This document provides an overview of file security systems and encryption techniques. It begins with an introduction to access control and the need to protect important files from unauthorized access. It then reviews 13 relevant research papers on topics like parallel AES encryption on GPUs, key management in secure network file systems, image encryption using color, and evaluations of existing file security systems. The document discusses techniques like separating key management from file security, hybrid encryption algorithms, and performance evaluations of encrypted file systems. Overall, it covers a range of cryptographic techniques and file security systems aimed at securely storing and sharing files.
Multi-part Dynamic Key Generation For Secure Data EncryptionCSCJournals
Storage of user or application-generated user-specific private, confidential data on a third party storage provider comes with its own set of challenges. Although such data is usually encrypted while in transit, securely storing such data at rest presents unique security challenges. The first challenge is the generation of encryption keys to implement the desired threat containment. The second challenge is secure storage and management of these keys. This can be accomplished in several ways. A naive approach can be to trust the boundaries of a secure network and store the keys within these bounds in plain text. A more sophisticated method can be devised to calculate or infer the encryption key without explicitly storing it. This paper focuses on the latter approach. Additionally, the paper also describes the implementation of a system that in addition to exposing a set of REST APIs for secure CRUD operations also provides a means for sharing the data among specific users.
A Secure MSSS Scheme and AES Encryption over Cloud DataEditor IJCATR
In this era Cloud plays a vital role in storage of all type of data. Thus the availability of data also increased. The data can be
subscribed and maintained comfortably. It also solves the problem of excess computation cycles, software updates and handling high
loads of data. AES is the encryption techniques used by worldwide. Most Significant Single Keyword Search (MSSS) is efficient
search that uses Most Significant Digit (MSD) Radix Sort. The main challenge facing are security of data in Cloud. In this we propose
Secure MSSS Scheme and AES Encryption over Cloud Data. AES is a symmetric encryption block cipher which allows different key
length. Encryption is performed by interchanging characters of key and data. In this we are using a private cloud. The data uploaded to
cloud is stored as encrypted file. Encryption performed using AES encryption algorithm. The data stored in the cloud is accessed by
the allowed users of private cloud and searching of data done using MSSS. The MSSS scheme is faster soring array strings. Encryption
solves the problem of security to an extent. AES will have 10, 12, 14 rounds of encryption.
A novel cloud storage system with support of sensitive data applicationijmnct
Most users are willing to store their data in the c
loud storage system and use many facilities of clou
d. But
their sensitive data applications faces with potent
ial serious security threats. In this paper, securi
ty
requirements of sensitive data application in the c
loud are analyzed and improved structure for the ty
pical
cloud storage system architecture is proposed. The
hardware USB-Key is used in the proposed architectu
re
for purpose of enhancing security of user identity
and interaction security between the users and the
cloud
storage system. Moreover, drawn from the idea of da
ta active protection, a data security container is
introduced in the system to enhance the security of
the data transmission process; by encapsulating th
e
encrypted data, increasing appropriate access contr
ol and data management functions. The static data
blocks are replaced with a dynamic executable data
security container. Then, an enhanced security
architecture for software of cloud storage terminal
is proposed for more adaptation with the user's sp
ecific
requirements, and its functions and components can
be customizable. Moreover, the proposed architectur
e
have capability of detecting whether the execution
environment is according with the pre-defined
environment requirements.
Semantic annotation, which is considered one of the semantic web applicative aspects, has been adopted by researchers from different communities as a paramount solution that improves searching and retrieval of information by promoting the richness of the content. However, researchers are facing challenges concerning both the quality and the relevance of the semantic annotations attached to the annotated document against its content as well as its semantics, without ignoring those regarding automation process which is supposed to ensure an optimal system for information indexing and retrieval. In this article, we will introduce the semantic annotation concept by presenting a state of the art including definitions, features and a classification of annotation systems. Systems and proposed approaches in the field will be cited, as well as a study of some existing annotation tools. This study will also pinpoint various problems and limitations related to the annotation in order to offer solutions for our future work.
Providing Secure Cloud for College Campusvivatechijri
In colleges data stored on the server can be access by any college staff, student or professor. Data is
very important and should not be altered or accessed without permission of its owner. But in these type of medium
scale organizations server can be access by anyone. A better approach to maintain the data security and
sustainable storage is cloud. Cloud provides user management for authentication and authorized access of stored
data. Since data is upload in cloud through network therefore its security during this phase is very important.
For this, encryption algorithms can be used to protect it from hacker. It provides efficient way to carryout
operations such as uploading and downloading data. An efficient use of storage should be a primary concern for
which data deduplication technique can be applied. Using this technique uploading of duplicate files can be
avoided.
Multi-part Dynamic Key Generation For Secure Data EncryptionCSCJournals
Storage of user or application-generated user-specific private, confidential data on a third party storage provider comes with its own set of challenges. Although such data is usually encrypted while in transit, securely storing such data at rest presents unique security challenges. The first challenge is the generation of encryption keys to implement the desired threat containment. The second challenge is secure storage and management of these keys. This can be accomplished in several ways. A naive approach can be to trust the boundaries of a secure network and store the keys within these bounds in plain text. A more sophisticated method can be devised to calculate or infer the encryption key without explicitly storing it. This paper focuses on the latter approach. Additionally, the paper also describes the implementation of a system that in addition to exposing a set of REST APIs for secure CRUD operations also provides a means for sharing the data among specific users.
A Secure MSSS Scheme and AES Encryption over Cloud DataEditor IJCATR
In this era Cloud plays a vital role in storage of all type of data. Thus the availability of data also increased. The data can be
subscribed and maintained comfortably. It also solves the problem of excess computation cycles, software updates and handling high
loads of data. AES is the encryption techniques used by worldwide. Most Significant Single Keyword Search (MSSS) is efficient
search that uses Most Significant Digit (MSD) Radix Sort. The main challenge facing are security of data in Cloud. In this we propose
Secure MSSS Scheme and AES Encryption over Cloud Data. AES is a symmetric encryption block cipher which allows different key
length. Encryption is performed by interchanging characters of key and data. In this we are using a private cloud. The data uploaded to
cloud is stored as encrypted file. Encryption performed using AES encryption algorithm. The data stored in the cloud is accessed by
the allowed users of private cloud and searching of data done using MSSS. The MSSS scheme is faster soring array strings. Encryption
solves the problem of security to an extent. AES will have 10, 12, 14 rounds of encryption.
A novel cloud storage system with support of sensitive data applicationijmnct
Most users are willing to store their data in the c
loud storage system and use many facilities of clou
d. But
their sensitive data applications faces with potent
ial serious security threats. In this paper, securi
ty
requirements of sensitive data application in the c
loud are analyzed and improved structure for the ty
pical
cloud storage system architecture is proposed. The
hardware USB-Key is used in the proposed architectu
re
for purpose of enhancing security of user identity
and interaction security between the users and the
cloud
storage system. Moreover, drawn from the idea of da
ta active protection, a data security container is
introduced in the system to enhance the security of
the data transmission process; by encapsulating th
e
encrypted data, increasing appropriate access contr
ol and data management functions. The static data
blocks are replaced with a dynamic executable data
security container. Then, an enhanced security
architecture for software of cloud storage terminal
is proposed for more adaptation with the user's sp
ecific
requirements, and its functions and components can
be customizable. Moreover, the proposed architectur
e
have capability of detecting whether the execution
environment is according with the pre-defined
environment requirements.
Semantic annotation, which is considered one of the semantic web applicative aspects, has been adopted by researchers from different communities as a paramount solution that improves searching and retrieval of information by promoting the richness of the content. However, researchers are facing challenges concerning both the quality and the relevance of the semantic annotations attached to the annotated document against its content as well as its semantics, without ignoring those regarding automation process which is supposed to ensure an optimal system for information indexing and retrieval. In this article, we will introduce the semantic annotation concept by presenting a state of the art including definitions, features and a classification of annotation systems. Systems and proposed approaches in the field will be cited, as well as a study of some existing annotation tools. This study will also pinpoint various problems and limitations related to the annotation in order to offer solutions for our future work.
Providing Secure Cloud for College Campusvivatechijri
In colleges data stored on the server can be access by any college staff, student or professor. Data is
very important and should not be altered or accessed without permission of its owner. But in these type of medium
scale organizations server can be access by anyone. A better approach to maintain the data security and
sustainable storage is cloud. Cloud provides user management for authentication and authorized access of stored
data. Since data is upload in cloud through network therefore its security during this phase is very important.
