A NEW TECHNIQUE FOR SECURE INFORMATION PART-TAKING IN CLOUD

154 | P a g e

A NEW TECHNIQUE FOR SECURE INFORMATION

PART-TAKING IN CLOUD

1

J Laxman Naik

,

Syed Amreen,

Dr. Bhaludra Raveendranadh Singh

1

Pursuing M. Tech (CSE),

Assistant Professor,

Professor& Principal,

1,2,3

Visvesvaraya College of Engineering and Technology, M.P Patelguda, Ibrahimpatnam (M), Ranga

Reddy (D)

, Telangana (India)

ABSTRACT

Cloud storage is a utilization of mists that frees associations from building up in-house information stockpiling

frameworks. Be that as it may, distributed storage offers ascend to security concerns. In instance of gathering

shared information, the information face both cloud-particular and ordinary insider dangers. Secure

information sharing among a gathering that counters insider dangers of authentic yet malignant clients is a

vital exploration issue. In this paper, we propose A New Technique for secure information part taking system

that gives: 1) information secrecy and honesty; 2) access control; 3) information sharing (sending) without

utilizing register concentrated re-encryption; 4) insider danger security; and 5) forward and in reverse access

control. The model strategy scrambles a document with a solitary encryption key. Two distinctive key shares for

each of the clients are produced, with the client just getting one offer. The ownership of a solitary offer of a key

permits the system approach to counter the insider dangers. The other key offer is put away by a trusted

outsider, which is known as the cryptographic server. The system philosophy is relevant to ordinary and

portable distributed computing situations. We execute a working model of this procedure and assess its

execution taking into account the time devoured amid different operations. We formally check the working of

model by utilizing abnormal state Petri nets, the Satisfiability Modulo Theories Library, and a Z3 solver. The

outcomes ended up being empowering and demonstrate that model has the potential to be adequately utilized

for secure information sharing as a part of the cloud.

Keywords: Cloud Computing, Access control, Personal Health Record, HASBE, Integrity, TPA,

Homomorphic Linear Authenticator

I. INTRODUCTION

Cloud computing is a general term for anything that includes conveying facilitated administrations over the

Internet. Three unmistakable qualities separate cloud administration from conventional facilitating. It is sold on

interest giving the cloud shopper the opportunity to self-procurement the IT assets, it is versatile - which implies

that at any given time a client can have as much or as little of an administration as they need, the administration

is completely overseen by the supplier the buyer needs only an individual PC and Internet access. Other

imperative attributes of cloud are measured utilization and strong processing. In measured utilization cloud

155 | P a g e

in the event that one gets to be defective, handling is consequently given over to another repetitive execution.

Infrastructureas a Service (IaaS), Platform as a Service(PaaS), and Software as a Service(SaaS)are the

significant administration arranged distributed computing models. Distributed storage is an imperative

administration of distributed computing which permits information proprietors to move information from their

nearby figuring frameworks to the cloud. The physical stockpiling ranges over various servers and areas.

Individuals and associations purchase or rent stockpiling limit from the suppliers to store end user, organization,

or application information. Distributed storage has a few favourable circumstances over customary information

stockpiling: alleviation from the weight for capacity administration, all-inclusive information access with area

autonomy and shirking of capital consumption on equipment, programming and work force systems for

upkeeps. It likewise permits offering of information to others in an adaptable way Moving the information to an

off-site stockpiling framework, kept up by a third party(cloud administration supplier), on which information

proprietor does not have any control forces numerous information security difficulties of protection - the

dangers of unapproved exposure of the clients' delicate information by the administration suppliers, information

honesty legitimacy of outsourced information because of its web based information stockpiling and ministration.

and so forth. In cloud environment information privacy is not by any means the only information security

necessity. Since cloud permits information sharing, a extraordinary thoughtfulness regarding be given to

fine-grained access control to the put away information.

The customary technique to give secrecy to such touchy information is to encode them before transferring to the

cloud. In customary open key foundation, every client scrambles his record and stores it in the server and the

decoding key is unveiled just to the specific approved client. With respect to, this plan is secure, yet this

arrangement requires proficient key administration and dispersion which is ended up being troublesome.

Likewise, as the quantity of clients in the framework turns out o be extensive this strategy won't be proficient.

