1. IDENTITY BASED SECURE DISTRIBUTED DATA
STORAGE SCHEMES
PRESENTED BY:
N.SAHITHI
(12C11D5816)
UNDER GUIDANCE OF
Mr. J.NAGARAJU, (M.TECH)
2. ABSTRACT
Secure distributed data storage can shift the burden of maintaining a large number of
files from owner to proxy servers. Proxy servers can convert encrypted files for owner
to encrypted files for receiver without necessity of knowing the content of original
files. IBSDSS schemes uses 2 identity based secure distributed data storage schemes.
First scheme is secure against chosen plaintext attacks (CPA). Second scheme is
secure against chosen chipertext attacks (CCA). It is first identity based secure
distributed data storage schemes where access permissions is made by owner of file
and collusion attacks can be protected.
IBSDDS SCHEMES
3. INTRODUCTION
Cloud computing provides users a convenient mechanism to manage their personal
files with notion called Database-As-Services (DAS).
Proxy servers can perform some functions on outsourced cipher texts without
knowing anything about original files.
This technique has not been employed due to confidentiality and integrity.
IBSDDS SCHEMES
4. To address these issues IBSDDS scheme is proposed, which uses two schemes.
These schemes capture following properties :
i) The file owner can decide the access permission independently.
ii) For one query, a receiver can only access one file instead of all files of
IBSDDS SCHEMES
the owner.
iii) Our schemes secure against the collusion attacks.
5. PROBLEM STATEMENT
Writing a problem statement helps to identify the purpose of the project clearly.
A problem statement consists of 3 parts namely:
IBSDDS SCHEMES
1) Ideal
2) Reality
3) Consequences
1) Ideal : cloud computing provides users with a convenient mechanism to
manage their personal files with a notion called database-as-service (DAS).
In DAS schemes, user outsources his encrypted files to proxy server so, that the
burden of maintaining large amount of files on local system can be reduced.
6. 2) Reality: Security and privacy are biggest concerns of each and every user.
Some user might feel uncomfortable in surrendering their personal data to a third
IBSDDS SCHEMES
party.
No guarantee to files outsourced to proxy servers.
As the applications and services run on remote third party environments, users have
limited control over the function and execution of software and hardware.
3) Consequences: In response to above problem, Identity based secure distributed
datastorage schemes were proposed.
In this IBSDDS proxy server validates the outsourced cipher text and store them.
To prevent unauthorized access proxy validates user by his id and password.
7. LITERATURE SURVEY
Atomic proxy crypto system where a semi-trusted proxy server can transfer a
cipher text of the original decryptor to a cipher text for the designated decryptor
without knowing plain text. It is used in e-mail forwarding.
Identity based crypto system introduced by shamir. It is a system where the public
key can be arbitrary string and secret key is issued by trusted third party.
IBSDDS SCHEMES
8. Identity-based proxy encryption (IBPE) was proposed by Ivan and Dodis .
In these schemes, the master secret key which is used to extract secret keys for
users is split into 2 parts one is sent to proxy server other is sent to user.
The user can decrypt cipher text with the help of proxy server, but these
schemes are not secure against collusion attacks.
Identity- based proxy re-encryption proposed by green and ateniese. Where
proxy server can transfer a cipher text of original decryptor to cipher text of
designated decryptor after he gets a re-encryption key.
IBSDDS SCHEMES
9. EXISTING SYSTEM
Cloud computing provides users with convenient mechanism to manage their
personal files with notation called database as a service (DAS).
Proxy server can perform some functions on outsourced cipher texts without
knowing anything about original files.
Therefore, how to guarantee the outsourced files are not accessed by users
unauthorized users and not modified by proxy severs is an important problem that
has been considered in data storage research community.
IBSDDS SCHEMES
10. DISADVANTAGES OF EXISTING SYSTEM
Users are especially concerned on the confidentiality, integrity and query of
outsourced files as cloud computing is complicated than local data storage systems,
as cloud is managed by untrusted third party.
There is no guarantee that the outsourced files are not accessed by unauthorized
users and not modified by proxy severs is an important problem.
