A novel SSGK to protect the communication process and shared data from unauthorized access

A cloud-based big data sharing system uses a storage facility from a cloud specialist co-op to impart data to authentic clients. As opposed to customary arrangements, cloud supplier stores the mutual data in the huge server farms outside the trust area of the data proprietor, which may trigger the issue of data classification. This paper proposes a secret sharing group key management convention (SSGK) to secure the correspondence procedure and shared data from unapproved get to. Not quite the same as the earlier works, a shared key is utilized to encode the common data and a secret sharing plan is utilized to circulate the shared key in SSGK. The broad security and execution investigations demonstrate that our convention profoundly limits the security and protection dangers of sharing data in distributed storage and spares about 12% of extra storage space

Survey on Encryption Techniques in Delay and Disruption Tolerant Network

Delay and disruption tolerant network (DTN) is used for long area communication in computer network, where there is no direct connection between the sender and receiver and there was no internet facility. Delay tolerant network generally perform store and forward techniques as a result intermediate node can view the message, the possible solution is using encryption techniques to protect the message. Starting stages of DTN RSA, DES, 3DES encryption algorithms are used but now a day\u27s attribute based encryption (ABE) techniques are used. Attribute based encryption technique can be classified in to two, key policy attribute based encryption (KPABE) and cipher policy attribute based encryption (CPABE). In this paper we perform a categorized survey on different encryption techniques presents in delay tolerant networks. This categorized survey is very helpful for researchers to propose modified encryption techniques. Finally the paper compares the performance and effectiveness of different encryption algorithms

An Improved Integrated Hash and Attributed based Encryption Model on High Dimensional Data in Cloud Environment

Cloud computing is a distributed architecture where user can store their private, public or any application software components on it. Many cloud based privacy protection solutions have been implemented, however most of them only focus on limited data resources and storage format. Data confidentiality and inefficient data access methods are the major issues which block the cloud users to store their high dimensional data. With more and more cloud based applications are being available and stored on various cloud servers, a novel multi-user based privacy protection mechanism need to design and develop to improve the privacy protection on high dimensional data. In this paper, a novel integrity algorithm with attribute based encryption model was implemented to ensure confidentiality for high dimensional data security on cloud storage. The main objective of this model is to store, transmit and retrieve the high dimensional cloud data with low computational time and high security. Experimental results show that the proposed model has high data scalability, less computational time and low memory usage compared to traditional cloud based privacy protection models

Improving privacy and security in decentralized ciphertext-policy attribute-based encryption

In previous privacy-preserving multi-authority attribute-based encryption (PPMA-ABE) schemes, a user can acquire secret keys from multiple authorities with them knowing his/her attributes and furthermore, a central authority is required. Notably, a user’s identity information can be extracted from his/her some sensitive attributes. Hence, existing PPMAABE schemes cannot fully protect users’ privacy as multiple authorities can collaborate to identify a user by collecting and analyzing his attributes. Moreover, ciphertext-policy ABE (CPABE) is a more efficient public-key encryption where the encryptor can select flexible access structures to encrypt messages. Therefore, a challenging and important work is to construct a PPMA-ABE scheme where there is no necessity of having the central authority and furthermore, both the identifiers and the attributes can be protected to be known by the authorities. In this paper, a privacy-preserving decentralized CP-ABE (PPDCPABE) is proposed to reduce the trust on the central authority and protect users’ privacy. In our PPDCP-ABE scheme, each authority can work independently without any collaboration to initial the system and issue secret keys to users. Furthermore, a user can obtain secret keys from multiple authorities without them knowing anything about his global identifier (GID) and attributes

Efficient Ciphertext-policy Attribute Based Encryption for Cloud-Based Access Control

Outsourcing data to some cloud servers enables a massive, flexible usage of cloud computing resources and it is typically held by different organizations and data owners. However, various security concerns have been raised due to hosting sensitive data on an untrusted cloud environment, and the control over such data by their owners is lost after uploading to the cloud. Access control is the first defensive line that forbids unauthorized access to the stored data. Moreover, fine-grained access control on the untrusted cloud can be enforced using advanced cryptographic mechanisms. Some schemes have been proposed to deliver such access control using Ciphertext-policy attribute based encryption (CP-ABE) that can enforce data owners’ access policies to achieve such cryptographic access control and tackle the majority of those concerns. However, some challenges are still outstanding due to the complexity of frequently changing the cryptographic enforcements of the owners’ access policies in the hosted cloud data files, which poses computational and communicational overheads to data owners. These challenges are: 1) making dynamic decisions to grant access rights to the cloud resources, 2) solving the issue of the revocation process that is considered as a performance killer, and 3) building a collusion resistant system. The aim of our work is to construct an access control scheme that provides secure storing and sharing sensitive data on the cloud and suits limited-resources devices. In this thesis, we analyse some of the existing, related issues and propose a scheme that extends the relevant existing techniques to resolve the inherent problems in CP-ABE without incurring heavy computation overhead. In particular, most existing revocation techniques require re-issuing many private keys for all non-revoked users as well as re-encrypting the related ciphertexts. Our proposed scheme offers a solution to perform a novel technique that dynamically changes the access privileges of legitimate users. The scheme drives the access privileges in a specific way by updating the access policy and activating a user revocation property. Our technique assigns processing-intensive tasks to cloud servers without any information leakage to reduce the computation cost on resource-limited computing devices. Our analytical theoretical and experimental findings and comparisons of our work with related existing systems indicate that our scheme is efficient, secure and more practical compared to the current related systems, particularly in terms of policy updating and ciphertext re-encryption. Therefore, our proposed scheme is suited to Internet of Things (IoT) applications that need a practical, secure access control scheme. Moreover, to achieve secure, public cloud storage and minimise the limitations of CP-ABE which mainly supports storing data only on a private cloud storage system managed by only one single authority, our proposed access control scheme is extended to a secure, critical access control scheme with multiple authorities. This scheme ought to be carefully designed to achieve fine-grained access control and support outsourced-data confidentiality. In addition, most existing multi-authority access control schemes do not properly consider the revocation issue due to the difficulty of addressing it in distributed settings. Therefore, building a multi-authority CP-ABE scheme along with addressing changes to policy attributes and users, have motivated many researchers to develop more suitable schemes with limited success. By leveraging the existing work, in this thesis, we propose a second CP-ABE scheme that tackles most of the existing work’s limitations and allows storing data securely on a public cloud storage system by employing multiple authorities which manage a joint set of attributes. Furthermore, the proposed scheme efficiently maintains the revocation by adapting the two techniques used in the first proposed single authority access control scheme to allow dynamic policy update and invalidate a revoked user’s secret key that eliminates collusion attacks. In terms of computation overhead, the proposed multi-authority scheme outsources expensive operations of encryption and decryption to a cloud server to mitigate the burden on a data owner and data users, respectively. Our scheme analysis and the theoretical and implemented results demonstrate that our scheme is scalable and efficient