These confinements and the requirement for fine-grained access control for information sharing, lead to the

presentation of new get to control plans in light of Attribute based encryption(ABE)[3].Unlike in customary

cryptography where the proposed beneficiary personality is obviously known, in a quality based frameworks

one as it were necessities to determine the characteristics or qualifications of the recipient(s).Here figure

writings are not encoded to one specific client as in customary open key cryptography. It empowers to handle

obscure clients too. Distinctive sorts of ABE plans are proposed to give fine-grained access control to

information put away in cloud. In any case, they couldn't fulfil the necessities, for example, versatility capacity

to handle expanding number of framework clients without corrupting proficiency, adaptability ought to bolster

complex access control strategies with extraordinary ease and simple client disavowal - ought to maintain a

strategic distance from re-encryption of information and redistribution of new get to keys amid the repudiation

of every client. These restrictions of ABE plans are secured by Progressive Attribute Set Based Encryption

(HASBE)[1].It is an augmentation of Attribute Set Based Encryption(ASBE).HASBE accomplishes versatility

because of its various levelled structure furthermore acquires fine-grained access control and adaptability in

supporting compound properties from ASBE[7].Another highlighting highlight of HASBE is its simple client

repudiation strategy. Notwithstanding these entrance control needs, the information proprietors need to know the

156 | P a g e

module in light of security saving open evaluating with HASBE plan and in this manner gives more security to

the framework.

II. RELATED WORKS

This segment audits the idea of characteristic based encryptions and give a brief outline of Attribute Set Based

Encryption (ASBE) and Hierarchical Attribute Set Based Encryption(HASBE). All these plans are proposed as

access control instruments to distributed storage.

Sahai and Waters proposed Attribute based encryption to give better answer for access control. It utilized client

ways of life as traits and these qualities assume critical part in encryption and unscrambling. The essential ABE

utilized a limit strategy for access control, yet it needs expressivity. ABE plans are further grouped into

key-approach trait based encryption (KP-ABE) and cipher text-key-approach characteristic based encryption (CP-ABE),

in which idea of access strategies are presented. In KP-ABE access arrangements are associated with client’s

private key while in CP-ABE it is in the cipher text. In the ABE plan, cipher texts are most certainly not

encoded to one specific client as in customary open key cryptography. Rather, both cipher texts and clients'

decoding keys are connected with an arrangement of properties or a strategy over traits. A client can decode a

cipher text just if there is a match between qualities in the decoding key and the cipher text.

In KP-ABE since the entrance strategy is inherent to the client’s private key, the information proprietor who

scramble the information can't pick who can decode the information. He needs to believe the key backer. Be that

as it may, in CP-ABE since clients' decoding keys are connected with an arrangement of qualities, it is more

characteristic to apply. These plan gave fine grained access control to the delicate information in the cloud

however it fizzled for the situation of taking care of complex access control approaches. It needs versatility and

on the off chance that a formerly authentic client should be disavowed, related information must be

descrambled. Here information proprietors should be online all the time to encode or re-scramble information.

In CP-ABE plan unscrambling keys just bolster client characteristics that are composed sensibly as a solitary

set. So clients can as it were utilizing every single conceivable blend of characteristics in a solitary set issued in

their key to fulfil an arrangement. To take care of this issue, presented cipher text-approach quality set-based

encryption (CP-ASBE or ASBE for short). ASBE is an augmented type of CP-ABE which sorts out client

properties into a recursive set structure and permits clients to force dynamic imperatives on how those

characteristics might be consolidated to fulfil an approach. It bunches client qualities into sets such that those

having a place with a solitary set have no confinements on how they can be consolidated. So also, different

numerical assignments for a given property can be bolstered by putting each task in a different set.

To accomplish adaptability, adaptability and fine grained access control and effective client renouncement,

Hierarchical property set based encryption [HASBE] by amplifying figure content strategy trait set based

encryption [CP-ASBE or ASBE] plan is proposed . HASBE augments the ASBE calculation with a various

levelled structure to enhance versatility and adaptability while at the same time acquires the component of

fine-grained access control of ASBE. HASBE underpins compound ascribes because of adaptable trait set blends and

accomplishes proficient client repudiation without requiring re-encryption in view of characteristics doled out

157 | P a g e

proprietors, information shoppers, various area powers, and a trusted power. The trusted power is the root power

and in charge of overseeing top-level area powers. Every information proprietor/shopper is administrated by a

space power. An area power is overseen by its guardian space power or the trusted power. Information

proprietors encode their information records and store them in the cloud for offering to information shoppers.

Information buyers download and decode the document put away in cloud. Information proprietors, information

shoppers, space powers, and the trusted power are sorted out in a progressive way and keys are appointed

through this chain of importance.

III. PROBLEM STATEMENT

Despite the fact that HASBE scheme achieves scalability, flexibility and fine grained get entry to control, there

is no method referred to as integrity scheme in HASBE to make sure that the records may be remained correctly

in the cloud. Subsequently it is the primary downside of HASBE scheme. The records proprietors are going

through a serious risk of corrupting or missing their information because of loss of bodily control over their

outsourced statistics. so as to triumph over this protection chance, privacy keeping public auditing idea may be

158 | P a g e

3.1 Objectives

The data owners want to save you the server and unauthorized customers from getting to know the contents in

their sensitive documents. Every of them owns a privateers coverage. Especially, the proposed scheme has the

subsequent objectives:

Best grained access control: exceptional customers can be authorized to examine exceptional units of

documents.

 user revocation: every time it's miles important, a user’s access privileges must be revoked from future get

right of entry to in an green and

Clean way.

