Attribute-based encryption for cloud computing access control: A survey

National Research Foundation (NRF) Singapore; AXA Research Fun

Data Access in Multiauthority Cloud Storage: Expressive and Revocable Data Control System

ABSTRACT Cloud computing is rising enormously due to its advantages and the adaptable storage services being provided by it. Because of this, the number of users has reached the top level. The users will share the sensitive data through the cloud. Furthermore, the user can\u27t trust the untrusted cloud server. Subsequently, the data access control has turned out to be extremely challenging in cloud storage framework. In existing work, revocable data access control scheme proposed for multi-authority cloud storage frameworks which supports the access control in light of the authority control. The authorized users who have desirable attributes given by various authorities can access the data. However, it couldn\u27t control the attacks which can happen to the authorized user who is not having desirable attributes. In this work, they propose a new algorithm named Improved Security Data Access Control which beats the issue exists in the existing work. And furthermore, incorporates the efficient attribute revocation strategy for multi-authority cloud storage. Keywords: Access control, multi-authority, attribute revocation, cloud storage

Secure data sharing in cloud and IoT by leveraging attribute-based encryption and blockchain

“Data sharing is very important to enable different types of cloud and IoT-based services. For example, organizations migrate their data to the cloud and share it with employees and customers in order to enjoy better fault-tolerance, high-availability, and scalability offered by the cloud. Wearable devices such as smart watch share user’s activity, location, and health data (e.g., heart rate, ECG) with the service provider for smart analytic. However, data can be sensitive, and the cloud and IoT service providers cannot be fully trusted with maintaining the security, privacy, and confidentiality of the data. Hence, new schemes and protocols are required to enable secure data sharing in the cloud and IoT. This work outlines our research contribution towards secure data sharing in the cloud and IoT. For secure data sharing in the cloud, this work proposes several novel attribute-based encryption schemes. The core contributions to this end are efficient revocation, prevention of collusion attacks, and multi-group support. On the other hand, for secure data sharing in IoT, a permissioned blockchain-based access control system has been proposed. The system can be used to enforce fine-grained access control on IoT data where the access control decision is made by the blockchain-based on the consensus of the participating nodes”--Abstract, page iv

A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in IoT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for IoT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments

Multiple Authorities Access under Public Cloud Storage: Review

Public cloud storage is a cloud storage model that provide services to individuals and organizations to store, edit and manage data. Public cloud storage service is also known as storage service, utility storage and online storage. Cloud storage has many advantages, there is still remain various challenges among which privacy and security of users data have major issues in public cloud storage. Attribute Based Encryption(ABE) is a cryptographic technique which provides data owner direct control over their data in public cloud storage. In the traditional ABE scheme involve only one authority to maintain attribute set which can bring a single-point bottleneck on security and performance. Now we use threshold multi-authority Cipher text-Policy Attribute-Based Encryption (CP-ABE) access control scheme, name TMACS. TMACS is Threshold Multi-Authority Access Control System. In TMACS, multiple authority jointly manages the whole attribute set but no user has full control of any specific attribute. By combining threshold secret sharing (t,n) and multi-authority CP-ABE scheme, we developed efficient multi-authority access control system in public cloud storage

An Innovative Approach for Enhancing Cloud Data Security using Attribute based Encryption and ECC

Cloud computing is future for upcoming generations. Nowadays various companies are looking to use Cloud computing services, as it may benefit them in terms of price, reliability and unlimited storage capacity. Providing security and privacy protection for the cloud data is one of the most difficult task in recent days. One of the measures which customers can take care of is to encrypt their data before it is stored on the cloud. Recently, the attribute-based encryption (ABE) is a popular solution to achieve secure data transmission and storage in the cloud computing. In this paper, an efficient hybrid approach using attribute-based encryption scheme and ECC is proposed to enhance the security and privacy issues in cloud. Here, the proposed scheme is based on Cipher text-Policy Attribute Based Encryption (CP-ABE) without bilinear pairing operations. In this approach, the computation-intensive bilinear pairing operation is replaced by the scalar multiplication on elliptic curves. Experimental results show that the proposed scheme has good cryptographic properties, and high security level which depends in the difficulty to solve the discrete logarithm problem on elliptic curves (ECDLP)

Using Attribute-Based Access Control, Efficient Data Access in the Cloud with Authorized Search

The security and privacy issues regarding outsourcing data have risen significantly as cloud computing has grown in demand. Consequently, since data management has been delegated to an untrusted cloud server in the data outsourcing phase, data access control has been identified as a major problem in cloud storage systems. To overcome this problem, in this paper, the access control of cloud storage using an Attribute-Based Access Control (ABAC) approach is utilized. First, the data must be stored in the cloud and security must be strong for the user to access the data. This model takes into consideration some of the attributes of the cloud data stored in the authentication process that the database uses to maintain data around the recorded collections with the user\u27s saved keys. The clusters have registry message permission codes, usernames, and group names, each with its own set of benefits. In advance, the data should be encrypted and transferred to the service provider as it establishes that the data is still secure. But in some cases, the supplier\u27s security measures are disrupting. This result analysis the various parameters such as encryption time, decryption time, key generation time, and also time consumption. In cloud storage, the access control may verify the various existing method such as Ciphertext Policy Attribute-Based Encryption (CP-ABE) and Nth Truncated Ring Units (NTRU). The encryption time is 15% decreased by NTRU and 31% reduced by CP-ABE. The decryption time of the proposed method is 7.64% and 14% reduced by the existing method