Data Protection and Verification of Data With Key Exposure in Cloud Environment

IPASJ International Journal of Information Technology (IIJIT)
Web Site: http://www.ipasj.org/IIJIT/IIJIT.htm

A Publisher for Research Motivation ........ Email:editoriijit@ipasj.org
Volume 7, Issue 1, January 2019 ISSN 2321-5976
DATA PROTECTION AND

VERIFICATION OF DATA WITH KEY
EXPOSURE IN CLOUD ENVIRONMENT
K.Priyanka1, M. Kannan2
1
M.Phil Research Scholar,Dept of CSA, SCSVMV,
Enathur, Kanchipuram, Tamil Nadu, 631561, India.
2
Asst.Professor,Dept of CSA, SCSVMV,
Enathur, Kanchipuram, Tamil Nadu, 631561, India.
ABSTRACT
Scattered limit taking a gander at is seen as a goal association to insist the respectability of the information clearly cloud.
Current looking over customs are all around built up on the uncertainty that the customer's riddle key for researching is
thoroughly secure. In any case, such supposition may not generally be held, due to the possibly powerless conviction that all is
extraordinary and what's more low security settings at the customer. On the off chance that such a mystery key for dissecting is
uncovered, the greater part of the current surveying conventions would end up unfit to work. In this paper, we base on this new
bit of scattered storing taking a gander at. We examine how to lessen the fiendishness of the customer's essential presentation
in flowed storing taking a gander at, and give the fundamental sensible react in due request in regards to this new issue setting.
We formalize the definition in addition, the security model of taking a gander at custom with key-presentation quality and
propose such a convention. In our course of action, we utilize the twofold tree structure and the pre-organize traversal
procedure to strengthen the mystery keys for the customer. We in addition build up a novel authenticator change to support the
forward security and the property of blockless certain nature. The security confirmation and the execution examination
demonstrate that our proposed custom is secure besides, convincing.
Keywords: Cloud computing, cloud service, cloud security, computer network, distributed computing, security.
I. INTRODUCTION
Appropriated figuring is a perspective that gives immense computation constrain and enormous memory space
expecting practically no exertion. It enables customers to get proposed benefits free of time and zone over various
stages (e.g., mobile phones, PCs), and in this way passes on exceptional convenience to cloud customers. Among
different organizations given by dispersed figuring, appropriated capacity advantage, for instance, Apple's cloud,
Microsoft's Azure and Amazon's S3, can offer a more versatile and straightforward way to deal with offer data over the
Internet, which gives distinctive focal points to our overall population. Nevertheless, it furthermore encounters a couple
of security threats, which are the basic stresses of cloud customers Cryptography strategy can be associated in a two
essential ways-one is symmetric key encryption and other is hilter kilter key encryption. In symmetric key encryption,
same keys are used for encryption and unscrambling. By many-sided quality, in amiss key encryption particular keys
are used, open key for encryption and private key for interpreting. Using hilter kilter key encryption is more versatile
for our approach. This can be spoken to by following point of reference.
Accept Alice put all data on Box.com and she wouldn't care to open her data to everyone. On account of data
spillage possible results she doesn't trust on security segment given by Box.com, so she scramble all data previously
exchanging to the server. In the occasion that Bob ask for that her offer a couple of data then Alice use share limit of
Box.com. Regardless, issue as of now is that how to share encoded data. There are two genuine ways: 1. Alice scramble
data with single secret key and offer that puzzle key direct with the Bob. 2. Alice can scramble data with specific keys
and send Bob contrasting keys with Bob by methods for secure channel. In first system, unfortunate data similarly get
open to the Bob, which is insufficient. In second philosophy, no. of keys is a similar number of as no. of shared records,
Volume 7, Issue 1, January 2019 Page 18

