Professional Documents
Culture Documents
ABSTRACT
An important problem in public clouds is how to selectively share documents
based on fine-grained attribute based access control policies. An approach is to
encrypt documents satisfying different policies with different keys using a public
key crytosystem such as attribute based encryption (ABE), and/or proxy reencryption (PRE). However, such an approach has some weaknesses: it cannot
efficiently handle adding/revoking users or identity attributes, and policy changes;
it requires to keep multiple encrypted copies of the same documents; it incurs high
computational cost. A direct application of a symmetric key cryptosystem, where
users are grouped based on the policies they satisfy and assigning unique keys for
each group, also has similar weaknesses. Without utilizing public key cryptography
and by allowing users to dynamically derive the symmetric keys at the time of
decryption, one can address the above weaknesses. Based on this idea, a new key
management scheme called broadcast group key management (BGKM) is
proposed and then give a secure construction of a BGKM scheme called ACVBGKM. The idea is to give some secrets to users based on the identity attributes
they have and later allow them to derive actual symmetric keys based on their
secrets and some public information. A key advantage of the BGKM scheme is that
adding users/revoking users or updating access control policies can be performed
efficiently by updating only some public information.
EXISTING SYSTEM
Group Key Management (GKM)
This approach encodes secrets given to users at registration phase in a special
polynomial of order at least n in such a way that users can derive the secret key
from this polynomial.
Disadvantages
In GKM the security of the scheme weakens as n increases.
Attribute Based Encryption (ABE)
ABE is another approach for implementing encryption-based access control to
documents. Under such an approach, users are able to decrypt subdocuments if
they satisfy certain policies.
Disadvantages
Whenever the group dynamic changes, the re-keying operation requires to
update the private keys given to existing members in order to provide
backward/forward secrecy.
Requires establishing private communication channels with each group
member which is not desirable in a large group setting.
Whenever the group membership policy changes, new private keys must be
re-issued to members of the group.
In applications involving stateless members where it is not possible to
update the initially given private keys and the only way to revoke a member
Size of the encrypted database is not constant with respect to the original
database size.
Redundant encryption of the same record is required to support acps
involving disjunctions.
PROPOSED SYSTEM
Without utilizing public key cryptography and by allowing users to dynamically
derive the symmetric keys at the time of decryption, one can address the group key
management issues. Based on this idea, a new GKM scheme called broadcast
GKM(BGKM) and then give a secure construction of BGKM scheme and formally
prove its security.
The idea is to give secrets to users based on the identity attributes they have and
later allow them to derive actual symmetric keys based on their secrets and some
public information.
Develop an attribute-based access control mechanism whereby a user is able to
decrypt the contents if and only if its identity attributes satisfy the content
providers policies, whereas the content provider and the cloud learn nothing about
users identity attributes.
Advantages
A key advantage of the BGKM scheme is that adding users/revoking users
or updating access control policies can be performed efficiently and only
requires updating the public information.
Maximum trust
Key indistinguishability
Key independence
Forward secrecy
System Specification
System Requirements:
Hardware Requirements
System
Hard Disk
: 40 GB.
Floppy Drive
Monitor
: 15 VGA Colour.
Mouse
Ram
: 1.44 Mb.
: Logitech.
: 512 Mb.
Software Requirements
Operating system : - Windows XP.
Coding Language : ASP.Net with C#.
Data Base
MODULE
Construction of Cloud Data Storage
Data upload
Data Retrieval
Data upload
In Upload Module the new folder can be create for storing the files. In folder
creation process the cloud system may ask one question for that user. The user
should answer the question and must remember that answer for further usage. Then
enter the folder name for create the folder for that user. In file upload process the
user has to choose one file from browsing the system and enter the upload option.
Now, the server from the cloud can give the encrypted form of the uploading file.
SYSTEM ARCHITECTURE
CLOUD ADMIN
Yes
End Process
User
Check
No
unauthorized user
USER
Yes
Upload Files
Update Files
Download Files
End Process
Check
No
unauthorized user
Class Diagram
Activity Diagram
SEQUENCE DIAGRAM
COMPANY PROFILE
I. The Company
LEGENDS
INFOTECH
Systems
Limited
is
mature
software
reliability,
and
capability.
LEGENDS
INFOTECH
possesses
History
A team of technocrats started LEGENDS INFOTECH, in 2002 in
Chennai, India providing reliable IT solutions in the Indian subcontinent.
Today, LEGENDS INFOTECH has the agility, size and momentum
necessary for further growth - built on the sound foundation laid in terms
of marketing, technical, financial, and quality process.
Operating Locations
Internationally, LEGENDS INFOTECH is present in USA and India. In
USA, LEGENDS INFOTECH operates from Atlanta and Chicago, which acts
as LEGENDS INFOTECHs marketing arm for US operations with same
business focus as LEGENDS INFOTECH.
Software
LEGENDS INFOTECH is equipped with skills and software in the
following environments, mostly in the development center in India:
Skills
Operating Systems
RT Linux
Databases
Programming Languages C, C ++, COBOL, PL/1, C#, Java,PHP, AS400 RPG, .Net
Tools
Front-end
Frameworks
Web Based
Data Modeling
Object Modeling
Testing & CM
Business Intelligence
Business Objects
Web Servers
Application Servers
a. IT Services
b. Web Application
c. Business Process Management
Website: www.legendsinfotech.com