A Secure Erasure
Code-Based Cloud Storage System with Secure Data Forwarding
ABSTRACT:
A cloud storage system, consisting of a
collection of storage servers, provides long-term storage services over the
Internet. Storing data in a third party’s cloud system causes serious concern
over data confidentiality. General encryption schemes protect data confidentiality,
but also limit the functionality of the storage system because a few operations
are supported over encrypted data. Constructing a secure storage system that
supports multiple functions is challenging when the storage system is
distributed and has no central authority. We propose a threshold proxy
re-encryption scheme and integrate it with a decentralized erasure code such
that a secure distributed storage system is formulated. The distributed storage
system not only supports secure and robust data storage and retrieval, but also
lets a user forward his data in the storage servers to another user without
retrieving the data back. The main technical contribution is that the proxy
re-encryption scheme supports encoding operations over encrypted messages as
well as forwarding operations over encoded and encrypted messages. Our method
fully integrates encrypting, encoding, and forwarding. We analyze and suggest
suitable parameters for the number of copies of a message dispatched to storage
servers and the number of storage servers queried by a key server. These
parameters allow more flexible adjustment between the number of storage servers
and robustness.
ARCHITECTURE:
SCOPE
OF THE PROJECT:
Designing a cloud storage system for
robustness, confidentiality and functionality. The proxy re-encryption scheme
supports encoding operations over encrypted messages as well as forwarding
operations over encoded and encrypted messages. To provide data robustness is
to replicate a message such that each Storage server stores a copy of the
message. It is very robust because the message can be retrieved as long as one
storage server survives.
The number of failure servers is under
the tolerance threshold of the erasure code, the message can be recovered from
the codeword symbols stored in the available storage servers by the decoding
process. This provides a tradeoff between the storage size and the tolerance
threshold of failure servers.
A
decentralized erasure code is an erasure code that independently computes each
codeword symbol for a message. A decentralized erasure code is suitable for use
in a distributed storage system.
A storage server failure is modeled as
an erasure error of the stored codeword symbol.
We construct a secure cloud storage
system that supports the function of secure data forwarding by using a
threshold proxy re-encryption scheme. The encryption scheme supports
decentralized erasure codes over encrypted messages and forwarding operations
over encrypted and encoded messages. Our system is highly distributed where
storage servers independently encode and forward messages and key servers
independently perform partial decryption.
EXISTING SYSTEM:
In Existing System we use a
straightforward integration method. In straightforward integration method
Storing data in a third party’s cloud system causes serious concern on data
confidentiality. In order to provide strong confidentiality for messages in
storage servers, a user can encrypt messages by a cryptographic method before
applying an erasure code method to encode and store messages. When he wants to
use a message, he needs to retrieve the
Codeword symbols from storage servers,
decode them, and then decrypt them by using cryptographic keys.
General encryption schemes protect data
confidentiality, but also limit the functionality of the storage system because
a few operations are supported over encrypted data.
A decentralized architecture for storage
systems offers good scalability, because a storage server can join or leave
without control of a central authority.
DISADVATAGES
OF EXISTING SYSTEM:
v The
user can perform more computation and communication traffic between the user
and storage servers is high.
v The
user has to manage his cryptographic keys otherwise the security has to be
broken.
v The
data storing and retrieving, it is hard for storage servers to directly support
other functions.
PROPOSED SYSTEM:
In our proposed system we address the problem of forwarding
data to another user by storage servers directly under the command of the data
owner. We consider the system model that consists of distributed storage
servers and key servers. Since storing cryptographic keys in a single device is
risky, a user distributes his cryptographic key to key servers that shall
perform cryptographic functions on behalf of the user. These key servers are
highly protected by security mechanisms.
The distributed systems require
independent servers to perform all operations. We propose a new threshold proxy
re-encryption scheme and integrate it with a secure decentralized code to form
a secure distributed storage system. The encryption scheme supports encoding
operations over encrypted messages and forwarding operations over encrypted and
encoded messages.