which may be hundred or thousand and furthermore trading these keys require secure channel and storage space which
can be exorbitant.
To effectively address cloud security issues, we have to comprehend the compound security Challenges
comprehensively. In particular, we have to: (I) research different cloud security properties including vulnerabilities,
dangers, dangers, and assault models; (ii) distinguish the security necessities including classification, respectability,
accessibility, straightforwardness, and so forth.; (iii) recognize the included gatherings CSP and different suppliers and
the job of each gathering in the assault guard cycle; and (iv) comprehend the effect of security on different cloud
arrangement models 2 (open, network, private, half and half). The principle commitment of this paper is that a
protected encryption plan to share encoded information among an arrangement of approved clients and to accomplish
productive client denial for problematic mists. In distributed computing security is a vital part of nature of
administration. To keep the delicate client information private against un confided in servers a few MKP-ABE
encryption strategies are utilized. MKP-ABE encryption conspire in light of a confided in power has been
recommended that use the execution required for encryption undertakings inside the cloud itself. A confided in power is
in charge of key re-age, bringing about a more proficient and versatile security.
II Related Work:
We introduce a model for obvious information possession (PDP) that enables a consumer that has keep
information at associate untrusted server to verify that the server possesses the first information without retrieving it.
The model generates probabilistic proofs of possession by using sampling random sets of blocks from the server which
will drastically reduces I/O costs. The consumer maintains a persistent quantity of information to validate the proof.
The challenge/response protocol transmits a tiny low, constant quantity of information that minimizes network
communication. Thus, the PDP model for remote information checking supports giant information sets in widely-
distributed storage systems. We gift 2 provably-secure PDP schemes that area unit additional economical than previous
solutions, even compared with schemes that reach weaker guarantees. In explicit, the overhead at the server is low (or
even constant), as against linear within the size of the info. Experiments mistreatment our implementation verify the
utility of PDP and reveal that the performance of PDP is finite by disk I/O and not by scientific discipline computation.
Storage outsourcing may be a rising trend that prompts variety of fascinating security problems, several of that
are extensively investigated within the past. However, obvious information Possession (PDP) may be a topic that has
solely recently appeared within the analysis literature. the most issue is a way to oft, with efficiency and firmly verify
that a storage server is reliably storing its client’s (potentially terribly large) outsourced information. The storage server
is assumed to be untrusted in terms of each security and reliableness. (In alternative words, it'd maliciously or
accidentally erase hosted data; it'd additionally relegate it to slow or off-line storage. the matter is exacerbated by the
consumer being a little computer with restricted resources. previous work has self-addressed this downside exploitation
either public key cryptography or requiring the consumer to source its information in encrypted type. during this paper,
we have a tendency to construct a extremely economical and demonstrably secure PDP technique based mostly entirely
on bilaterally symmetrical key cryptography, whereas not requiring any bulk coding. Also, in distinction with its
predecessors, our PDP technique permits outsourcing of dynamic information, i.e, it with efficiency supports
operations, like block modification, deletion and append.
Many storage systems have confidence replication to extend the provision and sturdiness of knowledge on
untrusted storage systems. At present, such storage systems offer no sturdy proof that multiple copies of the info are
literally hold on. Storage servers will interact to form it seem like they're storing several copies of the info, whereas
actually they solely store one copy. we tend to address this defect through multiple-replica obvious knowledge
possession (MR-PDP): A provably-secure theme that enables a consumer that stores t duplicates of a get into a storage
system to verify through a challenge-response protocol that (1) every distinctive duplicate will be created at the time of
the challenge which (2) the storage system uses t times the storage needed to store one replica. MR-PDP extends
previous work on knowledge possession proofs for one copy of a get into a client/server storage system [4]. exploitation
MR-PDP to store t replicas is computationally way more economical than employing a single-replica PDP theme to
store t separate, unrelated files (e.g., by encrypting every file on an individual basis before storing it). Another
advantage of MR-PDP is that it will generate more replicas on demand, at very little expense, once a number of the
present replicas fail.
Cloud computing is that the long unreal vision of computing as a utility, wherever knowledge house owners
will remotely store their knowledge within the cloud to relish on-demand high-quality applications and also the services
through shared pool of configurable computing resources. Whereas knowledge outsourcing relieves the house owners of
the burden of native knowledge storage and maintenance, it also eliminates their physical management of storage
reliability and security, that historically has been expected by each enterprises and people with high service-level needs.

