International Journal of Modern Computer Science (IJMCS) ISSN: 2320-7868 (Online) Volume 4, Issue 2, April, 2016

RES Publication © 2012 Page | 125 http://ijmcs.info

Anti-Collusion Data Sharing Schema For Dynamic

Groups in Cloud Computing Environment

M. Usha M. Phil Research Scholar,

Department of Computer Science,

Mother Teresa Women’s University

Kodaikanal, India

Dr. K. Kavitha Assistant Professor,

Department of Computer Science,

Mother Teresa Women’s University

Kodaikanal, India

Abstract: Cloud Computing now a day is increasing over the last few years due to its attractive features like scalability, flexibility, low cost and

easy start up for the beginners. It provides effective security of the data and information in the cloud storage. The data Distribution in many

users accessing for dynamic groups preserves data and its identity and privacy from an untrusted cloud and grants access to frequent change of

membership. The group manager can revoke any number of users from the dynamic group. But there is possible for collusion when the revoked

user can try to access the cloud data without the knowledge of the group manager. In order to stop collusion, this paper proposes a set of schema

to make it possible. Primarily, a safe key distribution in a secure communication channel and the users can get the private key from the group

manager. Along with it, the group user can categorize their fine-grained access control as creator, reader and writer in the system. Also, the

revoked user of the group cannot get data and information from the untrusted cloud. Finally, this paper uses an effective polynomial function for

performing revocation of the group users.

Keywords: Cloud computing, anti-collusion, group manager, group user

I. INTRODUCTION

Cloud computing denotes to applications and services

distributed done on the Internet. These services are present

from data centers all over the existence, which joints are

referred to as the "cloud." This representation epitomizes the

intangible manner, and yet the universal nature of the Internet.

The hint of the "cloud" streamlines many networks and

computer systems, complicated in linked online services. This

symbolizes the Internet's wide-ranging reach, while

streamlining its complexity. Any user with an Internet

connection can contact the cloud and enjoy the services it

provides to them. Since these services are oftentimes coupled,

users can share information between several systems and with

other users.

The examples of cloud computing include

available backup services, dynamic social networking services,

and individual data services, etc. The Cloud computing also

includes online applications, such as those accessible through

Microsoft Online Services. The hardware services, similar as

redundant servers, mirrored websites or files, and Internet-

based clusters are also examples of cloud computing.

The services offered by the Cloud Computing are also

called as on demand computing, utility computing’s or pay as

we need to go computing. The services offered by the cloud

are Saas (Software as a service), Paas (Platform as Services),

Iaas (Infrastructure as Services). The deployment models of

cloud are Private Clouds, Public Clouds, Hybrid Clouds and

Community Clouds.

The cloud computing security is a definite set of

control based technologies and policies designed to observe to

monitoring the submission of rules and protect the information

and its data, application and infrastructure linked with cloud

computing to use. There are two issues in the security of the

cloud are Security issue faced by Cloud Service Provider

(CSP) and security issue faced by the users.

Some of the cloud security controls used is as stated

Deterrent Control

Preventive Control

Detective Control

Corrective Control

In cloud computing, preserving security and privacy

is quantified as Identity Management, Physical Security,

Personnel Security and Privacy. In addition to that, Data

security is enumerated as Data Confident, Data Access Control

and Data Integrity.

In this paper, we propose the secure key dispersion,

data confidentiality, fine grained access control, privacy

preserving user data application.

II. EXISTING SYSTEMS

In 2003, Kallahalla et al.[1] planned a system named

PLUTUS. It enables the secure file sharing on the untrusted

cloud servers by spending the cryptographic storage system.

Here, the files are divided into the file groups and encrypting

both groups with a unique file block key. Now then, the user

can share the file groups with the others by delivering the

matching lock box keys. The lock box key is used for

translating the file-block keys. But this conveys a heavy key

dispersion for the enormous amounts of file sharing.

Additionally, the file-block keys need to be restructured every

time every time the user revocation occurs. The updated keys

have to be distributed.

