How To Make A Secure Storage On A Mobile Device Secure



Similar documents
Efficient Energy Reduction and Enhancing Security Privacy in Mobile Cloud Computing

A Road Map on Security Deliverables for Mobile Cloud Application

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

A Comparative Study of cloud and mcloud Computing

Mobile Cloud Computing : Issues, Security,Advantages, Trends

ADVANCE SECURITY TO CLOUD DATA STORAGE

Enhancing Data Security in Cloud Storage Auditing With Key Abstraction

A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

Cryptographic Data Security over Cloud

Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm

DATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION

Security Issues in Mobile Cloud Computing

Mobile Cloud Computing Security Considerations

Security Considerations for Public Mobile Cloud Computing

RIGOROUS PUBLIC AUDITING SUPPORT ON SHARED DATA STORED IN THE CLOUD BY PRIVACY-PRESERVING MECHANISM

Keywords-- Cloud computing, Encryption, Data integrity, Third Party Auditor (TPA), RC5 Algorithm, privacypreserving,

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

A Review of Cloud Environment and Recognition of Highly Secure Public Data Verification Architecture using Secure Public Verifier Auditor

SECURITY STORAGE MODEL OF DATA IN CLOUD Sonia Arora 1 Pawan Luthra 2 1,2 Department of Computer Science & Engineering, SBSSTC

Secure Authentication of Distributed Networks by Single Sign-On Mechanism

Identifying Data Integrity in the Cloud Storage

Secure Role-Based Access Control on Encrypted Data in Cloud Storage using Raspberry PI

ABSTRACT I. INTRODUCTION

Role Based Encryption with Efficient Access Control in Cloud Storage

Improving data integrity on cloud storage services

Journal of Electronic Banking Systems

Comprehensive Study on Data Security in Cloud Data Store

Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment

Authentication. Authorization. Access Control. Cloud Security Concerns. Trust. Data Integrity. Unsecure Communication

Near Sheltered and Loyal storage Space Navigating in Cloud

A Survey on Secure Auditing and Deduplicating Data in Cloud

An Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method

Associate Prof. Dr. Victor Onomza Waziri

Data Security and Privacy in Cloud using RC6 Algorithm for Remote Data Back-up Server

A survey on cost effective multi-cloud storage in cloud computing

Privacy Patterns in Public Clouds

Secure cloud access system using JAR ABSTRACT:

Cloud Data Storage Services Considering Public Audit for Security

Data Security Using Reliable Re-Encryption in Unreliable Cloud

Data management using Virtualization in Cloud Computing

Index Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.

A Secure & Efficient Data Integrity Model to establish trust in cloud computing using TPA

Security Analysis of Cloud Computing: A Survey

An Efficiency Keyword Search Scheme to improve user experience for Encrypted Data in Cloud

Data Integrity by Aes Algorithm ISSN

Cloud Computing for hand-held Devices:Enhancing Smart phones viability with Computation Offload

Survey on Efficient Information Retrieval for Ranked Query in Cost-Efficient Clouds

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE

How To Secure Cloud Computing, Public Auditing, Security, And Access Control In A Cloud Storage System

Secrecy Maintaining Public Inspecting For Secure Cloud Storage

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 2, Special Issue (NCRTIT 2015), January 2015.

Privacy & Security of Mobile Cloud Computing (MCC)

Web Interface using HTML5 for Interaction between Mobile Device & Cloud- Services

Verifying Correctness of Trusted data in Clouds

Review On Incremental Encrypted Backup For Cloud

Security & Privacy Issues in Mobile Cloud Computing

Protection concern in Mobile Cloud Computing- A Survey

SECURE RE-ENCRYPTION IN UNRELIABLE CLOUD USINGSYNCHRONOUS CLOCK

Chapter 1: Introduction

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment

IMPLEMENTATION CONCEPT FOR ADVANCED CLIENT REPUDIATION DIVERGE AUDITOR IN PUBLIC CLOUD

Mobile Hybrid Cloud Computing Issues and Solutions

SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD

Cloud Information Accountability Framework for Auditing the Data Usage in Cloud Environment

Single Sign-On Secure Authentication Password Mechanism

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER

Secure Data Migration across Cloud System Using Third Party Auditor (TPA)

Krunal Patel Department of Information Technology A.D.I.T. Engineering College (G.T.U.) India. Fig. 1 P2P Network

Enhancing the Mobile Cloud Server security by MAC Address

CHAPTER 1 INTRODUCTION

SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT

PRIVACY ASSURED IMAGE STACK MANAGEMENT SERVICE IN CLOUD

Data Storage Security in Cloud Computing

Index Terms: Cloud Computing, Third Party Auditor, Threats In Cloud Computing, Dynamic Encryption.

