Secure Data Sharing using Attribute Based Encryption with Revocation in Cloud Computing

Similar documents
EFFICIENT DATA SHARING WITH ATTRIBUTE REVOCATION FOR CLOUD STORAGE

Session Based Ciphertext Policy Attribute Based Encryption Method for Access Control in Cloud Storage

User Revocation And Fine Grained Access Control Of Phr In Cloud Using Hasbe

Secure Data Storage and Data Retrieval in Cloud Storage using Cipher Policy Attribute based Encryption

A LTERATURE SURVEY ON REVOCABLE MULTIAUTHORITY CIPHER TEXT-POLICY ATTRIBUTE-BASED ENCRYPTION (CP-ABE) SCHEME FOR CLOUD STORAGE

HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES

PRIVACY PRESERVING RANKED MULTI KEYWORD SEARCH FOR MULTIPLE DATA OWNERS. SRM University, Kattankulathur, Chennai, IN.

Attribute Based Encryption with Privacy Protection in Clouds

Clock-Based Proxy Re-encryption Scheme in Unreliable Clouds

IMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING

Efficient Auditable Access Control Systems for Public Shared Cloud Storage

Implementation of Decentralized Access Control with Anonymous Authentication in Cloud

Secure Role-Based Access Control on Encrypted Data in Cloud Storage using ARM

Volume 6, Issue 1, January 2018 International Journal of Advance Research in Computer Science and Management Studies

Insecurity of an Dynamic User Revocation and Key Refreshing for Attribute-Based Encryption Scheme

Time-Based Proxy Re-encryption Review

A Less Weight Secure Data Sharing Scheme for Mobile Cloud Computing

ISSN Vol.04,Issue.05, May-2016, Pages:

Enhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms

Secure Data Sharing in Cloud Computing: Challenges and Research Directions

International Journal of Advanced Research in Computer Science and Software Engineering

A compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems.

AES and DES Using Secure and Dynamic Data Storage in Cloud

International Journal of Advance Research in Engineering, Science & Technology

On the Insecurity of a Method for Providing Secure and Private Fine-Grained Access to Outsourced Data

Security Weaknesses of an Anonymous Attribute Based Encryption appeared in ASIACCS 13

A Procedural Based Encryption Technique for Accessing Data on Cloud

Collusion-Resistant Group Key Management Using Attributebased

Various Attribute Based Encryption Algorithms in Clouds-A Survey P. Sivakumar 1 K. Devi 2 M. Navinkumar 3

Three Levels of Access Control to Personal Health Records in a Healthcare Cloud

ROBUST AND ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS WITH DECENTRALIZED ACCESS CONTROL

A Review on Secure Multi Owner Multi-keyword Ranked Search Scheme Over Encrypted Cloud Data By Using 3DES Approach

DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE

Attribute-based encryption with encryption and decryption outsourcing

International Journal of Advance Engineering and Research Development. AN Optimal Matrix Approach for virtual load allocation and data sharing

ENSURING PRIVACY OF E-MEDICAL HEALTH RECORDS USING TRIPLE- DES ALGORITHM

Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing

An Efficient Verifiable Multi-Authority Secret Access control scheme in Cloud Storage M.Sreelakshmi & P.Gangadhara

Zero private information leak using multi-level security and privileged access for designated authorities on demand

Assistant Professor, Dept of CSE, Vasireddy Venkatadri Institute of Technology (VVIT), Nambur (v), Guntur, Andhra Pradesh, India

ABSTRACT I. INTRODUCTION

Secure Data Storage in Clouds by Using Decentralized Access Control Scheme

International Journal of Advance Engineering and Research Development

Improving data integrity on cloud storage services

CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks

A Survey on Secure Sharing In Cloud Computing

SECURE MULTI-KEYWORD TOP KEY RANKED SEARCH SCHEME OVER ENCRYPTED CLOUD DATA

Available online at ScienceDirect. Procedia Computer Science 48 (2015 ) (ICCC-2014) (ICCC-2015)

