A parallel file system is a type of distributed file system that distributes file data across multiple servers and
provides for concurrent access by multiple tasks of a parallel application. In many to many communications or
multiple tasks, key establishments are a major problem in parallel file system. So we propose a variety of
authenticated key exchange protocols that are designed to address the above issue. In this paper, we also study
the password-based protocols for authenticated key exchange (AKE) to resist dictionary attacks. Password-based
protocols for authenticated key exchange (AKE) are designed to work to resist the use of passwords drawn from
a space so small that attacker might well specify, off line, all possible passwords. While many such protocols
have been suggested, the elemental theory has been lagging. We commence by interpreting a model for this
problem, to approach password guessing, forward secrecy, server compromise, and loss of session keys.
Securely Data Forwarding and Maintaining Reliability of Data in Cloud ComputingIJERA Editor
Cloud works as an online storage servers and provides long term storage services over the internet. It is like a third party in whom we can store a data so they need data confidentiality, robustness and functionality. Encryption and encoding methods are used to solve such problems. After that divide proxy re-encryption scheme and integrating it with a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure, robust data storage and retrieval but also lets the user forward his data to another user without retrieving the data. A concept of backup in same server allows users to retrieve failure data successfully in the storage server and also forward to another user without retrieving the data back. This is an attempt to provide light-weight approach which protects data access in distributed storage servers. User can implement all important concept i.e. Confidentiality for security, Robustness for healthy data, Reliability for flexible data, Availability for compulsory data will be achieved to another user which is store in cloud and easily overcome problem of “Securely data forwarding and maintaining, reliability of data in cloud computing “using different type of Methodology and Technology.
Ijaems apr-2016-7 An Enhanced Multi-layered Cryptosystem Based Secure and Aut...INFOGAIN PUBLICATION
Data de-duplication is one of the essential data compression techniques for eliminating duplicate copies of repeating data, and it has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the privacy of sensitive data while supporting de-duplication, the salt encryption technique has been proposed to encrypt the data before its outsourcing. To protect the data security in a better way, this paper makes the first attempt to formally address the problem of authorized data de-duplication. Different from traditional de-duplication systems, the derivative privileges of users are further considered in duplicate check besides the data itself. We also present various new de-duplication constructions which supports the authorized duplicate check in hybrid cloud architecture. Security analysis demonstrates that the scheme which we used is secure in terms of the definitions specified in the proposed security model. We enhance our system in security. Specially, we present a forward-looking scheme to support a stronger security by encrypting file with differential privilege keys. We show that our proposed authorized duplicate check scheme incurs minimal overhead compared to normal operations.
A novel cloud storage system with support of sensitive data applicationijmnct
Most users are willing to store their data in the c
loud storage system and use many facilities of clou
d. But
their sensitive data applications faces with potent
ial serious security threats. In this paper, securi
ty
requirements of sensitive data application in the c
loud are analyzed and improved structure for the ty
pical
cloud storage system architecture is proposed. The
hardware USB-Key is used in the proposed architectu
re
for purpose of enhancing security of user identity
and interaction security between the users and the
cloud
storage system. Moreover, drawn from the idea of da
ta active protection, a data security container is
introduced in the system to enhance the security of
the data transmission process; by encapsulating th
e
encrypted data, increasing appropriate access contr
ol and data management functions. The static data
blocks are replaced with a dynamic executable data
security container. Then, an enhanced security
architecture for software of cloud storage terminal
is proposed for more adaptation with the user's sp
ecific
requirements, and its functions and components can
be customizable. Moreover, the proposed architectur
e
have capability of detecting whether the execution
environment is according with the pre-defined
environment requirements.
Secret keys and the packets transportation for privacy data forwarding method...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Secret keys and the packets transportation for privacy data forwarding method...eSAT Journals
Abstract The Cloud computing is the process of storing the data in the Remote server. This process doesn‘t speak much about confidentiality and robustness of the data. To improve the security and confidentiality the uploaded file from a data owner is splitted into multiple packets and stored in multiple cloud servers. These packets are encrypted using the primary key. These different keys are also distributed in multiple key servers. User id is appended for verification. If the data owner forwards the file then the keys are verified for the data access. In this we are proposing sending the secret key as SMS to the shared or forwarded nodes for the process of proper Security. This technique integrates the concepts of encryption, encoding and forwarding. Keywords-cloud computing, encryption, storage system
Securely Data Forwarding and Maintaining Reliability of Data in Cloud ComputingIJERA Editor
Cloud works as an online storage servers and provides long term storage services over the internet. It is like a third party in whom we can store a data so they need data confidentiality, robustness and functionality. Encryption and encoding methods are used to solve such problems. After that divide proxy re-encryption scheme and integrating it with a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure, robust data storage and retrieval but also lets the user forward his data to another user without retrieving the data. A concept of backup in same server allows users to retrieve failure data successfully in the storage server and also forward to another user without retrieving the data back. This is an attempt to provide light-weight approach which protects data access in distributed storage servers. User can implement all important concept i.e. Confidentiality for security, Robustness for healthy data, Reliability for flexible data, Availability for compulsory data will be achieved to another user which is store in cloud and easily overcome problem of “Securely data forwarding and maintaining, reliability of data in cloud computing “using different type of Methodology and Technology.
