Recommended
Recommended
More Related Content
What's hot
What's hot (19)
Viewers also liked
Viewers also liked (17)
Similar to Paper1
Similar to Paper1 (20)
Paper1
- 1. International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 2, Special Issue (NCRTIT 2015), January 2015. ISSN 2348 - 4853 610 | © 2015, IJAFRC and NCRTIT – 2015 All Rights Reserved www.ijafrc.org A Survey on Attribute Based Data Hiding and Access Policies in Cloud Rajesh Muley, Ajinkya Andhale, Adit Jain, Vikas Khairnar muleyrajesh007@gmail.com,ajinkyaandhale@gmail.com,aditiitjee04@gmail.com, vkskhrnr@gmail.com Department Computer Engineering MIT Acadamy Of Engineering, Pune,India A B S T R A C T Cloud computing is the distributed computing technology on the internet which delivers the computing service over the internet. A user can have varying amount of services as per requirements; and the service is fully managed by the provider. Cloud computing attracts the business because service providing companies give wide range of service at very cheaper cost. Small-mid scale business groups migrating towards cloud computing. Through the service provider’s point of view securing the clients sensitive data is very much important. So we present the basics about the cloud architecture and discussing the different ways to ensure the data security. Index Terms: Cloud Computing, KDC, Data Hiding. I. INTRODUCTION Cloud computing is the new age of technology completely changing the face of growing industry. As client is storing sensitive and important data on cloud, so to avoid the invalid access to the data and providing protection to this data is primary concern .Data dispatched over the Internet which is accumulated in storage units at remote site, to guard this information in better ways the data is dispersed on various servers. For privacy protection of each client, access control mechanism is used through which only valid users are allowed to access the data. While understanding the cloud computing the terms like SaaS, PaaS, IaaS must be considered. According to the need of organization they are allowed to choose any architecture. A. Saas Software as a Service is a very common type of cloud service usage. Service Provider Company manages software’s operations and its performance. A user interface is provided through which user can access the application, usually web browser is used to provide the access. B. Paas Platform as a Service, Vendor Company provides platform like operating system, development frameworks and control structure. And user can deploy its own application according to its need. Client is having control over the installing and managing the software. The vendor manages enabling the software, manage background activities like cloud infrastructure and operating system. C. Iaas
- 2. International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 2, Special Issue (NCRTIT 2015), January 2015. ISSN 2348 - 4853 611 | © 2015, IJAFRC and NCRTIT – 2015 All Rights Reserved www.ijafrc.org Infrastructure as a Service Vendor allocates whole infrastructure like network connections, ip addresses and load balancers, client is free to deploy any operating system and deploying software. According to need user can fluctuate the infrastructure usage. The Cloud computing breaks down into 3 different models: public, private and hybrid. A public cloud sells services to anyone on the Internet. Till date Amazon is the massive public cloud provider. Some of the organizations have its own data center that supplies hosted services to a restricted number of people are identified as private cloud. By using public cloud resources Clients can have their own cloud; this is known as virtual private cloud. Private or public, the benefits of cloud computing is to contribute simple, cheaper, scalable use of cloud computing assets and IT services. A hybrid cloud is a cloud computing domain in which some of the resources are managed by service provider and other resources are managed by clients. For example, a business group might use a public cloud service, such as IBM for archived data but continue to maintain very own storage for operational customer data. II. VIRTUALIZATION When client use cloud computing, client is accessing pooled resources using a technique called as a Virtualization. Virtualization assigns a logical name for a physical resource and then provides a pointer to that physical resource when a request is made. Resources are managed efficiently with the help of virtualization as the mapping of virtual resources to physical resources can be both dynamic and effortless. Virtualization is dynamic in that the mapping can be assigned based on rapidly changing conditions, and it is easy to be done because changes to a mapping assignment can be nearly instantaneous. Virtualization splits on the basis of characteristic of cloud computing: • Access: A client can request access to a cloud service from any location. • Application: A cloud has multiple application instances and directs requests to an instance based on