Documente Academic
Documente Profesional
Documente Cultură
Dr. A. Valarmathi
Head, Dept. Computer Applications
Anna University, Trichy (BIT campus) Tamilnadu, India
AbstractDue to the high volume and velocity of big data, it is an effective option to store big data in the cloud, as the
cloud has capabilities of storing big data and processing high volume of user access requests. Attribute-Based
Encryption (ABE) is a promising technique to ensure the end-to-end security of big data in the cloud. A trivial
implementation is to let data owners retrieve the data and re-encrypt it under the new access policy, and then send it
back to the cloud. This method, however, incurs a high communication overhead and heavy computation burden on
data owners. In this paper we propose a novel scheme that enabling efficient access control with dynamic policy
updating for big data in the cloud. We also focus on developing an outsourced policy updating method for ABE
systems. This method can avoid the transmission of encrypted data and minimize the computation work of data
owners, by making use of the previously encrypted data with old access policies.
Keywords Access control, Attribute Based Encryption (ABE), Policy Updating, Outsourcing, Big Data, Cloud.
I. INTRODUCTION
Policy updating issue has not been considered in existing traditional attribute-based access control Schemes. We
also update the access policy of the encrypted data in the cloud. Heavy communication overhead of the data retrieval can
be eliminated and the computation cost on data owners can also be reduced. Cloud computing provides seemingly
unlimited virtualized resources to users as services across the whole Internet, while hiding platform and
implementation details. Todays cloud service providers offer both highly available storage and massively parallel
computing resource set relatively low costs. As cloud computing becomes prevalent, an increasing amount of data is
being stored in the cloud and shared by users with specified privileges. which define the access rights of the stored
Page | 762
Seetha et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(4),
April- 2016, pp. 762-767
When the data owner wants to change the access policy, it has to transfer the data back to the local site from the
cloud, re-encrypt the data under the new access policy, and then move it back to the cloud server. By doing so, it incurs a
high communication overhead and heavy computation burden on data owners. This motivates us to develop a new
method to outsource the task of policy updating to cloud server. The grand challenge of outsourcing policy updating to
the cloud is to guarantee the following requirements:
Correctness: Users who possess sufficient attributes should still be able to decrypt the data encrypted under new
access policy by running the original decryption algorithm.
Completeness: The policy updating method should be able to update any type of access policy.
Security: The policy updating should not break the security of the access control system or introduce any new
security problems. The system model consists of the following entities: authorities (AA), cloud server (server), data
owners (owners) and data consumers (users).
II. RELATED WORKS
A. Expressive, efficient, and revocable data access control for multi-authority cloud storage
Cipher text-Policy Attribute-based Encryption CP-ABE is regarded as one of the most suitable technologies for data
access control in cloud storage, because it gives data owners more direct control on access policies. It is difficult to
directly apply existing CP-ABE schemes to data access control for cloud storage systems because of the attribute
revocation problem. Efficient and revocable data access control scheme for multi-authority cloud storage systems, where
there are multiple authorities co-exist and each authority is able to issue attributes independently. Our attribute revocation
method can efficiently achieve both forward security and backward security.
B. Privacy Preserving Cloud Data Access With Multi- Authorities
To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed due
to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage
systems. Existing access control schemes are no longer applicable to cloud storage systems, because they either produce
multiple encrypted copies of the same data or require a fully trusted cloud server. Data access control for multi authority
cloud storage (DAC-MACS), an effective and secure data access control scheme with efficient decryption and
revocation.
III. POLICY UPDATING IN METEOROLOGY
The proposed system focuses on solving the policy updating problem in ABE systems, and proposes a secure and
verifiable policy update outsourcing method. Instead of retrieving and re-encrypting the data, data owners only send
policy updating queries to cloud server, and let cloud server update the policies of encrypted data directly, which means
that cloud server does not need to decrypt the data before/during the policy updating. This scheme can not only satisfy all
the above requirements, but also avoid the transfer of encrypted data back and forth and minimize the computation work
of data owners by making full use of the previously encrypted data under old access policies in the cloud.
A. Policy Checking Entity Free:
In ABAC, access policies are defined by data owners but do not require any entity (e.g., the server) to check these
policies. Instead, access policies in ABAC are enforced implicitly by the cryptography. Due to this key feature, ABAC is
widely applied to control big data in cloud environments, where cloud servers are not trusted to enforce access policies.
B. Storage Efficiency:
In traditional Public Key Cryptography, for each data, multiple copies of ciphertexts are produced whose number is
proportional to the number of users. Considering the high volume of big data, it incurs a huge storage overhead even
when only doubling the volume of big data. Fortunately, in ABAC, only one copy of ciphretexts is generated for each
data, which can reduce the storage overhead significantly.
IV.
Page | 763
Seetha et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(4),
April- 2016, pp. 762-767
STEPS FOR PROPOSED SYSTEM
A. Data Owner
Data Owner achieves public key from any one of the authorities, and he uses the public key to encrypt the data file
before outsourcing with third party it to the Cloud Servers.
B. Policy updates Authority
The authority generates the key so that owner can encrypt the data and user can decrypt the data. It checks the data is
safe also provide protection to the data. Each user data is assigned with a global user identity and can freely get the cipher
texts from the Authority.
C. Key Generation
Here Keys are generating for every unique files. At the time of user retrieving any file key is essential for access the
file. In a linear scheme, the secret is viewed as an element of a finite field, and the shares are obtained by applying a
linear mapping to the secret and several independent random elements.
D. Cloud User
This module is used to help the user to search the file using the multiple key words concept and get the accurate
result list based on the user query. The user is going to select the required file and register the user details. After entering
the key User can download the file which is an encrypted data.
V. RESULTS AND DISCUSSION
In this paper, we focus on solving the policy updating problem in ABE systems, and propose a secure and verifiable
policy updating outsourcing method. Instead of retrieving and re-encrypting the data, data owners only send policy
updating queries to cloud server, and let cloud server update the policies of encrypted data directly, which means that
cloud server does not need to decrypt the data before/during the policy updating. Our scheme can not only satisfy all the
above requirements, but also avoid the transfer of encrypted data back and forth and minimize the computation work of
data owners by making full use of the previously encrypted data under old access policies in the cloud. The contributions
of this paper include: Formulate the policy updating problem in ABE systems and develop a new method to outsource
the policy updating to the server. Propose an expressive and efficient data access control scheme for big data, which
enables efficient dynamic policy updating.
VI. OUTPUT SCREENSHOTS
Page | 764
Seetha et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(4),
April- 2016, pp. 762-767
Page | 765
Seetha et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(4),
April- 2016, pp. 762-767
Page | 766
Seetha et al., International Journal of Advanced Research in Computer Science and Software Engineering 6(4),
April- 2016, pp. 762-767
Figure 9 shows that data user put the secret key from mail-id after click submit button.
Page | 767