Organize Cloud Data Access Privilege and Anonymity with Fully Nameless Attribute-Based Encryption

Cloud computing may be a computing ideas that allows once needed and low maintenance usage of resources, however the info is shares to some cloud servers and varied privacy connected issues emerge from it. Various schemes based on the Attribute-Based Encryption have been proposed to secure the cloud storage. However, most work focuses on the data contents privacy and the access control, while less attention is paid to the privilege control and the identity privacy. In this paper, we present a semianonymous privilege control scheme AnonyControl to address not only the data privacy, but also the user identity privacy in existing access control schemes. Anony Control decentralizes the central authority to limit the identity leakage and thus achieves semianonymity. Besides, it also generalizes the file access control to the privilege control, by which privileges of all operations on the cloud data can be managed in a fine-grained manner. Our security analysis shows that both AnonyControl and AnonyControl-F are secure under the decisional bilinear Diffie–Hellman assumption, and our performance evaluation exhibits the feasibility of our schemes

Криптографические протоколы и примитивы в сетях интернета вещей

В статье рассмотрены криптографические протоколы и примитивы, которые могут быть использованы в сетях интернета вещей. Интернет вещей предполагает объединение в информационную сеть многих аспектов частной жизни человека и поэтому требует особой защиты. В данной работе рассматривается вопрос применимости атрибутно-основанного шифрования и легковесных криптографических примитивов в системах интернета вещей

A NOVEL STUDY FOR MANAGING PRIVACY OF DATA AND USER IN ACCESS CONTROL METHODS

Different methods were proposed to defend data contents confidentiality by means of access control. We need to attain a multi-authority cipher text based encryption which achieves security; assurance privacy of data consumer identity information; as well as tolerating compromise attacks on authorities hence we propose a framework to permit cloud servers to manage user access privileges without finding of their identity data. While people are more worried regarding their identity privacy, it moreover needs to be protected prior to cloud entering our life.  Any of the authority or else server alone should not make out any client’s personal data.  It decentralizes central authority to confine identity leakage and as a result gets semi-anonymity and generalizes file access control to privilege control, by which privileges of the entire operations on cloud data are managed within an efficient way. The proposed framework not only data privacy, but also user identity privacy within existing access control methods

FUZZY-BASED CRYPTOSYSTEM FOR REVOLUTIONARY OPEN NETS

In literature many techniques were suggested to preserve the privacy of understanding contents by way of access control. In literature previous works have focussed on privacy of understanding contents furthermore to get into control, while less focus is produced towards privilege control furthermore to identity privacy. We offer a privilege control technique that's semi-anonymous for dealing the problems of understanding privacy but in addition privacy of user identity within the existed plan of access control. This privilege control method decentralizes central authority to limit leakage of identity and thus gains semi-anonymity along with the plan's tolerant against authority compromise.  It permit cloud servers to cope with user access legal rights missing of knowing their identity information along with the suggested plan's capable of defend user privacy against each and every authority and here partial details are disclosed

Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption

© 2017 IEEE. The Internet of Things (IoT) has penetrated deeply into our lives and the number of IoT devices per person is expected to increase substantially over the next few years. Due to the characteristics of IoT devices (i.e., low power and low battery), usage of these devices in critical applications requires sophisticated security measures. Researchers from academia and industry now increasingly exploit the concept of blockchains to achieve security in IoT applications. The basic idea of the blockchain is that the data generated by users or devices in the past are verified for correctness and cannot be tampered once it is updated on the blockchain. Even though the blockchain supports integrity and non-repudiation to some extent, confidentiality and privacy of the data or the devices are not preserved. The content of the data can be seen by anyone in the network for verification and mining purposes. In order to address these privacy issues, we propose a new privacy-preserving blockchain architecture for IoT applications based on attribute-based encryption (ABE) techniques. Security, privacy, and numerical analyses are presented to validate the proposed model

