Decentralized access control with anonymous authentication of data stored in clouds

Decentralized access control with anonymous authentication of data stored in clouds

• 1.
  ECRUITMENT SOLUTIONS (0)9751442511,9750610101 #1, Ist Cross, Ist Main Road, Elango Nagar,Pondicherry-605 011. tech@ecruitments.com www.ecruitments.com Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds ABSTRACT: We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable to centralized approaches. EXISTING SYSTEM: Research in cloud computing is receiving a lot of attention from both academic and industrial worlds. In cloud computing, users can outsource their computation and storage to servers (also called clouds) using Internet. This frees users from the hassles of maintaining resources on-site. Clouds can provide several types of services like applications (e.g., Google Apps, Microsoft online), infrastructures (e.g., Amazon’s EC2, Eucalyptus, Nimbus), and platforms to help developers write applications uses a symmetric key approach and does not support authentication. The schemes
• 2.
  ECRUITMENT SOLUTIONS (0)9751442511,9750610101 #1, Ist Cross, Ist Main Road, Elango Nagar,Pondicherry-605 011. tech@ecruitments.com www.ecruitments.com do not support authentication as well. It provides privacy preserving authenticated access control in cloud. PROPOSED SYSTEM: In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. We proposed a fully decentralized ABE where users could have zero or more attributes from each authority and did not require a trusted server. In all these cases, decryption at user’s end is computation intensive. So, this technique might be inefficient when users access using their mobile devices. To get over this problem, we proposed to outsource the decryption task to a proxy server, so that the user can compute with minimum resources. CONCLUSION: We have presented a decentralized access control technique with anonymous authentication, which provides user revocation and prevents replay attacks. The cloud does not know the identity of the user who stores information, but only verifies the user’s credentials. Key distribution is done in a decentralized way. One limitation is that the cloud knows the access policy for each record stored in the cloud. In future, we would like to hide the attributes and access policy of a user.
• 3.
  ECRUITMENT SOLUTIONS (0)9751442511,9750610101 #1, Ist Cross, Ist Main Road, Elango Nagar,Pondicherry-605 011. tech@ecruitments.com www.ecruitments.com