You are on page 1of 7

International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 2769








Abstract--
Now- a- days so many storage
services are provided by information
technology. Like mysql, oracle, cloude
storage. These services are provided by a
security mechanism. Several plans are
developed by security mechanisms like
SHA1, DES, AES, RSA.THESE
mechanisms are occurred several problems
like computational problems, access
problems and security problems. Hear we
proposed attribute set based encryption with
Hierarchical manner. We employ our
scheme and which is more efficient, flexible
in access control and storage with multiple
domains in several experiments.
Index Terms—Access control, cloud
computing, data security






INTRODUCTION
Today both It companies is preferred to
cloud computing because less cost of
database service and lot of services provided
[1][2][3] .these are Infrastructure as a
Service (IaaS), Platform as a Service (PaaS),
and fig1 shows Software as a Service
(SaaS).example of IaaS are Amazon’s EC2
, [2]Amazon’s S3 and IBM’s Blue Cloud.
Oracles also provide security of data with
high cost.cheepest database is mysql with
less security. Any data is stored in database
everybody can hack and theft the data .so we
provide security mechanism in domain side
with authorized persons . several access
policy are developed in the 1960 or
1970.today new tool kits developed by
security cp-abe[5] .there are two most
security models are developed [6]Bell-La
Padula and BIBA are famous security
models.
HABSE which Extends cipher text policy of attribute set based
encryption in cloud Computing
Kalyan rao H
1
, Rama mohan C
2
, Seshadri U
3
M.tech (CSE) 4
th
sem Assistant prof ,dept of CSE H.O.D, dept of CSE
Vaagdevi institute of technology and science
Pedasettepalli(v),Proddatur,Y.S.R (dist), AP,India.
.
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013


ISSN: 2231-2803 http://www.ijcttjournal.org Page 2770



Fig 1 User and Providers of Cloud
Computing
Fig:2 Types of Cloud Service
RELATED WORK
1. Attribute-Based Encryption
The ABE was developed by fuzzy identity-
based encryption [9][10]. This algorithm has
several problems like encryption with
particular client as in usual public key
cryptography, key policy and cipher text
policy. The client cannot get the correct
description key. In cp-Abe decryption keys
are support only single set of attribute
[5].ABE contain two policy’s CP-AB and
KP-ABE. CP-ABE supports only decryption
key in set of attributes. For example
different domain have a key-policy[4] in
attribute dept 1,2,3,4...depends on dept of
attribute .some times attribute can have a
same name the problem is arise with re
encryption problems and access problems.
KP-ABE[4] scheme is composed of four
algorithms which can be defined as follows:
Setup
This is a randomized algorithm that
takes no input other than the implicit
security parameter. It outputs the public
parameters PK and a master key MK.
Encryption
This is a randomized algorithm that
takes a input a message m, a set of attributes
γ, and the public parameters PK. It outputs
the cipher-text E.
Key Generation
This is a randomized algorithm that takes
as input – an access structure A, the master
key MK and the public parameters PK. It
outputs a decryption key D.
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013


ISSN: 2231-2803 http://www.ijcttjournal.org Page 2771

Decryption
This algorithm takes as input- the
cipher-text E that was encrypted under the
set γ of attributes, the decryption key D for
access control structure A and The public
parameters PK. It outputs the message M if
γ ε A
2. Access Control for database
The KP-ABE supports only fine-grained
access-control. Every file is encrypted with
a symmetric data encryption key policy. KP-
ABE does not support multiple encryptions.
The usual methods can be used to protect the
data. The database server store to the
encrypted data .the decrypted keys is
distributed to the user. Decryption is solving
to very hard. ABE use to the good access
mechanism that is re-encryption and
efficient key generation we can use the
asymmetric key mechanism we proposed to
the hierarchical access for role-based, fine-
grained and con-figural access control .we
extend the cp-Abe,kp-Abe,AES and DES
alg.




Fig3: Format of cloud
SYSTEM MODEL AND
SECURITY
I. System model
Then the Fig4 we taken to the database
service cloud service provider[5] .there are
several trusted domains we can take a one
trusted domain and one domain. In this
domain we taken to the two client’s one
owner and consumer [13] .the owner share
the key through the domain .consumer store
access the key. Owner data is encrypted and
store to cloud. Cloud stores the encrypted
data. Consumer received the data in cloud
with using key. Consumer after getting the
data they can use the decryption key to
decrypt the data in less time computing.

