SlideShare uma empresa Scribd logo

Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-in-the-cloud

Transferir como DOC, PDF
K
Kamal Spring

Due to the high volume and velocity of big data, it is an effective option to store big data in the cloud, as the cloud has capabilities of storing big data and processing high volume of user access requests. Attribute-Based Encryption (ABE) is a promising technique to ensure the end-to-end security of big data in the cloud. However, the policy updating has always been a challenging issue when ABE is used to construct access control schemes. A trivial implementation is to let data owners retrieve the data and re-encrypt it under the new access policy, and then send it back to the cloud. This method, however, incurs a high communication overhead and heavy computation burden on data owners. A novel scheme is proposed that enable efficient access control with dynamic policy updating for big data in the cloud. Developing an outsourced policy updating method for ABE systems is focused. This method can avoid the transmission of encrypted data and minimize the computation work of data owners, by making use of the previously encrypted data with old access policies. Policy updating algorithms is proposed for different types of access policies. An efficient and secure method is proposed that allows data owner to check whether the cloud server has updated the ciphertexts correctly. The analysis shows that this policy updating outsourcing scheme is correct, complete, secure and efficient.

Engenharia
1 de 24
SECURE AND VERIFIABLE POLICY UPDATE OUTSOURCING FOR BIG DATA ACCESS CONTROL IN THE CLOUD ABSTRACT Due to the high volume and velocity of big data, it is an effective option to store big data in the cloud, as the cloud has capabilities of storing big data and processing high volume of user access requests. Attribute-Based Encryption (ABE) is a promising technique to ensure the end-to-end security of big data in the cloud. However, the policy updating has always been a challenging issue when ABE is used to construct access control schemes. A trivial implementation is to let data owners retrieve the data and re-encrypt it under the new access policy, and then send it back to the cloud. This method, however, incurs a high communication overhead and heavy computation burden on data owners. A novel scheme is proposed that enable efficient access control with dynamic policy updating for big data in the cloud. Developing an outsourced policy updating method for ABE systems is focused. This method can avoid the transmission of encrypted data and minimize the computation work of data owners, by making use of the previously encrypted data with old access policies. Policy updating algorithms is proposed for different types of access policies. An efficient and secure method is proposed that allows data owner to check whether the cloud server has updated the ciphertexts correctly. The analysis shows that this policy updating outsourcing scheme is correct, complete, secure and efficient.
INTRODUCTION Big data refers to high volume, high velocity, and/or high variety information assets that require new forms of processing to enable enhanced decision making, insight discovery and process optimization. Due to its high volume and complexity, it becomes difficult to process big data using on-hand database management tools. An effective option is to store big data in the cloud, as the cloud has capabilities of storing big data and processing high volume of user access requests in an efficient way. When hosting big data into the cloud, the data security becomes a major concern as cloud servers cannot be fully trusted by data owners.
PROBLEM DEFINITION The policy updating is a difficult issue in attribute-based access control systems, because once the data owner outsourced data into the cloud, it would not keep a copy in local systems. When the data owner wants to change the access policy, it has to transfer the data back to the local site from the cloud, reencrypt the data under the new access policy, and then move it back to the cloud server. By doing so, it incurs a high communication overhead and heavy computation burden on data owners. This motivates us to develop a new method to outsource the task of policy updating to cloud server. The grand challenge of outsourcing policy updating to the cloud is to guarantee the following requirements: 1) Correctness: Users who possess sufficient attributes should still be able to decrypt the data encrypted under new access policy by running the original decryption algorithm. 2) Completeness: The policy updating method should be able to update any type of access policy. 3) Security: The policy updating should not break the security of the access control system or introduce any new security problems.
EXISTING SYSTEM  Attribute-Based Encryption (ABE) has emerged as a promising technique to ensure the end-to-end data security in cloud storage system. It allows data owners to define access policies and encrypt the data under the policies, such that only users whose attributes satisfying these access policies can decrypt the data.  The policy updating problem has been discussed in key policy structure and ciphertext-policy structure. Disadvantages  When more and more organizations and enterprises outsource data into the cloud, the policy updating becomes a significant issue as data access policies may be changed dynamically and frequently by data owners. However, this policy updating issue has not been considered in existing attribute-based access control schemes.  Key policy structure and ciphertext-policy structure cannot satisfy the completeness requirement, because they can only delegate key/ciphertext with a new access policy that should be more restrictive than the previous policy.  Furthermore, they cannot satisfy the security requirement either.