Ijaems apr-2016-7 An Enhanced Multi-layered Cryptosystem Based Secure and Aut...INFOGAIN PUBLICATION
Data de-duplication is one of the essential data compression techniques for eliminating duplicate copies of repeating data, and it has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the privacy of sensitive data while supporting de-duplication, the salt encryption technique has been proposed to encrypt the data before its outsourcing. To protect the data security in a better way, this paper makes the first attempt to formally address the problem of authorized data de-duplication. Different from traditional de-duplication systems, the derivative privileges of users are further considered in duplicate check besides the data itself. We also present various new de-duplication constructions which supports the authorized duplicate check in hybrid cloud architecture. Security analysis demonstrates that the scheme which we used is secure in terms of the definitions specified in the proposed security model. We enhance our system in security. Specially, we present a forward-looking scheme to support a stronger security by encrypting file with differential privilege keys. We show that our proposed authorized duplicate check scheme incurs minimal overhead compared to normal operations.
A novel cloud storage system with support of sensitive data applicationijmnct
Most users are willing to store their data in the c
loud storage system and use many facilities of clou
d. But
their sensitive data applications faces with potent
ial serious security threats. In this paper, securi
ty
requirements of sensitive data application in the c
loud are analyzed and improved structure for the ty
pical
cloud storage system architecture is proposed. The
hardware USB-Key is used in the proposed architectu
re
for purpose of enhancing security of user identity
and interaction security between the users and the
cloud
storage system. Moreover, drawn from the idea of da
ta active protection, a data security container is
introduced in the system to enhance the security of
the data transmission process; by encapsulating th
e
encrypted data, increasing appropriate access contr
ol and data management functions. The static data
blocks are replaced with a dynamic executable data
security container. Then, an enhanced security
architecture for software of cloud storage terminal
is proposed for more adaptation with the user's sp
ecific
requirements, and its functions and components can
be customizable. Moreover, the proposed architectur
e
have capability of detecting whether the execution
environment is according with the pre-defined
environment requirements.
Secret keys and the packets transportation for privacy data forwarding method...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Secret keys and the packets transportation for privacy data forwarding method...eSAT Journals
Abstract The Cloud computing is the process of storing the data in the Remote server. This process doesn‘t speak much about confidentiality and robustness of the data. To improve the security and confidentiality the uploaded file from a data owner is splitted into multiple packets and stored in multiple cloud servers. These packets are encrypted using the primary key. These different keys are also distributed in multiple key servers. User id is appended for verification. If the data owner forwards the file then the keys are verified for the data access. In this we are proposing sending the secret key as SMS to the shared or forwarded nodes for the process of proper Security. This technique integrates the concepts of encryption, encoding and forwarding. Keywords-cloud computing, encryption, storage system
A Hybrid Cloud Approach for Secure Authorized Deduplication1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
SECRY - Secure file storage on cloud using hybrid cryptographyALIN BABU
Final project presentation of Final year B.tech CSE Project APJ Abdul Kalam Technological University.
About the project
Cloud computing has now become a major trend, it is a new data hosting technology that is very popular in recent years. In this project, we are developing an web application that can securely store the files to a cloud server. We proposes a system that uses hybrid cryptography technique to securely store the data in cloud. The hybrid approach when deployed in cloud environment makes the remote server more secure and thus, helps the users to fetch more trust of their data in the cloud. For data security and privacy protection issues, the fundamental challenge of separation of sensitive data and access control is fulfilled. Cryptography technique translates original data into unreadable format. This technique uses keys for translate data into unreadable form. So only authorized person can access data from cloud server.
We provide a cloud storage that uses multiple crypotraphic technique which is known by hybrid cryptography. The product provides confidentiality by using security for both upload and download. The data will be secured since we use multi level security techniques and multiple servers for storage.
Ijricit 01-006 a secluded approval on clould storage proceedingsIjripublishers Ijri
In available practically proven Data clustering practices for eradicating same copies of replicated data, Data de-replication is one of significant mechanisms, and has been extensively practiced in cloud storage to diminish the quantity of storage space and accumulate bandwidth. To guard the privacy of responsive data though sustaining de-replication, the convergent encryption technique has been anticipated to encrypt the data before redirecting. For an improvised shielding of data safety, this paper formulates the primary effort to formally speak to the problem of approved data de-replication. Diverse from conventional de-replication systems, the discrepancy privileges of users are auxiliary considered in replica verification besides the data itself. In this we introduce several novel de-replication structural methods in sustaining approved replica test in hybrid cloud architecture. Safety examination demonstrates that our system is protected in terms of the description particular in the anticipated security model. As an evidence of perception, we execute a model of our anticipated approved replica check method and perform test-bed research using our model. We demonstrate that our anticipated approved replica check method acquire minimal overhead evaluated to standard procedures.
A Hybrid Cloud Approach for Secure Authorized DeduplicationSWAMI06
Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data,
and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality
of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before
outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data
deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate
check besides the data itself.We also present several new deduplication constructions supporting authorized duplicate check in a hybrid
cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed
security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct
testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead
compared to normal operations.
Authentic Data Access Scheme for Variant Disruption- Tolerant NetworksEditor IJCATR
Mobile nodes in military environments such as a battlefield or a hostile region are likely to suffer from intermittent network
connectivity and frequent partitions. Disruption-tolerant network (DTN) technologies are becoming successful solutions that allow
wireless devices carried by soldiers to communicate with each other and access the confidential information or command reliably by
exploiting external storage nodes. However, the problem of applying CP-ABE in decentralized DTNs introduces several security and
privacy challenges with regard to the attribute revocation, key escrow, and coordination of attributes issued from different authorities.
In this paper, we propose a secure data retrieval scheme using CP-ABE for decentralized DTNs where multiple key authorities manage
their attributes independently. We demonstrate how to apply the proposed mechanism to securely and efficiently manage the
confidential data distributed in the disruption-tolerant military network. Since some users may change their associated attributes at
some point (for example, moving their region), or some private keys might be compromised, key revocation (or update) for each
attribute is necessary in order to make systems secure. This implies that revocation of any attribute or any single user in an attribute
group would affect the other users in the group. It may result in bottleneck during rekeying procedure, or security degradation due to
the windows of vulnerability if the previous attribute key is not updated immediately.