Sharing of PHR s in Cloud Computing

Group User Revocation in Cloud for Shared Data

CO-RELATION TECHNIQUE FOR SEARCHING OF ENCRYPTED DATA OVER CLOUD 1

Decentralized Access Control scheme for secure Data Stored in Clouds. Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College

Framework Research on Privacy Protection of PHR Owners in Medical Cloud System Based on Aggregation Key Encryption Algorithm

ISSN: (Online) Volume 3, Issue 6, June 2015 International Journal of Advance Research in Computer Science and Management Studies

SECURE SHARING OF DATA IN PRIVATE CLOUD BY RSA OAEP ALGORITHM. SRM University, Chennai

ISSN: [Shubhangi* et al., 6(8): August, 2017] Impact Factor: 4.116

ADVANCES in NATURAL and APPLIED SCIENCES

Fine-grained Access Control for Cloud Computing

Secure Data De-Duplication With Dynamic Ownership Management In Cloud Storage

ABSTRACT I. INTRODUCTION. Telangana, India 2 Professor, Department of Computer Science & Engineering, Shadan College of Engineering & Technology,

AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle

Survey Paper on Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud

AN ANALYSIS ON ATTRIBUTE-BASED SOLUTION FOR ADAPTABLE AND SCALABLE SECURITY ACCESS CONTROL IN CLOUD COMPUTING

SDD: A Novel Technique for Enhancing Cloud Security with Self Destructing Data

SCRIBBLE LEGALIZATION CRYPTOGRAPHIC ASPECT BASED ON DATA ACCESS CONTROL FOR STEAM COUNT

Tracing Insider Attacks in the Context of Predicate Encryption Schemes

On the Security of an Efficient Group Key Agreement Scheme for MANETs

Enhanced Novel Multilevel Secure User Authentication Scheme in Cloud.

Efficient Generation of Linear Secret Sharing. Scheme Matrices from Threshold Access Trees

DABKS: Dynamic Attribute-based Keyword Search in Cloud Computing

FINE-GRAINED QUERY RESULTS VERIFICATION FOR SECURE SEARCH SCHEME OVER ENCRYPTED CLOUD DATA

EFFICIENT RETRIEVAL OF DATA FROM CLOUD USING DATA PARTITIONING METHOD FOR BANKING APPLICATIONS [RBAC]

IJSRD - International Journal for Scientific Research & Development Vol. 3, Issue 10, 2015 ISSN (online):

DATA DEDUPLCATION AND MIGRATION USING LOAD REBALANCING APPROACH IN HDFS Pritee Patil 1, Nitin Pise 2,Sarika Bobde 3 1

ENCRYPTED DATA MANAGEMENT WITH DEDUPLICATION IN CLOUD COMPUTING

Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing

Public Verifiability of Stored Data in Cloud using Disassembly of Data Segment

Improving Privacy Multi-Keyword Top-K Retrieval Search Over Encrypted Cloud Data

Decentralized Access Control of Data Stored In Cloud Using Encryption

Decentralized Anonymous Authentication of Data Stored in Clouds Praveen.N, Krishna Kumar.P.R, Vinitha V Yadav

DATA SECURITY IN CLOUDS USING DECENTRALIZED ACCESS CONTROL, ANONYMOUS AUTHENTICATION AND RSA BASED ENCRYPTION

Efficient Access Control Scheme with Multiple Attribute Authorities for Public Cloud Storage

MULTI - KEYWORD RANKED SEARCH OVER ENCRYPTED DATA SUPPORTING SYNONYM QUERY

Integration of information security and network data mining technology in the era of big data

An Approach towards Securing Data in Cloud Computing

DBMask: Fine-Grained Access Control on Encrypted Relational Databases

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Secure Cloud Storage Using Decentralized Access Control with Anonymous Authentication

Module 13 Network Security. Version 1 ECE, IIT Kharagpur

Fortified and Revocable Access Control for Multi- Authority Cloud Storage using CPABE

