SlideShare a Scribd company logo

Implementation modules

Download as DOCX, PDF
M
madhukarreddy007
1 of 4
Implementation Modules: 1. System Model 2. Requirements 3. Cryptography Used 4. Proposed Protocol System Model: Our solution consists of three fundamental parties: Cloud Service Provider (CSP) CSP manages cloud services and shared storages. CSP is usually a company which behaves as a partly trusted party. CSP provides cloud services, authenticates users when they access a cloud service. CSP also issues access attributes to users. Nevertheless, when CSP needs to revoke and identify a malicious user then CSP must collaborate with a revocation manager. Revocation Manager (RM). RM is a partly trusted party, e.g. government authority, who decides if the revocation of a user identity is rightful or not. Only the cooperation between CSP and RM can reveal the user identity. RM also cooperates with CSP during user registration when the user’s access attributes are issued. User (U). U is an ordinary customer who accesses into a cloud and uses cloud services, shared storages, etc. Users are anonymous if they properly follow the rules of CSP. To increase security, users use tamper-resistant devices or protected local storages. Requirements:
Our solution provides the following security requirements: Anonymity. Every honest user stays anonymous when uses cloud services. User identities are hidden if users behave honestly and do not break rules. Confidentiality . Every user’s session to CSP is confidential. No one without a secret session key is able to obtain data transmitted between U and CSP. Integrity. Data sent in user’s session cannot be modified without a secret session key. Unlink ability. The user’s sessions to cloud services are unlink able. No one besides CSP collaborating with RM is able to link two or more sessions between a certain U and CSP. Un traceability. Other users are unable to trace user’s authentication and concrete users’ communication. Revocation. Every user can be revoked by the collaboration of CSP and RM. Cryptography Used: In our solution, we use discrete logarithm commitments described in prior work . Further, the solution employs _-protocols to prove of discrete logarithm knowledge, representation and equivalence. To revoke a user, we use the Okamoto-Uchiyama Trapdoor One-Way Function described in .For more details about the used basic cryptographic blocks see prior works . Proposed Protocol: Our protocol consists of five phases: initialization, registration, anonymous access, secure communication and revocation. The basic principle of the proposed protocol . 1) Initialization: The initialization phase is run by Cloud Service Provider (CSP) and Revocation Manager (RM).CSP generates a group H defined by a large prime modulus p,
generators h1; h2 of prime order q and q .CSP generates a RSA key pair and stores own private key KCSP . 2) Registration: In the registration phase, a user registers and requests a user master key which they use in anonymous access to cloud services. Firstly, U must physically register on CSP. CSP checks user’s ID. This device which stores the user secret key should be also protected against a key estimation by side channel attacks, such as in [23]. Further, U cannot make own user master key because only RM knows KRK. Any honest user can repeat the request for the user master key or demand other authentication proofs if CSP agrees with that. 3) Anonymous Access: In this phase, the i- th user Ui anonymously accesses Cloud Service Provider (CSP). This phase consists of two-messages used to authenticate Ui and establish a secret key between Ui and CSP. 4) Secure Communication: If the anonymous access phase is successful, the user Ui can upload and download data from CSP. Data confidentiality and integrity are secured by a symmetric cipher. We propose to use AES which is well know cipher and is supported by many types of software and hardware platforms. To encrypt and decrypt transmitted data, Ui and CSP use the AES secret key K sym established in the previous phase. 5) Revocation: Depending on the case of rule breaking, the revocation phase can revoke a user and/or user anonymity. If users misuse a cloud service, they get revoked by RM. Because RM knows the factorization of n, RM is able to extract w RM.
Implementation modules

Recommended

Complete document
Complete documentComplete document
Complete documentmadhukarreddy007
 
User defined privacy grid system for continuous location based services abstract
User defined privacy grid system for continuous location based services abstractUser defined privacy grid system for continuous location based services abstract
User defined privacy grid system for continuous location based services abstractSoftroniics india
 
User defined privacy grid system for continuous location-based services
User defined privacy grid system for continuous location-based servicesUser defined privacy grid system for continuous location-based services
User defined privacy grid system for continuous location-based servicesLeMeniz Infotech
 
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICESUSER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICESnexgentechnology
 
NYMBLE BLOCKING
NYMBLE BLOCKINGNYMBLE BLOCKING
NYMBLE BLOCKINGVatsalya Eranky
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecway Technologies
 