 Bendy coverage specification: The complicated information get right of entry to policies can be specified in

a flexible manner.

 Scalability: To assist a huge and unpredictable number of customers, the machine must be exceedingly

scalable, in terms of Complexity in key management, consumer control, and computation and storage.

 Permit users to ensure the integrity of facts they're outsourced.

 Public audit potential: to allow a 3rd part Auditor (TPA) to verify the correctness of the cloud facts on

demand

Without retrieving a duplicate of the complete statistics or introducing extra online burden to the cloud users.

Garage correctness: to ensure that there exists no cheating cloud server which can skip the TPA’s audit with

outIndeed storing person’s facts intact. mprivateers-keeping: to make certain that the TPA can not derive users

data content material from the statistics gathered all through The auditing system.

3.2 Methodology

The complete device applies to non-public fitness file (PHR) that is an electronic file of a person's health

statistics.

Online PHR provider permits an person to create, shop, manipulate and percentage his personal health facts in a

centralized way. given that cloud computing affords infinite computing sources and elastic garage, PHR

provider carriers shift the statistics and applications in

A. order to lower their operational value.

the general technique of this work can be divided into two elements - comfortable PHR Sharing the usage of

HASBE and comfy information

Auditing. The structure of cozy PHR sharing is given in determine 1 and relaxed records auditing in determine 2

B. comfortable PHR Sharing

For comfortable PHR sharing, HASBE has a hierarchical shape of gadget customers. Hierarchy allows the

system to handle growing

Number of customers without degrading the efficiency. PHR proprietors can add their encrypted PHR files to

cloud garage and facts

Customers can download and decrypt the desired document from the cloud. in this gadget, the PHR proprietors

want not be on line all the time

Considering that they're not liable for issuing decryption keys to statistics clients. it's far the duty of a website

159 | P a g e

level there can be more than one

Area government so that no authority must come to be a bottleneck to address big variety of gadget users. right

here, the machine under

Consideration uses a intensity 2 hierarchy and there are 5 modules for at ease PHR sharing.

1. Depended on Authority Module

2. Area Authority Module

3. Data Owner Module

4. Data Consumer Module

5. PHR Cloud Service Module

IV. EXISTING SYSTEM

Here the FAH encryption algorithm for document indexes is employed in previous literature. Utilizing this FAH

algorithm, we encrypt slices of each index. detailed encryption process for one slice of the index Ic is that

encrypting l-bit term t in Slice is used by the hash function, and mapping l-bit encrypted term into r-bit

optimized term is by the mapping function, where and then accumulating all the r-bit optimized terms together.

Finally, we get the encrypted slice. In this way, we can encrypt the index Ic by accumulating all the slices (s

slices), and obtain the encrypted index Ic equals accumulating all the optimized terms in this document,

V. PROPOSED SYSTEM

The ranked keyword search will return documents to the relevance score. Zero proposed a novel technique that

makes the server side carry out the search operation. However, it should send many unrelated documents back

and let the user filter them. This is a waste of traffic, which is unsuitable for the mobile cloud. Bowers proposed

a distributed cryptographic system that preserved the security of the document retrieval process and the high

availability of The system, but this system suffers from two network round trips and calculation complexity for

target documents. Wang proposed a single round trip encrypted search scheme, but their system is not secure

enough, as it leaks the keyword and associated document information from multiple keyword searches.

proposed a single-keyword encryption search scheme utilizing ranked keyword search, which network

communication between the user and the cloud by transferring the computing burden from the user to the cloud.

5.1 Advantages of Proposed System

 We proposed a novel encrypted search system EnDAS over the mobile cloud, which improves network

traffic and search time efficiency compared with the traditional system.

 We started with a thorough analysis of the traditional encrypted search system and. analyzed its bottlenecks

in the mobile cloud: network traffic and search time inefficiency. Then we developed an efficient

architecture of EnDAS which is suitable for the mobile cloud to address these issues, where we utilized the

TMT module.

 RSBS algorithm to cope with the inefficient search time issue, while a trapdoor compression method was

employed to reduce network traffic costs. Finally our evaluation study experimentally demonstrates the

160 | P a g e

VI. CONCLUSION

In this paper, we proposed the privacy preserving public auditing concept for HASBE scheme, to overcome the

drawback of, absence of integrity assurance method in HASBE. Even though HASBE scheme achieves

scalability, flexibility and fine- grained access control, it fails to prove data integrity in the cloud. Since, the data

owner has no physical control over his outsourced data, such an auditing is necessary to prevent cloud service

provider from hiding data loss or corruption information from the owner. Audit result from TPA would also be

beneficial for the cloud service providers to improve their cloud based service platform, and users can give their

data to the cloud and be worry free about the data integrity. The proposed system preserves all advantages of

HASBE and also adds an additional quality of integrity proof to this system.

