This document proposes a scheme for public verifiability in cloud computing using signcryption based on elliptic curves. The key components of the proposed system include users, a cloud service provider, an authentication server, and a certificate authority. The scheme relies on erasure-correcting codes to distribute and redundantly store user data across multiple cloud servers. It uses signcryption/unsigncryption based on elliptic curves to generate verification tokens for the stored data and enable public verifiability, allowing an authentication server to verify the integrity and accuracy of user data on cloud servers without involving the user. The scheme aims to simultaneously detect any data errors and identify the misbehaving servers upon verification.
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology
Improving Efficiency of Security in Multi-CloudIJTET Journal
Β
Abstract--Due to risk in service availability failure and the possibilities of malicious insiders in the single cloud, a movement towards βMulti-cloudsβ has emerged recently. In general a multi-cloud security system there is a possibility for third party to access the user files. Ensuring security in this stage has become tedious since, most of the activities are done in network. In this paper, an enhanced security methodology has been introduced in order to make the data stored in cloud more secure. Duple authentication process introduced in this concept defends malicious insiders and shields the private data. Various disadvantages in traditional systems like unauthorized access, hacking have been overcome in this proposed system and a comparison made with the traditional systems in terms of performance and computational time have shown better results.
Smart, Secure and Efficient Data Sharing in IoTAngelo Corsaro
Β
The value of the Internet of Things is the data and the insights derived from it to optimise and improve potentially every aspect of our modern society. As IoT extends its application from consumer to ever more demanding industrial applications, the ability to smartly, securely and efficiently share data makes the difference between success and failure.
This presentation will (1) introduce the data sharing challenges posed by a large class of IoT applications often referred as Industrial IoT (IIoT) applications, (2) highlight how the standards identified by the Industrial Internet of Things Reference Architecture, such as DDS, address the need of smart, secure and efficient data sharing, and (3) showcase how this technology is used today in several IoT systems for ensuring smart, secure and efficient data sharing.
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology
Improving Efficiency of Security in Multi-CloudIJTET Journal
Β
Abstract--Due to risk in service availability failure and the possibilities of malicious insiders in the single cloud, a movement towards βMulti-cloudsβ has emerged recently. In general a multi-cloud security system there is a possibility for third party to access the user files. Ensuring security in this stage has become tedious since, most of the activities are done in network. In this paper, an enhanced security methodology has been introduced in order to make the data stored in cloud more secure. Duple authentication process introduced in this concept defends malicious insiders and shields the private data. Various disadvantages in traditional systems like unauthorized access, hacking have been overcome in this proposed system and a comparison made with the traditional systems in terms of performance and computational time have shown better results.
Smart, Secure and Efficient Data Sharing in IoTAngelo Corsaro
Β
The value of the Internet of Things is the data and the insights derived from it to optimise and improve potentially every aspect of our modern society. As IoT extends its application from consumer to ever more demanding industrial applications, the ability to smartly, securely and efficiently share data makes the difference between success and failure.
This presentation will (1) introduce the data sharing challenges posed by a large class of IoT applications often referred as Industrial IoT (IIoT) applications, (2) highlight how the standards identified by the Industrial Internet of Things Reference Architecture, such as DDS, address the need of smart, secure and efficient data sharing, and (3) showcase how this technology is used today in several IoT systems for ensuring smart, secure and efficient data sharing.
Two Level Auditing Architecture to Maintain Consistent In Cloudtheijes
Β
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.
Theoretical work submitted to the Journal should be original in its motivation or modeling structure. Empirical analysis should be based on a theoretical framework and should be capable of replication. It is expected that all materials required for replication (including computer programs and data sets) should be available upon request to the authors.
The International Journal of Engineering & Science would take much care in making your article published without much delay with your kind cooperation
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMijsrd.com
Β
Cloud computing is computing in which large groups of remote servers are networked to allow centralized data storage and online access to computer services or resources. The strives of environment is dynamic, customizable and reliable with the quality of services. Security issues in the cloud as it is anywhere else. Lots of people share different point of views in cloud computing. Some of the people believe that it is unsafe to use Cloud Computing .Clouds can be classified as public, private or hybrid. This paper handle security issue in cloud using blowfish algorithm.
In general, the Cloud computing utilization becomes unavoidable in each and every data
communication as well as the service sharing center with various applications. Based on the requirements, the
clients are performing service selection (such as infrastructure, software or platforms) towards to fulfil their
needs in optimized manner. Whenever the data is going to be stored in a third party network, it automatically
brings a question mark for secure access along with its storage infrastructure. The security for data transaction
between cloud service providers and cloud clients is forever carry with the help of crypto graphic algorithms
either it may be an symmetric or asymmetric key generation mechanism with certain limitations . In this
research paper implement a new approach for ensure the secure data transaction by using Orthogonal
Handshaking Authentication Mechanism under cloud along with a proposed storage authentication protocol. It
creates a roadmap for data retrieval progress of authenticated cloud users among the service access in cloud
computing. Data on Cloud storage will get an encrypted format by using a symmetric key helps to maintain its
security and authentication will provide the cloud data utilization with appropriate cloud users.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGEditor IJMTER
Β
Public-key cryptosystems produce constant-size cipher texts with efficient delegation
of decryption rights for any set of cipher texts. One can aggregate any set of secret keys and make
them as compact as a single key. The secret key holder can release a constant-size aggregate key for
flexible choices of cipher text set in cloud storage. In KAC, users encrypt a message not only under a
public-key, but also under an identifier of cipher text called class. That means the cipher texts are
further categorized into different classes. The key owner holds a master-secret called master-secret
key, which can be used to extract secret keys for different classes. More importantly, the extracted
key have can be an aggregate key which is as compact as a secret key for a single class, but
aggregates the power of many such keys, i.e., the decryption power for any subset of cipher text
classes. The key aggregate cryptosystem is enhanced with boundary less cipher text classes. The
system is improved with device independent key distribution mechanism. The key distribution
process is enhanced with security features to protect key leakage. The key parameter transmission
process is integrated with the cipher text download process.
