DECENTRALIZED ACCESS
CONTROL WITH ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS
ABSTRACT:
We propose a new decentralized
access control scheme for secure data storage in clouds that supports anonymous
authentication. In the proposed scheme, the cloud verifies the authenticity of
the series without knowing the user’s identity before storing data. Our scheme
also has the added feature of access control in which only valid users are able
to decrypt the stored information. The scheme prevents replay attacks and
supports creation, modification, and reading data stored in the cloud. We also
address user revocation. Moreover, our authentication and access control scheme
is decentralized and robust, unlike other access control schemes designed for
clouds which are centralized. The communication, computation, and storage
overheads are comparable to centralized approaches.
EXISTING SYSTEM:
Much of the data stored in
clouds is highly sensitive, for example, medical records and social networks.
Security and privacy are, thus, very important issues in cloud computing. In
one hand, the user should authenticate itself before initiating any
transaction, and on the other hand, it must be ensured that the cloud does not
tamper with the data that is outsourced. User privacy is also required so that
the cloud or other users do not know the identity of the user. The cloud can
hold the user accountable for the data it outsources, and likewise, the cloud
is itself accountable for the services it provides. The validity of the user
who stores the data is also verified. Apart from the technical solutions to
ensure security and privacy, there is also a need for law enforcement. Efficient search on encrypted data is also an important concern in
clouds. The clouds should not know the query but should be able to return the
records that satisfy the query.
DISADVANTAGES OF
EXISTING SYSTEM:
·
It is unsecure.
· No privacy.
· Anyone can able to access and modify the data.
· Problem here is that the data records should have
keywords associated with them to enable the search.
PROPOSED SYSTEM:
Although we proposed a decentralized approach, their
technique does not authenticate users, who want to remain anonymous while
accessing the cloud. In an earlier work, proposed a distributed access control
mechanism in clouds. However, the scheme did not provide user authentication.
The other drawback was that a user can create and store a file and other users
can only read the file. Write access was not permitted to users other than the
creator. In the preliminary version of this paper, we extend our previous work
with added features that enables to authenticate the validity of the message
without revealing the identity of the user who has stored information in the
cloud. In this version we also address user revocation, that was not addressed.
We use ABS scheme to achieve authenticity and privacy. Unlike our scheme is
resistant to replay attacks, in which a user can replace fresh data with stale
data from a previous write, even if it no longer has valid claim policy. This
is an important property because a user, revoked of its attributes, might no
longer be able to write to the cloud. We, therefore, add this extra feature in
our scheme and modify appropriately. Our scheme also allows writing multiple times
which was not permitted in our earlier work.
ADVANTAGES OF PROPOSED
SYSTEM:
·
It provides authentication of users who
store and modify their data on the cloud.
·
It revoked users cannot access data
after they have been revoked.
· Costs
are comparable to the existing centralized approaches.
SYSTEM
ARCHITECTURE:
SYSTEM CONFIGURATION:-
HARDWARE REQUIREMENTS:-
ü Processor - Pentium –IV
ü Speed - 1.1 Ghz
ü RAM - 512 MB(min)
ü Hard
Disk - 40 GB
ü Key
Board - Standard Windows Keyboard
ü Mouse - Two or Three Button Mouse
ü Monitor - LCD/LED
SOFTWARE
REQUIREMENTS:
Operating
system : Windows XP.
Coding
Language : .Net
Data
Base : SQL Server 2005
Tool : VISUAL STUDIO 2008.
REFERENCE:
Sushmita Ruj, Milos Stojmenovic and Amiya Nayak, “Decentralized Access Control with Anonymous Authentication
of Data Stored in Clouds” IEEE
TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 2, FEBRUARY 2014.
No comments:
Post a Comment