49 | P a g e
PARALLEL, DECENTRALIZED AND INDIVIDUAL
ACCESSING IN ENCRYPTED CLOUD COMPUTING
S. Sangeetha
1, M. Venkata Rao
21
Pursuing M.Tech (CSE),
2Working as Associate Professor( CSE)
Holy Mary Institute of Technology and Science(HITS), Bogaram Village, Keesara Mandal,
Ranga Reddy (D), Telangana
ABSTRACT
Cloud computing multi-tenancy feature, that provides privacy, security and access management challenges,
because of sharing of physical resources among untrusted tenants. so as to attain safe storage, policy based
mostly file access control, policy file assured deletion and policy based renewal of a file hold on in an
exceedingly cloud surroundings, a suitable encryption technique with key management ought to be applied
before outsourcing the info. In this paper we have a tendency to enforced secure cloud storage by providing
access to the files with the policy based mostly file access mistreatment Attribute based mostly cryptography
(ABE) theme with RSA key public-private key combination. Non-public key's the combination of the user’s
credentials. so high security are going to be achieved. Time based mostly file Revocation theme is employed for
file assured deletion. Once the closing date of the file terminated, the file are going to be mechanically revoked
and can't be accessible to anyone in future. Manual Revocation conjointly supported. Policy based mostly file
renewal is projected. The Renewal is often done by providing the new key to the prevailing file, can remains the
file till the new closing date reaches.
I. INTRODUCTION
Now a day’s cloud computing could be a rationally developed technology to store knowledge from quite one
consumer. Cloud computing is AN setting that permits users to remotely store their data. Remote backup system
is that the higher idea that reduces the value for implementing a lot of memory in a corporation. It helps
enterprises and management agencies scale back their monetary overhead of information organization. They
will records their data backups remotely to 3rd party cloud storage suppliers instead of maintain knowledge
centers on their own. a private or a company might not need buying the required storage strategy. in its place
they will store their data backups to the cloud and archive their knowledge to avoid any info loss just in case of
hardware / computer code failures. Even cloud storage is a lot of versatile; however the safety and privacy
square measure obtainable for the outsourced knowledge becomes a heavy concern.
There are three objectives to be main issue
Confidentiality – preserving authorized restrictions on information access and disclosure. The main threat
accomplished when storing the data with the cloud.
50 | P a g e
II. EXAMPLE DIAGRAM FOR DATA SHARING WITH CLOUD STORAGE
To achieve secure knowledge dealings in cloud, appropriate cryptography methodology is employed. the info
owner should inscribe the file and so store the file to the cloud. If a third party downloads the file, he/she might
read the record if he/she had the key that is employed to decode the encrypted file. typically this might be failure
owing to the technology development and therefore the hackers. to beat the matter there area unit heap of
techniques introduced to create secure transaction and secure storage.
The encoding standards used for transmit the file firmly. The assured deletion technique aims to supply cloud
purchasers associate possibility of dependably destroying their knowledge backup’s ahead requests. The
encoding method was compulsory with set of key operations to keep up the secrecy. Recently, Sushmita ruj
addressed Anonymous Authentication for knowledge storing to clouds. Anonymous authentication is that the
method of confirmatory the user while not the main points or attributes of the user. that the cloud server doesn’t
recognize the main points or identity of the user, that provides privacy to the users to cover their details from
different users of that cloud.
Security and privacy protection in clouds area unit examined and experimented by several researchers. Wang et
al. provides storage security victimization Reed-Solomon erasure correcting codes. Victimization
homomorphism encoding, the cloud receives cipher text and returns the encoded worth of the result. The user is
in a position to decrypt the outcome, however the cloud doesn't be familiar with what knowledge it's operated
on.
Time-based file assured deletion, that is 1st introduced in , means files are often firmly deleted and stay for
good inaccessible once a predefined length. the most plan is that a file is encrypted with a knowledge key by the
owner of the file, and this knowledge key's more encrypted with a bearing key by a separate key manager
(known as Ephemerizer. The key manager could be a server that's answerable for scientific discipline key
management. In the command key is time-based, that means that it'll be completely separate by the key manager
once AN expiration time is reached, wherever the expiration time is mere once the file is 1st declared. While not
the command key, the information key and thence the information file stay encrypted and are deemed to be
out-of-the-way. Thus, the most safety belongings of file assured deletion is that albeit a cloud supplier doesn't take
Desktop
Laptop
Tablets
Block
Storage
Database
Application
Mobile
Palmtop
51 | P a g e
away invalid file copies as of its storage, those files hang about encrypted and beyond. AN open subject
surrounded by the work is that it's unsure that whether or not time-based file assured deletion is possible in
apply, as there's no empirical analysis.
Later, the concept of time-based file assured deletion is prototyped in Vanish. Vanish divides knowledge key
into multiple key shares, that are then keep in several nodes of a public Peer-to-Peer Distributed Hash Table
(P2P DHT) system. Nodes take away the key shares that reside in their caches for a set period. If a file must stay
accessible once the period, then the file owner must update the key shares in lump caches. Since disappear is
made on the cache-aging mechanism within the P2P DHT, it's tough to generalize the concept from time-based
deletion to a fine-grained management of assured deletion with relevancy completely different file access
policies.
