Identity based secure distributed data storage schemes
IDENTITY BASED SECURE DISTRIBUTED DATA
UNDER ESTEMMED GUIDANCE OF
Secure distributed data storage can shift the burden of maintaining a large number of
files from owner to proxy servers. Proxy servers can convert encrypted files for owner
to encrypted files for receiver without necessity of knowing the content of original
files. The proposed project uses 2 identity based secure distributed data storage
schemes. First scheme is secure against chosen plaintext attacks (CPA). Second
scheme is secure against chosen chipertext attacks (CCA). It is first identity based
secure distributed data storage schemes where access permissions is made by owner
of file and collusion attacks can be protected.
Cloud computing provides users a convenient mechanism to manage their
personal files with notion called Database-As-Services (DAS).
In DAS schemes, a user can outsource his encrypted files to untrusted
Proxy servers can perform some functions on outsourced cipher texts
without knowing anything about original files.
This technique has not been employed due to confidentiality and integrity.
To address these issues IBSDDS scheme is proposed, which uses two schemes.
These schemes capture following properties :
i) The file owner can decide the access permission independently.
ii) For one query, a receiver can only access one file instead of all files of the
iii) Our schemes secure against the collusion attacks.
Identity-based proxy encryption (IBPE) was proposed by Ivan and Dodis .
In these schemes, the master secret key which is used to extract secret keys. The
user can decrypt a cipher text for him with the help of the proxy server.
These schemes are not secure against the attacks, if the user can compromise the
proxy server master secret key can be exposed.
Cloud computing provides users with convenient mechanism to manage their
personal files with notation called database as a service (DAS).
In DAS Schemes, a user can outsource his encrypted files to untrusted proxy servers.
Proxy server can perform some functions on outsourced cipher texts without knowing
anything about original files.
After outsourcing the files to proxy servers, user will remove them from his local
Therefore, how to guarantee the outsourced files are not accessed by users
unauthorized users and not modified by proxy severs is an important problem that
has been considered in data storage research community.
DISADVANTAGES OF EXISTING SYSTEM
Users are especially concerned on the confidentiality, integrity and query of
outsourced files as cloud computing is complicated than local data storage systems,
as cloud is managed by untrusted third party.
There is no guarantee that the outsourced files are not accessed by unauthorized
users and not modified by proxy severs is an important problem.
In proposed project for one query, the receiver can access one of the owner’s file
instead of accessing all files.
An access permission is bound not only to the identity of receiver but also to the file.
The access permission can be decided by owner, instead of trusted third party.
Proposed project is secure against collusion attacks.
ADVANTAGES OF PROPOSED SYSTEM
It has 2 schemes of security:
i) the first scheme is secure against chosen plain text attacks (CPA).
ii) the second scheme is secure against chosen cipher text attacks (CCA).
For one query, a receiver can access only one file , instead of all files of the owner.
To achieve stronger security and implement file based access control ,the owner
must be online to authenticate requesters and also generate access permissions for
STEPS INVOLVED IN IBSDDS SCHEME IMPLEMENTATION ARE:
STEP 1: The file owner encrypts his files under his identity prior to outsourcing
a files to proxy servers.
STEP 2: He (owner of file) sends cipher texts to proxy servers (as he encrypted
his files under his identity in step1 so that cipher text is generated ).
STEP 3 : Proxy server transforms a cipher text encrypted under identity of the
owner to a cipher text encrypted under the identity of receiver, only after the receiver
has obtained access permission from owner of the file (file owner).
IBSDDS scheme consists of 4 modules :
i) Data owner
ii) proxy servers
iv) Data Storage Systems
Data Owner : In this module, first the new data owner registers and get a valid
login credentials. After login section, the data owner has permission to upload their
file to proxy server. Data owner encrypts his data and outsource the cipher text to
the proxy servers.
Proxy server : In this module, proxy server store the encrypted data and transfer
the cipher text for the owner to cipher text for receiver when they obtain an access
permission from owner .They authenticate receivers and validate access
Receiver : Receiver authenticates himself to the owner and decrypts the
encrypted cipher text to obtain data. In these systems, an end-to-end security is
provided by cryptographic protocols. These systems are divided into two types
shared file system and non-shared file system.
Data Storage Systems: Data storage systems enable user to store their data to
external proxy servers to enhance the access and availability and reduce
maintenance cost. Data storage schemes are classified into 3 kinds:
i) Network file system ii) Storage-based intrusion detection systems and
iii) Cryptographic file systems.
Hardware - Pentium IV
Speed - 1.1 GHz
RAM - 1GB
Hard Disk - 20 GB
Floppy Drive - 1.44 MB
Key Board - Standard Windows Keyboard
Mouse - Two or Three Button Mouse
Monitor - SVGA
Operating System : Windows
Technology : Java and J2EE
IDE : My Eclipse
Web Server : Tomcat
Database : My SQL
Java Version : JSDK1.5
Distributed data storage schemes provide the users with convenience to outsource
their files to untrusted proxy servers. Identity-based secure distributed data storage
(IBSDDS) schemes are a special kind of distributed data storage schemes where
users are identified by their identities and can communicate without the need of
verifying the public key certiﬁcates.
Jinguang Han, Student Member, IEEE, Willy Susilo, Senior Member, IEEE, and Yi
Mu, Senior Member, IEEE-“Identity-Based Secure Distributed Data Storage
Schemes”-IEEE TRANSACTIONS ON COMPUTERS, 2013.