Multi-part Dynamic Key Generation For Secure Data EncryptionCSCJournals
Storage of user or application-generated user-specific private, confidential data on a third party storage provider comes with its own set of challenges. Although such data is usually encrypted while in transit, securely storing such data at rest presents unique security challenges. The first challenge is the generation of encryption keys to implement the desired threat containment. The second challenge is secure storage and management of these keys. This can be accomplished in several ways. A naive approach can be to trust the boundaries of a secure network and store the keys within these bounds in plain text. A more sophisticated method can be devised to calculate or infer the encryption key without explicitly storing it. This paper focuses on the latter approach. Additionally, the paper also describes the implementation of a system that in addition to exposing a set of REST APIs for secure CRUD operations also provides a means for sharing the data among specific users.
Secure Distributed Deduplication Systems with Improved Reliability1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Secure Redundant Data Avoidance over Multi-Cloud Architecture. IJCERT JOURNAL
Redundant data avoidance systems, the Private Cloud are involved as a proxy to allow data owner/users to securely perform duplicate check with differential privileges. Such architecture is practical and has attracted much attention from researchers. The data owners only outsource their data storage by utilizing public cloud while the data operation is managed in private cloud, in this connection our presented system has follows traditional encryption while providing data confidentiality, is incompatible with redundant data avoidance. Identical data copies of different users will lead to different ciphertexts, making data avoidance impossible. To address above issues convergent encryption technique has been proposed to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized redundant data avoidance. Different from traditional redundant data avoidance systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new redundant data avoidance constructions supporting authorized duplicate check in a multi-cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. In order to perform secure access controlling scheme user may satisfy fine-grained approach at cloud level towards access restricting from unauthorized users or adversaries.
Authenticated Key Exchange Protocols for Parallel Network File Systems1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Exchange Protocols on Network File Systems Using Parallel Sessions Authentica...IJMTST Journal
In this work we studied the key establishment for secure many-to-many communications. The main
problem is inspired by the rapid increase of large-scale distributed file systems supporting parallel access to
multiple storage devices. The system focus on the current Internet standard for such file systems, i.e.,
parallel Network File System (pNFS), which makes use of Kerberos key exchange protocols to implement
parallel session keys between clients and storage servers. Our study of the existing Kerberos protocol shows
that it has a number of limitations: (i) a metadata server providing key exchange among the clients and the
storage devices has heavy workload that limits the scalability of the protocol; (ii) the protocol cannot provide
forward secrecy; (iii) the metadata server generates all the session keys for securing communication between
clients and storage devices, and this inadvertently leads to key escrow. In this paper, we put forward three
different authenticated key exchange protocols that are designed to address the above issues. We prove that
our protocols are capable for minimizing up to almost50% of the workload of the metadata server and at the
same time supporting forward secrecy and escrow-prevention. All this requires only a small fraction of
increased computation overhead at the client.
A Hybrid Cloud Approach for Secure Authorized Deduplication1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
SECRY - Secure file storage on cloud using hybrid cryptographyALIN BABU
Final project presentation of Final year B.tech CSE Project APJ Abdul Kalam Technological University.
About the project
Cloud computing has now become a major trend, it is a new data hosting technology that is very popular in recent years. In this project, we are developing an web application that can securely store the files to a cloud server. We proposes a system that uses hybrid cryptography technique to securely store the data in cloud. The hybrid approach when deployed in cloud environment makes the remote server more secure and thus, helps the users to fetch more trust of their data in the cloud. For data security and privacy protection issues, the fundamental challenge of separation of sensitive data and access control is fulfilled. Cryptography technique translates original data into unreadable format. This technique uses keys for translate data into unreadable form. So only authorized person can access data from cloud server.
We provide a cloud storage that uses multiple crypotraphic technique which is known by hybrid cryptography. The product provides confidentiality by using security for both upload and download. The data will be secured since we use multi level security techniques and multiple servers for storage.
Ijricit 01-006 a secluded approval on clould storage proceedingsIjripublishers Ijri
In available practically proven Data clustering practices for eradicating same copies of replicated data, Data de-replication is one of significant mechanisms, and has been extensively practiced in cloud storage to diminish the quantity of storage space and accumulate bandwidth. To guard the privacy of responsive data though sustaining de-replication, the convergent encryption technique has been anticipated to encrypt the data before redirecting. For an improvised shielding of data safety, this paper formulates the primary effort to formally speak to the problem of approved data de-replication. Diverse from conventional de-replication systems, the discrepancy privileges of users are auxiliary considered in replica verification besides the data itself. In this we introduce several novel de-replication structural methods in sustaining approved replica test in hybrid cloud architecture. Safety examination demonstrates that our system is protected in terms of the description particular in the anticipated security model. As an evidence of perception, we execute a model of our anticipated approved replica check method and perform test-bed research using our model. We demonstrate that our anticipated approved replica check method acquire minimal overhead evaluated to standard procedures.
A Hybrid Cloud Approach for Secure Authorized DeduplicationSWAMI06
Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data,
and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality
of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before
outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data
deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate
check besides the data itself.We also present several new deduplication constructions supporting authorized duplicate check in a hybrid
cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed
security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct
testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead
compared to normal operations.
