AnonyControl: Control Cloud Data Anonymously with Multi-Authority Attribute-Based Encryption

Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. However, those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute- Based Encryption (ABE) have been proposed recently. However, the privacy problem of cloud computing is yet to be solved. This paper presents an anonymous privilege control scheme AnonyControl to address the user and data privacy problem in a cloud. By using multiple authorities in cloud computing system, our proposed scheme achieves anonymous cloud data access, finegrained privilege control, and more importantly, tolerance to up to (N -2) authority compromise. Our security and performance analysis show that AnonyControl is both secure and efficient for cloud computing environment.Comment: 9 pages, 6 figures, 3 tables, conference, IEEE INFOCOM 201

My private cloud--granting federated access to cloud resources

We describe the research undertaken in the six month JISC/EPSRC funded My Private Cloud project, in which we built a demonstration cloud file storage service that allows users to login to it, by using their existing credentials from a configured trusted identity provider. Once authenticated, users are shown a set of accounts that they are the owners of, based on their identity attributes. Once users open one of their accounts, they can upload and download files to it. Not only that, but they can then grant access to their file resources to anyone else in the federated system, regardless of whether their chosen delegate has used the cloud service before or not. The system uses standard identity management protocols, attribute based access controls, and a delegation service. A set of APIs have been defined for the authentication, authorisation and delegation processes, and the software has been released as open source to the community. A public demonstration of the system is available online

A Hybrid Verifiable and Delegated Cryptographic Model in Cloud Computing

التحكم بالوصول مهم جدا في تبادل البيانات السحابية. و خاصة في مجالات مثل الرعاية الصحية, فمن الضروري ان تكون هناك ألية لمراقبة قائمة الدخول من اجل السرية و الوصول الامن للبيانات. و قد تم التشفير القائم على السمة لسنوات عديدة لتأمين البيانات و توفير الوصول المراقب. في هذا البحث اقترحنا اطاراً يدعم آلية التشفير الدارة و السمة التي تتضمن اطرافا متعددة. هم مالك البيانات , مستخدم البيانات , خادم السحابة و سلطة السمة. ومن السمات الهامة للنظام المقترح هو التفويض الذي يمكن التحقق منه لعملية فك التشفير الى خادم السحابة. مالك البيانات يقوم بتشفير البيانات و مندوبين عملية فك التشفير الى السحابة. خادم السحابة يؤدي فك التشفير الجزئي و من ثم يتم مشاركة بيانات فك التشفير النهائي للمستخدمين وفقاً للامتيازات. مالك البيانات يقلل من التعقيد الحسابي من خلال تفويض خادم السحابة علمية فك التشفير. قمنا ببناء تطبيق النموذج الاولي باستخدام منصة مايكروسوفت دوت نت لأثبات هذا المفهوم. و أظهرت النتائج التجريبية أن هناك وصولا خاضعا للرقابة مع تعدد أدوار المستعملين و حقوق التحكم في النفاذ من أجل النفاذ الآمن و السري إلى البيانات في الحوسبة السحابية.Access control is very important in cloud data sharing. Especially in the domains like healthcare, it is essential to have access control mechanisms in place for confidentiality and secure data access. Attribute based encryption has been around for many years to secure data and provide controlled access. In this paper, we proposed a framework that supports circuit and attributes based encryption mechanism that involves multiple parties. They are data owner, data user, cloud server and attribute authority. An important feature of the proposed system is the verifiable delegation of the decryption process to cloud server. Data owner encrypts data and delegates decryption process to cloud. Cloud server performs partial decryption and then the final decrypted data are shared for users as per the privileges. Data owner  thus reduces computational complexity by delegating decryption process cloud server. We built a prototype application using the Microsoft.NET platform for proof of the concept. The empirical results revealed that there is controlled access with multiple user roles and access control rights for secure and confidential data access in cloud computing