For this, encryption algorithms can be used to protect it from hacker. It provides efficient way to carryout
operations such as uploading and downloading data. An efficient use of storage should be a primary concern for
which data deduplication technique can be applied. Using this technique uploading of duplicate files can be
avoided.
Cloud computing has become an integral part of most of the private and public organizations and being used for data storage and retrieval. There are many usage of cloud computing and widely used in highly confidential national services like military and treasury for storing confidential information. The cloud computing for example Google drive, Amazon Web Service and Microsoft Azure are beneficial for organizations and end-users. Using Cloud computing and its services, organisation/end-users can store their data. There are multiple challenges while saving organisations highly confidential documents in servers. Hence, the objective of this paper is to provide a high level design for a storage system maximising security and personal privacy. Though servers are highly protected against unauthorized access, there are incidents where confidential files stored on servers are accessed by the maintenance staffs. Hence this research paper provides introductory structure for fully protection of files stored in the server by using Hybrid Cryptosystem.
Securely Data Forwarding and Maintaining Reliability of Data in Cloud ComputingIJERA Editor
Cloud works as an online storage servers and provides long term storage services over the internet. It is like a third party in whom we can store a data so they need data confidentiality, robustness and functionality. Encryption and encoding methods are used to solve such problems. After that divide proxy re-encryption scheme and integrating it with a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure, robust data storage and retrieval but also lets the user forward his data to another user without retrieving the data. A concept of backup in same server allows users to retrieve failure data successfully in the storage server and also forward to another user without retrieving the data back. This is an attempt to provide light-weight approach which protects data access in distributed storage servers. User can implement all important concept i.e. Confidentiality for security, Robustness for healthy data, Reliability for flexible data, Availability for compulsory data will be achieved to another user which is store in cloud and easily overcome problem of “Securely data forwarding and maintaining, reliability of data in cloud computing “using different type of Methodology and Technology.
File transfer with multiple security mechanismShubham Patil
The system enhances the security and the data confidentiality between the users and receiver by the two-layer encryption mechanism and the QR code for verification. The system consists of three main components which are very important to providing the security between sender and receiver while transmitting the data
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEijdms
Oracle is one of the largest vendors and the best DBMS solution of Object Relational DBMS in the IT world. Oracle Database is one of the three market-leading database technologies, along with Microsoft SQL Server's Database and IBM's DB2. Hence in this paper, we have tried to answer the million-dollar question “What is user’s responsibility to harden the oracle database for its security?” This paper gives practical guidelines for hardening the oracle database, so that attacker will be prevented to get access into the database. The practical lookout for protecting TNS, Accessing Remote Server and Prevention, Accessing Files on Remote Server, Fetching Environment Variables, Privileges and Authorizations, Access Control, writing security policy, Database Encryption, Oracle Data Mask, Standard built in Auditing and Fine Grained Auditing (FGA) is illustrated with SQL syntax and executed with suitable real life examples and its output is tested and verified. This structured method acts as Data Invictus wall for the attacker and protect user’s database.
A novel secure e contents system for multi-media interchange workflows in e-l...IJCNCJournal
The goal of e-learning is to benefit from the capabilities offered by new information technology (such as
remote digital communications, multimedia, internet, cell phones, teleconferences, etc.) and to enhance the
security of several government organizations so as to take into considerations almost all the contents of elearning
such as: information content, covering most of citizens or state firms or corporations queries.
Content provides a service to provide most if not all basic and business services; content of communicative
link provides the citizen and the state agencies together all the time and provides content security for all
workers on this network to work in securely environment. Access to information as well is safeguarded. The
main objective of this research is to build a novel multi-media security system (encrypting / decrypting
system) that will enable E-learning to exchange more secured multi-media data/information.
A Novel Approach Using Advanced Encryption Standard to Implement Hard Disk Se...IJNSA Journal
The objective of the paper is to develop an proficient and economical method for Hard Disk Drive(HDD) Security. The task is implemented using Full Disk Encryption (FDE) with Advanced Encryption Standards(AES) for data security of Personal Computers(PCS) and Laptops . The focus of this work is to authenticate and protect the content of HDD from illegal use. The paper proposes a novel approach for protecting a HDD based on Partial Disk Encryption(PDE) which one of the flavour of FDE. The
proposed method is labelled as DiskTrust. FDE encrypts entire content or a single volume on your disk. Symmetric key uses same key for encryption as well for decryption. DiskTrust uses these two technology to build cost effective solution for small scale applications. Finally, the applicability of these methodologies for HDD security will be evaluated on a set of data files with different key sizes.
Cloud computing has become an integral part of most of the private and public organizations and being used for data storage and retrieval. There are many usage of cloud computing and widely used in highly confidential national services like military and treasury for storing confidential information. The cloud computing for example Google drive, Amazon Web Service and Microsoft Azure are beneficial for organizations and end-users. Using Cloud computing and its services, organisation/end-users can store their data. There are multiple challenges while saving organisations highly confidential documents in servers. Hence, the objective of this paper is to provide a high level design for a storage system maximising security and personal privacy. Though servers are highly protected against unauthorized access, there are incidents where confidential files stored on servers are accessed by the maintenance staffs. Hence this research paper provides introductory structure for fully protection of files stored in the server by using Hybrid Cryptosystem.
Securely Data Forwarding and Maintaining Reliability of Data in Cloud ComputingIJERA Editor
Cloud works as an online storage servers and provides long term storage services over the internet. It is like a third party in whom we can store a data so they need data confidentiality, robustness and functionality. Encryption and encoding methods are used to solve such problems. After that divide proxy re-encryption scheme and integrating it with a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure, robust data storage and retrieval but also lets the user forward his data to another user without retrieving the data. A concept of backup in same server allows users to retrieve failure data successfully in the storage server and also forward to another user without retrieving the data back. This is an attempt to provide light-weight approach which protects data access in distributed storage servers. User can implement all important concept i.e. Confidentiality for security, Robustness for healthy data, Reliability for flexible data, Availability for compulsory data will be achieved to another user which is store in cloud and easily overcome problem of “Securely data forwarding and maintaining, reliability of data in cloud computing “using different type of Methodology and Technology.
File transfer with multiple security mechanismShubham Patil
The system enhances the security and the data confidentiality between the users and receiver by the two-layer encryption mechanism and the QR code for verification. The system consists of three main components which are very important to providing the security between sender and receiver while transmitting the data
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEijdms
Oracle is one of the largest vendors and the best DBMS solution of Object Relational DBMS in the IT world. Oracle Database is one of the three market-leading database technologies, along with Microsoft SQL Server's Database and IBM's DB2. Hence in this paper, we have tried to answer the million-dollar question “What is user’s responsibility to harden the oracle database for its security?” This paper gives practical guidelines for hardening the oracle database, so that attacker will be prevented to get access into the database. The practical lookout for protecting TNS, Accessing Remote Server and Prevention, Accessing Files on Remote Server, Fetching Environment Variables, Privileges and Authorizations, Access Control, writing security policy, Database Encryption, Oracle Data Mask, Standard built in Auditing and Fine Grained Auditing (FGA) is illustrated with SQL syntax and executed with suitable real life examples and its output is tested and verified. This structured method acts as Data Invictus wall for the attacker and protect user’s database.
A novel secure e contents system for multi-media interchange workflows in e-l...IJCNCJournal
The goal of e-learning is to benefit from the capabilities offered by new information technology (such as
remote digital communications, multimedia, internet, cell phones, teleconferences, etc.) and to enhance the
security of several government organizations so as to take into considerations almost all the contents of elearning
such as: information content, covering most of citizens or state firms or corporations queries.
Content provides a service to provide most if not all basic and business services; content of communicative
link provides the citizen and the state agencies together all the time and provides content security for all
workers on this network to work in securely environment. Access to information as well is safeguarded. The
main objective of this research is to build a novel multi-media security system (encrypting / decrypting
system) that will enable E-learning to exchange more secured multi-media data/information.
