Upload
percival-allen
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
1
PROVIDING SECURITY BY AES AMONG MULTI-USERS IN CLOUD
Presentation By : Mohammed Abdul Sarfaraz
Registration No.: 12311D2518.
Specialization : Software Engineering.
Internal Guide : Mr. K Damodhar RaoAssociate Professor, Department of CSE,SNIST, Hyderabad.
External Guide : Ms. B KusumaSoftware Engineer,CE3IT Solutions.
Providing Security By AES Among Multi-Users In Cloud
2
CO
NT
EN
TS
Abstract
Introduction
Existing System
Proposed System
Architecture
DFD
Modules
UML Diagrams
Screenshots
Conclusion and Future ScopeProviding Security By AES Among Multi-Users In Cloud
3 ABSTRACT
Cloud computing provides an economical and efficient solution for sharing group resource
among cloud users with low maintenance. Unfortunately, sharing data in a multi-owner manner
while preserving data and identity privacy from an untrusted cloud is still a challenging issue,
due to the frequent change of the membership.
So, we propose a secure multi owner data sharing scheme, for dynamic groups in the cloud.
By leveraging group signature and dynamic broadcast encryption techniques, any cloud user
can anonymously share data with others.
Meanwhile, the storage overhead and encryption computation cost of our scheme are
independent with the number of revoked users. In addition, we analyze the security of our
scheme with rigorous proofs, and demonstrate the efficiency of our scheme in experiments.
Providing Security By AES Among Multi-Users In Cloud
4 INTRODUCTION
•Cloud Computing- Is an alternative for traditional information technology.
•Data Sharing- Is a fundamental service offered by cloud providers.
•Privacy Preserving- Is provided by encrypting the data files.
•Access Control- Who can access the data stored in the cloud.
•Dynamic Groups- Groups are normally dynamic in practice, e.g., new staff participation and
current employee revocation in a company.
Providing Security By AES Among Multi-Users In Cloud
5
EXISTING SYSTEM
•Not possible to trace the identity of the misbehaving users.
•Difficult to maintain dynamic groups.
•Data owners store the encrypted data files in untrusted storage and distribute the corresponding
decryption keys only to authorized users.
•A secure provenance scheme based on the cipher text-policy attribute-based encryption
technique, which allows any member in a group to share data with others. Providing Security By AES Among Multi-Users In Cloud
6
DISADVANTAGES IN EXISTING SYSTEM
•It is not possible to trace which user converts as a false file.
•Users are also modifying the data, that kind of possibility is available here.
•Without permission everyone easily sharing the file to all members.
•Group Manager doesn’t communicate with group members.
•All group members also possible to revocation. Providing Security By AES Among Multi-Users In Cloud
7
PROPOSED SYSTEM
•We propose a secure multi-owner data sharing scheme.
•Our proposed scheme is able to support dynamic groups efficiently.
•We provide secure and privacy-preserving access control to users.
•Each group members having different public key.
•Owner of the application only possible to revocation.
•Without giving permission data sharing not possible.
Providing Security By AES Among Multi-Users In Cloud
8
ADVANTAGES OF PROPOSED SYSTEM
•High Security services.
•Minimize the complexity of secrete key management environment here.
•Maintain the data as a sensitive data without giving access to any unauthorized users.
Providing Security By AES Among Multi-Users In Cloud
9 ARCHITECTURE
Cloud Server Data Read/Write
Group Members
Revocation
Key Distribution Registration
Group Manager
Fig 1 : System Architecture
Providing Security By AES Among Multi-Users In Cloud
10 DATA FLOW DIAGRAMS
Providing Security By AES Among Multi-Users In Cloud
Admin
Group Manager
Group Members
Cloud
Fig 2 : DFD Level 0
11
Providing Security By AES Among Multi-Users In Cloud
Admin
Group Manager
Registration
Group Member
s
Cloud
Data Read/Write
Fig 3 : DFD Level 1
12
Providing Security By AES Among Multi-Users In Cloud
Registration
Group Manager
Group Members
Key Distribution
Using Key
Data Read/Write
Admin
Cloud
Fig 4 : DFD Level 2
13
Providing Security By AES Among Multi-Users In Cloud
Modules
1. User Registration
2. User Revocation
3. File Generation and deletion
4. File Access and Traceability
14
Providing Security By AES Among Multi-Users In Cloud
1. User Registration
•The group manager registers the users and allocates each user with a private key that will be
used for group signature and encryption purpose
2. User Revocation
•User revocation is performed by the group manager via a public available revocation list.
•Group manger update the revocation list each day.
Group Manager Group Members
Group Manager Cloud
Registration
Key Distribution
Fig 5 : User Registration
Fig 6 : User Revocation
Revocation
15
3. File Generation and Deletion•To store and share a data file in the cloud, a group member gets the revocation list from the
cloud.
•In this step, the member sends the group ID as a request to the cloud.
•Verifying the validity of the received revocation list, file stored in the cloud can be deleted by
either the group manager or the data owner.