In 2007 C. Delerablee et al.[2] introduces advance,

capable constructions for public-key broadcast which suggests

International Journal of Modern Computer Science (IJMCS) ISSN: 2320-7868 (Online) Volume 4, Issue 2, April, 2016

RES Publication © 2012 Page | 126 http://ijmcs.info

stateless scheme receivers, collusion-safe encryption, and great

security. The new users can join anytime without inferring

modification of user decryption keys or even permanently

revoke any users. This system achieves the prime bound of

O(1). That is the size either for ciphertext or decryption keys,

or also bids a dynamic broadcast encryption technique that

improves all earlier efficiency methods for both finishing time

and its sizes in the private-key setting.

In 2013 Yong Cheng et al.[3] projected a security for

users to store and share their complex data in the cloud

storage. It provides a basic encryption and decryption for

security and data confidentiality. So, the cloud storage still has

some faults in its behavior. Primarily, it is ineffective for data

owners to allot the symmetric keys one by one, particularly

when there is a large number of files shared online. Also, the

access policy revocation is expensive, since the data owner has

to reclaim the data, and re-publish it. The first problem can be

resolved by consuming ciphertext policy attribute-based

encryption (CP-ABE) algorithm. To adjust the revocation

procedure, they are existing a new, capable revocation scheme.

In this schema, the original data are first divided into a number

of slices, and then issued to the cloud storage. When a

revocation occurs, the data owner requests only to retrieve one

slice, and re-encrypt and re-publish it. So, the revocation

process is affected by only one slice in its place of the whole

data.

III. DESIGN OBJECTIVES OF PROPOSED SYSTEM

The main design objectives of the schema include: [1]

A safe key dispersion with no secure

communication channel. The user gets the private

key from Certificate authorities with the public key.

The group users can provide fine-grained access

control of the group manager.

The group user can revoke from the dynamic groups

safely with the influence of the polynomial function.

The number of the user revoked is independent of the

existing user in dynamic groups getting the private

key.

A. SYSTEM MODEL

The System model consists of the Group Manager,

Group user, and the Cloud[1]. The Group member or group

users can divide as creator, reader and writer.

The system setup is as follows

Step1: Set up the Cloud Server

Step2: Confirm the Group Manager

Step3: Select Group Member with privileges

Step4: Group Member Registration

Step5: Key Distribution for Group Member & Group

Manager

Step 6: Data Read/Write/Create

Step 7: Revocation procedures

The work flow of the system model is

File Upload

Revocation File download

Approval

User Request

Consent ok

Divides as

B. Methodology

Preliminaries:[1]

Bilinear Maps:

Let G1 and G2 be additive cyclic groups of the same

prime order q.

Let e: G1 x G2 G2 denote a bilinear map

constructed with the following properties:

1. Bilinear: a, b Z*q and P,Q G1,

e( aP,bQ) = e(P,Q)ah

2. Non generate: There exists a point Q such

that e(Q.Q)≠ 1.

3. Computable: There is an efficient algorithm to

compute e(P,Q) for any P,Q G1.

C. Asymmetric Encryption Algorithm

Step 1: Select two Prime Numbers P and Q

Step 2: Compute N=p*q

Compute φ(N)=(p-1)*(q-1)

Step 3: Choose e such that 1<e<φ(N) and

e and N are Co prime

Step 4: Computer a value for d such that

(d *e) % φ(N)=1

Step 5: Public key is (e, N)

Private Key is (d, N)

The asymmetric Encryption techniques enable the

group manager to dynamically increase fresh user and at the

same time reserves the earlier calculated information. So,

newly joined users can straightly decrypt data files without

cloud

Group

Manager

Group User

1. Creator

2. Writer

3. Reader

International Journal of Modern Computer Science (IJMCS) ISSN: 2320-7868 (Online) Volume 4, Issue 2, April, 2016

RES Publication © 2012 Page | 127 http://ijmcs.info

contacting with the owners. So that there will be no need to

change user decryption keys.

