Redundancy Management of Multipath Routing for Intrusion Tolerance in Heterogeneous Wireless Sensor Networks

Redundancy Management of Multipath Routing for Intrusion Tolerance in Heterogeneous Wireless Sensor Networks

ABSTRACT

In this paper we propose redundancy management of heterogeneous wireless sensor networks (HWSNs), utilizing multipath routing to answer user queries in the presence of unreliable and malicious nodes. The key concept of our redundancy management is to exploit the tradeoff between energy consumption vs. the gain in reliability, timeliness, and security to maximize the system useful lifetime. We formulate the tradeoff as an optimization problem for dynamically determining the best redundancy level to apply to multipath routing for intrusion tolerance so that the query response success probability is maximized while prolonging the useful lifetime. Furthermore, we consider this optimization problem for the case in which a voting-based distributed intrusion detection algorithm is applied to detect and evict malicious nodes in a HWSN. We develop a novel probability model to analyze the best redundancy level in terms of path redundancy and source redundancy, as well as the best intrusion detection settings in terms of the number of voters and the intrusion invocation interval under which the lifetime of

a HWSN is maximized. We then apply the analysis results obtained to the design of a dynamic redundancy management algorithm to identify and apply the best design parameter settings at runtime in response to environment changes, to maximize the HWSN lifetime.

Existing System

            In Existing System, effective redundancy management of a clustered HWSN to prolong its lifetime operation in the presence of unreliable and malicious nodes. We address the tradeoff between energy consumption vs. QoS gain in reliability, timeliness and security with the goal to maximize the lifetime of a clustered HWSN while satisfying application QoS requirements in the context of multipath routing. More specifically, we analyze the optimal amount of redundancy through which data are routed to a remote sink in the presence of unreliable and malicious nodes,

so that the query success probability is maximized while maximizing the HWSN lifetime.

Proposed System

            In Proposed System, the optimal communication range and communication mode were derived to maximize the HWSN lifetime. In intra-cluster scheduling and inter-cluster multi-hop routing schemes to maximize the network lifetime. They considered a hierarchal HWSN with CH nodes having larger energy and processing capabilities than normal SNs.

 The solution is formulated as an optimization problem to balance energy consumption across all nodes with their roles. In either work cited above, no consideration was given to the existence of malicious nodes.

A two-tier HWSN with the objective of maximizing network lifetime while fulfilling power management and coverage objectives. They determined the optimal density ratio of the two tier’s nodes to maximize the system lifetime.

MODULES

1. Multi – Path Routing
2. Intrusion Tolerance
3. Energy Efficient
4. Simulation Process

Modules Description

Multi – Path Routing

           

            In this module, Multipath routing is considered an effective mechanism for fault and intrusion tolerance to improve data delivery in WSNs. The basic idea is that the probability of atleast one path reaching the sink node or base station increases as we have more paths doing data delivery. While most prior research focused on using multipath routing to improve reliability, some attention has been paid to using multipath routing to tolerate insider attacks. These studies, however, largely ignored the tradeoff between QoS gain vs. energy consumption which can adversely shorten the system lifetime.

Intrusion Tolerance

            In this Modules, intrusion tolerance through multipath routing, there are two major problems to solve:

(1) How many paths to use and

(2) What paths to use.

To the best of our knowledge, we are the first to address the “how many paths to use” problem. For the “what paths to use” problem, our approach is distinct from existing work in that we do not consider specific routing protocols.

Energy Efficient

            In this module, there are two approaches by which energy efficient IDS can be implemented in WSNs. One approach especially applicable to flat WSNs is for an intermediate node to feedback maliciousness and energy status of its neighbor nodes to the sender node (e.g., the source or sink node) who can then utilize the knowledge to route packets to avoid nodes with unacceptable maliciousness or energy status. Another approach which we adopt in this paper is to use local host-based IDS for energy conservation.

Simulation Process

            In this module, the cost of executing the dynamic redundancy management algorithm described above, including periodic clustering, periodic intrusion detection, and query processing through multipath routing, in terms of energy consumption.

System Requirements:

Hardware Requirements:

•         System                        : Pentium IV 2.4 GHz.

•         Hard Disk        : 40 GB.

•         Floppy Drive   : 1.44 Mb.

•         Monitor           : 15 VGA Color.

•         Mouse             : Logitech.