ADVANTAGES
OF PROPOSED SYSTEM:
v Tight
integration of encoding, encryption, and forwarding makes the storage system
efficiently meet the requirements of data robustness, data confidentiality, and
data forwarding.
v The
storage servers independently perform encoding and re-encryption process and
the key servers independently perform partial decryption process.
v More
flexible adjustment between the number of storage servers and robustness.
METHODOLOGY
USED:
PROXY
RE-ENCRYPTION SCHEME WITH MULTIPLICATIVE HOMOMORPHIC PROPERTY:
In the proxy Re-encryption key the messages
are first encrypted by the owner and then stored in a storage server. When a
user wants to share his messages, he sends a re-encryption key to the storage
server. The storage server re-encrypts the encrypted messages for the
authorized user. Thus, their system has data confidentiality and supports the
data forwarding function.
An encryption
scheme is multiplicative homomorphic if it supports a group operation on encrypted plaintexts without decryption.
The multiplicative homomorphic encryption scheme supports the encoding
operation over encrypted messages. We then convert a proxy re-encryption scheme
with multiplicative homomorphic property into a threshold version. A secret key
is shared to key servers with a threshold value t. To decrypt for a set of k
message symbols, each key server independently queries 2 storage servers and
partially decrypts two encrypted codeword symbols. As long as t key servers are
available, k codeword symbols are obtained from the partially decrypted cipher
texts.
In order to preserve
privacy, the clients will encrypt their data when they out- source it to the
cloud. However, the encrypted form of data greatly impedes the utilization due
to its randomness. Many efforts have been done for the purpose of data usage
but without undermining the data privacy.
Homomorphism: Given two cipher texts c1 and c2 on plaintexts m1 and m2
respectively, one can obtain the cipher text on the plaintext m1 +m2 and/or m1
·m2 by evaluating c1 and c2 without decrypting cipher texts. Proxy re-encryption: Given a proxy
re-encryption key, the proxy can transform a cipher text of one user to a
cipher text of the target user. Threshold
decryption: By dividing the private key into several pieces of secret shares,
all clients can work together to decrypt the cipher text – the output of the
function.
DATA
FLOW DIAGRAM:
MODULES:
· Construction of Cloud Data Storage Module
·
Data Encryption Module
·
Data Forwarding Module
·
Data Retrieval Module
MODULES DESCRIPTION:
Construction of Cloud Data Storage Module
In Admin Module the admin can
login to give his username and password. Then the server setup method can be
opened. In server setup process the admin first set the remote servers
Ip-address for send that Ip-address to the receiver. Then the server can skip
the process to activate or Dis-activate the process. For activating the process
the storage server can display the Ip-address. For Dis-activating the process
the storage server cannot display the Ip-address. These details can be viewed
by clicking the key server. The activated Ip-addresses are stored in available
storage server. By clicking the available storage server button we can view the
currently available Ip-addresses.
Data
Encryption Module
In cloud login module the
user can login his own details. If the user cannot have the account for that
cloud system first the user can register his details for using and entering
into the cloud system. The Registration process details are Username, E-mail,
password, confirm password, date of birth, gender and also the location. After
entering the registration process the details can be stored in database of the
cloud system. Then the user has to login to give his corrected username and
password the code has to be send his/her E-mail. Then the user will go to open
his account and view the code that can be generated from the cloud system.
In Upload Module the new
folder can be create for storing the files. In folder creation process the
cloud system may ask one question for that user. The user should answer the
question and must remember that answer for further usage. Then enter the folder
name for create the folder for that user. In file upload process the user has
to choose one file from browsing the system and enter the upload option. Now,
the server from the cloud can give the encrypted form of the uploading file.
Data
Forwarding Module
In forward module first we can see the storage details for the
uploaded files. When click the storage details option we can see the file name,
question, answer, folder name, forward value (true or false), forward E-mail.
