AnonyControl: Control Cloud Data Anonymously with Multi-Authority Attribute-Based Encryption

Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. However, those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute- Based Encryption (ABE) have been proposed recently. However, the privacy problem of cloud computing is yet to be solved. This paper presents an anonymous privilege control scheme AnonyControl to address the user and data privacy problem in a cloud. By using multiple authorities in cloud computing system, our proposed scheme achieves anonymous cloud data access, finegrained privilege control, and more importantly, tolerance to up to (N -2) authority compromise. Our security and performance analysis show that AnonyControl is both secure and efficient for cloud computing environment.Comment: 9 pages, 6 figures, 3 tables, conference, IEEE INFOCOM 201

Search Me If You Can: Privacy-preserving Location Query Service

Location-Based Service (LBS) becomes increasingly popular with the dramatic growth of smartphones and social network services (SNS), and its context-rich functionalities attract considerable users. Many LBS providers use users' location information to offer them convenience and useful functions. However, the LBS could greatly breach personal privacy because location itself contains much information. Hence, preserving location privacy while achieving utility from it is still an challenging question now. This paper tackles this non-trivial challenge by designing a suite of novel fine-grained Privacy-preserving Location Query Protocol (PLQP). Our protocol allows different levels of location query on encrypted location information for different users, and it is efficient enough to be applied in mobile platforms.Comment: 9 pages, 1 figure, 2 tables, IEEE INFOCOM 201

Cloud Security in Crypt Database Server Using Fine Grained Access Control

Information sharing in the cloud, powered by good patterns in cloud technology, is rising as a guaranteeing procedure for permitting users to advantageously access information. However, the growing number of enterprises and customers who stores their information in cloud servers is progressively challenging users’ privacy and the security of information. This paper concentrates on providing a dependable and secure cloud information sharing services that permits users dynamic access to their information. In order to achieve this, propose an effective, adaptable and flexible privacy preserving information policy with semantic security, by using Cipher text Policy Element Based Encryption (CP-EBE) consolidated with Character Based Encryption (CBE) systems. To ensure strong information sharing security, the policy succeeds in protecting the privacy of cloud users and supports efficient and secure dynamic operations, but not constrained to, file creation, user revocation. Security analysis demonstrates that the proposed policy is secure under the generic bi- linear group model in the random oracle model and enforces fine-grained access control, full collusion resistance and retrogressive secrecy. Furthermore, performance analysis and experimental results demonstrate that the overheads are as light as possible

Multi - owner Secure Data Sharing in Cloud Computing Environment

Data sharing in the cloud is a technique that allows users to conveniently access data over the cloud. The data owner outsources their data in the cloud due to cost reduction and the great conveniences provided by cloud services. Data owner is not able to control over their data, because cloud service provider is a third party provider.  The main crisis with data sharing in the cloud is the privacy and security issues. Various techniques are available to support user privacy and secure data sharing. This paper focus on various schemes to deal with secure data sharing such as Data sharing with forward security, secure data sharing for dynamic groups, Attribute based data sharing, encrypted data sharing and Shared Authority Based Privacy-Preserving Authentication Protocol for access control of outsourced data