•         Ram                 : 512 Mb.

Software Requirements:

•         Operating system        : - Windows 7 Ultimate (32-bit) / Windows XP

•         Coding Language       : C#.Net

•         Front End                    : Visual Studio 2008

Enforcing Secure and Privacy-Preserving Information Brokering in Distributed Information Sharing

Enforcing Secure and Privacy-Preserving

Information Brokering in Distributed Information

Sharing

ABSTRACT

            To facilitate extensive collaborations, today’s organizations raise increasing needs for information sharing via on-demand information access. Information Brokering System (IBS) atop a peer-to-peer overlay has been proposed to support information sharing among loosely federated data sources. It consists of diverse data servers and brokering components, which help client queries to locate the data servers. However, many existing IBSs adopt server side access control deployment and honest assumptions on brokers, and shed little attention on privacy of data and metadata stored and exchanged within the IBS.

 In this article, we study the problem of privacy protection in information brokering process. We first give a formal presentation of the threat models with a focus on two attacks: attribute-correlation attack and inference attack. Then, we propose a broker-coordinator overlay, aa well as two schemes, automaton segmentation scheme and query segment encryption scheme, to share the secure query routing function among a set of brokering servers. With comprehensive analysis on privacy, endto- end performance, and scalability, we show that the proposed system can integrate security enforcement and query routing while preserving system-wide privacy with reasonable overhead.

EXISTING SYSTEM:

            The existing system supposes Alice owns a k-anonymous database and needs to determine whether her database, when inserted with a tuple owned by Bob, is still k-anonymous. Also, suppose that access to the database is strictly controlled, because data are used for certain experiments that need to be maintained confidential. Clearly, allowing Alice to directly read the contents of the tuple breaks the privacy of Bob; on the other hand, the confidentiality of the database managed by Alice is violated once Bob has access to the contents of the database. Thus, the problem is to check whether the database inserted with the tuple is still k-anonymous, without letting Alice and Bob know the contents of the tuple and the database respectively.

Disadvantage:

1. The database with the tuple data does not be maintained confidentially.
2. The existing systems another person to easily access database.

PROPOSED SYSTEM:

            In the current paper, we present two efficient protocols, one of which also supports the private update of a generalization-based anonymous database. We also provide security proofs and experimental results for both protocols. So far no experimental results had been reported concerning such type of protocols; our results show that both protocols perform very efficiently.

Advantage:

1. The anonymity of DB is not affected by inserting the records.
2. We provide security proofs and experimental results for both protocols.

MODULES

1.      Co-Ordinator Module.

2.      Broker Module.

3.      User Module.

4.      Admin Module.

Co-Ordinator Module:

In this module, the co-coordinator performs the global service between the two end users. Initially the Data Owner needs to submit the details of the patient in the server.

Data Users needs to search the data which is stored in the servers and they give request for the data and the co-Ordinator sends the key to the Data users and the Data will be passed by the broker Way.

Broker Module:

In this module, the broker performs the role who can act between the Co-coordinator and the data Users. The request which are all submitted from the data user will be verified and thus it will be passed to the co-coordinator.

The data will be passed from the co-coordinator and thus it will be submitted to the End Users(Data Users).

User  Module:

            In this module, the Users are classified into two types they are, Data Users and Data Owner Depends on the restriction the data will be passed to the Co-coordinator.

            The co-coordinator pass the details via broker and the data will be checked with the secret key and thus it will display for the users.

Admin Module:

                        In this module, to arrange the database based on the patient and doctor details and records. The admin needs to register and register the Organization and Users Forms.

Hardware Requirements:

•         System                        :   Pentium IV 2.4 GHz.

•         Hard Disk       :   40 GB.

•         Floppy Drive   :   1.44 Mb.

•         Monitor           :   14’ Colour Monitor.

•         Mouse             :   Optical Mouse.

•         Ram                 :   512 Mb.

•         Keyboard        :   101 Keyboard.

Software Requirements:

•         Operating system        :   Windows 7 Ultimate. (32-bit os)

•         Coding Language       :   ASP.Net with C#

•         Front End                    :  VS 2010 Professional

•         Data Base                    :   SQL Server 2008.

Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks

Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks

ABSTRACT:

This paper presents a novel Multi-message Ciphertext Policy Attribute-Based Encryption (MCP-ABE) technique, and employs the MCP-ABE to design an access control scheme for sharing scalable media based on data consumers’ attributes (e.g., age, nationality, or gender)rather than an explicit list of the consumers’ names. The scheme is efficient and flexible because MCP-ABE allows a content provider to specify an access policy and encrypt multiple messages within one Ciphertext such that only the users whose attributes satisfy the access policy can decrypt the Ciphertext. Moreover, the paper shows how to support resource-limited mobile devices by offloading computational intensive operations to cloud servers while without compromising data privacy

EXISTING SYSTEM:

A promising approach to access control in content sharing services is to empower users to enforce access controls on their data directly, rather than through a central administrator. However, this requires flexible and scalable cryptographic key management to support complex access control policies. A native access control solution is to assign one key for each user attribute, distribute the appropriate keys to users who have the corresponding attributes, and encrypt the media with the attribute keys repeatedly Another method is to classify users into different roles based on their attributes, assign role keys to users, and then encrypt the content using the role keys. However, this approach results in high complexity, i.e., the number of keys for each user and the number of cipher texts for one message are on the order of where is the number of all possible user attributes. Both of these solutions suffer from the rigid and inflexible definition of the underlying access control policies. A remedy to this problem is employing Ciphertext Policy Attribute-Based Encryption (CP-ABE). In CP-ABE, a Ciphertext is embedded with an access control policy, or access policy for short, associated with user attributes. A recipient of the ciphertext is able to decrypt the ciphertext only if her attributes satisfy the access policy in the ciphertext. CP-ABE can be viewed as a one-to-many public key encryption scheme and hence enables a data owner to grant access to an unknown set of users. Nonetheless, existing CP-ABE schemes merely deliver one encrypted message per ciphertext to all authorized users and are not optimal for efficient sharing of scalable media.

DISADVANTAGES OF EXISTING SYSTEM:

v In an existing system solution is flexible, but it is vulnerable to collusion attack.

v The existing method is to classify users into different roles based on their attributes, assign role keys to users, and then encrypt the content using the role keys. However, this approach results in high complexity.

v Existing CP-ABE schemes merely deliver one encrypted message per ciphertext to all authorized users and are not optimal for efficient sharing of scalable media.

PROPOSED SYSTEM:

In this paper we present an access control scheme for scalable media. The scheme has several benefits which make it especially suitable for content delivery. For example, it is extremely scalable by allowing a data owner to grant data access privileges based on the data consumers’ attributes (e.g., age, nationality, gender) rather than an explicit list of user names; and it ensures data privacy and exclusiveness of access of scalable media by employing attribute-based encryption. For this purpose, we introduce a novel Multi-message Ciphertext Policy AttributeBased Encryption (MCP-ABE) technique. MCP-ABE encrypts multiple messages within one ciphertext so as to enforceflexible attribute-based access control on scalable media. Specifically, the scheme constructs a key graph which matches users’ access privileges, encrypts media units with the corresponding keys, and then encrypts the key graph with MCP-ABE; only those data consumers with the required user attributes can decrypt the encryption of the key (sub) graph and then decrypt the encrypted media units. To cater for resource-limited mobile devices, the scheme offloads computational intensive operations to cloud servers while without compromising user data privacy.

ADVANTAGES OF PROPOSED SYSTEM:

v The present scheme is also secure against user collusion attacks due to use of attribute-based encryption.

v The experiments demonstrate that the present scheme is applicable on smartphone, especially when a cloud platform is available.

v We present an access control scheme for scalable media. The scheme has several benefits which make it especially suitable for content delivery

SYSTEM ARCHITECTURE:

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

•         System                 : Pentium IV 2.4 GHz.

•         Hard Disk            : 40 GB.

•         Floppy Drive       : 1.44 Mb.

•         Monitor                : 15 VGA Colour.

•         Mouse                  : Logitech.

•         Ram                     : 512 Mb.

SOFTWARE REQUIREMENTS:

•         Operating system           : - Windows XP.

•         Coding Language :  ASP.NET, C#.Net.

•         Data Base             :  SQL Server 2005

REFERENCE:

Yongdong Wu, Zhuo Wei, and Robert H. Deng “Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks”- IEEE TRANSACTIONS ON MULTIMEDIA, VOL. 15, NO. 4, JUNE 2013.