The document describes a proposed Lightweight Data Sharing Scheme (LDSS) for mobile cloud computing. It aims to provide secure data sharing and efficient access control for resource-constrained mobile devices. The key aspects are:
1. It uses Attribute-Based Encryption (ABE) and outsources computationally intensive encryption/decryption tasks to proxy servers, reducing overhead on mobile devices.
2. The access structure is modified to be suitable for mobile cloud scenarios and lazy revocation is introduced to reduce revocation costs.
3. A prototype framework is implemented to evaluate LDSS, showing it can greatly reduce client-side overhead while introducing minimal additional costs on the server side.
Model Call Girl in Tilak Nagar Delhi reach out to us at đ9953056974đ
Â
LDSS for mobile cloud
1. LDSS FOR MOBILE CLOUD
COMPUTING
GUIDED BY :
P K SOBHA - ( HEAD OF THE COMPUTER
SCIENCE DEPARTMENT )
PRESENTED BY :
SREELEKSHMI A KRISHNA
S4 MSC - 65416135009
1
2. AIM :
⢠To enforce security in light weight manner in mobile cloud environment
that has low resource mobile devices.
⢠To invoke light weight revocation policy.
2
4. ABSTRACT:
⢠Growth in Cloud Computing and the ubiquity of Mobile devices to access
Cloud services has generated a new paradigm, Mobile Cloud Computing
(MCC).
⢠I suggest a lightweight data sharing scheme (LDSS) for mobile cloud
computing.
⢠It adopts CP-ABE , an access control innovation utilized as a part of
ordinary cloud condition.
4
5. ⢠Changes the structure of access control tree to make it appropriate for
portable cloud situations.
⢠LDSS moves a huge part of the computational serious access control tree
change in CP-ABE from cell phones to outer intermediary servers.
5
6. ⢠To reduce the user revocation cost, it introduces attribute description
fields to implement lazy-revocation.
⢠LDSS can effectively reduce the overhead on the mobile device side
when users are sharing data in mobile cloud environments.
6
7. EXISTING SYSTEM :
⢠An encryption operation which takes one minute on a PC will take about
half an hour to finish on a mobile device.
⢠Current solutions donât solve the user privilege change problem very well.
⢠An operation could result in very high revocation cost.
7
8. ⢠No proper solution which can effectively solve the secure data sharing
problem in mobile cloud.
⢠This is not applicable for mobile devices as well.
8
9. DISADVANTAGES:
⢠There is no proper mechanism for providing the security for data that is
presented in the mobile cloud.
⢠User authentication and revocation cost will be high.
9
10. PROPOSED SYSTEM:
⢠I propose a Lightweight Data Sharing Scheme (LDSS) for mobile cloud
computing environment.
⢠Designed an algorithm called LDSS-CP-ABE based on Attribute-Based
Encryption (ABE) method to offer efficient access control over cipher
text.
⢠Use proxy servers for encryption and decryption operations.
⢠Computational intensive operations in ABE are conducted on proxy
servers, which greatly reduce the computational overhead on client side
mobile devices.
10
11. ⢠LDSS-CP-ABE -To maintain data privacy, a version attribute is also
added to the access structure.
⢠The decryption key format is modified so that it can be sent to the proxy
servers in a secure way.
⢠To introduce lazy re-encryption and description field of attributes to
reduce the revocation overhead when dealing with the user revocation
problem.
11
12. ⢠To implement a data sharing prototype framework based on LDSS.
⢠LDSS can greatly reduce the overhead on the client side, which only
introduces a minimal additional cost on the server side.
⢠It is beneficial to implement a realistic data sharing security scheme on
mobile devices.
⢠LDSS has better performance compared to the existing ABE based access
control schemes over cipher-text.
12
13. ADVANTAGES:
⢠Data can be transferred from one user to another securely over the cloud.
⢠It will work on all limited resource devices.
⢠Performance has been increased with the reduced cost.
13
14. SYSTEM REQUIREMENTS :
ďś Hardware Requirements:
ď System : Pentium P4
ď Hard Disk : 40 GB.
ď Floppy Drive: : 1.44 Mb.
ď Mobile Processor : 1GHz or higher
ď Ram : 1GB or Higher
14
15. ďś Software Requirements:
ď Operating system : Windows XP/7,8.
