International Journal of Trend in Scientific

Research and Development (IJTSRD)

International Open Access Journal
ISSN No: 2456 - 6470 | www.ijtsrd.com | Volume - 2 | Issue – 5

Performance Analysis ooff Data Security Using Cryptographic Policy

With Instance Based Encryption iin Cloud Computing
Juhi Yadava1, Prof. S. R. Yadav2, Prof. Madhuvan Dixit3
1
PG Scholar, 2Head, 3Assistant Professor,
Department of CSE
CSE, MIT, Bhopal, Madhya Pradesh, India

ABSTRACT Keywords: Cloud Computing, Saas, Paas, Iaas,

This work discusses the security of data in cloud Cloud sim, Net beans, Data-In
In-Transit.
computing. It is a study of data in the cloud and
aspects related to it concerning security. The work 1. INTRODUCTION
will go in to details of data protection methods and Cloud computing is emerging as the best suited utility
approaches used throughout the world to ensure for organizations who dreamt for economic, feasible,
maximum
mum data protection by reducing risks and flexible and scalable computing service for its day to
threats. Availability of data in the cloud is beneficial day activities. The cloud computing offers network of
for many applications but it poses risks by exposing centralized computing infrastructure which can be
data to applications which might already have security deployed very fast and can also be scalable as per user
loopholes in them. Similarly, use of virtualizati
virtualization for requirements
rements with great efficiency and minimum
cloud computing might risk data when a guest OS is burden of managing the system. With its un- un
run over a hypervisor without knowing the reliability precedence advantages, cloud computing enables a
of the guest OS which might have a security loophole fundamental paradigm shift in how we deploy and
in it. This task will also provide an insight on data deliver computing services. Users and organizations
security aspects for Data-in-Transit and Data
Data-at-Rest. can avoid spending large rge amount of money and
The study is based on all the levels of SaaS (Software resources creating large capital outlays when
as a Service), PaaS (Platform as a Service) and IaaS purchasing and managing software and hardware, as
(Infrastructure as a Service). well as dealing with the operational overhead therein.

Growth of cloud computing is mainly hampered due In all types of computing systems and environments,
to these security concerns and challenges. Prope
Proper it is matter of great concern that the data and
security arrangements are need to be placed before applications remain secure and unauthorized access
selecting the service provider for any cloud must be prevented to stop unwanted use of
computing service and customers need to be very information but in cloud computing specific measures
careful about understanding the risks of security need to be taken and implemented to ensure data
breaches and challenges of using this new computing integrity, security, authentication and authorization. In
environment. comparison to the traditional computing environment,
data, applications, resources and processes remain at
The methodology implements on Cloud Sim 3.0.1 some unknown remotely located position in a cloud
toolbox, which is configure in Net Beans 8.1. The computing
puting environment. In cloud computing
outcome demonstrates that it gives improved environment if any breach of data occurs then both
execution contrasted with supplementary predictable the service provider and user are responsible and both
security algorithm. Crypto operation time, key are responsible to make cloud secure. In cloud
operation time
ime and total execution are reduced by computing mechanism of data storage, retrieval,
2.72%, 7.91% and 4.63% significantly. security, process,
s, application etc are to be kept hidden