An Enhanced Efficient User Revocation Mechanism on Top of Anonymous ABE

Now days there are a number of applications which uses the cloud storage service for storing and accessing information. In such conditions the data owner management and privacy preservation cryptographic techniques are used frequently. We spoke to a protection safeguarding access control plot for information stockpiling, which underpins validation and decentralized key administration. AnonyControl to deliver to the information security, and the client character protection in existing access control plans. Here we utilize the client disavowal in clients to actuating and deactivating clients. Renounced clients are kept up in the disavow client rundown and make openly accessible in the cloud. Client deny will choose which client ought to may in distributed storage server to get to information or which will expel. The information get to benefit will rely on rowdiness of client in cloud server. Characteristic based Encryption (ABE) procedure is viewed as a most dependable cryptographic leading instrument to ensure information proprietor's immediate control on their information out in the open distributed storage. The past ABE plans include one and only power to keep up the total property set, which can bring a solitary point block on both security and execution. Paper proposed the outline, an expressive, proficient and revocable decentralized way information get to control plot for multi-power distributed storage frameworks

Assessing data breach risk in cloud systems

The emerging cloud market introduces a multitude of cloud service providers, making it difficult for consumers to select providers who are likely to be a low risk from a security perspective. Recently, significant emphasis has arisen on the need to specify Service Level Agreements that address security concerns of consumers (referred to as SecSLAs) - these are intended to clarify security support in addition to Quality of Service characteristics associated with services. It has been found that such SecSLAs are not consistent among providers, even though they offer services with similar functionality. However, measuring security service levels and the associated risk plays an important role when choosing a cloud provider. Data breaches have been identified as a high priority threat influencing the adoption of cloud computing. This paper proposes a general analysis framework which can compute risk associated with data breaches based on pre-agreed SecSLAs for different cloud providers. The framework exploits a tree based structure to identify possible attack scenarios that can lead to data breaches in the cloud and a means of assessing the use of potential mitigation strategies to reduce such breaches

Context-Aware Attribute-Based Techniques for Data Security and Access Control in Mobile Cloud Environment

The explosive growth of mobile applications and Cloud computing has enabled smart mobile devices to host various Cloud-based services such as Google apps, Instagram, and Facebook. Recent developments in smart devices‟ hardware and software provide seamless interaction between the users and devices. As a result, in contrast to the traditional user, the mobile user in mobile Cloud environment generates a large volume of data which can be easily collected by mobile Cloud service providers. However, the users do not know the exact physical location of their personal data. Hence, the users cannot control over their data once it is stored in the Cloud. This thesis investigates security and privacy issues in such mobile Cloud environments and presents new user-centric access control techniques tailored for the mobile Cloud environments. Most of the work to date has tried to address the data security issues on the Cloud server and only little attention has been given to protect the users‟ data privacy. One way to address the privacy issues is to deploy access control technique such as Extensible Access Control Markup Language (XACML) to control data access on users‟ data. XACML defines a standard of access control policies, rule obligations and conditions in data access control. XACML utilizes Extensible Markup Language (XML) schema to define attributes of data requesters, resources, and environment in order to evaluate access requests. A user-centric attribute-based access control model using XACML which enables users to define privacy access policies over the personal data based on their preferences is presented. In order to integrate the data security and user‟s privacy in mobile Cloud environment, the thesis investigates attribute-based encryption (ABE) scheme. ABE scheme enables data owners to enforce access policies during the encryption. Context-related attributes such as requester‟s location and behavior are incorporated within ABE scheme to provide data security and user privacy. This will enable the mobile data owners to dynamically control the access to their data at runtime. In order to improve the performance, a solution that offloads the high-cost computational work and communications from the mobile device to the Cloud is proposed. Anonymisation techniques are applied in the key issuing protocol so that the users‟ identities are protected from being tracked by the service providers during transactions. The proposed schemes are secure from known attacks and hence suitable for mobile Cloud environment. Security of the proposed schemes is formally analyzed using standard methods