SlideShare una empresa de Scribd logo

Privacy preserving delegated access control in public clouds

Descargar como DOCX, PDF
JPINFOTECH JAYAPRAKASH
JPINFOTECH JAYAPRAKASH

Privacy preserving delegated access control in public clouds

EducaciónTecnología
1 de 7
Privacy Preserving Delegated Access Control in Public Clouds ABSTRACT: Current approaches to enforce fine-grained access control on confidential data hosted in the cloud are based on fine-grained encryption of the data. Under such approaches, data owners are in charge of encrypting the data before uploading them on the cloud and re-encrypting the data whenever user credentials change. Data owners thus incur high communication and computation costs. A better approach should delegate the enforcement offline-grained access control to the cloud, so to minimize the overhead at the data owners, while assuring data confidentiality from the cloud. We propose an approach, based on two layers of encryption that addresses such requirement. Under our approach, the data owner performs a coarse-grained encryption, whereas the cloud performs a fine-grained encryption on top of the owner encrypted data. A challenging issue is how to decompose access control policies (ACPs) such that the two layer encryption can be performed. We show that this problem is NP-complete and propose novel optimization algorithms. We utilize an efficient group key management scheme that supports expressive ACPs. Our system assures the confidentiality of the data
and preserves the privacy of users from the cloud while delegating most of the access control enforcement to the cloud. EXISTING SYSTEM: Many organizations have today ACPs regulating which users can access which data; these ACPs are often expressed in terms of the properties of the users, referred to as identity attributes, using access control languages such as XACML. Such an approach, referred to as attribute based access control (ABAC), supports fine-grained access control which is crucial for high-assurance data security and privacy. Supporting ABAC over encrypted data is a critical requirement in order to utilize cloud storage services for selective data sharing among different users. Notice that often user identity attributes encode private information and should thus is strongly protected from the cloud, very much as the data themselves. Approaches based on encryption have been proposed for fine-grained access control over encrypted data. Those approaches group data items based on ACPs and encrypt each group with a different symmetric key. Users then are given only the keys for the data items they are allowed to access. Extensions to reduce the number of keys that need to be distributed to the users have been proposed exploiting hierarchical and other relationships among data items
DISADVANTAGES OF EXISTING SYSTEM: As the data owner does not keep a copy of the data, when ever user dynamics changes, the data owner needs to download and decrypt the data, re-encrypt it with the new keys, and upload the encrypted data. The user dynamics refers to the operation of adding or revoking users. Notice also that this process must be applied to all the data items encrypted with the same key. This is inefficient when the data set to be re-encrypted is large. In order to issue the new keys to the users, the data owner needs to establish private communication channels with the users. The privacy of the identity attributes of the users is not taken into account. Therefore the cloud can learn sensitive information about the users and their organization. They are either unable or inefficient in supporting fine-grained ABAC policies. PROPOSED SYSTEM: In this paper, we propose a new approach to address this shortcoming. The approach is based on two layers of encryption applied to each data item uploaded to the cloud. Under this approach, referred to as two layer encryption (TLE), the data owner performs a coarse grained encryption over the data in order to assure the confidentiality of the data from the cloud. Then the cloud performs fine grained
encryption over the encrypted data provided by the data owner based on the ACPs provided by the data owner. It should be noted that the idea of two layer encryption is not new. However, the way we perform coarse and fine grained encryption is novel and provides a better solution than existing solutions based on two layers of encryption. We elaborate in details on the differences between our approach and existing solutions in the related work section. A challenging issue in the TLE approach is how to decompose the ACPs so that fine-grained ABAC enforcement can be delegated to the cloud while at the same time the privacy of the identity attributes of the users and confidentiality of the data are assured. In order to delegate as much access control enforcement as possible to the cloud, one needs to decompose the ACPs such that the data owner manages minimum number of attribute conditions in those ACPs that assures the confidentiality of data from the cloud. Each ACP should be decomposed to two sub ACPs such that the conjunction of the two sub ACPs result in the original ACP. The two layer encryption should be performed such that the data owner first encrypts the data based on one set of sub ACPs and the cloud re-encrypts the encrypted data using the other set of ACPs. The two encryptions together enforce the ACP as users should perform two decryptions to access the data.
ADVANTAGES OF PROPOSED SYSTEM: The TLE approach has many advantages. When user dynamics changes, only the outer layer of the encryption needs to be updated. Since the outer layer encryption is performed at the cloud, no data transmission is required between the data owner and the cloud. Further, both the data owner and the cloud service utilize a broadcast key management whereby the actual keys do not need to be distributed to the users. Instead, users are given one or more secrets which allow them to derive the actual symmetric keys for decrypting the data.
SYSTEM ARCHITECTURE: SYSTEM REQUIREMENTS: HARDWARE REQUIREMENTS: • System : Pentium IV 2.4 GHz.
• Hard Disk : 40 GB. • Floppy Drive : 1.44 Mb. • Monitor : 15 VGA Colour. • Mouse : Logitech. • Ram : 512 Mb. SOFTWARE REQUIREMENTS: • Operating system : - Windows XP. • Coding Language : ASP.NET, C#.Net. • Data Base : SQL Server 2005 REFERENCE: Mohamed Nabeel, Elisa BertinoFellow, IEEE “Privacy Preserving Delegated Access Control in Public Clouds”- IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2013.