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 5 | Jul-Aug

Aug 2018 Page: 1510
 International Journal of Trend in Scientific Research and Development (IJTSRD) ISSN: 2456-6470
from the actual user who only sees the response of his Now customers can opt for software and information
request. All the parameters, processes, mechanisms, technology services according to his requirements and
applications and resources which are meant to secure can get these services on a leased basis from the
user interface with the cloud always remain hidden network service provider and this has the facility to
from him, which makes him more vigilant about the scale its requirements to up or down. (Prof. Dr.
issues of data loss and security of his private Pradeep Kumar Sharma, Prof. Dr. Prem Shankar
information, which ultimately decreases the progress Kaushik, Prerna Agarwal; L 2017)
of cloud.
Along with the growing popularization of Cloud
Any unwanted person can affect the user data, Computing, Cloud storage technology has been paid
applications, data servers, hardware or software of the more and more attention as an emerging network
cloud infrastructure if proper security mechanisms are storage technology which is extended and developed
not placed at appropriate levels. Cloud computing by cloud computing concepts.( Diao Zhe, Wang
offers a big lot of resources, applications and facilities Qinghong, Su Naizheng and Zhang Yuhan; 2017)
to the user which in general he cannot afford to have
but at the same time service providers have to protect “Cloud” is a common metaphor for an Internet
the cloud infrastructure by employing suitable accessible infrastructure (e.g., data storage and
security mechanisms. Cloud computing definitely computing hardware) that is hidden from users. Cloud
provide a cost effective and beneficial service models computing makes data truly mobile and a user can
for various users but in terms of security and issues simply access a chosen cloud with any internet
related to privacy of data and user application usage accessible device. In cloud computing, IT-related
profiles are still a big challenge to address and capabilities are provided as services, accessible
research. Performance of the cloud computing system without requiring detailed knowledge of the
is largely affected by these security issues. To ensure underlying technology.( Wang Qinghong, Su
some level of security service providers are trying to Naizheng; 2017)
provide some mechanism like virtualization,
authentication mechanisms and cryptography Cloud computing turned into the most predominant
techniques but these mechanisms have some chances innovation in recent years. This innovative technology
to be affected also. While data, services, controls and provides services to the customers for software and
web applications are made available to cloud system, hardware. One can state that distributed computing
their control is lost. Cloud computing environment is can blast the portable business. (Shazia Tabassam;
a shared facility for data access making security issue 2017)
about data privacy, personal privacy, authentication,
compliance, confidentiality, integrity, encryption, Off-site data storage is an application of cloud that
internet protocol where most of the IP services are un- relieves the customers from focusing on data storage
trusted. In addition, Service Level Agreement (SLA) system. However, outsourcing data to a third-party
between user and service provider, third party administrative control entails serious security
management, risk of virtualization, non availability of concerns. Data leakage may occur due to attacks by
good standards, auditing process, law for compliance other users and machines in the cloud. (Mazhar Ali,
and regulations are other factors for security in cloud Saif U. R. Malik, Samee U. Khan; 2017)
environment.
Cloud computing is a model which provides on-
2. Realted Work demand delivery of Information Technology (IT)
Cloud computing is one of the fastest emerging related capabilities or resources through the Internet
technologies in computing. There are many to the outside world. Despite the advantages of cloud
advantages as well few security issues in cloud computing, the security of the data and resources is
computing. This paper explores the different data still doubtful which affect the cloud adoption.
security issues in cloud computing in a multi-tenant (Manpreet Kaur, Kiranbir Kaur; 2016)
environment and proposes methods to overcome the
security issues. (P. Ravi Kumar, P. Herbert Raj, P.
Jelciana, 2017)

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 5 | Jul-Aug 2018 Page: 1511
 International Journal of Trend in Scientific Research and Development (IJTSRD) ISSN: 2456-6470
3. Methodology 4. Results And Analysis
CP-IBE used to facilitate key management and We used Java for implementing a working prototype
cryptographic access control in an expressive and of CPIBE. The .Net cryptographic packages were
efficient way. An attribute descriptive string assigned used for the involved cryptographic operations. Large
to a user and each user may be tagged with multiple prime numbers were handled by using the cloud based
attributes under the construction of CP-IBE. Multiple cryptography classes. Policies were uploaded as a
users may share common attribute which allow separate file to the cloud and the KM.
sensors to specify a data access policy by composing
multiple attribute through logical operators such as Table 1: Analysis of Key Establishment Time
“AND”, “OR”. (In sec)
File Upload Download
The Algorithm of proposed methodology CPIBE Size DaSCE[ CPIBE DaSCE[ CPIBE
(Cryptographic Policy with Instance Based (in 6] (Propose 6] (Propose
Encryption) is as follows: kb) d) d)
1. Setup: Defines the universal attribute set (U), 0.01 0.1 0.074 0.97 0.068
computes the public key (PK) and master key 1 0.098 0.068 0.99 0.072
(MK). 10 0.09 0.062 0.97 0.071
2. Encryption (PK, M, A): Takes input the public 100 0.15 0.84 0.95 0.78
key PK, message M and an access structure. A 1000 0.23 0.095 0.99 0.063
built over the universal attribute set U. Gives as 1000 0.28 0.098 0.98 0.059
output the cipher text CT. Only users having a set 0
of attributes corresponding to the access structure
A can decrypt the cipher text (CT).
3. Key Generation (MK, S): Takes as input a master
key MK and the user set of attributes S and
generates the user’s secret key SK.
4. Decryption (PK, CT, SK): Takes as input the
public key PK, cipher text CT and a secret key
SK. It returns a message M that is plain text of
CT.

