secure data sharing in cloud (sdsc)
TRANSCRIPT
PRESENTED BY:Jishnu Pradeep (1031390001)
Azhar Ahmed M V (1031310811)
SECURE DATA SHARING IN
CLOUD
INTRODUCTION Cloud computing is rapidly emerging due to the provisioning of elastic, flexible, and on
demand storage and computing services for customers. The data is usually encrypted before
storing to the cloud. The access control, key management, encryption, and decryption processes
are handled by the customers to ensure data security. A single key shared between all group
members will result in the access of past data to a newly joining member. The aforesaid
situation violates the confidentiality and the principle of least privilege.
A separate key for every user is a cumbersome solution. The data must be separately encrypted
for every user in such a scenario. The changes in the data require the decryption of all of the
copies of the users and encryption again with the modified contents. A methodology named
Secure Data Sharing in Clouds (SDSC) that deals with the aforementioned security
requirements of shared group data within the cloud. 9/5/2016
2
OBJECTIVE
In this project, we propose the Secure Data Sharing in Clouds (SDSC) methodology that provides:
data confidentiality and integrity; access control; data sharing (forwarding) without using computer
intensive re-encryption; insider threat security; and forward and backward access control. The SDSC
methodology encrypts a file with a single privacy as well as fault tolerance to the client. In this
project we provide algorithms for distributing data: our results include hardness of approximation
and hence a heuristic greedy hill climbing algorithm for the distribution problem partitioning the
query at the client to queries for the various sites is done by a bottom up state based algorithm we
provide. Finally the results at the sites are integrated to obtain the answer at the client. We provide
an experimental validation and performance study of our algorithms.
9/5/2016
3
EXISTING SYSTEM:
The SecureDBaaS architecture is tailored to cloud platforms and does not introduce any
intermediary proxy or broker server between the client and the cloud provider. SecureDBaaS
relates more closely to works using encryption to protect data managed by UN trusted databases.
In such a case, a main issue to address is that cryptographic techniques cannot be natively applied
to standard DBaaS. As expected, the number of transactions per minute executed by SecureDBaaS
is lower than those referring to original TPC-C and plain-SecureDBaaS.
SecureDBaaS moves away from existing architectures that store just tenant data in the cloud
database, and save metadata in the client machine or split metadata between the cloud database and
a trusted proxy .When considering scenarios where multiple clients can access the same database
concurrently.
9/5/2016
4
DRAWBACKS IN EXISTING SYSTEM
Even though they using secure DBaaS means Distributing data among different providers and it give
more secure but its functions cannot be taking advantage of secret sharing outsourced to an un
trusted cloud provider.
It Cannot Store them in encrypted format.
When considering scenarios where multiple clients can access the same database concurrently.
9/5/2016
5
PROPOSED SYSTEM
In this paper, we propose the Secure Data Sharing in Clouds (SDSC) methodology that
provides: data confidentiality and integrity; access control; data sharing (forwarding) without
using compute-intensive re encryption; insider threat security; and forward and backward
access control. The SDSC methodology encrypts a file with a single encryption key. Two
different key shares for each of the users are generated, with the user only getting one share.
The possession of a single share of a key allows the SDSC methodology to counter the insider
threats. The other key share is stored by a trusted third party, which is called the cryptographic
server. We implement a working prototype of the SDSC methodology and evaluate its
performance based on the time consumed during various operations.
9/5/2016
6
ADVANTAGES IN PROPOSED SYSTEM:
To improve good Quality of Service (QoS).
Distributing data among different providers and taking advantage of secret
sharing.
Every user having the own master key
9/5/2016
7
Distributed, Concurrent, And IndependentAccess to Encrypted Cloud Databases
METHODOLOGIESFollowing modules involved:
Modules: User Interface Design File Upload Cryptographic Server Access Key Generation Encryption and Decryption
9/5/2016
8
Module Description
User Interface Design
Interface design deals with the process of developing a method for modules in a system to connect
and communicate. These modules can apply to hardware, software or the interface between a user and
a machine. In this module mainly we are focusing the login design page with the Partial knowledge
information. Application Users need to view the application they need to login through the User
Interface GUI is the media to connect User and Media Database and login screen where user can input
his/her user name, password and password will check in database, if that will be a valid username and
password then he/she can access the database.
9/5/2016
9
UserLogin
User Registration
Data BaseInteraction
User Window
9/5/2016
10
FILE UPLOAD:
This module is used to help the user to upload their files in secured clouds. Before
uploading the files in the cloud the data will be send to Cryptographic Server. The
uploaded data can be a pdf, text.
CRYPTOGRAPHIC SERVER ACCESS:
This module is used when the time of file uploading the file will be send to an
cryptographic server. Here the cryptographic server is mentioned as the third party. So
the third party provides the security here. Cryptographic Server used for key generation .
9/5/2016
11
USERSUSER VERIFICATION FILE UPLOAD
9/5/2016
12
CRYPTOGRAPHIC SERVER ACCESS:
9/5/2016
13
KEY GENERATION:
In this module the CS generates two types of different secret key, one for file owner and other for
users. Using the user’s key they can view the files or retrieve the files. But using the file owner’s key
they done a modification like delete, edit etc.
FILE ENCRYPTION AND DECRYPTION:
In this method the uploaded data will be encrypted after the key generation and it will be stored in
the cloud server. If any user wants to access a particular data they need to provide authentication
key. After verifying the key it will be encrypted. This module is used for security purpose. Here after
verifying the required key, the data will be encrypted into readable format. This module is used to
retrieving the data from the cloud server. After finishing the key verification it will be decrypted into
original data.