Authentic Data Access Scheme for Variant Disruption- Tolerant NetworksEditor IJCATR
Mobile nodes in military environments such as a battlefield or a hostile region are likely to suffer from intermittent network
connectivity and frequent partitions. Disruption-tolerant network (DTN) technologies are becoming successful solutions that allow
wireless devices carried by soldiers to communicate with each other and access the confidential information or command reliably by
exploiting external storage nodes. However, the problem of applying CP-ABE in decentralized DTNs introduces several security and
privacy challenges with regard to the attribute revocation, key escrow, and coordination of attributes issued from different authorities.
In this paper, we propose a secure data retrieval scheme using CP-ABE for decentralized DTNs where multiple key authorities manage
their attributes independently. We demonstrate how to apply the proposed mechanism to securely and efficiently manage the
confidential data distributed in the disruption-tolerant military network. Since some users may change their associated attributes at
some point (for example, moving their region), or some private keys might be compromised, key revocation (or update) for each
attribute is necessary in order to make systems secure. This implies that revocation of any attribute or any single user in an attribute
group would affect the other users in the group. It may result in bottleneck during rekeying procedure, or security degradation due to
the windows of vulnerability if the previous attribute key is not updated immediately.
Multi-part Dynamic Key Generation For Secure Data EncryptionCSCJournals
Storage of user or application-generated user-specific private, confidential data on a third party storage provider comes with its own set of challenges. Although such data is usually encrypted while in transit, securely storing such data at rest presents unique security challenges. The first challenge is the generation of encryption keys to implement the desired threat containment. The second challenge is secure storage and management of these keys. This can be accomplished in several ways. A naive approach can be to trust the boundaries of a secure network and store the keys within these bounds in plain text. A more sophisticated method can be devised to calculate or infer the encryption key without explicitly storing it. This paper focuses on the latter approach. Additionally, the paper also describes the implementation of a system that in addition to exposing a set of REST APIs for secure CRUD operations also provides a means for sharing the data among specific users.
Secure Distributed Deduplication Systems with Improved Reliability1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Secure Redundant Data Avoidance over Multi-Cloud Architecture. IJCERT JOURNAL
Redundant data avoidance systems, the Private Cloud are involved as a proxy to allow data owner/users to securely perform duplicate check with differential privileges. Such architecture is practical and has attracted much attention from researchers. The data owners only outsource their data storage by utilizing public cloud while the data operation is managed in private cloud, in this connection our presented system has follows traditional encryption while providing data confidentiality, is incompatible with redundant data avoidance. Identical data copies of different users will lead to different ciphertexts, making data avoidance impossible. To address above issues convergent encryption technique has been proposed to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized redundant data avoidance. Different from traditional redundant data avoidance systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new redundant data avoidance constructions supporting authorized duplicate check in a multi-cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. In order to perform secure access controlling scheme user may satisfy fine-grained approach at cloud level towards access restricting from unauthorized users or adversaries.
Authenticated Key Exchange Protocols for Parallel Network File Systems1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Exchange Protocols on Network File Systems Using Parallel Sessions Authentica...IJMTST Journal
In this work we studied the key establishment for secure many-to-many communications. The main
problem is inspired by the rapid increase of large-scale distributed file systems supporting parallel access to
multiple storage devices. The system focus on the current Internet standard for such file systems, i.e.,
parallel Network File System (pNFS), which makes use of Kerberos key exchange protocols to implement
parallel session keys between clients and storage servers. Our study of the existing Kerberos protocol shows
that it has a number of limitations: (i) a metadata server providing key exchange among the clients and the
storage devices has heavy workload that limits the scalability of the protocol; (ii) the protocol cannot provide
forward secrecy; (iii) the metadata server generates all the session keys for securing communication between
clients and storage devices, and this inadvertently leads to key escrow. In this paper, we put forward three
different authenticated key exchange protocols that are designed to address the above issues. We prove that
our protocols are capable for minimizing up to almost50% of the workload of the metadata server and at the
same time supporting forward secrecy and escrow-prevention. All this requires only a small fraction of
increased computation overhead at the client.
Distributed System Unit 1 Notes by Dr. Nilam Choudhary, SKIT JaipurDrNilam Choudhary
Distributed System is a collection of autonomous computer systems that are physically separated but are connected by a centralized computer network that is equipped with distributed system software. The autonomous computers will communicate among each system by sharing resources and files and performing the tasks assigned to them.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Implementation of Agent Based Dynamic Distributed ServiceCSCJournals
The concept of distributed computing implies a network / internet-work of independent nodes which are logically configured in such a manner as to be seen as one machine by an application. They have been implemented in many varying forms and configurations, for the optimal processing of data. Agents and multi-agent systems are useful in modeling complex distributed processes. They focus on support for (the development of) large-scale, secure, and heterogeneous distributed systems. They are expected to abstract both hardware and software vis-à-vis distributed systems. For optimizing the use of the tremendous increase in processing power, bandwidth, and memory that technology is placing in the hands of the designer, a Dynamically Distributed Service (to be positioned as a service to a network / internet-work) is proposed. The service will conceptually migrate an application on to different nodes. In this paper, we present the design and implementation of an inter-mobility (migration) mechanism for agents. This migration is based on FIPA ACL messages. We also evaluate the performance of this implementation.
An Efficient PDP Scheme for Distributed Cloud StorageIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
Similar to Resist Dictionary Attacks Using Password Based Protocols For Authenticated Key Exchange (20)
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Resist Dictionary Attacks Using Password Based Protocols For Authenticated Key Exchange
1. NagamaniAbirami.et. al. Int. Journal of Engineering Research and Application www.ijera.com
ISSN : 2248-9622, Vol. 6, Issue 3, ( Part -4) March 2016, pp.125-130
125
www.ijera.com 125 | P a g e
Resist Dictionary Attacks Using Password Based Protocols For
Authenticated Key Exchange
NagamaniAbirami1
,Jagapriya R2
, Kavipriya R3
, Nithya A4
1
Assistant Professor , Department of Computer Science, Manakula Vinayagar Institute of Technology,
Pondicherry university, India.
