International Journal of Computer Systems (ISSN: 2394-1065), Volume 03 Issue 02, February, 2016

Available at http://www.ijcsonline.com/

Decentralized Access Control Based Crime Analysis- Survey

a

Badhusha S , aChippy Raju, aDhanya V.S, aNazila A.N, aSyamini S, bSuja Vijayan, cJooby E

College of Engineering, Perumon, Kerala, India

Department of Information Technology, College of Engineering, Perumon, Kerala, India
C
Department of computer science, College of Engineering, Perumon, Kerala, India

Abstract
Research in cloud computing is receiving a lot of attention from both academic and industrial worlds. In cloud
computing, users can outsource their computation and storage to servers using Internet. Clouds can provide several
types of services like applications infra- structures and platforms to help developers write applications Windows Azure
Much of the data stored in clouds is highly sensitive. Security and privacy are, thus, very important issues in cloud
computing. In one hand, the user should authenticate itself before initiating any transaction, and on the other hand, it
must be ensured that the cloud does not tamper with the data that is outsourced. User privacy is also required so that the
cloud or other users do not know the identity of the user. The cloud can hold the user accountable for the data it
outsources, and likewise, the cloud is itself accountable for the services it provides. The validity of the user who stores
the data is also verified. Apart from the technical solutions to ensure security and privacy, there is also a need for law
enforcement. The cloud is also prone to data modification and server colluding attacks. In server colluding attack, the
adversary can compromise storage servers, so that it can modify data files as long as they are internally consistent. To
provide secure data storage, the data needs to be encrypted. Security and privacy protection in clouds are being explored
by many researchers.

I.

ABOUT THE SYSTEM

In our system we propose anew privacy preserving

authenticated access control scheme for securing data in
clouds. The cloud veries the authenticity of the user
without knowing the users identity before storing
information. In this system the valid users are able to
decrypt the stored information. It also prevent the replay
attack .And also supports creation, modication, and
reading data stored in the cloud. The authentication and
access control scheme is decentralized. The cloud or other
users do not know the identity of the user. The user privacy
is also an important factor. Authentication of users are
provided by using cryptographics techniques The cloud
receives ciphertext of the data and performs computations
and encoded value of the result by using homomorphic
encryption.
Access control in clouds is gaining attention because
it is important that only authorized users have access to
valid service. A huge amount of information is being stored
in the cloud, and much of this is sensitive information. Data
can be accessed by users who have matching roles. The
roles are dened by the system. In this system we propose a
flexible distributed storage integrity auditing mechanism,
utilizing the homomorphic token and distributed erasurecoded data. In order to achieve the assurances of cloud data
integrity and availability and enforce the quality of cloud
storage service, efficient methods that enable on-demand
data correctness verification on behalf of cloud users have
to be designed. It is more advantages for individual users to
store their data redundantly across multiple physical
servers so as to reduce the data integrity and availability

threats. Thus, the distributed protocols for storage

correctness assurance will be of most importance in
achieving robust and secure cloud storage systems. we
propose an effective and flexible distributed storage
verification scheme with explicit dynamic data support to
ensure the correctness and avail- ability of users data in
the cloud. In this paper we propose a an effective and
flexible distributed storage verification scheme with
explicit dynamic data support to ensure the correctness and
avail- ability of users data in the cloud. Because cloud data
do not reside at users local site but at CSPs address
domain, these threats can come from two different sources:
internal and external attacks. The adversary in our model
has the following capabilities, which captures both external
and internal threats toward the cloud data integrity.
Correcting code may be used to tolerate multiple failures in
distributed storage systems. In cloud data storage, we rely
on this technique to disperse the data file F redundantly
across a set of n=m+k distributed servers. An(m,k)ReedSolomon erasure-correcting code is used to create k
redundancy parity vectors from m data vectors in such a
way that the original m data vectors can be reconstructed
from any m out of the m+k data and parity vectors. By
placing each of the m+k vectors on a different server, the
original data file can survive the failure of any k of the m+k
servers without any data loss, with a space overhead of
k/m. In order to achieve assurance of data storage
correctness and data error localization simultaneously, our
scheme entirely relies on the pre computed verification
tokens. Error localization is a key prerequisite for
eliminating errors in storage systems. It is also of critical
importance to identify potential threats from external
attacks. Our scheme outperforms those by integrating the