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGijcsit
Β
Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces
database and application software to the large data centres, where the management of services and data
may not be predictable, where as the conventional solutions, for IT services are under proper logical,
physical and personal controls. This aspect attribute, however comprises different security challenges
which have not been well understood. It concentrates on cloud data storage security which has always been
an important aspect of quality of service (QOS). In this paper, we designed and simulated an adaptable and
efficient scheme to guarantee the correctness of user data stored in the cloud and also with some prominent
features. Homomorphic token is used for distributed verification of erasure β coded data. By using this
scheme, we can identify misbehaving servers. In spite of past works, our scheme supports effective and
secure dynamic operations on data blocks such as data insertion, deletion and modification. In contrast to
traditional solutions, where the IT services are under proper physical, logical and personnel controls,
cloud computing moves the application software and databases to the large data centres, where the data
management and services may not be absolutely truthful. This effective security and performance analysis
describes that the proposed scheme is extremely flexible against malicious data modification, convoluted
failures and server clouding attacks.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...IJSRD
Β
Now days rapidly increased use of cloud computing in the many organization and IT industries and provides latest software solution with minimum cost. So the cloud computing give us number of benefits with minimum cost and of data accessibility through Internet. The ensuring security risks of the cloud computing is the main factor in the cloud computing environment, The evolving essence is Cloud computing, that is beneficial in cost effective parts, such as capability inflexible computing, decreasing the time period to market and insufficient computing power. By using the complete ability of cloud computing, data are transmitted, processed and stored on the outside cloud service providers. The fact is that, the owner of the data is feeling extremely unconfident to locate their data outer to their own control. Security and Confidentiality of data stored in the cloud are key setbacks in the area of Cloud Computing. Security and Confidentiality are the key issues for cloud storage. This paper proposes a KIST encryption algorithm to concentrate on the security and Confidentiality issues in cloud storage and also compressed cipher text data in order to protect the data stored in the cloud.
"The transition of companies to cloud-based will be quicker for some and slower for others depending on their individual circumstances, But the change will happen."
International Journal of Engineering and Science Invention (IJESI)inventionjournals
Β
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
Β
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application softwareβs and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
NEW SECURE CONCURRECY MANEGMENT APPROACH FOR DISTRIBUTED AND CONCURRENT ACCES...ijiert bestjournal
Β
Handover the critical data to the cloud provider sh ould have the guarantee of security and availabilit y for data at rest,in motion,and in use. Many alternatives sys tems exist for storage services,but the data confi dentiality in the database as a service paradigm are still immature. We propose a novel architecture that integrates clo ud database services paradigm with data confidentiality and exe cuting concurrent operations on encrypted data. Thi s is the method supporting geographically distributed client s to connect directly and access to an encrypted cl oud database,and to execute concurrent and independent operation s by using modifying the database structure. The proposed architecture has also the more advanta ge of removing intermediate proxies that limit the flexibility,availability,and expandability properties that are inbuilt in cloud-based systems. The efficacy of th e proposed architecture is evaluated by theoretical analyses a nd extensive experimental results with the help of prototype implementation related to the TPC-C standard benchm ark for various categories of clients and network l atencies. We propose a multi-keyword ranked search method for the encrypted cloud data databases,which simultan eously fulfill the needs of privacy requirements. The prop osed scheme could return not only the exact matchin g files,but also the files including the terms latent semantica lly associated to the query keyword.
IOSR Journal of Applied Physics (IOSR-JAP) is an open access international journal that provides rapid publication (within a month) of articles in all areas of physics and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in applied physics. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Two Level Auditing Architecture to Maintain Consistent In Cloudtheijes
Β
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.
Theoretical work submitted to the Journal should be original in its motivation or modeling structure. Empirical analysis should be based on a theoretical framework and should be capable of replication. It is expected that all materials required for replication (including computer programs and data sets) should be available upon request to the authors.
The International Journal of Engineering & Science would take much care in making your article published without much delay with your kind cooperation
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMijsrd.com
Β
Cloud computing is computing in which large groups of remote servers are networked to allow centralized data storage and online access to computer services or resources. The strives of environment is dynamic, customizable and reliable with the quality of services. Security issues in the cloud as it is anywhere else. Lots of people share different point of views in cloud computing. Some of the people believe that it is unsafe to use Cloud Computing .Clouds can be classified as public, private or hybrid. This paper handle security issue in cloud using blowfish algorithm.
