Cloud storage is a model of networked
enterprise storage where data is stored not only in the
user's computer, but in virtualized pools of storage
which are generally hosted by third parties, too. In
information theory, an erasure code is a forward error
correction code for the binary erasure channel.Cloud
storage services may be accessed through a web service
application programming interface, a cloud storage
gateway or through a Web-based user interface.we
propose a brand new threshold proxy re-encryption
scheme to create a secure distributed storage system.
The distributed storage system not solely supports
secure and strong data storage and retrieval, however
conjointly lets a user forward his information within the
storage servers to a different user while not retrieving
the data back. The most technical contribution is that
the proxy re-encryption scheme supports cryptography
operations over encrypted messages yet as forwarding
operations over encoded and encrypted messages.
Original Title
A Secure FEC-Based Cloud Storage System With Proxy
Re-Encryption Scheme
Cloud storage is a model of networked
enterprise storage where data is stored not only in the
user's computer, but in virtualized pools of storage
which are generally hosted by third parties, too. In
information theory, an erasure code is a forward error
correction code for the binary erasure channel.Cloud
storage services may be accessed through a web service
application programming interface, a cloud storage
gateway or through a Web-based user interface.we
propose a brand new threshold proxy re-encryption
scheme to create a secure distributed storage system.
The distributed storage system not solely supports
secure and strong data storage and retrieval, however
conjointly lets a user forward his information within the
storage servers to a different user while not retrieving
the data back. The most technical contribution is that
the proxy re-encryption scheme supports cryptography
operations over encrypted messages yet as forwarding
operations over encoded and encrypted messages.
Cloud storage is a model of networked
enterprise storage where data is stored not only in the
user's computer, but in virtualized pools of storage
which are generally hosted by third parties, too. In
information theory, an erasure code is a forward error
correction code for the binary erasure channel.Cloud
storage services may be accessed through a web service
application programming interface, a cloud storage
gateway or through a Web-based user interface.we
propose a brand new threshold proxy re-encryption
scheme to create a secure distributed storage system.
The distributed storage system not solely supports
secure and strong data storage and retrieval, however
conjointly lets a user forward his information within the
storage servers to a different user while not retrieving
the data back. The most technical contribution is that
the proxy re-encryption scheme supports cryptography
operations over encrypted messages yet as forwarding
operations over encoded and encrypted messages.
A Secure FEC-Based Cloud Storage System With Proxy Re-Encryption Scheme Nagesh.M 1 , Kavitha.D 2 #1 M.Tech, Computer Science Engineering, G.Pulla Reddy Engineering College (Autonomous) Kurnool, Andhra Pradesh, India #2 Professor, Department of CSE, G.Pullareddy Engineering College, Kurnool, Andhra Pradesh, India
Abstract Cloud storage is a model of networked enterprise storage where data is stored not only in the user's computer, but in virtualized pools of storage which are generally hosted by third parties, too. In information theory, an erasure code is a forward error correction code for the binary erasure channel.Cloud storage services may be accessed through a web service application programming interface, a cloud storage gateway or through a Web-based user interface.we propose a brand new threshold proxy re-encryption scheme to create a secure distributed storage system. The distributed storage system not solely supports secure and strong data storage and retrieval, however conjointly lets a user forward his information within the storage servers to a different user while not retrieving the data back. The most technical contribution is that the proxy re-encryption scheme supports cryptography operations over encrypted messages yet as forwarding operations over encoded and encrypted messages.
Index Terms: Cloud storage system, encoding, proxy re- encryption, encrypted data. I.INTRODUCTION CLOUD computing is concept that treats the resource on the internet as a unified entity. a cloud, Users simply use services while not caring concerning however computation is completed and storage is managed. With cloud computing growing in quality, tools and technologies area unit rising to create, access, manage, and maintain the clouds. Cloud computing offers several advantages, however it is also susceptible to threats. Because the uses of cloud computing increase, it's extremely seemingly that a lot of criminals can attempt to realize new ways that to use vulnerabilities within the system. to assist mitigate the threat, cloud computing stakeholders ought to invest heavily in risk assessment to make sure that the system encrypts to safeguard data; establishes trusty foundation to secure the platform and infrastructure; and builds higher assurance into auditing to strengthen compliance.