PROPOSED SYSTEM  Focus on solving the policy updating problem in ABE systems, and propose a secure and verifiable policy updating outsourcing method.  Instead of retrieving and re-encrypting the data, data owners only send policy updating queries to cloud server, and let cloud server update the policies of encrypted data directly, which means that cloud server does not need to decrypt the data before/during the policy updating.  To formulate the policy updating problem in ABE sytems and develop a new method to outsource the policy updating to the server.  To propose an expressive and efficient data access control scheme for big data, which enables efficient dynamic policy updating.  To design policy updating algorithms for different types of access policies, e.g., Boolean Formulas, LSSS Structure and Access Tree.  To propose an efficient and secure policy checking method that enables data owners to check whether the ciphertexts have been updated correctly by cloud server.
Advantages  This scheme can not only satisfy all the above requirements, but also avoid the transfer of encrypted data back and forth and minimize the computation work of data owners by making full use of the previously encrypted data under old access policies in the cloud.  This method does not require any help of data users, and data owners can check the correctness of the ciphertext updating by their own secret keys and checking keys issued by each authority.  This method can also guarantee data owners cannot use their secret keys to decrypt any ciphertexts encrypted by other data owners, although their secret keys contain the components associated with all the attributes.
SYSTEM ARCHITECTURE: MODULES: 1. Identity token issuance 2. Policy decomposition 3. Identity token registration 4. Data encryption and uploading 5. Data downloading and decryption 6. Encryption evolution management
MODULES DESCRIPTION: Identity token issuance: IdPs are trusted third parties that issue identity tokens to Users based on their identity attributes. It should be noted that IdPs need not be online after they issue identity tokens. An identity token, denoted by IT has the format{nym, id-tag, c, σ}, where nym is a pseudonym uniquely identifying a User in the system, id-tag is the name of the identity attribute, c is the Pedersen commitment for the identity attribute value x and σ is the IdP’s digital signature on nym, id-tag and c. Policy Decomposition: In this module, using the policy decomposition algorithm, the Owner decomposes each ACP into two sub ACPs such that the Owner enforces the minimum number of attributes to assure confidentiality of data from the Cloud. The algorithm produces two sets of sub ACPs, ACPB Owner and ACPB Cloud. The Owner enforces the confidentiality related sub ACPs in ACPB Owner and the Cloud enforces the remaining sub-ACPs in ACPB Cloud. Identity Token Registration: Users register their ITs to obtain secrets in order to later decrypt the data they are allowed to access. Users register their ITs related to the attribute conditions in ACC with the Owner, and the rest of the identity tokens related to the attribute conditions in ACB/ACC with the Cloud using the AB-GKM::SecGen algorithm.
When Users register with the Owner, the Owner issues them two set of secrets for the attribute conditions in ACC that are also present in the sub ACPs in ACPB Cloud. The Owner keeps one set and gives the other set to the Cloud. Two different sets are used in order to prevent the Cloud from decrypting the Owner encrypted data. Data encryption and uploading: The Owner encrypts the data based on the sub-ACPs in ACPB Owner and uploads them along with the corresponding public information tuples to the Cloud. The Cloud in turn encrypts the data again based on the sub-ACPs in ACPB Cloud. Both parties execute ABGKM::KeyGen algorithm individually to first generate the symmetric key, the public information tuple PI and access tree T for each sub ACP. Data downloading and decryption: Users download encrypted data from the Cloud and decrypt twice to access the data. First, the Cloud generated public information tuple is used to derive the OLE key and then the Owner generated public information tuple is used to derive the ILE key using the AB-GKM::KeyDer algorithm. These two keys allow a User to decrypt a data item only if the User satisfies the original ACP applied to the data item. Encryption evolution management: After the initial encryption is performed, affected data items need to be re- encrypted with a new symmetric key if credentials are added/removed. Unlike the SLE approach, when credentials are added or revoked, the Owner does not have to
involve. The Cloud generates a new symmetric key and re-encrypts the affected data items. SYSTEM CONFIGURATION:- HARDWARE CONFIGURATION:-  Processor - Pentium –IV  Speed - 1.1 Ghz  RAM - 256 MB(min)  Hard Disk - 20 GB  Key Board - Standard Windows Keyboard  Mouse - Two or Three Button Mouse  Monitor - SVGA SOFTWARE CONFIGURATION:- • Operating system : - Windows XP. • Coding Language : ASP.NET, C#.Net. • Data Base : SQL Server 2005
SECOND REVIEW SYSTEM ARCHITECTURE:
