A Survey on Decentralized Access Control Strategies for Data Stored in Clouds

ABSTRACT: This paper details about various methods prevailing in literature of anonymous authentication mechanisms for data stored in clouds. It is a Decentralized access of system in which every system have the access control of data . The Cloud which is a Secured storage area where the anonymous authentication is used, so that only the permitted users can be accessed. Decrypting of data can be viewed only by a valid users and can also stored information only by Valid users. This Scheme prevents Replay attack which mean Eaves Dropping can be avoided, Support Creation of data inside storage, Modifying the data by unknown users , and Reading data stored in Cloud. User can revocate the data only by addressing through the cloud. The authentication and accessing the Cloud is Robust, Hence Overall Communication Storage are been developed by comparing to the Centralized approaches. This paper would promote a lot of research in the area of Anonymous Authentication

Data security issues in cloud scenarios

The amount of data created, stored, and processed has enormously increased in the last years. Today, millions of devices are connected to the Internet and generate a huge amount of (personal) data that need to be stored and processed using scalable, efficient, and reliable computing infrastructures. Cloud computing technology can be used to respond to these needs. Although cloud computing brings many benefits to users and companies, security concerns about the cloud still represent the major impediment for its wide adoption. We briefly survey the main challenges related to the storage and processing of data in the cloud. In particular, we focus on the problem of protecting data in storage, supporting fine-grained access, selectively sharing data, protecting query privacy, and verifying the integrity of computations

Decentralized Anonymous User Authentication For Securing Data Storage in Cloud

The main objective of system is secure data storage on clouds. Cloud checks the authentication of the user without knowing the user’s identity. For encryption use Attribute Base Encryption algorithm (ABE) in which encryption is takes place and also set access policies. Decryption is only possible for valid users in Access control policy. System prevents replay attacks because of Attribute Base Signature algorithm (ABS) and provides the facilities for creation, modification, and reading data stored in the cloud. This scheme provides facility for user revocation by that user cannot access the data. Therefore, emphasize that cloud should take a decentralized approach which is robust instead of using access control schemes designed for clouds which are centralized. In this scheme there is one limitation is that the cloud already know the access policy for each record or user stored in the cloud. In future, system can also hide the attributes and access policy of a user. DOI: 10.17762/ijritcc2321-8169.15010

UNDETERMINED CIPHER LANGUAGE PROGRAMMING AND IMPLEMENTATION OF ITS APPLICATION

We advise impressive anti-collusion circuit clubpenguin-abe construction within this paper because clubpenguin-abe is conceptually nearer to sensational standard get entry to with-holding methods. There are two complementary types of attribute-based file encryption. Powerful first is key-policy attribute-based file encryption, and yet another is ciphertext-policy attribute-based file encryption. Additionally, guess that melodramatic symmetric cipher is 128-bit. Sudden bandwidth from spectacular transmitted ciphertext for that data owner grows using impressive increase from electrifying depths of circuit. For delegation computation, suspenseful servers could be employed to handle and calculate numerous data based on impressive user’s demands. As tense untrusted cloud servers who are able to translate suspenseful initial ciphertext right into a simple you could learn nothing concerning histrionic plaintext in electrifying delegation. Electrifying expense from melodramatic computation and communication consumption reveals that powerful plan is sensible within tense cloud-computing. thus, we're able to put it on make sure spectacular data confidentiality, electrifying fine grained get right of entry to self-discipline and likewise electrifying verifiable delegation in cloud. Throughout tense delegation increasing, a person could validate if sudden cloud server responds a proper transformed ciphertext to assist him/her decrypt electrifying ciphertext immediately and properly. Since insurance policy for general circuits enables to offer suspenseful most powerful type of inlet keep an eye on, a building for realizing circuit ciphertext-policy attribute-based hybrid file encryption with verifiable delegation continues to be considered within our work. In this system, coupled with verifiable computation and secure-then-mac mechanism, tense information confidentiality, sudden rare get admission to hinder and likewise tense decorousness from impressive indirect accruing answers are completely approved collectively