During this paper, we tend to concentrate on coming up with a cloud storage system[8] for hardiness, confidentiality, and practicality. There are a unit several underlying challenges and risks in cloud computing that increase the threat of knowledge being compromised. Security considerations should be self-addressed so as to ascertain trust in cloud computing technology. Distributed networked storage systems[9] give the storage service on the net. We tend to address the privacy issue of the distributed networked servers within the system area unit compromised. The major challenge of coming up with these distributed networked storage systems is to supply an improved privacy guarantee whereas maintaining the distributed structure. To realize this goal, we tend to introduce secure localized erasure code, which mixes a threshold public key cryptography scheme and a variant of the localized erasure code. Our secure distributed networked storage system created by the secure localized erasure code is localized and strong [4]. Cloud computing is enclosed by several security problems like securing knowledge, and examining the use of cloud by the cloud computing vendors. Initial registration with a cloud computing service may be a pretty straightforward method. With shared infrastructure resources, organizations ought to worry concerning the service provider's authentication systems that grant access to knowledge. When the registration method every user are going to be given a secret key that is generated by him. The user will store, forward and retrieve knowledge within the cloud solely when the key generation. Within the existing system, if the user loses his key, he is going to be now blocked from the system. This might lead to interference several users. Therefore we tend to introduce a system wherever the user is going to be given two possibilities. So only if the user loses his secret key for two times, he are going to be blocked from the system. As a result of the massive quantity of knowledge hold on by a cloud, economical process International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page119
and analysis of knowledge has become a difficult one. One way to supply knowledge hardiness is to duplicate a message specified every storage server stores a replica of the message. Encryption a message of k symbols into a code word of n symbols by erasure committal to writing is otherwise to supply knowledge hardiness. Every code word symbols is hold on during a totally different storage server to store a message.
II. IMPLEMENTATION General encryption schemes protect data confidentiality, but also limit the functionality of the storage system because a few operations are supported over encrypted data. Storing data in a third partys cloud system causes serious concern on data confidentiality. For the storage data ,user has to manage his keys. Single storage server for whole file. There are three issues within the on top of easy integration of encoding and cryptography. 1. The user needs to do most computation and also the communication traffic between the user and storage servers is high. 2. The user needs to manage his secret keys. If the users device of storing the keys is lost or gain access by unauthorized, the security is broken. 3. Finally, besides knowledge storing and retrieving, it's arduous for storage servers to directly support different functions. In this paper, we are deal with the matter of forwarding information unique user by storage servers directly to the command of the data owner. The system model that consists of distributed storage servers and key servers. Since storing scientific discipline keys in an exceedingly single device is risky, a user distributes his scientific discipline key to key servers that shall perform scientific discipline functions on behalf of the user. These key servers area unit extremely protected by security mechanisms. To well fit the distributed structure of systems, we require that servers independently perform all operations. With this consideration, we propose a new threshold proxy re-encryption scheme and integrate it with a secure decentralized code to form a secure distributed storage system. The encryption scheme supports encoding operations over encrypted messages and forwarding operations over encrypted and encoded messages. Our storage servers act as storage nodes in a content addressable storage system for storing content addressable blocks. Our key servers act as access nodes for providing a front- end layer such as a traditional file system interface.
