Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks

Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks

Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks
Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks

ABSTRACT:

This paper presents a novel Multi-message Ciphertext Policy Attribute-Based Encryption (MCP-ABE) technique, and employs the MCP-ABE to design an access control scheme for sharing scalable media based on data consumers’ attributes (e.g., age, nationality, or gender)rather than an explicit list of the consumers’ names. The scheme is efficient and flexible because MCP-ABE allows a content provider to specify an access policy and encrypt multiple messages within one Ciphertext such that only the users whose attributes satisfy the access policy can decrypt the Ciphertext. Moreover, the paper shows how to support resource-limited mobile devices by offloading computational intensive operations to cloud servers while without compromising data privacy

EXISTING SYSTEM:

A promising approach to access control in content sharing services is to empower users to enforce access controls on their data directly, rather than through a central administrator. However, this requires flexible and scalable cryptographic key management to support complex access control policies. A native access control solution is to assign one key for each user attribute, distribute the appropriate keys to users who have the corresponding attributes, and encrypt the media with the attribute keys repeatedly Another method is to classify users into different roles based on their attributes, assign role keys to users, and then encrypt the content using the role keys. However, this approach results in high complexity, i.e., the number of keys for each user and the number of cipher texts for one message are on the order of where is the number of all possible user attributes. Both of these solutions suffer from the rigid and inflexible definition of the underlying access control policies. A remedy to this problem is employing Ciphertext Policy Attribute-Based Encryption (CP-ABE). In CP-ABE, a Ciphertext is embedded with an access control policy, or access policy for short, associated with user attributes. A recipient of the ciphertext is able to decrypt the ciphertext only if her attributes satisfy the access policy in the ciphertext. CP-ABE can be viewed as a one-to-many public key encryption scheme and hence enables a data owner to grant access to an unknown set of users. Nonetheless, existing CP-ABE schemes merely deliver one encrypted message per ciphertext to all authorized users and are not optimal for efficient sharing of scalable media.

DISADVANTAGES OF EXISTING SYSTEM:

  • In an existing system solution is flexible, but it is vulnerable to collusion attack.
  • The existing method is to classify users into different roles based on their attributes, assign role keys to users, and then encrypt the content using the role keys. However, this approach results in high complexity.
  • Existing CP-ABE schemes merely deliver one encrypted message per ciphertext to all authorized users and are not optimal for efficient sharing of scalable media.

PROPOSED SYSTEM:

In this paper we present an access control scheme for scalable media. The scheme has several benefits which make it especially suitable for content delivery. For example, it is extremely scalable by allowing a data owner to grant data access privileges based on the data consumers’ attributes (e.g., age, nationality, gender) rather than an explicit list of user names; and it ensures data privacy and exclusiveness of access of scalable media by employing attribute-based encryption. For this purpose, we introduce a novel Multi-message Ciphertext Policy AttributeBased Encryption (MCP-ABE) technique. MCP-ABE encrypts multiple messages within one ciphertext so as to enforceflexible attribute-based access control on scalable media. Specifically, the scheme constructs a key graph which matches users’ access privileges, encrypts media units with the corresponding keys, and then encrypts the key graph with MCP-ABE; only those data consumers with the required user attributes can decrypt the encryption of the key (sub) graph and then decrypt the encrypted media units. To cater for resource-limited mobile devices, the scheme offloads computational intensive operations to cloud servers while without compromising user data privacy.

ADVANTAGES OF PROPOSED SYSTEM:

  • The present scheme is also secure against user collusion attacks due to use of attribute-based encryption.
  • The experiments demonstrate that the present scheme is applicable on smartphone, especially when a cloud platform is available.
  • We present an access control scheme for scalable media. The scheme has several benefits which make it especially suitable for content delivery.

SYSTEM ARCHITECTURE:

MODULES:

  1. Backend Server
  2. Foreground server
  3. Attribute Authority
  4. Users or data owners

MODULES DESCRIPTION:

Backend Server:

Backend server is part of the infrastructure of the cloud computing platform. According to the National Institute of Standards and Technology (NIST), cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks,  servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider’s interaction. Cloud computing platforms are assumed to have abundant storage capacity and computation power. Hence, from the viewpoints of network service providers, cloud computing significantly decreases the traffic and storage requirements incurred by their applications.

Foreground Server:

Foreground server provides the services which are always online. A server is often operated by a cloud service provider (CSP), but sometimes, a user is able to run his/her own services on the cloud platform too. The foreground services may include web service, database service, media maker service, media de-coding service, identity management service, etc.

Attribute Authority:

Attribute Authority (AA), a trusted third party, sets up the system parameters of attribute-based encryption system (such as system-wide public key and master key), verifies every user’s attributes (e.g., group membership, role, and security clearance or authorization information) and issues personal secret key corresponding to the set of attributes of the user. In practice, there could be multiple AAs in a system. For example, a university or corporate may run an AA, and a user may act as an AA for his/her extended family members.

Data Owner or User Modules:

User may be a data owner, or a data consumer, or both. A data owner produces (protected or unprotected) media content (text, voice, video, etc.), and uploads the media content to cloud servers. To enforce access control to his data, the data owner as-signs access privileges to data consumers whom the data owner may or may not know. A data consumer downloads media con-tent of her interest from cloud servers, and obtains the content based on her attributes and the access policy of the data owner. To this end, the data consumer must obtain from AA a personal secret key bound to her set of attributes.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

  • System : Pentium IV 2.4 GHz.
  • Hard Disk       : 40 GB.
  • Floppy Drive : 1.44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse : Logitech.
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS:

  • Operating system : – Windows XP.
  • Coding Language :  NET, C#.Net.
  • Data Base :  SQL Server 2005

REFERENCE:

Yongdong Wu, Zhuo Wei, and Robert H. Deng “Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks”- IEEE TRANSACTIONS ON MULTIMEDIA, VOL. 15, NO. 4, JUNE 2013.