In general, the Cloud computing utilization becomes unavoidable in each and every data
communication as well as the service sharing center with various applications. Based on the requirements, the
clients are performing service selection (such as infrastructure, software or platforms) towards to fulfil their
needs in optimized manner. Whenever the data is going to be stored in a third party network, it automatically
brings a question mark for secure access along with its storage infrastructure. The security for data transaction
between cloud service providers and cloud clients is forever carry with the help of crypto graphic algorithms
either it may be an symmetric or asymmetric key generation mechanism with certain limitations . In this
research paper implement a new approach for ensure the secure data transaction by using Orthogonal
Handshaking Authentication Mechanism under cloud along with a proposed storage authentication protocol. It
creates a roadmap for data retrieval progress of authenticated cloud users among the service access in cloud
computing. Data on Cloud storage will get an encrypted format by using a symmetric key helps to maintain its
security and authentication will provide the cloud data utilization with appropriate cloud users.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGEditor IJMTER
Β
Public-key cryptosystems produce constant-size cipher texts with efficient delegation
of decryption rights for any set of cipher texts. One can aggregate any set of secret keys and make
them as compact as a single key. The secret key holder can release a constant-size aggregate key for
flexible choices of cipher text set in cloud storage. In KAC, users encrypt a message not only under a
public-key, but also under an identifier of cipher text called class. That means the cipher texts are
further categorized into different classes. The key owner holds a master-secret called master-secret
key, which can be used to extract secret keys for different classes. More importantly, the extracted
key have can be an aggregate key which is as compact as a secret key for a single class, but
aggregates the power of many such keys, i.e., the decryption power for any subset of cipher text
classes. The key aggregate cryptosystem is enhanced with boundary less cipher text classes. The
system is improved with device independent key distribution mechanism. The key distribution
process is enhanced with security features to protect key leakage. The key parameter transmission
process is integrated with the cipher text download process.
DISTRIBUTED SCHEME TO AUTHENTICATE DATA STORAGE SECURITY IN CLOUD COMPUTINGijcsit
Β
Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces
database and application software to the large data centres, where the management of services and data
may not be predictable, where as the conventional solutions, for IT services are under proper logical,
physical and personal controls. This aspect attribute, however comprises different security challenges
which have not been well understood. It concentrates on cloud data storage security which has always been
an important aspect of quality of service (QOS). In this paper, we designed and simulated an adaptable and
efficient scheme to guarantee the correctness of user data stored in the cloud and also with some prominent
features. Homomorphic token is used for distributed verification of erasure β coded data. By using this
scheme, we can identify misbehaving servers. In spite of past works, our scheme supports effective and
secure dynamic operations on data blocks such as data insertion, deletion and modification. In contrast to
traditional solutions, where the IT services are under proper physical, logical and personnel controls,
cloud computing moves the application software and databases to the large data centres, where the data
management and services may not be absolutely truthful. This effective security and performance analysis
describes that the proposed scheme is extremely flexible against malicious data modification, convoluted
failures and server clouding attacks.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...IJSRD
Β
Now days rapidly increased use of cloud computing in the many organization and IT industries and provides latest software solution with minimum cost. So the cloud computing give us number of benefits with minimum cost and of data accessibility through Internet. The ensuring security risks of the cloud computing is the main factor in the cloud computing environment, The evolving essence is Cloud computing, that is beneficial in cost effective parts, such as capability inflexible computing, decreasing the time period to market and insufficient computing power. By using the complete ability of cloud computing, data are transmitted, processed and stored on the outside cloud service providers. The fact is that, the owner of the data is feeling extremely unconfident to locate their data outer to their own control. Security and Confidentiality of data stored in the cloud are key setbacks in the area of Cloud Computing. Security and Confidentiality are the key issues for cloud storage. This paper proposes a KIST encryption algorithm to concentrate on the security and Confidentiality issues in cloud storage and also compressed cipher text data in order to protect the data stored in the cloud.
"The transition of companies to cloud-based will be quicker for some and slower for others depending on their individual circumstances, But the change will happen."
International Journal of Engineering and Science Invention (IJESI)inventionjournals
Β
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
Β
in cloud computing data storage is a significant issue
because the entire data reside over a set of interconnected
resource pools that enables the data to be accessed through
virtual machines. It moves the application softwareβs and
databases to the large data centers where the management of
data is actually done. As the resource pools are situated over
various corners of the world, the management of data and
services may not be fully trustworthy. So, there are various
issues that need to be addressed with respect to the
management of data, service of data, privacy of data, security
of data etc. But the privacy and security of data is highly
challenging. To ensure privacy and security of data-at-rest in
cloud computing, we have proposed an effective and a novel
approach to ensure data security in cloud computing by means
of hiding data within images following is the concept of
steganography. The main objective of this paper is to prevent
data access from cloud data storage centers by unauthorized
users. This scheme perfectly stores data at cloud data storage
centers and retrieves data from it when it is needed.
NEW SECURE CONCURRECY MANEGMENT APPROACH FOR DISTRIBUTED AND CONCURRENT ACCES...ijiert bestjournal
Β
Handover the critical data to the cloud provider sh ould have the guarantee of security and availabilit y for data at rest,in motion,and in use. Many alternatives sys tems exist for storage services,but the data confi dentiality in the database as a service paradigm are still immature. We propose a novel architecture that integrates clo ud database services paradigm with data confidentiality and exe cuting concurrent operations on encrypted data. Thi s is the method supporting geographically distributed client s to connect directly and access to an encrypted cl oud database,and to execute concurrent and independent operation s by using modifying the database structure. The proposed architecture has also the more advanta ge of removing intermediate proxies that limit the flexibility,availability,and expandability properties that are inbuilt in cloud-based systems. The efficacy of th e proposed architecture is evaluated by theoretical analyses a nd extensive experimental results with the help of prototype implementation related to the TPC-C standard benchm ark for various categories of clients and network l atencies. We propose a multi-keyword ranked search method for the encrypted cloud data databases,which simultan eously fulfill the needs of privacy requirements. The prop osed scheme could return not only the exact matchin g files,but also the files including the terms latent semantica lly associated to the query keyword.
