Fine-Grained Access Control Systems Suitable for Resource-Constrained Users in Cloud Computing

For the sake of practicability of cloud computing, fine-grained data access is frequently required in the sense that users with different attributes should be granted different levels of access privileges. However, most of existing access control solutions are not suitable for resource-constrained users because of large computation costs, which linearly increase with the complexity of access policies. In this paper, we present an access control system based on ciphertext-policy attribute-based encryption. The proposed access control system enjoys constant computation cost and is proven secure in the random oracle model under the decision Bilinear Diffie-Hellman Exponent assumption. Our access control system supports AND-gate access policies with multiple values and wildcards, and it can efficiently support direct user revocation. Performance comparisons indicate that the proposed solution is suitable for resource-constrained environment

Data Access in Multiauthority Cloud Storage: Expressive and Revocable Data Control System

ABSTRACT Cloud computing is rising enormously due to its advantages and the adaptable storage services being provided by it. Because of this, the number of users has reached the top level. The users will share the sensitive data through the cloud. Furthermore, the user can\u27t trust the untrusted cloud server. Subsequently, the data access control has turned out to be extremely challenging in cloud storage framework. In existing work, revocable data access control scheme proposed for multi-authority cloud storage frameworks which supports the access control in light of the authority control. The authorized users who have desirable attributes given by various authorities can access the data. However, it couldn\u27t control the attacks which can happen to the authorized user who is not having desirable attributes. In this work, they propose a new algorithm named Improved Security Data Access Control which beats the issue exists in the existing work. And furthermore, incorporates the efficient attribute revocation strategy for multi-authority cloud storage. Keywords: Access control, multi-authority, attribute revocation, cloud storage

Contributions to Identity-Based Broadcast Encryption and Its Anonymity

Broadcast encryption was introduced to improve the efficiency of encryption when a message should be sent to or shared with a group of users. Only the legitimate users chosen in the encryption phase are able to retrieve the message. The primary challenge in construction a broadcast encryption scheme is to achieve collusion resistance such that the unchosen users learn nothing about the content of the encrypted message even they collude