Utilizing Multi Stage Attestation for Secure Cloud Data Retrieval

Abstract

The Advancement in data storage has taken a major leap. Due to Current trending technologies that have been taken place many companies find it convenient to store the data in Cloud. Cloud Computing refers to the storage, networking, operations, etc... in a single place with a pay as you use pricing. Due to these kind of numerous advantages companies use cloud to store the data. Now the problem with the cloud is there is no specific Authentication measures that have been taken place while storing and retrieving the data. So, we are proposing a Multi Stage Authentication(MSA) method to encrypt and decrypt the data with the help of a Image that acts a Secondary stage of Authentication. As there is a three-step process that goes on when the data is transferring the whole process becomes reluctant to any data leaks or data loss.

Introduction

I. INTRODUCTION

In the cloud while the data is accessed or stored, we get a lot of problems in maintaining the credibility of the data. However, to address these issues there are several practices that have been done in the past but they require different authentication and encryption techniques and also require additional hardware which adds up cost and time. So to overcome this we a specific algorithms which generates and selects unique set of keys in order to access the data. Also, there will be a fitness check which will be done to measure the safety of those keys such that nothing can be hacked. The primary procedure involves the user registering on the website. After that, a set of images will be shown to the user, who must be cropped and stored on their data base. In the Next step while logging in the user while be prompted with set of images and the user has to select correct image in order to store and retrieve the data.

II. METHODOLOGY

There are several Modules that describes the process of storing and retrieving the data. Due to these Modules we can efficiently transfer the data to and fro from the cloud.

A. Authentication

Authentication is the process which determines the identity of a client. The key aspects of authentication vary depending on how you are accessing Cloud Storage, but fall into two general types: A server-centric flow allows an application to directly hold the credentials of a service account to complete authentication. A user-centric flow allows to hold credentials from end user.

B. Data Security

This is one of the important modules when it comes to cloud-based storage. Due to various types of models present in the cloud securing the data is one of the important parts as the whole thing relies on the authenticity of the data. So, we have to use various authentication measures in order to maintain the credibility of the data that is being stored on the cloud.

C. Data Retrieval

The data retrieval becomes a major aspect while accessing the data from the cloud because if the authenticity of the data is not maintained while retrieving then it becomes a major problem for the user so the whole process of storing and retrieving should be encrypted and decrypted. We can use different authentication mechanism to ensure smooth data retrieval.

D. Uploading/ Downloading of Files

After the process of encryption and decryption is completed we can choose to upload the files that we want and the data will be encrypted and uploaded on to the cloud. Now whenever we want to access or download the data then after the authentication through image we can decrypt and access the data. The whole process needs to be transparent.

E. Architecture

From The engineering of an information secure and recovery framework on the cloud utilizing streamlined Blowfish calculation regularly includes a few parts and cycles, including:

1. Client-side Encryption: The information is first scrambled on the client-side prior to being transferred to the cloud. This guarantees that the information is safeguarded regardless of whether it is caught during transmission.
2. Distributed Storage: The encoded information is put away on the cloud, for example, on Amazon Web Administrations (AWS) or Microsoft Sky blue.
3. Key Administration: The encryption keys used to encode and decode the information are overseen safely by the framework. This incorporates creating and putting away the keys safely, as well as appropriating them to approved clients.
4. Recovery: When a client demands admittance to the information, the encoded information is recovered from the cloud and decoded on the client-side utilizing the suitable key.
5. Streamlining: The Blowfish calculation can be upgraded to build its exhibition on the cloud. For instance, equal handling can be utilized to speed up encryption and unscrambling of a lot of information.

The improved Blowfish calculation is a symmetric key calculation that utilizes a block code to scramble information. It is viewed as secure and has been generally utilized for information encryption. In general, the design of an information secure and recovery framework on the cloud utilizing improved Blowfish calculation includes cautious administration of encryption keys and secure stockpiling of encoded information to guarantee that delicate information is shielded from unapproved access or divulgence.

III. MODELING AND ANALYSIS

In the process of Secure data retrieval we use several algorithms that helps us in storing the data in to cloud using the encryption and decryption. The Algorithms that we have used to maintain the authentication is as follows.