The flowchart of methodology is as follows

Figure 2: Comparison of Key Establishment Time
(in sec.) in between of DaSCE[6] and CPIBE
(Proposed) (upload case)

Figure 3: Comparison of Key Establishment Time

(in sec.) in between of DaSCE[6] and CPIBE
(Proposed) (download case)

Figure 1: Flowchart of Methodology (CPIBE)

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 5 | Jul-Aug 2018 Page: 1512
 International Journal of Trend in Scientific Research and Development (IJTSRD) ISSN: 2456-6470
Table 2: Analysis of Crypto Operation Time
(In sec)
File Upload Download
Size Da CPIBE CPIBE
Da SCE
(in SCE (Propos (Propos
[6]
kb) [6] -ed) -ed)
0.01 0.059 0.035 0.062 0.057
1 0.076 0.041 0.068 0.061
10 0.083 0.078 0.073 0.069
100 0.092 0.081 0.075 0.063 Figure 6: Comparison of Key Transmission Time
1000 0.14 0.094 0.187 0.096 (in sec.) in between of DaSCE[6] and CPIBE
10000 0.29 0.14 0.548 0.18 (Proposed) (upload case)

Figure 4: Comparison of Crypto Operation Time Figure 7: Comparison of Key Transmission Time
(in sec.) in between of DaSCE[6] and CPIBE (in sec.) in between of DaSCE[6] and CPIBE
(Proposed) (upload case) (Proposed) (download case

Table 4: Analysis of File Transmission Time

(In sec)
File Upload Download
Size DaS CPIBE CPIBE
DaSCE
(in CE[6 (Propos (Propos
[6]
kb) ] ed) ed)
0.01 0.24 0.18 0.018 0.007
1 0.48 0.36 0.059 0.019
10 0.53 0.39 0.185 0.091
Figure 5: Comparison of Crypto Operation Time
100 0.82 0.57 0.97 0.14
(in sec.) in between of DaSCE[6] and CPIBE
1000 1.26 0.95 1.17 0.98
(Proposed) (download case)
10000 9.83 6.79 27.3 18.38
Table 3: Analysis of Key Transmission Time
(In sec)
File Upload Download
Size CPIBE CPIBE
DaSC DaSCE
(in (Propos (Propos
E[6] [6]
kb) ed) ed)
0.01 0.093 0.067 0.091 0.077
1 0.094 0.071 0.092 0.079
10 0.091 0.069 0.089 0.082
100 0.092 0.071 0.094 0.084 Figure 8: Comparison of File Transmission Time
1000 0.098 0.074 0.096 0.085 (in sec.) in between of DaSCE[6] and CPIBE
10000 0.089 0.076 0.093 0.081 (Proposed) (upload case)