Blocking misbehaving users in anonymizing network-project ppt*
Blocking misbehaving users in anonymizing network-project ppt*Blocking misbehaving users in anonymizing network-project ppt*
Blocking misbehaving users in anonymizing network-project ppt*dinesh krishna
 

Recommended

Complete document
Complete documentComplete document
Complete documentmadhukarreddy007
 
User defined privacy grid system for continuous location based services abstract
User defined privacy grid system for continuous location based services abstractUser defined privacy grid system for continuous location based services abstract
User defined privacy grid system for continuous location based services abstractSoftroniics india
 
User defined privacy grid system for continuous location-based services
User defined privacy grid system for continuous location-based servicesUser defined privacy grid system for continuous location-based services
User defined privacy grid system for continuous location-based servicesLeMeniz Infotech
 
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICESUSER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICES
USER-DEFINED PRIVACY GRID SYSTEM FOR CONTINUOUS LOCATION-BASED SERVICESnexgentechnology
 
NYMBLE BLOCKING
NYMBLE BLOCKINGNYMBLE BLOCKING
NYMBLE BLOCKINGVatsalya Eranky
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecway Technologies
 
Blocking misbehaving users in anonymizing network-project ppt*
Blocking misbehaving users in anonymizing network-project ppt*Blocking misbehaving users in anonymizing network-project ppt*
Blocking misbehaving users in anonymizing network-project ppt*dinesh krishna
 
Screen short
Screen shortScreen short
Screen shortmadhukarreddy007
 
20150715 xflow kikuta_final
20150715 xflow kikuta_final20150715 xflow kikuta_final
20150715 xflow kikuta_finalKazumasa Ikuta
 
Comunicar e preciso - Rota dos Negócios
Comunicar e preciso - Rota dos NegóciosComunicar e preciso - Rota dos Negócios
Comunicar e preciso - Rota dos NegóciosEmpresas Com Sucesso
 
HOUSE OF HI-RES!
HOUSE OF HI-RES!HOUSE OF HI-RES!
HOUSE OF HI-RES!biancacourtenay
 
Rendering: Vertices, Indices, UVs and Shaders
Rendering: Vertices, Indices, UVs and ShadersRendering: Vertices, Indices, UVs and Shaders
Rendering: Vertices, Indices, UVs and ShadersDavid Goemans
 
HTML5: Fullscreen, tilt and vivration
HTML5: Fullscreen, tilt and vivrationHTML5: Fullscreen, tilt and vivration
HTML5: Fullscreen, tilt and vivrationDavid Goemans
 
4 bhk fully furnished flat on sale at commerce six road navrangpura
4 bhk fully furnished flat on sale at commerce six road navrangpura4 bhk fully furnished flat on sale at commerce six road navrangpura
4 bhk fully furnished flat on sale at commerce six road navrangpuraankitremax1
 
Software requirement
Software requirementSoftware requirement
Software requirementmadhukarreddy007
 
Funil vendas - Empresas com Sucesso
Funil vendas - Empresas com SucessoFunil vendas - Empresas com Sucesso
Funil vendas - Empresas com SucessoEmpresas Com Sucesso
 
Artrite 7 maneiras de reduzir a dor
Artrite 7 maneiras de reduzir a dorArtrite 7 maneiras de reduzir a dor
Artrite 7 maneiras de reduzir a dorEmpresas Com Sucesso
 
Marine & Beauty queen Ch 05
Marine & Beauty queen Ch 05 Marine & Beauty queen Ch 05
Marine & Beauty queen Ch 05 uttermostpagean20
 
Arunav Kanoria Portfolio
Arunav Kanoria PortfolioArunav Kanoria Portfolio
Arunav Kanoria PortfolioArunav Kanoria
 
All about trichotillomania
All about trichotillomaniaAll about trichotillomania
All about trichotillomaniaasherlock99
 
Atomic energy
Atomic energyAtomic energy
Atomic energyPRATIKKUMAR BHIMANI
 
Extreme Javascript Minification
Extreme Javascript MinificationExtreme Javascript Minification
Extreme Javascript MinificationDavid Goemans
 
Public integrity auditing for shared dynamic cloud data with group user revoc...
Public integrity auditing for shared dynamic cloud data with group user revoc...Public integrity auditing for shared dynamic cloud data with group user revoc...
Public integrity auditing for shared dynamic cloud data with group user revoc...Pvrtechnologies Nellore
 
Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkIJERA Editor
 
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloud
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloudA secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloud
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloudPvrtechnologies Nellore
 
iaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocoliaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocolIaetsd Iaetsd
 