Recomendados

Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Shakas Technologies
 
Privacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudPrivacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudAswathy Rajan
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsIEEEFINALYEARPROJECTS
 
Final year presentation
Final year presentationFinal year presentation
Final year presentationAbhishek Jain
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsLeMeniz Infotech
 
Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...JPINFOTECH JAYAPRAKASH
 
An efficient certificate less encryption for
An efficient certificate less encryption forAn efficient certificate less encryption for
An efficient certificate less encryption forShakas Technologies
 

Recomendados

Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Privacypreservingdelegatedaccesscontrolinpublicclouds
Privacypreservingdelegatedaccesscontrolinpublicclouds Shakas Technologies
 
Privacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudPrivacy preserving delegated access control in public cloud
Privacy preserving delegated access control in public cloudAswathy Rajan
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsIEEEFINALYEARPROJECTS
 
Final year presentation
Final year presentationFinal year presentation
Final year presentationAbhishek Jain
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsLeMeniz Infotech
 
Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...Hasbe a hierarchical attribute based solution for flexible and scalable acces...
Hasbe a hierarchical attribute based solution for flexible and scalable acces...JPINFOTECH JAYAPRAKASH
 
An efficient certificate less encryption for
An efficient certificate less encryption forAn efficient certificate less encryption for
An efficient certificate less encryption forShakas Technologies
 
An efficient certificateless encryption for data sharing on public cloud
An efficient certificateless encryption for data sharing on public cloudAn efficient certificateless encryption for data sharing on public cloud
An efficient certificateless encryption for data sharing on public cloudAbhijeet Patil
 
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...CloudTechnologies
 
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...JAYAPRAKASH JPINFOTECH
 
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ... KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...Nexgen Technology
 
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDKEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDNaseem nisar
 
Oruta privacy preserving public auditing
Oruta privacy preserving public auditingOruta privacy preserving public auditing
Oruta privacy preserving public auditingPapitha Velumani
 
Ppt 1
Ppt 1Ppt 1
Ppt 1shanmugamsara
 
Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Shakas Technologies
 
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Pvrtechnologies Nellore
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageKey aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageMugesh Mukkandan
 
Privacy preserving public auditing
Privacy preserving public auditingPrivacy preserving public auditing
Privacy preserving public auditingvmshimavm
 
expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...swathi78
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage Adz91 Digital Ads Pvt Ltd
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageKey aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageShruthi Iyer
 
Mona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudMona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudJPINFOTECH JAYAPRAKASH
 
Secure Data Sharing in Cloud (SDSC)
Secure Data Sharing in Cloud (SDSC)Secure Data Sharing in Cloud (SDSC)
Secure Data Sharing in Cloud (SDSC)Jishnu Pradeep
 
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Kamal Spring
 
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...chennaijp
 
Immigration and the International Realtor
Immigration and the International RealtorImmigration and the International Realtor
Immigration and the International RealtorL. Michael Marquet
 
Volcanes
VolcanesVolcanes
Volcanesmaestradeprimaria
 
Mitutoyo promo primavera 2012
Mitutoyo promo primavera 2012Mitutoyo promo primavera 2012
Mitutoyo promo primavera 2012Utensileria Modenese srl
 
EMUGE Selection
EMUGE SelectionEMUGE Selection
EMUGE SelectionUtensileria Modenese srl
 

Más contenido relacionado

La actualidad más candente

An efficient certificateless encryption for data sharing on public cloud
An efficient certificateless encryption for data sharing on public cloudAn efficient certificateless encryption for data sharing on public cloud
An efficient certificateless encryption for data sharing on public cloudAbhijeet Patil
 
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...CloudTechnologies
 
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...JAYAPRAKASH JPINFOTECH
 
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ... KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...Nexgen Technology
 
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDKEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDNaseem nisar
 
Oruta privacy preserving public auditing
Oruta privacy preserving public auditingOruta privacy preserving public auditing
Oruta privacy preserving public auditingPapitha Velumani
 
Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Shakas Technologies
 
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Pvrtechnologies Nellore
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageKey aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageMugesh Mukkandan
 
Privacy preserving public auditing
Privacy preserving public auditingPrivacy preserving public auditing
Privacy preserving public auditingvmshimavm
 
expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...swathi78
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage Adz91 Digital Ads Pvt Ltd
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageKey aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageShruthi Iyer
 
Mona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudMona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudJPINFOTECH JAYAPRAKASH
 
Secure Data Sharing in Cloud (SDSC)
Secure Data Sharing in Cloud (SDSC)Secure Data Sharing in Cloud (SDSC)
Secure Data Sharing in Cloud (SDSC)Jishnu Pradeep
 
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Kamal Spring
 
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...chennaijp
 

La actualidad más candente (18)

An efficient certificateless encryption for data sharing on public cloud
An efficient certificateless encryption for data sharing on public cloudAn efficient certificateless encryption for data sharing on public cloud
An efficient certificateless encryption for data sharing on public cloud
 
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
 
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...
Secure Data Group Sharing and Conditional Dissemination with Multi-Owner in C...
 
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ... KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...
KEY-AGGREGATE SEARCHABLE ENCRYPTION (KASE) FOR GROUP DATA SHARING VIA CLOUD ...
 
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDKEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUD
 
Oruta privacy preserving public auditing
Oruta privacy preserving public auditingOruta privacy preserving public auditing
Oruta privacy preserving public auditing
 
Ppt 1
Ppt 1Ppt 1
Ppt 1
 
Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...Secure data sharing in cloud computing using revocable storage identity-based...
Secure data sharing in cloud computing using revocable storage identity-based...
 
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Key aggregate searchable encryption (kase) for group data sharing via cloud s...
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageKey aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage
 
Privacy preserving public auditing
Privacy preserving public auditingPrivacy preserving public auditing
Privacy preserving public auditing
 
expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...expressive, efficient, and revocable data access control for multi authority ...
expressive, efficient, and revocable data access control for multi authority ...
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage
 
Key aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storageKey aggregate cryptosystem for scalable data sharing in cloud storage
Key aggregate cryptosystem for scalable data sharing in cloud storage
 
Mona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudMona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloud
 
Secure Data Sharing in Cloud (SDSC)
Secure Data Sharing in Cloud (SDSC)Secure Data Sharing in Cloud (SDSC)
Secure Data Sharing in Cloud (SDSC)
 
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
 
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...
 

Destacado

Immigration and the International Realtor
Immigration and the International RealtorImmigration and the International Realtor
Immigration and the International RealtorL. Michael Marquet
 
Does The Euro Have a Future? FryDay Poll
Does The Euro Have a Future? FryDay PollDoes The Euro Have a Future? FryDay Poll
Does The Euro Have a Future? FryDay PollMaps of World
 
First fare 2010 competitive analysis and scouting
First fare 2010 competitive analysis and scoutingFirst fare 2010 competitive analysis and scouting
First fare 2010 competitive analysis and scoutingOregon FIRST Robotics
 
Will 2013 be the lucky 13? Trends in Technology, Politics, Economy and More
Will 2013 be the lucky 13? Trends in Technology, Politics, Economy and MoreWill 2013 be the lucky 13? Trends in Technology, Politics, Economy and More
Will 2013 be the lucky 13? Trends in Technology, Politics, Economy and MoreMaps of World
 
Yeich - Local Super Forum
Yeich - Local Super ForumYeich - Local Super Forum
Yeich - Local Super ForumBOLO Conference
 

Destacado (9)

Immigration and the International Realtor
Immigration and the International RealtorImmigration and the International Realtor
Immigration and the International Realtor
 
