2,140 research outputs found
AnonyControl: Control Cloud Data Anonymously with Multi-Authority Attribute-Based Encryption
Cloud computing is a revolutionary computing paradigm which enables flexible,
on-demand and low-cost usage of computing resources. However, those advantages,
ironically, are the causes of security and privacy problems, which emerge
because the data owned by different users are stored in some cloud servers
instead of under their own control. To deal with security problems, various
schemes based on the Attribute- Based Encryption (ABE) have been proposed
recently. However, the privacy problem of cloud computing is yet to be solved.
This paper presents an anonymous privilege control scheme AnonyControl to
address the user and data privacy problem in a cloud. By using multiple
authorities in cloud computing system, our proposed scheme achieves anonymous
cloud data access, finegrained privilege control, and more importantly,
tolerance to up to (N -2) authority compromise. Our security and performance
analysis show that AnonyControl is both secure and efficient for cloud
computing environment.Comment: 9 pages, 6 figures, 3 tables, conference, IEEE INFOCOM 201
PHOABE : securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT
Attribute based encryption (ABE) is an encrypted access control mechanism that ensures efficient data sharing among dynamic group of users. Nevertheless, this encryption technique presents two main drawbacks, namely high decryption cost and publicly shared access policies, thus leading to possible users’ privacy leakage.
In this paper, we introduce PHOABE, a Policy-Hidden Outsourced ABE scheme. Our construction presents several advantages. First, it is a multi-attribute authority ABE scheme. Second, the expensive computations for the ABE decryption process is partially delegated to a Semi Trusted Cloud Server. Third, users’ privacy is protected thanks to a hidden access policy. Fourth, PHOABE is proven to be selectively secure, verifiable and policy privacy preserving under the random oracle model. Five, estimation of the processing overhead proves its feasibility in IoT constrained environments
Attribute-based encryption for cloud computing access control: A survey
National Research Foundation (NRF) Singapore; AXA Research Fun
Using Attribute-Based Access Control, Efficient Data Access in the Cloud with Authorized Search
The security and privacy issues regarding outsourcing data have risen significantly as cloud computing has grown in demand. Consequently, since data management has been delegated to an untrusted cloud server in the data outsourcing phase, data access control has been identified as a major problem in cloud storage systems. To overcome this problem, in this paper, the access control of cloud storage using an Attribute-Based Access Control (ABAC) approach is utilized. First, the data must be stored in the cloud and security must be strong for the user to access the data. This model takes into consideration some of the attributes of the cloud data stored in the authentication process that the database uses to maintain data around the recorded collections with the user\u27s saved keys. The clusters have registry message permission codes, usernames, and group names, each with its own set of benefits. In advance, the data should be encrypted and transferred to the service provider as it establishes that the data is still secure. But in some cases, the supplier\u27s security measures are disrupting. This result analysis the various parameters such as encryption time, decryption time, key generation time, and also time consumption. In cloud storage, the access control may verify the various existing method such as Ciphertext Policy Attribute-Based Encryption (CP-ABE) and Nth Truncated Ring Units (NTRU). The encryption time is 15% decreased by NTRU and 31% reduced by CP-ABE. The decryption time of the proposed method is 7.64% and 14% reduced by the existing method
Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data
In a traditional cloud storage system, users benefit from the convenience it
provides but also take the risk of certain security and privacy issues. To
ensure confidentiality while maintaining data sharing capabilities, the
Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme can be used to
achieve fine-grained access control in cloud services. However, existing
approaches are impaired by three critical concerns: illegal authorization, key
disclosure, and privacy leakage.
To address these, we propose a blockchain-based data governance system that
employs blockchain technology and attribute-based encryption to prevent privacy
leakage and credential misuse. First, our ABE encryption system can handle
multi-authority use cases while protecting identity privacy and hiding access
policy, which also protects data sharing against corrupt authorities. Second,
applying the Advanced Encryption Standard (AES) for data encryption makes the
whole system efficient and responsive to real-world conditions. Furthermore,
the encrypted data is stored in a decentralized storage system such as IPFS,
which does not rely on any centralized service provider and is, therefore,
resilient against single-point failures. Third, illegal authorization activity
can be readily identified through the logged on-chain data. Besides the system
design, we also provide security proofs to demonstrate the robustness of the
proposed system.Comment: 23 pages, 19 algorithms, 1 figur
A Practical Framework for Storing and Searching Encrypted Data on Cloud Storage
Security has become a significant concern with the increased popularity of
cloud storage services. It comes with the vulnerability of being accessed by
third parties. Security is one of the major hurdles in the cloud server for the
user when the user data that reside in local storage is outsourced to the
cloud. It has given rise to security concerns involved in data confidentiality
even after the deletion of data from cloud storage. Though, it raises a serious
problem when the encrypted data needs to be shared with more people than the
data owner initially designated. However, searching on encrypted data is a
fundamental issue in cloud storage. The method of searching over encrypted data
represents a significant challenge in the cloud.
Searchable encryption allows a cloud server to conduct a search over
encrypted data on behalf of the data users without learning the underlying
plaintexts. While many academic SE schemes show provable security, they usually
expose some query information, making them less practical, weak in usability,
and challenging to deploy. Also, sharing encrypted data with other authorized
users must provide each document's secret key. However, this way has many
limitations due to the difficulty of key management and distribution.
We have designed the system using the existing cryptographic approaches,
ensuring the search on encrypted data over the cloud. The primary focus of our
proposed model is to ensure user privacy and security through a less
computationally intensive, user-friendly system with a trusted third party
entity. To demonstrate our proposed model, we have implemented a web
application called CryptoSearch as an overlay system on top of a well-known
cloud storage domain. It exhibits secure search on encrypted data with no
compromise to the user-friendliness and the scheme's functional performance in
real-world applications.Comment: 146 Pages, Master's Thesis, 6 Chapters, 96 Figures, 11 Table
- …