2. Security
Security will provided by the owner
and consumer. These are communicate with
securely .public key and private key are kept
secretly .the trusted authority acts root of
hieratical, sub root is domain and sub-sub-
root is sub domain. These are provided by
SSL[7] protocol and other protocols. These
protocols provide the security. Then the
above fig3 we discuss the cloud storage
security.




Unic ID Cipher text
Symmetric
encryption
key\Data
Encryption
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013


ISSN: 2231-2803 http://www.ijcttjournal.org Page 2772

Proposed method

Here we propose the attribute-
set-based encryption in
hierarchical manner scheme for
realizing scalable, flexible, and fine-
grained access control in cloud
computing. by Bobba et al. public
Key Infrastructure uses Certificate
Revocation list, online certificate
status protocol ,one-way hash chain,
identitybasedencryption,HIBE,IDE.T
he scheme provides for user grant,
file creation, file deletion, and user
revocation in cloud computing in
hierarchical. The cloud computing
system under consideration consists
of five types of parties: a cloud
service provider, data owners, data
consumers, a number of domain
authorities, and a trusted authority.
Cloud service provider provides
storage service. Data Owner stored
to encrypted data .Data owner and
consumer registered by domain
Authority. A domain authority
registered by Trusted Authority these
are connected in hierarchical
manner.
The data is encrypted in data
owner that encrypted data is stored in
authorized cloud. the consumer
authorized to domain that consumer
are decrypt the data .any un
authorized person can entered in
tocloud they cannot decrypt data by
using encryption and decryption
algorithm.

Theoretical analysis

Algorithm

Setup: Trusted authority is generating a
public key and master key.multiple domains
are registered as trusted authority and
multiple public keys and master keys are
generated. let G is bilinear group and g is a
generator of e:G*GG1.
Non-degeneracy (g,g).
Pk(G,g,h1=g^β1,f1=g^1/β1,h2=g^β2,f2=g^1
/β2,e(g,g)^α).
Mk=(β1,β2,g^α). Trusted authority kept the
master key.
Keygen: Trusted authority performed the
operation. A is the key structure .Ai is the
key structure of A. New domain Di. New
domain authorities want to connect to
trusted authority. The authority verify that it
is valid are not. if it is valid. The trusted
authority generates a new public key and
master key.
Each domain authority have a attribute set
A={a0,a1---an}
Mki=(A,D,D(i,j),D`(i,j) for a(i,j)A,Ei for
AiA).
Encryption: data owner want to encrypt
the data .each data file is encrypted with
symmetric data encryption keys. Hear we
using symmetric key policy. Hear M is the
message and T is the Tree access policy. it
contains exponentiations leaf node in T,
exponentiations per translating node in T.
encrypt (pk, M, T).The encrypted data is
stored as fig3.
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013


ISSN: 2231-2803 http://www.ijcttjournal.org Page 2773

Ciphetext=(T,~c=M.e(g,g)^α-
s,c=h1^s,~c=h2^s,for all yY).
Decryption: consumer wants to decrypt
the data with secret key. The cloud is check
the secret key it is valid or not .if it is valid
then check the Tree structure. Decrypt (CT,
SK,T).
Hear M is the original message, CT is the
cipher texts, and SK is the unique id.
M=~c.e (g, g) ^r {u}/e(C, D)[4].

Architecture








Fig4: Architecture



we taken to the database service cloud
service provider[5] .there are several trusted
domains we can take a one trusted domain
and one domain. In this domain we taken to
the two client’s one owner and consumer
.the owner share the key through the domain
.consumer store access the key. Owner data
is encrypted and store to cloud. Cloud stores
the encrypted data. Consumer received the
data in cloud with using key. Consumer after
getting the data they can use the decryption
key to decrypt the data in less time
computing.