so as to facilitate fast preparation of cloud knowledge storage service and regain security assurances with outsourced
knowledge reliability, economical ways that alter on-demand knowledge correctness verification on behalf of cloud
knowledge house owners ought to be designed. during this article we tend to propose that in public auditable cloud
knowledge storage is in a position to assist this emergent cloud economy become totally established. With public audit
ability, a trustworthy entity associate degree expert and capabilities knowledge house owners don't possess is delegated
as an external audit party to assess the danger of outsourced knowledge once required. Such associate degree auditing
service not solely helps save knowledge house owners’ computation resources however conjointly provides a clear
nevertheless efficient technique for knowledge owners to achieve trust within the cloud. we tend to describe approaches
and system needs that ought to be brought into thought, and description challenges that require to be resolved for such
a in public auditable secure cloud storage service to become a reality.
Provable knowledge possession could be a technique for making certain the integrity of knowledge in
outsourcing storage service. during this paper, we have a tendency to propose a cooperative demonstrable knowledge
possession theme in hybrid clouds to support quantifiability of service and knowledge migration, within which we have
a tendency to take into account the existence of multiple cloud service suppliers to hand and glove store and maintain
the clients’ knowledge. Our experiments show that the verification of our theme needs a tiny low, constant quantity of
overhead, that minimizes communication quality.
Existing system:
Cipher-text-policy attribute-based encryption (CP-ABE) has been a preferred encryption technology to explain
the challenging difficulty of protected data sharing in cloud computing. The shared data files normally have the quality
of multilevel hierarchy, mainly in the region of healthcare and the military. The coated right to use structures are
included into a single access structure, and then, the hierarchical files are encrypted with the incorporated access
structure. The cipher-text mechanism connected to attributes could be shared by the files. In this case, cipher-text
storage and time price of encryption are saved. In this method is extremely professional in terms of encryption and
decryption. With the number of the files increasing, the advantages of our scheme become more and more obvious.
PROBLEM STATEMENT:
In the existing system, each user is issued a set of rights during system initialization. Each file uploaded to the
cloud is also surrounded by a set of privileges to identify which kind of users is allowed to perform the photocopy check
and access the files. Before submitting his duplicate check request for a file, the user needs to take this file and this own
privileges as inputs. The user is able to find a substitute for this file if and only if there is a copy of this file and a
matched privilege stored in cloud. If user wants to change a file in already stored in cloud, user can‘t change file or
data part. Ciphertext-policy attribute-based encryption (CP-ABE) has been a preferred encryption skill to solve the
difficult problem of protected data sharing in cloud computing. The shared data files generally have the characteristic
of multilevel hierarchy, mainly in the area of healthcare and the military. However, the hierarchy organization of
shared files has not been explored in Ciphertext-policy attribute-based encryption. In this paper, an efficient file
hierarchy ABE scheme is proposed in cloud computing. A single access structure are obtained through integrating
layered access structures and then, the hierarchical files are encrypted with the integrated access structure. The cipher
text mechanism associated with attributes can be shared by the files.
Therefore, both cipher-text storage space and time cost of encryption are saved. Moreover, the proposed scheme is
proved to be protected under the standard statement. Nw simulation shows that the proposed scheme is highly well-
organized in terms of encryption 22 and decryption. With the number of the files increasing, the advantages of our
scheme become more and more noticeable.
Proposed system :
We propose a cloud-based secure data system, which allows trusted authority to securely store their secret data
on the semi-trusted cloud service providers, and selectively share their secret data with a wide range of data receiver.
To reduce the key management complexity for authority owners and data receivers. Different from previous cloud-
based data system, Data owners encrypt their secret data for the data receiver‘s using KP-ABE .
Encryption scheme:
Another advanced specification is, if any data receiver wants personal file to download, the data receiver will send the
request to the authority. The authority owner has the Access Control. if the Owner want to share the original file with
the data receiver, he shares these keys to data receiver. After accepts request the data receiver download the secret key
and use this key to download the original data. The cloud storage providers make sure that user privacy remains firmly
protected. After this, the cloud server cannot decrypt any cipher text at any point of time. The security and efficiency
analysis reveals that our system is not only secure but also practical. Attribute Based Encryption algorithm is a
hierarchical structure to improve scalability and flexibility. This system effectively eliminates the need to rely on the

data storage server for preventing unauthorized data access and integrity. The performance measurements indicate that
the proposed scheme is economical to firmly manage knowledge, keep within data storage servers and considerably
reduces the computation time. In addition we include this algorithm for the data classification.
Attribute-based encryption (ABE) :
Attribute-based encryption (ABE) is a moderately latest technique that review the concept of public-key cryptography.
Identity-based cryptography is exacting (IBE) altered the conventional accepting of public-key cryptography by
accepting the public-key to be a random string, e.g., the email address of the recipient. It goes 1 step additional and
defines the uniqueness not atomic but as a set of characteristics, e.g., roles, and messages can be encrypted with respect
to subsets of attributes (key-policy ABE - KP-ABE) or policies defined over a set of attributes (cipher text-policy ABE -
CP-ABE).
Key-Policy ABE :
This essentially tells that it should not be probable for distinct clients to "group" their secret keys which is achieved by
independently randomizing users' secret keys.
Modules:
1. Storing files
2. Data Protection
3. Authentication
4. Secure Data retrieval
Storing files:
In this module the data owner to securely store their secret data on the semi-trusted cloud service providers,
and selectively share their secret data with a wide range of data receiver. Data owner upload the several files and data.
Data Protection:
In this module for the security purpose we introduce the Attribute-based encryption (ABE) is a relatively
recent approach that reconsiders the concept of public-key cryptography. Data can be encrypted with respect to subsets
of attributes. The key issues are that an important person should only be able to decrypt a cipher text. A person who
holds a key for "matching attributes" where user keys are constantly given by some trusted party.
Authentication:
Cloud agents have been newly introduced other computational level to make possible cloud selection and
service management responsibilities for cloud clients. In this module the authority will verify the data receiver‘s full
details weather person in right person or cloud broker. The data receivers want to send request for the file which he
want to download. Data provider check the details if the Owner want to share the original file with the data receiver he
will accept the request.
Secure Data retrieval: In this Module after accepts request by the data owner the data receiver downloads the
key‘s and use this key to download the original data in decrypted format.