2 , 3 , 4
B.Tech. ,Department of Computer Science, Manakula Vinayagar Institute of Technology, Pondicherry
university, India.
ABSTRACT
A parallel file system is a type of distributed file system that distributes file data across multiple servers and
provides for concurrent access by multiple tasks of a parallel application. In many to many communications or
multiple tasks, key establishments are a major problem in parallel file system. So we propose a variety of
authenticated key exchange protocols that are designed to address the above issue. In this paper, we also study
the password-based protocols for authenticated key exchange (AKE) to resist dictionary attacks. Password-based
protocols for authenticated key exchange (AKE) are designed to work to resist the use of passwords drawn from
a space so small that attacker might well specify, off line, all possible passwords. While many such protocols
have been suggested, the elemental theory has been lagging. We commence by interpreting a model for this
problem, to approach password guessing, forward secrecy, server compromise, and loss of session keys.
I. INTRODUCTION
Both parallel and distributed systems can
be defined as a collection of processing elements
that communicate and cooperate to achieve a
common goal. Processor technology using
parallelism at all levels: within each CPU by
executing multiple instructions from different
threads of control simultaneously (simultaneous
multithreading); by introducing multiple cores in a
single chip (chip multiprocessors); by using multiple
chips to form multiprocessors; or via multiple
networked nodes to form a cluster; making parallel
systems increasingly ubiquitous.
Simultaneously, advances in networking
technology have created an explosion of distributed
applications, making distributed computing an
inherent fabric in our day-to-day lives. This course
will focus on the principles of parallel and
distributed systems and the implementation and
performance issues associated with them. We will
examine programming models/interfaces to
parallel and distributed computing, interprocess
communication, synchronization and consistency
models, fault tolerance and reliability, distributed
process management, parallel machine
architectures, parallel program optimization, and
the interaction of the compiler, run-time, and
machine architecture.
Difference between distributed system and
parallel system are given below:
Distributed Operating systems are also referred
to as Loosely Coupled systems whereas
parallel processing systems are referred to as
loosely coupled systems.
A Loosely coupled system is one in which the
processors do not share memory and each
processor has its own local memory whereas in
a tightly coupled system there is a single
system wide primary memory shared by all the
processors.
The processors of distributed operating
systems can be placed far away from each
other to cover a wider geographic area which
is not the case with parallel processing
systems.
The no. of processors that can be usefully
deployed is very small in a parallel processing
operating system whereas for a distributed
operating system a larger no. of processors can
be usefully deployed.
1.1 Distributed Computing
A distributed system is a network of
autonomous computers that communicate with
each other in order to achieve a goal. The
computers in a distributed system are independent
and do not physically share memory or processors.
They communicate with each other
using messages, pieces of information transferred
from one computer to another over a network.
Messages can communicate many things:
computers can tell other computers to execute a
procedures with particular arguments, they can
send and receive packets of data, or send signals
that tell other computers to behave a certain way.
RESEARCH ARTICLE OPEN ACCESS
2. NagamaniAbirami.et. al. Int. Journal of Engineering Research and Application www.ijera.com
ISSN : 2248-9622, Vol. 6, Issue 3, ( Part -4) March 2016, pp.125-130
126
www.ijera.com 126 | P a g e
Computers in a distributed system can have
different roles. A computer's role depends on the
goal of the system and the computer's own
hardware and software properties. There are two
predominant ways of organizing computers in a
distributed system. The first is the client-server
architecture, and the second is the peer-to-peer
architecture.
1.2 Parallel Computing
Computers get faster and faster every
year. In 1965, Intel co-founder Gordon Moore
made a prediction about how much faster
computers would get with time. Based on only five
data points, he extrapolated that the number of
transistors that could inexpensively be fit onto a
chip would double every two years. Almost 50
years later, his prediction, now called Moore's law,
remains startlingly accurate.
Despite this explosion in speed, computers
aren't able to keep up with the scale of data
becoming available. By some estimates, advances
in gene sequencing technology will make gene-
sequence data available more quickly than
processors are getting faster. In other words, for
genetic data, computers are become less and less
able to cope with the scale of processing problems
each year, even though the computers themselves
are getting faster.
To circumvent physical and mechanical
constraints on individual processor speed,
manufacturers are turning to another solution:
multiple processors. If two, or three, or more
processors are available, then many programs can
be executed more quickly. While one processor is
doing one aspect of some computation, others can
work on another. All of them can share the same
data, but the work will proceed in parallel.
In order to be able to work together, multiple
processors need to be able to share information
with each other. This is accomplished using a
shared-memory environment. The variables,
objects, and data structures in that environment are
accessible to all the processes. The role of a
processor in computation is to carry out the
evaluation and execution rules of a programming
language. In a shared memory model, different
processes may execute different statements, but any
statement can affect the shared environment.
II. RELATED WORK
Some of the earliest work in securing
large-scale distributed file systems, for example
[1], [2], have already employed Kerberos for
performing authentication and enforcing access
control. Kerberos, being based on mostly
symmetric key techniques in its early deployment,
was generally believed to be more suitable for
rather closed, well-connected distributed
environments.
On the other hand, data grids and file
systems such as, OceanStore [3], LegionFS and
FARSITE [7], make use of public key
cryptographic techniques and public key
infrastructure (PKI) to perform cross-domain user
authentication. Independently, SFS, also based on
public key cryptographic techniques, was designed
to enable inter-operability of different key
management schemes. Each user of these systems
is assumed to possess a certified public/private key
pair. However, these systems were not designed
specifically with scalability and parallel access in
mind.