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 5 | Jul-Aug 2018 Page: 1513
 International Journal of Trend in Scientific Research and Development (IJTSRD) ISSN: 2456-6470
secret sharing mechanism. We modelled and analyzed
FADE. The analysis highlighted some issues in key
management of FADE. CPIBE improved key
management and authentication processes. The
performance of the CPIBE was evaluated based on the
time consumption during file upload and download.
The results revealed that the CPIBE protocol can be
practically used for clouds for security of outsourced
Figure 9: Comparison of File Transmission Time data. The fact that the CPIBE does not require any
(in sec.) in between of DaSCE[6] and CPIBE protocol and implementation level changes at the
(Proposed) (download case) cloud makes it highly practical methodology for
cloud.
5. Conclusions and Future Work
The main goal of this work was to analyze and In future, the CPIBE methodology can be extended to
evaluate the security techniques for data protection in secure group shared data and secure data forwarding.
the cloud computing. For that purpose we analyzed Cloud computing can become the frontrunner for a
and evaluated the most important security techniques secure, flexible, scalable, cost effective, virtual and
for data protection that are already accepted from the user friendly tool for information technology enabled
cloud computing providers. We classified them in services.
four sections according to the security mechanisms
that they provide: authentication, confidentiality, We recommended important security measures
access control and authorization. relating to data protection in the cloud that must be
taken into account. We also proposed a lot of issues
So, we successfully answered on the key questions in that should be considered in order to have improved
the cloud technology, or simply said should cloud data security in the cloud computing, like proper
computing be trusted in data protection. We can usage of administrative privileges, wireless access
conclude that if all recommended measures are taken control of the data in systems that use wireless
into account providing authentication, confidentiality, networks, data recovery and boundary defence in the
access control and authorization, then the cloud cloud.
computing can be trusted in data protection.
6. References
We also focused on the security issues that should be 1. P. Ravi Kumar, P. Herbert Raj, P. Jelciana,
taken into account in depth in order to have proper “Exploring Data Security Issues and Solutions in
data security in the cloud. We recommended Cloud Computing”, 6th International Conference
important security measures relating to data protection on Smart Computing and Communications,
in the cloud that must be taken into account. We also ICSCC 2017, Kurukshetra, India.
proposed a lot of issues that should be considered in 2. Prof. (Dr.) Pradeep Kumar Sharma, Prof. (Dr.)
order to have improved data security in the cloud Prem Shankar Kaushik, Prerna Agarwal, “Issues
computing, like proper usage of administrative And Challenges of Data Security In A Cloud
privileges, wireless access control of the data in Computing Environment”, IEEE Conference on
systems that use wireless networks, data recovery and Cloud Computing, 2017.
boundary defence in the cloud.
3. DIAO Zhe, WANG Qinghong, SU Naizheng and
We proposed the CPIBE protocol, a cloud storage ZHANG Yuhan “Study on Data Security Policy
security system that provided key management, Based On Cloud Storage”, IEEE 3rd International
access control, and file assured deletion. Assured Conference on Big Data Security on Cloud, 2017.
deletion was based on policies associated with the 4. WANG Qinghong, SU Naizheng, “High
data file uploaded to cloud. On revocation of policies, performance and security in cloud computing”,
access keys are deleted by the KMs that result in Wiley Journal of Cloud Computing, 2017.
halting of the access to the data. There-fore, the files
were logically deleted from the cloud. The key 5. Shazia Tabassam, “Security and Privacy Issues in
management was accomplished using (k, n) threshold Cloud Computing Environment”, Journal of

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 5 | Jul-Aug 2018 Page: 1514
 International Journal of Trend in Scientific Research and Development (IJTSRD) ISSN: 2456-6470
Information Technology & Software Engineering, 11. Dr. K.B.Priya Iyer, Manisha R, Subhashree
2017. R,Vedhavalli K, “Analysis of Data Security in
6. Mazhar Ali, Saif U. R. Malik, Samee U. Khan, Cloud Computing”, International Conference on
“DaSCE: Data Security for Cloud Environment Advances in Electrical, Electronics, Information,
with Semi-Trusted Third Party”, IEEE Communication and Bio-Informatics, 2016.
Transactions on Cloud Computing, 2017. 12. Ahmed Albugmi, Madini O. Alassafi, Robert
7. Manpreet Kaur, Kiranbir Kaur, “A Comparative Walters, Gary Wills, “Data Security in Cloud
Review on Data Security Challenges in Cloud Computing”, 5th International Conference on
Future Generation Communication Technology,
Computing”, International Research Journal of
Engineering and Technology (IRJET) Volume: 2016.
03, Issue: 01, Jan-2016. 13. Selvamani K, Jayanthi S, “A Review on Cloud
Data Security and its Mitigation Techniques”,
8. B. Hari Krishna, Dr.S. Kiran, G. Murali, R.
International Conference on Intelligent
Pradeep Kumar Reddy, “Security Issues In
Computing, Communication & Convergence,
Service Model Of Cloud Computing
2015.
Environment”, 2016 International Conference on
Computational Science. 14. R. Velumadhava Rao, K. Selvamani, “Data
Security Challenges and Its Solutions in Cloud
9. Naresh vurukonda, B.Thirumala Rao, “A Study
Computing”, International Conference on
on Data Storage Security Issues in Cloud
Intelligent Computing, Communication &
Computing”, 2nd International Conference on
Convergence, 2015.
Intelligent Computing, Communication &
Convergence. 15. Yunchuan Sun, Junsheng Zhang, Yongping Xiong
and Guangyu Zhu, “Data Security and Privacy in
10. Kire Jakimoski, “Security Techniques for Data
Cloud Computing”, International Journal of
Protection in Cloud Computing”, International
Distributed Sensor Networks, Volume 2014.
Journal of Grid and Distributed Computing Vol. 9,
No. 1 (2016).

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 5 | Jul-Aug 2018 Page: 1515