Volcanes
VolcanesVolcanes
Volcanes
 
Mitutoyo promo primavera 2012
Mitutoyo promo primavera 2012Mitutoyo promo primavera 2012
Mitutoyo promo primavera 2012
 
EMUGE Selection
EMUGE SelectionEMUGE Selection
EMUGE Selection
 
Does The Euro Have a Future? FryDay Poll
Does The Euro Have a Future? FryDay PollDoes The Euro Have a Future? FryDay Poll
Does The Euro Have a Future? FryDay Poll
 
First fare 2010 competitive analysis and scouting
First fare 2010 competitive analysis and scoutingFirst fare 2010 competitive analysis and scouting
First fare 2010 competitive analysis and scouting
 
Promo Sistemi di pesatura
Promo Sistemi di pesatura Promo Sistemi di pesatura
Promo Sistemi di pesatura
 
Will 2013 be the lucky 13? Trends in Technology, Politics, Economy and More
Will 2013 be the lucky 13? Trends in Technology, Politics, Economy and MoreWill 2013 be the lucky 13? Trends in Technology, Politics, Economy and More
Will 2013 be the lucky 13? Trends in Technology, Politics, Economy and More
 
Yeich - Local Super Forum
Yeich - Local Super ForumYeich - Local Super Forum
Yeich - Local Super Forum
 

Similar a Privacy preserving delegated access control in public clouds

JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...IEEEGLOBALSOFTTECHNOLOGIES
 
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Shakas Technologies
 
Privacy Preserving Delegated Access Control in Public Clouds
Privacy Preserving Delegated Access Control in Public CloudsPrivacy Preserving Delegated Access Control in Public Clouds
Privacy Preserving Delegated Access Control in Public CloudsMd Uddin
 
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Kamal Spring
 
Presentation (6).pptx
Presentation (6).pptxPresentation (6).pptx
Presentation (6).pptxMSMuthu5
 
Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076Editor IJARCET
 
Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076Editor IJARCET
 
A Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud ComputingA Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud Computingijsrd.com
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Nitish Bhardwaj
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Nitish Bhardwaj
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Nitish Bhardwaj
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Nitish Bhardwaj
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01Nitish Bhardwaj
 

Similar a Privacy preserving delegated access control in public clouds (20)

JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Privacy preserving delegated access con...
 
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
Privacypreservingdelegatedaccesscontrolinpublicclouds 141112073315-conversion...
 
Privacy Preserving Delegated Access Control in Public Clouds
Privacy Preserving Delegated Access Control in Public CloudsPrivacy Preserving Delegated Access Control in Public Clouds
Privacy Preserving Delegated Access Control in Public Clouds
 
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
Secure and-verifiable-policy-update-outsourcing-for-big-data-access-control-i...
 
Presentation (6).pptx
Presentation (6).pptxPresentation (6).pptx
Presentation (6).pptx
 
Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076
 
Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076Volume 2-issue-6-2073-2076
Volume 2-issue-6-2073-2076
 
A Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud ComputingA Secure & Scalable Access Method in Cloud Computing
A Secure & Scalable Access Method in Cloud Computing
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Pp1t
Pp1tPp1t
Pp1t
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01Ppt1 130410095050-phpapp01
Ppt1 130410095050-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 
82ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp0182ugszwcqn29itkwai2q 140424034504-phpapp01
82ugszwcqn29itkwai2q 140424034504-phpapp01
 