Attribute-Based Encryption for Access of Secured Data in Cloud Storage
Attribute-Based Encryption for Access of Secured Data in Cloud StorageAttribute-Based Encryption for Access of Secured Data in Cloud Storage
Attribute-Based Encryption for Access of Secured Data in Cloud StorageIJSRD
 
privacy preserving abstract
privacy preserving abstract privacy preserving abstract
privacy preserving abstractmuhammed jassim k
 
Adapting singlet login in distributed systems
Adapting singlet login in distributed systemsAdapting singlet login in distributed systems
Adapting singlet login in distributed systemseSAT Publishing House
 

More Related Content

Viewers also liked

20150715 xflow kikuta_final
20150715 xflow kikuta_final20150715 xflow kikuta_final
20150715 xflow kikuta_finalKazumasa Ikuta
 
Comunicar e preciso - Rota dos Negócios
Comunicar e preciso - Rota dos NegóciosComunicar e preciso - Rota dos Negócios
Comunicar e preciso - Rota dos NegóciosEmpresas Com Sucesso
 
Rendering: Vertices, Indices, UVs and Shaders
Rendering: Vertices, Indices, UVs and ShadersRendering: Vertices, Indices, UVs and Shaders
Rendering: Vertices, Indices, UVs and ShadersDavid Goemans
 
HTML5: Fullscreen, tilt and vivration
HTML5: Fullscreen, tilt and vivrationHTML5: Fullscreen, tilt and vivration
HTML5: Fullscreen, tilt and vivrationDavid Goemans
 
4 bhk fully furnished flat on sale at commerce six road navrangpura
4 bhk fully furnished flat on sale at commerce six road navrangpura4 bhk fully furnished flat on sale at commerce six road navrangpura
4 bhk fully furnished flat on sale at commerce six road navrangpuraankitremax1
 
Funil vendas - Empresas com Sucesso
Funil vendas - Empresas com SucessoFunil vendas - Empresas com Sucesso
Funil vendas - Empresas com SucessoEmpresas Com Sucesso
 
Artrite 7 maneiras de reduzir a dor
Artrite 7 maneiras de reduzir a dorArtrite 7 maneiras de reduzir a dor
Artrite 7 maneiras de reduzir a dorEmpresas Com Sucesso
 
Marine & Beauty queen Ch 05
Marine & Beauty queen Ch 05 Marine & Beauty queen Ch 05
Marine & Beauty queen Ch 05 uttermostpagean20
 
Arunav Kanoria Portfolio
Arunav Kanoria PortfolioArunav Kanoria Portfolio
Arunav Kanoria PortfolioArunav Kanoria
 
All about trichotillomania
All about trichotillomaniaAll about trichotillomania
All about trichotillomaniaasherlock99
 
Extreme Javascript Minification
Extreme Javascript MinificationExtreme Javascript Minification
Extreme Javascript MinificationDavid Goemans
 

Viewers also liked (15)

Screen short
Screen shortScreen short
Screen short
 
20150715 xflow kikuta_final
20150715 xflow kikuta_final20150715 xflow kikuta_final
20150715 xflow kikuta_final
 
Comunicar e preciso - Rota dos Negócios
Comunicar e preciso - Rota dos NegóciosComunicar e preciso - Rota dos Negócios
Comunicar e preciso - Rota dos Negócios
 
HOUSE OF HI-RES!
HOUSE OF HI-RES!HOUSE OF HI-RES!
HOUSE OF HI-RES!
 
Rendering: Vertices, Indices, UVs and Shaders
Rendering: Vertices, Indices, UVs and ShadersRendering: Vertices, Indices, UVs and Shaders
Rendering: Vertices, Indices, UVs and Shaders
 
HTML5: Fullscreen, tilt and vivration
HTML5: Fullscreen, tilt and vivrationHTML5: Fullscreen, tilt and vivration
HTML5: Fullscreen, tilt and vivration
 
4 bhk fully furnished flat on sale at commerce six road navrangpura
4 bhk fully furnished flat on sale at commerce six road navrangpura4 bhk fully furnished flat on sale at commerce six road navrangpura
4 bhk fully furnished flat on sale at commerce six road navrangpura
 
Software requirement
Software requirementSoftware requirement
Software requirement
 
Funil vendas - Empresas com Sucesso
Funil vendas - Empresas com SucessoFunil vendas - Empresas com Sucesso
Funil vendas - Empresas com Sucesso
 
