Decentralized Access Control With Anonymous Authentication Of Data Stored In Clouds

DISTRIBUTED, CONCURRENT, AND INDEPENDENT ACCESS TO ENCRYPTED CLOUD DATABASES

ABSTRACT:

Power efficiency is one of the main issues that will drive the design of data centers, especially of those devoted to provide Cloud computing services. In virtualized data centers, consolidation of Virtual Machines (VMs) on the minimum number of physical servers has been recognized as a very efficient approach, as this allows unloaded servers to be switched off or used to accommodate more load, which is clearly a cheaper alternative to buy more resources. The consolidation problem must be solved on multiple dimensions, since in modern data centers CPU is not the only critical resource: depending on the characteristics of the workload other resources, for example, RAM and bandwidth, can become the bottleneck. The problem is so complex that centralized and deterministic solutions are practically useless in large data centers with hundreds or thousands of servers. This paper presents ecoCloud, a selforganizing and adaptive approach for the consolidation of VMs on two resources, namely CPU and RAM. Decisions on the assignment and migration of VMs are driven by probabilistic processes and are based exclusively on local information, which makes the approach very simple to implement. Both a fluid-like mathematical model and experiments on a real data center show that the approach rapidly consolidates the workload, and CPU-bound and RAM-bound VMs are balanced, so that both resources are exploited efficiently.

EXISTING SYSTEM:

In the past few years important results have been achieved in terms of energy consumption reduction, especially by improving the efficiency of cooling and power supplying facilities in data centers. The Power Usage Effectiveness (PUE) index, defined as the ratio of the overall power entering the data center and the power devoted to computing facilities, had typical values between 2 and 3 only a few years ago, while now big Cloud companies have reached values lower than 1.1. However, much space remains for the optimization of the computing facilities themselves. It has been estimated that most of the time servers operate at 10-50 percent of their full capacity [2], [3]. This low utilization is also caused by the intrinsic variability of VMs’ workload: the data center is planned to sustain the peaks of load, while for long periods of time (for example, during nights and weekends), the load is much lower [4], [5]. Since an active but idle server consumes between 50 and 70 percent of the power consumed when it is fully utilized [6], a large amount of energy is used even at low utilization.

DISADVANTAGES OF EXISTING SYSTEM:

·       It is power consuming.

·       Large amount of energy is used even at low utilization.

PROBLEM STATEMENT:

The ever increasing demand for computing resources has led companies and resource providers to build large warehouse-sized data centers, which require a significant amount of power to be operated and hence consume a lot of energy.

SCOPE:

The optimal assignment of VM’s to reduce the power consumption.

PROPOSED SYSTEM:

We presented ecoCloud, an approach for consolidating VMs on a single computing resource, i.e., the CPU. Here, the approach is extended to the multidimension problem, and is presented for the specific case in which VMs are consolidated with respect to two resources: CPU and RAM. With ecoCloud, VMs are consolidated using two types of probabilistic procedures, for the assignment and the migration of VMs. Both procedures aim at increasing the utilization of servers and consolidating the workload dynamically, with the twofold objective of saving electrical costs and respecting the Service Level Agreements stipulated with users. All this is done by demanding the key decisions to single servers, while the data center manager is only requested to properly combine such local decisions. The approach is partly inspired by the ant algorithms used first by Deneubourg et al. [9], and subsequently by a wide research community, to model the behavior of ant colonies and solve many complex distributed problems. The characteristics inherited by such algorithms make ecoCloud novel and different from other solutions. Among such characteristics: 1) the use of the swarm intelligence paradigm, which allows a complex problem to be solved by combining simple operations performed by many autonomous actors (the single servers in our case); 2) the use of probabilistic procedures, inspired by those that model the operations of real ants; and 3) the self-organizing behavior of system, which ensures that the assignment of VMs to servers dynamically adapts to the varying workload.

ADVANTAGES OF PROPOSED SYSTEM:

·       Efficient CPU usage.

·       It reduces power consumption.

·       Efficient resource utilization.

