A Survey: Attribute Based Encryption for Secure Cloud

Cloud computing is an enormous area which shares huge amount of data over cloud services and it has been increasing with its on-demand technology. Since, with these versatile cloud services, when the delicate data stored within the cloud storage servers, there are some difficulties which has to be managed like its Security Issues, Data Privacy, Data Confidentiality, Data Sharing and its integrity over the cloud servers dynamically. Also, the authenticity and data access control should be maintained in this wide environment. Thus, Attribute based Encryption (ABE) is a significant version of cryptographic technique in the cloud computing environment. Public Key Encryption acts as the basic technique for ABE where it provides one to many encryptions, here, the private key of users & the cipher-text both rely on attributes such that, when the set of the attributes of users key matches set of attributes of cipher-text with its corresponding access policy, only then decryption is possible. Thus, an opponent could grant access to the sensitive information that holds multiple keys, if it has at least one individual key for accession. The techniques based on ABE consist of two types: KP-ABE (Key- Policy ABE) where the user’s private key is linked to an access structure (or access policy) over attributes and cipher-text is connected to the set of attributes, and CP-ABE (cipher-text policy ABE) is vice versa. Hence, in this, Review we discuss about the various security techniques and relations based on Attributes Based Encryption, especially, the type KP-ABE over data attributes which explains secured methods & its schemes related to time specifications.&nbsp

A Novel Technique for Cloud Computing Data Security and Public Auditing

In prior years, the fast improvement of cloud storage services makes it simpler than at any other time for cloud clients to disseminate information (data) with everyone. To ensure client's trust in the dependability of their public information on the cloud, various strategies have been proposed for information trustworthiness assessing with spotlights on different viable components, secure data destructing, public integrity auditing and so forth.. Since it is not achievable to execute full lifecycle protection security, access control turns into a testing assignment, particularly when we share delicate information on cloud servers. To handle this issue, proposed framework presents a key strategy trait based encryption with time-determined properties (KP-TSABE), another safe information self-destructing framework in distributed computing. Moreover open respectability inspecting frameworks presented for cloud information sharing administrations that check the uprightness of client's delicate information being put away in the cloud. In the KP-TABE plan, each figure content is marked with a period interim while the private key is connected with a period moment. The figure message just is unscrambled if both the time instant is in the permitted time interim and traits which are connected with the figure content guarantee the key's entrance structure. Also, Third Party Auditing (TPA) is acquainted with help clients to assess the danger of their subscribed cloud data administrations. The review result from TPA would likewise be useful for the cloud administration suppliers to upgrade cloud-based administration stage

A HYBRIDIZED ENCRYPTION SCHEME BASED ON ELLIPTIC CURVE CRYPTOGRAPHY FOR SECURING DATA IN SMART HEALTHCARE

Recent developments in smart healthcare have brought us a great deal of convenience. Connecting common objects to the Internet is made possible by the Internet of Things (IoT). These connected gadgets have sensors and actuators for data collection and transfer. However, if users' private health information is compromised or exposed, it will seriously harm their privacy and may endanger their lives. In order to encrypt data and establish perfectly alright access control for such sensitive information, attribute-based encryption (ABE) has typically been used. Traditional ABE, however, has a high processing overhead. As a result, an effective security system algorithm based on ABE and Fully Homomorphic Encryption (FHE) is developed to protect health-related data. ABE is a workable option for one-to-many communication and perfectly alright access management of encrypting data in a cloud environment. Without needing to decode the encrypted data, cloud servers can use the FHE algorithm to take valid actions on it. Because of its potential to provide excellent security with a tiny key size, elliptic curve cryptography (ECC) algorithm is also used. As a result, when compared to related existing methods in the literature, the suggested hybridized algorithm (ABE-FHE-ECC) has reduced computation and storage overheads. A comprehensive safety evidence clearly shows that the suggested method is protected by the Decisional Bilinear Diffie-Hellman postulate. The experimental results demonstrate that this system is more effective for devices with limited resources than the conventional ABE when the system’s performance is assessed by utilizing standard model

Identity Based Encryption and Data Self Destruction in Cloud Computing

When it comes to storing data, cloud storage is rapidly turning into the procedure for choice. Cloud storage is quickly becoming the strategy for decision. Putting away files remotely instead of by locally boasts an array of preferences for both home and professional clients. Cloud storage means “the storage of data online in the cloud”, however, the cloud storage is not completely trusted. Whether the data put away on cloud are in place or not turns into a significant concern of the clients also access control becomes a difficult job, particularly when we share data on cloud servers. To tackle this issue outsourcing Revocable IBE scheme for efficient key generation and key updating process is introduce. Also to improve the efficiency of cloud server in terms of storage new secure data self-destructing system in cloud computing is used. In this system, each cipher text (encrypted file) is labeled with a time interval. If the attributes associated with the cipher text satisfy the key’s access structure and both the time instant is in the allowed time interval then the cipher text is decrypted. After a user-specified end time the data at cloud server will be securely self-destructe

Confidentiality-Preserving Publish/Subscribe: A Survey

Publish/subscribe (pub/sub) is an attractive communication paradigm for large-scale distributed applications running across multiple administrative domains. Pub/sub allows event-based information dissemination based on constraints on the nature of the data rather than on pre-established communication channels. It is a natural fit for deployment in untrusted environments such as public clouds linking applications across multiple sites. However, pub/sub in untrusted environments lead to major confidentiality concerns stemming from the content-centric nature of the communications. This survey classifies and analyzes different approaches to confidentiality preservation for pub/sub, from applications of trust and access control models to novel encryption techniques. It provides an overview of the current challenges posed by confidentiality concerns and points to future research directions in this promising field

Enhancing NAC-ABE to Support Access Control for mHealth Applications and Beyond

Name-based access control (NAC) over NDN provides fine-grained data confidentiality and access control by encrypting and signing data at the time of data production. NAC utilizes specially crafted naming conventions to define and enforce access control policies. NAC-ABE, an extension to NAC, uses an attribute-based encryption (ABE) scheme to support access control with improved scalability and flexibility. However, existing NAC-ABE libraries are based on ciphertext-policy ABE (CP-ABE), which requires knowledge of the access policy when encrypting data packets. In some applications, including mHealth, the data access policy is unknown at the time of data generation, while data attributes and properties are known. In this paper, we present an extension to the existing NDN-ABE library which can be used by mHealth and other applications to enforce fine-granularity access control in data sharing. We also discuss the challenges we encountered during the application deployment, and remaining open issues together with potential solution directions

Effective Policies to Protect Information Resources: Identity Management and Organizational Access Studies X

Information resources are an important asset for organizations, both government and private. Information resources can be data, systems, or applications used to support organizational activities. Therefore, it is important to protect information resources from various threats, such as cyberattacks, misuse, or loss. Identity and access management (IAM) is one of the efforts to protect information resources. IAM is the process of managing the identity of users and their access to information resources. Effective IAM can help organizations ensure that only authorized users can access information resources, detect and prevent unauthorized access to information resources, and facilitate user identity management. This study aims to examine effective IAM policies to protect the information resources of Organization X. The results show that an effective IAM policy must meet the following criteria: comprehensive; IAM policies should cover all aspects of identity and access management, from user identity creation to access review, risk-oriented; IAM policies should be designed to minimize risks to information resources, Flexible; IAM policies must be adaptable to the changing needs of the organization, Management support; IAM policies must be supported by the organization's management to be implemented effectively. Based on the results of this study, it is advisable to ensure that information security policies remain effective over time, so organizations should carry out regular evaluations to protect their information resources