III.DESIGN ISSUES 1. User Registration and control In this module, the user registration process is done by the admin. Here every users give their personal details for registration process. After registration every user will get an ID for accessing the cloud space. If any of the user wants to edit their information they have submit the details to the admin after that the admin will do the edit and update information process. This process is controlled by the Admin. 2. Encryption Process After Successful login of the user, every users share their information and datas in their own cloud space provided by the admin. That information may be sensitive or important data. For providing security for their information every users storing the information in their specific cloud. Registered users only can store the data in cloud, after storing the data it should not be accessed by the unauthorized persons, for that reason encryption process is done. Users who all are registered will be given some specific cloud space for their storage. Encryption process is done using Triple DES algorithm. All the users who are storing their data in cloud server it will be encrypted and stored in cloud. Encryption is done using cryptographic keys, stored data cannot be readable by the unauthorized users, in this encryption process plain text i.e., the users data is converted into cipher text for viewing of that data user should contain keys so that he can decrypt data and have access on that data. 3. Proxy RE-Encryption In a proxy re-encryption scheme, a proxy server can transfer a cipher text under a public key PKA to a new one under another public key PKB by using the re-encryption key RKA!B. The server does not know the plaintext during transformation. Ateniese et al.[16] proposed some proxy re- encryption schemes and applied them to the sharing function of secure storage systems. In their work, messages are first encrypted by the owner and then International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page120
stored in a storage server. When a user wants to share his messages, he sends a re-encryption key to the storage server. The storage server re-encrypts the encrypted messages for the authorized user. Thus, their system has data confidentiality and supports the data forwarding function. Our work further integrates encryption, re-encryption, and encoding such that storage robustness is strengthened. Type-based proxy re-encryption schemes proposed by Tang [17] provide a better granularity on the granted right of a re-encryption key. A user can decide which type of messages and with whom he wants to share in this kind of proxy re encryption schemes. Key-private proxy re-encryption schemes are proposed by Ateniese et al. [18]. In a key-private proxy re- encryption scheme, given a re-encryption key, a proxy server cannot determine the identity of the recipient. This kind of proxy re-encryption schemes provides higher privacy guarantee against proxy servers. Although most proxy re-encryption schemes use pairing operations, there exist proxy re- encryption schemes without pairing. Proxy re- encryption schemes are crypto systems which allow third parties (proxies) to alter a cipher text which has been encrypted for one user, so that it may be decrypted by another user. By using proxy re- encryption technique the encrypted data (cipher text) in the cloud is again altered by the user. It provides highly secured information stored in the cloud. Every user will have a public key nd private key. Public key of every user is known to everyone but private key is known only the particular user. 4. Integrity Checking Integrity checking is that whether the process of encryption is done properly or not it is going to verify i.e., encrypted message and cipher text message if these both messages are not matched then they conclude that encryption process was not done properly ,user will get intimation that encryption process was not done correctly it has to verified. If the encryption process was done properly then it will further go to next step or process. Its main intention is to check for anti-malware attacks, many attacks are possible if we dont provide any kind of security to the confidential data.
5. Data Forwarding, Extraction In this module data is forwarded to another user by public key i.e., using that key receiver can view the data, end user will extract the data. IV. DISCUSSIONS AND CONCLUSION In this paper, A cloud storage system consists of storage servers and key servers. We integrate a recently planned threshold proxy re- encryption scheme. The proxy re-encryption scheme supports cryptography, forwarding, and partial decoding operations. To decode a message of k blocks that are encrypted and encoded to n codeword symbols, every key server has got to partly decode two codeword symbols in our system. By using proxy re-encryption scheme, a secure cloud storage system that gives secure data storage and secure data forwarding . Every storage server severally performs cryptography and re-encryption. Every key server perform partial decoding. Our storage system content available file systems and storage system are extremely compatible. Our storage servers act as storage nodes during a content available storage system for storing content available blocks. Our key servers act as access nodes for providing a front-end layer like a conventional classification system interface. Any study on careful cooperation is needed. V. FUTURE WORK Users were able to store their information sing a secure cloud system setup .Future work is to proposed secured system in which the entirely approved user can access all the knowledge among the cloud. If the users access information without permission they have to be blocked from the network. A threshold proxy re-encryption scheme may be projected that supports encoding, forwarding, etc. Information forwarding technique could be a heap of secured exploitation crypto logical keys.
International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page121
VI. REFERENCES [1 ] J. Kubiatowicz, D. Bindel, Y. Chen, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao, Oceanstore: An Architecture for Global-Scale Persistent Storage, Proc. Ninth Intl Conf. Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 190- 201, 2000. [2 ] P. Druschel and A. Rowstron, PAST: A Large- Scale, Persistent Peer-to-Peer Storage Utility, Proc. Eighth Workshop Hot Topics in Operating System (HotOS VIII), pp. 75-80, 2001.
[3 ] A. Adya, W.J. Bolosky, M. Castro, G. Cermak, R. Chaiken, J.R. Douceur, J. Howell, J.R. Lorch, M. Theimer, and R. Wattenhofer, Farsite: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment, Proc. Fifth Symp. Operating System Design and Implementation (OSDI), pp. 1- 14, 2002.
