Ex-HABE with User Accountability for Secure Access Control in Cloud

Data outsourcing is becoming a useful and feasible paradigm with the rapid application of service-oriented technologies. Many researchers have tried combination of access control and cryptography to propose a model to protect sensitive information in this outsourcing scenario. However, these combinations in existing approaches have difficulty in key management and key distribution when fine-grained data access is required. Taking the complexity of fine-grained access control policy and the wide-reaching users of cloud in account, this issue would become extremely difficult to iron out. Various system models using attribute-based encryption (ABE) have been proposed however, most of them suffer from heavy overhead in implementing the access control policies. In this paper, a system is proposed with extended hierarchical attribute-based encryption (HABE) by using ciphertext-policy attribute-based encryption (ABE). It uses the hierarchical structure of users and bilinear mapping for generating the keys for various data handlers. Also the system focuses on user tracking by allocating an unique id to user. The system uses traitor tracing along with separation of duty made available by HABE and reduces the scope of key abuse. It is formally proved extended HABE with traitor tracing adds on to user accountability if user tracking for resource is maintained for hierarchical systems. DOI: 10.17762/ijritcc2321-8169.16042

AnonyControl: Control Cloud Data Anonymously with Multi-Authority Attribute-Based Encryption

Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. However, those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute- Based Encryption (ABE) have been proposed recently. However, the privacy problem of cloud computing is yet to be solved. This paper presents an anonymous privilege control scheme AnonyControl to address the user and data privacy problem in a cloud. By using multiple authorities in cloud computing system, our proposed scheme achieves anonymous cloud data access, finegrained privilege control, and more importantly, tolerance to up to (N -2) authority compromise. Our security and performance analysis show that AnonyControl is both secure and efficient for cloud computing environment.Comment: 9 pages, 6 figures, 3 tables, conference, IEEE INFOCOM 201

Search Me If You Can: Privacy-preserving Location Query Service

Location-Based Service (LBS) becomes increasingly popular with the dramatic growth of smartphones and social network services (SNS), and its context-rich functionalities attract considerable users. Many LBS providers use users' location information to offer them convenience and useful functions. However, the LBS could greatly breach personal privacy because location itself contains much information. Hence, preserving location privacy while achieving utility from it is still an challenging question now. This paper tackles this non-trivial challenge by designing a suite of novel fine-grained Privacy-preserving Location Query Protocol (PLQP). Our protocol allows different levels of location query on encrypted location information for different users, and it is efficient enough to be applied in mobile platforms.Comment: 9 pages, 1 figure, 2 tables, IEEE INFOCOM 201

Attribute-based encryption for cloud computing access control: A survey

National Research Foundation (NRF) Singapore; AXA Research Fun

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors