Decentralized Access Control Based Crime Analysis

Transcription

1 International Journal of Computer Systems (ISSN: ), Volume 03 Issue 02, February, 2016 Available at a Badhusha S, a Chippy Raju, a Dhanya V.S, a Nazila A.N, a Syamini S, b Suja Vijayan, c Jooby E Ȧ College of Engineering, Perumon, Kerala, India B Department of Information Technology, College of Engineering, Perumon, Kerala, India C Department of computer science, College of Engineering, Perumon, Kerala, India Abstract For securing data in cloud, we propose a new privacy preserving authenticated access control scheme. In this scheme, mainly cloud verifies the users authenticity. And this be done without knowing the users identity before storing information. It also has some added features of access control in which, only the authorized or valid users are able to decrypt the stored information. It also support modification, creation and reading data within the cloud and prevent replay attacks. One of the main advantages of this scheme is the authentication and access control. But in other schemes access control designed for clouds are centralized. And the scheme is also robust and decentralized. The properties that are comparable to centralized approaches are communication, computation and storage. Keywords: Access control, authentication, attribute based signature, attribute based encryption, cloud storage. I. INTRODUCTION Cloud computing, also known as 'on-demand computing', is a kind of Internet-based computing, where shared resources, data and information are provided to computers and other devices on-demand. Cloud computing has now become a highly demanded service or utility due to the advantages of high computing power, cheap cost of services, high performance, scalability, accessibility as well as availability. Cloud vendors are experiencing growth. As cloud computing provides storage space, a large amount of redundant data is being stored and shared by users with specified privilege, which define the access rights of the stored data. In cloud computing by using the internet users can outsource their computation and storage to servers. This help the servers from the hassles of maintaining resources on-site. One significant challenge of cloud storage services is the management of the ever-increasing volume of data. Cloud computing provides a low cost, scalable, location independent infrastructure for data management and storage. The rapid adoption of cloud services is accompanied by increasing volumes of data stored at remote servers, hence techniques for saving disk space and network bandwidth are needed. A central upcoming concept in this context is deduplication, where the server stores a single copy of each file, in spite of how many clients asked to store that file. All clients that store the file merely use links to the single copy of the file stored at the server. Moreover, if the server already has a copy of the file then clients do not even need to store it again to the server, thus saving bandwidth as well as storage. In a typical storage system with deduplication, a client first uploads the data, the third party auditor which is a trusted one,computes the hash value from the data which is uploaded by the user and this hash value acts as the convergent key and the third party auditor checks if that hash value already exists in its database. if the hash is not in the database then the entire file will be stored in the cloud and the corresponding convergent key will be stored in the hash table. Otherwise, since the file already exists,the convergent key will be in the hash table (potentially uploaded by someone else),then the convergent key generated for the already uploaded file will be shared to the current user thereby only one physical copy exists in the cloud. That is, only one physical copy of that redundant file is stored in the cloud. Several types of services like applications are provided by cloud. Since servers are provided to a remote server security and privacy are of major concern in cloud computing. User privacy is one of the important factor. The cloud can hold the user accountable for the data it outsources and likewise the cloud itself accountable for the services it provides. Access control in clouds is gaining attention because it is important that only authorized users have access to valid service. A huge amount of information is being stored in the cloud, and much of this is sensitive information. Care should be taken to ensure access control of this sensitive information which can often be related to health, important documents (as in Google Docs or Dropbox) or even personal information (as in social networking). There are broadly three types of access control: user-based access control (UBAC), role-based access control (RBAC), and attribute-based access control (ABAC). In UBAC, the access control list contains the list of users who are authorized to access data. This is not feasible in clouds where there are many users. In RBAC users are classified based on their individual roles. Data can be accessed by users who have matching roles. The roles are defined by the system. For example, only faculty members and senior secretaries might have access to data but not the junior secretaries. ABAC is more extended in scope, in which users are given attributes, and the data has attached access policy. Only 94 International Journal of Computer Systems, ISSN-( ), Vol. 03, Issue 02, February, 2016