[4 ] A. Haeberlen, A. Mislove, and P. Druschel, Glacier: Highly Durable, Decentralized Storage Despite Massive Correlated Failures, Proc. Second Symp. Networked Systems Design and Implementation (NSDI), pp. 143-158, 2005.
[5 ] Z. Wilcox-OHearn and B. Warner, Tahoe: The Least-Authority Filesystem, Proc. Fourth ACM Intl Workshop Storage Security and Survivability (StorageSS), pp. 21-26, 2008.
[6 ] H.-Y. Lin and W.-G. Tzeng, A Secure Decentralized Erasure Code for Distributed Network Storage, IEEE Trans. Parallel and Distributed Systems, vol. 21, no. 11, pp. 1586-1594, Nov. 2010.
[7 ] A. Shamir, How to Share a Secret, ACM Comm., vol. 22, pp. 612- 613, 1979.
[8 ] C. Dubnicki, L. Gryz, L. Heldt, M. Kaczmarczyk, W. Kilian, P. Strzelczak, J. Szczepkowski, C. Ungureanu, and M. Welnicki, Hydrastor: A Scalable Secondary Storage, Proc. Seventh Conf. File and Storage Technologies (FAST), pp. 197-210, 2009.
[9 ] C. Ungureanu, B. Atkin, A. Aranya, S. Gokhale, S. Rago, G. Calkowski, C. Dubnicki, and A. Bohra, Hydrafs: A High- Throughput File System for the Hydrastor Content-Addressable Storage System, Proc. Eighth USENIX Conf. File and Storage Technologies (FAST), p. 17, 2010.
[10 ] W. Dong, F. Douglis, K. Li, H. Patterson, S. Reddy, and P. Shilane, Tradeoffs in Scalable Data Routing for Deduplication Clusters, Proc. Ninth USENIX Conf. File and Storage Technologies (FAST), p. 2, 2011.
[11 ] S.C. Rhea, P.R. Eaton, D. Geels, H. Weatherspoon, B.Y. Zhao, and J. Kubiatowicz, Pond: The Oceanstore Prototype, Proc. Second USENIX Conf. File and Storage Technologies (FAST), pp. 1-14, 2003.
[12 ] R. Bhagwan, K. Tati, Y.-C. Cheng, S. Savage, and G.M. Voelker, Total Recall: System Support for Automated Availability Management, Proc. First Symp. Networked Systems Design and Implementation (NSDI), pp. 337-350, 2004. [13 ] A.G. Dimakis, V. Prabhakaran, and K. Ramchandran, Ubiquitous Access to Distributed Data in Large-Scale Sensor Networks through Decentralized Erasure Codes, Proc. Fourth Intl Symp. Information Processing in Sensor Networks (IPSN), pp. 111- 117, 2005.
[14 ] A.G. Dimakis, V. Prabhakaran, and K. Ramchandran, Decentralized Erasure Codes for Distributed Networked Storage, IEEE Trans. Information Theory, vol. 52, no. 6 pp. 2809-2816, June 2006.
[15 ] M. Mambo and E. Okamoto, Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts, IEICE Trans. Fundamentals of Electronics, Comm. and Computer Sciences, vol. E80-A, no. 1, pp. 54- 63, 1997.
[16 ] M. Blaze, G. Bleumer, and M. Strauss, Divertible Protocols and Atomic Proxy Cryptography, Proc. Intl Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT), pp. 127-144, 1998.
[17 ] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage, ACM Trans. Information and System Security, vol. 9, no. 1, pp. 1-30, 2006.
[18 ] Q. Tang, Type-Based Proxy Re-Encryption and Its Construction, Proc. Ninth Intl Conf. Cryptology in India: Progress in Cryptology (INDOCRYPT), pp. 130-144, 2008.
International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page122
[19 ] G. Ateniese, K. Benson, and S. Hohenberger, Key-Private Proxy Re-Encryption, Proc. Topics in Cryptology (CT-RSA), pp. 279-294, 2009.
[20 ] J. Shao and Z. Cao, CCA-Secure Proxy Re- Encryption without Pairings, Proc. 12th Intl Conf. Practice and Theory in Public Key Cryptography (PKC), pp. 357-376, 2009.