International Research Journal of Modernization in Engineering Technology and Science
( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:05/May-2022 Impact Factor- 6.752 www.irjmets.com EFFECTIVE FILE SHARING WITH TWO FACTOR AUTHENTICATION FOR WEB-BASED CLOUD COMPUTING SERVICES Prem Sagar M Y*1, Muthuramalingam B*2 *1Dept. Of MCA, Sir M Visvesvaraya Institute Of Technology, Bengaluru, India. *2Dept. Of MCA, Faculty Of MCA, Sir M Visvesvaraya Institute Of Technology, Bengaluru, India. ABSTRACT A new Secure and Effective File Sharing with two factor Authentication for web-based cloud computing services. In this paper, it has two factor authentication such as both secret key and trustee acceptance certificate as a user cannot access the system if they do not hold both, the mechanism can enhance the safety of the system, especially in those scenarios where many users share an equivalent computer for web-based cloud services. Here we are adding cloud to upload the encrypted files for security, i.e., the cloud server only knows that the user fulfills the required predicate but has no idea on the exact identity of the user. Finally, we also perform a simulation to demonstrate the practicality of our proposed 2FA system. Keywords: SEM (Security Mediator), Hashing And Exponentiation, Secret Key And Trustee Issued Certificate. I. INTRODUCTION Cloud computing may be a virtual host computing system that permits enterprises to shop for, lease, sell, or distribute software and other digital resources over the web as an on-demand service. It does not depend on a server or variety of machines that physically exist, because it may be a virtual system. There are many applications of cloud computing, like data sharing data storage, big data management medical data system etc. The benefits of web-based cloud computing services are huge, which include the ease of accessibility, reduced costs and capital expenditures, increased operational efficiencies, scalability, flexibility and immediate time to market. This paper concerning of both privacy and security for web-based cloud services. As sensitive data could also be stored within the cloud for sharing purpose or convenient access; and eligible users can also access the cloud system for various applications and services, user authentication has become a critical component for any cloud system. A user is required to login before using the cloud services or accessing the sensitive data stored within the cloud. There are two problems for the normal account/password-based system. First, the normal account/password-based authentication isn't privacy-preserving. However, it is well acknowledged that privacy is an essential feature and that must be considered here in the cloud computing systems. Second, it's common to share a computer among different people. There may be changed to hack the login password using some spyware. A recently proposed access control model called attribute-based access control may be a good candidate to tackle the primary problem. It not only provides anonymous authentication but also further defines access control policies based on different attributes of the requester, environment, or the data object. In an attribute-based access control system, each user features a user secret key issued by the authority. In practice, the user secret key's stored inside the private computer. When we consider the above mentioned second problem on web-based services, it is common that computers may be shared by many users especially in some large enterprises or organizations. For example, let us consider the following two scenarios: • In a hospital, computers are shared by different staff. Dr. Henry uses the computer in room A when she is on duty in the daytime, while Dr. Mark uses the same computer in the same room when he is on duty at night. • during a university, computers within the undergraduate lab are usually shared by different students. In these cases, user secret keys might be easily stolen or employed by an unauthorized party. Even though the pc could also be locked by a password, it can still be possibly guessed or stolen by undetected malwares. A safer way is to use two-factor authentication (2FA). 2FA is used for web-based e-banking services. In addition to a username/password, the user is also required to have a device to display a onetime password. Some systems may require the user to possess a mobile while the one-time password is going to be sent to the mobile through SMS during the login process. By using 2FA, users will have more confidence to use shared computers to login for web-based e-banking services. For an equivalent reason, it'll be better to possess a 2FA system for users within the web-based cloud services to extend the safety level within the system.