With the increasing deployment of highly
distributed and network-attached storage systems,
subsequent work, such as [8], focussed on scalable
security. Nevertheless, these proposals assumed
that a metadata server shares a group secret key
with each distributed storage device. The group key
is used to produce capabilities in the form of
message authentication codes. However,
compromise of the metadata server or any storage
device allows the adversary to impersonate the
server to any other entities in the file system. This
issue can be alleviated by requiring that each
storage device shares a different secret key with the
metadata server. Nevertheless, such an approach
restricts a capability to authorising I/O on only a
single device, rather than larger groups of blocks or
objects which may reside on multiple storage
devices.
More recent proposals, which adopted a
hybrid symmetric key and asymmetric key method,
allow a capability to span any number of storage
devices, while maintaining a reasonable efficiency-
security. For example, Maat encompasses a set of
protocols that facilitate (i) authenticated key
establishment between clients and storage devices,
(ii) capability issuance and renewal, and (iii)
delegation between two clients. The authenticated
key establishment protocol allows a client to
establish and re-use a shared (session) key with a
storage device. However, Maat and other recent
proposals do not come with rigorous security
analysis.
As with NFS, authentication in Hadoop
Distributed File System (HDFS) is also based on
Kerberos via GSS-API. Each HDFS client obtains
a TGT that lasts for 10 hours and renewable for 7
days by default; and access control is based on the
Unix-style ACLs. However, HDFS makes use of
the Simple Authentication and Security Layer
(SASL), a framework for providing a structured
interface between connection-oriented protocols
3. NagamaniAbirami.et. al. Int. Journal of Engineering Research and Application www.ijera.com
ISSN : 2248-9622, Vol. 6, Issue 3, ( Part -4) March 2016, pp.125-130
127
www.ijera.com 127 | P a g e
and replaceable mechanisms. In order to improve
the performance of the KDC, the developers of
HDFS chose to use a number of tokens for
communication secured with an RPC digest
scheme. The Hadoop security design makes use of
Delegation Tokens, Job Tokens, and Block Access
Tokens. Each of these tokens is similar in structure
and based on HMAC-SHA1. Delegation Tokens
are used for clients to communicate with the Name
Node in order to gain access to HDFS data; while
Block Access Tokens are used to secure
communication between the Name Node and Data
Nodes and to enforce HDFS file system
permissions. On the other hand, the Job Token is
used to secure communication between the
MapReduce engine Task Tracker and individual
tasks. Note that the RPC digest scheme uses
symmetric encryption and depending upon the
token type, the shared key may be distributed to
hundreds or even thousands of hosts.
III. SYSTEM ANALYSIS
3.1. Existing System
In this work, we investigate the problem
of secure many to-many communications in large-
scale network file systems that support parallel
access to multiple storage devices. That is, we
consider a communication model where there are a
large number of clients accessing multiple remote
and distributed storage devices in parallel.
Particularly, we focus on how to exchange key
materials and establish parallel secure sessions
between the clients and the storage devices in the
parallel Network File System. Our review of the
existing protocol shows that it has a number of
limitations. A metadata server facilitating key
exchange between the clients and the storage
devices has heavy workload that restricts the
scalability of the protocol. The protocol does not
provide forward secrecy. The metadata server
generates itself all the session keys that are used
between the clients and storage devices, and this
inherently leads to key escrow.
3.2 Problem Definition
Heavy Workload
Scalability is restricted
Does not provide forward secrecy
Key escrow
Security is low
3.3 Proposed System
In this paper, we propose a variety of
authenticated key exchange protocols that are
designed to address existing issues. We also study
the password-based protocols for authenticated key
exchange (AKE) to resist dictionary attacks.
Password-based protocols for authenticated key
exchange (AKE) are designed to work to resist the
use of passwords drawn from a space so small that
an attacker might well enumerate, off line, all
possible passwords. While several such protocols
have been suggested, the underlying theory has
been lagging. We begin by defining a model for
this problem, one rich enough to deal with
password guessing, forward secrecy, server
compromise, and loss of session keys.
3.4 Advantage in proposed system
Scalability achieved
Collusion avoided
Guarantee the security of past session keys
Reduced workload
High Security
Resist dictionary attacks
IV. SYSTEM DESIGN
Systems design is the process
of defining the architecture, components, modules,
interfaces, and data for a system to satisfy specified
requirements. Systems design could be seen as the
application of systems theory to product
development.
4.2 System Architecture
System architecture is the conceptual
model that defines the structure, behaviour, and
more views of a system. And then the architecture
description is a formal description and
representation of a system, organized in a way that
supports reasoning about the structures and
behaviours of the system.
Fig 4.2 System architecture
4. NagamaniAbirami.et. al. Int. Journal of Engineering Research and Application www.ijera.com
ISSN : 2248-9622, Vol. 6, Issue 3, ( Part -4) March 2016, pp.125-130
128
www.ijera.com 128 | P a g e
V. ALGORITHM
5.1 Encrypted Key- Exchange(EKE) protocol
Encrypted Key Exchange (also known
as EKE) is a family of password-authenticated key
agreement methods described by Steven M.
Bellovin and Michael Merritt. Although several of
the forms of EKE were later found to be flawed,
the surviving, refined, and enhanced forms of EKE
effectively make this the first method to amplify a
shared password into a shared key, where
the shared key may subsequently be used to
provide a zero-knowledge password proof or other
functions. In the most general form of EKE, at least
one party encrypts an ephemeral (one-time) public
key using a password, and sends it to a second
party, who decrypts it and uses it to negotiate a
shared key with the first party.