Artrite 7 maneiras de reduzir a dor
Artrite 7 maneiras de reduzir a dorArtrite 7 maneiras de reduzir a dor
Artrite 7 maneiras de reduzir a dor
 
Marine & Beauty queen Ch 05
Marine & Beauty queen Ch 05 Marine & Beauty queen Ch 05
Marine & Beauty queen Ch 05
 
Arunav Kanoria Portfolio
Arunav Kanoria PortfolioArunav Kanoria Portfolio
Arunav Kanoria Portfolio
 
All about trichotillomania
All about trichotillomaniaAll about trichotillomania
All about trichotillomania
 
Atomic energy
Atomic energyAtomic energy
Atomic energy
 
Extreme Javascript Minification
Extreme Javascript MinificationExtreme Javascript Minification
Extreme Javascript Minification
 

Similar to Implementation modules

Public integrity auditing for shared dynamic cloud data with group user revoc...
Public integrity auditing for shared dynamic cloud data with group user revoc...Public integrity auditing for shared dynamic cloud data with group user revoc...
Public integrity auditing for shared dynamic cloud data with group user revoc...Pvrtechnologies Nellore
 
Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkIJERA Editor
 
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloud
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloudA secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloud
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloudPvrtechnologies Nellore
 
iaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocoliaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocolIaetsd Iaetsd
 
Attribute-Based Encryption for Access of Secured Data in Cloud Storage
Attribute-Based Encryption for Access of Secured Data in Cloud StorageAttribute-Based Encryption for Access of Secured Data in Cloud Storage
Attribute-Based Encryption for Access of Secured Data in Cloud StorageIJSRD
 
privacy preserving abstract
privacy preserving abstract privacy preserving abstract
privacy preserving abstractmuhammed jassim k
 
Adapting singlet login in distributed systems
Adapting singlet login in distributed systemsAdapting singlet login in distributed systems
Adapting singlet login in distributed systemseSAT Publishing House
 
Adapting singlet login in distributed systems
Adapting singlet login in distributed systemsAdapting singlet login in distributed systems
Adapting singlet login in distributed systemseSAT Journals
 
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01Nitish Bhardwaj
 
A cloud storage system for sharing data securely with privacy preservation an...
A cloud storage system for sharing data securely with privacy preservation an...A cloud storage system for sharing data securely with privacy preservation an...
A cloud storage system for sharing data securely with privacy preservation an...eSAT Journals
 
IJSRED-V2I5P16
IJSRED-V2I5P16IJSRED-V2I5P16
IJSRED-V2I5P16IJSRED
 
Achieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportAchieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportKiran Girase
 
Collaboration in multicloud computing environments framework and security issues
Collaboration in multicloud computing environments framework and security issuesCollaboration in multicloud computing environments framework and security issues
Collaboration in multicloud computing environments framework and security issuesIEEEFINALYEARPROJECTS
 
DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...
DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...
DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...IEEEGLOBALSOFTTECHNOLOGIES
 

Similar to Implementation modules (20)

Public integrity auditing for shared dynamic cloud data with group user revoc...
Public integrity auditing for shared dynamic cloud data with group user revoc...Public integrity auditing for shared dynamic cloud data with group user revoc...
Public integrity auditing for shared dynamic cloud data with group user revoc...
 
Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed Network
 
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloud
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloudA secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloud
A secure-anti-collusion-data-sharing-scheme-for-dynamic-groups-in-the-cloud
 
iaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocoliaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocol
 
Attribute-Based Encryption for Access of Secured Data in Cloud Storage
Attribute-Based Encryption for Access of Secured Data in Cloud StorageAttribute-Based Encryption for Access of Secured Data in Cloud Storage
Attribute-Based Encryption for Access of Secured Data in Cloud Storage
 
privacy preserving abstract
privacy preserving abstract privacy preserving abstract
privacy preserving abstract
 
Adapting singlet login in distributed systems
Adapting singlet login in distributed systemsAdapting singlet login in distributed systems
Adapting singlet login in distributed systems
 
Adapting singlet login in distributed systems
Adapting singlet login in distributed systemsAdapting singlet login in distributed systems
Adapting singlet login in distributed systems
 
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
A cloud storage system for sharing data securely with privacy preservation an...
A cloud storage system for sharing data securely with privacy preservation an...A cloud storage system for sharing data securely with privacy preservation an...
A cloud storage system for sharing data securely with privacy preservation an...
 