2 users with valid set of attributes, satisfying the access policy, can access the data. All these work use a cryptographic primitive known as attribute based encryption (ABE). The extensible access control markup language proposed for ABAC in clouds. An area where access control is widely being used is health care. Clouds are being used to store sensitive information about patients to enable access to medical professionals, hospital staff, researchers, and policy makers. It is important to control the access of data so that only authorized users can access the data. Using ABE, the records are encrypted under some access policy and stored in the cloud. Users are given sets of attributes and corresponding keys. Only when the users have matching set of attributes, can they decrypt the information stored in the cloud. Access control is also gaining importance in online social networking where users (members) store their personal information, pictures, videos and share them with selected groups of users or communities they belong to. Such data are being stored in clouds. It is very important that only the authorized users are given access to those information However, the authors take a centralized approach where a single key distribution center (KDC) distributes secret keys and attributes to all users. Unfortunately, a single KDC is not only a single point of failure but difficult to maintain because of the large number of users that are supported in a cloud environment. We, therefore, emphasize that clouds should take a decentralized approach while distributing secret keys and attributes to users. It is also quite natural for clouds to have many KDCs in different locations in the world we extend our previous work with added features that enables to authenticate the validity of the message without revealing the identity of the user who has stored information in the cloud. In this version we also address user revocation. We use ABS scheme to achieve authenticity and privacy. our scheme is resistant to replay attacks, in which a user can replace fresh data with stale data from a previous write, even if it no longer has valid claim policy. This is an important property because a user, revoked of its attributes, might no longer be able to write to the cloud. We, therefore, add this extra feature in our scheme. Our scheme also allows writing multiple times which was not permitted in our earlier work. 1.1 Our Contributions The main contributions of this paper are the following: 1. Distributed access control of data stored in cloud so that only authorized users with valid attributes can access them. 2. Authentication of users who store and modify their data on the cloud. 3. The identity of the user is protected from the cloud during authentication. 4. The architecture is decentralized, meaning that there can be several KDCs for key management. 5. The access control and authentication are both collusion resistant, meaning that no two users can collude and access data or authenticate themselves, if they are individually not authorized. 6. Revoked users cannot access data after they have been revoked. 7. The proposed scheme is resilient to replay attacks. A writer whose attributes and keys have been revoked cannot write back stale information. 8. The protocol supports multiple read and write on the data stored in the cloud. 9. The costs are comparable to the existing centralized approaches, and the expensive operations are mostly done by the cloud. II. RELATED WORK In ABE, a user has a set of attributes in addition to its unique ID. There are two classes of ABEs. In key-policy ABE or KP-ABE (Goyal et al. [27]), the sender has an access policy to encrypt data. A writer whose attributes and keys have been revoked cannot write back stale information. The receiver receives attributes and secret keys from the attribute authority and is able to decrypt information if it has matching attributes. In Ciphertextpolicy, CP-ABE ([28], [29]), the receiver has the access policy in the form of a tree, with attributes as leaves and monotonic access structure with AND, OR and other threshold gates. All the approaches take a centralized approach and allow only one KDC, which is a single point of failure. Chase [30] proposed a multi authority ABE, in which there are several KDC authorities (coordinated by a trusted authority) which distribute attributes and secret keys to users. Multi authority ABE protocol was studied in [31] and [32], which required no trusted authority which requires every user to have attributes from at all the KDCs III. IMPLEMENTATION In this section, we present our cloud storage model, adversary model and the assumptions we have made in the paper. Table 1 presents the notations used throughout the paper. We also describe mathematical background used in our proposed solution. A. Assumptions We make the following assumptions in our work: 1. The cloud is honest-but-curious, which means that the cloud administrators can be interested in viewing user s content, but cannot modify it. Honest-but-curious model of adversaries do not tamper with data so that they can keep the system functioning normally and remain undetected. 2. Users can have either read or write or both accesses to a file stored in the cloud. 3. All communications between users/clouds are secured by secure shell protocol, SSH. B. Formats of Access Policies Access policies can be in any of the following formats: a. Boolean functions of attributes, 95 International Journal of Computer Systems, ISSN-( ), Vol. 03, Issue 02, February, 2016

