Provably secure and lightweight identity-based authenticated data sharing protocol forcyber-physical cloud environment

ABSTRACT

Secure and efficient file storage and sharing via authenticated physical devices remain challenging to achieve in a cyber-physical cloud environment, particularly due to the diversity of devices used to access the services and data. Thus in this paper, we present a lightweight identity-based authenticated data sharing protocol to provide secure data sharing a geographically dispersed physical devices and clients. The proposed protocol is demonstrated to resist chosen-cipher text attack(CCA) under the hardness assumption of decisional-Strong Daffie-Hellman (SDH) problem. We also evaluate the performance of the proposed protocol with existing data sharing protocols in terms of computational overhead, communication overhead, and response time.

EXISTING SYSTEM :

A number of the application models discussed in impose intensive coding on the programmers. In order to ease the burden on the programmers, new programming tools are required that provide programming abstraction and hide the underlying complexities of the cloud and mobile devices. The developed applications usually support one execution platform, thus, limiting the offloading of the elements (applications, components, clones) to other platforms. The mobile cloud execution platforms need to be standardized to ease computation offloading to the mobile cloud platforms.

Also, new energy consumption models are required to facilitate accurate decision making by considering the main entities involved in the offloading process. The mobile cloud application models that are based on augmented execution of the Smartphone clone in the cloud require synchronization of the Smartphone and the clone. Therefore, new synchronization policies are required that can perform timely synchronization, taking into account accuracy, execution delay, and bandwidth utilization. Moreover, a Smartphone clone contains its user’s data and licensed applications that are vulnerable to security attacks and piracy issues.

A security mechanism is required to secure the clones from illegal access and protect the Smartphone users from the malicious VMs executing in the cloud. Nevertheless, if a Smartphone clone falls into the wrong hands, then the adversary may install the clone on a Smartphone of the same model and access the licensed applications illegally. To handle this issue, a new mobile cloud application piracy control framework is required. Some European Union data management laws and cloud computing principals are contrary to each other. Moreover, the provision of virtually unlimited resources to untrustworthy users may cause problems for the victims (enterprises, users) and the service providers.

Therefore, new policies are required that can confine mobile user access to optimum resources, or timely identify and revoke access of the untrustworthy users. Consequently, there is a need to standardize the mobile cloud computing platforms and refine the data management laws accordingly, so that the mobile cloud computing can flourish and mobile users can truly benefit from the cloud computing technology.

PROPOSED SYSTEM :

The proposed protocol is designed to achieve authentication between a physical device and the cloud controller, and provide a secure end-to-end secure communication in the cloud using IBE scheme. Specifically,1) Our proposed protocol provides mutual authentication, and essential features such as client registration, login, mutual authentication, password renewal. The protocol also ensures user anonymity. We also demonstrate its resilience against known security attacks (e.g., insider attack, impersonation attack, session key computation attack), and its correctness using AVISPA simulationtool.2) Once the physical devices are authenticated, the next phase is secure end-to-end communication. For this, the proposed encryption technique is used on bilinear pairing with a small public parameter-size. We then demonstrate that it is IND-ID-CCA secure based on the decisional-SDH (Strong Diffie-Hellman) assumption.

CONCLUSION :

 In this paper, a new identity-based authenticated data sharing(IBADS) protocol is designed for cyber-physical cloud systems based on bilinear pairing. In the IBADS, there are two phases. First, a new data owner needs to register. Second, the data owner sends an encrypted message to the untrusted cloud controller using some client devices. We then demonstrated the security and correctness of the protocol, as well as evaluating its performance.