Authenticated Key Exchange
Protocols for Parallel Network File Systems
ABSTRACT
v
The
problem is inspired by the proliferation of large-scale distributed file
systems supporting parallel access to multiple storage devices.
v
Our
work focuses on the current Internet standard for such file systems, i.e.,
parallel Network File System which makes use of Kerberos to establish parallel
session keys between clients and storage devices.
v
Our
review of the existing Kerberos-based protocol shows that it has a number of
limitations.
v
In
this paper, we propose a variety of authenticated key exchange protocols that
are designed to address the above issues.
v
We
show that our protocols are capable of reducing up to approximately of the
workload of the metadata server and concurrently supporting forward secrecy and
escrow-freeness.
v
All this requires only a small fraction of
increased computation overhead at the client.
EXISTING SYSTEM
v study the problem of key establishment for secure many-to-many
communications. The problem is inspired by the proliferation of large-scale
distributed file systems supporting parallel access to multiple storage
devices.
v Our work focuses on the current Internet standard for such file
systems, i.e., parallel Network File System (pNFS), which makes use of Kerberos
to establish parallel session keys between clients and storage devices. Our
review of the existing Kerberos-based protocol shows that it has a number of
limitations: (i) a metadata server facilitating key exchange between the
clients and the storage devices has heavy workload that restricts the
scalability of the protocol; (ii) the protocol does not provide forward
secrecy; (iii) the metadata server generates itself all the session keys that
are used between the clients and storage devices, and this inherently leads to
key escrow.
PROPOSED SYSTEM
we propose a variety of
authenticated key exchange protocols that are designed to address the above
issues. We show that our protocols are capable of reducing up to approximately of the workload of the metadata server and
concurrently supporting forward secrecy and escrow-freeness. All this requires
only a small fraction of increased computation overhead at the client.
PROPOSED SYSTEM ALGORITHMS
Fault-tolerant striping algorithms.
ADVANTAGES
Finally, in the last
augmented game, we can claim that the adversary has no advantage in winning the
game since a random key is returned to the adversary.
Our
protocols offer three appealing advantages over the existing Kerberos-based
pNFS protocol.
System Architecture
MODULE DESCRIPTION
MODULE
Case Study and Data
Collection
v Parallel sessions
v Authenticated key
exchange
v Forward secrecy
v User
v Admin Authentication
v Cloud
MODULE
DESCRIPTION
v Parallel sessions
Ø parallel secure sessions between
the clients and the storage devices in the parallel Network File System (pNFS)
The current Internet standard—in an efficient and scalable manner.
Ø This is similar to the situation
that once the adversary compromises the long-term secret key, it can learn all
the subsequence sessions.
Ø If an honest client and an honest
storage device complete matching sessions, they compute the same session key.
Ø Second, two our protocols provide
forward secrecy: one is partially forward secure with respect to multiple
sessions within a time period.
Authenticated
key exchange:
Our primary goal in
this work is to design efficient and secure authenticated key exchange
protocols that meet specific requirements of pNFS.
The main results of
this paper are three new provably secure authenticated key exchange protocols.
We describe our design
goals and give some intuition of a variety of pNFS authenticated key exchange6
(pNFS-AKE) protocols that we consider in this work
Forward secrecy:
the protocol should guarantee the security of past session keys
when the long-term secret key of a client or a storage device is compromised.
However,
the protocol does not provide any forward secrecy.
To address
key escrow while achieving forward secrecy simultaneously, we incorporate a
Diffie- Hellman key agreement technique into Kerberos-like pNFS-AKE-I.
However,
note that we achieve only partial forward secrecy (with respect to v), by
trading efficiency over security.
1.Client
.
Ø
Share
Data
The user can share their data into
another user in same group the data will translate by path setting data.
Ø
Upload
Data
The user can
upload the file to cloud. And the Admin can allow the data to store the cloud.
Ø
Download
File
The user also download
the cloud file by the conditions.
1.
Server Authentication
Ø
Accept
user
The admin can accept the new user
request and also black the users.
Ø
Allow
user file
The users can
upload the file to cloud. And the admin can allow the files to cloud then only
the file can store the cloud.
3.CLOUD
Upload Data
The cloud can
upload the 3 types of files to users.
·
JAVA
·
DOT NET
·
PHP
SYSTEM SPECIFICATION
Hardware Requirements:
v System : Pentium IV 2.4 GHz.
v Hard Disk
: 40 GB.
v Floppy Drive :
1.44 Mb.
v Monitor
: 14’ Colour Monitor.
v Mouse : Optical Mouse.
v Ram :
512 Mb.
Software Requirements:
v Operating system : Windows 7 Ultimate.
v Coding Language : ASP.Net with C#
v Front-End : Visual Studio 2010 Professional.
v Data Base : SQL Server 2008.
System Design:
No comments:
Post a Comment