3 b. Linear secret sharing scheme (LSSS) matrix of the data [1], or c. Monotone span programs Then, HABE scheme is defined by presenting randomized polynomial time algorithms as follows: Attribute-Based Encryption: a) System Initialization b) Key Generation and Distribution by KDCs c) Encryption by Sender d) Decryption by Receiver Attribute-Based Signature Scheme: a) System Initialization b) User Registration c) KDC Setup d) Attribute Generation e) Sign f) Verify C. Hierarchical attribute-based Encryption This scheme Hierarchical attribute-based encryption (HABE) consists of a root master (RM) that corresponds to the third trusted party (TTP),multiple domain masters (DMs) in which the top-level DMs correspond to multiple enterprise users, and numerous users that correspond to all personnel in an enterprise. This scheme used the property of hierarchical generation of keys in HIBE scheme to generate keys. Setup (K) (params,mk0): The RM takes a sufficiently large security parameter K as input, and outputs system parameters params and root master key MK0. CreateDM(params,MKi, PKi+1) (MKi+1): Whether the RM or the DM generates master keys for the DMs directly under it using params and its master key. CreateUser(params,MKi, PKu, PKa) (SKi,u, SKi,u,a): The DM first checks whether U is eligible for a, which is administered by itself. If so, it generates a user identity secret key and a user attribute secret key for U, using params and its master key; otherwise, it outputs NULL. Encrypt(params; f ;A; {PKa a E A}) (CT): A user takes a file f, a DNF access control policy A, and public keys of all attributes in A, as inputs, and outputs a ciphertext CT. Decrypt(params,CT,SKi,u,{SKi,u,a aeccj} (f):a user,whose attributes satisfy the j-th conjunctive clause CCj, takes params, the ciphertext, the user identity secret key, and the user attribute secret keys on all attributes in CCj, as inputs, to recover the plaintext. IV. PROPOSED PRIVACY PRESERVING AUTHENTICATED ACCESS CONTROL SCHEME In this section, we propose our privacy preserving authenticated access control scheme. According to our scheme a user can create a file and store it securely in the cloud. This scheme consists of use of the two protocols ABE and ABS, There are three users, a creator, a reader, and writer. Creator Alice receives a token _ from the trustee, who is assumed to be honest. A trustee can be someone like the federal government who manages social insurance numbers etc. 96 International Journal of Computer Systems, ISSN-( ), Vol. 03, Issue 02, February, 2016

4 On presenting her id (like health/social insurance number), the trustee gives her a token _. There are multiple KDCs (here 2), which can be scattered. For example, these can be servers in different parts of the world. A creator on presenting the token to one or more KDCs receives keys for encryption/decryption and signing. In the Fig. 1, SKs are secret keys given for decryption, Kx are keys for signing. The message MSG is encrypted under the access policy X. The access policy decides who can access the data stored in the cloud. The creator decides on a claim policy Y, to prove her authenticity and signs the message under this claim. The ciphertext C with signature is c, and is signature and stores the ciphertext C. When a reader wants to read, the cloud sends C. If the user has attributes matching with access policy, it can decrypt and get back original message. When a reader wants to read some data stored in the cloud, it tries to decrypt it using the secret keys it receives from the KDCs. If it has enough attributes matching with the access policy, then it decrypts the information stored in the cloud. Data Storage in Clouds A user Uu have one or more trustees. This is used to prevent to the replay attacks. In this time data is not sent, then the user can write previous stale message back to the cloud with a valuable signature, even when its claim policy and attributes have been revoked. Reading from the Cloud: The user requests data from the cloud, the cloud sends the ciphertext using SSH protocol. Decryption proceeds using algorithm ABE. Writing to the Cloud: The user must send its message with the claim policy as done during file creation. The cloud verifies the claim policy, and only if the user is authentic is allowed to write on the file. User Revocation: It should be ensured that users must not have the ability to access data, even if they possess matching set of attributes. V. SECURITY OF THE PROTOCOL We will explain that our scheme authenticates a user who wants to write to the cloud. A user should only write provided the cloud is able to validate it access to the claim. An invalid user cannot receive the attributes from a KDC, if it do not have the credentials from the trustee. If a user s credentials are revoked, then it cannot replace data with previous