99 | International Journal of Computer Systems, ISSN-(2394-1065), Vol. 03, Issue 02, February, 2016

Badhusha S et al

Decentralized Access Control Based Crime Analysis- Survey

correctness verification and error localization in our

challenge-response protocol. The response values from
servers for each challenge not only determine the
correctness of the distributed storage, but also contain
information to locate potential data error(s). Since our
layout of file matrix is systematic, the user can reconstruct
the original file by downloading the data vectors from the
first m servers, assuming that they return the correct
response values. In our architecture the user does not have
the time, feasibility, or resources to perform the storage
correctness verification. The new design is based on the
observation of linear property of the parity vector blinding
process. Which means that the reason of blinding process is
for protection of the secret matrix P against cloud servers.
It also provides dynamic data operation also have high
security strength. In our scheme, servers are required to
operate only on specified rows in each challenge-response
protocol execution. It also have a probability to detect data
modification. It also have a probability to identify the
misbehaving servers. t, if the adversary modifies the data
blocks among any of the data storage servers, our sampling
checking scheme can successfully detect the attack with
high probability. As long as the data modification is
caught, the user will further determine which server is
malfunctioning. It also have a capability to security
strength against worst case scenario.it is a must to blind the
parity blocks and how our proposed schemes achieve
collusion resistance against the worst case scenario in the
adversary model. File distribution preparation includes the
generation of parity vectors as well as the corresponding
parity blinding part. parity vectors. Our scheme the number
of verification token t is a fixed priori determined before
the distribution.
More and more sensitive information are being
centralized into the cloud. The individual users might want
to only retrieve certain specic data les they are interested
in during a given session. One of the most popular ways is
to selectively retrieve les through keyword-based search
instead of retrieving all the encrypted les back which is
completely impractical in cloud computing scenarios
Data encryption also demands the protection of
keyword privacy since keywords usually contain important
information related to the data les.The encryption
keyword can protect keyword privacy. Data security is an
important in cloud. Access control is major issue to secure
the stored data in cloud. Thus the proposing privacy
preserving authenticated access control scheme for
securing shared data in cloud. In the proposed scheme
supports authenticated access control for anonymous user
to share data on cloud also additional feature in access
control which provides authentication for the user, in which
only valid users are able to decrypt the stored information.
User authentication and access control scheme are
introduced in decentralized, which prevent replay attacks
and also supports to creation, , and reading, modification
data stored in the cloud. Implementation also provide
feature user revocation. Access control is gaining
importance in online social networking where users store
their personal information, pictures, and videos and share
them with selected groups of users or communities they
belong to. Security and privacy are vital issues in cloud
computing. First the user ought to authenticate itself before
initiating any transaction, but on the other side, it should be

ensured that the cloud or other users do not know the

identity or credentials of the user. There are three
objectives to protect the data they are confidentiality,
integrity, and availability. Authentication has significant to
different fields. In anthropology, antiques, and art, a
common crisis is verifying that a given arti-fact was
formed by a particular person or was formed at a certain
place. In computer science, verifying a person's identity is
often required to secure access to confidential data or
systems. In the Existing System, data are accessed in
centralized form on the basis of key distributed center. Key
distributed center does not support for authentication. A
single failure of KDC can affect the maximum number of
data in cloud storage. It is most difficult to maintain the
large number of data in cloud for centralized form. In
clouds where is a very difficult task and involves technical
facts and law enforcement. Clouds and users, No one
unable to deny any requested or performed operations. Due
to use of single key distribution center, single point failure
may be occurred and at that it is very difficult to manage
because of multiple numbers of users those are supported
in a cloud. But in those system having disadvantages like,
data storage are only predicated on centralized form. And
additionally it affects the maintenance of astronomically
immense number of data storage in cloud. It does not
fortify the authentication control. Authentication has
significant to different fields. In anthropology, antiques,
and art, a common crisis is verifying that a given arti-fact
was formed by a particular person or was formed at a
certain place. In computer science, verifying a person's
identity is often required to secure access to confidential
data or systems. In the Existing System, data are accessed
in centralized form on the basis of key distributed center.
Key distributed center does not support for authentication.
A single failure of KDC can affect the maximum number
of data in cloud storage. It is most difficult to maintain the
large number of data in cloud for centralized form. In
clouds where is a very difficult task and involves technical
facts and law enforcement. Clouds and users, No one
unable to deny any requested or performed operations. Due
to use of single key distribution center, single point failure
may be occurred and at that it is very difficult to manage
because of multiple numbers of users those are supported
in a cloud. But in those system having disadvantages like,
data storage are only predicated on centralized form. And
additionally it affects the maintenance of astronomically
immense number of data storage in cloud. It does not
fortify the authentication control. The scheme do not
provide user authentication. The other disadvantage is that
a user can only create and store a file and other users can
only read the file. Write access is not permitted to users
other than the creator. The system support to authenticate
the validity of message without hiding the identity of the
user who has stored data in the cloud. Key Policy Attribute
Based Encryption scheme is a public key cryptography
primitive that is for one-to-many communications. In this,
data are associated with attributes for each of which a
public key is defined. The one who encrypts the data, i.e.,
the encrypt associates the set of attributes to the data or
message by encrypting it with a public key. Users are
assigned with an access structure which is defined as an
access tree over the data attributes.
In cloud computing, the data owner wants to share the
data from the cloud in the sense owner encrypt the data