Augmented methods have the added goal
of ensuring that password verification data stolen
from a server cannot be used by an attacker to
masquerade as the client, unless the attacker first
determines the password.
5.2 Executing the protocol: Formally, a protocol
is just a probabilistic algorithm taking strings to
strings. This algorithm determines how instances of
the principals behave in response to signals
(messages) from their environment.
Our communications model places the
adversary at the centre of the universe. The
adversary A can make queries to any instance: she
has an endless supply of Πi
U oracles (U ϵ ID and i ϵ
N). There are all together six types of queries that
A can make. The responses to these queries are
specified in Figure 5.2. We now explain the
capability that each kind of query captures.
(1) Send (U, i, M) | This sends message M to
oracle Πi
U. The oracle computes what the
protocol says to, and sends back the response.
Should the oracle accept, this fact, as well as
the SID and PID, will be made visible to the
adversary. Should the oracle terminate, this too
will be made visible to the adversary. To
initiate the protocol with client A trying to
enter into an exchange with server B the
adversary should send message M = B to an
unused instance of A. A Send-query models
the real-world possibility of an adversary A
causing an instance to come into existence, for
that instance to receive communications
fabricated by A, and for that instance to
respond in the manner prescribed by the
protocol.
Algorithm
Initialization()
{ h ←R Ω h pwA, pwBi A∈Client,B∈Server ←R
PWh ()
for i ∈ N and U ∈ ID do
statei U ← ready acci U ← termi U ← usedi U ←
false
sidi U ← pidi U ← ski U ← false }
Send(U, i, M)
{ usedi U ← true if termi U = true then return
invalid
hmsg-out, acc, termi U , sid, pid, sk, statei U i ←
P h (hU, pwU , statei U , Mi)
if (acc = true and ¬acci U = true) then
sidi U ← sid; pidi U ← pid; ski U ← sk; acci U ←
true
return hmsg-out, sid, pid, acc, termi U i }
Reveal(U, i)
{ return ski U }
Execute(A, i, B, j)
{ if A ∈/ Client or B ∈/ Server or usedi A = true or
usedj B = true
then return invalid
msg-in ← B
for t ← 1 to ∞ do
hmsg-out, sid, pid, acc, termAi ←R Send(A, i,
msg-in)
αt ← hmsg-out, sid, pid, acc, termAi
if termA and termB then return hα1, β1, α2, β2, ...,
αti
hmsg-out, sid, pid, acc, termBi ←R Send(B, j,
msg-in)
βt ← hmsg-out, sid, pid, acc, termBi
if termA and termB then return hα1, β1, α2, β2, ...,
αt, βti }
Oracle(M)
{ return h(M) }
(2) Reveal (U, i) - If oracle Πi
U has accepted,
holding some session key sk, then this query
returns sk to the adversary. This query models the
idea (going back to Denning and Sacco) that loss of
a session key shouldn't be damaging to other
sessions. A session key might be lost for a variety
of reasons, including hacking, cryptanalysis, and
the prescribed-release of that session key when the
session is torn down.
(3) Corrupt (U, pw) - The adversary obtains pwU
and the states of all instances of U. This query
models the possibility of subverting a principal by,
for example, witnessing a user type in his
password, installing a “Trojan horse" on his
machine, or hacking into a machine. Obviously this
is a very damaging type of query. Allowing it lets
us deal with forward secrecy and the extent of
damage which can be done by breaking into a
server. A Corrupt query directed against a client U
may also be used to replace the value of pwB[U]
5. NagamaniAbirami.et. al. Int. Journal of Engineering Research and Application www.ijera.com
ISSN : 2248-9622, Vol. 6, Issue 3, ( Part -4) March 2016, pp.125-130
129
www.ijera.com 129 | P a g e
used by server B. This is the role of the second
argument to Corrupt. Including this capability
allows a dishonest client A to try to defeat protocol
aims by installing a strange string as a server B's
transformed password pwB [A].
(4) Execute (A, i, B, j) - Assuming that client
oracle Πi
A and server oracle Πj
B have not been used;
this call carries out an honest execution of the
protocol between these oracles, returning a
transcript of that execution. This query may at first
seem useless since, using Send queries; the
adversary already has the ability to carry out an
honest execution between two oracles. Yet the
query is essential for properly dealing with
dictionary attacks. In modeling such attacks the
adversary should be granted access to plenty of
honest executions, since collecting these involves
just passive eavesdropping. The adversary is
comparatively constrained in its ability to actively
manipulate °ows to the principals, since bogus
flows can be auditied and punative measures taken
should there be too many.
(5) Test (U, i) - If Πi
U has accepted, holding a
session key sk, then the following happens. A coin
b is flipped. If it lands b = 0, then sk is returned to
the adversary. If it lands b = 1, then a random
session key, drawn from the distribution from
which session keys are supposed to be drawn, is
returned. This type of query is only used to
measure adversarial success it does not correspond
to any actual adversarial ability. You should think
of the adversary asking this query just once.
(6) Oracle (M) - Finally, we give the adversary
oracle access to a function h, which is selected at
random from some probability space Ώ. As already
remarked, not only the adversary, but the protocol
and the LL-key generator may depend on h. The
choice of - determines if we are Woking in the
standard model, ideal-hash model, or ideal-cipher
model.
VI. PERFORMANCE EVALUATION
6.1 Communication overhead
Assuming fresh session keys are used to
secure communications between the client and
multiple storage devices, clearly all our protocols
have reduced bandwidth requirements. This is
because during each access request, the client does
not need to fetch the required authentication token
set from M. Hence, the reduction in bandwidth
consumption is approximately the size of n
authentication tokens. The total delay can be
calculated as
Where n is the number of messages sent; l is the
latency in seconds; s is the total size of all
messages; and b is the bandwidth in bytes per
second.