DATA FLOW DIAGRAM: 1. The DFD is also called as bubble chart. It is a simple graphical formalism that can be used to represent a system in terms of input data to the system, various processing carried out on this data, and the output data is generated by this system. 2. The data flow diagram (DFD) is one of the most important modeling tools. It is used to model the system components. These components are the system process, the data used by the process, an external entity that interacts with the system and the information flows in the system. 3. DFD shows how the information moves through the system and how it is modified by a series of transformations. It is a graphical technique that depicts information flow and the transformations that are applied as data moves from input to output. 4. DFD is also known as bubble chart. A DFD may be used to represent a system at any level of abstraction. DFD may be partitioned into levels that represent increasing information flow and functional detail.
Login Create cloud server Create data owner File request view transactions file upload create file access control Admin create domain create sub domain view cloud server view data owner UserData owner view Admin profile view file details view user request view transactions view profile File download view profile Edit profile Edit profile Edit profile
UML DIAGRAMS UML stands for Unified Modeling Language. UML is a standardized general-purpose modeling language in the field of object-oriented software engineering. The standard is managed, and was created by, the Object Management Group. The goal is for UML to become a common language for creating models of object oriented computer software. In its current form UML is comprised of two major components: a Meta-model and a notation. In the future, some form of method or process may also be added to; or associated with, UML. The Unified Modeling Language is a standard language for specifying, Visualization, Constructing and documenting the artifacts of software system, as well as for business modeling and other non-software systems. The UML represents a collection of best engineering practices that have proven successful in the modeling of large and complex systems. The UML is a very important part of developing objects oriented software and the software development process. The UML uses mostly graphical notations to express the design of software projects. GOALS: The Primary goals in the design of the UML are as follows: 1. Provide users a ready-to-use, expressive visual modeling Language so that they can develop and exchange meaningful models. 2. Provide extendibility and specialization mechanisms to extend the core concepts.
3. Be independent of particular programming languages and development process. 4. Provide a formal basis for understanding the modeling language. 5. Encourage the growth of OO tools market. 6. Support higher level development concepts such as collaborations, frameworks, patterns and components. 7. Integrate best practices.
USE CASE DIAGRAM: A use case diagram in the Unified Modeling Language (UML) is a type of behavioral diagram defined by and created from a Use-case analysis. Its purpose is to present a graphical overview of the functionality provided by a system in terms of actors, their goals (represented as use cases), and any dependencies between those use cases. The main purpose of a use case diagram is to show what system functions are performed for which actor. Roles of the actors in the system can be depicted.
Admin Owner User Create Account Login File Upload File Download File Details Owner Details create owner create domain & sub domain view & edit profile view transactions
CLASS DIAGRAM: In software engineering, a class diagram in the Unified Modeling Language (UML) is a type of static structure diagram that describes the structure of a system by showing the system's classes, their attributes, operations (or methods), and the relationships among the classes. It explains which class contains information. User View Files view Transactions view & edit profile file download file download() Data owner view files view & edit profile file upload view transaction create file access() file upload() create sub domain() Admin create cloud server create data owner create domain creat sub domain view & edit profile view & edit dataowner profile create data owner() create domain() create sub domain()
SEQUENCE DIAGRAM: A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram that shows how processes operate with one another and in what order. It is a construct of a Message Sequence Chart. Sequence diagrams are sometimes called event diagrams, event scenarios, and timing diagrams.
User Admin Owner Database Upload Files Verify Owner Files Edit profile Edit owner and admin profile View Owner Detalils & Owner Files file download create owner create domain & sub domain view User details File access control File request create cloud server file response
ACTIVITY DIAGRAM: Activity diagrams are graphical representations of workflows of stepwise activities and actions with support for choice, iteration and concurrency. In the Unified Modeling Language, activity diagrams can be used to describe the business and operational step-by-step workflows of components in a system. An activity diagram shows the overall flow of control.
A A Login Create cloud server Create data owner File request view transactions file upload create file access control Admin create domain create sub domain view cloud server view data owner UserData owner view Admin profile view file details view user request view transactions view profile File download view profile Edit profile Edit profile Edit profile
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-in-the-cloud