A Novel Approach Using Advanced Encryption Standard to Implement Hard Disk Se...IJNSA Journal
The objective of the paper is to develop an proficient and economical method for Hard Disk Drive(HDD) Security. The task is implemented using Full Disk Encryption (FDE) with Advanced Encryption Standards(AES) for data security of Personal Computers(PCS) and Laptops . The focus of this work is to authenticate and protect the content of HDD from illegal use. The paper proposes a novel approach for protecting a HDD based on Partial Disk Encryption(PDE) which one of the flavour of FDE. The
proposed method is labelled as DiskTrust. FDE encrypts entire content or a single volume on your disk. Symmetric key uses same key for encryption as well for decryption. DiskTrust uses these two technology to build cost effective solution for small scale applications. Finally, the applicability of these methodologies for HDD security will be evaluated on a set of data files with different key sizes.
Improving Cloud Security Using Multi Level Encryption and AuthenticationAM Publications,India
As people have become more social and electronically attached, the concern for information sharing over the internet still persist. As known many powerful cryptographical approaches have been proposed in the past which are practically impossible to break, yet there exists a major concern of total encryption and decryption time taken as a whole. It is a known fact that in encrypting a large chunk of data, traditional asymmetric key algorithm may be slower to symmetric key algorithm by 1000 times or more. Hence this paper proposes a hierarchical structure in which the parties are first authenticated, then exchange keys by asymmetric key algorithm, then do actual encryption and decryption by the symmetric key algorithm. This will be useful to improve the security in cloud applications.
Define and solve the problem of effective and secure ranked keyword search over encrypted cloud data.
Ranked search greatly enhances system usability by returning the matching files in a ranked order regarding to
certain relevance criteria (e.g., keyword frequency), thus making one step closer towards practical deployment of
privecy- preserving data hosting services in Cloud Computing. To improve the security for the data retrieval from
cloud environment, the One Time Password is used. The One Time Passwod is sent to the user mail to view the
original data. The Model exhibits the Querying Process over the cloud computing infrastructure using Secured and
Encrypted Data access and Ranking over the results would benefit the usre for the getting better results.
This is my Capstone Project for my Masters in Computer Science 2023 at the Rochester Institute of Technology. I want to fully thank Dr. M. Mustafa Rafique and Dr. Hans-Peter Bischof for their guidance and support throughout this process.
This paper talks about how to improve and build upon existing data distribution algorithms for a fog computing environment. It implements libraries from AES, Reed Solomon to improve the existing architecture.
This paper is also based off the existing research: ian Wang et al. A Three-Layer Privacy Preserving Cloud Storage Scheme
Based on Computational Intelligence in Fog Computing in IEEE TETCI, vol.
2, no. 1, pp. 3-12, Feb. 2018 .
Encryption and Compression of Audio-Video Data Using Enhanced AES and J-Bit A...ijsrd.com
AES is considered a good encryption algorithm in terms of providing security to a network in passing information (data) in form of audio, string, and video and in any other form. However it yields a low throughput resulting in slowness and increasing energy dispensation of server or an application. The Enhanced AES algorithm is proposed in this paper which works by using sequence counters and provides improved throughput as compare to conventional AES algorithm. The J-Bit Encoding is being a compression algorithm in lossless category which doesn't decrease the quality but reduce the size of data to some extent. It has been observed that the proposed encryption algorithm integrated to J-Bit Encoding algorithm will provide the effective security measures as well as increased throughput as a parameter and less bandwidth usage as the actual size of data shall not be sent along the network.
High security mechanism: Fragmentation and replication in the cloud with auto...CSITiaesprime
Cloud computing makes immense use of internet to store a huge amount of data. Cloud computing provides high quality service with low cost and scalability with less requirement of hardware and software management. Security plays a vital role in cloud as data is handled by third party hence security is the biggest concern to matter. This proposed mechanism focuses on the security issues on the cloud. As the file is stored at a particular location which might get affected due to attack and will lost the data. So, in this proposed work instead of storing a complete file at a particular location, the file is divided into fragments and each fragment is stored at various locations. Fragments are more secured by providing the hash key to each fragment. This mechanism will not reveal all the information regarding a particular file even after successful attack. Here, the replication of fragments is also generated with strong authentication process using key generation. The auto update of a fragment or any file is also done here. The concept of auto update of files is done where a file or a fragment can be updated online. Instead of downloading the whole file, a fragment can be downloaded to update. More time is saved using this methodology.
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...IJERA Editor
A parallel file system is a type of distributed file system that distributes file data across multiple servers and
provides for concurrent access by multiple tasks of a parallel application. In many to many communications or
multiple tasks, key establishments are a major problem in parallel file system. So we propose a variety of
authenticated key exchange protocols that are designed to address the above issue. In this paper, we also study
the password-based protocols for authenticated key exchange (AKE) to resist dictionary attacks. Password-based
protocols for authenticated key exchange (AKE) are designed to work to resist the use of passwords drawn from
a space so small that attacker might well specify, off line, all possible passwords. While many such protocols
have been suggested, the elemental theory has been lagging. We commence by interpreting a model for this
problem, to approach password guessing, forward secrecy, server compromise, and loss of session keys.
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Ke...
INTRODUCTION
1. 1
1. INTRODUCTION
The access control is one of the fundamental security services in the computer system. It is a
mechanism for constraining the interaction between users and protected resources. File is one of
the important resources of the computer system. That must be protected from the unauthorized
access that it can’t be tempered or stolen by intruders. The file security can enforced using
cryptographic techniques. With the help of these techniques the important files are encrypted and
authorized users are given appropriate cryptographic keys.
The cryptographic techniques can be applied at any level of the storage systems because they
use the layered architecture. The level may be the block or virtual one in the operating system.
Basically, file management is an important task of the computer system. We have designed the
Java File Security System (JFSS) for files on the Windows XP. The suggested file security
system storing encrypted files using Rijndael Algorithm (AES), so an unauthorized user can’t
access the important data. The encryption takes place for the selected files (important ones which
requires the security) only. We are using the concept of on-demand computing which results in
the high performance of the computer system. The proposed system is working properly for all
types of the files. In this paper there are more sections.
Few people use secure network file systems today, despite the fact that attackers can easily
tamper with network traffic. For years, researchers have known how to design and build file
systems that work over untrusted networks (for instance Echo). If such a file system could grow
to span the Internet, it would let people access and share files securely with anyone anywhere.
Unfortunately, no existing file system has realized this goal.
In the file security system we use the key encrypt the file and same key use for
decryption of file because we use the symmetric key for encryption and decryption of file.
Information security is the hot topic of research in the field of computer science and
technology, and the data encryption is one of the most important methods for information
security. Since a new kind of encryption algorithm, i.e. Advanced Encryption Standard (AES),
has been proposed for replacing the previous encryption of Data Encryption Standard (DES) in
2001, more and more applications are starting to use AES instead of DES to protect their
information security in the past ten years. Currently, the implementations of AES are based on
CPU because CPU is regarded as the computing component in the computer system from the
2. 2
traditional point of view. With the rapid growth of information data, more and more applications
require encrypting data with the performance of more and more high speed. The traditional CPU-
based AES implementation shows the poor performance and cannot meet the demands of fast
data encryption. Therefore, how to develop a new method for high performance is a challenging
topic of research, which is interesting more and more researchers in developing new approaches
for fast AES encryption. In recent years, with the rapid development of microelectronics
technology, the computing capability of many general-purpose processors has gone far beyond
CPU. A secure network file system designed to span the Internet. File security system prevents
much vulnerability caused by today’s insecure network file system proto-cols. It makes file
sharing across administrative realms trivial, letting users access files from anywhere and share
files with anyone.
Few people use secure network file systems today, despite the fact that attackers can
easily tamper with network traffic. For years, researchers have known how to design and build
file systems that work over untrusted networks (for instance Echo). If such a file system could
grow to span the Internet, it would let people access and share files securely with anyone
anywhere. Unfortunately, no existing file system has realized this goal.
In the file security system we use the key encrypt the file and same key use for
decryption of file because we use the symmetric key for encryption and decryption of file.
3. 3
2. Review of Literature
(1.) Parallel AES Algorithm for Fast Data Encryption on GPU
Deguang Le, Jinyi Chang, Xingdou Gou, Ankang Zhang, Conglan Lu
Abstract: - With the improvement of cryptanalysis, More and more applications are starting to
use Advanced Encryption Standard (AES) instead of Data Encryption Standard (DES) to protect
their information security. However, current implementations of AES algorithm suffer from huge
CPU resource consumption and low throughput. In this paper, we studied the technologies of
GPU parallel computing and its optimized design for cryptography. Then, we proposed a new
algorithm for AES parallel encryption, and designed and implemented a fast data encryption
system based on GPU. The test proves that our approach can accelerate the speed of AES
encryption significantly.