ADVANTAGE :
 This efficiently eliminates the need to rely on the data storage server for preventing unauthorized data access
and provides integrity. The scheme considerably reduced the computation time required for resource-limited
devices to improve plaintexts.
 Data can be encrypted with respect to subsets of attributes. The key issue is, that someone should only be able to
decrypt a cipher-text if the person holds a key for "matching attributes" where user keys are always issued by
some trusted party.
 Data privacy .
 On-demand revocation .
 Write access control .
 Scalability and usability.
RESULT AND DISCUSSION
The above screen shows the details of the uploaded file
The above screen shows the receiver to download the files are to ready.

This screen has to download the key to download the encrypted file
FUTURE ENHANCEMENT:
In this paper, we tackle the open problem of proposing a leakage of data. We propose a cloud based secure data
system, which allows Trusted authority to securely store their secret data on the semi-trusted cloud service providers,
and selectively share their secret data with a wide range of data receiver. In addition for classification of data files a
new classification algorithm is proposed. Cloud computing could be a promising and rising technology for subsequent
generation of IT applications. Reducing data storage space and processing cost is a compulsory requirement of any
organization, while analysis of data and information is always the most important tasks in all the organizations for
decision making. So no organizations will transfer their data or information to the cloud until the trust is built between
the CSP and consumers. However there are lot of scope for improving this technique. More work is required in the area
of cloud computing to make it acceptable by the CSC. This paper presents data safety and confidentiality, focusing on
the data storage and use in the cloud, for data protection in the cloud computing environments to build trust between
CSP and consumers.
REFERENCES :
[1] Kaitai Liang, Joseph K. Liu, Duncan S. Wong, Willy Susilo, ―An Efficient Cloud-based Revocable Identity-based
Proxy Re-encryption Scheme for Public Clouds Data Sharing‖, vol. 8712. Sep. 2014, pp. 257–272.
[2] SADIKIN RIFKI, YOUNGHO PARK, SANGJAE MOON , ― A Fully Secure Cipher text-Policy Attribute-Based
Encryption With A Tree-Based Access Structure‖.
[3] Tsz Hon Yuen, Ye Zhang, Siu Ming Yiu, and Joseph K. Liu. ―Identity-based Encryption with Post-Challenge
Auxiliary Inputs for Secure Cloud Applications and Sensor Networks‖, in Proc. 19th Eur. Symp. Res. Comput. Secur.,
vol. 8712. Sep. 2014, pp. 130–147.
[4] Y. Yang, J. K. Liu, K. Liang, K.-K. R. Choo, and J. Zhou, ―Extended proxy-assisted approach: Achieving
revocable fine-grained encryption of cloud data,‖ in Proc. 20th Eur. Symp. Res. Comput. Secur. (ESORICS), vol. 9327.
Sep. 2015, pp. 146–166.
[5] K. Liang et al., ―A DFA-based functional proxy re-encryption scheme for secure public cloud data sharing,‖ IEEE
Trans. Inf. Forensics Security, vol. 9, no. 10, pp. 1667–1680, Oct. 2014.

Data Protection and Verification of Data With Key Exposure in Cloud Environment

Uploaded by

Document Information

Original Title

Copyright

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Data Protection and Verification of Data With Key Exposure in Cloud Environment

Uploaded by

Copyright:

IPASJ International Journal of Information Technology (IIJIT)

Web Site: http://www.ipasj.org/IIJIT/IIJIT.htm

DATA PROTECTION AND

Volume 7, Issue 1, January 2019 Page 18

Volume 7, Issue 1, January 2019 Page 19

Volume 7, Issue 1, January 2019 Page 20

Volume 7, Issue 1, January 2019 Page 21

The above screen shows the details of the uploaded file

Volume 7, Issue 1, January 2019 Page 22

Volume 7, Issue 1, January 2019 Page 23

You might also like