Privacy Preserving Using Encryption Proxy in Data Security

International Journal of Scientific Research in ______Research Paper . Computer Science and Engineering Vol.5, Issue.2, pp.36-41, Apr (2017) E-ISSN: 2320-7639

Privacy Preserving using Encryption Proxy in Data Security

V.K. Saxena1*, S. Pushkar2 1* School of Engineering and Technology, Vikram University, Ujjain, India 2 Department of Computer Science and Engineering, Birla Institute of Technology, Mesra, India

*Corresponding Author: [email protected]

Available online at: www.isroset.org Received 12th Feb 2017, Revised 26th Feb 2017, Accepted 18th Mar 2017, Online 30th Apr 2017 Abstract____ Cloud computing is altering the approach that organizations handle their information, suitable to its strength, low down expenditure and omnipresent nature. Privacy concerns occur each time susceptible information is redistributed to the cloud. This paper presents architecture for storage to the cloud database that averts the partial proprietor along with the cloud supervisor to find out the redistributed database substance. Furthermore, machine legible rights terms are used in a bid to bound end users of the database. These restrictions are not unstable by supervisors after the database associated request is launched, because a novel task of privilege editors is defined once an application is launched. Additionally, dependable computing is functional to bind cryptographic key notwithstanding trusted states. By preventive the obligatory belief in both commercial as well as outside supervisors and service providers, we work against the often scarified privacy and understanding risks of commercial cloud computing.

Keywords____ Data security, Access control, Outsourcing, Privacy, Software architecture

I. INTRODUCTION small secure storage for decryption keys. A practical solution based on this approach is the Microsoft Bitlocker [3], which In isolated servers, data storage of commercial data is not a uses TPM (Trusted Platform Module[4]) chip as a storage for recent development, existing growth of cloud computing decryption keys. This system is based on Linux operating rationalize a more vigilant appearance at its genuine system. Here using of TPM sealing function with a key-file ramifications involving privacy and secrecy issues. for dm-crypt with LUKS[5]. The de facto standard for access Introduction of protected privacy preserving cloud database control languages at present is the eXtensible Access Control storage architecture is a new approach. Focus on the SaaS [1] Markup Language, i.e., XACML[6]. Using XACML, one is sort of computing model. The proposed architecture satisfies able to realize a fine grained and flexible access control the need of an organization so that the trust of client users, policy. Because XACML is XML based, we can implant system administrators and service providers can be fulfilled. XML- Signatures [7] to protect submission of new access- Remote admittance to commercial networks is already an control-rule-files. Kubiatowicz et al. [8] describe architecture important facet of the corporate work environment. for encrypted determined storage in the Cloud called Employees can use their systems from inside the corporate OceanStore; Sadeghi et al. [9] explain a technique during Intranet, along with remotely from home. In both scenarios, usage of a tamper-proof hardware token. This method applies applications require effective requests and use of Cloud- to a cloud service provider which is based on trusted based computing resources. computing platform. Another project is from Pearson et al. [10], [11] that combines some of the previous techniques. Privacy concerns occur at any time susceptible data is The key idea is the formation of a Privacy Manager, and a outsourced to the cloud. By using encryption, the cloud function represented by a Trusted Platform Module. The server is prohibited from learning substance in the outsourced PrimeLife project [12] has developed a system that relates the databases. Two situations arises here; first, can we prevent a PRIME privacy technologies with XACML access control. local administrator from learning the database content and However, all these systems do not address safeguards against second, can we avoid scenarios such that employees using internal attackers. cloud applications may be trained more than it is essential to execute their respective duties. While in public an employee cannot access all the data stored on the cloud, there frequently exists in a company at least one Maheshwari et. al. [2] describes a way of securing bigger restricted role with unlimited administrative accesses. This untrusted storage such as a hard-disk. This solution desires a paper proposed cloud database storage architecture which

