Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Two Level Authentication Based Secure Data Transmission over Cloud ,

advertisement 
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014
Two Level Authentication Based Secure Data
Transmission over Cloud
MadhupadaSivaramayya1, KameswaraRao2
Final M.Tech Student, 2Assistant Professor
1,2
Dept of CSE,Vizag.institue of Technology, Visakhapatnam,AP,India
1
Abstract: Secure transmission of data over cloud is an
interesting research issue in the field of cloud computing.
Data confidentiality is the major issue while more than one
data owners want to access the out sourced information. In
this paper we are proposing an efficient mechanism for
secure transmission of data with two level authentication,
Shamir based Secure key generation and cryptographic
implementation.
Index terms: multi owner data sharing, group key
management, cryptography
I. INTRODUCTION
Cloud computing has been visualize the next
generation architecture of IT endeavor due to its large list
of advantages in the IT history: on demand service,
location independent, resource pooling and rapid resource
elasticity. From users side in clouding both individuals
storing data distant into the cloud in easier on demand
manner brings requesting benefits: relief of the burden of
storage management global data access with dependent
geo-graphical locations and reducing of large disbursement
on hardware / software and personnel maintenances etc.
Present days cloud service is a frequently
increasing technology due to its efficient features as a
resource area and data storage area. It can be used as an
application, an osor virtual machine and many advantages
with cloud service technology. Cloud service provider
follows pay and use relationship with clients and the data
owner. They do not know where the real data is stored but
he/she can surf the cloud when it required by verifying
themselves with their authentication credentials.
Data Owner: Data Owner or User is a person stores more
amount of data on server which is maintained by the
service provider or the individual who is storing data or
data component to the service provider. User has a
privilege to upload their data on cloud without bothering
about storage and maintenance. A service provider will
provide services and privileges to the user. The major goal
of cloud data storage is to achieve the exactness and
probity of data stored in cloud.
Third Party Auditor: Third party auditors acts as verifier,
verifies on users request for storage exactness and probity
of data. This Auditor Communicates with Cloud Service
ISSN: 2231-5381
Provider and monitors data components which are
uploaded by the data owner.
Cloud storage is an important service of cloud
computing which allows data owners to change data
location from their local computing systems to the cloud.
More owners initiate to store the data in the cloud. This
novel prototype of data deploying service also introduces
novel security issues. Owners would distress that the data
would be lost in the cloud. This is because of data loss
could happen in any infra-structure, no matter what high
degree of dependable parameters cloud service providers
would take. The cloud service providers might be corrupt.
They could throw away the data that have not been
browsed or very few times accessed, to save the storage
space and claim that the data still stored in the cloud.
Therefore the owners required to be satisfied that the data
are systematically stored in the cloud.
In many scenarios multiple data owners share
common information which is outsourced over cloud, so
data confidentiality is the primary factor while transmitting
or receiving the data components from / to Cloud service.
In this paper we will discuss in detail.
.
II. RELATED WORK
In traditional approach handling multi
owner data sharing is a complex issue, various researchers
proposed various approaches for the problem, previous
approaches divides the files into number of blocks and
applies cryptographic mechanism over individual blocks, it
is very time complexity process and while addition of new
owner again key should be updated and it should be
accepted by the all data owners.



Simple
Symmetric
and
Asymmetric
Cryptographic techniques cannot maintain the
optimal security
It is vulnerable ,if transfers the key directly over
network
Authentication of data owner is not integrated in
traditional approach
Group
manager
takes
charge
of
system
parametersgeneration, user registration, user revocation,
and revealing the real identity of a dispute data owner. In
http://www.ijettjournal.org
Page 208
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014
the given example, the group manager is acted by the
administrator of the company. Therefore, we assume that
the group manager is fully trusted by the other parties.