9/5/2016
14
KEY GENERATION:
9/5/2016
15
ENCRYPTION AND DECRYPTION:
9/5/2016
16
DESIGN ENGINEERING
Design Engineering deals with the various UML [Unified Modeling language] diagrams
for the implementation of project. Design is a meaningful engineering representation of
a thing that is to be built. Software design is a process through which the requirements
are translated into representation of the software. Design is the place where quality is
rendered in software engineering. Design is the means to accurately translate customer
requirements into finished product.
9/5/2016
17
Use Case Diagram:
User
(from Use Case View)
Login
(from Use Case View)
LOcal DB
(from Use Case View)
cloud DB
(from Use Case View)
9/5/2016
18
Class Diagram:user
namepassword
Login()Register()
local DBFile
Metadata()Encrypteddata()
Mata data SpridFile TypeFile Size
Encrypt DataSame()
Cloud DBMeta Data Sprid
Encrypt Data Same()
9/5/2016
19
State Diagram:
Client
Login
Cloud DBmetadata Encryptdata
9/5/2016
20
Sequence Diagram:
user login server clients monitor
user loginsconnects to server
requests resource
get resource
monitor analysis
9/5/2016
21
System Architecture
Registration
Client-1
Client-2
Log in
Client
User-1Encrypted
Data
Client-n
Plain Text
Data
Secure DBasaS ClientEncrypted Data
Meta Data
TPC (Transaction Processing Control)
Data Encryption Field
Type Type Confidentiality
Meta Data
9/5/2016
22
DEVELOPMENT TOOLS The platform used here is JAVA.
FEATURES OF JAVA
THE JAVA FRAMEWORK: Java is a programming language originally developed by James
Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java
platform. The language derives much of its syntax from C and C++ but has a simpler object model
and fewer low-level facilities. Java applications are typically compiled to byte code that can run on
any Java Virtual Machine (JVM) regardless of computer architecture.
9/5/2016
23
Benefits of JSP
One of the main reasons why the Java Server Pages technology has evolved into what it is today and
it is still evolving is the overwhelming technical need to simplify application design by separating
dynamic content from static template display data. Another benefit of utilizing JSP is that it allows to
more cleanly separate the roles of web application/HTML designer from a software developer. The
JSP technology is blessed with a number of exciting benefits, which are chronicled as follows:
The JSP technology is platform independent, in its dynamic web pages, its web servers, and its
underlying server components. That is, JSP pages perform perfectly without any hassle on any
platform, run on any web server, and web-enabled application server.
9/5/2016
24
The JSP technology emphasizes the use of reusable components. These components can be
combined or manipulated towards developing more purposeful components and page design.
This definitely reduces development time apart from the At development time, JSPs are very
different from Servlets , however, they are precompiled into Servlets at run time and executed
by a JSP engine which is installed on a Web-enabled application server such as BEA Web
Logic and IBM Web Sphere.
9/5/2016
25
Servlets
Earlier in client- server computing, each application had its own client program and it worked as a user interface and need to be installed on each user's personal computer. Most web applications use HTML/XHTML that are mostly supported by all the browsers and web pages are displayed to the client as static documents. A web page can merely displays static content and it also lets the user navigate through the content, but a web application provides a more interactive experience. Any computer running Servlets or JSP needs to have a container. A container is nothing but a piece of software responsible for loading, executing and unloading the Servlets and JSP. While servlets can be used to extend the functionality of any Java- enabled server. They are mostly used to extend web servers, and are efficient replacement for CGI scripts. CGI was one of the earliest and most prominent server side dynamic content solutions, so before going forward it is very important to know the difference between CGI and the Servlets.
9/5/2016
26
Java Servlets
Java Servlet is a generic server extension that means a java class can be loaded dynamically to expand the functionality of a server. Servlets are used with web servers and run inside a Java Virtual Machine (JVM) on the server so these are safe and portable.
Unlike applets they do not require support for java in the web browser. Unlike CGI, servlets don't use multiple processes to handle separate request. Servlets can be handled by separate threads within the same process. Servlets are also portable and platform independent.
A web server is the combination of computer and the program installed on it. Web server interacts with the client through a web browser. It delivers the web pages to the client and to an application by using the web browser and he HTTP protocols respectively.
The define the web server as the package of large number of programs installed on a computer connected to Internet or intranet for downloading the requested files using File Transfer Protocol, serving e-mail and building and publishing web pages. A web server works on a client server model.
9/5/2016
27
APPLICATIONS
This is more security the transaction among the users. We have mentioned two characteristics between the users. We use two user’s hidden characteristics, named and metadata to store in cloud.
This application is accepting chart application simultaneous users accessing.
APPLICATIONS
Concurrent applications:
Open network, virtualization, monitoring, and security technologies to deploy multi-tier services (e.g. compute clusters) as machines on distributed infrastructures, combining both data center resources and remote cloud resources, according to allocation policies.
9/5/2016
28
FUTURE ENHANCEMENTS
We propose an innovative architecture that guarantees confidentiality of data stored in public cloud
databases. If you’re stored no. of files in cloud DB one table only maintain all the operations
means edit, delete , download if you want to save the more space and utilize the space based upon
your requirements.
9/5/2016
29
THANK YOU
9/5/2016
30