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

International Journal of Advanced Research in Computer Science and Software Engineering

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

An Efficient Secure Multi Owner Data Sharing for Dynamic Groups in Cloud Computing

Customer Security Issues in Cloud Computing

Distributed Attribute Based Encryption for Patient Health Record Security under Clouds

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

Monitoring Data Integrity while using TPA in Cloud Environment

A Secure Decentralized Access Control Scheme for Data stored in Clouds

Secure Way of Storing Data in Cloud Using Third Party Auditor

Secure Data transfer in Cloud Storage Systems using Dynamic Tokens.

(C) Global Journal of Engineering Science and Research Management

Transcription:

Outsourcing with secure accessibility in mobile cloud computing Monika Waghmare 1, Prof T.A.Chavan 2 Department of Information technology, Smt.Kashibai Navale College of Engineering, Pune, India. Abstract Now a days a mobile device like a smart phone is becoming one of the major information processing devices for users. On the other hand, a mobile device is still resource constrained, and some applications, generally demand more resources than a mobile device can pay for. To overcome this, a mobile device should get resources from an external source. One of such sources present is cloud computing platforms. In Mobile Cloud computing generally front-end consist of users who possess mobile devices and back-end cloud servers. This pattern enables users to access a large volume of storage resources with portable devices in a distributed and cooperative manner. In between the times of uploading and downloading files or data, the privacy and integrity of files need to be guaranteed. In this paper a cloud platform is shaped for storage outsourcing, security necessities in mobile cloud are addressed and equivalent algorithms are addressed for guiding off-the-shelf implementation of mobile cloud communications. Keywords Mobile cloud computing, cloud computing, cloud servers, mobile devices, integrity, privacy I. BACKGROUND The term mobile cloud computing was introduced after the concept of cloud computing, this was launched in mid of 2007. It has been grabbing the attentions of entrepreneurs as a money making business option that minimizes the expansion and running cost of mobile applications, of mobile users as a latest technology to accomplish wealthy experience of a variety of mobile services at low cost. Mobile applications can be quickly provisioned and released with the negligible management efforts or service provider s communications. With the explosion of mobile applications and the support of Cloud Computing for a variety of services for mobile users, mobile cloud computing is introduced as an integration of cloud computing into the mobile environment. Mobile cloud computing i.e MCC brings new types of services and facilities for mobile users to take full advantages of cloud computing. But the major issue present in this technology is security of outsourced data as security is main issue in cloud computing also. Security risks in Mobile Cloud Computing are even more because we have to take care of cloud security as well as mobile security. II. INTRODUCTION Mobile Cloud Computing is a rising computational paradigm these days with fast access of lightweight Mobile Devices to end users and rapid deployment of Cloud Servers. Mobile cloud computing takes the advantages of cloud servers that provide flexible capabilities in terms of computation and storage at backend, as well as take the advantages of mobile devices that provide persistent accessing and universal computing at front-end. The combination of cloud servers and mobile devices not only balances the exchange between resource requirement and mobility demand for a single mobile user, but also constructs a cooperative connection among multiple mobile users. It broadly enlarges the computing power of individual mobile users and effortlessly links multiple cooperators in a mobile group. The architecture of the MCC is shown in Figure 1. ISSN: 2231-2803 http://www.ijcttjournal.org Page 526

