Cloud computing is set of resources and services offered through the
Internet. Cloud services are delivered from datacenters located throughout the
world. One of the most prominent services offered by cloud computing is cloud
storage. Cloud storage is simply a term that refers to online space that you
can use to store your data. The biggest hurdle in wide acceptance of cloud
computing is security. Users of cloud services are in fear of data loss and
privacy. Security concerns of cloud computing are data loss, leakage of data,
client’s trust, user’s authentication, malicious users handling, wrong usage of
Cloud computing and its services 18. This project aims at removing these
security concerns over the private data part of the public cloud. Having
analyzed the security threats above, we build a trusted cloud storage system,
which allow the user to store and access their data securely in the cloud by
encrypting the data in the client side and decrypting the data after downloading
from the cloud. Since the private key is owned by the user of the data, no one
can decrypt the data, even though hackers can get the data through some
approaches. Moreover, user will securely authenticate itself by using different
input parameters at the time of login to the cloud server. This project can
make users assure about the security of data stored in the cloud.
Public key cryptographic algorithms (asymmetric key algorithms) play an
important role in providing security services such as Key management, User
authentication, Signature and Certificate. Public key cryptography systems are
constructed by relying on the hardness of mathematical problems as
RSA: based on the integer
DH: based on the discrete logarithm problem
The main problem of conventional public key cryptography systems is that
the key size has to be sufficient large in order to meet the high-level
security requirement. This results in lower speed and consumption of more
bandwidth. The solution of this problem is to use Elliptic Curve Cryptography
system in the approach.
1.3. Problem Statement
the biggest concern in cloud computing. Users worry that the data saved on a
remote storage is unsafe and susceptible to get hacked. Due to this, users
still aren’t likely to entrust their data over the cloud without an assurance
that they can access their data whenever they want and no one else is able to
get it. Moreover, authentication of users over the cloud is also an important
concern to think about. We propose a scheme that provides security of user’s
private data of storing and accessing over the cloud and also authentication of
the user to the cloud server.
The objective of this project is to develop a system that provides
security of user’s private data for storing and accessing over the cloud with
strong authentication of the user to the cloud server.
It is assumed that the reader of this project has studied elementary
concept of Cryptography and Cloud Computing. Since there are already a lot of
books and articles about Cryptography and ECC, this isn’t the place to explain
the theory again. An excellent reference is the books 5-11.
The results of this project are tested and implemented in the Java
technology Client Server application supporting software is required for the
implementation of this project.
1.7. Definitions of Terms
of terms applied in this research are listed below:
Elliptic Curves – An elliptic curve over a field
K is a nonsingular cubic curve in two variables,
f(x,y) =0 with a rational point (which may be a point at infinity).
Elliptic Curve Cryptography – Elliptic
curve cryptography (ECC) is an approach to
public-key cryptography based on the algebraic structure of elliptic curves
over finite fields.
One Time Password – A one-time password (OTP) is a
password that is valid for only one
login session or transaction, on a computer system or other digital device.
Certification Authority – A
certification Authority (CA), which is a base of PKI is an entity trusted by one or more entities to create and assign
SSL – SSL (Secure Sockets Layer) is a
standard security technology for establishing an encrypted link between a server and a client.
1.8. Dissertation Organization
The outline of the dissertation is as follows:
Chapter 2 provides an overview of some important
background information and describes the
literature survey of various group key management schemes. Various group
key management schemes are reviewed and comparison is drawn between these based
on different parameters.
Chapter 3 describes the literature survey and conclusion of various authentication
and storage and access scheme over
the cloud using ECC.
Chapter 4 presents the proposed scheme for Efficient and Secure data storage and access
scheme in cloud computing using
Elliptic Curve Cryptography
Chapter 5 presents the realization of the proposed scheme.
The scheme is implemented using Dot
Net technology and the screen shots of various phases are presented.
Chapter 6 summarizes the achievements of this thesis and highlights its contributions
along with its limitations. Possible
future research is also discussed in this chapter.