Recomendados

Ensuring Distributed Accountability in the Cloud
Ensuring Distributed Accountability in the CloudEnsuring Distributed Accountability in the Cloud
Ensuring Distributed Accountability in the CloudSuraj Mehta
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsIEEEFINALYEARPROJECTS
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Privacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudPrivacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudAswathy Rajan
 
Data sharing with accountability in cloud
Data sharing with accountability in cloudData sharing with accountability in cloud
Data sharing with accountability in cloudSusheenthiran Sujith
 
expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...swathi78
 
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...chennaijp
 

Recomendados

Ensuring Distributed Accountability in the Cloud
Ensuring Distributed Accountability in the CloudEnsuring Distributed Accountability in the Cloud
Ensuring Distributed Accountability in the CloudSuraj Mehta
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsIEEEFINALYEARPROJECTS
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Privacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudPrivacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudAswathy Rajan
 
Data sharing with accountability in cloud
Data sharing with accountability in cloudData sharing with accountability in cloud
Data sharing with accountability in cloudSusheenthiran Sujith
 
expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...swathi78
 
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...chennaijp
 
Ensuring distributed accountability
Ensuring distributed accountabilityEnsuring distributed accountability
Ensuring distributed accountabilitySunkaraHariNarayana
 
Ensuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudEnsuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudSwapnil Salunke
 
Oruta ppt
Oruta pptOruta ppt
Oruta pptManasa Chowdary
 
Data Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudData Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudSuraj Mehta
 
Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Shakas Technologies
 
Ppt 1
Ppt 1Ppt 1
Ppt 1shanmugamsara
 
Dyna-Flo Manufacturing Processes & Best Practices
Dyna-Flo Manufacturing Processes & Best PracticesDyna-Flo Manufacturing Processes & Best Practices
Dyna-Flo Manufacturing Processes & Best PracticesGrant Pegden-Wright
 
Here Is the Trailer For the Final Season of Parks and Recreation
Here Is the Trailer For the Final Season of Parks and RecreationHere Is the Trailer For the Final Season of Parks and Recreation
Here Is the Trailer For the Final Season of Parks and Recreationboringspray9610
 
CV_BALDVINSSON_EN_2016
CV_BALDVINSSON_EN_2016CV_BALDVINSSON_EN_2016
CV_BALDVINSSON_EN_2016Glúmur Baldvinsson
 
Global literacy (1)
Global literacy (1)Global literacy (1)
Global literacy (1)Koh Chin Yi
 
Music video analysis
Music video analysisMusic video analysis
Music video analysisGuy Nicholson
 
Creating a Job Search Plan 7.15.2016
Creating a Job Search Plan 7.15.2016Creating a Job Search Plan 7.15.2016
Creating a Job Search Plan 7.15.2016Richard J. Hudnett, Ed.D., MBA
 
Atributos para medir las capacidades tecnológicas
Atributos para medir las capacidades tecnológicasAtributos para medir las capacidades tecnológicas
Atributos para medir las capacidades tecnológicasEzequiel Eliano Sombory
 
The Point of Exhaustion
The Point of ExhaustionThe Point of Exhaustion
The Point of ExhaustionThe Concept Store
 
Renz
RenzRenz
Renzgamol12
 
Computación presentación
Computación presentaciónComputación presentación
Computación presentaciónMaría Celeste Farfán Robles
 
Présentation1
Présentation1Présentation1
Présentation1niko7882
 
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Shakas Technologies
 
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...IEEEGLOBALSOFTTECHNOLOGIES
 
A Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud ComputingA Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud Computingijsrd.com
 
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...IRJET Journal
 
Pp1t
Pp1tPp1t
Pp1tNitish Bhardwaj
 

Mais conteúdo relacionado

Mais procurados

Ensuring distributed accountability
Ensuring distributed accountabilityEnsuring distributed accountability
Ensuring distributed accountabilitySunkaraHariNarayana
 
Ensuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudEnsuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudSwapnil Salunke
 
Data Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudData Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudSuraj Mehta
 
Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Shakas Technologies
 

Mais procurados (6)

Ensuring distributed accountability
Ensuring distributed accountabilityEnsuring distributed accountability
Ensuring distributed accountability
 
Ensuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the CloudEnsuring Distributed Accountability for Data Sharing in the Cloud
Ensuring Distributed Accountability for Data Sharing in the Cloud
 
Oruta ppt
Oruta pptOruta ppt
Oruta ppt
 
Data Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the CloudData Sharing: Ensure Accountability Distribution in the Cloud
Data Sharing: Ensure Accountability Distribution in the Cloud
 
Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds
 
Ppt 1
Ppt 1Ppt 1
Ppt 1
 

Destaque

Dyna-Flo Manufacturing Processes & Best Practices
Dyna-Flo Manufacturing Processes & Best PracticesDyna-Flo Manufacturing Processes & Best Practices
Dyna-Flo Manufacturing Processes & Best PracticesGrant Pegden-Wright
 
Here Is the Trailer For the Final Season of Parks and Recreation
Here Is the Trailer For the Final Season of Parks and RecreationHere Is the Trailer For the Final Season of Parks and Recreation
Here Is the Trailer For the Final Season of Parks and Recreationboringspray9610
 
Global literacy (1)
Global literacy (1)Global literacy (1)
Global literacy (1)Koh Chin Yi
 
Music video analysis
Music video analysisMusic video analysis
Music video analysisGuy Nicholson
 
Atributos para medir las capacidades tecnológicas
Atributos para medir las capacidades tecnológicasAtributos para medir las capacidades tecnológicas
Atributos para medir las capacidades tecnológicasEzequiel Eliano Sombory
 
Présentation1
Présentation1Présentation1
Présentation1niko7882
 

Destaque (11)

Dyna-Flo Manufacturing Processes & Best Practices
Dyna-Flo Manufacturing Processes & Best PracticesDyna-Flo Manufacturing Processes & Best Practices
Dyna-Flo Manufacturing Processes & Best Practices
 
Here Is the Trailer For the Final Season of Parks and Recreation
Here Is the Trailer For the Final Season of Parks and RecreationHere Is the Trailer For the Final Season of Parks and Recreation
Here Is the Trailer For the Final Season of Parks and Recreation
 
CV_BALDVINSSON_EN_2016
CV_BALDVINSSON_EN_2016CV_BALDVINSSON_EN_2016
CV_BALDVINSSON_EN_2016
 
Global literacy (1)
Global literacy (1)Global literacy (1)
Global literacy (1)
 
Music video analysis
Music video analysisMusic video analysis
Music video analysis
 
Creating a Job Search Plan 7.15.2016
Creating a Job Search Plan 7.15.2016Creating a Job Search Plan 7.15.2016
Creating a Job Search Plan 7.15.2016
 
Atributos para medir las capacidades tecnológicas
Atributos para medir las capacidades tecnológicasAtributos para medir las capacidades tecnológicas
Atributos para medir las capacidades tecnológicas
 
The Point of Exhaustion
The Point of ExhaustionThe Point of Exhaustion
The Point of Exhaustion
 
Renz
RenzRenz
Renz
 
Computación presentación
Computación presentaciónComputación presentación
Computación presentación
 
Présentation1
Présentation1Présentation1
Présentation1
 

Semelhante a Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-in-the-cloud

Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Shakas Technologies
 
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...IEEEGLOBALSOFTTECHNOLOGIES
 
A Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud ComputingA Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud Computingijsrd.com
 
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...IRJET Journal
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01Nitish Bhardwaj
 
Dont look at this
Dont look at thisDont look at this
Dont look at thismylawyer1
 
Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...JPINFOTECH JAYAPRAKASH
 
Presentation (6).pptx
Presentation (6).pptxPresentation (6).pptx
Presentation (6).pptxMSMuthu5
 
A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...
A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...
A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...Shakas Technologies
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Nitish Bhardwaj
 

Semelhante a Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-in-the-cloud (20)

Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
 
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
 
A Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud ComputingA Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud Computing
 
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...
IRJET- A Review on Lightweight Secure Data Sharing Scheme for Mobile Cloud Co...
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Test
TestTest
Test
 
Dont look at this
Dont look at thisDont look at this
Dont look at this
 
Test
TestTest
Test
 
Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...
 