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[4949] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:05/May-2022 Impact Factor- 6.752 www.irjmets.com II. LITERATURE SURVEY (1)Intercloud: Utility-Oriented Federation of Cloud Computing Environments for Scaling of Application Services: Cloud computing providers have setup several data centers at different geographical locations over the Internet to optimally serve needs of their customers around the world The Cloud computing providers are unable to predict geographic distribution of users consuming their services, hence the load coordination must happen automatically, the overall goal is to create a computing environment that supports dynamic expansion or contraction of capabilities using the Cloud Sim toolkit the results demonstrate that federated Cloud computing model has immense potential as it offers significant performance gains as regards to response time and cost saving under dynamic workload scenarios.(2) Characterizing Task Usage Shapes in Google’s Compute Clusters: The increase in scale and complexity of large compute clusters motivates a need for representative workload benchmarks to evaluate the performance impact of system changes .The goal is to find an accurate characterization that can faithfully reproduce the performance of historical workload traces in terms of key performance metrics Through experiments using workload traces from Google production clusters, we find that simply using the mean of task usage can generate synthetic work-load traces that accurately reproduce resource utilizations and task waiting time.(3) An Analysis of Traces from a Production MapReduce Cluster: MapReduce is a programming paradigm for parallel processing that is increasingly being used for data intensive applications in cloud computing environments The service provider can use this knowledge to make better scheduling decisions We use an instance-based learning technique that exploits temporal locality to predict job completion times from historical data and identify potential performance problems in our dataset.(4) Characterization of Hadoop Jobs Using Unsupervised Learning: Apache Hadoop, is increasingly being used for data intensive applications in cloud computing environments. MapReduce environments benefits both the cloud service providers and their users. metrics and job configuration features such as format of the input/output (5) An approach for characterizing workloads in Google cloud to derive Realistic resource utilization models: Analyzing behavioral patterns of workloads is critical to understanding Cloud computing environments. the first large-scale analysis of real-world Cloud data, using a recently released dataset that features traces from over 12,000 servers over the period of a month. The derived model assists in understanding the relationship between users and tasks within workload and enables further work (6) Workload classification & software energy measurement for efficient scheduling on private cloud platforms: At present there are a number of barriers to creating an energy efficient workload scheduler for a Private Cloud based data center. The effect of different workloads on server power consumption in a Private Cloud platform. Display a noticeable difference in energy consumption when servers are given tasks that dominate various resources (CPU, Memory, Hard Disk and Network(7) An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing: Ciphertext-policy attribute-based encryption (CPABE) has been a preferred encryption technology to solve the challenging problem of secure data sharing in cloud computing an efficient file hierarchy attribute-based encryption scheme is proposed in cloud computing. both ciphertext storage and time cost of encryption are saved(8) Intrusion-Resilience via the Bounded- Storage Model: New methods are used to preserve the protocols from the malicious program The security of our protocols relies on the assumption that the amount of data that the adversary can transfer from the infected machine is limited This method is based on the results from the Bounded Storage Model This type of software can be secretly attached to seemingly harmless programs or can be installed by worms or viruses.(9) SMS-based One-Time Passwords: Attacks and Defense: SMS-based One-Time Passwords (SMS OTP) were introduced to online bank transaction prevent from theft analyze the security architecture of SMS OTP systems and study attacks that pose a threat to Internet-based authentication and authorization services Mechanisms to secure SMS OTPs against common attacks and specifically against smartphone Trojans(10) Securing online bank transaction from phishing attacks using MFA And secure session key: Phishing is an online criminal activity using the collection of social engineering methods such as messages and emails The strong techniques are required to avoid phishing attacks Multi Factor Authentication (MFA) and secure session key generation using Gaussian distribution to reduce the attacks Authentication technique authenticates the users using user's signature image recognition and secret question answer. session key generated using Gaussian distribution is sent to user's mobile phone.
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[4950] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:05/May-2022 Impact Factor- 6.752 www.irjmets.com III. METHODOLOGY A. MESSAGE BASED VERIFICATION SMS 2FA is a reverse method of two-factor authentication (2FA) that relies on the delivery of one-time passwords (OTP) or other secrets as an additional mode, delivered via text messages. With SMS 2FA, users enter their username and password to log in to their account, but they also need to enter the OTP or other secrets delivered via SMS (Short Message Service or Text Message). Here, the third data field appears on the original login page or the new web page, and when the user enters the information, they log in. B. CERTIFICATE BASED AUTHENTICATION Certificate-based authentication uses digital certificates to identify a user, device, or machine before granting access to an application, network, or resource. Unlike some solutions that only work for users, one-time passwords (OTP), biometrics, and certificate-based authentication are used for all endpoints, including the Internet of Things (IoT): I can do it. Certificate-based authentication is a more secure alternative to traditional username and password combinations, but it can also be used in combination with traditional user authentication methods. This allows the user's browser or client to automatically log in to different systems from individual devices or computers using the stored digital certificate. In general, certificate-based client authentication is better than password-based authentication. Username and password authentication depends only on what the user knows (password), while certificate-based client authentication is in addition to what the user knows (protects passwords and private keys). , The user's possession (private key) is also used. C. Two-factor authentication (2FA) Two-factor authentication (2FA), sometimes referred to as two-factor authentication or two-factor authentication, is a security process in which a user provides two different authentication factors to verify themselves. 2FA is implemented to better protect both user credentials and the resources that users can access. Two-factor authentication provides a higher level of security than the single-factor authentication (SFA) -based authentication method, where users typically provide only one factor, password, or passcode. Two-factor authentication relies on the user providing the password as the first factor and the second different factor (usually a biometric factor such as a security token or ID). B. Fingerprint or face scan. IV. RESULT A. USER LOGIN PAGE
Fig 1: USER LOGIN PAGE
This is a authority login page where authority can enter their credentials to access the home page. The authority has to enter the authority ID along with his password in order to login to the page.