ENCRYPTED KEY SEARCHING FOR DATA SHARING OVER GROUPS IN THE CLOUD STORAGE THEJA #1, GARREPALLI PRASAD #2,

On the Security of a Lightweight Cloud Data Auditing Scheme

Decentralized Access Control with Anonymous Authentication of Data Stored in Cloud

LOAD BALANCING AND DEDUPLICATION

International Journal of Advance Engineering and Research Development

Providing Security to the Architecture of Presence Servers

Attribute Based Encryption with Privacy Preserving In Clouds

Distributed Bottom up Approach for Data Anonymization using MapReduce framework on Cloud

Abstract. Asia-pacific Journal of Convergent Research Interchange Vol.2, No.2, June 30 (2016), pp

CSC 5930/9010 Cloud S & P: Cloud Primitives

Transcription:

ISSN No: 2454-9614 Secure Data Sharing using Attribute Based Encryption with Revocation in Cloud Computing *Corresponding Author: D. Vaduganathan E-mail:vaduganathan.kce@gmail.com D. Vaduganathan a a) Department Of Computer Science and Engineering, Excel Engineering College, Komarapalayam, Tamilnadu, India. Received: 10/11/2015, Revised: 22/12/2015 and Accepted: 10/03/2016 Abstract Cloud computing is used to providing many services like data sharing, data storage and platform, infrastructure, software. Services can be change based on the user s needs. Services can classify as public and private. Private services are used in within the organization. So that private services has the low security challenges. Public services are used by all. Security is the main challenge in public services. Data sharing is the one of the main public services used by the IT industry and many private industries. Data may be the sensitive in industry. Obviously Data sharing in cloud has the security issues. To manage the security issues in data sharing access control mechanisms are used. Attribute based encryption is one of the main access control mechanism which used to ensure the security of the data in the data sharing. Data are shared by the attributes. Here attributes are identified by the key. One of the security issues in data sharing is attributing and data sharing policies are seen by anyone. Keyescrow problem is the one of the security issue in data sharing. Key-escorw is one which is occurred by key provider itself my access the others data. Data sharing has the security issues called revocation. These are three issues in data sharing. To solve this three issues in data sharing have proposed the new attribute based encryption system. New proposed attribute based encryption uses the proxy server which is used to avoid the key- escrow problem. New attribute based encryption solves the revocation problem by re-encryption in data sharing. Attributes and policies are hidden in the new proposed attribute based encryption. So that proposed system solves the problems of attributes based encryption in data sharing. This data sharing is secured by new attribute based encryption. Keywords cloud computing, data sharing, access control, data storage *Reviewed by ICETSET'16 organizing committee 1. Introduction Cloud computing is used to provide services which is used to store and retrieve the data from the cloud. Cloud services are accesses anywhere from the world. It is the one of the main advantage of cloud computing. Data sharing is the one of the services mainly used by the IT industry for store the data; access the data from the cloud 145