Blowfish is a symmetric-key block figure that was planned in 1993 by Bruce Schneier. It is generally utilized in different cryptographic applications, including encryption, unscrambling, advanced marks, and hash capabilities. To streamline the Blowfish calculation, there are a few methodologies that can be utilized, for example,

1. Look-into Tables: One of the most widely recognized advancement procedures utilized in Blowfish is to precompute and store enormous look-into tables. These tables are utilized during the encryption and decoding cycle to save calculation time. By utilizing look-into tables, the Blowfish calculation can be made quicker.
2. Vectorization: One more strategy that can be utilized to enhance Blowfish is vectorization. This procedure includes handling various blocks of information at the same time by utilizing extraordinary guidelines that are accessible on current central processors.
3. Parallelization: Blowfish can likewise be enhanced by utilizing parallelization strategies. Parallelization includes partitioning the encryption and decoding process into more modest subtasks that can be handled all the while on numerous centers or processors.
4. Equipment Speed Increase: One more method for enhancing Blowfish is to utilize equipment speed increase. By executing Blowfish in devoted equipment, the encryption and unscrambling cycle can be made a lot quicker than programming-based executions.
5. Compromises Among Security and Speed: It's essential to take note of that streamlining Blowfish for speed can in some cases undermine its security. Subsequently, it's crucial for find the right harmony among security and speed in light of the particular prerequisites of the application.

In rundown, enhancing the Blowfish calculation can be accomplished by utilizing a mix of these methods. Be that as it may, it's critical to assess the effect of every streamlining method on both the speed and security of the calculation prior to executing it.

The Crow Search Algorithm (CSA) is an as of late proposed swarm knowledge streamlining calculation that is motivated by the way of behaving of crows. The calculation is intended to tackle streamlining issues by mimicking the hunt conduct of crows. The CSA calculation begins by introducing a populace of up-and-comer arrangements, which are addressed by a bunch of choice factors. Then, the calculation utilizes a bunch of administrators to produce new up-and-comer arrangements, in view of the pursuit conduct of crows. These administrators incorporate the accompanying:

Investigation: This administrator reenacts the irregular inquiry conduct of crows, which includes arbitrarily investigating the pursuit space to track down new applicant arrangements.

Abuse: This administrator reproduces the engaged inquiry conduct of crows, which includes zeroing in on promising locales of the pursuit space to track down better applicant arrangements.

Memory: This administrator mimics the capacity of crows to recollect promising districts of the hunt space and to return to them later in the pursuit cycle.

The CSA calculation utilizes a bunch of boundaries to control the pursuit conduct of the crows, for example, the crow populace size, the investigation rate, the double-dealing rate, and the memory rate. These boundaries can be tuned to work on the exhibition of the calculation. The CSA calculation has been demonstrated to be viable at tackling an extensive variety of improvement issues, including capability enhancement, boundary assessment, and element choice. It has likewise been demonstrated to be serious with other multitude insight advancement calculations, for example, molecule swarm improvement and subterranean insect settlement streamlining.

IV. RESULTS AND DISCUSSION

After executing the Final output that we are going to get is a dynamic web page which asks for the user credentials.  And the output screen tells us the process of encryption and decryption of data.

Conclusion

This Paper presents another protected steering model via completing ideal way determination and encryption. Distributed computing has turned into the infrastructural base for future processing ideal models. However, the security weaknesses in a cloud-based framework endure as a crucial bottleneck. In this way, a combination of homomorphic and symmetric calculations has been proposed to manage cloud information security issues. Multi-cloud frameworks take out the disadvantages of a solitary cloud framework.

References

[1] M. Alotaibi, ‘‘Security to wireless sensor networks against malicious attacks using Hamming residue method,’’ EURASIP J. Wireless Commun. Netw., vol. 2019, no. 1, pp. 1–7, Dec. 2019. [2] C. W. Badenhop, S. R. Graham, B. W. Ramsey, B. E. Mullins, and L. O. Mailloux, ‘‘The Z-Wave routing protocol and its security implications,’’ Comput. Secur., vol. 68, pp. 112–129, Jul. 2017. [3] M. Tao, X. Li, H. Yuan, and W. Wei, ‘‘UAV-aided trustworthy data collection in federated-WSN-enabled IoT applications,’’ Inf. Sci., vol. 532, pp. 155–169, Sep. 2020. [4] B. R. Rajakumar, ‘‘Static and adaptive mutation techniques for genetic algorithm: A systematic comparative analysis,’’ Int. J. Comput. Sci. Eng., vol. 8, no. 2, p. 180, 2013, doi: 10.1504/IJCSE.2013.053087. [5] D. Airehrour, J. A. Gutierrez, and S. K. Ray, ‘‘Sectrust-RPL: A secure trust-aware RPL routing protocol for Internet of Things,’’ Future Gener. Comput. Syst., vol. 93, pp. 860–876, Apr. 2019. [6] W. Rehan, S. Fischer, M. Rehan, Y. Mawad, and S. Saleem, ‘‘QCM2R: A QoS-aware cross-layered multichannel multisink routing protocol for stream based wireless sensor networks,’’ J. Netw. Comput. Appl., vol. 156, Apr. 2020, Art. no. 102552.

Copyright

Copyright © 2023 Shilpa Thakur, N Anvesh Reddy, M. S. Shasshank Khumar Reddi, Konduru Surya Teja. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.