Aim:
Ā Ā Ā Ā Ā Ā The main aim of this project is to provide integrity of an organization data which is in public cloud.
Synopsis:
Ā Ā Ā Ā Ā Ā Ā Data owners will store their data in public cloud along with encryption and particular set of attributes to access control on the cloud data. While uploading the data into public cloud they will assign some attribute set to their data. If any authorized cloud user wants to download their data they should enter that particular attribute set to perform further actions on data ownerās data. A cloud user wants to register their details under cloud organization to access the data ownerās data. Users want to submit their details as attributes along with their designation. Based on the user details Semi-Trusted Authority generates decryption keys to get control on ownerās data.Ā An user can perform a lot of operations over the cloud data. If the user wants to read the cloud data he needs to be entering some read related attributes, and if he wants to write the data he needs to be entering write related attributes. Foe each and every action user in an organization would be verified with their unique attribute set. These attributes would be shared by the admins to the authorized users in cloud organization. These attributes will be stored in the policy files in a cloud. If any user leaks their unique decryption key to the any malicious user data owners wants to trace by sending audit request to auditor and auditor will process the data owners request and concludes that who is the guilty.
Existing System:
Ā Ā Ā Ā Ā Ā Ā Ā Ā In existing system the CP-ABE may help us prevent security breach from outside attackers. But when an insider of the organization is suspected to commit the ācrimesā related to the redistribution of decryption rights and the circulation of user information in plain format for illicit financial gains, how could we conclusively determine that the insider is guilty? Is it also possible for us to revoke the compromised access privileges?In addition to the above questions, we have one more which is related to key generation authority. A cloud userās access credential (i.e., decryption key) is usually issued by a semi-trusted authority based on the attributes the user possesses. How could we guarantee that this particular authority will not (re-)distribute the generated access credentials to others.
Disadvantages:
- The existing CP-ABE based cloud storage systems fail to consider the case where access credential is misused.
- Donāt Provided in file access policy.
- Users who leak their access credentials canāt be traced and
Proposed System:
Ā Ā Ā Ā Ā Ā Ā In this work, we have addressed the challenge of credential leakage in CP-ABE based cloud storage system by designing an accountable authority and revocable Crypt Cloud which supports white-box traceability and auditing (referred to as Crypt Cloud+). This is the first CP-ABE based cloud storage system that simultaneously supports white-box traceability, accountable authority, auditing and effective revocation. Specifically, Crypt Cloud+ allows us to trace and revoke malicious cloud users (leaking credentials). Our approach can be also used in the case where the usersā credentials are redistributed by the semi-trusted authority.
Advantages:Ā
- Provide general extensions (of our system) on the large universe, the multi-use, and the prime-order setting cases, so that the solution introduced in this paper is more scalable in real-world application.
- The conference version and further present two enhanced constructions,namely ATER-CP-ABE and ATIR-CP-ABE.These constructions allow us to effectively revoke the malicious users explicitly or implicitly.
- We also present the new definitions, technique and related materials of ATER-CP-ABE and ATIR-CP-ABE.
Reviews
There are no reviews yet.