IOSR Journal of Applied Physics (IOSR-JAP) is an open access international journal that provides rapid publication (within a month) of articles in all areas of physics and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in applied physics. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
IOSR Journal of Electronics and Communication Engineering(IOSR-JECE) is an open access international journal that provides rapid publication (within a month) of articles in all areas of electronics and communication engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in electronics and communication engineering. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
IOSR Journal of Applied Physics (IOSR-JAP) is an open access international journal that provides rapid publication (within a month) of articles in all areas of physics and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in applied physics. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Why U.S. Bank Lost Its Case against Ibanez on a Foreclosed Property David Zak Lawyer
Β
A Massachusetts lawyer noted among Hispanic homeowners, David Zak possesses a strong background in mortgage lending laws. Having previously worked with the underwriting and loan origination departments for many financial institutions, David Zak is knowledgeable about real estate title transfers.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Β
Cloud computing provides the facility to access shared resources and common support which contributes services on
demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection
of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious
concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the
cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to
achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that
userβs private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based
privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request
and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing
among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority
sharing is attractive for multi-user collaborative cloud applications.
A Novel Computing Paradigm for Data Protection in Cloud ComputingIJMER
Β
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessmentβ¦. And many more.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Β
Cloud computing provides the facility to access shared resources and common support which contributes services on demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that userβs private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority sharing is attractive for multi-user collaborative cloud applications.
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
Β
Cloud computing is an important transition that makes change in service oriented computing
technology. Cloud service provider follows pay-as-you-go pricing approach which means consumer uses as
many resources as he need and billed by the provider based on the resource consumed. CSP give a quality of
service in the form of a service level agreement. For transparent billing, each billing transaction should be
protected against forgery and false modifications. Although CSPs provide service billing records, they cannot
provide trustworthiness. It is due to user or CSP can modify the billing records. In this case even a third party
cannot confirm that the userβs record is correct or CSPs record is correct. To overcome these limitations we
introduced a secure billing system called THEMIS. For secure billing system THEMIS introduces a concept of
cloud notary authority (CNA). CNA generates mutually verifiable binding information that can be used to
resolve future disputes between user and CSP. This project will produce the secure billing through monitoring
the service level agreement (SLA) by using the SMon module. CNA can get a service logs from SMon and stored
it in a local repository for further reference. Even administrator of a cloud system cannot modify or falsify the
data.
Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces database and application software to the large data centres, where the management of services and data may not be predictable, where as the conventional solutions, for IT services are under proper logical, physical and personal controls. This aspect attribute, however comprises different security challenges which have not been well understood. It concentrates on cloud data storage security which has always been an important aspect of quality of service (QOS). In this paper, we designed and simulated an adaptable and efficient scheme to guarantee the correctness of user data stored in the cloud and also with some prominent features. Homomorphic token is used for distributed verification of erasure β coded data. By using this scheme, we can identify misbehaving servers. In spite of past works, our scheme supports effective and secure dynamic operations on data blocks such as data insertion, deletion and modification. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the data management and services may not be absolutely truthful. This effective security and performance analysis describes that the proposed scheme is extremely flexible against malicious data modification, convoluted failures and server clouding attacks.
Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces database and application software to the large data centres, where the management of services and data may not be predictable, where as the conventional solutions, for IT services are under proper logical, physical and personal controls. This aspect attribute, however comprises different security challenges which have not been well understood. It concentrates on cloud data storage security which has always been an important aspect of quality of service (QOS). In this paper, we designed and simulated an adaptable and efficient scheme to guarantee the correctness of user data stored in the cloud and also with some prominent features. Homomorphic token is used for distributed verification of erasure β coded data. By using this scheme, we can identify misbehaving servers. In spite of past works, our scheme supports effective and secure dynamic operations on data blocks such as data insertion, deletion and modification. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the data management and services may not be absolutely truthful. This effective security and performance analysis describes that the proposed scheme is extremely flexible against malicious data modification, convoluted failures and server clouding attacks.
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...ijsrd.com
Β
Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this article, we focus on cloud data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in the cloud, we propose an effective and flexible cryptography based scheme. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against malicious data modification attack.
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
Β
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
Excellent Manner of Using Secure way of data storage in cloud computingEditor IJMTER
Β
The major challenging issue in Cloud computing is Security. Providing Security is big issue
towards protecting data from third person as well as in Internet. This mainly deals the Security how it is
provided. Various type of services are there to protect our data and Various Services are available in Cloud
Computing to Utilize effective manner as Software as a Service (SaaS), Platform as a Service (PaaS),
Hardware as a Service (HaaS). Cloud computing is the use of computing resources (hardware and
software) that are delivered as a service over Internet network. Cloud Computing moves the Application
software and databases to the large data centres, where the administration of the data and services may not
be fully trustworthy that is in third party here the party has to get certified and authorized. Since Cloud
Computing share distributed resources via network in the open environment thus it makes new security
risks towards the correctness of the data in cloud. I propose in this paper flexibility of data storage
mechanism in the distributed environment by using the homomorphism token generation. In the proposed
system, users need to allow auditing the cloud storage with lightweight communication. While using
Encryption and Decryption methods it is very burden for a single processor. Than the processing
Capabilities can we utilize from Cloud Computing.
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Harnessing the cloud for securely outso...IEEEGLOBALSOFTTECHNOLOGIES
Β
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
Harnessing the cloud for securely outsourcing large scale systems of linear e...IEEEFINALYEARPROJECTS
Β
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
Β
Abstract Data security and Access control is a challenging research work in Cloud Computing. Cloud service users upload there private and confidential data over the cloud. As the data is transferred among the server and client, the data is to be protected from unauthorized entries into the server, by authenticating the userβs and provide high secure priority to the data. So the Experts always recommend using different passwords for different logins. Any normal person cannot possibly follow that advice and memorize all their usernames and passwords. That is where password managers come in. The purpose of this paper is to secure data from unauthorized person using Security blanket algorithm.