ď Coding Language : Java
ď Tool : Netbeans 8.1/Visual Studio
ď Database : SQL SERVER
15
16. MODULES :
1) Text Encryption and Decryption.
2) Image Encryption and Decryption.
3) Text Request.
4) Image Request.
5) View Encrypted Data
6) View User Request
7) Provide Password
16
17. MODULE DESCRIPTION :
Text Encryption and Decryption :
⢠User encrypted the plain text to encrypted format and uploaded to the
cloud.
⢠The encryption is done by using a password.
⢠Only using this password only anyone can decrypt the text.
⢠The user upload the password also include with encrypted data.
⢠The trusted authority id responsible for passing the password to the
requested user
17
18. Image Encryption and decryption
⢠The image encryption is also done.
⢠The encrypted images and password will also be uploaded to the cloud.
⢠The trusted authority id responsible for passing the password to the
requested user.
18
19. Text Request :
⢠Any user can view the file uploaded in the server.
⢠All the files are in encrypted format. User cant view the files without
know the password.
⢠For view the file first user need to request the password to Trusted
Authority
⢠The Authority check the user and provide the password for valid user.
19
20. Image request
⢠Image request is also same as the Text Request.
⢠The list of images can view in the application.
⢠User can only view the images after getting the password from trusted
authority,
20
21. ⢠View Encrypted Data :
⢠The user uploaded encrypted data can be view in the server side.
⢠The trusted authority act as server they have the responsibility to provide
password for the requested user.
21
22. View user request :
⢠User view the encrypted data they can request the password for encrypted
data.
⢠This user request can be view in the Trusted authority
22
23. Provide password :
⢠View the request Trusted authority validating the user and if the user is
valid the Trusted authority provide password for the requested file via
email.
⢠Using this password user can decrypt the file
23
24. SUB MODULES :
⢠Data Owner (DO) : DO uploads data to the mobile cloud and share it
with friends. DO determines the access control policies.
⢠Data User (DU) : DU retrieves data from the mobile cloud.
⢠Trust Authority (TA) : TA is responsible for generating and distributing
attribute keys.
24
25. ⢠Encryption Service Provider (ESP): ESP provides data encryption
operations for DO.
⢠Decryption Service Provider (DSP): DSP provides data decryption
operations for DU.
⢠Cloud Service Provider (CSP): CSP stores the data for DO. It faithfully
executes the operations requested by DO, while it may peek over data that
DO has stored in the cloud.
25
27. I. â SeGoAC : A tree-based model for self-defined, proxy-enabled and
group-oriented access control in mobile cloud computing â
- Journal of Computer Standards & Interfaces. 2017, Vol.54, p.29
ďś Authors : Wei Ren, Min Lei, Kim-Kwang Raymond Choo.
ďźAccess Control
ďźMobile Cloud Computing
ďźLightweight
ďźFlexibility
27
28. II .â A Survey of Security and Privacy Challenges in Cloud Computing:
Solutions and Future Directions â
- Journal of Computing Science and Engineering, Vol. 9, No. 3, September
2015, pp. 119-133
ďś Authors : Yuhong Liu , Syed Rizvi
ďźCloud computing
ďźSecurity
ďźPrivacy
ďźSurvey
28
29. III . âPrivacy Aware Authentication Scheme for Distributed Mobile
Cloud Computing â
-International Journal of Engineering Research ISSN:2319-6890) Volume
No.5, Issue No.5, pp : 408-410
ďś Authors : Mrs. Chaitali P. Kathar, Prof. Vidya Dhamdhere
ďźAuthentication scheme
ďźAttribute Based Encryption
ďźAnonymity
ďźMobile cloud computing services
29
31. WHAT IS CLOUD?
⢠Cloud is a term referring to accessing computer, information technology ,
and software applications through a network connection,
⢠By accessing data centers using wide area
networking or Internet connectivity.
⢠All IT resources can live in the cloud: A software program or application,
a service, or an entire infrastructure
31
32. CLOUD COMPUTING :
âCloud is about how you do computing ,
not where you do computing.â
- Paul Martiz
32
36. ADVANTAGES OF CLOUD STORAGE
⢠Usability: All cloud storage services reviewed in this topic have desktop folders for
Macâs and PCâs.
⢠It allows users to drag and drop files between the cloud storage and their local
storage.