Group members are a set of registered users that will store
their private data into the cloud server and share them with
others in the group. In our example, the staffs play the role
of group members. Note that, the group membership is
dynamically changed, due to the staff resignation and new
employee participation in the company.
this paper we are proposing a two level authentication
mechanism for secure transmission or sharing of data over
cloud
III. PROPOSED WORK
The proposed system identified the problems during multi
owner data sharing and proposed an efficient protocol and
cryptographic technique for solving drawbacks in the
traditional approach. It proposed an efficient and novel
secure key protocol for group key generation, new user
need not to contact the data owner during the downloading
of files and data can be encrypted with Triple DES before
uploading the data in to the cloud. The proposed work
involves the modules as Data owner, Group key manager
and user revocation and the architecture as below
Previous work proposed in multi owner data sharing,
user can be authenticated and data can be encrypted based
on registered id and bilinear paring mechanism is complex
when number of dynamic users is more and we cannot
completely relay on third party key generation center. In
Node1
Cip
he
r
Da
ta
Node2
Cip
he
r
Da
ta
KGC
Authentication
& Key
Authe
nticati
on&
Key
Node4
Node3
Cipher Data
Cloud Service
Member Level Authentication:
Every Group Member forwards a random challenge (Ri) to
group manager, in turn it forward a secret share (x i,yi),data
member computes (xi, (yi XOR Ri)) and forwards the
verification share to group manager and group manager
Improved lagrangeous polynomial group key scheme:
In this scheme, any t out of n shares may be used
to recover the secret. The system relies on the idea that you
can fit a unique polynomial of degree (t-1) to any set of t
points that lie on the polynomial. It takes two points to
ISSN: 2231-5381
Cip
he
r
Da
ta
verifies the user authentication with reverse XOP operation
with random challenge, if it generates the corresponding
member secret share ,then member is an authorized
member
define a straight line, three points to fully define a
quadratic the four points to define a cubic curveand so on.
That is it takes t points to define a polynomial of degree t1. The method is to create a polynomial of degree t-1 with
the secret as the first coefficient and the remaining
http://www.ijettjournal.org
Page 209
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014
coefficients picked at random. Next find n points on the
curve and give one to each of the players. When at least t
of the n players reveal their points, there is
sufficient information to fit a (t-1)th degree polynomial to
them the first coefficient being the secret.
Algorithm:
• Goal is to divide some data D (e.g., the safe
combination) into n pieces D1,D2….Dn in such a
way that:
– Knowledge of any k or more D pieces
makes D easily computable.
– Knowledge of anyk -1 or fewer pieces
leaves D completely undetermined (in
the sense that all its possible values are
equally likely).
• This scheme is called (k,n) threshold scheme. If
k=n then all participants are required together to
reconstruct the secret.
• Suppose we want to use (k,n) threshold scheme to
share our secret S where k < n.
• Choose at random (k-1) coefficients a1,a2,a3…ak-1
, and let S be the a0
f(x)=a0 + a1x + a2x2 + ……….+ak-1k-1
• Construct n points (i,f(i)) where i=1,2…..n
Recall that the secret is the free coefficient,
After getting group key to data owner’s data owners are
able upload data. The data is to be encrypted and upload
encrypted data. All data owners encrypt their data using
Triple DES algorithm. It is shown below.
TDES is a block cipher operating on 64-bit data
blocks. Some forms of TDES use two 56-bit keys, while
others use three. TDES can however work with one, two or
Our work efficiently reduces the calculation complexity
while revealing the key. ODBE and MODS are more
three 56-bit keys. The parallel implementation improves
performance and reduces gate count.
Given any subset of k of these pairs, we can find the
coefficients of the polynomial by interpolation, and then
evaluate a0=S , which is the secret.
Example:
• Let S=1234
• n=6 and k=3 and obtain random integers a1=166
and a2=94
f(x)=1234+166x+94x2
• Secret
share
points
(1,1494),(2,1942)(3,2598)(4,3402)(5,4414)(6,561
4)
• We give each participant a different single point
(both x and f(x) ).