Improve HLA based Encryption Process using fixed Size Aggregate Key generationEditor IJMTER
Β
Cloud computing is an innovative idea for IT industries which provides several services to
users. In cloud computing secure authentication and data integrity of data is a major challenge, due to
internal and external threats. For improvement in data security over cloud, various techniques are
used.MAC based authentication is one of them, which suffers from undesirable systematic demerits
which have bounded usage and not secure verification, which may pose additional online load to users,
in a public auditing setting. Reliable and secure auditing are also challenging in cloud. In Cloud auditing
existing audit systems are based on aggregate key HLA algorithm. This algorithm is based on variable
sizes, different aggregate key generation, which encounters with security issues at decryption level.
Current Scheme generates a high length of key decryption that encounters with problem of space
complexity. To overcome these issues, We can improve HLA algorithm by improve aggregate key
generation, based on fixed key size. This algorithm generates constant aggregate key which will
overcomes problem of sharing of keys, security issues and space complexity.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Β
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Β
Clients donβt know what they donβt know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clientsβ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
Β
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Β
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
Β
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Β
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
Β
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
β’ The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
β’ Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
β’ Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
β’ Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Β
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But thereβs more:
In a second workflow supporting the same use case, youβll see:
Your campaign sent to target colleagues for approval
If the βApproveβ button is clicked, a Jira/Zendesk ticket is created for the marketing design team
Butβif the βRejectβ button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Β
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overviewβ
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
JMeter webinar - integration with InfluxDB and Grafana
Β
F01113945
1. IOSR Journal of Computer Engineering (IOSR-JCE)
e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 11, Issue 1 (May. - Jun. 2013), PP 39-45
www.iosrjournals.org
www.iosrjournals.org 39 | Page
Public Verifiability in Cloud Computing Using Signcryption
Based on Elliptic Curves
Jahnvi S. Kapadia1
, Prof. Mehul P. Barot2
1
(Computer engineering, LDRP ITR, Gandhinagar/GTU university, India)
2
(Computer engineering, LDRP ITR, Gandhinagar/GTU university, India)
Abstract : Cloud computing is a computing paradigm that involves outsourcing of computing
resources with the capabilities of expendable resource scalability, on-demand provisioning with little
or no up-front IT infrastructure investment costs. It has recently emerged as a promising hosting
platform that performs an intelligent usage of a collection of services, applications, information and
infrastructure comprised of pools of computer, network, information and storage resources. However
along with these advantages, storing a large amount of data including critical information on the
cloud motivates highly skilled hackers thus creating a need for the security to be considered as one of
the top issues while considering Cloud Computing. In the cloud storage model, data is stored on
multiple virtualized servers. Physically the resources will span multiple servers and can even span
storage sites. We have proposed an effective scheme to ensure the correctness of userβs data on cloud
data storage and public verifiability without demanding userβs time, feasibility or resources.
Whenever data corruption is detected during the storage correctness verification, this scheme can
almost guarantee the simultaneous localization of data errors and the identification of the
misbehaving server(s).
Keywords - Elliptic Curves, Homomorphic, Signcryption, Unsigncryption.
I. INTRODUCTION
Let's say you're an executive at a large corporation. Your particular responsibilities include making
sure that all of your employees have the right hardware and software they need to do their jobs. Buying
computers for everyone isn't enough; you also have to purchase software or software licenses to give employees
the tools they require. Whenever you have a new hire, you have to buy more software or make sure your current
software license allows another user. It's a stressful work.
Soon, there may be an alternative for executives like you. Instead of installing a suite of software for
each computer, you'd only have to load one application. That application would allow workers to log into a
Web-based service which hosts all the programs the user would need for his or her job. Remote machines owned
by another company would run everything from e-mail to word processing to complex data analysis programs.
It's called cloud computing, and it could change the entire computer industry.
Cloud computing is a computing paradigm that involves outsourcing of computing resources with the
capabilities of expendable resource scalability, on-demand provisioning with little or no up-front IT
infrastructure investment costs[1]. It has recently emerged as a promising hosting platform that performs an
intelligent usage of a collection of services, applications, information and infrastructure comprised of pools of
computer, network, information and storage resources. Moving data into the cloud offers great convenience to
users since they donβt have to care about the complexities of direct hardware management. The pioneer of Cloud
Computing vendors, Amazon Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2) [web-
ensuring] are both well known examples. While these internet-based online services do provide huge amounts of
storage space and customizable computing resources, this computing platform shift, however, is eliminating the
responsibility of local machines for data maintenance at the same time. As a result, users are at the mercy of
their cloud service providers for the availability and integrity of their data.
However along with this advantage of storing a large amount of data including critical information on
the cloud motivates highly skilled hackers and creates a need for the security to be considered as one of the top
issues while considering Cloud Computing. Data security for such a cloud service encompasses several aspects
including secure channels, access controls, and encryption. And, when we consider the security of data in a
cloud, we must consider the security triad: confidentiality, integrity, and availability [2]. In the cloud storage
model, data is stored on multiple virtualized servers. Physically the resources will span multiple servers and can
even span storage sites. Thus an effective scheme to ensure the correctness of userβs data on cloud must be
utilized.
2. Public Verifiability in Cloud Computing Using Signcryption Based on Elliptic Curves
www.iosrjournals.org 40 | Page
The scheme proposed here relies on erasure-correcting code in the file distribution preparation to
provide redundancies and guarantee the data dependability. By utilizing the homomorphic token with distributed
verification of erasure-coded data, this scheme achieves the storage correctness insurance as well as data error
localization. Whenever data corruption has been detected during the storage correctness verification, this
scheme can almost guarantee the simultaneous localization of data errors and the identification of the
misbehaving server(s).The key feature of this scheme is that it uses signcryption/unsigncryption schemes based
on elliptic curves to enforce public verifiability which is an enhancement to a previously described cloud system
model in [3]
II. PROPOSED SYSTEM
1. SYSTEMβS COMPONENTS
Representative network architecture for cloud data storage for the system we have proposed is
illustrated in figure 1.