⢠Bandwidth: You can avoid emailing files to individuals and instead send a web link
to recipients through your email.
⢠Accessibility: Stored files can be accessed from anywhere via Internet connection.
36
37. TYPE OF CLOUDS :
PUBLIC
o Scalable
o Reliable
PRIVATE
o Secure
o Greater control
HYBRID
o Flexible
o Cost effiective
37
39. CLOUD SERVICE PROVIDERS (CSP)
⢠Cloud service providers (CSP) are companies that offers network services,
infrastructure, or business applications in the cloud.
⢠The cloud services are hosted in a data center than can be accessed
by companies or individuals using network connectivity.
39
40. MOBILE CLOUD
COMPUTING
ďPalm sized cloud
environment.
ďTransmission of data, voice
and video via a computer
without having to be
connected to a fixed physical
link.
40
44. ⢠Encryption algorithm uses pair of keys, one of which is a secret key
and one of which is public.
⢠Two keys are mathematically linked with each.
44
45. DATA ENCRYPTION :
⢠Security method.
⢠Information is encoded in such a way that only authorized user can read it.
⢠Using encryption algorithm.
⢠To generate cipher text that can only be read if decrypted.
45
46. ATTRIBUTE-BASED ENCRYPTION
⢠Attribute-based encryption is a type of public-key encryption in which
the secret key of a user and the cipher text are dependent upon attributes.
⢠Firstly proposed by Amit Sahai and Brent Waters .
46
47. ď Encrypt Data with descriptive âAttributesâ
ď Users Private Keys reflect Decryption Policies
47master-key
CA/PKG
Authority is offline
Encrypt
w/attributes
48. TWO TYPES OF ATTRIBUTE-BASED ENCRYPTION SCHEMES:
⢠Key-policy attribute-based encryption (KP-ABE).
⢠Cipher text-policy attribute-based encryption (CP-ABE).
48
49. ⢠KP-ABE, userâs secret keys are generated based on an access tree that
defines the privileges scope of the concerned user.
⢠Data are encrypted over a set of attributes.
⢠CP-ABE uses access trees to encrypt data and users' secret keys are
generated over a set of attributes.
49
50. ACCESS TREE
⢠Secret Sharing for tree-structure of AND + OR
⢠Replicate ORs Split ANDs
50
59. ⢠Mobile devices only have limited storage space and computing power.
⢠To overcome this state-of-the-art , we proposed Lightweight Data Sharing
Scheme (LDSS) for mobile cloud computing environment.
⢠Palm sized cloud environment designed a new policy to prevent uncontrolled
data sharing.
59
61. ENCRYPTION :
⢠Based on ATTRIBUTE-BASED ENCRYPTION.
61
ABE with
outsourced
decryption
ABE
Distributed
ABE
Non
monotonic
access
CP-ABE KP-ABE
Hierarchical
ABE
Simple ABE
CLASSIFIED ABE
62. ENCRYPTION TECHNIQUES :
⢠Attribute-Based Encryption
- Proposed by Sahai and Waters.
ď Cipher text-Policy Attribute Based Encryption (CP-ABE)
- The access control policy is embedded into cipher text.
- CP-ABE is more suitable since it resembles role-based access control.
- The data owner designs the access control policy and assigns attributes to
data users.
- A user can decrypt the data properly if the userâs attributes satisfy the access
control policy.
62
66. AES ALGORITHM:
⢠Advanced Encryption Standard (AES) invented by two cryptographers-
John Deimen and Vincent Rijmen.
⢠It is a military grade block cipher.
66
67. During the selection process :
⢠NIST asked for :
⢠A block cipher
⢠Key length â 128,192 , 256 bit
⢠Block length â 128 bit
⢠Royalty free
67
68. STEPS :
Step 1: Derive the set of round keys from the cipher key.
Step 2: Initialize the state array with the block data (plaintext).
Step 3: Add the initial round key to the starting state array.
Step 4: Perform nine rounds of state manipulation.
Step 5: Perform the tenth and final round of state manipulation.
Step 6: Copy the final state array out as the encrypted data (cipher text).
68
69. PSEUDOCODE
Cipher(byte in[16], byte out[16], key_array round_key[Nr+1])
begin
byte state[16];
state = in;
AddRoundKey(state, round_key[0]);
for i = 1 to Nr-1 stepsize 1 do SubBytes(state);
69
72. BRE ALGORITHM :
⢠The BREA algorithm has the following features.