Presentation (6).pptx
Presentation (6).pptxPresentation (6).pptx
Presentation (6).pptx
 
A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...
A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...
A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 

Último

BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesPrabhanshu Chaturvedi
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 

Último (20)

BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and Properties
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 

Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-in-the-cloud

  • 1. SECURE AND VERIFIABLE POLICY UPDATE OUTSOURCING FOR BIG DATA ACCESS CONTROL IN THE CLOUD ABSTRACT Due to the high volume and velocity of big data, it is an effective option to store big data in the cloud, as the cloud has capabilities of storing big data and processing high volume of user access requests. Attribute-Based Encryption (ABE) is a promising technique to ensure the end-to-end security of big data in the cloud. However, the policy updating has always been a challenging issue when ABE is used to construct access control schemes. A trivial implementation is to let data owners retrieve the data and re-encrypt it under the new access policy, and then send it back to the cloud. This method, however, incurs a high communication overhead and heavy computation burden on data owners. A novel scheme is proposed that enable efficient access control with dynamic policy updating for big data in the cloud. Developing an outsourced policy updating method for ABE systems is focused. This method can avoid the transmission of encrypted data and minimize the computation work of data owners, by making use of the previously encrypted data with old access policies. Policy updating algorithms is proposed for different types of access policies. An efficient and secure method is proposed that allows data owner to check whether the cloud server has updated the ciphertexts correctly. The analysis shows that this policy updating outsourcing scheme is correct, complete, secure and efficient.
  • 2. INTRODUCTION Big data refers to high volume, high velocity, and/or high variety information assets that require new forms of processing to enable enhanced decision making, insight discovery and process optimization. Due to its high volume and complexity, it becomes difficult to process big data using on-hand database management tools. An effective option is to store big data in the cloud, as the cloud has capabilities of storing big data and processing high volume of user access requests in an efficient way. When hosting big data into the cloud, the data security becomes a major concern as cloud servers cannot be fully trusted by data owners.
  • 3. PROBLEM DEFINITION The policy updating is a difficult issue in attribute-based access control systems, because once the data owner outsourced data into the cloud, it would not keep a copy in local systems. When the data owner wants to change the access policy, it has to transfer the data back to the local site from the cloud, reencrypt the data under the new access policy, and then move it back to the cloud server. By doing so, it incurs a high communication overhead and heavy computation burden on data owners. This motivates us to develop a new method to outsource the task of policy updating to cloud server. The grand challenge of outsourcing policy updating to the cloud is to guarantee the following requirements: 1) Correctness: Users who possess sufficient attributes should still be able to decrypt the data encrypted under new access policy by running the original decryption algorithm. 2) Completeness: The policy updating method should be able to update any type of access policy. 3) Security: The policy updating should not break the security of the access control system or introduce any new security problems.
  • 4. EXISTING SYSTEM  Attribute-Based Encryption (ABE) has emerged as a promising technique to ensure the end-to-end data security in cloud storage system. It allows data owners to define access policies and encrypt the data under the policies, such that only users whose attributes satisfying these access policies can decrypt the data.  The policy updating problem has been discussed in key policy structure and ciphertext-policy structure. Disadvantages  When more and more organizations and enterprises outsource data into the cloud, the policy updating becomes a significant issue as data access policies may be changed dynamically and frequently by data owners. However, this policy updating issue has not been considered in existing attribute-based access control schemes.  Key policy structure and ciphertext-policy structure cannot satisfy the completeness requirement, because they can only delegate key/ciphertext with a new access policy that should be more restrictive than the previous policy.  Furthermore, they cannot satisfy the security requirement either.
