Aim:
Ā Ā Ā Ā Ā Ā Ā The main aim of this project is to provide integrity of an organization data which is in public cloud.
Synopsis:
Ā Ā Ā Ā Ā Ā Ā Ā Data owners will store their data in public cloud along with encryption and particular set of attributes to access control on the cloud data. While uploading the data into public cloud they will assign some attribute set to their data. If any authorized cloud user wants to download their data they should enter that particular attribute set to perform further actions on data ownerās data. A cloud user wants to register their details under cloud organization to access the data ownerās data. Users want to submit their details as attributes along with their designation. Based on the user details Semi-Trusted Authority generates decryption keys to get control on ownerās data.Ā An user can perform a lot of operations over the cloud data. If the user wants to read the cloud data he needs to be entering some read related attributes, and if he wants to write the data he needs to be entering write related attributes. Foe each and every action user in an organization would be verified with their unique attribute set. These attributes would be shared by the admins to the authorized users in cloud organization Crypt-DAC enforces dynamic access control that provides efļ¬ciency, as it does not require expensive decryption, re -encryption and uploading/re-uploading of large data at the administrator side, and security, as it immediately revokes access permissions.
Existing System:
Ā Ā Ā Ā Ā Ā Ā Ā Ā In existing system the CP-ABE may help us prevent security breach from outside attackers. But when an insider of the organization is suspected to commit the ācrimesā related to the redistribution of decryption rights and the circulation of user information in plain format for illicit financial gains, how could we conclusively determine that the insider is guilty? Is it also possible for us to revoke the compromised access privileges?In addition to the above questions, we have one more which is related to key generation authority. A cloud userās access credential (i.e., decryption key) is usually issued bya semi-trusted authority based on the attributes the user possesses. How could we guarantee that this particular authority will not (re-)distribute the generated access credentials to others.
Proposed System:
Ā Ā Ā Ā Ā Ā Ā In this work, we have addressed the challenge of credential leakage in CP-ABE based cloud storage system by designing an accountable authority and revocable Crypt Cloud which supports white-box traceability and auditing. This is the first CP-ABE based cloud storage system that simultaneously supports white-box traceability, accountable authority, auditing and effective revocation. Specifically Crypt-DAC, a cryptographically enforced dynamic access control system on untrusted cloud. Crypt-DAC delegates the cloud to update encrypted ļ¬les in permission revocations. Our approach can be also used in the case where the usersā credentials are redistributed by the semi-trusted authority.
Advantages:
- Advanced cryptographic primitives are applied for enforcing many access control paradigms.
- For example, attribute-based encryption (ABE) is a cryptographic counterpart of attribute-based access control (ABAC) model.
Reviews
There are no reviews yet.