Imperial Journal of Interdisciplinary Research (IJIR) Vol-3, Issue-2, 2017 ISSN: 2454-1362, http://www.onlinejournal.in
Reliable Re-encryption in Cloud Environment. Tushar Nalawade, Vikas Adhikari, Pratik Shah, Kunal Mehta. Department of Information Technology, Shah and Anchor Kutchhi Engineering College , Mumbai University, India Abstract: The rapid growth of using cloud-based services in recent years is an undeniable fact as it has increased the efficiency in accessing shared pools of configurable computing resources. However, there are serious concerns about the reliability of this emerging technology and it is anticipated that cloud computing security concerns will be the most important and challenging issue in IT industry. Accordingly, a hybrid re-encryption model has been presented to ensure data security in cloud computing environments based on the concepts of index classification, time-based procedures, and attribute. Performing the re-encryption process according to four main parameters: time-based, unauthorized authentication, user revocation, and data owner request. In addition, the functionality, security, and scalability of the suggested model were examined by a simulation analysis to find out the strengths of this re-encryption model in comparison with current models. The analysis results show that this model has met defined demands of this research to enhance the reliability and efficiency of data protection in cloud computing environments. The second problem is de-duplication. The rapid adoption of cloud services is accompanied by increasing volumes of data stored at remote cloud servers. Among these remote stored files, most of them are duplicated. This fact raises a technology namely de-duplication, in which the cloud servers would like to de-duplicate by keeping only a single copy for each file (or block) and make a link to the file (or block) for every client who owns or asks to store the same file (or block).
1.
INTRODUCTION
Cloud infrastructures can be roughly categorized as either private or public. In a private cloud, the infrastructure is managed and owned by the customer and located on-premise (i.e., in the customer's region of control). In particular, this means that access to customer data is under its control and is only granted to parties it trusts. In a public cloud the infrastructure is owned and managed by a cloud service provider. This means that customer data is outside its control and could potentially be granted to untrusted parties. A key approach to secure cloud computing is for the data owner to store encrypted data in the cloud, and issue decryption keys to authorized users. Then, when a user is revoked, the data owner will issue re-
Imperial Journal of Interdisciplinary Research (IJIR)
encryption commands to the cloud to re- encrypt the data, to prevent the revoked user from decrypting the data, and to generate new decryption keys to valid users, so that they can continue to access the data. However, since a cloud computing environment is comprised of many cloud servers, such commands may not be received and executed by all of the cloud servers due to unreliable network communications[4].To overcome this problem TimeBased Re-encryption is been used which re-encrypt the data on certain time interval with the help of individual servers internal clock. Cloud storage is a model of networked enterprise storage where data is stored in virtualized pools of storage which are generally hosted by third parties. These great features attract more and more customers to utilize and storage their personal data to the cloud storage: according to the analysis report, the volume of data in cloud is expected to achieve 40 trillion gigabytes in 2020. Even though cloud storage system has been widely adopted, it fails to accommodate some important emerging needs such as the abilities of auditing integrity of cloud files by cloud clients and detecting duplicated files by cloud servers[3]. The rapid adoption of cloud services is accompanied by increasing volumes of data stored at remote cloud servers. Among these remote stored files, most of them are duplicated. This fact raises a technology namely de- duplication, in which the cloud servers would like to de-duplicate by keeping only a single copy for each file (or block) and make a link to the file (or block) for every client who owns or asks to store the same file (or block).
1.1
Reliable Re-encryption.
A key approach to secure cloud computing is for the data owner to store encrypted data in the cloud, and issue decryption keys to authorized users. Then, when a user is revoked, the data owner will issue reencryption commands to the cloud to re-encrypt the data, to prevent the revoked user from decrypting the data, and to generate new decryption keys to valid users, so that they can continue to access the data. However, since a cloud computing environment is comprised of many cloud servers, such commands may not be received and executed by all of the cloud servers due to unreliable network communications. In this paper, we solve this problem by proposing a Page 996
Imperial Journal of Interdisciplinary Research (IJIR) Vol-3, Issue-2, 2017 ISSN: 2454-1362, http://www.onlinejournal.in time based re-encryption scheme, which enables the cloud servers to automatically re- encrypt data based on their internal clocks. Our solution is built on top of a new encryption scheme, attribute based encryption, to allow fine-grain access control, and does not require perfect clock synchronization for correctness.
1.2
De-duplication.
As the cloud computing technology develops during the last decade, outsourcing data to cloud service for storage becomes an attractive trend, which benefits in sparing efforts on heavy data maintenance and management. De- duplication, in which the cloud servers would like to de-duplicate by keeping only a single copy for each file (or block) and make a link to the file (or block) for every client who owns or asks to store the same file (or block).Nevertheless, since the outsourced cloud storage is not fully trustworthy, it raises security concerns on how to realize data de-duplication in cloud while achieving integrity auditing.Unfortunately, this action of de-duplication would lead to a number of threats potentially affecting the storage system , for example, a server telling a client that it (i.e., the client) does not need to send the file reveals that some other client has the exact same file, which could be sensitive sometimes. These attacks originate from the reason that the proof that the client owns a given file (or block of data) is solely based on a static, short value (in most cases the hash of the file). Thus, the second problem is generalized as how can the cloud servers efficiently confirm that the client (with a certain degree assurance) owns the uploaded file (or block) before creating a link to this file (or block) for him/her[4].
1.3
Cloud Environment.