VII. FUTURE ENHANCEMENT

In this paper for the enhancement purpose we are using effective grouping and type of feedback form. But for

the future work we say that, the type of encryption and decryption, we will use latest encryption technique and

one single key is transfer through the internet for view a file and download that file.

REFERENCES

[1] Zhou Wan, Jun’e Liu, and Robert H. Deng, Senior Member, IEEE,” HASBE: A Hierarchical Attribute

set-Based Solution for Flexible and Scalable Access Control in Cloud Computing”, ieee transactions on

information forensics and security, vol. 7, no. 2, April 2012

[2] Kangchan Lee,” Security Threats in Cloud Computing Environments”, International Journal of Security

and Its Applications ,Vol. 6, No. 4, October, 2012.

[3] Cheng-Chi Lee1, Pei-Shan Chung2, and Min-ShiangHwang ,”A Survey on Attribute-based Encryption

Schemes of Access Control in Cloud Environments”, International Journal of Network Security, Vol.15,

No.4, PP.231-240, July 2013

[4] Vipul Goyal OmkantPandeyy Amit Sahaiz Brent Waters,” Attribute-Based Encryption for Fine-Grained

Access Control of Encrypted Data”

[5] John Bethencourt, Amit Sahai, Brent Waters “Ciphertext-Policy Attribute-Based Encryption ”, in Proc. IEEE Symp. Security and Privacy, Oakland, CA, 2007.

[6] GuojunWanga, Qin Liu a,b, JieWub, MinyiGuo, Hierarchical attribute-based encryption and scalable user

revocation for sharing data in cloud servers, www.elsevier.com locate / /cose

[7] Rakesh Bobba, HimanshuKhurana and ManojPrabhakaran,” Attribute-Sets: A Practically Motivated

Enhancement to Attribute-Based Encryption” University of Illinois at Urbana-Champaign, July 27, 2009

[8] Ming Li, Shucheng Yu, ,Yao Zheng, Kui Ren, and Wenjing Lou,” Scalable and Secure Sharing of

Personal Health Records in Cloud Computing using Attribute-based Encryption” in IEEE Transactions on

Parallel and Distributed Systems ,2012

[9] Chunxia Leng1, Huiqun Yu, Jangling Wang, Jianhua Huang,” Securing Personal Health Records in

Clouds by Enforcing Sticky Policies” in TELKOMNIKA, Vol. 11, No. 4, April 2013, pp. 2200 ~ 2208

161 | P a g e

Storage Security in Cloud Computing”.

[11] Jachak K. B., Korde S. K., Ghorpade P. P. and Gagare G. J.,“Homomorphic Authentication with Random

MaskingTechnique Ensuring Privacy & Security in CloudComputing”, Bioinfo Security Informatics, vol.

2, no. 2,pp. 49-52, ISSN. 2249-9423, 12 April 2012

[12] Devi D,” Scalable and Flexible Access Control with Secure Data Auditing in Cloud Computing”, (IJCSIT)

International Journal of Computer Science and Information Technologies, Vol. 5 (3) , 2014,

4118-4123,ISSN:0975-9646

AUTHOR DETAILS

J LAXMAN NAIK

Pursuing M.Tech in Visvesvaraya College of Engineering and Technology, M.P

Patelguda, Ibrahimpatnam (M), Ranga Reddy (D), and India.

SYED AMREEN

Working as Asst. Professor (CSE) in Visvesvaraya College of Engineering and Technology,

M.P Patelguda, Ibrahimpatnam (M), Rang a Reddy (D), and India.

SRI. DR. BHALUDRA RAVEENDRANADH SINGH

M.Tech,Ph.D.(CSE),MISTE,MIEEE(USA),MCSI

Professor & Principal. He obtained M.Tech, Ph.D(CSE)., is a young, decent, dynamic

Renowned Educationist and Eminent Academician, has overall 23 years of teaching

experience in different capacities. He is a life member of CSI, ISTE and also a member

of IEEE (USA). For his credit he has more than 50 Research papers published in Inter

National and National Journals. He has conducted various seminars, workshops and has

participated several National Conferences and International Conferences. He has

developed a passion towards building up of young Engineering Scholars and guided

more than 300 Scholars at Under Graduate Level and Post Graduate Level. His

meticulous planning and sound understanding of administrative issues made him a

successful person.