(2.) Separating key management from file system security
17th ACM Symposium on Operating Systems Principles (SOSP ’99) Published as
Operating Systems Review 34(5):124–139, Dec. 1999
Abstract: - No secure network file system has ever grown to span the Internet. Existing
systems all lack adequate key management for security at a global scale. Given the diversity of
the Internet, any particular mechanism a file system employs to manage keys will fail to support
many types of use. We propose separating key management from file system security, letting the
world share a single global file system no matter how individuals manage keys. We present SFS,
a secure file system that avoids internal key management. While other file systems need key
management to map file names to encryption keys, SFS file names effectively contain public
keys, making them self-certifying pathnames. Key management in SFS occurs outside of the file
system, in whatever procedure users choose to generate file names. Self-certifying pathnames
free SFS clients from any notion of administrative realm, making inter-realm file sharing trivial.
They let users authenticate servers through a number of different techniques. The file namespace
doubles as a key certification namespace, so that people can realize many key management
schemes using only standard file utilities. Finally, with self-certifying pathnames, people can
bootstrap one key management mechanism using another. These properties make SFS more
versatile than any file system with built-in key management.
4. 4
(3.) Encryption and Decryption of Digital Image Using Color
IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 2, No 2, March 2012
ISSN (Online): 1694-0814
Abstract:-This paper aims at improving the level of security and secrecy provided by the digital
color signal-based image encryption. The image encryption and decryption algorithm is designed
and implemented to provide confidentiality and security in transmission of the image based data
as well as in storage. This new proposed encryption algorithm can ensure the lossless of
transmissions of images. The proposed encryption algorithm in this study has been tested on
some images and showed good results.
(4.) Simple Encryption/Decryption Application
This paper presents an Encryption/Decryption application that is able to work with any type
of file; for example: image files, data files, documentation files…etc. The method of encryption
is simple enough yet powerful enough to fit the needs of students and staff in a small institution.
The application uses simple key generation method of random number generation and
combination. The final encryption is a binary one performed through rotation of bits and XOR
operation applied on each block of data in any file using a symmetric decimal key. The key
generation and Encryption are all done by the system itself after clicking the encryption button
with transparency to the user. The same encryption key is also used to decrypt the encrypted
binary file.
(5.) Java File Security System(JFSS)Evaluation Using Software Engineering
Approaches
Volume 2, Issue 1, January 2012 ISSN: 2277 128X International Journal of Advanced
Research in Computer Science and Software Engineering
A Java File Security System (JFSS) has been developed by us. That is an encrypted file system.
It is developed by us because there are so many file data breaches in the past and current history
and they are going to increase day by day as the reports by Data Loss DB (Open Security
Foundation) organization, a non-profit organization in US so it is. The JFSS is evaluated
regarding the two software engineering approaches. One of them is size metric that is Lines of
5. 5
Code (LOC) in the software product development. Another approach is the customer oriented
namely User Satisfaction Testing methodology.
Satisfying our customers is an essential element to stay in business in modern world of global
competition. We must satisfy and even delight our customers with the value of our software
products and services to gain their loyalty and repeat business. Customer satisfaction is therefore
a primary goal of process improvement programs as well as quality predictions of our software.
With the help of User Satisfaction Index that is calculated for many parameters regarding the
customer satisfaction. Customer Satisfaction Surveys are the best way to find the satisfaction
level of our product quality.
(6.) A Study of New Trends in Blowfish Algorithm
Gurjeevan Singh, Ashwani Kumar, K. S. Sandha / International Journal of Engineering
Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 1, Issue 2,
pp.321-326
Abstract: - Wired and wireless networks are becoming popular day by day. Due to rapid growth of
networks, information security becomes more important to protect commerce secrecy and
privacy. Encryption algorithm plays a crucial role in information security but securing data also
consumes a significant amount of resources such as CPU time and battery power. In this paper
we try to present a fair comparison between the most common four encryption algorithms
namely; AES, DES, 3DES and Blowfish in terms of security and power consumption.
Experiment results of comparison are carried out over different data types like text, image, audio
and video. This paper briefly describes a new method to enhance the security of Blowfish
algorithm; this can be possible by replacing the pre-defined XOR operation by new operation
‘#’. When we are adding additional key and replacing old XOR by new operation ‘#’, Blowfish
will provides better results against any type of intrusion.
(7.) AN EFFICIENT IMPLEMENTATION OF LRCA SCHEME FOR
ENCRYPTION/DECRYPTION
V MNSSVKR GUPTA, K.V.S. MURTHY, DR.A. YESU BABU, R SHIVA SHANKAR/
International Journal of Engineering Research and Applications (IJERA)
6. 6
Abstract:- Network has become a significant way to transmit information because of the arrival
of information era and the rapid development of Internet. Various multimedia digital products
(such as text, images, videos, sound data, etc.) spread on the net. How to protect the benefit of
the investors and legal rights owners is becoming an upcoming problem to solve. In this couple
of years, the data encryption/decryption (modern cryptography) technique develops rapidly,
which can provide a new effective approach to deal with this problem. In this paper a strong time
efficient cryptosystem is proposed. A novel approach in cellular automata is used in which the
plain text is arranged into layers of binary digital planes and then encrypted based on the rule set
of Automata. This scheme exhibits strength by inheriting the naive properties of Cellular
Automata, unpredictability, homogeneity, parallelism and sensitivity to the initial conditions.
The proposed scheme is analyzed for time efficiency and observed to possess better confusion
and diffusion properties when compared with Advanced Encryption Standard (AES). This
scheme has advantage, that it has variable key size and block size; depending on the size of the
plain text chosen. Simulation results show that the proposed system is on par with AES.
(8.) Hybrid Algorithm with DSA, RSA and MD5 Encryption Algorithm for
wireless devices.
Khushdeep Kaur, Er.Seema / International Journal of Engineering Research and
Applications (IJERA) ISSN: 2248-9622 Vol. 2, Issue 5, September- October 2012
Abstract:- Security is the one of the biggest concern in different type of networks. Due to
diversify nature of network, security breaching became a common issue in different form of
networks. Solutions for network security comes with concepts like cryptography in which
distribution of keys have been done. If you want to send data to some other persons through
network then if you truly want to keep the information secret, you need to agree on some sort of
key that you and he can use to encode/decode messages. But you don’t want to keep using the
same key, or you will make it easier and easier for others to crack your cipher. As Encryption
became a vital tool for preventing the threats to data sharing and tool to preserve the data
integrity so we are focusing on security enhancing by enhancing the level of encryption in
network. This study’s main goal is to reflect the importance of security in network and provide
the better encryption technique for currently implemented encryption techniques. In our research
7. 7
we have proposed a combination of DSA, RSA and MD5as a hybrid link for wireless devices.
We have also considered case study for Manet networks so that we can suggest the applications
of proposed algorithm.
(9.) IT Security Review: Privacy, Protection, Access Control, Assurance and
System Security
International Journal of Multimedia and Ubiquitous Engineering Vol. 2, No. 2, April, 2007
Abstract:-Computer security is a branch of technology known as information security as applied
to computers and networks. The objective of computer security includes protection of
information and property from theft, corruption, or natural disaster, while allowing the
information and property to remain accessible and productive to its intended users. There are
many elements that are disrupting computer security. In this paper, we review the current
strategies and methods related to IT security.
(10.) AN OVERVIEW OF THE SECURITYCONCERNS IN ENTERPRISE
CLOUD COMPUTING
International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.1,
January 2011
Abstract: - Deploying cloud computing in an enterprise infrastructure bring significant security
concerns. Successful implementation of cloud computing in an enterprise requires proper
planning and understanding of emerging risks, threats, vulnerabilities, and possible
countermeasures. We believe enterprise should analyze the company/organization security risks,
threats, and available countermeasures before adopting this technology. In this paper, we have
discussed security risks and concerns in cloud computing and enlightened steps that an enterprise
can take to reduce security risks and protect their resources. We have also explained cloud
computing strengths/benefits, weaknesses, and applicable areas in information risk management.