100 | International Journal of Computer Systems, ISSN-(2394-1065), Vol. 03, Issue 02, February, 2016

Badhusha S et al

Decentralized Access Control Based Crime Analysis- Survey

then uploaded into the cloud storage. All the sensitive

cloud datas are encrypted to avoid the unauthorized user
access of the cloud data. The different schemes exist that
provide security, data confidentiality and access control.
The encryption scheme provides security to the cloud data,
and one of the schemes is attribute based encryption
scheme. One of the encryption schemes is Attribute-Based
Encryption (ABE) which is a new paradigm where such
policies are specified and cryptographically enforced in the
encryption algorithm itself. The existing ABE schemes are
of two types. They are Key-Policy ABE (KP-ABE) scheme
and Cipher text-Policy ABE (CP-ABE) scheme. In KPABE scheme, attribute policies are associated with keys
and data is associated with attributes. Only the keys
associated with the policy that is satisfied by the attributes
associating the data can decrypt the data.
II.

CONCLUSION

We have introduced a decentralized access control

system with anonymous authentication, which gives client
renouncement also prevents replay attacks. The cloud does
not know the identity of the client who saves data, however
just checks the client's certifications. Key dissemination is
carried out in a decentralized manner. One limit is that the
cloud knows the access strategy for each one record saved
in the cloud. User privacy is also required so that the cloud
or other users do not know the identity of the user. The
cloud can hold the user accountable for the data it
outsources, and likewise, the cloud is itself accountable for
the services it provides. The validity of the user who stores
the data is also verified. Apart from the technical solutions
to ensure security and privacy, there is also a need for law
enforcement. Efficient search on encrypted data is also an
important concern in clouds. The clouds should not know
the query but should be able to return the records that
satisfy the query.. Access control in clouds is gaining
attention because it is important that only authorized users
have access to valid service. A huge amount of information
is being stored in the cloud, and much of this is sensitive
information.
REFERENCES
[1]

[2]

[3]

[4]

[5]

[6]

S. Ruj, M. Stojmenovic, and A. Nayak, Privacy Preserving Access

Control with Authentication for Securing Data in Clouds, Proc.
IEEE/ACM Intl Symp. Cluster, Cloud and Grid Computing, pp.
556- 563, 2012.
C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou, Toward Secure
and Dependable Storage Services in Cloud Computing, IEEE
Trans. Services Computing, vol. 5, no. 2, pp. 220-232, Apr.June 2012.
J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, Fuzzy
Keyword Search Over Encrypted Data in Cloud Computing, Proc.
IEEE INFOCOM, pp. 441-445, 2010.
S. Kamara and K. Lauter, Cryptographic Cloud Storage, Proc.
14th Intl Conf. Financial Cryptography and Data Security, pp. 136149, 2010.
H. Li, Y. Dai, L. Tian, and H. Yang, Identity-Based
Authentication for Cloud Computing, Proc. First Intl Conf. Cloud
Computing (CloudCom), pp. 157-166, 2009.
C. Gentry, A Fully Homomorphic Encryption Scheme, PhD
dissertation, Stanford Univ., http://www.crypto.stanford.edu/ craig,
2009.

101 | International Journal of Computer Systems, ISSN-(2394-1065), Vol. 03, Issue 02, February, 2016