Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Abstract - Chennaisunday.com

advertisement 
Improving Security and Efficiency
in Attribute-Based Data Sharing
ABSTRACT:
With the recent adoption and diffusion of the data sharing paradigm in
distributed systems such as online social networks, there have been increasing
demands and concerns for distributed data security. One of the most challenging
issues in data sharing systems is the enforcement of access policies and the
support of policies updates. Cipher text policy attribute-based encryption (CPABE) is becoming a promising cryptographic solution to this issue. It enables data
owners to define their own access policies over user attributes and enforce the
policies on the data to be distributed.
However, the advantage comes with a major drawback which is known as a
key escrow problem. The key generation center could decrypt any messages
addressed to specific users by generating their private keys. This is not suitable for
data sharing scenarios where the data owner would like to make their private
data only accessible to designated users. In addition, applying CP-ABE in the data
sharing system introduces another challenge with regard to the user revocation
since the access policies are defined only over the attribute universe. Therefore,
in this study, we propose a novel CP-ABE scheme for a data sharing system by
exploiting the characteristic of the system architecture.
The proposed scheme features the following achievements: 1) the key
escrow problem could be solved by escrow-free key issuing protocol, which is
constructed using the secure two-party computation between the key generation
center and the data-storing center, and 2) fine-grained user revocation per each
www.chennaisunday.com
attribute could be done by proxy encryption which takes advantage of the
selective attribute group key distribution on top of the ABE. The performance and
security analyses indicate that the proposed scheme is efficient to securely
manage the data distributed in the data sharing system.
Existing System:
The key problem of storing encrypted data in the cloud lies in revoking
access rights from users. A user whose permission is revoked will still retain the
keys issued earlier, and thus can still decrypt data in the cloud. A na’ıve solution is
to let the data owner or sender immediately re-encrypt the data, so that the
receiver have to made a request for the key, ones request was received the data
owner can send the key and also can decline the request. This solution will lead to
a performance bottleneck, especially when there are frequent user revocations.
An alternative solution is to apply the proxy re-encryption (PRE) technique. This
approach takes advantage of the abundant resources in a cloud or social network
by delegating it to re-encrypt data. This approach is also called command-driven
re-encryption scheme, where cloud servers execute encryption while receiving
commands from the data owner.
Disadvantage:
1. We can decrypt the encrypted data easily with some decryption software
without the security key which was assigned by the data owner.
2. Only single key is used even for the highly sensitive data.
3. If key is forgot we cannot send multiple key request to the single data, so
we cannot decrypt the data without the key.
www.chennaisunday.com
Proposed System:
Here, we extend the existing definitions and also removed the drawbacks
with that system and introduced a secure data transfer in the network. And also it
will protects the data lose and also data thefts. It also having secure messaging
module which protects the user’s message from other persons in the network.
Advantages:
1. Highly secured data transfer with advanced encryption technique the
other person cannot decrypt it easily.
2. Here we used Attribute Based Encryption system which provides more
security for our data.
3. The receiver can send multiple key requests to the data owner for the
single data.
Algorithm Used:
Attribute Based Encryption (ABE) Algorithm
Problem Statement:Security is a most important thing in the data sharing. In the data sharing
the main problem is leakage of data. The data can be protected by encrypting it
with proper security key. In this system we have develop the data sharing using
Attribute Based Encryption (ABE) Algorithm. By this our data becomes more
secure than the existing system.
www.chennaisunday.com
Scope:The scope of this project is to protect the data from other persons in the
network by encrypting it and send it in the social networks. The authorized person
who was received the message will send the key request to the data owner. After
receiving the key from the sender only the message gets decrypted.
Algorithm:Cryptography :
We first provide a formal definition for access structure by recapitulating the
definitions in [4], [5]. Then, we will briefly review the cryptographic background
about the bilinear map and its security assumption.
Notations :
In this paper, x 2R S denotes the operation of picking an element x at
random and uniformly from a finite set S. For a probabilistic algorithm A; x $ A
assigns the output of A to the variable x. 1_ denotes a string of _ ones, if _ 2 IN. A
function _ : IN ! IR is negligible (negl(k)) if for every constant c _ 0 there exists kc
such that _ðkÞ < k_c for all k > kc.
www.chennaisunday.com
Access Structure:
Definition 1 (Access structure). Let fP1; P2; . . . ; Png be a set of parties. A
collection AA _ 2fP1;P2;...;Png is monotone if 8B;C: if B 2 AA and B _ C, then C
2 AA. An access structure (respectively, monotone access structure) is a collection
(respectively, monotone collection) AA of nonempty subsets of fP1; P2; . . . ; Png,
i.e., AA _ 2fP1;P2;...;Png n f;g. The sets in AA are called the authorized sets, and
the sets not in AA are called the unauthorized sets. In CP-ABE schemes, the role of
the parties is taken by the attributes. Thus, the access structure AA will contain the
authorized sets of attributes. From now on, by an access structure we mean a
monotone access structure.
Bilinear Pairings:
Definition 2 (Bilinear map). Let GG0 and GG1 be a multiplicative cyclic group of
prime order p. Let g be a generator of GG0. A map e : GG0 _ GG0 ! GG1 is said to
be bilinear if eðPa;QbÞ ¼ eðP;QÞab for all P;Q 2 GG0 and all a; b 2 ZZ_ p, and
nondegenerate if eðg; gÞ 6¼ 1 for the generator g of GG0. We say that GG0 is a
bilinear group if the group operation in GG0 can be computed efficiently and there
exists GG1 for which the bilinear map e : GG0 _ GG0 ! GG1 is efficiently
computable.