IBSDDS SCHEMES
11. PROPOSED SYSTEM
In proposed project for one query, the receiver can access one of the owner’s file
instead of accessing all files.
An access permission is bound not only to the identity of receiver but also to the
IBSDDS SCHEMES
file.
The access permission can be decided by owner, instead of trusted third party.
Proposed project is secure against collusion attacks.
12. ADVANTAGES OF PROPOSED SYSTEM
It has 2 schemes of security:
i) the first scheme is secure against chosen plain text attacks (CPA).
ii) the second scheme is secure against chosen cipher text attacks (CCA).
For one query, a receiver can access only one file , instead of all files of the owner.
To achieve stronger security and implement file based access control ,the owner
must be online to authenticate requesters and also generate access permissions for
them.
IBSDDS SCHEMES
13. STEPS INVOLVED IN IBSDDS SCHEME IMPLEMENTATION ARE:
STEP 1:
The file owner encrypts his files under his identity prior to outsourcing a files to
proxy servers.
STEP 2:
He (owner of file) sends cipher texts to proxy servers (as he encrypted his files
under his identity in step1 so that cipher text is generated ).
STEP 3 :
Proxy server transforms a cipher text encrypted under identity of the owner to a
cipher text encrypted under the identity of receiver, only after the receiver has
obtained access permission from owner of the file (file owner).
IBSDDS SCHEMES
15. SOFTWARE REQUIREMENTS:
Operating System : Windows xp/ 7/8
Technology : Java
IDE : My Eclipse
Web Server : Tomcat
Database : My SQL
Java Version : JDK1.7
IBSDDS SCHEMES
16. MODULES
IBSDDS scheme consists of 4 modules :
i) Data Storage system
ii) File system
iii) Storage-based Intrusion detection system
iv) Cryptographic File System
IBSDDS SCHEMES
17. MODULE - 1
1) Data Storage system : Data storage system enable user to store their data to
external proxy server to enhance access and availability and reduce maintenance
cost.
IBSDDS SCHEMES
18. MODULE - 2
2) File System: In these systems, proxy servers are assumed to be trusted.
Proxy authenticate receivers and validate access permissions.
The interactions between the proxy servers and receivers are executed in a secure
IBSDDS SCHEMES
channel.
In these schemes, a receiver authenticates himself to the proxy server using his
password
19. MODULE - 3
Storage-based Intrusion Detection System: In this systems, an intrusion detection
scheme is embedded in proxy servers or the file owner to detect the intruder’s
behaviors, such as adding backdoors, inserting Trojan horses and tampering with
audit logs.
These schemes can be classified into two types:
i) Host-based system and
ii) Network-based system.
IBSDDS SCHEMES
20. MODULE - 4
Cryptographic File System: In these systems, an end to-end security is provided
by cryptographic protocols which are executed by the file owner to prevent proxy
servers and unauthorized users from modifying and accessing the sensitive files.
These systems can be divided into two types:
1) Shared file system and
2) Non-shared system
IBSDDS SCHEMES
37. Screen shot 12: Proxy server asks for random key (to decrypt file).
IBSDDS SCHEMES
38. Screen shot 14: Decrypted File is accessed to user
IBSDDS SCHEMES
39. CONCLUSION
Distributed data storage schemes provide the users with convenience to outsource their files to
untrusted proxy servers. Identity-based secure distributed data storage (IBSDDS) schemes are
a special kind of distributed data storage schemes where users are identified by their identities
and can communicate without the need of verifying the public key certificates.
IBSDDS SCHEMES
40. FUTURE ENHANCEMENTS
Future enhancements for identity-based secure distributed data storage (IBSDDS) are to allow
user to upload PDF files and excel sheets. Future research will include advancements like
uploading the pictures, images, videos in encrypted format for user convenience.
IBSDDS SCHEMES
41. REFERENCES
Jinguang Han, Student Member, IEEE, Willy Susilo, Senior Member, IEEE, and Yi Mu,
Senior Member, IEEE-“Identity-Based Secure Distributed Data Storage Schemes”-IEEE
TRANSACTIONS ON COMPUTERS, 2013.
IBSDDS SCHEMES