HYBRID ATTRIBUTE- AND RE-ENCRYPTION-BASED KEY MANAGEMENT FOR SECURE AND SCALABLE MOBILE APPLICATIONS IN CLOUDS
TO VIEW OUTPUT CLICK HERE
Outsourcing data to the cloud are beneficial for reasons of economy, scalability, and accessibility, but significant technical challenges remain. Sensitive data stored in the cloud must be protected from being read in the clear by a cloud provider that is honest but curious. Additionally, cloud-based data are increasingly being accessed by resource-constrained mobile devices for which the processing and communication cost must be minimized. Novel modifications to attribute-based encryption are proposed to allow authorized users access to cloud data based on the satisfaction of required attributes such that the higher computational load from cryptographic operations is assigned to the cloud provider and the total communication cost is lowered for the mobile user. Furthermore, data re-encryption may be optionally performed by the cloud provider to reduce the expense of user revocation in a mobile user environment while preserving the privacy of user data stored in the cloud. The proposed protocol has been realized on commercially popular mobile and cloud platforms to demonstrate real-world benchmarks that show the efficacy of the scheme. A simulation calibrated with the benchmark results shows the scalability potential of the scheme in the context of a realistic workload in a mobile cloud computing system.
Data outsourcing to a cloud is appropriate for any class of applications that requires data to be kept in storage and disseminated to many users. Clients that engage a cloud provider typically only pay for the amount of storage, related computation, and amount of network communication actually consumed; they do not incur the capital and maintenance costs of an in-house solution. In addition, the cloud provider offers the advantages of automatic backup and replication to ensure the safety, longevity, and high accessibility of the user data. A major concern that is typically not sufficiently addressed in practice, however, is that data, by default, are stored in the clear; it may be accessed and read by a cloud administrator without knowledge of the client. A cloud administrator may not be trusted despite the presence of contractual security obligations, if data security is not further enforced through technical means. An additional risk is that sensitive data carry the persistent risk of being intercepted by an unauthorized party despite safeguards promised by the provider. Therefore, it is useful to apply software techniques, such as encryption key management, to ensure that the confidentiality of cloud data is preserved at all times. It is especially crucial to safeguard sensitive user data such as e-mails, personal customer information, financial records, and medical records.
DISADVANTAGES OF EXISTING SYSTEM:
- It is not secure.
- There is no confidentiality.
- It is especially crucial to safeguard sensitive user data.
A major concern that is typically not sufficiently addressed in practice, however, is that data, by default, are stored in the clear; it may be accessed and read by a cloud administrator without knowledge of the client.
Important requirement is for data to be addressable with fine-grained access controls on the record-level or finer, to provide flexibility.
A protocol for outsourcing data storage to a cloud provider in secure fashion is provided. The provider is unable to read stored data; authorized users may do so based on qualification through possession of the right attributes without arbitration by the data owner. The protocol is designed to be efficient for resource-constrained mobile users by delegating computation and requests to a cloud provider or trusted authority, where appropriate, without compromising security. An improvement is made over a traditional attribute based encryption scheme, such that responsibility over key generation is divided between a mobile data owner and a trusted authority; the owner is relieved of the highest computational and messaging burdens. Additional security is provided through a group keying mechanism; the data owner controls access based on the distribution of an additional secret key, beyond possession of the required attributes. This additional security measure is an optional variant applicable to highly sensitive data subject to frequent access. Re-encryption, as a process of transforming the stored ciphertext, permits efficient revocation of users; it does not require removal of attributes and subsequent key regeneration, and may be administered by a trusted authority without involvement of the data owner.
ADVANTAGES OF PROPOSED SYSTEM:
- It is more secure.
- It reduces data traffic.
- Cost efficient.
üProcessor - Pentium –IV
üSpeed - 1.1 Ghz
üRAM - 512 MB(min)
üHard Disk - 40 GB
üKey Board - Standard Windows Keyboard
üMouse - Two or Three Button Mouse
üMonitor - LCD/LED
- Operating system: Windows XP
- Coding Language: Java
- Data Base : MySQL
- Tool : Net Beans IDE
Piotr K.Tysowski and M.Anwarul Hasan“Hybrid Attribute- and Re-Encryption-Based Key Management for Secure and Scalable Mobile Applications in Clouds” IEEE TRANSACTIONS ON CLOUD COMPUTING, VOL. 1, NO. 2, JULY-DECEMBER 2013.