© 2017, IJSRCSE All Rights Reserved 36 Int. J. Sci. Res. in Computer Science and Engineering Vol.5(2), Apr 2017, E-ISSN: 2320-7639 provides data privacy without require to trust corporate these metrics to other parties. Regarding PC or server administrators along with external cloud administrators. A hardware the hardware chip is called the Trusted Platform company has call-in client contacts organized over an Module (TPM) and the process of reporting the veracity of a external call-center. We would like to edge the access-count platform is known as remote testimony. TPM has a sheltered of readable client files towards external employees in order to non-volatile memory to store RSA-keys and can bind a file to reduce the risk of losing sensitive data. a specific hardware state. Moreover, software based Trusted Platform Module [18] was proposed. In such a way the The paper is prepared as follows. Section 2 describes, general Infrastructure as a Service (IaaS) systems may offer TPM- idea of the technologies used in the system. Section 3 like functions in a virtual environment. describes proposed system and section 4 and 5 expounds the system components in details. Section 6 describes security Table 1: Role Overview factors. Role Name Identifier Rights System A backup encrypted data II. BACKGROUND ON RELATED TECHNOLOGIES Administrator & setup Encryption Proxy’s XACML editor E1,E2,….,En develop and activate This subsection describes general idea of the technologies new access rules used in the intended system. These are in particular the Developer D create new requests Extensible Markup Language (XML) based standards Employee/Worker W1,W2,….,Wm access a limited amount XMLEncryption, XML-Digital-Signatures and XACML. of data sets Moreover, we make use of the Trusted Platform Module (TPM) and utilize homomorphic encryption. III. PROPOSED SYSTEM CONCEPT

2.1. XML: The Extensible Markup Language (XML) is Our aim is to construct a secure system that can repel both considered for Internet Application utility. Usually, the outsider and insider attackers. Many previous researchers specification describes a way to encode information in a arrangement with issues related to outsider attackers. This plain text file [13]. The file format is both machine and system associates many accessible techniques which we human readable. XML document encoding was designed in clarify in the following sections. We sum up the interaction 1996 by the World Wide Web Consortium [14]. roles of the system in Table I.

2.2.XML Encryption: The Extensible Mark-up Language Data accessibility has a very high precedence in any Encryption Syntax and Processing is an extension to the company operations. In this system, all data are stored XML syntax [15]. The syntax makes embedding of encrypted. The backup of the database is performed regularly encryption within XML files possible. The XML-encryption by the cloud service; in addition, we require a backup of the includes the subsequent features: encryption of a whole XML Encryption Proxies with the corresponding decryption keys document, encryption of a solitary element and the content of for the system integrity. We automate the backup system for an element. Moreover, encryption upon encryption is also Encryption Proxies by establishing system truthfulness first, feasible. Geuer-Pollmann proposed a way of hiding elements then exchanging the decryption keys over a secure channel. by position shifting in a XML document [16]. All session keys are TPM sealed. By analyzing specific PCR values, we are capable to attest the integrity between identical 2.3. XML-Signature: The standard XML Signature Syntax hardware. And only if both Encryption Proxies have the same and Processing is provided by World Wide Web Consortium state, the switch over of their key material can take place. [7]. It grants signature embedding within a XML file. Using XACML, this system not only can edge the number of queries q by an employee Wj, it is also probable to setup a 2.4.XACML: The eXtensible Access Control Markup fine grained access control structure. XACML rewriters Language (XACML) is developed by the OASIS committee should follow the what-need-to-know standards. With respect [17]. XACML is an XML based access control language [6]. to confidentiality, employees must only access what they It defines a policy format, also a request and reply message need in their jobs, so system administrators do not need to format. Furthermore, XACML grants users to define policies, access the productive database. In particular, we desire to combination of policies and attribute based limitations which avoid the possibilities of employees copying the entire we can employ to realize our system and define request limits database. in addition to the four-eyes principle XACML file. With this in mind, the process of integrating a new function 2.5. Trusted Platform Module: The Trusted Computing in the system is as follows. We illustrate this by allowing for Group(TCG) proposed a trust model where each device is our old example: design a new per-salesman business volume request for the call center. First a developer D has to design equipped with a hardware root-of-trust associated with the the new request and sends it to an editor. Next a XACML platform that can measure integrity metrics and may confirm trusted editor Ei (among all editors M = { E1,E2,….,En}