(11.) Performance Evaluation of Java File Security System (JFSS)
Pelagia Research Library Advances in Applied Science Research, 2011, 2 (6):254-260
8. 8
Abstract: - Security is a critical issue of the modern file and storage systems, it is imperative to
protect the stored data from unauthorized access. We have developed a file security system
named as Java File Security System (JFSS) [1] that guarantee the security to files on the demand
of all users. It has been developed on Java platform. Java has been used as programming
language in order to provide portability, but it enforces some performance limitations. It is
developed in FUSE (File System in User space) [3]. Many efforts have been done over the years
for developing file systems in user space (FUSE). All have their own merits and demerits. In this
paper we have evaluated the performance of Java File Security System (JFSS). Over and over
again, the increased security comes at the expense of user convenience, performance or
compatibility with other systems. JFSS system performance evaluations show that encryption
overheads are modest as compared to security.
(12.) Cifrar FS – Encrypted File SystemUsing FUSE
Anagha Kulkarni & Vandana Inamdar
Abstract: - This paper describes a file system that enables transparent encryption and decryption
of files by using advanced, standard cryptographic algorithm, Data Encryption Standard (DES).
Any individual, including super user, or program, that doesn't possess the appropriate passphrase
for the directory which contains encrypted files cannot read the encrypted data. Encrypted files
can be protected even from those who gain physical possession of the computer on which files
reside. ‘CifrarFS’, an encrypted file system using ‘File system in USEr space (FUSE)’ maintains
all the files in a specific directory in an encrypted form and decrypts them on demand. It encodes
the file name while storing but decodes it while viewed from the mount point. We propose an
idea of watermark in every encrypted file that is validated before decryption and also log all the
operations on ‘CifrarFS’. It is a stackable file system that operates on top of ext3. It does not
need root privileges.
(13.) Ivy: A Read/Write Peer-to-Peer File System
Athicha Muthitacharoen, Robert Morris, Thomer M. Gil, and Benjie Chen
Abstract: - Ivy is a multi-user read/write peer-to-peer file system. Ivy has no centralized or
dedicated components, and it provides useful integrity properties without requiring users to fully
trust either the underlying peer-to-peer storage system or the other users of the file system. An
9. 9
Ivy file system consists solely of a set of logs, one log per participant. Ivy stores its logs in the
DHash distributed hash table. Each participant finds data by consulting all logs, but performs
modifications by appending only to its own log. This arrangement allows Ivy to maintain meta-
data consistency without locking. Ivy users can choose which other logs to trust, an appropriate
arrangement in a semi-open peer-to-peer system. Ivy presents applications with a conventional
file system interface. When the underlying network is fully connected, Ivy provides NFS-like
semantics, such as close-to-open consistency. Ivy detects conflicting modifications made during
a partition, and provides relevant version information to application-specific conflict resolvers.
Performance measurements on a wide-area network show that Ivy is two to three times slower
than NFS.
(14.) Java File Security System (JFSS)
Global Journal of Computer Science and Technology Network, Web& Security Volume 12
Issue 10 Version 1.0 May 2012 Type: Double Blind Peer Reviewed International Research
Journal Publisher: Global Journals Inc. (USA) Online ISSN: 0975-4172 & Print ISSN:
0975-4350
Abstract: - Nowadays, storage systems are increasingly subject to attacks. So the security
system is quickly becoming mandatory feature of the data storage systems. For the security
purpose we are always dependent on the cryptography techniques. These techniques take the
performance costs for the complete system. So we have proposed the Java File Security System
(JFSS). It is based on the on-demand computing system concept, because of the performance
issues. It is a greater comeback for the system performance. The concept is used because; we are
not always in needing the secure the files, but the selected one only. In this paper, we have
designed a file security system on Windows XP. When we use the operating system, we have to
secure some important data. The date is always stored in the files, so we secure the important
files well. To check the proposed functionality, we experiment the above said system on the
Windows operating system. With these experiments, we have found that the proposed system is
working properly, according to the needs of the users.
(15.)A Windows BasedJava File Security System (JFSS)
10. 10
Brijender Kahanwal, Tejinder Pal Singh, 3Dr. R. K. Tuteja IJCST Vol. 2, Issue 3,
September 2011I S SN : 2229 - 4333 ( P r i n t ) | ISSN : 0 9 7 6 - 8 4 9 1
Abstract:-Nowadays, everyone is greatly dependent on computers and networks. It may be a
naïve user or sophisticated one or any type of organization, everyone relies on them. So the
security of computer based data or information is important task for the whole world. For the
same we must pay a kind attention. The files which lies in the system or which are in the way or
the networks must be secure from any type of attack by the intruders. In this paper we gave a
brief analysis of the existing file security systems and view the problems with them. We have
designed a type of virtual file system named Java File Security System (JFSS) for the Windows
operating system. It is a stackable file system in the user space. We added the layer upon the
basic file system which is a transparent encryption and decryption layer. It provides strong
security to the files of any type on the demand and can be mounted at any point in the system.
(16.) Announcing the ADVANCED ENCRYPTION STANDARD (AES)
Federal Information Processing Standards Publication 197 November 26, 2001
Abstract: - This standard specifies the Rijndael algorithm, a symmetric block cipher that can
process data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits.
Rijndael was designed to handle additional block sizes and key lengths; however they are not
adopted in this standard. Throughout the remainder of this standard, the algorithm specified
herein will be referred to as “the AES algorithm.” The algorithm may be used with the three
different key lengths indicated above, and therefore these different “flavors” may be referred to
as “AES-128”, “AES-192”, and “AES-256.
(17.) Performance Comparison of the AES Submissions
Bruce Schneier John Kelsey Doug Whiting David Wagner Chris Hall Niels Ferguson k
Version 2.0 February 1, 1999
Abstract: - The principal goal guiding the design of any encryption algorithm must be security.
In the real world, however, performance and implementation cost are always of concern. Making
the assumption that the major AES candidates are secure (a big assumption, to be sure, but one
11. 11
that is best dealt with in another paper), the most important properties the algorithms will be
judged on will be the performance and cost of implementation. In this paper, we will completely
ignore security. Instead, we will compare the performance of the leading AES candidates on a
variety of common platforms: 32-bit CPUs, 64-bit CPUs, cheap 8-bit smart-card CPUs, and
dedicated hardware. For each platform, we first make some general observations on the
performance issues for each of the platforms, then compare the various AES candidates, and
finally look at the specific issues for each of the candidates.
(18.)Biclique Cryptanalysis of the Full AES
Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger
Abstract:- Since Rijndael was chosen as the Advanced Encryption Standard, improving upon 7-
round attacks on the 128-bit key variant or upon 8-round attacks on the 192/256-bit key variants
has been one of the most difficult challenges in the cryptanalysis of block ciphers for more than a
decade. In this paper we present a novel technique of block cipher cryptanalysis with bicliques,
which leads to the following results:
– The first key recovery attack on the full AES-128 with computational complexity 2126.1.
– The first key recovery attack on the full AES-192 with computational complexity 2189.7.
– The first key recovery attack on the full AES-256 with computational complexity 2254.4.
– Attacks with lower complexity on the reduced-round versions of AES not considered before,
including an attack on 8-round AES-128 with complexity 2124.9. Preimage attacks on
compression functions based on the full AES versions. In contrast to most shortcut attacks on
AES variants, we do not need to assume related-keys. Most of our attacks only need a very small
part of the codebook and have small memory requirements, and are practically verified to a large
extent. As our attacks are of high computational complexity, they do not threaten the practical
use of AES in any way.
(19.) A Newer User Authentication, File encryption and Distributed Server
Based Cloud computing security architecture
(IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 3, No.
10, 2012
12. 12
Abstract: - The cloud computing platform gives people the opportunity for sharing resources,
services and information among the people of the whole world. In private cloud system,
information is shared among the persons who are in that cloud. For this, security or personal
information hiding process hampers. In this paper we have proposed new security architecture
for cloud computing platform. This ensures secure communication system and hiding
information from others. AES based file encryption system and asynchronous key system for
exchanging information or data is included in this model. This structure can be easily applied
with main cloud computing features, e.g. PaaS, SaaS and IaaS. This model also includes onetime
password system for user authentication process. Our work mainly deals with the security system
of the whole cloud computing platform.
13. 13
3. Materials & Methods
3.1 Parallel Technique Available:-For encrypt and decrypt the file multiple technique
available they are following-
1. MD5
2. DES
3. Blowfish
4. RSA
MD5:- The MD5 message-digest algorithm is a widely used cryptographic hash function
producing a 128-bit (16-byte) hash value, typically expressed as a 32 digit hexadecimal number.
MD5 has been utilized in a wide variety of security applications. It is also commonly used to
check data integrity.