data, thus preventing replay attacks. Theorem 1. Our access control scheme is secure, collusion resistant and allows access only to authorized users. Theorem 2. Our authentication data is correct, collusion secure, resistant to the replay of attacks, and protects privacy of the user. Next we confirm that only a valid user with valid access claim is only able to store the message in the cloud. A user who wants to create a file and tries to make a wrong access claim, cannot do so, since it will not have attribute keys Kx from the related KDCs. Since the message is encrypted, a user without valid access policy cannot decrypt and change the information. A. RSA Algorithm RSA algorithm is used for securing user s details(contents in PHR). RSA is a public key encryption algorithm. RSA involves a public key and a private key. The public key can be known by everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted in a reasonable amount of time using the private key. The keys for the RSA algorithm are generated the following way: 1. Choose two distinct prime numbers p and q. For security purposes, the integers p and q should be chosen at random, and should be of similar bitlength. Prime integers can be efficiently found using a primality test. 2. Compute n = pq. n is used as the modulus for both the public and private keys. Its length, usually expressed in bits, is the key length. 3. Compute φ(n) = φ(p)φ(q) = (p 1) (q 1), where φ is Euler's totient function. 4. Choose an integer e such that 1 < e < φ(n) and gcd(e, φ(n)) = 1; i.e. e and φ(n) are co prime. e is released as the public key exponent and having a short bit-length and small Hamming weight results in more efficient encryption most commonly = 65,537. However, much smaller values of e (such as 3) have been shown to be less secure in some settings. 5. Determine d as d 1 e (mod φ(n)), i.e., d is the multiplicative inverse of e (modulo φ(n)). This is more clearly stated as solve for d given d e 1 (mod φ(n)). This is often computed using the extended Euclidean algorithm. d is kept as the private key exponent. 97 International Journal of Computer Systems, ISSN-( ), Vol. 03, Issue 02, February, 2016

5 B. Encryption Alice transmits her public key (n, e) to Bob and keeps the private key secret. Bob then wishes to send message M to Alice. He first turns M into an integer m, such that 0 m < n by using an agreed-upon reversible protocol known as a padding scheme. He then computes the ciphertext c corresponding to. This can be done quickly using the method exponentiation by squaring. Bob then transmits c to Alice. 14th Int l Conf. Financial Cryptography and Data Security, pp , [5] H. Li, Y. Dai, L. Tian, and H. Yang, Identity-Based Authentication for Cloud Computing, Proc. First Int l Conf. Cloud Computing (CloudCom), pp , [6] C. Gentry, A Fully Homomorphic Encryption Scheme, PhD dissertation, Stanford Univ., craig, [7] A.-R. Sadeghi, T. Schneider, and M. Winandy, Token-Based Cloud Computing, Proc. Third Int l Conf. Trust and Trustworthy Computing (TRUST), pp , C. Decryption Alice can recover m from c by using her private key exponent d via computing.given m, she can recover the original message M by reversing the padding scheme. VI. CONCLUSION We have presented a decentralized access control technique with anonymous authentication, which provides user revocation and prevents replay attacks. The cloud does not know the identity of the user who stores information, but only verifies the user s credentials. Key distribution is done in a decentralized way. One limitation is that the cloud knows the access policy for each record stored in the cloud. In future, we would like to hide the attributes and access policy of a user. ACKNOWLEDGEMENT We are greatly indebted to God Almighty for being the guiding light throughout with his abundant grace and blessing that strengthened us to do this endeavour with confidence. We express our heartfelt gratitude towards Prof. Z.A ZOYA, Principal, College of Engineering Perumon, for extending all the facilities required for doing our project. We would also like to thank Dr Dheebha J, Head, Department of Computer Engineering, for providing constant support and encouragement. Now We extend our sincere thanks to our project co-ordinator Mrs.Jooby E, Assistant professor of Computer Science Department and project guide Dr. Suja Vijayan, Assistant professor of Information technology Department for guiding our work and providing timely advices and valuable suggestions. Last but not the least; we extend our heartfelt gratitude to our parents and friends for their support and assistance. REFERENCES [1] S.Ruj,M.Stojmenovic, and A.Nayak,Privacy Preserving Acess Control with Authentication for Securing Data in Clouds, Proc. IEEE/ACM Int l Symp. Cluster, Cloud and Grid Computing, pp , [2] C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou, Toward Secure and Dependable Storage Services in Cloud Computing, IEEE Trans. Services Computing, vol. 5, no. 2, pp , Apr.-June [3] J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, Fuzzy Keyword Search Over Encrypted Data in Cloud Computing, Proc. IEEE INFOCOM, pp , [4] S. Kamara and K. Lauter, Cryptographic Cloud Storage, Proc. 98 International Journal of Computer Systems, ISSN-( ), Vol. 03, Issue 02, February, 2016