© 2017, IJSRCSE All Rights Reserved 37 Int. J. Sci. Res. in Computer Science and Engineering Vol.5(2), Apr 2017, E-ISSN: 2320-7639 integrates the request and sets up the access rights for the plays the function of data management. The size of the cloud new request. After incorporation and setting up the new rules, is not restricted, for example that our system would work on the new XACML file is signed and sent to another editor Ei ≠ a private cloud or single database server. The content of the Ej. The second editor then reviews the XACML file and after productive database is encrypted. The user solitude and verification signs the file next. confidentiality is achieved because the clouds have no access to the original database content. The clients are not bound to The new access control file can now be circulated over the a single Encryption Proxy, and it is also probable to use a Encryption Proxies. An Encryption Proxy acquires a new load balancer to enhance the performance of the system. XACML file on the condition: the file is signed by two (or more) editors and all their signatures are fine. If the file is not V. ENCRYPTION PROXY proper, or correctly signed, the system rejects the new file and falls back to the current rights (for availability reasons). Figure 2 gives a detailed view of the encryption proxy. A

clarification of the symbols we use in this section: [x]τ, {x}τ , The system administrator A has the role of setting up a and [[x]]τ mean respectively asymmetric encryption of x, situation, and a base system for the encryption proxy. At this stage, the system administrators have privileges of doing signing of x, and homomorphic encryption of x using the key everything they like in the system. The system supplements τ [19], [20]. The Linux-based encryption proxy has three are not anymore modifiable except for those unmeasured parts: a user-engine, a rule-engine, and a secure storage. TPM configurations. This is the post-system setup stage, in which is used to provide secure data storage. The TPM measures system-administrators A have the tasks of cloning new and stores the system BIOS boot in PCR 0-7, IMA Grub in encryption proxies (same hardware, same software and same PCR 8- 9 and 12-14 and IMA-kernel in PCR 10. PCR 10 configuration) and supervision the configuration files. The reflects any program alteration in the system [21]. In adding, system administrators have for each proxy an admin-panel, the system provides no login shell. so he can suggest new (valid-signed) XACML-files, modify the administration credentials (for the admin-panel), and to TPM measurements by themselves do not stop the system edit lists of used cloud databases. from insecure operations. The TPM sealing function binds data to a secure state. In order to carry out the sealing figure 2 IV. SYSTEM ARCHITECTURE DETAILS functions, the TPM binds on the states which are performed by all the PCRs. Since Boot-up decryption of the whole secure storage takes long, we suggest transparent disk encryption dm-crypt with LUKS[5]. This allows decryption only on-demand and reduces time consumption while the Cloud system is booting up. Instead, we require an access control language such as XACML for the rule-engine. XACML enables us to have complex access rights together with XML- Signatures. We can specify rules to edge the daily requests for call center employees (as stated in the introduction) and prevent download of the whole database. As an illustration, Secure

Encryption proxy we added in figure 3 a readable XACML document with two TPM storage

signatures, which are alike to those used in our system. The

rule-engine uses its secure storage to store data management information (e. g. realize the organization of the data within the cloud). In the rule-engine, the first request fires the decryption signal to TPM to access its secure storage. This will only be successful if no PCR has changed since the

creation of the database. Only the content of the secure- User

User User storage is changeable within the encryption proxy. Client

Client Client Furthermore, only the XACML-file, the admin-panel

credentials, the list of trusted XACML-Editors M and the Figure 1: System Overview credentials for the used cloud databases are changeable.