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[4951] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:05/May-2022 Impact Factor- 6.752 www.irjmets.com
Fig 2: Authority Home
This page allows authority to upload files that need to be sent with a secret file key for user authentication. B. User login psge:
Fig 3: user login page
In this page the user can enter his credentials and go to the home page to receive the file. C. One-time key entering page
Fig 4: One-time key entering page
The user must enter the OTP received to him on the login page in order to gain the access to his account.
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[4952] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:05/May-2022 Impact Factor- 6.752 www.irjmets.com D. File upload page:
Fig 5: File upload page
In this page authority can upload the file that he wants to send. E. Sending the secret key to the trustee:
Fig 6: Sending the secret key to the trustee
The authority also sends the private key to the trustee along with the file. The secret key is the element that authenticates the user, whether the user is genuine. F. Secret key:
Fig 7: secret key
The secret key is sent over the mail to the user. www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science [4953] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:05/May-2022 Impact Factor- 6.752 www.irjmets.com G. Status and secret key
Fig 8: Status and Secret Key
The authority can difficulty the trustee certificates at the side of the name of the game key to the consumer who needs the report to be downloaded. If the consumer desires to download the report ,they're think to maintain each the name of the game key and trustee certificates. V. CONCLUSION In this paper, we have presented a new 2FA (including both user secret key and a lightweight security device) access control system for web-based cloud computing services. Based on the attribute-based access control mechanism, the proposed 2FA access control system has been identified to not only enable the cloud server to restrict the access to those users with the same set of attributes but also preserve user privacy. Detailed security analysis shows that the proposed 2FA access control system achieves the desired security requirements. Through performance evaluation, we demonstrated that the construction is “feasible”. We leave as future work to further improve the efficiency while keeping all nice features of the system. VI. REFERENCES [1] Nenghai Yu and Peilin Hong, “TAFC: Time and Attribute Factors Combined Access Control for Time- Sensitive Data in Public Cloud” IEEE Transactions on Services Computing available online,2017. [2] H. Tian, Y. Chen, C.-C. Chang, H. Jiang, Y. Huang. Chen, and J. Liu, “Dynamic-hash-table based public auditing for secure cloud storage,” IEEE Transactions on Services Computing, Available online, 2016. [3] C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou, “Toward secure and dependable storage services in cloud computing,” IEEE Transactions on Services Computing, vol. 5, no. 2, pp. 220–232, 2012. [4] K. Yuan, Z. Liu, C. Jia, J. Yang, and S. Lv, “Public key timed-release searchable encryption,” in Proceedings of the 2013 Fourth International Emerging Intelligent Data and Web Technologies (EIDWT ’13), pp. 241–248, IEEE, 2013. [5] R. L. Rivest, A. Shamir, and D. A. Wagner, “Time lock puzzles and timed release crypto,” tech. rep., Massachusetts Institute of Technology, 1996. [6] J. Li, W. Yao, Y. Zhang, and H. Qian, “Flexible and fine-grained attribute-based data storage in cloud computing,” IEEE Transactions on Services Computing, Available online, 2016. [7] Z. Qin, H. Xiang, S. Wu, and J. Batamuliza, “A survey of proxy re-encryption for secure data sharing in cloud computing,” IEEE Transactions on Services Computing, Available online, 2016. [8] F. Arm Knecht, J.-M. Bohle, G. O. Karame, and F. Youssef, “Transparent data deduplication in the cloud,” in Proceedings of the 22nd [9] ACM SIGSAC Conference on Computer and Communications Security, pp. 886–900, ACM, 2015. R. Masood, M. A. Shibli, Y. Ghazi, A. Kanwal, and A. Ali, “Cloud authorization: exploring techniques and approach towards effective access control framework,” Frontiers of Computer Science, vol. 9, no. 2, pp. 297– 321, 2015. [10] K. Ren, C. Wang, and Q. Wang, “Security challenges for the public cloud,” IEEE Internet Computing, vol. 16, no. 1, pp. 69–73, 2012.
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science