Constant-size threshold attribute based SignCryption for cloud applications

In this paper, we propose a novel constant-size threshold attribute-based signcryption scheme for securely sharing data through public clouds. Our proposal has several advantages. First, it provides flexible cryptographic access control, while preserving users’ privacy as the identifying information for satisfying the access control policy are not revealed. Second, the proposed scheme guarantees both data origin authentication and anonymity thanks to the novel use of attribute based signcryption mechanism, while ensuring the unlinkability between the different access sessions. Third, the proposed signcryption scheme has efficient computation cost and constant communication overhead whatever the number of involved attributes. Finally, our scheme satisfies strong security properties in the random oracle model, namely Indistinguishability against the Adaptive Chosen Ciphertext Attacks (IND-CCA2), Existential Unforgeability against Chosen Message Attacks (EUFCMA) and privacy preservation of the attributes involved in the signcryption process, based on the assumption that the augmented Multi-Sequence of Exponents Decisional Diffie-Hellman (aMSE-DDH) problem and the Computational Diffie Hellman Assumption (CDH) are hard

Survey on securing data storage in the cloud

Cloud Computing has become a well-known primitive nowadays; many researchers and companies are embracing this fascinating technology with feverish haste. In the meantime, security and privacy challenges are brought forward while the number of cloud storage user increases expeditiously. In this work, we conduct an in-depth survey on recent research activities of cloud storage security in association with cloud computing. After an overview of the cloud storage system and its security problem, we focus on the key security requirement triad, i.e., data integrity, data confidentiality, and availability. For each of the three security objectives, we discuss the new unique challenges faced by the cloud storage services, summarize key issues discussed in the current literature, examine, and compare the existing and emerging approaches proposed to meet those new challenges, and point out possible extensions and futuristic research opportunities. The goal of our paper is to provide a state-of-the-art knowledge to new researchers who would like to join this exciting new field

Attribute Based Encryption with Privacy Preserving In Clouds

Security and privacy are very important issues in cloud computing. In existing system access control in clouds are centralize d in nature. The scheme uses a symmetric key approach and does not supp ort authentication. Symmetric key algorithm uses same key for both encryption and decryption. The authors take a centralized approach where a single key distribution center (KDC) distribute secret keys and attributes to all users. A new decentralized acce ss control scheme for secure data storage in clouds that supports anonymous authentication. The validity of the user who stores the data is also verified. The proposed scheme is resilient to replay attacks. In this scheme using Secure Hash algorithm for au thentication purpose, SHA is the one of several cryptographic hash functions, most often used to verify that a file has been unaltered. The Paillier crypto system, is a probabilistic asymmetric algorithm for public key cryptography. Paillier algorithm used f or Creation of access policy, file accessing and file restoring process

ENABLING ANONYMOUS ENDORSEMENT IN CLOUDS WITH DECENTRALIZED ACCESS CONTROL

A decentralized access control scheme for data storage in clouds that supports anonymous authentication authentication. In this scheme, the cloud checks the validity of the series without knowing the user's identity before storing data. It also has the added feature of access control in which only valid users are able to decrypt the stored information. This prevents replay attacks and supports conception, variation, and reading data stored in the cloud. It also supports user revocation . This is an important property because a user, revoked of its attributes, might no longer be able to write to the cloud. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable to centralized approaches

Distributed access control with unknown validation of information stored in clouds

We propose another decentralized access control plan for secure information storage in clouds that backings anonymous validation. In the proposed plan, the cloud checks the arrangement's legitimacy without knowing the client's identity before storing information. Our plan likewise has the included element of access control in which just legitimate clients have the capacity to decrypt the stored data. The plan counteracts replay attacks and backings creation, change, and perusing information stored in the cloud. We likewise address client repudiation. Also, our verification and access control plan is decentralized and strong, not at all like different access control plans intended for clouds which are concentrated. The correspondence, calculation, and capacity overheads are similar to brought together methodologies

A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in IoT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for IoT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments