Dual Access Control for Cloud-Based Data Storage and Sharing

Abstract : Cloud-based data storage service has drawn increasing interests from both academic and industry in the recent years due to its efficient and low cost management. Since it provides services in an open network, it is urgent for service providers to make use of secure data storage and sharing mechanism to ensure data confidentiality and service user privacy. To protect sensitive data from being compromised, the most widely used method is encryption. However, simply encrypting data (e.g., via AES) cannot fully address the practical need of data management. Besides, an effective access control over download request also needs to be considered so that Economic Denial of Sustainability (EDoS) attacks cannot be launched to hinder users from enjoying service. In this paper, we consider the dual access control, in the context of cloud-based storage, in the sense that we design a control mechanism over both data access and download request without loss of security and efficiency. Two dual access control systems are designed in this paper, where each of them is for a distinct designed setting. The security and experimental analysis for the systems are also presented.
 EXISTING SYSTEM :
 In the existing system, it has been proposed a framework to remove the problem of single-point performance bottleneck and provide a more efficient access control scheme with an auditing mechanism with single CA for key generation and distribution , who is assumed to be trust worthy and multiple attribute authorities for client authenticity verification.
 DISADVANTAGE :
 The cloud computing does not provide control over the stored data in cloud data centers. The cloud service providers have full of control over the data, they can perform any malicious tasks such as copy, destroying, modifying, etc. The cloud computing ensures certain level of control over the virtual machines. Due to this lack of control over the data leads in greater security issues than the generic cloud computing model as shown in figure 1. The only encryption doesn’t give full control over the stored data but it gives somewhat better than plain data. The characteristics of cloud computing are virtualization and multi tenancy also has various possibilities of attacks than in the generic cloud model. The figure 2 has various issues those are discussed below in clearly. Attacks that come from external origins are called outsider attacks [30]. Data security is one of the important issue in cloud computing. Since service providers does not have permission for access to the physical security system of data centers. But they must depend on the infrastructure provider to get full data security. In a virtual private cloud environment, the service provider can only specify the security setting remotely, and we don’t know exactly those are fully implemented. In this Process, the infrastructure provider must reach the following objectives: (1) confidentiality, for secure data transfer and access, and (2) audit ability [31]. So that outside intruders can’t access sensitive data which is stored in cloud. After moving to cloud computing environment, there are many issues in geographic jurisdictions, regulatory law, performance assurance, contract enforcements, etc.
 PROPOSED SYSTEM :
 In the proposed system, it has been proposed a novel framework to improve the security of the system along with single CA and multiple AAs and auditing mechanism, an observer machine is added in the system which monitors CA for its behavior. It checks whether CA is doing anything else other than what it has claimed to do. If observer finds any discrepancy then it generates a report regarding it. Then a new CA has chosen among AAs. In this system there is no separate CA, instead, CA is chosen among AAs and CA is not assumed to be trustworthy. This system along with solving the problem of single point bottleneck in case of performance and efficiency makes the system more secure.
 ADVANTAGE :
 After moving to cloud computing environment, there are many issues in geographic jurisdictions, regulatory law, performance assurance, contract enforcements, etc. The above mentioned issues are comes under the legalities, Service Level Agreements and data location in data centers .The integrity and confidentiality of data and services are related with access control and identity management. It is important to maintain track record for user identity for avoiding unauthorized access to the stored data. The identity and access controls are complex in cloud computing because of that data owner and stored data are at different executive platforms. In cloud environment, different organizations use variety of authentication authorization agenda. By using different approaches for authentication and authorization gives a compound situation over a period of time. The cloud resources are dynamic and are elastic for cloud user and IP addresses are continuously changed when services are started or restarted in pay per usage model. That allows the cloud users to join and leave feature to cloud resources when they required i.e., on-demand access policy. All these features need efficient and effective access control and identity management. The cloud has to maintain quickly updating and managing identity management for joining and leaving users over cloud resources.

We have more than 145000 Documents , PPT and Research Papers

Have a question ?

Mail us : info@nibode.com