A Study On Secure Data Storage In Public Clouds

This paper focuses on the study of various existing cloud storage mechanisms with their related security frameworks for realizing the efficient cloud storage in a secured environment. The key feature for the growing popularity of cloud computing relies on the efficient management of stored data in a highly secure way for remote accessing. Ensuring the integrity and availability of user’s data stored in the cloud has always been an important aspect for its quality of service. While storing data in cloud, lots of issues with respect to security are being cropping out as clients have no direct physical control over their outsourced data. In addition, their vulnerabilities to external threats are increasing as cloud provides storage and accessing services via world-wide domain networking. This study will help in identifying different performance measures for secure available of data in cloud storage mechanisms

A systematic literature review of cloud computing in eHealth

Cloud computing in eHealth is an emerging area for only few years. There needs to identify the state of the art and pinpoint challenges and possible directions for researchers and applications developers. Based on this need, we have conducted a systematic review of cloud computing in eHealth. We searched ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as well as relevant open-access journals for relevant articles. A total of 237 studies were first searched, of which 44 papers met the Include Criteria. The studies identified three types of studied areas about cloud computing in eHealth, namely (1) cloud-based eHealth framework design (n=13); (2) applications of cloud computing (n=17); and (3) security or privacy control mechanisms of healthcare data in the cloud (n=14). Most of the studies in the review were about designs and concept-proof. Only very few studies have evaluated their research in the real world, which may indicate that the application of cloud computing in eHealth is still very immature. However, our presented review could pinpoint that a hybrid cloud platform with mixed access control and security protection mechanisms will be a main research area for developing citizen centred home-based healthcare applications

Ex-HABE with User Accountability for Secure Access Control in Cloud

Data outsourcing is becoming a useful and feasible paradigm with the rapid application of service-oriented technologies. Many researchers have tried combination of access control and cryptography to propose a model to protect sensitive information in this outsourcing scenario. However, these combinations in existing approaches have difficulty in key management and key distribution when fine-grained data access is required. Taking the complexity of fine-grained access control policy and the wide-reaching users of cloud in account, this issue would become extremely difficult to iron out. Various system models using attribute-based encryption (ABE) have been proposed however, most of them suffer from heavy overhead in implementing the access control policies. In this paper, a system is proposed with extended hierarchical attribute-based encryption (HABE) by using ciphertext-policy attribute-based encryption (ABE). It uses the hierarchical structure of users and bilinear mapping for generating the keys for various data handlers. Also the system focuses on user tracking by allocating an unique id to user. The system uses traitor tracing along with separation of duty made available by HABE and reduces the scope of key abuse. It is formally proved extended HABE with traitor tracing adds on to user accountability if user tracking for resource is maintained for hierarchical systems. DOI: 10.17762/ijritcc2321-8169.16042

ROLE BASED SECURED ACCESS OF DATA IN CLOUDS

In mobile wireless sensor network, coverage and energyCloud computing is a type of internet-based computing that provides shared computer processing resources and data to computers and other devices on demand. It is a model for enabling ubiquitous, on-demand access to a shared pool of configurable computing resources e.g., computer networks, servers, storage, applications and services, which can be rapidly provisioned and released with minimal management effort. Attribute-based access control defines an access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together. The policies can use any type of attributes such as user attributes, resource attributes, object and environment attributes etc. This model supports Boolean logic, in which rules contain "if-then" statements about who is making the request, the resource and the action. The main problem in attribute–based access control is not having user-centric approach for authorization rules. In ABAC model role hierarchy and object hierarchy is not achieved and restriction in level of expressiveness in access control rules.Secured role-based access control allows managing authorization based on rule-based approach where rules are under the control of data owner and provides enriched role-based expressiveness including role and object hierarchies. Data user without the knowledge of data owner cannot use the cloud server where privilege is provided to data user by data owner. Access control computations are delegated to the cloud service provider, being this not only unable to access the data, but also unable to release it to unauthorized parties. A identity-based proxy re-encryption scheme has been used in order to provide a comprehensive and feasible solution for data centric-approach. Semantic web technologies have been exposed for the representation and evaluation of the authorization model