Four different network entities of this system can be identified as follows:
ο§ User: users, who have data to be stored in the cloud and rely on the cloud for data computation, consist
of both individual consumers and organizations.
ο§ Cloud Service Provider (CSP): a CSP, who has significant resources and expertise in building and
managing distributed cloud storage servers, owns and operates live Cloud Computing systems.
ο§ Authentication Server (AS): an authentication server, who has expertise and capabilities that users
may not have, is trusted to assess and expose risk of cloud storage services on behalf of the users upon
request.
ο§ Certificate Authority (CA): a certification authority provides certificates for authentication and
identification to User and AS.
In cloud data storage, a user stores his data through a CSP into a set of cloud servers, which are running
in a simultaneous, cooperated and distributed manner. Data redundancy can be employed with technique of
erasure-correcting code to further tolerate faults or server crash as userβs data grows in size and importance.
Thereafter, for application purposes, the user interacts with the cloud servers via CSP to access or retrieve his
data. In some cases, the user may need to perform block level operations on his data. The most general forms of
these operations considered are block update, delete, insert and append.
As users no longer possess their data locally, it is of critical importance to assure users that their data
are being correctly stored and maintained. That is, users should be equipped with security means so that they
can make continuous correctness assurance of their stored data even without the existence of local copies. As
the users do not necessarily have the time, feasibility or resources to monitor their data, this task is delegated the
Authentication Server which uses signcryption scheme based on Elliptic Curves has been used for this purpose.
One of the key issues is to effectively detect any unauthorized data modification and corruption, possibly due to
server compromise and/or random Byzantine failures [3]. Besides, in the distributed case when such
inconsistencies are successfully detected, to find which server the data error lies in is also of great significance,
since it can be the first step to fast recover the storage errors. To address these problems, the main scheme for
ensuring cloud data storage is presented in next section.
Fig 1: proposed system model
3. Public Verifiability in Cloud Computing Using Signcryption Based on Elliptic Curves
www.iosrjournals.org 41 | Page
1.1 NOTATION AND PRELIMINARIES
Domain parameters of the proposed scheme consist of a suitably selected elliptic curve E defined over
a finite field Fq with the Weierstrass equation of the form y2
= x3
+ ax + b and a base point G Π E(Fq ) in which
q is a large prime number. In order to make the elliptic curve non-singular, a,b Π Fq should satisfy 4a3
+ 27b2
β
0(mod q) . To guard against small subgroup attacks, the point G should be of a prime order n or equivalently,
nG = O where O denotes the point of elliptic curve at infinity, and we should have n > 4 βq. To protect against
other known attacks on special classes of elliptic curves, n should not divide qi
-1 for all 1 β€ i β€V (V = 20
suffices in practice), n β q should be satisfied, and the curve should be non-super singular [4].To retain the
intractability of ECDLP, n should at least satisfy n > 2160
for the common applications.
WU: A randomly select integer which is a Private Key of User (πU ΠR[1, π β 1])
WU: Public Key of User calculates as WU = wUG
IDU: A unique User identifier.
WA: A randomly select integer which is a Private Key of AS (πA ΠR[1, π β 1]).
WA: Public Key of User calculates as WA = wAG
IDA: A unique AS identifier.
CertU: Digital certificate for public key of user from CA
CertA: Digital certificate for public key of AS from CA
If CA is not involved in the public key generation, it is necessary for CA to verify that each entity
really possesses the corresponding private key of its claimed public key. This can be accomplished by a zero-
knowledge technique. It should also be verified that the public keys belong to the main group.
π : The data file to be stored. It is assumed that πΉ can be denoted as a matrix of π equal-sized data vectors, each
consisting of π blocks. Data blocks are all well represented as elements in Galois Field πΊπΉ(2π) for π =
8 ππ 16.
π: The dispersal matrix used for Reed-Solomon coding.
π: The encoded file matrix, which includes a set of π = π + π vectors, each consisting of π blocks.
ππππ(Β·): Pseudorandom function (PRF), which is defined as π βΆ {0, 1} β Γ πππ¦ β πΊπΉ(2π).
Π€πππ (Β·): Pseudorandom permutation (PRP), which is defined as Π€: {0, 1}πππ2(π) Γ πππ¦ β {0, 1} πππ2(π).
π½ππ: A version number bound with the index for individual blocks, which records the times the block has been
modified. Initially it is assumed that π£ππ is 0 for all data blocks.
πΊ ππ πππ: The seed for PRF, which depends on the file name, block indexπ, the server position π as well as the
optional block version numberπ£ππ.
1.2 PHASES AND FLOW OF THE PROPOSED SCHEME
Different phases of the scheme where different techniques applied and the flow of data distribution,
encryption and authentication is listed as follows:
Phase 1: file distribution preparation.
ο§ Done by user
ο§ Using erasure-correcting code
Phase 2: Token Pre-computation.
ο§ Done by User
ο§ Homomorpic tokens are generated using token pre-computation algorithm
Phase 3: Signcryption of pre-computed Tokens.
ο§ Done by User
ο§ Using Signcrption Scheme based on elliptic curves
Phase 4: Unsigncryption of Tokens.
ο§ Done by AS
ο§ Using Unsigncryption Scheme
Phase 5: Correctness Verification and Error Localization.
ο§ Using Challenge Token Pre-computation algorithm
Phase 6: File Retrieval and Error Recovery.