PERFORMANCE ANALYSIS
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
5 10 20 30
Access control
level=2
Access control
level=4
Access control
level=6

Fig5: Decryption
0
0.1
0.2
0.3
0.4
0.5
10 20 30 40
Access control
level=2
Access control
level=4
Access control
level=6

Fig6: Encryption

Trusted
Authorit
y
Domain
Authori
ty
Domain
Authorit
y
Domain
Authority
Data
owner
Consumer
Key
No of Attributes use to decrypt
cloud
KEY
ENC
No of Attributes use to encrypt
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013


ISSN: 2231-2803 http://www.ijcttjournal.org Page 2774

Then the above figure5 described to
the decryption time. Hear x-axis described
to the no of attributes and y-axis describe to
the decryption time. Then the attribute 10
decryption time is 0.19 ,attribute 20
decryption time is 0.24, attribute 30
decryption time is 0.24 same as above figure
5.hear blue bar describe to the access level
2,rose bar describe to the access level
4,creem bar describe to the access level 6
.there are number of access levels in
organization.
Then the above figure6 described to the
encryption time. Hear x-axis described to
the no of attributes and y-axis describe to the
encryption time. then the attribute 10
encryption time is 0.09 ,attribute 20
encryption time is 0.18, attribute 30
decryption time is 0.36 same as above figure
6.hear blue bar describe to the access level
2,rose bar describe to the access level
4,creem bar describe to the access level 6
.there are number of access levels in
organization.


CONCLUSION
This paper designs a secure storage and
access control mechanism for cloud service
provider. It extended from CP-Abe, DES,
AES with delegation algorithm. Proposed
method described the better performance
secure storage and access control in cloud
computing.





REFERENCES

[1] R. Buyya, C. ShinYeo, J. Broberg, and I.
Brandic, “Cloud computing and emerging it
platforms: Vision, hype, and reality for
delivering computing as the 5th utility,”
Future Generation Comput. Syst., vol. 25,
pp. 599–616, 2009.
[2] Amazon Elastic Compute Cloud
(Amazon EC2) [Online]. Available:
http://aws.amazon.com/ec2/
[3]Amazon Web Services (AWS) [Online].
Available: https://s3.amazonaws. Com/
[4]G.Wang, Q. Liu, and J.Wu,
“Hierachicalattibute-based encryption for
fine-grained access control in cloud storage
services,” in Proc. ACMConf. Computer and
Communications Security (ACM CCS),
Chicago, IL, 2010.
[5]J. Bethencourt, A. Sahai, and B. Waters,
“Ciphertext-policy attributebased
encryption,” in Proc. IEEE Symp. Security
and Privacy, Oakland,CA, 2007.
[6] D. E. Bell and L. J. LaPadula, Secure
Computer Systems: Unified Exposition
and Multics Interpretation The MITRE
Corporation, Tech.Rep., 1976.
[7]D. Dembla and Y. Chaba, “Performance
Modeling of Efficient and
Dynamic Broadcasting Algorithm in
MANETs Routing Protocols”,
[8]www.mysqldev.com,www.encyclopedia.
com,
[9]V. Goyal, O. Pandey, A. Sahai, and
B.Waters, “Attibute-based encryption for
fine-grained access control of encrypted
data,” in Proc. ACMConf. Computer and
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013


ISSN: 2231-2803 http://www.ijcttjournal.org Page 2775

Communications Security (ACM CCS),
Alexandria, VA, 2006.
[10]A. Sahai and B. Waters, “Fuzzy identity
based encryption,” in Proc. Acvances in
Cryptology—Eurocrypt, 2005, vol. 3494,
LNCS, pp.457–473.
[11]R. Bobba, H. Khurana, and M.
Prabhakaran, “Attribute-sets: A
practicallymotivated [12]enhancement to
attribute-based encryption,” in
Proc.ESORICS, Saint Malo, France, 2009.
S. Yu, C. Wang, K. Ren, and W. Lou,
“Achieving secure, scalable, and fine-
grained data access control in cloud
computing,” in Proc. IEEE
[13]Google App Engine [Online]. Available:
http://code.google.com/appengine/
[14]Takashi Nishide, Kazuki Yoneyama,
and Kazuo Ohta. Attribute-based encryption
with partially
hidden ciphertext policies. IEICE
Transactions,