pattern and Is Important for Asymmetric Cell Division and Nervous System Function

With respect to the different orb2 and hybrid orb2 - CG43113 transcripts, we used semiquantitative analysis and found that the piggybac 1769 insertion, which is up- stream of the

Design and Virtual Validation of Ambulance Stretcher as per Automotive Industry Standard

The maximum displacement acted on the backrest of stretcher and maximum displacement is 72 mm.The maximum distance of travel of the Ambulance stretcher did not

Modulation of Caenorhabditis elegans Transcription Factor Activity by HIM-8 and the Related Zinc-Finger ZIM Proteins

Mutation of him-8 suppresses a non-null mutation in the DNA-binding domain of POP-1: We next investi- gated the question of whether mutation of him-8 might have effects on genes