6.2 Key Storage
We note that the key storage requirements
for Kerberos pNFS and all our described protocols
are roughly similar from the client’s perspective.
For each access request, the client needs to store N
or N + 1 key materials (either in the form of
symmetric keys or Diffie-Hellman components) in
their internal states. However, the key storage
requirements for each storage device is higher in
pNFS-AKE-III since the storage device has to store
some key material for each client in their internal
state. This is in contrast to Kerberos-pNFS, pNFS-
AKE-I and pNFS-AKE-II that are not required to
maintain any client key information.
6.3 Security
First, whenever it happens we have a way
to embed" instances of the DH problem into the
protocol so that adversarial success leads to our
obtaining a solution to the DH problem. Second,
absence of the bad event leads to an inability of the
adversary to obtain information about the password
at a better rate than eliminating one password per
reveal or test query to a manipulated oracle.
Bounding the probability of the bad event involves
a simulation" argument as we attempt to plant"
DH problem instances in the protocol. Bounding
adversarial success under the assumption the bad
event does not happen is an information-theoretic
argument. Indeed, the difficulty of the proof is in
choosing the bad event so that one can split the
analysis into an information-theoretic component
and a computational component in this way.
VII. CONCLUSION
We proposed password-based protocols
for authenticated key exchange (AKE) to resist
dictionary attacks for parallel network file system
(pNFS). Password-based protocols for
authenticated key exchange (AKE) are designed to
work despite the use of passwords drawn from a
space so small that an adversary might well
enumerate, off line, all possible passwords. While
several such protocols have been suggested, the
underlying theory has been lagging. We begin by
defining a model for this problem, to approach
password guessing, forward secrecy, server
compromise, and loss of session keys.
6. NagamaniAbirami.et. al. Int. Journal of Engineering Research and Application www.ijera.com
ISSN : 2248-9622, Vol. 6, Issue 3, ( Part -4) March 2016, pp.125-130
130
www.ijera.com 130 | P a g e
REFERENCE
[1]. J.H. Howard, M.L. Kazar, S.G. Menees,
D.A. Nichols, M. Satyanarayanan, R.N.
Sidebotham, and M.J. West. Scale and
performance in a distributed file system.
ACM Transactions on Computer Systems
(TOCS), 6(1):51–81. ACM Press, Feb
1988.
[2]. G.A. Gibson, D.F. Nagle, K. Amiri, J.
Butler, F.W. Chang, H. Gobioff, C.
Hardin, E. Riedel, D. Rochberg, and J.
Zelenka. A costeffective, high-bandwidth
storage architecture. ACM SIGPLAN
Notices, 33(11):92–103. ACM Press, Nov
1998.
[3]. J. Kubiatowicz, D. Bindel, Y. Chen, S.E.
Czerwinski, P.R. Eaton, D. Geels, R.
Gummadi, S.C. Rhea, H. Weatherspoon,
W. Weimer, C. Wells, and B.Y. Zhao.
OceanStore: An architecture for global-
scale persistent storage. In Proceedings of
the 9th International Conference on
Architectural Support for Programming
Languages and Operating Systems
(ASPLOS), pages 190–201. ACM Press,
Nov 2000.
[4]. Hadoop Wiki.
http://wiki.apache.org/hadoop/PoweredBy
[5]. F. Hupfeld, T. Cortes, B. Kolbeck, J.
Stender, E. Focht, M. Hess, J. Malo, J.
Marti, and E. Cesario. The XtreemFS
architecture – a case for objectbased file
systems in grids. Concurrency and
Computation: Practice and Experience
(CCPE), 20(17):2049–2060. Wiley, Dec
2008.
[6]. Hadoop distributed file system.
http://hadoop.apache.org/hdfs/.
[7]. A. Adya, W.J. Bolosky, M. Castro, G.
Cermak, R. Chaiken, J.R. Douceur, J.
Howell, J.R. Lorch, M. Theimer, and R.
Wattenhofer. FARSITE: Federated,
available, and reliable storage for an
incompletely trusted environment. In
Proceedings of the 5th Symposium on
Operating System Design and
Implementation (OSDI). USENIX
Association, Dec 2002.
[8]. M.K. Aguilera, M. Ji, M. Lillibridge, J.
MacCormick, E. Oertli, D.G. Andersen,
M. Burrows, T. Mann, and C.A. Thekkath.
Blocklevel security for network-attached
disks. In Proceedings of the 2nd
International Conference on File and
Storage Technologies (FAST). USENIX
Association, Mar 2003.
[9]. M. Armbrust, A. Fox, R. Griffith, A.D.
Joseph, R.H. Katz, A. Konwinski, G. Lee,
D.A. Patterson, A. Rabkin, I. Stoica, and
M. Zaharia. A view of cloud computing.
Communications of the ACM, 53(4):50–
58. ACM Press, Apr 2010.
[10]. Amazon simple storage service (Amazon
S3). http://aws.amazon.com/ s3/.
[11]. M. Bellare, D. Pointcheval, and P.
Rogaway. Authenticated key exchange
secure against dictionary attacks. In
Advances in Cryptology – Proceedings of
EUROCRYPT, pages 139–155. Springer
LNCS 1807, May 2000.
[12]. D. Boneh, C. Gentry, and B. Waters.
Collusion resistant broadcast encryption
with short ciphertexts and private keys. In
Advances in Cryptology – Proceedings of
CRYPTO, pages 258–275. Springer
LNCS 3621, Aug 2005.