Ex-HABE with User Accountability for Secure Access Control in Cloud

Data outsourcing is becoming a useful and feasible paradigm with the rapid application of service-oriented technologies. Many researchers have tried combination of access control and cryptography to propose a model to protect sensitive information in this outsourcing scenario. However, these combinations in existing approaches have difficulty in key management and key distribution when fine-grained data access is required. Taking the complexity of fine-grained access control policy and the wide-reaching users of cloud in account, this issue would become extremely difficult to iron out. Various system models using attribute-based encryption (ABE) have been proposed however, most of them suffer from heavy overhead in implementing the access control policies. In this paper, a system is proposed with extended hierarchical attribute-based encryption (HABE) by using ciphertext-policy attribute-based encryption (ABE). It uses the hierarchical structure of users and bilinear mapping for generating the keys for various data handlers. Also the system focuses on user tracking by allocating an unique id to user. The system uses traitor tracing along with separation of duty made available by HABE and reduces the scope of key abuse. It is formally proved extended HABE with traitor tracing adds on to user accountability if user tracking for resource is maintained for hierarchical systems. DOI: 10.17762/ijritcc2321-8169.16042

Encryption Based Access Control Model In Cloud: A Survey

Cloud computing is known as “Utility”. Cloud Computing enabling users to remotely store their data in a server and provide services on-demand. Since this new computing technology requires user to entrust their valuable data to cloud providers, there have been increasing security and privacy concerns on outsourced data. We can increase security on access of the data in the cloud. Morever we can provide encryption on the data so third party can not use thedata. In this paper we will be reviewing various encryption based access control model for enhancing cloud security along with their limitations. We will be concluding with a proposed access control model to enhance cloud security

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors

Novel Techniques for Secure Use of Public Cloud Computing Resources

The federal government has an expressed interest in moving data and services to third party service providers in order to take advantage of the flexibility, scalability, and potential cost savings. This approach is called cloud computing. The thesis for this research is that efficient techniques exist to support the secure use of public cloud computing resources by a large, federated enterprise. The primary contributions of this research are the novel cryptographic system MA-AHASBE (Multi-Authority Anonymous Hierarchical Attribute-Set Based Encryption), and the techniques used to incorporate MA-AHASBE in a real world application. Performance results indicate that while there is a cost associated with enforcing the suggested security model, the cost is not unreasonable and the benefits in security can be significant. The contributions of this research give the DoD additional tools for supporting the mission while taking advantage of the cost efficient public cloud computing resources that are becoming widely available

Hierarchal attribute based cryptographic model to handle security services in cloud environment: a new model

The sharing of information in the cloud is a unique element of the environment, but there is a risk that the information may land with the wrong people. To counterattack this problem, security-associated methodologies were used to secure the information that was readily available to clients. Despite the lack of benefits, this provides productive/adaptability and dependability in access control strategies between clients in the sharing of information. The novel hierarchal attribute-based cryptographic security model (NHACSM) is being proposed to provide adaptability, versatility, and access control in sharing information in the appropriate climate. This model allows clients to share information in a hierarchal way, allowing for a productive assessment of access control strategy and improved security. The NHACSM method is used to reduce the total time values for different user instances compared to conventional approaches, for example, attribute-set-based encryption (ASBE), key-policy attribute-based encryption (KP-ABE), and ciphertext-policy attribute-based encryption (CP-ABE). With respect to 10 instances existing methods achieve 2.7, 2.5, and 2.3 respectively, and also compared to 20, 30, 40, and 50 instances, our proposed method is low. The encryption and decryption time evaluation values and performance evaluation of different approaches, ASBE, CP-ABE, were taken into account when increasing the user instance

A Review on Cloud Data Security Challenges and existing Countermeasures in Cloud Computing

Cloud computing (CC) is among the most rapidly evolving computer technologies. That is the required accessibility of network assets, mainly information storage with processing authority without the requirement for particular and direct user administration. CC is a collection of public and private data centers that provide a single platform for clients throughout the Internet. The growing volume of personal and sensitive information acquired through supervisory authorities demands the usage of the cloud not just for information storage and for data processing at cloud assets. Nevertheless, due to safety issues raised by recent data leaks, it is recommended that unprotected sensitive data not be sent to public clouds. This document provides a detailed appraisal of the research regarding data protection and privacy problems, data encrypting, and data obfuscation, including remedies for cloud data storage. The most up-to-date technologies and approaches for cloud data security are examined. This research also examines several current strategies for addressing cloud security concerns. The performance of each approach is then compared based on its characteristics, benefits, and shortcomings. Finally, go at a few active cloud storage data security study fields

Fully Secure and Efficient Data Sharing with Attribute Revocation for Multi-Owner Cloud Storage

Now a days, a lot of users are storing their data’s in cloud, because it provides storage flexibility. But the main problem in cloud is data security. Cipher text-Policy Attribute-based Encryption (CP-ABE) is regarded as one of the most suitable technologies for data access control in cloud storage, because it gives data owners more direct control on access policies. In this work to propose a data access control for multi-authority for verifying the integrity of an un-trusted and outsourced storage by third party auditor. In addition, this project propose method based on probabilistic query and periodic verification for improving the performance of audit services. It ensures efficiency of security by protecting from unauthorized users. These experimental results not only validate the effectiveness of these approaches, but also show our audit system verifies the integrity with lower computation overhead and requiring less extra storage for audit metadata. DOI: 10.17762/ijritcc2321-8169.15028