Fig 1: Architecture of MCC [1] In Mobile Cloud Computing (MCC), Mobile Devices (MDs) essentially need to outsource some computation and storage tasks to Cloud servers as memory of mobile devices is limited. If the cloud servers used are trusted then it would be perfect for the migration or outsourcing; but if servers are distrusted, then there arises a critical problem of security. That is, how to preserve the outsourced computation and storage on the cloud being trusted. In this paper, focus is on the storage outsourcing in totally distrusted CSs, here computation outsourcing is conducted in trusted CS names as trusted third party server. Mobile device used is also considered as totally distrusted. After a MD generates a file and processes it, it may upload the file into a CS or multiple CSs. Client i.e user or other cooperators may access it in the future as per their need. Obviously, the privacy and integrity of the file must be maintained in the storage of CSs during the period between uploading and accessing the file. Though there are some papers present that address similar problems in storage [9-12], subtle design for secure storage outsourcing in MCC has not been broadly explored, especially in MCC environment. Some solutions assume CSs are trusted, which may be a too strong (unrealistic) assumption to constrain the applicability. Besides, the mobility of MDs and cooperative accessibility of files on CSs are not yet carefully considered. Moreover, as MDs may be lost incidentally, the storage of MDs are vulnerable to exposure, which is inappropriately ignored. Thus, all above situations are tackled in the design of this paper, and our schemes can guarantee the privacy and integrity of outsourcing files or data but maintain lightweight in terms of computation. As MCC platform is based on cloud computing so all the security issues in cloud computing are inherited in MCC with extra limitation of resource constraint mobile devices. Because of this resource limitation, the security algorithms planned for cloud computing environment cannot be directly run on mobile device. There is a requirement of lightweight secure framework that provides security with less communication and processing overhead on mobile devices. This need is the motivation for the paper. III. RELATED WORK Liu et al. projected to use hierarchical identity-based encryption algorithm provided that an efficient sharing of the secure storage services in cloud computing. Here the encryption is used just the once and only one copy of the corresponding cipher text needs to be stored. It needs MD having higher computation ability. Wei et al. proposed SecCloud, it is an auditing scheme, used to secure cloud computing based on probabilistic sampling technique [6]. It aims to consider secure data storage, computation and privacy preserving together. As it is an auditing scheme it is time consuming and the result may not be deterministic. Itani et al. proposed an energy-efficient protocol for ensuring the integrity of storage services in mobile cloud computing. The proposed protocol applies incremental cryptography and trusted computing to design secure integrity data structures. Ye et al.[5] developed an access protocol following the requirements to attain exact and ISSN: 2231-2803 http://www.ijcttjournal.org Page 527

efficient data accesses. They utilized regular semantics instead of atomic semantics to advance access efficiency. Park et al.[2] proposed a secure storage BLAST, which is improved by a stream cipher rather than a block cipher with a novel block accessible encryption mechanism based on streaming ciphers. Feng et al.[4] proposed an encryption method D-DOG (Data Division and Out-oforder key stream Generation) to guard data in the distributed storage environments. Itani et al.[8] proposed a PasS (Privacy as a Service), a set of security protocols for achieving the privacy and legal compliance of customer data in cloud architectures. PasS gives a privacy feedback process which informs users of the different privacy operations and makes them aware of any potential risks that may expose the confidentiality of their sensitive information. Xu et al. presented a mobile cloud data processing framework through trust management and private data isolation to protect user s privacy in the cloud. V. SYSTEM DESIGN In the architecture of this system the main four components are shown in the figure below. The mobile handset will carry mobile applications and server will contain glassfish server and web services that enables communication among the two. Here SOAP/XML is also used to activate communication. Server sends and receives data via XML. XML acts as common language between cloud servers and clients. The links between mobile device and servers are secured with the help of session encryption here diffie-hellman key exchange algorithm is used. IV. PROBLEM STATEMENT We can implement cloud security algorithms on mobile cloud also but the problem is that computation power of security algorithms used is high and mobile devices have very less computational power as well as battery life. To tackle this situation development of lightweight security scheme is required. Hence the aim of this paper is to provide Lightweight Storage Outsourcing with Secure Accessibility on distrusted cloud in Mobile Cloud computing that will assure data confidentiality and data integrity. That is storing the files created on mobile device in cloud server and providing security schemes that will assure data confidentiality and data integrity in single as well as multiple cloud servers while uploading and downloading. Fig 2: system architecture. The architecture is mainly divided into three parts: Mobile Device Cloud servers and database User 3.2.1 Mobile device (MD): It is a device prepared with capabilities such as computing, storage and wireless communication. Here android phone containing multiple mobile applications is used. ISSN: 2231-2803 http://www.ijcttjournal.org Page 528