We propose policy primarily based} file access and policy based file assured deletion for higher access to the
files and delete the files that are strong-minded not a lot of. we have a propensity to propose efficient renewal
policy for creating higher approach to renew the policy while not downloading the info key and Control keys,
that are accessible at present every day. Instead we are able to add a restore key with every file and transfer that
keys whenever the file must be revived. initial the shopper was documented with the username and parole, that
is provided by the user. Then the user was asked to answer 2 security levels with his/her alternative. every
security levels contains five user selectable queries. The user could select anybody question from 2 security
levels. The personal key for write in code the file was generated with the mix of username, parole and therefore
the answers for the protection level queries. once generating the personal key the shopper can request to the key
manager for the universal public key. The key manager can confirm the policy.
Associated with the file. If the policy matches with the file name then same public key are going to be
generated. if not new public key are going to be generate through the general public key and private key the file
are going to be encrypted and uploaded into the obscure. If a user wants to relocate the file he/she would be
Key
Member1
Key
Member2
Key
Member3
DB
File
Data
Policy
Renew
Upload
Download
Renew
Revoke
Auth
entic
atio
n
52 | P a g e
documented. If the authentication succeeded, the file are going to be downloaded to the user. Still the user cant
ready to scan the file contents. He / she ought to request the general public key to the key administrator. in
maintenance with the confirmation, the key manager can manufacture the general public key to the user. Then
the user could rewrite the file victimization the login credentials given by
the user and consequently the public key provided by the key manager.
III. KEY MANAGEMENT
In this paper, following are the cryptographic keys to protect data files stored on the cloud
Public Key: The Public key is a random generated binary key, generated and maintained by the Key manager
itself. Particularly used for encryption/ decryption.
Private Key: It is the combination of the username, password and two security question of user’s choice. The
private key is maintained by client itself. Used for encrypt / decrypt the file.
Access key: It is associated with a policy. Private access key is maintained by the client. The access key is built
on attribute based encryption. File access is of read or write.
Renew key: Maintained by the client itself. Each has its own renew key. The renew key is used to renew the
policy of each necessary file at easy method.
IV. PROPOSED WORK
We used RSA algorithmic rule for encryption/Decryption. This algorithmic rule is that the evidenced
mechanism for secure dealing. Here we tend to area unit exploitation the RSA algorithmic rule with key size of
2048 bits. The keys area unit go (different ways|get a divorce|separate|split) and hold on in four dissimilar
places. If a user wants to right to use the file he/she might have to produce the four set of knowledge to supply
the only non-public key to manage encryption/decryption.
The shopper created request to the key manager for the general public key, which is able to be generated in line
with the policy related to the file. Totally different policies for files, public key additionally differs. Except
for same public key for same policy are generated. Then the shopper generates a non-public key by combining
the username, parole and security credentials. Then the file is encrypted with the general public key and
personal key and forwarded to the cloud.
File uploads process:
Request for Encryption
(File, Private Key)
Public key
file
Upload
Public key encryption
Client
Private Key
Renew key
File
Key Manager
Public key
Encrypti
on
53 | P a g e
V. CONCLUSION
\We propose secure cloud storage mistreatment decentralized access management with anonymous
authentication. The files are interrelated to file right to use policies that familiar access the files located on the
cloud. Uploading and downloading of a file to a cloud with normal Encryption/Decryption is safer. Revocation
is that the vital theme that ought to remove the files of revoked policies. Therefore nobody will access the
revoked go hooked on prospect. The policy regeneration is created as simple as doable. The renew key's another
to the file. Whenever the user needs to renew the files he/she might directly transfer all renew keys and created
changes thereto keys, then transfer the new renew keys to the files hold on inside the cloud. In potential the file
access policy may be enforced with Multi Authority based mostly} Attribute based encoding. Using the
technique we will avoid the amount of wrong hits throughout authentication. Produce a random delay for
confirmation, consequently the hacker will mystify to spot the algorithmic program.
REFERENCES
[1] S Sushmita Ruj, Milos Stojmenovic and Amiya Nayak, “Decentralized Access Control with Anonymous
Authentication of Data Stored in Clouds”, IEEE TRANSACTIONS ON PARALLEL AND
DISTRIBUTED SYSTEMS
[2] Yang Tang, Patrick P.C. Lee, John C.S. Lui and Radia Perlman, “Secure Overlay Cloud Storage with
Access Control and Assured Deletion”, IEEE Transcations on dependable and secure computing, VOL. 9,
NO. 6, NOVEMBER/DECEMBER 2012
[3] G. Wang, Q. Liu, and J. Wu, “Hierarchical attribute-based encryption for fine-grained access control in
cloud storage services,” in ACM CCS, , pp. 735–737, 2010
[4] Y. Tang, P.P.C. Lee, J.C.S. Lui, and R. Perlman, “FADE: Secure Overlay Cloud Storage with File Assured
Deletion,” Proc. Sixth Int’l ICST Conf.Security and Privacy in Comm. Networks (SecureComm), 2010
[5] R. Perlman, “File System Design with Assured Delete,” Proc. Network and Distributed System Security
Symp. ISOC (NDSS), 2007
[6] Ruj, A. Nayak, and I. Stojmenovic, “DACC: Distributed access control in clouds,” in IEEE TrustCom, 2011
AUTHOR
DETAILS
S. Sangeetha pursuing M.Tech (CSE) Holy marry Institute of Technology & Sciences
(HITS), Bogaram(V), Keesara(M), R.R.(dist), Telangana, India. 501301
M. Venkata Raoreceived his M.Tech (Computer Science & Engineering).Presently he
is working as Associate Professor in Computer Science & Engineering, He is a young,
decent, dynamic Renowned Educationist and Eminent Academician, has overall 10 years
of teaching experience Holy marry Institute of Technology & Sciences (HITS),