The prolific database is stored in the cloud, and our projected Figure 2 shows a detailed overview of a user request. A user architecture aims to protect the content of the database. The here interacts with the web interface of the system. If the web system reposes of a Data Management, Encryption Proxy and interface needs some information from the system, it sends a a User Interface. The cloud sustains database services and

Figure 2: Encryption Proxy View request req together with the session ID SID. Communication engine checks the signature. If the signature is genuine, the to the user-client is over a secure channel (TLS). User-client system will decrypt the user credentials cred. The user- UC afterwards creates a XML-RPC request to the user- engine next analyses the credentials. The user-engine engine UE. This XML-RPC consists of the credentials cred appends the UserID UID and the GroupID GID to encrypted and the request from web interface. To secure the request, all requests and forwards it to the rule-engine. parts are encrypted (with XML-ENC) and the whole request {…}UC is signed (XML-DSIG) by the UC. The credentials Next the rule-engine looks up the access control file for are encrypted with the user-engine key [cred]UE consequently allowed functions related to UID (or GID). When a function the req from the web interface is encrypted with the rule- P is found, the rule-engine also ascertained the used fields f. engine RE key [req]RE. After receiving a request, the user-

With that the RE search in the secure-storage for the used against outsider assaulters, but also corrupt abettors. database d and the decryption keys kf . Next the RE Suggested system displaces the information-centric approach calculates the computation request for the database P(f) and which desires to make cloud data self-intelligent. In this sends the request to the cloud database. approach, cloud data are encrypted and packaged with a usage policy. The data when accessed will check with its 1 policy, create a virtualization environment, and effort to

In the paper our contribution is privacy preserving database 5 This is an example XACML- file storage architecture. Such a system is often desirable in a corporate setting, in which database containing sensitive 7 information need to be protected not only against outsider 9 administrators, service providers, but also local administrators. Our system also allows via machine readable 11 rights expressions depth control over information that is . . . allotted to a particular user. 13 REFERENCES 15 This is an example rule [1] A. Basu, J. Vaidya, H. Kikuchi, T. Dimitrakos, S.K. Nair, 17 “Privacy preserving collaborative filtering for SaaS enabling PaaS clouds”, Journal of Cloud Computing: Advances, Systems 19 and Applications, Vol.1, Issue.1, pp.1-8, 2012. [2] U. Maheshwari, R. Vingralek, and W. Shapiro, “How to build a trusted database system on untrusted storage”, Proceedings of the 21 4th USENIX Symposium on Operating System Design and Implementation, Berkeley, pp. 121-130, 2000. 23 . . . [3] N. Ferguson, “AES-CBC + Elephant diffuser A Disk Encryption Algorithm for Windows Vista”, Microsoft, Washington, pp,1-22, 25 2006. . . . [4] Jan De Clercq, Guido Grillenmeier, “Microsoft Windows Security 27 Fundamentals: For Windows 2003 SP1 and R2”, Digital Press, India pp.1-832, 2011. [5] C. Fruhwirth, “LUKS On-Disk Format Specification Version 1.1”, 29 . . . from code.google.com, California, pp.1-13, 2008. . . . [6] C. Steel, R. Nagappan, “Core Security Patterns: Best Practices 31 . . . and Strategies for J2EE Web Services, and Identity Management”, Pearson Education, India, pp.1-999, 2006. 33 [7] Mark Bartel, “XML Signature Syntax and Processing”, iUniverse, . . . United States, pp.1-84,2000. 35 . . . [8] J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. . . . Geels, R. Gummadi, S. Rhea, H. Weatherspoon, C. Wells, B. Zhao, “OceanStore: an architecture for global-scale persistent 37 storage”, ACM SIGPLAN Notices, Vol.35, Issue,11, pp.190-201, 2000. Figure 3: Structure of an XACML file with two signatures [9] F. Khatri, F. Shaikh, D. Yadav, P. Murkute, “Obviate SLA violation for Resource Allocation based on SaaS in Cloud To fulfil the request, the cloud service calculates now the Environment”, International Journal of Computer Sciences and Engineering, Vol.3, Issue.5, pp.85-88, 2015. function P(║f║kf) and sends it back to the RE. RE uses now [10] B. Paul, M. Azath, “Survey on Preserving Data Privacy in the Key kf to decrypt the result and generate a XML-RPC Cloud”, International Journal of Computer Sciences and response. The calculated result P(f) is then XML encrypted Engineering, Vol.2, Issue.12, pp.57-61, 2014. with the key of the UC and signed by the RE {|P(f)| } . [11] M. Mowbray, S. Pearson, Y. Shen, “Enhancing privacy in UC RE cloud computing via policy-based obfuscation”, The Journal of After that it will be sent to the UE that pass through this Supercomputing, Vol.61, Issue.2, pp.267-291, 2012. response to the UC. User-client checks the signature of the [12] C. Ardagna, S. De Capitani di Vimercati, S. Paraboschi, E. response and decrypts it. To the end the response is sent to Pedrini, P. Samarati, “An XACML-based privacycentered access the web interface. So the user has his new responses. control system”, In Proceedings of the first ACM workshop on Information security governance, New York, pp. 49–58, 2009. [13] T. Bray, J. Paoli, CM. Sperberg-McQueen, E. Maler, F. Yergeau, VI. CONCLUSION “Extensible markup language (XML)”, World Wide Web Journal, Vol.2, Issue.4. pp.27-66 , 1997. [14] WWWC, “World Wide Web Consortium (W3C) Launches In Cloud computing the biggest challenges are Data security International Web Accessibility Initiative”, World Wide Web and privacy. Cloud data ought to be protected not only Consortium, USA, pp.1-883, 1997

