B. AWStats
It is an open sourced log file analyzer tool that helps to visualize the log files and represent them in a way that the admin will find it useful and can take some actions based on the information provided from the log files. While being an open sourced application, it has support for almost a lot of web server applications ranging from Apache to WordPress and etc. AWStats is written in Perl language and can only be installed on a server application that is hosting a website. Basic installation instruction for the application is to download the latest package from https://awstats.sourceforge.io and copy it to the root directory of the server and then run the script file from the folder using the command prompt in windows or terminal in MacOS. The code to be run on the command prompt is “perl awstats-configure.pl” which will guide you through the setup process and ask for some directories where your log files are and once you provide that then rest will be taken care of by the installing package. Once it is all done, the application would be ready to provide you guide on the report of the website. A full log analysis enables to show the following information:
ATTRIBUTE BASED ENCRYPTION SCHEME
Basics of ABE
The user attributes are used for encryption and decryption,
Scheme is that size (cipher text) is proportional to no (attributes used for the encryption). Attribute based encryption is based on two different schemes: key policy-based encryption and cipher text policy attribute-based encryption.
Kp-abe: secret key generation is done based on access tree that defines the privilege of the users and encryption is based on set of attributes.
Cp-abe: the access tree is used for the encryption of data users secret key is generated over the set of attributes. Initial development of attribute-based encryption was Identity based encryption.
IDE
It is a one to one encryption scheme, but there is no need to maintain a public key directory. More bandwidth is needed for implementing the Identity based encryption, as the Cipher Text is to be send to multiple receivers, if all the receivers share the common receiving policy. The ID of the user can be used as the public key. The ID can be email id or biometric of the user. The user will send the ID to the key generation center. The key generation center will generate the secret key using certain public parameters and the Master Key. Once the Secret Key is generated, the Key Generation Center will make use of a secure channel may be TLS (Channel with Transport Layer Security) or SSL (Secure Socket Layer) to share the Secret to the corresponding user. If a data is to be send using Identity Based Encryption, the sender will request for the receivers Identity as the public key to encrypt the data. Once the cipher text is generated, using a secure channel it will be send to the receiver. The receiver will decrypt the cipher text using his/her own secret key. The secret is made using the identity and the public parameters, which indicates that the secret key is a transformation of the receiver’s identity. Any kind of public key cryptosystem algorithm can be used to generate the cipher text and also for the decryption. But the main drawback with the Identity based encryption is that it can only be applied to a one to one communication. This is not apt for a server sharing data to multiple users or in the form of broadcasting to different groups.
Details of ABE
ABE scheme works as follows, instead of using the identity of a single user, a group id will be used as the public key. This group id will be used for encrypting the data to be sent. The group Id to which the user is belonging to, will be sent to the key generation center. They will generate the secret key for the group based on the group id. The secret key for the group is generated based on public parameters and the master key. This scheme is mostly used for a secure broadcast. If a data is to be broadcasted to a group. The data will be encrypted using the group identity satisfying certain mathematical combinations. The combination of the identities is done based on mathematical operations such as AND and OR. Once the cipher text is broadcasted, only the particular group whose secret key is a random combination of the group id with which the data was encrypted, can only decrypt the
data. The encryption and decryption can be done based on any public key cryptosystem scheme.
The figure number 01 illustrate how the secret key is generated by the key generation center. The user for example from the figure belongs to the department of mathematics and the course he is enrolled for is the MSc. Hence the identity of the user is MA and MSc. This attribute will be sent to the key generation center, to create the secret key. The Key Generation Center has certain Public attributes and Master Key. Using these two parameters and the identity send from the user, the Key Generation Center will generate the Secret Key. The transfer of the identities and the secret keys will be done via a secure channel. The channel can be encapsulated with TLS or SSL.