ο§ Using Error Recovery algorithm
III. FILE DISTRIBUTION PREPARATION
It is well known that erasure-correcting code may be used to tolerate multiple failures in distributed
storage systems. In cloud data storage, we relay on this technique to disperse the data file πΉ redundantly across a
set of π = π + π distributed servers. A (π + π, π) Reed-Solomon erasure-correcting code is used to create k
4. Public Verifiability in Cloud Computing Using Signcryption Based on Elliptic Curves
www.iosrjournals.org 42 | Page
redundancy parity vectors from π data vectors in such a way that the original π data vectors can be
reconstructed from any π out of the m + k data and parity vectors. By placing each of the m + k vectors on a
different server, the original data file can survive the failure of any π of the π + π servers without any data
loss, with a space overhead of π/π. For support of efficient sequential I/O to the original file, our file layout is
systematic, i.e., the unmodified π data file vectors together with π parity vectors are distributed across π + π
different servers [3].
Let π = (πΉ1, πΉ2, . . . , πΉπ) and πΉπ = (π1π, π2π, . . . , πππ)π (π β {1, . . . , π}), where π β€ 2π β 1.
Note all these blocks are elements of πΊπΉ(2π). The systematic layout with parity vectors is achieved with the
information dispersal matrixπ΄, derived from π Γ (π + π) Vandermonde matrix.
, where π½π (π β {1, . . . , π}) are distinct elements
randomly picked fromπΊπΉ(2π). After a sequence of elementary row transformations, the desired matrix π΄ can be
written as
Where πΌ is a π Γ π identity matrix and π is the secret parity generation matrix with size π Γ π. Note that π΄ is
derived from a Vandermonde matrix, thus it has the property that any π out of the π + π columns form an
invertible matrix. By multiplying π by π¨, the user obtains the encoded file:
πΊ = πΉ Β· π΄ = (πΊ(1), πΊ(2), . . . , πΊ(π), πΊ(π + 1), . . . , πΊ(π)) = (πΉ1, πΉ2, . . . , πΉπ, πΊ(π + 1), . . . , πΊ(π)),
where πΊ(π) = (π(π)1 , π(π)2 , . . . , π(π) π )π (π β {1, . . . , π}).
As noticed, the multiplication reproduces the original data file vectors of π and the remaining part (πΊ π +
1,β¦,πΊ(π)) are π parity vectors generated based on π.
IV. CHALLENGE TOKEN PRECOMPUTATION
In order to achieve assurance of data storage correctness and data error localization simultaneously, this
scheme entirely relies on the pre-computed verification tokens. The main idea is as follows: before file
distribution the user pre-computes a certain number of short verification tokens on individual vector G(j) (j β
{1, . . . , n}), each token covering a random subset of data blocks. Later, when the user wants to make sure the
storage correctness for the data in the cloud, he challenges the cloud servers with a set of randomly generated
block indices. Upon receiving challenge, each cloud server computes a short βsignatureβ over the specified
blocks and returns them to the user. The values of these signatures should match the corresponding tokens pre-
computed by the user. Meanwhile, as all servers operate over the same subset of the indices, the requested
response values for integrity check must also be a valid codeword determined by secret matrix P.
Suppose the user wants to challenge the cloud servers π‘ times to ensure the correctness of data storage.
Then, he must pre-compute π‘ verification tokens for each πΊ(π) (π β {1, . . . , π}), using a PRF π(Β·), a PRP Π€(Β·),
a challenge key πππππ and a master permutation key πΎPRP. To generate the πth
token for server π, the user acts as
follows:
1. Derive a random challenge value βΊi of GF(2p
) by βΊi = fkchal (i) and a permutation key k(i)
prp based on
KPRP .
2. Compute the set of π randomly-chosen indices: {πΌπ β [1, . . . , π]|1 β€ π β€ π},where Iq = Π€kprp
(i)
(q).
3. Calculate the token as:
Note that v(j)i , which is an element of GF(2p) with small size, is the response the user expects to receive from
server j when he challenges it on the specified data blocks.
The details of token generation are shown in Algorithm 1.
5. Public Verifiability in Cloud Computing Using Signcryption Based on Elliptic Curves
www.iosrjournals.org 43 | Page
Algorithm 3.1: Token Pre-computation
V. SIGNCRYPTION OF PRE-COMPUTED TOKENS
After token generation, the user generates the signcrypted text (R,C, s) by following the below steps
[4][5]:
1) Checks the validity of CertA and uses it for verifying WA.
The process of certificate validation includes:
a. Verifying the integrity and authenticity of the certificate by verifying the CA's signature on
the certificate.
b. Verifying that the certificate is not expired.
c. Verifying that the certificate is not revoked.
2) Randomly selects an integer π ΠR[1, π β 1] .
3) Computes π = ππΊ where π = (xR , yR ) in which xR / yR denotes the π₯/π¦-coordinate of the point π .
4) Computes πΎ = (r + αΊRwU )WA where πΎ = (xK , yK ) ,and in which
is the bit length of n, denotes the floor, and indicates the ceiling. If
πΎ = π user goes back to step 2 otherwise, it drives the session key of encryption as k = H(xK || IDU ||
yK || IDc ) in which H is a oneway hash function that generates the required number of bits as the secret
key of deployed symmetric encryption algorithm, and || denotes the concatenation.
5) Computes the ciphertext as πΆ = πΈπ (π) in which Ek(.) denotes a strong symmetric encryption
algorithm (e.g. AES) that uses session key k for the encryption.
6) Computes the digital signature as π = π‘π€A β π(πππ π) in which t = H(C || xR || IDU || yR || IDc ) .
7) Sends the signcrypted text i.e token (R,C, s) to Authentication Server.