State of The Art and Hot Aspects in Cloud Data Storage Security

Along with the evolution of cloud computing and cloud storage towards matu- rity, researchers have analyzed an increasing range of cloud computing security aspects, data security being an important topic in this area. In this paper, we examine the state of the art in cloud storage security through an overview of selected peer reviewed publications. We address the question of defining cloud storage security and its different aspects, as well as enumerate the main vec- tors of attack on cloud storage. The reviewed papers present techniques for key management and controlled disclosure of encrypted data in cloud storage, while novel ideas regarding secure operations on encrypted data and methods for pro- tection of data in fully virtualized environments provide a glimpse of the toolbox available for securing cloud storage. Finally, new challenges such as emergent government regulation call for solutions to problems that did not receive enough attention in earlier stages of cloud computing, such as for example geographical location of data. The methods presented in the papers selected for this review represent only a small fraction of the wide research effort within cloud storage security. Nevertheless, they serve as an indication of the diversity of problems that are being addressed

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

The Secured Attribute-Based Document Collection Hierarchical Encryption Scheme in Cloud Computing

This paper is an endeavor to give an upgraded data storage security model in Cloud Computing and making a put stock in condition in cloud computing. There are a considerable measure of convincing purposes behind organizations to convey cloud-based storage. For another business, start-up costs are fundamentally decreased in light of the fact that there is no compelling reason to contribute capital in advance for an inner to help the business. By a long shot, the main inquiry customers considering a move to cloud storage ask is regardless of whether their data will be secure. Stored data offsite doesn't change ata security necessities; they are the same as those confronting data put away on location. Security ought to be based on business prerequisites for particular applications and data sets, regardless of where the data is stored. We trust that data storage security in Cloud Computing, a zone brimming with challenges and of fundamental significance, is still in its earliest stages now, and numerous examination issues are yet to be distinguished. In this paper, we examined the issue of data security in cloud data storage, to guarantee the rightness of customers' data in cloud data storage. We proposed a Hierarchical Attribute-Based Secure Outsourcing for moldable Access in Cloud computing which likewise guarantees data storage security and survivability accordingly giving put stock in condition to the customers. To battle against unapproved data spillage, delicate data must be encoded before outsourcing in order to give end-to-end data confidentiality affirmation in the cloud and past. It upgrades the security in the proposed model successfully

Attribute-Based Encryption Scheme for Secured data Storage in Cloud Computing

This a storage security model in Cloud Computing and making a considerable measure of convincing purposes behind organizations to convey cloud-based storage. For another business, start-up costs are fundamentally decreased in light of the fact that there is no compelling reason to contribute capital in advance for an inner to help the business. By a long shot, the main inquiry customers considering a move to cloud storage ask is regardless of whether their data will be secure. Stored data offsite doesn't change data security necessities; they are the same as those confronting data put away on location. Security ought to be based on business prerequisites for particular applications and data sets, regardless of where the data is stored. We trust that data storage security in Cloud Computing, a zone brimming with challenges and of fundamental significance, is still in its earliest stages now, and numerous examination issues are yet to be distinguished. In this paper, we examined the issue of data security in cloud data storage, to guarantee the rightness of customers' data in cloud data storage. We proposed a Hierarchical Attribute-Based Secure Outsourcing for moldable Access in Cloud computing which likewise guarantees data storage security and survivability accordingly giving put stock in condition to the customers. To battle against unapproved data spillage, delicate data must be encoded before outsourcing in order to give end-to-end data confidentiality affirmation in the cloud and past. It upgrades the security in the proposed model successfully.

A Novel Multi-Attribute Authority Based Encryption for Controlling Access to Cloud Data

Cloud computing has changed the way IT department are working with respect to outsourcing data and having controlled access to the data. In the new computing paradigm that supports on-demand services, the storage service became an attractive service for many cloud users. When data is outsourced to cloud, there is an issue of giving controlled access to the cloud data. Many schemes came into existence. Some of the schemes focus on auditing, provable data possession and proof of irretrievability. Some other schemes threw light into the access control on the cloud data. While giving privileges to accessing data attribute based encryption has achieved significant fine-grained control over the data. In this paper we propose a methodology that can allow controlled access to cloud data with multi-attribute authority based encryption. The multi-attribute based approach is used to make the scheme robust. Moreover the proposed approach is aimed at prevention of identity leakage and also achieves anonymity as well. We built a prototype application that demonstrates the proof of concept. The empirical results revealed that the proposed method improves access control significantly