MD5 was designed by Ron Rivest in 1991 to replace an earlier hash function, MD4.
In 1996 a flaw was found in the design of MD5. While it was not a clearly fatal weakness,
cryptographers began recommending the use of other algorithms, such as SHA-1—which has
since been found to be vulnerable as well. In 2004 it was shown that MD5 is not collision
resistant; as such, MD5 is not suitable for applications that rely on this property like SSL
certificates or digital signatures. Also in 2004 more serious flaws were discovered in MD5,
making further use of the algorithm for security purposes questionable — specifically, a group of
researchers described how to create a pair of files that share the same MD5 checksum. Further
advances were made in breaking MD5 in 2005, 2006, and 2007. In December 2008, a group of
researchers used this technique to fake SSL certificate validity, and CMU Software Engineering
Institute now says that MD5 "should be considered cryptographically broken and unsuitable for
further use", most U.S. government applications now require the SHA-2 family of hash
functions.
DES: - The Data Encryption Standard (DES) is a previously predominant symmetric-key
algorithm for the encryption of electronic data. It was highly influential in the advancement of
modern cryptography in the academic world. Developed in the early 1970s at IBM and based on
14. 14
an earlier design by Horst Feistel, the algorithm was submitted to the National Bureau of
Standards (NBS) following the agency's invitation to propose a candidate for the protection of
sensitive, unclassified electronic government data. In 1976, after consultation with the National
Security Agency (NSA), the NBS eventually selected a slightly modified version, which was
published as an official Federal Information Processing Standard (FIPS) for the United States in
1977. The publication of an NSA-approved encryption standard simultaneously resulted in its
quick international adoption and widespread academic scrutiny. Controversies arose out of
classified design elements, a relatively short key length of the symmetric-key block cipher
design, and the involvement of the NSA, nourishing suspicions about a backdoor. The intense
academic scrutiny the algorithm received over time led to the modern understanding of block
ciphers and their cryptanalysis.
DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key
size being too small; in January, 1999, distributed.net and the Electronic Frontier Foundation
collaborated to publicly break a DES key in 22 hours and 15 minutes (see chronology). There are
also some analytical results which demonstrate theoretical weaknesses in the cipher, although
they are infeasible to mount in practice. The algorithm is believed to be practically secure in the
form of Triple DES, although there are theoretical attacks. In recent years, the cipher has been
superseded by the Advanced Encryption Standard (AES). Furthermore, DES has been withdrawn
as a standard by the National Institute of Standards and Technology.
Blowfish: - Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and
included in a large number of cipher suites and encryption products. Blowfish provides a good
encryption rate in software and no effective cryptanalysis of it has been found to date. However,
the Advanced Encryption Standard now receives more attention.
Schneier designed Blowfish as a general-purpose algorithm, intended as an alternative to the
aging DES and free of the problems and constraints associated with other algorithms. At the time
Blowfish was released, many other designs were proprietary, encumbered by patents or were
commercial/government secrets. Schneier has stated that, "Blowfish is unpatented, and will
remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely
used by anyone.
15. 15
RSA: - RSA is a cryptosystem, which is known as one of the first practicable public-key
cryptosystems and is yet widely used for secure data transmission. In such a cryptosystem,
the encryption key is public and differs from the decryption key which is kept secret. In RSA,
this asymmetry is based on the practical difficulty of factoring the product of two large prime
numbers, the factoring problem. RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman,
who first publicly described the algorithm in 1977. Clifford Cocks, an English mathematician,
had developed an equivalent system in 1973, but it wasn't declassified until 1997.
A user of RSA creates and then publishes the product of two large prime numbers, along with an
auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use the
public key to encrypt a message, but with currently published methods, if the public key is large
enough, only someone with knowledge of the prime factors can feasibly decode the message.
Whether breaking RSA encryption is as hard as factoring is an open question known as the RSA
problem.
3.2 Technology Used: - So many approaches are applied to solve the problem of
information security. The approaches may be the user space or kernel space or the combined one.
The kernel approach is sensitive to implement because any small mistake done by the
programmer can harm the overall functioning of the system. The user space one is secure and
compatible with the system and the independent one and comfortable in the implementation and
are the highly portable if we are using the best portable platform like Java.
Java: - Java is a computer programming language that is concurrent, class-based, object-
oriented, and specifically designed to have as few implementation dependencies as possible. It is
intended to let application developers "write once, run anywhere" (WORA), meaning that code
that runs on one platform does not need to be recompiled to run on another. Java applications are
typically compiled to byte code (class file) that can run on any Java virtual machine (JVM)
regardless of computer architecture. Java is, as of 2012, one of the most popular programming
languages in use, particularly for client-server web applications, with a reported 9 million
developers. Java was originally developed by James Gosling at Sun Microsystems (which has
since merged into Oracle Corporation) and released in 1995 as a core component of Sun
16. 16
Microsystems' Java platform. The language derives much of its syntax from C and C++, but it
has fewer low-level facilities than either of them.
The original and reference implementation Java compilers, virtual machines, and class libraries
were developed by Sun from 1991 and first released in 1995. As of May 2007, in compliance
with the specifications of the Java Community Process, Sun relicensed most of its Java
technologies under the GNU General Public License. Others have also developed alternative
implementations of these Sun technologies, such as the GNU Compiler for Java (byte code
compiler), GNU Class path (standard libraries), and IcedTea-Web (browser plug-in for applets).
One characteristic of Java is portability, which means that computer programs written in the
Java language must run similarly on any hardware/operating-system platform. This is achieved
by compiling the Java language code to an intermediate representation called Java bytecode,
instead of directly to platform-specific machine code. Java bytecode instructions are analogous
to machine code, but they are intended to be interpreted by a virtual machine (VM) written
specifically for the host hardware. End-users commonly use a Java Runtime Environment (JRE)
installed on their own machine for standalone Java applications, or in a Web browser for Java
applets.
Standardized libraries provide a generic way to access host-specific features such as graphics,
threading, and networking.
A major benefit of using bytecode is porting. However, the overhead of interpretation means that
interpreted programs almost always run more slowly than programs compiled to native
executables would. Just-in-Time (JIT) compilers were introduced from an early stage that
compiles bytecodes to machine code during runtime.
Programs written in Java have a reputation for being slower and requiring more memory than
those written in C++. However, Java programs' execution speed improved significantly with the
introduction of Just-in-time compilation in 1997/1998 for Java 1.1, the addition of language
features supporting better code analysis (such as inner classes, the String Builder class, optional
assertions, etc.), and optimizations in the Java virtual machine itself, such as Hotspot becoming
the default for Sun's JVM in 2000.
17. 17
Some platforms offer direct hardware support for Java; there are microcontrollers that can run
Java in hardware instead of a software Java virtual machine, and ARM based processors can
have hardware support for executing Java bytecode through their Jazelle option.
Java uses an automatic garbage collector to manage memory in the object lifecycle. The
programmer determines when objects are created, and the Java runtime is responsible for
recovering the memory once objects are no longer in use. Once no references to an object
remain, the unreachable memory becomes eligible to be freed automatically by the garbage
collector. Something similar to a memory leak may still occur if a programmer's code holds a
reference to an object that is no longer needed, typically when objects that are no longer needed
are stored in containers that are still in use. If methods for a nonexistent object are called, a "null
pointer exception" is thrown.
One of the ideas behind Java's automatic memory management model is that programmers can
be spared the burden of having to perform manual memory management. In some languages,
memory for the creation of objects is implicitly allocated on the stack, or explicitly allocated and
deallocated from the heap. In the latter case the responsibility of managing memory resides with
the programmer. If the program does not deallocate an object, a memory leak occurs. If the
program attempts to access or deallocate memory that has already been deallocated, the result is
undefined and difficult to predict, and the program is likely to become unstable and/or crash.
This can be partially remedied by the use of smart pointers, but these add overhead and
complexity. Note that garbage collection does not prevent "logical" memory leaks, i.e. those
where the memory is still referenced but never used.
Garbage collection may happen at any time. Ideally, it will occur when a program is idle. It is
guaranteed to be triggered if there is insufficient free memory on the heap to allocate a new
object; this can cause a program to stall momentarily. Explicit memory management is not
possible in Java.
Java does not support C/C++ style pointer arithmetic, where object addresses and unsigned
integers (usually long integers) can be used interchangeably. This allows the garbage collector to
relocate referenced objects and ensures type safety and security.