  • 5. PROPOSED SYSTEM  Focus on solving the policy updating problem in ABE systems, and propose a secure and verifiable policy updating outsourcing method.  Instead of retrieving and re-encrypting the data, data owners only send policy updating queries to cloud server, and let cloud server update the policies of encrypted data directly, which means that cloud server does not need to decrypt the data before/during the policy updating.  To formulate the policy updating problem in ABE sytems and develop a new method to outsource the policy updating to the server.  To propose an expressive and efficient data access control scheme for big data, which enables efficient dynamic policy updating.  To design policy updating algorithms for different types of access policies, e.g., Boolean Formulas, LSSS Structure and Access Tree.  To propose an efficient and secure policy checking method that enables data owners to check whether the ciphertexts have been updated correctly by cloud server.
  • 6. Advantages  This scheme can not only satisfy all the above requirements, but also avoid the transfer of encrypted data back and forth and minimize the computation work of data owners by making full use of the previously encrypted data under old access policies in the cloud.  This method does not require any help of data users, and data owners can check the correctness of the ciphertext updating by their own secret keys and checking keys issued by each authority.  This method can also guarantee data owners cannot use their secret keys to decrypt any ciphertexts encrypted by other data owners, although their secret keys contain the components associated with all the attributes.
  • 7. SYSTEM ARCHITECTURE: MODULES: 1. Identity token issuance 2. Policy decomposition 3. Identity token registration 4. Data encryption and uploading 5. Data downloading and decryption 6. Encryption evolution management
  • 8. MODULES DESCRIPTION: Identity token issuance: IdPs are trusted third parties that issue identity tokens to Users based on their identity attributes. It should be noted that IdPs need not be online after they issue identity tokens. An identity token, denoted by IT has the format{nym, id-tag, c, σ}, where nym is a pseudonym uniquely identifying a User in the system, id-tag is the name of the identity attribute, c is the Pedersen commitment for the identity attribute value x and σ is the IdP’s digital signature on nym, id-tag and c. Policy Decomposition: In this module, using the policy decomposition algorithm, the Owner decomposes each ACP into two sub ACPs such that the Owner enforces the minimum number of attributes to assure confidentiality of data from the Cloud. The algorithm produces two sets of sub ACPs, ACPB Owner and ACPB Cloud. The Owner enforces the confidentiality related sub ACPs in ACPB Owner and the Cloud enforces the remaining sub-ACPs in ACPB Cloud. Identity Token Registration: Users register their ITs to obtain secrets in order to later decrypt the data they are allowed to access. Users register their ITs related to the attribute conditions in ACC with the Owner, and the rest of the identity tokens related to the attribute conditions in ACB/ACC with the Cloud using the AB-GKM::SecGen algorithm.
  • 9. When Users register with the Owner, the Owner issues them two set of secrets for the attribute conditions in ACC that are also present in the sub ACPs in ACPB Cloud. The Owner keeps one set and gives the other set to the Cloud. Two different sets are used in order to prevent the Cloud from decrypting the Owner encrypted data. Data encryption and uploading: The Owner encrypts the data based on the sub-ACPs in ACPB Owner and uploads them along with the corresponding public information tuples to the Cloud. The Cloud in turn encrypts the data again based on the sub-ACPs in ACPB Cloud. Both parties execute ABGKM::KeyGen algorithm individually to first generate the symmetric key, the public information tuple PI and access tree T for each sub ACP. Data downloading and decryption: Users download encrypted data from the Cloud and decrypt twice to access the data. First, the Cloud generated public information tuple is used to derive the OLE key and then the Owner generated public information tuple is used to derive the ILE key using the AB-GKM::KeyDer algorithm. These two keys allow a User to decrypt a data item only if the User satisfies the original ACP applied to the data item. Encryption evolution management: After the initial encryption is performed, affected data items need to be re- encrypted with a new symmetric key if credentials are added/removed. Unlike the SLE approach, when credentials are added or revoked, the Owner does not have to
  • 10. involve. The Cloud generates a new symmetric key and re-encrypts the affected data items. SYSTEM CONFIGURATION:- HARDWARE CONFIGURATION:-  Processor - Pentium –IV  Speed - 1.1 Ghz  RAM - 256 MB(min)  Hard Disk - 20 GB  Key Board - Standard Windows Keyboard  Mouse - Two or Three Button Mouse  Monitor - SVGA SOFTWARE CONFIGURATION:- • Operating system : - Windows XP. • Coding Language : ASP.NET, C#.Net. • Data Base : SQL Server 2005