Re-construction:
• In order to reconstruct the secret any 3 points will
be enough
• Let us consider
(x0,y0)=(2,1924),(x1,y1)=(4,3402),(x2,y2)=(5,4414)
Using lagrangeous polynomials
L0=x-x1/x0-x1*x-x2/x0-x2=x-4/2-4*x-5/2-5=(1/6)x2(3/2)x+10/3
L1=x-x0/x1-x0*x-x2/x1-x2=x-2/4-2*x-5/4-5=-(1/2)x2-(7/2)x-5
L2=x-x0/x2-x0*x-x1/x2-x1=x-2/5-2*x-4/5-4=(1/3)x2-2x+8/3
2
f(x)=
jlj(x)=1942((1/6)x -(3/2)x+10/3)+3402(2
2
(1/2)x -(7/2)x-)+4414((1/3)x -2x+8/3)
f(x)=1234+166x+94x2
complex in nature and processing time also increases for
more number of members in a group.
applied over key and points for group key manager
authentication.
Second Level Authentication for Group Manager:
Group Key manager forwards k points to reconstruct the
equation and hash code generated over k points and key,
this may vary from member to members because every
member need not receive same k number of points.After
the re construction of the equation, data member extracts
the key from equation and generates a signature over key
and the three points which are forwarded.
IV.CONCLUSION
We are concluding our current research work with efficient
two level authentication based data sharing technique.
Initially Data member’s authentication can be verified with
random challenge and secret share. Key can be generated at
group key manager and points forwarded to Group
members for reconstruction of key and after reconstruction
data members verifies the signature or hash code which is
ISSN: 2231-5381
out
REFERENCES
[1] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H.
Katz, A. Konwinski,G. Lee, D. A. Patterson, A. Rabkin, I.
Stoica, and M. Zaharia,“Above the clouds: A berkeley
view of cloud computing,” University ofCalifornia,
Berkeley, Tech. Rep. USB-EECS-2009-28, Feb 2009.
[2] Amazon Web Services (AWS), Online at http://aws.
amazon.com.[3] Google App Engine, Online at
http://code.google.com/appengine/.
[4] Microsoft Azure, http://www.microsoft.com/azure/.
[5] 104th United States Congress, “Health Insurance
Portability and Accountability
Act
of
1996
(HIPPA),”
Online
at
http://aspe.hhs.gov/admnsimp/pl104191.htm, 1996.
[6] H. Harney, A. Colgrove, and P. D. McDaniel,
“Principles of policy insecure groups,” in Proc. of
NDSS’01, 2001.
http://www.ijettjournal.org
Page 210
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number 5 – Dec 2014
[7] P. D. McDaniel and A. Prakash, “Methods and
limitations of securitypolicy reconciliation,” in Proc. of
SP’02, 2002.
[8] T. Yu and M. Winslett, “A unified scheme for resource
protection inautomated trust negotiation,” in Proc. of
SP’03, 2003.
BIOGRAPHIES
[9] J. Li, N. Li, and W. H. Winsborough, “Automated trust
negotiationusing cryptographic credentials,”
MadhupadaSivaramayya pursuing M.Tech
in Computer Science and Engineering
Department, in Vizag Institute
of
Technology,Visakhapatnam. HisInteresting
areas are network security and datamining.
KameswaraRao M.E(PhD)
Head of
Department,Computer
Science
and
Engineering Department,Vizag Institute of
Technology,Visakhapatnam. having seven
years
of
teaching
and
researchexperience.Research Scholar from
JNTUK and working as AssistantProfessor
in Computer science and Engineering department in
Vizag.institue of Technology.He worked in IIT
Kharagpur as Projectconsultant. Btech from BVCITS
amalapuram and M.E from Annauniversity.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 211
Related documents
Cloud Based Business Growth Support Processes
Cloud Based Business Growth Support Processes
Slide - People
Slide - People
Jordan University of Science and Technology Abstract: Authors
Jordan University of Science and Technology Abstract: Authors
Cloud Computing - Lutheran Services in America
Cloud Computing - Lutheran Services in America
I am a tornado
I am a tornado
Lisa Neal-Graves, Director Technology Insights, Intel
Lisa Neal-Graves, Director Technology Insights, Intel
Cisco Video Strategy - Distributed Computing Industry Association
Cisco Video Strategy - Distributed Computing Industry Association
Download
advertisement