If the forward column display the forwarded value is true the user cannot
forward to another person. If the forward column display the forwarded value is
false the user can forward the file into another person. In file forward
processes contains the selected file name, E-mail address of the forwarder and
enter the code to the forwarder. Now, another user can check his account
properly and view the code forwarded from the previous user. Then the current
user has login to the cloud system and to check the receive details. In receive
details the forwarded file is present then the user will go to the download
process.
Data
Retrieval Module
In Download module contains
the following details. There are username and file name. First, the server
process can be run which means the server can be connected with its particular
client. Now, the client has to download the file to download the file key. In
file key downloading process the fields are username, filename, question,
answer and the code. Now clicking the download option the client can view the
encrypted key. Then using that key the client can view the file and use that
file appropriately.
SYSTEM CONFIGURATION:-
HARDWARE REQUIREMENTS:-
ü Processor -Pentium –III
ü Speed - 1.1 Ghz
ü RAM - 256 MB(min)
ü Hard
Disk - 20 GB
ü Floppy
Drive - 1.44 MB
ü Key
Board - Standard Windows Keyboard
ü Mouse - Two or Three Button Mouse
ü Monitor - SVGA
SOFTWARE REQUIREMENTS:-
v Operating System : Windows95/98/2000/XP
v Application Server :
Tomcat5.0/6.X
v Front End : Java, JSP
v Script :
JavaScript.
v Server side Script : Java Server Pages.
v Database : MYSQL
REFERENCE:
Hsiao-Ying Lin, and Wen-Guey Tzeng, “A
Secure Erasure Code-Based Cloud Storage System with Secure Data Forwarding” IEEE TRANSACTIONS ON PARALLEL AND
DISTRIBUTED SYSTEMS, VOL. 23, NO. 6, JUNE 2012.
2012 ieee projects, 2012 ieee java projects, 2012 ieee
dotnet projects, 2012 ieee android projects, 2012 ieee matlab projects, 2012
ieee embedded projects, 2012 ieee robotics projects, 2012 IEEE EEE PROJECTS, 2012
IEEE POWER ELECTRONICS PROJECTS, ieee 2012 android projects, ieee 2012 java
projects, ieee 2012 dotnet projects, 2012 ieee mtech projects, 2012 ieee btech
projects, 2012 ieee be projects, ieee 2012 projects for cse, 2012 ieee cse
projects, 2012 ieee it projects, 2012 ieee ece projects, 2012 ieee mca
projects, 2012 ieee mphil projects, pondicherry ieee projects, best project
centre in pondicherry, bulk ieee projects, jpinfotech ieee projects, jp
infotech pondicherry, latest ieee projects, ieee projects for mtech, ieee
projects for btech, ieee projects for mphil, ieee projects for be, ieee
projects, student projects, students ieee projects, ieee proejcts india, ms
projects, bits pilani ms projects, uk ms projects, ms ieee projects, ieee
android real time projects, 2012 mtech projects, 2012 mphil projects, 2012 ieee
projects with source code, pondicherry mtech projects, jpinfotech ieee
projects, ieee projects, 2012 ieee project source code, journal paper
publication guidance, conference paper publication guidance, ieee project, free
ieee project, ieee projects for students., 2012 ieee omnet++ projects, ieee
2012 oment++ project, innovative ieee projects, latest ieee projects, 2012
latest ieee projects, ieee cloud computing projects, 2012 ieee cloud computing
projects, 2012 ieee networking projects, ieee networking projects, 2012 ieee
data mining projects, ieee data mining projects, 2012 ieee network security
projects, ieee network security projects, 2012 ieee image processing projects,
ieee image processing projects, ieee parallel and distributed system projects,
ieee information security projects, 2012 wireless networking projects ieee,
2012 ieee web service projects, 2012 ieee soa projects, ieee 2012 vlsi projects