Cloud computing is computing based on the internet. Where in the past, people would run applications or programs from software downloaded on a physical computer or server in their building, cloud computing allows people access to the same kinds of applications through the internet. You are probably using cloud computing right now, even if you donít realise it. If you use an online service to send email, edit documents, watch movies or TV, listen to music, play games or store pictures and other files, it is likely that cloud computing is making it all possible behind the scenes. The first cloud computing services are barely a decade old, but already a variety of organisationsófrom tiny startups to global corporations, government agencies to non-profitsóare embracing the technology for all sorts of reasons. Here are a few of the things you can do with the cloud.
Imperial Journal of Interdisciplinary Research (IJIR)
● ● ● ● ●
Create new apps and services Store, backup and recover data Host websites and blogs Stream audio and video Deliver software on demand
Cloud Computing makes computer infrastructure and services available "on-need" basis. The computing infrastructure could include hard disk, development platform, database, computing power or complete software applications. To access these resources from the cloud vendors, organizations do not need to make any large scale capital expenditures. Organization need to "pay per use" i.e. organization need to pay only as much for the computing infrastructure as they use. The billing model of cloud computing is similar to the electricity payment that we do on the basis of usage. In the description below vendor is used for cloud computing service provider and organization is used for user of cloud computing services.
2.
RECENT WORKS
As the cloud computing technology develops during the last decade, outsourcing data to cloud service for storage becomes an attractive trend, which benefits in sparing efforts on heavy data maintenance and management. Nevertheless, since the outsourced cloud storage is not fully trustworthy, it raises security concerns on how to realize data de-duplication in cloud while achieving integrity auditing. The rapid growth of using cloud-based services in recent years is an undeniable fact as it has increased the efficiency in accessing shared pools of configurable computing resources. However, there are serious concerns about the reliability of this emerging technology and it is anticipated that cloud computing security concerns will be the most important and challenging issue in IT industry. Many researchers have proposed storing encrypted data in the cloud to defend against the CSP. Their solution utilizes proxy re-encryption scheme (PRE),in which a delegator and a delegate generate a proxy key that allows a semi-trusted third party to convert cipher texts encrypted under delegator’s public key into cipher texts which can be decrypted by delegate. Recently, proxy re-encryption has been shown very useful in a number of applications such as access control in file storage space, email forwarding, and law enforcement. ABE is a new cryptographic technique that resourcefully supports fine grained access control. Fine-grained access control systems assist granting differential access rights to a set of users and allow flexibility in specifying the access rights of individual Page 997
Imperial Journal of Interdisciplinary Research (IJIR) Vol-3, Issue-2, 2017 ISSN: 2454-1362, http://www.onlinejournal.in users[3] .Hierarchical attribute-based encryption model by combining a HIBE system to provide fine-grained access control and full delegation.Our scheme relies on time to re-encrypt data.which is having major drawback as only data owner perform data updates. This is inflexible for applications where users may need to update the data as well.
3.
executed in all of the associated servers, so to overcome this problem we use Time-based reencryption is been used instead of executing commands on each an every server, here each an every server re-encrypts the file in certain time interval and this time interval is been judged from the internal clock of the server.
PROPOSED SYSTEM.
In the fig.1 the working scenario of the proposed system is been given in which first of all the file owner will upload a plaintext file and then server
4.
CONCLUSION.
In this paper, we have proposed reliable reencryption methods such as time-based re-encryption and user revocation scheme by using hybrid algorithm viz.AES and blowfish. We also have introduced data de-duplication scheme using MD5 algorithm for storing single copy of each file. Hence provide more security to cloud data and reliability to cloud system.
5.
FUTURE SCOPE.
In today’s era demand of cloud is increasing so the security of the cloud and user is on top concern. The traditional approach of encryption cannot be suited in the secure de-duplication as it susceptible to brute-force attack.
6. Fig.1 Overview of Proposed System
will apply de-duplication algorithm and generate a unique serial number of the file and this serial number of the file is compared with the serial number of existing files if it equals to any of it, then it means that the file is already existing in cloud storage space and the server will store only single copy of the file and share the link of the file among authorized users. After performing de-duplication the server will encrypt the file and generate the key for decrypting the file this key would be shared among the group of authorized users so that they can access this encrypted file.If a user is revoked from the authorized group of users then this file is reencrypted and new generated key is been shared among group of authorized users excluding the revoked user.Thus, avoiding unauthorized access of file from revoked users.Sometimes it happens that the re-encryption command executed on a server of a cloud system, this command should be executed in all cloud servers because in cloud if changes are made to data at particular server in particular location it has to be replicated among all the associated servers residing in different locations due to some network problem this commands might not be
Imperial Journal of Interdisciplinary Research (IJIR)
REFERENCES
[1] Qin Liu, Chiu C. Tan, Jie Wu, and Guojun Wang School of Information Science and Engineering, Central South University, “Reliable Re-encryption in Unreliable Clouds”Changsha, Hunan Province, P. R. China, 410083 Department of Computer and Information Sciences, Temple University, Philadelphia, PA 19122, USA. [2] IEEE 6th Control and System Graduate Research Colloquium, “A Reliable Data Protection Model based on Re-Encryption Concepts in Cloud Environments” Aug. 10 - 11, UiTM, Shah Alam, Malaysia, by Faraz Fatemi Moghaddam , Mostafa Vala [3] “Secure User Data in Cloud Computing Using Encryption Algorithms” Rachna Arora, Anshu Parashar / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 Vol. 3, Issue 4, Jul-Aug 2013, pp.1922-1926 [4] “secure Auditing and Deduplicating Data in Cloud” Jingwei Li, Jin Li, Dongqing Xie and Zhang Cai / IEEE TRANSACTIONS ON COMPUTERS VOL: PP NO: 99 YEAR 2015
Page 998