18. 18
JDBC(Java Database Connectivity):- JDBC is a Java-based data access technology
(Java Standard Edition platform) from Oracle Corporation. This technology is an API for the
Java programming language that defines how a client may access a database. It provides methods
for querying and updating data in a database. JDBC is oriented towards relational databases. A
JDBC-to-ODBC bridge enables connections to any ODBC-accessible data source in the JVM
host environment.
JDBC allows multiple implementations to exist and be used by the same application. The API
provides a mechanism for dynamically loading the correct Java packages and registering them
with the JDBC Driver Manager. The Driver Manager is used as a connection factory for creating
JDBC connections.
JDBC connections support creating and executing statements. These may be update statements
such as SQL's CREATE, INSERT, UPDATE and DELETE, or they may be query statements
such as SELECT. Additionally, stored procedures may be invoked through a JDBC connection.
Oracle: - The Oracle Database (commonly referred to as Oracle RDBMS or simply as Oracle)
is an object-relational database management system produced and marketed by Oracle
Corporation.
An Oracle database system—identified by an alphanumeric system identifier or SID—comprises
at least one instance of the application, along with data storage. An instance—identified
persistently by an instantiation number (or activation id:
SYS.V_$DATABASE.ACTIVATION#)—comprises a set of operating-system processes and
memory-structures that interact with the storage. (Typical processes include PMON (the process
monitor) and SMON (the system monitor).) Oracle documentation can refer to an active database
instance as a "shared memory realm".
Users of Oracle databases refer to the server-side memory-structure as the SGA (System Global
Area). The SGA typically holds cache information such as data-buffers, SQL commands, and
user information. In addition to storage, the database consists of online redo logs (or logs), which
hold transactional history. Processes can in turn archive the online redo logs into archive logs
19. 19
(offline redo logs), which provide the basis (if necessary) for data recovery and for the physical-
standby forms of data replication using Oracle Data Guard.
If the Oracle database administrator has implemented Oracle RAC (Real Application Clusters),
then multiple instances, usually on different servers, attach to a central storage array. This
scenario offers advantages such as better performance, scalability and redundancy. However,
support becomes more complex, and many sites do not use RAC. In version 10g, grid computing
introduced shared resources where an instance can use (for example) CPU resources from
another node (computer) in the grid.
The Oracle DBMS can store and execute stored procedures and functions within itself. PL/SQL
(Oracle Corporation's proprietary procedural extension to SQL), or the object-oriented language
Java can invoke such code objects and/or provide the programming structures for writing them.
The Oracle RDBMS stores data logically in the form of table spaces and physically in the form
of data files ("data files"). Table spaces can contain various types of memory segments, such as
Data Segments, Index Segments, etc. Segments in turn comprise one or more extents. Extents
comprise groups of contiguous data blocks. Data blocks from the basic units of data storage.
A DBA can impose maximum quotas on storage per user within each table space.
Newer versions of the database can also include a partitioning feature: this allows the
partitioning of tables based on different set of keys. Specific partitions can then be easily added
or dropped to help manage large data sets.
Oracle database management tracks its computer data storage with the help of information stored
in the SYSTEM table space. The SYSTEM table space contains the data dictionary and often (by
default) indexes and clusters. A data dictionary consists of a special collection of tables that
contains information about all user-objects in the database. Since version 8i, the Oracle RDBMS
also supports "locally managed" table spaces which can store space management information in
bitmaps in their own headers rather than in the SYSTEM table space (as happens with the default
"dictionary-managed" table spaces). Version 10g and later introduced the SYSAUX table space
20. 20
which contains some of the tables formerly stored in the SYSTEM table space, along with objects
for other tools such as OEM which previously required its own table space.
21. 21
4. Plan Of Work
4.1 Problem Definition: – The field covers all the processes and mechanisms by which
computer-based equipment, information and services are protected from unintended or
unauthorized access, change or destruction
In this the main problem is that anybody can read the file due to this the security is being broken.
If a file sends to another user upon internet then unauthorized user can access or hack to that file
then he can easily read to them.
Feasibility Study:-Feasibility issue is a process to check possibilities of system development.
It is a method to check various different requirements and availability of financial & technical
resource. Before starting the process various parameter must be checked like:
Estimated finance is there or not?
The man power to operate the work is there or not?
The man power trained or not?
All the above conditional must be satisfied then we can start the work. This is why in depth
analysis of feasibility is carried out. There are three ways for check the feasibility:
1) Economical feasibility.
2) Technical feasibility.
3) Operational feasibility
Economical Feasibility:-Economical feasibility, analysis of coast of the is carried out.
The system should be only developed if it is going to give returned the current manual
system user can get the price only by purchasing the news papers. In addition if he/she
wants to see archive of particular quality then he has to refer to all the old newspapers.
For research report he has to buy another magazine so instead of buying number of
magazine user has to just go online and with a single click he can get whatever
information we wants so our project of online share news passes the test of economical
feasibility.
Technical Feasibility: - It is basically used to see existing computer, hardware and
software etc, weather it is efficient or additional equipment are required? Minimum
system requirement is such that it can be affordable by of the user who is having
22. 22
computer. All the user requires is computable java framework install so our system fully
technical feasible.
Operational Feasibility:-once the system is design there must be trained and expert
operator. If there not trained they should given training according to the needs of the
system. From the user’s perspective our system fully operational feasible has it just
requires some knowledge on computer operators only need at daily prices of various
equilities and there are enough validation available so operator does not require any
special technical knowledge. So our system also passes the test of operational feasibility.
4.2 Solution about Problem: - The Advanced Encryption Standard (AES) is a
specification for the encryption of electronic data established by the U.S. National Institute of
Standards and Technology (NIST) in 2001. It is based on the Rijndael cipher developed by two
Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal to NIST
during the AES selection process. Rijndael is a family of ciphers with different key and block
sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of
128 bits, but three different key lengths: 128, 192 and 256 bits.
AES has been adopted by the U.S. government and is now used worldwide. It supersedes the
Data Encryption Standard (DES), which was published in 1977. The algorithm described by
AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and
decrypting the data.
In the United States, AES was announced by the NIST as U.S. FIPS PUB 197 (FIPS 197) on
November 26, 2001. This announcement followed a five-year standardization process in which
fifteen competing designs were presented and evaluated, before the Rijndael cipher was selected
as the most suitable (see Advanced Encryption Standard process for more details). It became
effective as a federal government standard on May 26, 2002 after approval by the Secretary of
Commerce. AES is included in the ISO/IEC 18033-3 standard. AES is available in many
different encryption packages, and is the first publicly accessible and open cipher approved by
the National Security Agency (NSA) for top secret information when used in an NSA approved
cryptographic module (Security of AES).
23. 23
AES is based on a design principle known as a substitution-permutation network, and is fast in
both software and hardware. Unlike its predecessor DES, AES does not use a Feistel network.
AES is a variant of Rijndael which has a fixed block size of 128 bits, and a key size of 128, 192,
or 256 bits. By contrast, the Rijndael specification per se is specified with block and key sizes
that may be any multiple of 32 bits, both with a minimum of 128 and a maximum of 256 bits.
AES operates on a 4×4 column-major order matrix of bytes, termed the state, although some
versions of Rijndael have a larger block size and have additional columns in the state. Most AES
calculations are done in a special finite field.
The key size used for an AES cipher specifies the number of repetitions of transformation rounds
that convert the input, called the plaintext, into the final output, called the ciphertext. The
number of cycles of repetition are as follows:
10 cycles of repetition for 128-bit keys.
12 cycles of repetition for 192-bit keys.
14 cycles of repetition for 256-bit keys.
Each round consists of several processing steps, each containing four similar but different stages,
including one that depends on the encryption key itself. A set of reverse rounds are applied to
transform cipher text back into the original plaintext using the same encryption key.
Description of Algorithm: - KeyExpansion—round keys are derived from the cipher key
using Rijndael's key schedule. AES requires a separate 128-bit round key block for each
round plus one more.
1. InitialRound
1. AddRoundKey—each byte of the state is combined with a block of the round key
using bitwise XOR.
2. Rounds
1. SubBytes—a non-linear substitution step where each byte is replaced with another
according to a lookup table.
24. 24
2. ShiftRows—a transposition step where each row of the state is shifted cyclically a
certain number of steps.
3. MixColumns—a mixing operation which operates on the columns of the state,
combining the four bytes in each column.