conditions. • CPU: Computers can be segregated into a set of virtual machines with each machine being assigned a workload. Alternatively, systems can be virtualized through load-balancing technologies. • Storage: Data which are stored in storage units are often imitated for redundancy. Different Term Related To Model: A. AES The plaintext input and cipher text output for the AES (Advanced Encryption Standard) algorithms are blocks of 128 bits. The cipher key input is an ordering of 128 bits, 192 bits or 256 bits. In other words the length of the cipher key, Nk, is either 4, 6 or 8 words which represent the number of columns in the cipher key. Cipher key length is used to categorize AES algorithm into different versions. On the basis of cipher key size the number of rounds of encryption for each AES version depends. B. TPS
- 3. International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 2, Special Issue (NCRTIT 2015), January 2015. ISSN 2348 - 4853 612 | © 2015, IJAFRC and NCRTIT – 2015 All Rights Reserved www.ijafrc.org TPS is nothing but a Transaction Processing System which gives an assurance scalable operation between client servers as well as distributed architecture. C. Upload The Files In proposed approach, there are three main steps to save a file. Firstly, make a hash value at the client; secondly, convert it into different blogs on cloud servers; thirdly, save the file. Given architecture shows the procedures for storing a file. Firstly, users select the files or folders which are going to be uploaded and saved by using our application. The application use the AES (Advanced Encryption Standard) and RSA to calculate the secrete key value. Central server will disperse the given file into number of blocks depending on the numbers of cloud servers, then encrypt all the data using RSA algorithm and store on different cloud servers using TPS algorithm. D. Policy Revocation For File Assured Deletion The policy-based file secured deletion, the major design building block of POLICY BASE architecture. Here associate file with a single atomic file access policy or policy for short, or more generally, a Boolean combination of atomic policies. Each atomic policy is associated with a control key and all the control keys are maintained by the key Administrator. Similar to time-based deletion, the file content is encrypted with an information key and the information key is further encrypted with the control keys corresponding to the policy combination. When a policy is revoked, the corresponding control key will be removed from the key Administrator. Thus, when the policy combination associated with a file is revoked and no longer holds the data key. Hence the encrypted content of the file cannot be recovered with the control keys of the policies III. CONCLUSION In this paper, we addressed the security and storage issues simultaneously based on the type of architecture, access control methods and the authentication techniques. By implementing multiple KDC structure the key distribution is done in a distributed way. The users are anonymously authenticated and their attributes are hidden from the cloud. The access policies associated with individual files are hidden from other users by implementing a Query based approach. Further, storage related security issues are enhanced by implementing a Homomorphic encryption technique to encrypting the outsourced data. Also, the cloud servers are prone to various types of attacks that can cause data loss or leakage. This issue is addressed by implementing a string matching algorithm that detects deviations and automatically retrieves the lost data using backed-up data. IV. ACKNOWLDEGMENT We would like to thank Mr. Mayur Patil, Department of Computer Engineering, MIT Academy of Engineering, and Alandi (D) for their valuable comments and guidance. V. REFERENCES [1] Sushmita Ruj, Milos Stojmenovic, Amiya Nayak, "Decentralized Access Control with Anonymous Authentication for Securing Data in Clouds,"IEEE Transactions on Parallel and Distributed Systems, pp. 1045-9219, 2013.
- 4. International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 2, Special Issue (NCRTIT 2015), January 2015. ISSN 2348 - 4853 613 | © 2015, IJAFRC and NCRTIT – 2015 All Rights Reserved www.ijafrc.org [2] S. Ruj, M. Stojmenovic and A. Nayak, ―Privacy Preserving Access Control with Authentication for Securing Data in Clouds‖, IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, pp. 556–563, 2012. [3] C. Wang, Q. Wang, K. Ren, N. Cao and W. Lou, ―Toward Secure and Dependable Storage Services in Cloud Computing‖, IEEE T. Services Computing, vol. 5, no. 2, pp. 220–232, 2012. [4] J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, ―Fuzzy keyword search over encrypted data in cloud computing,‖ in IEEE INFOCOM. , pp. 441–445, 2010. [5] Keerthi B,V Rajesh kannan ,“ Implementation of Attribute Hiding Strategy and Key Revocation in Cloud Environment “IJISET - International Journal of Innovative Science, Engineering & Technology, Vol. 1 Issue 2, April 2014,ISSN 2348 - 7968.