SYSTEM ARCHITECTURE:

SYSTEM CONFIGURATION:-

HARDWARE REQUIREMENTS:-

ü Processor                  -        Pentium –IV

ü Speed                        -        1.1 Ghz

ü RAM                         -        512 MB(min)

ü Hard Disk                 -        40 GB

ü Key Board                -        Standard Windows Keyboard

ü Mouse                       -        Two or Three Button Mouse

ü Monitor                     -        LCD/LED

SOFTWARE REQUIREMENTS:

•         Operating system :         Windows XP

•         Coding Language :         Java

•         Data Base             :         MySQL

•         Tool                     :         Net Beans IDE

REFERENCE:

Sushmita Ruj, Milos Stojmenovic, and Amiya Nayak “Decentralized Access Control With Anonymous Authentication Of Data Stored In Clouds” VOL. 25, NO. 2, FEBRUARY 2014

Decentralized Access Control With Anonymous Authentication Of Data Stored In Clouds

DECENTRALIZED ACCESS CONTROL WITH ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS

ABSTRACT:

We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable to centralized approaches.

EXISTING SYSTEM:

Much of the data stored in clouds is highly sensitive, for example, medical records and social networks. Security and privacy are, thus, very important issues in cloud computing. In one hand, the user should authenticate itself before initiating any transaction, and on the other hand, it must be ensured that the cloud does not tamper with the data that is outsourced. User privacy is also required so that the cloud or other users do not know the identity of the user. The cloud can hold the user accountable for the data it outsources, and likewise, the cloud is itself accountable for the services it provides. The validity of the user who stores the data is also verified. Apart from the technical solutions to ensure security and privacy, there is also a need for law enforcement. Efficient search on encrypted data is also an important concern in clouds. The clouds should not know the query but should be able to return the records that satisfy the query.

DISADVANTAGES OF EXISTING SYSTEM:

·       It is unsecure.

·       No privacy.

·       Anyone can able to access and modify the data.

·       Problem here is that the data records should have keywords associated with them to enable the search.

PROPOSED SYSTEM:

Although we proposed a decentralized approach, their technique does not authenticate users, who want to remain anonymous while accessing the cloud. In an earlier work, proposed a distributed access control mechanism in clouds. However, the scheme did not provide user authentication. The other drawback was that a user can create and store a file and other users can only read the file. Write access was not permitted to users other than the creator. In the preliminary version of this paper, we extend our previous work with added features that enables to authenticate the validity of the message without revealing the identity of the user who has stored information in the cloud. In this version we also address user revocation, that was not addressed. We use ABS scheme to achieve authenticity and privacy. Unlike our scheme is resistant to replay attacks, in which a user can replace fresh data with stale data from a previous write, even if it no longer has valid claim policy. This is an important property because a user, revoked of its attributes, might no longer be able to write to the cloud. We, therefore, add this extra feature in our scheme and modify appropriately. Our scheme also allows writing multiple times which was not permitted in our earlier work.

ADVANTAGES OF PROPOSED SYSTEM:

·       It provides authentication of users who store and modify their data on the cloud.

·       It revoked users cannot access data after they have been revoked.

·       Costs are comparable to the existing centralized approaches.

SYSTEM ARCHITECTURE:

SYSTEM CONFIGURATION:-

HARDWARE REQUIREMENTS:-

ü Processor                  -        Pentium –IV

ü Speed                        -        1.1 Ghz

ü RAM                         -        512 MB(min)

ü Hard Disk                 -        40 GB

ü Key Board                -        Standard Windows Keyboard

ü Mouse                       -        Two or Three Button Mouse

ü Monitor                     -        LCD/LED

SOFTWARE REQUIREMENTS:

Operating system      :         Windows XP.

Coding Language      :         .Net

Data Base                 :         SQL Server 2005

Tool                          :         VISUAL STUDIO 2008.

REFERENCE:

Sushmita Ruj, Milos Stojmenovic and Amiya Nayak, “Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds” IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 2, FEBRUARY 2014.