Pp1t
Pp1tPp1t
Pp1t
 

Último

Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 

Último (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 

Privacy preserving delegated access control in public clouds

  • 1. Privacy Preserving Delegated Access Control in Public Clouds ABSTRACT: Current approaches to enforce fine-grained access control on confidential data hosted in the cloud are based on fine-grained encryption of the data. Under such approaches, data owners are in charge of encrypting the data before uploading them on the cloud and re-encrypting the data whenever user credentials change. Data owners thus incur high communication and computation costs. A better approach should delegate the enforcement offline-grained access control to the cloud, so to minimize the overhead at the data owners, while assuring data confidentiality from the cloud. We propose an approach, based on two layers of encryption that addresses such requirement. Under our approach, the data owner performs a coarse-grained encryption, whereas the cloud performs a fine-grained encryption on top of the owner encrypted data. A challenging issue is how to decompose access control policies (ACPs) such that the two layer encryption can be performed. We show that this problem is NP-complete and propose novel optimization algorithms. We utilize an efficient group key management scheme that supports expressive ACPs. Our system assures the confidentiality of the data
  • 2. and preserves the privacy of users from the cloud while delegating most of the access control enforcement to the cloud. EXISTING SYSTEM: Many organizations have today ACPs regulating which users can access which data; these ACPs are often expressed in terms of the properties of the users, referred to as identity attributes, using access control languages such as XACML. Such an approach, referred to as attribute based access control (ABAC), supports fine-grained access control which is crucial for high-assurance data security and privacy. Supporting ABAC over encrypted data is a critical requirement in order to utilize cloud storage services for selective data sharing among different users. Notice that often user identity attributes encode private information and should thus is strongly protected from the cloud, very much as the data themselves. Approaches based on encryption have been proposed for fine-grained access control over encrypted data. Those approaches group data items based on ACPs and encrypt each group with a different symmetric key. Users then are given only the keys for the data items they are allowed to access. Extensions to reduce the number of keys that need to be distributed to the users have been proposed exploiting hierarchical and other relationships among data items
  • 3. DISADVANTAGES OF EXISTING SYSTEM: As the data owner does not keep a copy of the data, when ever user dynamics changes, the data owner needs to download and decrypt the data, re-encrypt it with the new keys, and upload the encrypted data. The user dynamics refers to the operation of adding or revoking users. Notice also that this process must be applied to all the data items encrypted with the same key. This is inefficient when the data set to be re-encrypted is large. In order to issue the new keys to the users, the data owner needs to establish private communication channels with the users. The privacy of the identity attributes of the users is not taken into account. Therefore the cloud can learn sensitive information about the users and their organization. They are either unable or inefficient in supporting fine-grained ABAC policies. PROPOSED SYSTEM: In this paper, we propose a new approach to address this shortcoming. The approach is based on two layers of encryption applied to each data item uploaded to the cloud. Under this approach, referred to as two layer encryption (TLE), the data owner performs a coarse grained encryption over the data in order to assure the confidentiality of the data from the cloud. Then the cloud performs fine grained
  • 4. encryption over the encrypted data provided by the data owner based on the ACPs provided by the data owner. It should be noted that the idea of two layer encryption is not new. However, the way we perform coarse and fine grained encryption is novel and provides a better solution than existing solutions based on two layers of encryption. We elaborate in details on the differences between our approach and existing solutions in the related work section. A challenging issue in the TLE approach is how to decompose the ACPs so that fine-grained ABAC enforcement can be delegated to the cloud while at the same time the privacy of the identity attributes of the users and confidentiality of the data are assured. In order to delegate as much access control enforcement as possible to the cloud, one needs to decompose the ACPs such that the data owner manages minimum number of attribute conditions in those ACPs that assures the confidentiality of data from the cloud. Each ACP should be decomposed to two sub ACPs such that the conjunction of the two sub ACPs result in the original ACP. The two layer encryption should be performed such that the data owner first encrypts the data based on one set of sub ACPs and the cloud re-encrypts the encrypted data using the other set of ACPs. The two encryptions together enforce the ACP as users should perform two decryptions to access the data.
  • 5. ADVANTAGES OF PROPOSED SYSTEM: The TLE approach has many advantages. When user dynamics changes, only the outer layer of the encryption needs to be updated. Since the outer layer encryption is performed at the cloud, no data transmission is required between the data owner and the cloud. Further, both the data owner and the cloud service utilize a broadcast key management whereby the actual keys do not need to be distributed to the users. Instead, users are given one or more secrets which allow them to derive the actual symmetric keys for decrypting the data.
  • 6. SYSTEM ARCHITECTURE: SYSTEM REQUIREMENTS: HARDWARE REQUIREMENTS: • System : Pentium IV 2.4 GHz.
  • 7. • Hard Disk : 40 GB. • Floppy Drive : 1.44 Mb. • Monitor : 15 VGA Colour. • Mouse : Logitech. • Ram : 512 Mb. SOFTWARE REQUIREMENTS: • Operating system : - Windows XP. • Coding Language : ASP.NET, C#.Net. • Data Base : SQL Server 2005 REFERENCE: Mohamed Nabeel, Elisa BertinoFellow, IEEE “Privacy Preserving Delegated Access Control in Public Clouds”- IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2013.