4. AddRoundKey
3. Final Round (no MixColumns)
1. SubBytes
2. ShiftRows
3. AddRoundKey.
The SubBytes step
In the SubBytes step, each byte in the state is replaced with its entry in a fixed 8-bit lookup table,
S; bij = S(aij).
In the SubBytes step, each byte in the state matrix is replaced with a SubByte using
an 8-bit substitution box, the Rijndael S-box. This operation provides the non-linearity in the
cipher. The S-box used is derived from the multiplicative inverse over GF(28), known to have
good non-linearity properties. To avoid attacks based on simple algebraic properties, the S-box is
constructed by combining the inverse function with an invertible affine transformation. The S-
25. 25
box is also chosen to avoid any fixed points (and so is a derangement), i.e., , and
also any opposite fixed points, i.e., .
The ShiftRows step:-
In the ShiftRows step, bytes in each row of the state are shifted cyclically to the left. The number of
places each byte is shifted differs for each row.
The ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row by
a certain offset. For AES, the first row is left unchanged. Each byte of the second row is shifted
one to the left. Similarly, the third and fourth rows are shifted by offsets of two and three
respectively. For blocks of sizes 128 bits and 192 bits, the shifting pattern is the same. Row n is
shifted left circular by n-1 bytes. In this way, each column of the output state of the ShiftRows
step is composed of bytes from each column of the input state. (Rijndael variants with a larger
block size have slightly different offsets). For a 256-bit block, the first row is unchanged and the
shifting for the second, third and fourth row is 1 byte, 3 bytes and 4 bytes respectively—this
change only applies for the Rijndael cipher when used with a 256-bit block, as AES does not use
256-bit blocks. The importance of this step is to avoid the columns being linearly independent, in
which case, AES degenerates into four independent block ciphers.
26. 26
The MixColumns step:-
In the MixColumns step, each column of the state is multiplied with a fixed polynomial c(x).
In the MixColumns step, the four bytes of each column of the state are combined using an
invertible linear transformation. The MixColumns function takes four bytes as input and outputs
four bytes, where each input byte affects all four output bytes. Together with ShiftRows,
MixColumns provides diffusion in the cipher.
During this operation, each column is multiplied by the known matrix that for the 128-bit key is:
The multiplication operation is defined as: multiplication by 1 means no change, multiplication
by 2 means shifting to the left, and multiplication by 3 means shifting to the left and then
performing XOR with the initial unshifted value. After shifting, a conditional XOR with 0x1B
should be performed if the shifted value is larger than 0xFF.
In more general sense, each column is treated as a polynomial over GF(28) and is then multiplied
modulo x4+1 with a fixed polynomial c(x) = 0x03 · x3 + x2 + x + 0x02. The coefficients are
displayed in their hexadecimal equivalent of the binary representation of bit polynomials from
GF (2) [x]. The MixColumns step can also be viewed as a multiplication by a particular MDS
matrix in a finite field. This process is described further in the article Rijndael mix columns.
27. 27
The AddRoundKey step:-
In the AddRoundKey step, each byte of the state is combined with a byte of the round subkey using the
XOR operation (⊕).
In the AddRoundKey step, the subkey is combined with the state. For each round, a subkey is
derived from the main key using Rijndael's key schedule; each subkey is the same size as the
state. The subkey is added by combining each byte of the state with the corresponding byte of the
subkey using bitwise XOR.
28. 28
4.3 Software Requirement Specification
4.3.1. Hardware and Software Requirement:-
Software:-The Software used in file security system are as follows:-
Operating System
Windows NT/2000 (Client/Server)
Front-end: Java JDK 1.4, J2Sdk 1.1.4, Swings.
Net-Beans 7.3.1
Hardware:-The hardware used are as follows:-
Pentium IV Processor with 1.9 GHz Clock Speed
512 MB RAM, 20 GB HDD, 32 Bit PCI Ethernet Card
30. 30
4.3.3. 0LevelData Flow Diagram:-
Inputfile outputfile from
For encrypt encryptionprocess
Fig: - 0Level DFD
Symmetrickey Storage for decrptfileMemoryor Data Base
for storage the file
31. 31
5. CONCLUSION:-
We have contributed in the designing and development of a user space cryptographic file system.
We have balanced the design goals like security, performance, convenient and in dependability
of the system. We have achieved the high security by including the support of the Rijndeal
Algorithm (AES) and we have saved the keys on the portable smart cards for the documents
which are important.
The performance is achieved with the help of on-demand computing concept which is that we
are not going to encrypt all the files on the computer system, but we are going to encrypt only the
important documents only. It saves the performance overhead of the system.
The system is very convenient to the users as described in the study done in the reference. And
the in dependability is achieved with the help of the Java technology which is highly portable. So
the complete system is a highly independent of the configuration.
1. Project Goal
The goal of this project was to create a system to secure the file from unauthorized user.
2. Further Work
There are so many implementations in the literature review and everyone has their advantages
and disadvantages with them. Best Crypt, is designed as a loopback device driver which creates
a raw block device with a single file. The single file acts as a container (the backing store). There
is an associated cipher key for each container. Cryptographic File System (CFS) [8], provides a
transparent UNIX file system interface to directory hierarchies that are automatically encrypted
with user supplied keys. It is implemented as a user level NFS server. User needs to create an
encrypted directory and assign its key which is required for cryptographic transformations, when
the directory is created for the first time. Transparent Cryptographic File System (TCFS), works
as a layer under the Virtual File System (VFS) layer, making it completely transparent to the
application.
32. 32
6. REFERENCES:-
1. NVIDIA. High Performance Computing GPU [EB/OL].(2010-01-09).
http://www.nvidia.cn/object/tesla_computing_solutions_cn.html.
2. Niels Provos and David Mazi`eres. A future-adaptable password scheme. In Proceedings
of the 1999 USENIX, Freenix track (the on-line version), Monterey, CA, June 1999.
USENIX. from http: // www.usenix .org/events/ unsenix99/ provous.html.
3. Sara Tedmori, Nijad Al-Najdawi ” Lossless Image Cryptography Algorithm Based on
Discrete Cosine Transform” IAJIT First Online Publication vol.3,2011.
4. Al-Ataby A. and Al-Naima F., “A Modified High Capacity Image Steganography
Technique Based on Wavelet Transform,” The International ArabJournal of Information
Technology, vol. 7, no. 4,pp. 358-364, 2010.
5. Dariusz Stanislawek , “Free Software copyright 1997 - 2006 ”
http://members.ozemail.com.au/~nulifetv/freezip/freeware
6. Vivek Thakur , “NeekProtect”, http://neekprotect.sourceforge.net , 2006.
7. Brijender Kahanwal, T. P. Singh, and R. K. Tuteja. ―Performance Evaluation of Java
File Security System (JFSS)‖, Pelagia Research Library—Advances in Applied Science
Research(ISSN: 0976-9610),Volume 2, Issue 6, PP- 254-260, 2011.
8. Brijender Kahanwal, T. P. Singh, and R. K. Tuteja. ―Towards the Framework of the File
Systems Performance Evaluation Techniques and the Taxonomy of Replay Traces‖,
International Journal of Advanced Research in Computer Science (IJARCS ISSN: 0976-
5697), Vol.2, Issue 6, pp224-229, 2011.
9. Afaf M. Ali Al-Neaimi, Rehab F. Hassan, New Approach for Modifying Blowfish
Algorithm Using 4-States keys, The 5th International Conference on Information
Technology, 2011.
10. Diaa Salama Abdul Elminaam, Hatem Abdul Kader and Mohie Mohamed Hadhoud,
Performance Evaluation of Symmetric Encryption Algorithms, International Journal of
Computer Science and Network Security, VOL.8 No.12, pp. 280-286, December 2008.
11. F. Maleki, A. Bijari, A. Mohades and M. E. Shiri,―Rule Discovery for Pseudorandom
Number Generator Based on Cellular Automata‖, IEEE, pp.739-744,2010.
34. 34
23. B. Kahanwal, T. P. Singh, and R. K. Tuteja, “Java File Security System (JFSS) Evaluation
Using Software Engineering Approaches”, International Journal of Advanced Research in
Computer Science & Software Engineering (2012), Vol. 2, No. 1, pp. 132-137.
24. AES page available via http://www.nist.gov/CryptoToolkit
25. R. Rivest, M. Robshaw, R. Sidney, and Y.L. Yin, The RC6 Block Cipher," NIST AES Proposal,
jun 98.