IJSRED-V2I5P16
IJSRED-V2I5P16IJSRED-V2I5P16
IJSRED-V2I5P16
 
H0362052056
H0362052056H0362052056
H0362052056
 
Achieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportAchieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing report
 
Collaboration in multicloud computing environments framework and security issues
Collaboration in multicloud computing environments framework and security issuesCollaboration in multicloud computing environments framework and security issues
Collaboration in multicloud computing environments framework and security issues
 
DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...
DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...
DOTNET 2013 IEEE CLOUDCOMPUTING PROJECT Collaboration in multicloud computing...
 

More from madhukarreddy007

More from madhukarreddy007 (6)

System configuration
System configurationSystem configuration
System configuration
 
Proposed system
Proposed systemProposed system
Proposed system
 
Organization profile
Organization profileOrganization profile
Organization profile
 
Input and output design
Input and output designInput and output design
Input and output design
 
Existing system
Existing systemExisting system
Existing system
 
Abstract
AbstractAbstract
Abstract
 

Implementation modules

  • 1. Implementation Modules: 1. System Model 2. Requirements 3. Cryptography Used 4. Proposed Protocol System Model: Our solution consists of three fundamental parties: Cloud Service Provider (CSP) CSP manages cloud services and shared storages. CSP is usually a company which behaves as a partly trusted party. CSP provides cloud services, authenticates users when they access a cloud service. CSP also issues access attributes to users. Nevertheless, when CSP needs to revoke and identify a malicious user then CSP must collaborate with a revocation manager. Revocation Manager (RM). RM is a partly trusted party, e.g. government authority, who decides if the revocation of a user identity is rightful or not. Only the cooperation between CSP and RM can reveal the user identity. RM also cooperates with CSP during user registration when the user’s access attributes are issued. User (U). U is an ordinary customer who accesses into a cloud and uses cloud services, shared storages, etc. Users are anonymous if they properly follow the rules of CSP. To increase security, users use tamper-resistant devices or protected local storages. Requirements:
  • 2. Our solution provides the following security requirements: Anonymity. Every honest user stays anonymous when uses cloud services. User identities are hidden if users behave honestly and do not break rules. Confidentiality . Every user’s session to CSP is confidential. No one without a secret session key is able to obtain data transmitted between U and CSP. Integrity. Data sent in user’s session cannot be modified without a secret session key. Unlink ability. The user’s sessions to cloud services are unlink able. No one besides CSP collaborating with RM is able to link two or more sessions between a certain U and CSP. Un traceability. Other users are unable to trace user’s authentication and concrete users’ communication. Revocation. Every user can be revoked by the collaboration of CSP and RM. Cryptography Used: In our solution, we use discrete logarithm commitments described in prior work . Further, the solution employs _-protocols to prove of discrete logarithm knowledge, representation and equivalence. To revoke a user, we use the Okamoto-Uchiyama Trapdoor One-Way Function described in .For more details about the used basic cryptographic blocks see prior works . Proposed Protocol: Our protocol consists of five phases: initialization, registration, anonymous access, secure communication and revocation. The basic principle of the proposed protocol . 1) Initialization: The initialization phase is run by Cloud Service Provider (CSP) and Revocation Manager (RM).CSP generates a group H defined by a large prime modulus p,
  • 3. generators h1; h2 of prime order q and q .CSP generates a RSA key pair and stores own private key KCSP . 2) Registration: In the registration phase, a user registers and requests a user master key which they use in anonymous access to cloud services. Firstly, U must physically register on CSP. CSP checks user’s ID. This device which stores the user secret key should be also protected against a key estimation by side channel attacks, such as in [23]. Further, U cannot make own user master key because only RM knows KRK. Any honest user can repeat the request for the user master key or demand other authentication proofs if CSP agrees with that. 3) Anonymous Access: In this phase, the i- th user Ui anonymously accesses Cloud Service Provider (CSP). This phase consists of two-messages used to authenticate Ui and establish a secret key between Ui and CSP. 4) Secure Communication: If the anonymous access phase is successful, the user Ui can upload and download data from CSP. Data confidentiality and integrity are secured by a symmetric cipher. We propose to use AES which is well know cipher and is supported by many types of software and hardware platforms. To encrypt and decrypt transmitted data, Ui and CSP use the AES secret key K sym established in the previous phase. 5) Revocation: Depending on the case of rule breaking, the revocation phase can revoke a user and/or user anonymity. If users misuse a cloud service, they get revoked by RM. Because RM knows the factorization of n, RM is able to extract w RM.