[15] T. Imamura, B. Dillaway, and E. Simon, XML Encryption Syntax and Processing, World Wide Web Consortium, USA, 2002. [16] C. Geuer-Pollmann, “Xml pool encryption”, In Proceedings of the 2002 ACM workshop on XML security. New York, pp. 1–9, 2002. [17] Goyal, “Grid Revolution”, Tata McGraw-Hill Education, India, pp.1- 01-70, 2006. [18] M. Strasser and H. Stamer, “A software-based trusted platform module emulator, in Trusted Computing – Challenges and Applications. Springer Berlin, Heidelberg, pp.33-47, 2008. [19] C. Gentry, “Fully homomorphic encryption using ideal lattices”, In STOC, Vol.9, pp. 169-178, 2009. [20] M. van Dijk, C. Gentry, S. Halevi, V. Vaikuntanathan, “Fully homomorphic encryption over the integers”, Advances in Cryptology EUROCRYPT, H. Gilbert Ed. Springer Berlin / Heidelberg, vol. 6110, pp. 24–43, 2010. [21] B. Domathoti, R. Begum and N. Rao, “Privacy Preserving Collaborative Auditing Data Storage Scheme in Cloud Computing”, International Journal of Computer Sciences and Engineering, Vol.3, Issue.5, pp.212-218, 2015.

Author Profile Mr.V.K. Saxena is a Coordinator, School of Engineering & Technology, Vikram University, Ujjain, M.P. He received his Masters degree (M.Tech.) in Computer Science from Birla Institute of Technology, Mesra, Ranchi in 2003, and pursuing his Ph.D. in the faculty of Computer Science and Engineering from BIT, Mesra, Ranchi. V.K. Saxena has shouldered many senior level administrative positions in Vikram University, Ujjain. He is also a Central Coordinator of Spoken Tutorial Project [STP], IIT Bombay. His main research work focuses on Privacy Preserving in Data Mining, Cloud Application, E-governance and Internet of Things. One of his books on “National Conference on Emerging Trends in Computing Technologies” is published and few of his papers have also got published as chapters in books. He has published 29 research papers in reputed National, International Journals and conferences including IEEE and Springer, and attended more than 27 National and International Conferences. He is a life member of Computer Society of India [CSI] since 1991 and Indian Society for Technical Education [ISTE] since 1993. He has more than 25 years of teaching, research & administrative experience.

Dr. Shashank Pushkar holds a Doctoral Degree in Computer Science & Engineering from National Institute of Technology, Jamshedpur, India. He has taught computer science in various universities including NIT, Jamshedpur, Sikkim Manipal Institute of technology, Sikkim and currently in BIT, Mesra. His field of expertise includes Data Mining, Software Engineering, Optimization Techniques and related subjects. His area of research includes Database and Big Data, Software Engineering and Operation Research and applications of Heuristic optimization techniques .