VI. UNSIGNCRYPTION OF TOKENS.
AS who received the signcrypted text (R,C, s) , follows the below steps to extract the plaintext and
verify the signature[4][5]:
1) Checks the validity of CertU and uses it for verifying WU.
2) Computes K = wA (R + αΊRWU ) = (xK , yK ) and derives the session key as k = H(xK || IDU || yK || IDA ) .
3) Decrypts the ciphertext as π = π·k (πΆ).
4) Computes t = H(C || xR || IDU || yR || IDA).
5) Accepts M as the correct plaintext of User if and only if π πΊ + π = π‘ππ΄ .Otherwise, he rejects M.
Once all tokens are computed, sent encrypted and success acknowledgement message is received from
AS to User, the final step before file distribution is to blind each parity block gi
(j)
in (πΊ(π + 1), . . . , πΊ(π)) by
π(π)π β π(π) π + πππ (π ππ ), π β {1, . . . , π}, where πj is the secret key for parity vector πΊ(π) (π β {π +
6. Public Verifiability in Cloud Computing Using Signcryption Based on Elliptic Curves
www.iosrjournals.org 44 | Page
1, . . . , π}). This is for protection of the secret matrix π. After blinding the parity information, the user disperses
all the π encoded vectors πΊ(π) (π β {1, . . . , π}) across the cloud servers π1, π2, . . . , ππ.
VII. CORRECTNESS VERIFICATION AND ERROR LOCALIZATION
Error localization is a key prerequisite for eliminating errors in storage systems. However, many
previous schemes do not explicitly consider the problem of data error localization, thus only provide binary
results for the storage verification. Proposed scheme outperforms those by integrating the correctness
verification and error localization in the challenge-response protocol: the response values from servers for each
challenge not only determine the correctness of the distributed storage, but also contain information to locate
potential data error(s). Specifically, the procedure of the i-th challenge-response for a cross-check over the π
servers is described as follows:
ο§ The user reveals the βΊi as well as the i-th permutation key k(i)
prp to each servers.
ο§ The server storing vector G(j)
aggregates those π rows specified by index k(i)
prp into a linear
combination:
ο§ Upon receiving R(j)
is from all the servers, the user takes away blind values in R(j)
(j β {m+ 1, . . . , n})
by:
ο§ Then the user verifies whether the received values remain a valid codeword determined by secret
matrix P:
Because all the servers operate over the same subset of indices, the linear aggregation of these r specified rows
(R(1)i , . . . ,R(n)i ) has to be a codeword in the encoded file matrix. If the above equation holds, the challenge is
passed. Otherwise, it indicates that among those specified rows, there exist file block corruptions. Once the
inconsistency among the storage has been successfully detected, one can rely on the pre-computed verification
tokens to further determine where the potential data error(s) lies in. Note that each response R(j) i is computed
exactly in the same way as token v(j) i , thus the user can simply find which server is misbehaving by verifying
the following n equations:
Algorithm 2 gives the details of correctness verification and error localization.
Algorithm 2
7. Public Verifiability in Cloud Computing Using Signcryption Based on Elliptic Curves
www.iosrjournals.org 45 | Page
VIII. FILE RETRIEVAL AND ERROR RECOVERY
Since the layout of file matrix is systematic, the user can reconstruct the original file by downloading
the data vectors from the first m servers, assuming that they return the correct response values. Notice that the
verification scheme is based on random spot-checking, so the storage correctness assurance is a probabilistic
one. However, by choosing system parameters (e.g., r, l, t) appropriately and conducting enough times of
verification, this scheme can guarantee the successful file retrieval with high probability. On the other hand,
whenever the data corruption is detected, the comparison of pre-computed tokens and received response values
can guarantee the identification of misbehaving server(s), again with high probability, which will be discussed
shortly. Therefore, the user can always ask servers to send back blocks of the r rows specified in the challenge
and regenerate the correct blocks by erasure correction, shown in Algorithm 3, as long as there are at most k
misbehaving servers are identified. The newly recovered blocks can then be redistributed to the misbehaving
servers to maintain the correctness of storage.
Algorithm 3
IX. CONCLUSION
Cloud Computing is gaining remarkable popularity in the recent years for its benefits in terms of
flexibility, scalability, reliability and cost effectiveness. Despite all the promises however, Cloud Computing has
one problem, Security so in this thesis, we have studied the problem of data security in cloud data storage,
various schemes proposed to ensure the correctness of usersβs data in the cloud server and have proposed a
scheme which includes Public Verifiability using signcryption.
In this scheme signature generation algorithm and key pair generation algorithm needs a random
number to be generated. Using this random number as seed private keys is generated. Similarly secret integer
βKβ generated during signature verification algorithm should also be random in nature. An attacker can exploit
this vulnerability if the algorithm used to generate the random number is not cryptographically secure i.e. it
should be unpredictable. So probability of any given value being selected should be very small. As a future
scope of this work cryptographically secure random number should be included while generating private keys.
REFERENCES
[1] Keane an NTT DATA Company, βCloud Computingβ.
[2] K. Kajendran, J.James Jeyaseelan J. Jakkulin Joshi, βAn Approach For Secured Data Storage Using Cloud Computingβ,
International Journal of Computer Trends and Technology, 2011.
[3] Cong Wang, Qian Wang, Kui Ren , Wenjing Lou, βEnsuring Data Storage Security in Cloud Computingβ.
[4] Yuliang Zheng, βSigncryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) +Cost(Encryption)β,1999.
[5] Yuliang Zheng, Hideki Imai, βHow to construct efficient signcryption schemes on elliptic curvesβ, Information Processing Letters
68 (1998) 227β233,1988.