Documente Academic
Documente Profesional
Documente Cultură
ABSTRACT
While we can now outsource data backup to third-party cloud storage services so as to reduce
data management costs, security concerns arise in terms of ensuring the privacy and integrity of
outsourced data. We design Secure File Saving System, a practical, implementable, and readily
deployable cloud storage system that focuses on protecting deleted data with policy-based file
assured deletion. Secure File Saving System is built upon standard cryptographic techniques,
such that it encrypts outsourced data files to guarantee their privacy and integrity, and most
importantly, assuredly deletes files to make them unrecoverable to anyone (including those who
manage the cloud storage) upon revocations of file access policies. In particular,the design of
Secure File Saving System is geared toward the objective that it acts as an overlay system that
works seamlessly atop todays cloud storage services. To demonstrate this objective, we
implement a working prototype of Secure File Saving System atop Amazon S3, one of todays
cloud storage services, and empirically show that Secure File Saving System provides policybased file assured deletionwith a minimal trade-off of performance overhead. Our work provides
insights of how to incorporate value-added security features into current data outsourcing
applications.
EXISTING SYSTEM
In Existing system the outsource data backup to third-party cloud storage services will cost more
for data management and security concerns arise in terms of ensuring the privacy and integrity of
outsourced data.
Vanish:
Divide the data key into many key shares.
Weakness:
Time based no fine-grained control.
PROPOSED SYSTEM
In proposed system we present FADE, a secure overlay cloud storage system that ensures file
assured deletion and works seamlessly atop todays cloud storage services. FADE decouples the
management of encrypted data and encryption keys, such that encrypted data remains on thirdparty (untrusted) cloud storage providers, while encryption keys are independently maintained by
a key manager service, whose trustworthiness can be enforced using a quorum scheme. FADE
generalizes time-based file assured deletion (i.e., files are assuredly deleted upon time
expiration) into a more fine-grained approach called policy based file assured deletion, in which
files are associated with more flexible file access policies (e.g., time expiration, read/write
permissions of authorized users) and are assuredly deleted when the associated file access
policies are revoked and become obsolete.
Design Of Fade:
1.Work atop todays cloud as an overlay.
2.Achieve protection from cloud clients perpective,no changes on the cloud provider
side.
Security Of Fade:
1.Fine-grained file assured deletion:Files are permanently inaccessible based on
policies.
System Configuration:
HARDWARE REQUIREMENTS:
Hardware
Pentium
Speed
1.1 GHz
RAM
1GB
Hard Disk
20 GB
Floppy Drive
1.44 MB
Key Board
Mouse
Monitor
SVGA
SOFTWARE REQUIREMENTS:
Operating System
: Windows
Technology
Web Technologies
IDE
: My Eclipse
Web Server
: Tomcat
Tool kit
: Android Phone
Database
: My SQL
Java Version
: J2SDK1.5
IMPLEMENTATION
Implementation is the stage of the project when the theoretical design is turned out into a
working system. Thus it can be considered to be the most critical stage in achieving a successful
new system and in giving the user, confidence that the new system will work and be effective.
The implementation stage involves careful planning, investigation of the existing system and its
constraints on implementation, designing of methods to achieve changeover and evaluation of
changeover methods.
Modules:
After careful analysis the system has been identified to have the following modules:
1. DataOwner Module.
2. Key Manager Module.
3. Storage Cloud(Third Party Provider) Module.
4. Policy Revocation For File Assured Deletion Module.
1. DataOwner Module:
The data owner is the entity that originates file data to be stored on the cloud. It may be a file
system of a PC, a user-level program, a mobile device, or even in the form of a plug-in of a client
application. The data owner requests the key manager to decrypt a blinded version of the
encrypted data key. If the associated policy is satisfied, then the key manager will decrypt and
return the blinded version of the original data key. The data owner can then recover the data key.
In this way, the actual content of the data key remains confidential to the key manager as well as
to any attacker that sniffs the communication between the data owner and the key manager.
The storage cloud is maintained by a third-party cloud provider (e.g., Amazon S3) and keeps the
data on behalf of the data owner. We emphasize that we do not require any protocol and
implementation changes on the storage cloud to support our system. Even a naive storage service
that merely provides file upload/download operations will be suitable.
4.Policy Revocation for File Assured Deletion Module:
If a policy Pi is revoked, then the key manager completely removes the private key di and the
secret prime numbers pi and qi. Thus, we cannot recover Si from Sei i , and hence cannot recover
K and the file F. We say that the file F, which is tied to policy Pi, is assuredly deleted. Note that
the policy revocation operations do not involve interactions with the storage cloud.