Bilinear Diffie-Hellman (BDH) Assumption:
Using the above notations, the Bilinear Diffie-Hellman problem is to
compute eðg; gÞabc 2 GG1 given a generator g of GG0 and elements ga; gb; gc for
www.chennaisunday.com
a; b; c 2 ZZ_ p. An equivalent formulation of the BDH problem is to compute
eðA;BÞc given a generator g of GG0, and elements A;B and gc in GG0.
An algorithm A has advantage _ð_Þ in solving the BDH problem for a bilinear
map group hp;GG0;GG1; ei, where _ is the security parameter (the bit length of p),
if Pr½Aðp;GG0;GG1;A;B; gcÞ ¼ eðA;BÞc_ _ _ð_Þ. If for every polynomial-time
algorithm (in the security parameter _) to solve the BDH problem on
hp;GG0;GG1; ei, the advantage _ð_Þ is a negligible function, then hp;GG0;GG1;
ei is said to satisfy the BDH assumption.
One-Way Anonymous Key Agreement:
In a Boneh-Franklin identity-based encryption setup [15], a trusted key authority
called private key generator (PKG) generates private keys di for users with
identities IDi using a master secret s. A user with identity IDi receives the private
key di ¼ HðIDiÞs 2 GG0, where H : f0; 1g_ ! GG0 is a cryptographic hash
function. On the basis of this setup, Kate et al. [16] proposed a oneway anonymous
key agreement scheme by replacing the identity hashes with pseudonyms
generated by users. Oneway anonymous key agreement is to guarantee anonymity
for just one of the participants; the other participant works as a nonanonymous
service provider and the anonymous participant needs to confirm the service
provider’s identity. In this setting, two participants can agree on a session key in
a noninteractive manner. Suppose Alice and Bob are clients of the same key
authority. Alice has identity IDA and private key dA ¼ Qs A ¼ HðIDAÞs. Alice
wishes to remain anonymous to Bob whose identity is IDB. Then, the key
agreement protocol progresses as follows: 1. Alice computes QB ¼ HðIDBÞ. She
chooses a random integer rA 2 ZZ_ p , generates the corresponding pseudonym PA
¼ QrA A , and computes the session key KA;B ¼ eðdA;QBÞrA ¼ eðQA;QBÞsrA
www.chennaisunday.com
. She sends her pseudonym PA to Bob. 2274 IEEE TRANSACTIONS ON
KNOWLEDGE AND DATA ENGINEERING, VOL. 25, NO. 10, OCTOBER
2013 2. Bob computes the session key KA;B ¼ eðPA; dBÞ ¼ eðQA;QBÞsrA using
his private key dB. Kate et al. proved that this protocol is secure in the random
oracle model assuming the BDH problem in hp;GG0;GG1; ei is hard in terms of
the unconditional anonymity, session key secrecy, and no impersonation.
The proof can be found in.
Architecture:-
Architecture of a data sharing system
www.chennaisunday.com
Implementation:
Implementation is the stage of the project when the theoretical design is
turned out into a working system. Thus it can be considered to be the most
critical stage in achieving a successful new system and in giving the user,
confidence that the new system will work and be effective.
The implementation stage involves careful planning, investigation of the
existing system and it’s constraints on implementation, designing of methods to
achieve changeover and evaluation of changeover methods.
Main Modules:-
1. User Module:
In this module, Users are having authentication and security to access the
detail which is presented in the ontology system. Before accessing or searching
the details user should have the account in that otherwise they should register
first.
2. Sharing Messages And Photos:
The message sender was treated as data owner that he sends message and
photos to their friends by encrypting it. The receiver can only read the encrypted
message; if the receiver wants to decrypt the message he needs the security key
which was set by the data owner or sender.
3. Key Request:
www.chennaisunday.com
If the receiver wants to unlock or decrypt the message he has to send the
key request to the data owner or sender. If the key request was received the
sender will reflect the key. If he sends the key then only the receiver can decrypt
the data. At the receiver side the key and the request id will be displayed after
sender sends the key. Using that the receiver can decrypt the data.
4. Send Key:
Once the key request was received, the sender can send the key or he can
decline it. With this key and request id which was generated at the time of
sending key request the receiver can decrypt the message.
System Configuration:
H/W System Configuration:
Pentium –III
Processor
-
Speed
- 1.1 Ghz
RAM
- 256 MB(min)
Hard Disk
- 20 GB
Floppy Drive
- 1.44 MB
Key Board
- Standard Windows Keyboard
Mouse
- Two or Three Button Mouse
Monitor
- SVGA
www.chennaisunday.com
S/W System Configuration:
Operating System
: Windows95/98/2000/XP
Application Server
: Tomcat5.0/6.X
Front End
: HTML, Java, Jsp
Scripts
: JavaScript.
Server side Script
: Java Server Pages.
Database
: Mysql 5.0
Database Connectivity
: JDBC.
www.chennaisunday.com
Related documents
Document
Document
Gen X lack respect & direction
Gen X lack respect & direction
Sex God`s way
Sex God`s way
SET form
SET form
Biography
Biography
across courses
across courses
GEO 261: Global Dynamics of Health & Disease
GEO 261: Global Dynamics of Health & Disease
PowerPoint
PowerPoint
Appendix 10 Generic Patient invitation letter from trial site
Appendix 10 Generic Patient invitation letter from trial site
Download
advertisement