1. It is a Symmetric Key Block Cipher Algorithm.
2. Each block size is of 16 bytes.
3. Size of Key matrix is 16 bytes.
4. Values of Key matrix are randomly selected and ranging from 1 to 26.
5. Mono alphabetic substitution concept is followed.
6. Byte-Rotation technique is used. 72
75. ADVANCED SENSING ALGORITHM - STEPS :
Step 1: Start
Step 2: beginning user upload file to cloud server
Step 3: Encrypt the uploaded file and store it in cloud
Step 4: once it uploaded data owner can set an access privilege for that file
Step 5: if a user is trying to download uploaded file it will ask a key for
download it
75
76. Step 6: The key will be generated by trusted authority
Step 7: Trusted authority will send the generated key to the user
Step 8: If the key entered is correct the download will be begin
Step 9: else it will start download a dummy file
Step 10: Stop
76
78. END IF
Step 5: IF user entered key = true
start download `text`
ELSE
download dummy file
END IF
END 78
79. PROPOSED SYSTEM ALGORITHM
Step-1: Start
Step-2: Accept the data from the user.
Step-3: The Attributes of the data from the usersâ formats are obtained by the
Attribute-Based Encryption.
Step-4: With the help of these Attributes, Random Key is generated, and type
of data is obtained for encryption by BRE algorithm.
Step-5: The data is converted into equal number of blocks and N x N matrix
will be generated on the basis of these blocks.
Step-6: Based on no. of blocks, pool of threads will be created
79
80. Step-7: Run the threads in multi core system to create encrypted data in short
amount of time.
Step-8: A secret key is generated in order to open the encrypted file which is
stored in the cloud.
Step-9: The secret key is shared to the user via email or mobile number of the
authorised user. This key will be used to decrypt the encrypted file.
Step-10: The file selected will be decrypted in the original form using the key.
Step-11: Stop.
80
82. REFERENCES
[1] Gentry C, Halevi S. Implementing gentryâs fully-homomorphic
encryption scheme. in: Advances in CryptologyâEUROCRYPT 2011.
Berlin, Heidelberg: Springer press, pp. 129-148, 2011.
[2] Brakerski Z, Vaikuntanathan V. Efficient fully homomorphic
encryption from (standard) LWE. in: Proceeding of IEEE Symposium
on Foundations of Computer Science. California, USA: IEEE press,
pp. 97-106, Oct. 2011.
82
83. [3] Qihua Wang, Hongxia Jin. "Data leakage mitigation for discretionary
access control in collaboration clouds". the 16th ACM Symposium on
Access Control Models and Technologies (SACMAT), pp.103-122, Jun.
2011.
[4] Adam Skillen and Mohammad Mannan. On Implementing Deniable
Storage Encryption for Mobile Devices. the 20th Annual Network and
Distributed System Security Symposium (NDSS), Feb. 2013. 83
84. [5] Wang W, Li Z, Owens R, et al. Secure and efficient access to outsourced
data. in: Proceedings of the 2009 ACM workshop on Cloud computing
security. Chicago, USA: ACM pp. 55-66, 2009.
[6] Maheshwari U, Vingralek R, Shapiro W. How to build a trusted database
system on untrusted storage. in: Proceedings of the 4th conference on
Symposium on Operating System Design & Implementation-Volume 4.
USENIX Association, pp. 10-12, 2000. 84
85. [7] Kan Yang, Xiaohua Jia, Kui Ren: Attribute-based fine-grained access
control with efficient revocation in cloud storage systems. ASIACCS 2013,
pp. 523-528, 2013.
[8] Crampton J, Martin K, Wild P. On key assignment for hierarchical
access control. in: Computer Security Foundations Workshop. IEEE press,
pp. 14-111, 2006.
85
86. [9] Shi E, Bethencourt J, Chan T H H, et al. Multi-dimensional range query
over encrypted data. in: Proceedings of Symposium on Security and Privacy
(SP), IEEE press, 2007. 350-364
[10] Cong Wang, Kui Ren, Shucheng Yu, and Karthik Mahendra Raje Urs.
Achieving Usable and Privacy-assured Similarity Search over Outsourced
Cloud Data. IEEE INFOCOM 2012, Orlando, Florida, March 25-30, 2012
86