3.2.2 Cloud server: It is a service provider in cloud computing. Server uses glassfish server and web services to communicate with mobile device/applications. Here SOAP/XML is used for connection between client and server. store hashed data. Mobile client can access both storage cloud server as well as trusted third party server. VI. SYSTEM FLOW Uploading Process: Two types of servers are used a) Storage server: Here outsourced data is stored in the form of encrypted files. It is used for storage purpose only no computation is done. b) Trusted hashing server: This is a trusted third party server used for storing log of hash of files for backup. This computing platform performs both computations as well as storage of hash. Database: MySQL is used as a database. Here encrypted user files are stored. c) Mobile User: It is a person who operates mobile device. Multiple servers may be present who want to access the same file or data in CS. The operated entity is a file or data. Mobile user uses mobile applications through mobile device to connect with the server. Here User sign in/up in the application for the purpose of uploading or downloading file on the server. Here SOAP/XML is used for connectivity between client and server. In this paper cloud service used for deployment is SaaS. Server contains database for storing encrypted user files. And another server called as trusted Hashing server which is used to Fig. 3 steps in uploading process When client wants to upload file on cloud server through mobile device, he has to login into the system with his password. Mobile device then sends this file to the trusted third party server or hashing server. TCP then generates Encryption key (EK) by applying standard hash function on concatenation of file name (FN), original file (FS) and key. EK= H (key FN FS) TCP encrypts file with encryption key EK by using AES algorithm. EF=EEK (FILE) TCP then returns this encrypted file to the mobile device. Mobile device uploads EF on cloud server, and stores H (FN) on trusted third party server i.e hashing server and deletes IK. Storage cloud server only receives files, saves it and sends acknowledgment to the user (MD). ISSN: 2231-2803 http://www.ijcttjournal.org Page 529

Downloading Process: Fig 4. Steps in downloading process While downloading a file, mobile device selects file name and retrieves encrypted file from storage cloud server. Mobile device then sends this file to trusted file server for decryption and verification. Here again hash is calculated by using sha-1 on file name, key and file size (of encrypted file) EK=H (key FN FS) Afterword, it decrypts the EF using regenerated EK to get original file. Decrypted file= DEC (F, EK) Here system will check integrity of file by comparing hash value of original file and encrypted file. If hash of both the files is same then we can say that file is valid or not modified. VII. CONCLUSION In this paper, system is proposed for protecting the confidentiality and integrity of uploading files or data in mobile storage cloud. It is considered that cloud is totally distrusted and mobile device is semi trusted or distrusted. Here only file names are stored on mobile device and no computation is done on it hence it will save computation power as well as battery life. This system guarantees the security goal and is the necessary condition of MCC as it involves algorithms such as AES, SHA-1,and diffiehellman. The AES algorithm is used for encryption,sha- 1 is used for calculating Hash function and session encryption is done for securing links between cloud server and client. This scheme can decrease the computation overhead on mobile. Schemes are flexible to the storage compromise on mobile devices, lightweight, and assume that the cloud servers are distrusted. Thus, they provide a stronger protection for more general and realistic application scenarios comparing with the previous work. VII. REFERENCES [1] Hoang T. Dinh, Chonho Lee, Dusit Niyato, and Ping Wang. A Survey of Mobile Cloud Computing: Architecture Applications, and Approaches,In Wireless Communications and Mobile Computing 2011. [2] Xu L, Xing T, Zhong Y, et al. Secure data processing framework for mobile cloud computing. In: IEEE INFOCOM 2011 Workshop on Cloud Computing (INFOCOMW11). Shanghai, China, 2011: 711-716. [3] Priyank Singh Hada, Ranjita Singh, Mukul Manmohan. Security Agents: A Mobile Agent based Trust Model for Cloud Computing.In International Journal of Computer Applications (0975 8887) Volume 36 No.12, December 2011 [4] Wei Ren, Linchen Yu, Ren Gao, Feng Xiong.Lightweight and Compromise Resilient Storage Outsourcing with Distributed Secure Accessibility in Mobile Cloud Computing. Tsinghua Science And Technology,ISSNl1007-0214ll06/09llpp520 528.Volume 16, Number 5, October 2011. [6] Manjunatha A, Ranabahu A, Sheth A, et al. Power of clouds in your pocket: An efficient approach for cloud mobile hybrid application development. In: 2010 IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom10). Indianapolis, IN, USA, 2010: 496-503. [7] Park K W, Kim C, Park K H. Blast: Applying streaming ciphers into outsourced cloud storage. In: 2010 IEEE 16 th International Conference on Parallel and Distributed Systems (ICPADS10). Shanghai, China, 2010: 431-437. [8] Itani W, Kayassi A, Chehab A. Energy-efficient incremental integrity for securing storage in mobile cloud computing. In: 2010 International Conference on Energy Aware Computing (ICEAC10). Cairo, Egypt, 2010: 1-2. [9] Liu Q, Wang G, Wu J. Efficient sharing of secure cloud storage services. In: 2010 IEEE 10th International Conference on Computer and Information Technology (CIT10). Bradford, West Yorkshire, UK, 2010: 922-929. ISSN: 2231-2803 http://www.ijcttjournal.org Page 530

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information