Abstract

advertisement
Payments for Outsourced Computations
ABSTRACT:
With the recent advent of cloud computing, the concept of outsourcing
computations, initiated by volunteer computing efforts, is being revamped. While
the two paradigms differ in several dimensions, they also share challenges,
stemming from the lack of trust between outsourcers and workers. In this work, we
propose a unifying trust framework, where correct participation is financially
rewarded: neither participant is trusted, yet outsourced computations are efficiently
verified and validly remunerated. We propose three solutions for this problem,
relying on an offline bank to generate and redeem payments; the bank is oblivious
to interactions between outsourcers and workers. We propose several attacks that
can be launched against our framework and study the effectiveness of our
solutions. We implemented our most secure solution and our experiments show
that it is efficient: the bank can perform hundreds of payment transactions per
second and the overheads imposed on outsourcers and workers are negligible.
EXISTING SYSTEM:
In the existing system, Motivated by the ability of computer owners to donate CPU
resources, volunteer computing takes advantage of the parallelizable nature of
several large compute problems to distribute jobs to available computers over the
internet.
In Existing system the problem of existing outsourcing computations in distributed
environments has several security challenges. These challenges stem from the lack
of trust between the outsourcer and a worker. Previous work has extensively
considered one side of the trust problem - the efficient verification of the
completion of the outsourced computation. We believe this to be the first work that
simultaneously addresses the other side of trust - ensuring valid remuneration for
the work. Outsourcers have computing jobs they cannot complete in a timely
fashion, whereas workers are willing to spend CPU cycles to run parts of such
jobs. Outsourcers do not trust the workers to correctly perform computations and
workers do not trust outsourcers to pay for completed jobs. Motivated by the
ability of computer owners is to donate CPU resources and volunteer computing
takes advantage of the parallelizable nature of several large compute problems to
distribute jobs to available computers over the internet.
DISADVANTAGES OF EXISTING SYSTEM:
 Main problem is that address the lack of trust of outsourcers on workers, the
lack of trust of a worker in the outsourcer is not addressed.
 Workers do not have any verification process. So malicious outsourcer enter
into the process.
 Sometimes the intruders make misuses the outsourcing process.
PROPOSED SYSTEM:
We propose a unifying trust framework, where correct participation is financially
rewarded: neither participant is trusted, yet outsourced computations are efficiently
verified and validly remunerated.
We propose solutions that address both issues of trust. In our proposed system we
introduce payment outsourced scheme for outsourcing computation that is only
based on traditional electronic cash systems. To avoid the problem in an existing
system, we use the following three solutions are,
In our first solution, it requires outsourcer to split the key used to obfuscate
the payment and hides the sub keys into pre computed, randomly chosen parts of
the job. The worker is entitled to a probabilistic verification of the payment
received before beginning the computation. However, a malicious outsourcer that
generates a single incorrect subkey may pass the verification step but prevent an
honest worker from recovering the payment. In our second solution, outsourcer
uses threshold sharing to divide the payment into multiple shares and obfuscates a
randomly chosen subset of the shares with solutions to parts of the job. The worker
needs to retrieve only a subset of the shares in order to reconstruct the payment.
This significantly improves the worker’s chance of retrieving the payment even in
the presence of a malicious outsourcer generating incorrect shares. However, this
solution provides the worker with an unfair advantage in recovering the payment
before completing the job: fewer shares need to be discovered. In our third
solution, we use exact secret sharing to compute shares of the payment token—all
the shares are needed to reconstruct the payment. Instead of generating a single
ringer set, outsourcer generates a ringer set for each payment share and uses a
function of the ringer set to “hide” the share. Worker and outsourcer run a
verification protocol, where all but one share are revealed and the correctness of
the last share is proved in zero knowledge.
ADVANTAGES OF PROPOSED SYSTEM:
 It improves the worker’s chance of retrieving the payment even in the
presence of a malicious outsourcer generating incorrect shares.
 This solution provides the worker with an unfair advantage in recovering the
payment before completing the job: fewer shares need to be discovered.
 It provides the full trust to the service provider (worker) and Outsourcers
(outsourcer).
ALGORITHM AND TECHNIQUES:
Symmetric key algorithm:
Symmetric-key algorithms are a class of algorithms for cryptography that
use the same cryptographic keys for both encryption of plaintext and decryption of
cipher text. The keys may be identical or there may be a simple transformation to
go between the two keys. The keys, in practice, represent a shared secret between
two or more parties that can be used to maintain a private information link. This
requirement that both parties have access to the secret key is one of the main
drawbacks of symmetric key encryption, in comparison to public-key encryption.
Secret sharing techniques:
Secret sharing techniques refers to method for distributing a secret amongst
a group of participants, each of whom is allocated a share of the secret. The secret
can be reconstructed only when a sufficient number, of possibly different types, of
shares are combined together; individual shares are of no use on their own. Secret
sharing schemes are ideal for storing information that is highly sensitive and highly
important. Examples include: encryption keys, missile launch codes, and numbered
bank accounts. Each of these pieces of information must be kept highly
confidential, as their exposure could be disastrous; however, it is also critical that
they not be lost. Traditional methods for encryption are ill-suited for
simultaneously achieving high levels of confidentiality and reliability. This is
because when storing the encryption key, one must choose between keeping a
single copy of the key in one location for maximum secrecy, and keeping multiple
copies of the key in different locations for greater reliability. Increasing reliability
of the key by storing multiple copies lowers confidentiality by creating additional
attack vectors; there are more opportunities for a copy to fall into the wrong hands.
Secret sharing schemes address this problem, and allow arbitrarily high levels of
confidentiality and reliability to be achieved.
MODULES:
 Initiate process
o Business login
o Personal login
 Banking process
 Payment process
 Verification Process
 Manage files process
MODULES DESCRIPTION
INITIATE PROCESS:
Initiate process is the first step to enter the payment outsourcing process.
Initiate process is the Login process. Before entering the account the Outsourcer
need to register their personal details. In this step the registration process contains
the two different types of registration for Outsourcer convenient. These processes
are Business login and Personal Login. Business login is the process to register the
details of user who needs to make the business in the online purpose. In this
process the Outsourcers should enter the all personal details and also need to enter
the storage capacity as their process need. If the Business process required storage
capacity of 5GB, they need to pay 20$, and etc. If the personal login required
storage capacity of 2 GB, they no need to pay money. In this register process, after
submitting this register key (code) will send to the particular user’s mail id. The
register key (code) is used for authentication purpose.
BANKING PROCESS:
Banking Process contains the process of manage the banking details. Before
enter the banking process, the Outsourcer need to submit the details about him.
Details of the banking needs Name, Address, Country, State, Area, Pin code,
Phone number and Email id. After the submitting the account creation of bank, the
key and credit card number will send to his own mail id. This key provides the
more authentications to both the Outsourcers and servers. And then the Outsourcer
enters into the bank process using name and code which are sent his mail id.
Banking process have the following items are, Account details, Deposit, with draw
and logout. In account detail process, it has the items of Account number and code
(generated in their own mail id). After entering the details, the process used to
view the account process. In deposit process, it has the items of Enter amount,
Enter code and Account number. After entering the details amount will deposit in
their account. In withdraw process; it has the items of Enter amount, Enter code
and Account number. After entering the details amount will withdraw by the
Outsourcer.
PAYMENT PROCESS:
Payment processes have the process of Mail ID, Card Number, Code and
Storage cost. Before entering the payment process the process needs the banking
process. Because the payment process need the storage cost, so the amount form
the Outsourcer is get from the bank through the banking details. After the banking
process is completed the Outsourcer enters the payment process. Verification of
the payment based on the shape verification and code verification. If wrong shape
is draw means the process not entered into the account. After the submitting of
correct shape, then only the process enters into the payment account.
VERIFICATION PROCESS:
Main process of the payment for outsourced computation is Authentication.
For Authentication purpose the process should perform the verification step of the
Outsourcer. This process has the two types of verification are Code verification
and Shape verification. Code verification are the process, that done in after the
submitting the bank process and the payment account process. The code or key of
the process is send to our own mail id (as we providing in the personal details).
After verifying of the code, then only the next process is done. Shape verification
is the process of verification done by the shape model. Outsourcer need to draw the
shape that is given in the login page. After completing the correct shape, then only
the Outsourcer get inside the process.
MANAGE FILES PROCESS:
Managing file process is the process that is maintained in the payment
process. In this process, the process maintains the item sets of Home, Account
Details, File Folders and Logout process. Home processes have the process of
Upload, New folder and delete file options. Upload file has the elements that are
secure file and zip file for securing the uploaded data. Secure files used for Encrypt
and Decrypt the data files. Zip file used for compressing the data. Account detail
process provides the personal details of the Outsourcer and it also provides the date
of expiry. File Folder process used for searching the files using file name, file size,
folder name and available size. This process also used for download the file data.
SYSTEM ARCHITECTURE:
MANAGE FILE PROCESS
Verification
Outsourcer
Enter for
key
Enter for card
no and code
Enter into the
process with key
Provide key
Decrypt
PAYMENT
PROCESS
Card Verification
Provide code
and card no
Enter into the process with
card number and code
Money Transfer
with full trust
BANKING
PROCESS
With encrypt
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
• System
: Pentium IV 2.4 GHz.
• Hard Disk
: 40 GB.
• Floppy Drive
: 1.44 Mb.
• Monitor
: 15 VGA Colour.
• Mouse
: Logitech.
• Ram
: 512 Mb.
SOFTWARE REQUIREMENTS:
• Operating system : - Windows XP.
• Coding Language : J2EE
• Data Base
: MYSQL
REFERENCE:
Bogdan Carbunar and Mahesh V. Tripunitara, “Payments for Outsourced
Computations”,
IEEE
TRANSACTIONS
ON
PARALLEL
DISTRIBUTED SYSTEMS, VOL. 23, NO. 2, FEBRUARY 2012
AND
Download