Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors

The Secured Attribute-Based Document Collection Hierarchical Encryption Scheme in Cloud Computing

This paper is an endeavor to give an upgraded data storage security model in Cloud Computing and making a put stock in condition in cloud computing. There are a considerable measure of convincing purposes behind organizations to convey cloud-based storage. For another business, start-up costs are fundamentally decreased in light of the fact that there is no compelling reason to contribute capital in advance for an inner to help the business. By a long shot, the main inquiry customers considering a move to cloud storage ask is regardless of whether their data will be secure. Stored data offsite doesn't change ata security necessities; they are the same as those confronting data put away on location. Security ought to be based on business prerequisites for particular applications and data sets, regardless of where the data is stored. We trust that data storage security in Cloud Computing, a zone brimming with challenges and of fundamental significance, is still in its earliest stages now, and numerous examination issues are yet to be distinguished. In this paper, we examined the issue of data security in cloud data storage, to guarantee the rightness of customers' data in cloud data storage. We proposed a Hierarchical Attribute-Based Secure Outsourcing for moldable Access in Cloud computing which likewise guarantees data storage security and survivability accordingly giving put stock in condition to the customers. To battle against unapproved data spillage, delicate data must be encoded before outsourcing in order to give end-to-end data confidentiality affirmation in the cloud and past. It upgrades the security in the proposed model successfully

Attribute-Based Encryption Scheme for Secured data Storage in Cloud Computing

This a storage security model in Cloud Computing and making a considerable measure of convincing purposes behind organizations to convey cloud-based storage. For another business, start-up costs are fundamentally decreased in light of the fact that there is no compelling reason to contribute capital in advance for an inner to help the business. By a long shot, the main inquiry customers considering a move to cloud storage ask is regardless of whether their data will be secure. Stored data offsite doesn't change data security necessities; they are the same as those confronting data put away on location. Security ought to be based on business prerequisites for particular applications and data sets, regardless of where the data is stored. We trust that data storage security in Cloud Computing, a zone brimming with challenges and of fundamental significance, is still in its earliest stages now, and numerous examination issues are yet to be distinguished. In this paper, we examined the issue of data security in cloud data storage, to guarantee the rightness of customers' data in cloud data storage. We proposed a Hierarchical Attribute-Based Secure Outsourcing for moldable Access in Cloud computing which likewise guarantees data storage security and survivability accordingly giving put stock in condition to the customers. To battle against unapproved data spillage, delicate data must be encoded before outsourcing in order to give end-to-end data confidentiality affirmation in the cloud and past. It upgrades the security in the proposed model successfully.

MODEL KONTROLE PRISTUPA USLUGAMA U OBLAKU NA OSNOVU RAZLIČITIH ULOGA KORISNIKA

The rapid development of computer technology, cloud-based services have become a hot topic. They not only provide users with convenience, but also bring many security issues, such as data sharing and privacy issue. In this paper, we present an access control system with privilege separation based on privacy protection (PS-ACS). In the PS-ACS scheme, we divide users into private domain (PRD) and public domain (PUD) logically. In PRD, to achieve read access permission and write access permission, we adopt the Key-Aggregate Encryption (KAE) and the Improved Attribute-based Signature (IABS) respectively. In PUD, we construct new multi-authority cipher text policy attribute-based encryption (CP-ABE) scheme with efficient decryption to avoid the issues of single point of failure and complicated key distribution, and design an efficient attribute revocation method for it. The analysis and simulation result shows that our scheme is feasible and superior to protect users’ privacy in cloud-based services.Nagli razvoj računalne tehnologije, usluge temeljene na oblaku, postale su aktualna tema. Oni ne samo da korisnicima pružaju praktičnost, nego i donose mnoga sigurnosna pitanja, kao što je dijeljenje podataka i problem privatnosti. U ovom radu predstavljamo sustav kontrole pristupa s razdvajanjem povlastica na temelju zaštite privatnosti (PS-ACS). U PS-ACS shemi, podijelimo korisnike na privatnu domenu (PRD) i javnu domenu (PUD) logično. U PRD-u, da bi se postiglo dopuštenje pristupa za čitanje i dopuštenje za pisanje, usvajamo ključno šifriranje (KAE) i poboljšani potpis na temelju atributa (IABS). U PUD-u konstruiramo novu shemu šifriranja (CP-ABE) koja se temelji na pravilima šifriranog teksta s učinkovitim dešifriranjem kako bismo izbjegli probleme s jednom točkom neuspjeha i komplicirane distribucije ključeva i dizajnirali učinkovitu metodu opoziva atributa za nju. Rezultati analize i simulacije pokazuju da je naša shema izvediva i superiorna za zaštitu privatnosti korisnika u uslugama temeljenim na oblaku

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

Proof Verification and Attribute Based Re-Encryption of Shared Data over Public Cloud

Cloud storage is the best and proficient approach to handle our information remotely. In any case, since information proprietors and clients are more often than not outside the trusted area of cloud specialist co-ops the information security and get to control is the critical component at the season of delicate information put away in the cloud. Additionally, now days there are distinctive systems are accessible for information sharing and saving security of information proprietor and client. Key Escrow is the one of the significant issue now a day. We can’t keep full trust over the key power focus since they might be abuse their benefits. This is unsatisfactory for data sharing circumstances. In this paper we concentrated the current procedure for sharing the information from information proprietor to information client. The methodology propose an enhanced two-party key issuing convention that can ensure that neither key power nor cloud specialist co-op can bargain the entire mystery key of a client exclusively. The method also present the idea of quality with weight, being given to upgrade the statement of characteristic, which cannot just extend the expression from paired to discretionary state, additionally help the intricacy of get to approach. In this manner, both capacity cost and encryption many-sided quality for a cipher text are eased. Attribute based encryption is an open key based encryption that empowers get to control over encoded information utilizing access strategies and credited qualities. In this paper we propose proof verification module which verify proof of shared file and is received by data consumer when file shared by data owner and also a method which applies re-encryption (ABE) of a shared file here the attributes of data consumers are used to generate key

Secure Dynamic Cloud-based Collaboration with Hierarchical Access

In recent years, the Cloud has emerged as an attractive way of hosting and delivering services over the Internet. This has resulted in a renewed focus on information security in the case where data is stored in the virtual space of the cloud and is not physically accessible to the customer. Through this thesis the boundaries of securing data in a cloud context, while retaining the benefits of the cloud, are explored. The thesis addresses the increasing security concerns of migrating to the cloud andutilising it for data storage.The research of this thesis is divided into three separate areas: securing data in an untrusted cloud environment, ensuring data access control in the cloud, and securing data outside the cloud in the user's environment. Each area is addressed by separate conceptual designs. Together these comprise a secure dynamic cloud-based collaboration environment with hierarchical access. To further validate the conceptual designs, proof of concept prototypes have been constructed.The conceptual designs have been devised by exploring and extending the boundaries of existing secure data-storage schemes, and then combining these with well-known security principles and cutting-edge research within the field of cryptography. The results of this thesis are feasible conceptual designs for a cloud-based dynamic collaboration environment. The conceptual designs address the challenges of secure cloud-based storage and allow the benefits of cloud-based storage to be utilised. Furthermore, this thesis provides a solid foundation for further work within this field