This document proposes a secure cloud storage system that uses erasure coding and threshold proxy re-encryption to securely store and forward data. It addresses issues with existing systems that require users to perform computations and decryption. The proposed system allows storage servers to independently encode, re-encrypt, and partially decrypt data to enable more efficient storage and direct data forwarding between users. Key servers also distribute cryptographic keys for increased security compared to storing keys on a single device.
3. Constructing a secure cloud storage system
that supports multiple functions over a
distributed system.
Storing data in a third party’s cloud system
causes serious concern on data
confidentiality.
In order to provide strong confidentiality for
messages in storage servers, a user can
encrypt messages by a cryptographic
method.
4. We address the problem of forwarding data to
another user by storage servers directly.
The methods we implemented threshold proxy re-
encryption and decentralized erasure code.
Storing cryptographic keys in a single device is
risky.
User distributes his cryptographic key to key
servers that shall perform cryptographic functions
on behalf of the user.
6. In Existing System we use a straightforward
integration method.
In order to provide strong confidentiality for
messages in storage servers, a user can encrypt
messages by a cryptographic method.
To retrieve the Codeword symbols from storage
servers, decode them, and then decrypt them by
using cryptographic keys.
Limit the functionality of the storage system .
9. We mainly concentrating on 2 aspects.
o Data Storage Security.
o Data Forwarding.
Data Storage Security
Data storage mechanism.
Data availability.
Type of encryption.
10. Data Forwarding
First, the user has to do most computation and the
communication traffic between the user and storage
servers is high.
Second, the user has to manage his cryptographic keys.
If the user’s device of storing the keys is lost or
compromised, the security is broken.
Finally, besides data storing and retrieving, it is hard for
storage servers to directly support other functions.
For example, storage servers cannot directly forward a
user’s messages to another one. The owner of messages
has to retrieve, decode, decrypt and then forward them
to another user.
12. A new threshold proxy re-encryption scheme.
Encoding of data is done by erasure codes.
Decentralized code to form a secure distributed
storage system.
The storage system independently perform the
following.
Encoding.
Re-encryption.
Key servers.
Partial decryption.
o We integrate the above mentioned encryption
scheme and secure distribution.
19. Process Encryption
Threshold-Proxy Function
Secure Cloud Storage
Decentralization
Data Forwarding
20. Process Encryption
The process can be encrypted by using
cryptographic keys.
After the process can be encrypted, it can be
Spitted as different process.
Process splitting can also be sectorized by the
data owner.
22. We integrate the newly proposed threshold proxy
re-encryption scheme and erasure codes over
exponents.
Key servers act as access nodes for providing a
front-end layer.
The proposed system supports the following
features in a distributed way,
Encrypting the k blocks
Encoding the n codeword symbols
Partial decryption operations.
23. What’s Next ???
Threshold-Proxy Function
Secure Cloud Storage
Decentralization
Data Forwarding