  • 12. DATA FLOW DIAGRAM: 1. The DFD is also called as bubble chart. It is a simple graphical formalism that can be used to represent a system in terms of input data to the system, various processing carried out on this data, and the output data is generated by this system. 2. The data flow diagram (DFD) is one of the most important modeling tools. It is used to model the system components. These components are the system process, the data used by the process, an external entity that interacts with the system and the information flows in the system. 3. DFD shows how the information moves through the system and how it is modified by a series of transformations. It is a graphical technique that depicts information flow and the transformations that are applied as data moves from input to output. 4. DFD is also known as bubble chart. A DFD may be used to represent a system at any level of abstraction. DFD may be partitioned into levels that represent increasing information flow and functional detail.
  • 13.
  • 14. Login Create cloud server Create data owner File request view transactions file upload create file access control Admin create domain create sub domain view cloud server view data owner UserData owner view Admin profile view file details view user request view transactions view profile File download view profile Edit profile Edit profile Edit profile
  • 15. UML DIAGRAMS UML stands for Unified Modeling Language. UML is a standardized general-purpose modeling language in the field of object-oriented software engineering. The standard is managed, and was created by, the Object Management Group. The goal is for UML to become a common language for creating models of object oriented computer software. In its current form UML is comprised of two major components: a Meta-model and a notation. In the future, some form of method or process may also be added to; or associated with, UML. The Unified Modeling Language is a standard language for specifying, Visualization, Constructing and documenting the artifacts of software system, as well as for business modeling and other non-software systems. The UML represents a collection of best engineering practices that have proven successful in the modeling of large and complex systems. The UML is a very important part of developing objects oriented software and the software development process. The UML uses mostly graphical notations to express the design of software projects. GOALS: The Primary goals in the design of the UML are as follows: 1. Provide users a ready-to-use, expressive visual modeling Language so that they can develop and exchange meaningful models. 2. Provide extendibility and specialization mechanisms to extend the core concepts.
  • 16. 3. Be independent of particular programming languages and development process. 4. Provide a formal basis for understanding the modeling language. 5. Encourage the growth of OO tools market. 6. Support higher level development concepts such as collaborations, frameworks, patterns and components. 7. Integrate best practices.
  • 17. USE CASE DIAGRAM: A use case diagram in the Unified Modeling Language (UML) is a type of behavioral diagram defined by and created from a Use-case analysis. Its purpose is to present a graphical overview of the functionality provided by a system in terms of actors, their goals (represented as use cases), and any dependencies between those use cases. The main purpose of a use case diagram is to show what system functions are performed for which actor. Roles of the actors in the system can be depicted.
  • 18. Admin Owner User Create Account Login File Upload File Download File Details Owner Details create owner create domain & sub domain view & edit profile view transactions
  • 19. CLASS DIAGRAM: In software engineering, a class diagram in the Unified Modeling Language (UML) is a type of static structure diagram that describes the structure of a system by showing the system's classes, their attributes, operations (or methods), and the relationships among the classes. It explains which class contains information. User View Files view Transactions view & edit profile file download file download() Data owner view files view & edit profile file upload view transaction create file access() file upload() create sub domain() Admin create cloud server create data owner create domain creat sub domain view & edit profile view & edit dataowner profile create data owner() create domain() create sub domain()
  • 20. SEQUENCE DIAGRAM: A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram that shows how processes operate with one another and in what order. It is a construct of a Message Sequence Chart. Sequence diagrams are sometimes called event diagrams, event scenarios, and timing diagrams.
  • 21. User Admin Owner Database Upload Files Verify Owner Files Edit profile Edit owner and admin profile View Owner Detalils & Owner Files file download create owner create domain & sub domain view User details File access control File request create cloud server file response
  • 22. ACTIVITY DIAGRAM: Activity diagrams are graphical representations of workflows of stepwise activities and actions with support for choice, iteration and concurrency. In the Unified Modeling Language, activity diagrams can be used to describe the business and operational step-by-step workflows of components in a system. An activity diagram shows the overall flow of control.
  • 23. A A Login Create cloud server Create data owner File request view transactions file upload create file access control Admin create domain create sub domain view cloud server view data owner UserData owner view Admin profile view file details view user request view transactions view profile File download view profile Edit profile Edit profile Edit profile