D. System Entities Work

1. User Registration

For user registration of user member has an ID. The

group manager adds the user ID into the group user

list, which will be used in tracking. After registration,

user obtains a private key, with will be used for group

signature and file decryption. While during

registration itself, the user differentiates themselves

as a creator or a writer or a reader.

Registered to

Adds user to

Send to

2. Upload Files

The File upload is done only by the group

Manager or an admin.

3. Files Update

Moreover, the creator and writer only can do

editing of the data with the consent of the group

manager. The reader can only use the data content

with authorization.

4. File Deletion

The file or data stored in the cloud are

deleted by either the group manager or the

member who uploaded the file into the server.

5. Revoke user from the group

User revocation is performed by group manager

by executing a polynomial function done by group

manager alone. Once the user is revoked from the

group, then the group member cannot be able access

the cloud resources and its data.

Revokes

Details of Revoked user

Sent to

IV. ADVANTAGES OF PROPOSED SYSTEM

The computation cost is irrelevant to the number of

revoked users. Since the number of users revoked is

independent of the operations of the members to decrypt the

data files almost remain same. Again the cost is not dependent

on the number of users revoked. Because, the file upload in

this schema consists of two verifications for signature. The

user can obtain the private key safely from group manager

Certificate Authorities and secure communication channels.

This scheme supports the dynamic group efficiently, as in the

private key of any user need not to be changed when a user is

revoked.

V. CONCLUSION

Here, we frame a secure anti- collusion data sharing

schema for dynamic groups in cloud computing. The scheme

includes safe and secure key dispersion, fine grained access

control, safe user revocation procedure and no change of the

private key for the users are manipulated in the cloud

computing environment.

REFERENCES

[1] Zhongma Zhu and Rui Jiang, “A secure anti-collusion data

sharing scheme for dynamic groups in the cloud”, IEEE Transactions

on parallel and distributed systems, vol.27, no.1, January 2016

[2] C. Delerablee, P. Paillier, and D. Pointcheval, “Fully Collusion

Secure Dynamic Broadcast Encryption with Constant-Size

Ciphertexts or Decryption Keys,” Proc. First Int’l Conf. Pairing-

Based Cryptography, pp. 39-59, 2007.

[3] Yong CHENG, Jun MA and Zhi-ying “Efficient revocation in

cipertext-policy attribute-based encryption based cryptographic cloud

storage” Zhejiang University and Springer-Verlag Berlin 2011

[4] Xuefeng Liu, Yuqing Zhang, Boyang Wang, and Jingbo Yan,

“Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the

Cloud”, IEEE Transactions On Parallel and Distributed Systems,

Vol.24, No. 6, June 2013.

[5] S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving Secure,

Scalable, and Fine-Grained Data Access Control in Cloud

Computing,” Proc. IEEE INFOCOM, pp. 534- 542, 2010.

[6] D. Boneh, X. Boyen, and H. Shacham, Short Group Signature,

Proc. Intl Cryptology Conf. Advances in Cryptology (CRYPTO), pp.

41-55, 2004. D. Dolev and A. C. Yao, “On the security of public key

protocols,”

[7] B. Waters, “Ciphertext-Policy Attribute-Based Encryption: An

Expressive, Efficient, and Provably Secure Realization,”

Proc.Int’lConf. Practice and Theory in Public Key Cryptography

Conf. Public Key Cryptography, http://eprint.iacr.org/2008/290.pdf,

2008.

[8] Theory in Public Key Cryptography Conf. Public Key

Cryptography, http://eprint.iacr.org/2008/290.pdf, 2008.

[9] M. Armbust, A. Fox, R. Griffith, A. D. Joseph,R. Katz, A.

Konwinski, G.Lee, D. Patterson, A. Rabkin, I. Stoica and M. Zaharia,

“A view of cloud computing “, commun. ACM, vol. 53, no. 4, pp.50-

58, April 2010.

[10] https://en.wikipedia.org/wiki/Cloud_computing_security

Group user Group

Manager

Active User

List Cloud

Group

Manager User

Revocation

List Cloud