4. File Access and Traceability
•To access the cloud, a user needs to compute a group signature for his/her authentication.
•When a data dispute occurs, the tracing operation is performed by the group manager to
identify the real identity of the data owner.
Providing Security By AES Among Multi-Users In Cloud
16 UML DIAGRAMS
Providing Security By AES Among Multi-Users In Cloud
Cloud Analyst
User Authentication
Security
Cloud Provider
Group Manager
Provide Key
File Generator
User Log Client
Fig 7 : Use Case diagram
17
Providing Security By AES Among Multi-Users In Cloud
User Registration
cloudprovidercloudlogin
username()cloudproviderlogin()
Security provider
Encryptionkeylogfiles
Secure()
Manipulation
downloadupdatedelete
Give_Permission()
Database
updateselectdelete
Manipulation()update_file()select_file()delete_file()Fig 8 : Class diagram
18
User Application Cloud Provider Group Members
Login cloud
Cloud access
RequestData
ResponseData
KeyRequest
GenerateKey
RevocationKey
File select, update, delete
Storeddata
Recoverdata
EncryptionKeyFig 9 : Sequence diagram
Providing Security By AES Among Multi-Users In Cloud
19
Providing Security By AES Among Multi-Users In CloudFig 11 : Collaboration diagram
Group Manager Cloud
Group member
1. CloudLogin()
2. Cloudaccess()
3. R
egist
ratio
n()
4. GeneratesKey()
5. GrantK
eys()
6. UpdateRevocationList()
10. enterRevocationKey()
7. CreatesFile()
8. updat
eInto
Cloud()
9. re
triev
efile
()
11. R
evoc
atio
nKey
()
12. verfiesKey()
13. sendFile()
14. recoversFile()
20 User
Proxy
Application
UserRequest
Cloudmembers
Group provider
Key access
Fig 10 : Activity diagram
Providing Security By AES Among Multi-Users In Cloud
21 SCREENSHOTS
Providing Security By AES Among Multi-Users In Cloud
22
Providing Security By AES Among Multi-Users In Cloud
23
Providing Security By AES Among Multi-Users In Cloud
24
Providing Security By AES Among Multi-Users In Cloud
25
Providing Security By AES Among Multi-Users In Cloud
26
Providing Security By AES Among Multi-Users In Cloud
27
Providing Security By AES Among Multi-Users In Cloud
28
Providing Security By AES Among Multi-Users In Cloud
29
Providing Security By AES Among Multi-Users In Cloud
30 CONCLUSION AND FUTURE SCOPE
Conclusion
Future Scope
In this scheme, a user is able to share data without revealing identity privacy to the cloud. It
supports efficient user revocation and new user joining . The storage overhead and the encryption
computation cost are constant. It satisfies the desired security requirements and guarantees
efficiency as well.
As cloud computing is an emerging technology, this project will be very useful for
implementing in the real time clouds because of the several advantages it provides.
Providing Security By AES Among Multi-Users In Cloud
31 REFERENCES[1] M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A.Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A View of Cloud Computing,” Comm. ACM, vol. 53,no. 4, pp. 50-58, Apr. 2010.
[2] S. Kamara and K. Lauter, “Cryptographic Cloud Storage,” Proc.Int’l Conf. Financial Cryptography and Data Security (FC), pp. 136-149, Jan. 2010.
[3] S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving Secure, Scalable, and Fine-Grained Data Access Control in Cloud Computing,” Proc. IEEE INFOCOM, pp. 534-542, 2010.
[4] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu, “Plutus: Scalable Secure File Sharing on Untrusted Storage,” Proc.USENIX Conf. File and Storage Technologies, pp. 29-42, 2003.
[5] E. Goh, H. Shacham, N. Modadugu, and D. Boneh, “Sirius: Securing Remote Untrusted Storage,” Proc. Network and Distributed Systems Security Symp. (NDSS), pp. 131-145, 2003.
[6] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage,” Proc. Network and Distributed Systems Security Symp. (NDSS), pp. 29-43, 2005.
[7] R. Lu, X. Lin, X. Liang, and X. Shen, “Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing,” Proc. ACM Symp Information, Computer and Comm. Security, pp. 282-292, 2010.
[8] B. Waters, “Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization,” Proc. Int’lConf. Practice and Theory in Public Key Cryptography Conf. Public Key Cryptography, http://eprint.iacr.org/2008/290.pdf, 2008.
[9] V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data,” Proc. ACM Conf. Computer and Comm. Security (CCS), pp. 89-98, 2006.
[10] D. Naor, M. Naor, and J.B. Lotspiech, “Revocation and Tracing Schemes for Stateless Receivers,” Proc. Ann. Int’l Cryptology Conf. Advances in Cryptology (CRYPTO), pp. 41-62, 2001. Providing Security By AES Among Multi-Users In Cloud
32
Providing Security By AES Among Multi-Users In Cloud
33 EXECUTION LINK
Providing Security By AES Among Multi-Users In Cloud