HYBRID ATTRIBUTE- AND
RE-ENCRYPTION-BASED KEY MANAGEMENT FOR SECURE AND SCALABLE MOBILE APPLICATIONS
IN CLOUDS
TO VIEW OUTPUT CLICK HERE
TO VIEW OUTPUT CLICK HERE
ABSTRACT:
Outsourcing data to the
cloud are beneficial for reasons of economy, scalability, and accessibility,
but significant technical challenges remain. Sensitive data stored in the cloud
must be protected from being read in the clear by a cloud provider that is
honest but curious. Additionally, cloud-based data are increasingly being
accessed by resource-constrained mobile devices for which the processing and
communication cost must be minimized. Novel modifications to attribute-based
encryption are proposed to allow authorized users access to cloud data based on
the satisfaction of required attributes such that the higher computational load
from cryptographic operations is assigned to the cloud provider and the total
communication cost is lowered for the mobile user. Furthermore, data
re-encryption may be optionally performed by the cloud provider to reduce the expense
of user revocation in a mobile user environment while preserving the privacy of
user data stored in the cloud. The proposed protocol has been realized on commercially
popular mobile and cloud platforms to demonstrate real-world benchmarks that
show the efficacy of the scheme. A simulation calibrated with the benchmark
results shows the scalability potential of the scheme in the context of a
realistic workload in a mobile cloud computing system.
EXISTING SYSTEM:
Data outsourcing to a
cloud is appropriate for any class of applications that requires data to be kept
in storage and disseminated to many users. Clients that engage a cloud provider
typically only pay for the amount of storage, related computation, and amount
of network communication actually consumed; they do not incur the capital and
maintenance costs of an in-house solution. In addition, the cloud provider
offers the advantages of automatic backup and replication to ensure the safety,
longevity, and high accessibility of the user data. A major concern that is
typically not sufficiently addressed in practice, however, is that data, by
default, are stored in the clear; it may be accessed and read by a cloud administrator
without knowledge of the client. A cloud administrator may not be trusted
despite the presence of contractual security obligations, if data security is
not further enforced through technical means. An additional risk is that
sensitive data carry the persistent risk of being intercepted by an
unauthorized party despite safeguards promised by the provider. Therefore, it
is useful to apply software techniques, such as encryption key management, to
ensure that the confidentiality of cloud data is preserved at all times. It is
especially crucial to safeguard sensitive user data such as e-mails, personal
customer information, financial records, and medical records.
DISADVANTAGES OF
EXISTING SYSTEM:
·
It is not secure.
·
There is no
confidentiality.
· It
is especially crucial to safeguard sensitive user data.
PROBLEM STATEMENT:
A major concern that is
typically not sufficiently addressed in practice, however, is that data, by
default, are stored in the clear; it may be accessed and read by a cloud administrator
without knowledge of the client.
SCOPE:
Important requirement is for data to be addressable with
fine-grained access controls on the record-level or finer, to provide
flexibility.
PROPOSED SYSTEM:
A protocol for outsourcing data storage to a cloud provider
in secure fashion is provided. The provider is unable to read stored data;
authorized users may do so based on qualification through possession of the
right attributes without arbitration by the data owner. The protocol is
designed to be efficient for resource-constrained mobile users by delegating computation
and requests to a cloud provider or trusted authority, where appropriate,
without compromising security. An improvement is made over a traditional
attribute based encryption scheme, such that responsibility over key generation
is divided between a mobile data owner and a trusted authority; the owner is relieved
of the highest computational and messaging burdens. Additional security is
provided through a group keying mechanism; the data owner controls access based
on the distribution of an additional secret key, beyond possession of the
required attributes. This additional security measure is an optional variant applicable
to highly sensitive data subject to frequent access. Re-encryption, as a
process of transforming the stored ciphertext, permits efficient revocation of users;
it does not require removal of attributes and subsequent key regeneration, and
may be administered by a trusted authority without involvement of the data
owner.
ADVANTAGES OF PROPOSED
SYSTEM:
·
It is more secure.
·
It reduces data traffic.
· Cost
efficient.
SYSTEM
ARCHITECTURE:
SYSTEM CONFIGURATION:-
HARDWARE REQUIREMENTS:-
ü Processor - Pentium –IV
ü Speed - 1.1 Ghz
ü RAM - 512 MB(min)
ü Hard
Disk - 40 GB
ü Key
Board - Standard Windows Keyboard
ü Mouse - Two or Three Button Mouse
ü Monitor - LCD/LED
SOFTWARE
REQUIREMENTS:
•
Operating system : Windows XP
•
Coding Language : Java
•
Data Base : MySQL
•
Tool : Net Beans IDE
REFERENCE:
Piotr K.Tysowski and M.Anwarul Hasan “Hybrid Attribute- and Re-Encryption-Based Key
Management for Secure and Scalable Mobile Applications in Clouds” IEEE TRANSACTIONS ON
CLOUD COMPUTING, VOL. 1, NO. 2, JULY-DECEMBER 2013.