itself. To store and access the data are done through internet. Internet is the one of cloud carrier. There is no need of additional hardware to access the data and store the data. So that many industry mostly depends on the data sharing alone. Data sharing is defined as many users can work on the same data and they can share the data. Data sharing can be done through cloud. All this data sharing can be done through cloud. Industry may use the very sensitive data. So that data sharing has many security challenges. One of the challenge is data should be shared to correct person who is belongs to the data. To avoid this challenges have choose the access control technique is attribute based encryption. ABE systems use the attributes to classify the people like HODs or Students. Attributes are like anything like dates, person s roles and time. Attributes based encryption is used to provide the secure data sharing. Data sharing gives some problems while using the attribute based encryption. Attributes systems working under the access policies. Access polices are used to share the data in between the users. Access policy is defined as who can access the particular data and who cannot access the data. This access policy is associated with data. If persons trying to access the data means access polices of the particular data should satisfy otherwise cannot access the data. In this attribute based encryption is key provider. Key providers share the key for each users based on the attributes. In this attribute based encryption there is some issues occurred in the data sharing. Revocation is one of the main in data sharing. Revocation is defined as the revoke the keys which is already given to the users. This is one of main challenge in data sharing. To resolve this problem introduce the re-encryption in the attribute based encryption. Through this re-encryption system can updates the keys. Through this can avoid the revocation in data sharing. Next issues in the data sharing are key-escrow problem which is access the data by key providers itself. To avoid this problem can introduce the proxy server. This proxy server and key provider is used to produce the keys to users. So that can avoid the key-escrow problems. Important issue in the data sharing is hiding the access policies and attributes. To avoid this can use the hashing function in new attribute based encryption. 2. Related works Attribute based encryption is used to do the production of data based on the set of access policies and attributes. Access policies are defined as ensures that who can access the data that cannot in data sharing. But these policies not hidden in the attribute based encryption. To do the policies secrecy provides by predicate based and hierarchical predicate encryptions are used. Predicate encryptions are used to hide the access policies and attributes [6]. So that users cannot learn anything about the access policies and attributes. However this method is not efficient, in this method does not support for revocation property. Cloud mask is used to hide the access policies in the attribute based encryption with data sharing. It consists of set of attributes. Important role is in the cloud mask is data manager who is responsible for hiding the access policies [5]. However single point of failure may occur with cloud system. Predicate based encryption is used to do the inner products encryption to avoid revealing of access policy. So that attributes and access policies are cannot see by anybody. But it is not suitable when the scaling is 146

increasing [5]. To improve the large numbers of users dynamically go with the hierarchical predicate based encryption which used to manage the large numbers of users in data sharing. However It has disadvantage of single point of failure. Privacy preserving attribute based encryption is used to hide the access policies and attributes by the authority. But here want to fully depend authority. The attribute based encryption wants revocation or users cancelling in the data sharing. Cannot ensure particular user always have to get the services of data sharing. Some point of time need to cancel the users or attributes to limit the users who are all accessing the data sharing. These attribute revocation is done through the following techniques. That is updating the existing keys and creates a new key for users. It is not efficient revocation. Because want to update the keys repeatedly. Another technique to revocation is to re-encryption of cipher texts. It is also not efficient for revocation. The re-encryption is defined as have to do the encryption many times. That is called as the re-encryption. Through the re-encryption can do revocation in attributes based encryption? However this needs many times [2]. 3. Data sharing s security requirements 3.1 Data privacy Data privacy is defined as the secrecy of data. Such that ensuring that particular data owner access their data alone, not others data. Such that data are not access by the unauthorized persons. Also it ensures that authorized persons only accessing their data. 3.2 Access policy privacy Access policy is heart of the attribute based encryption. It works only by access policies. It gives the more security by access polices and attributes. Access policies are defined as set of polices who can access the data and who cannot access the particular data. But these policies itself sometimes not hidden. Attribute based encryption should ensure the access policies secrecy. 3.3 Revocation policy Revocation policy is essential for attribute based encryption. If particular user is removed from data sharing group then should update the private keys. This is defined as the revocation policy. 4. Prerequisite of Cryptography 4.1 Prerequisite To define the attribute based encryption, it requires the following pre-requisites. 4.2 Access structure Attribute based encryption associates with the access policies in the form of Boolean formulas. These access policies are defined in the form of tree. This is called as the access structure. Access policies are used to provide the set of rules to access the data. The rules defined for each cipher texts in data sharing. These rules used to ensure the data privacy and access policy privacy. 147

4.3 General ABE algorithm Following procedures are used in the general attribute based encryption system Setup the (Pub_Key, Mas_Key)n and decryptio: The setup phase is used to produce the public keys and private key. These keys are used to produce the encryption and decryption. Key_gen phase: Key_gen phase is define as the key generation phase which is used to generate the attribute keys. Attribute keys is defined as the key which produced based on the attributes produce of the users. The attribute key is used to satisfy the access policy. Encryption phase: Encryption phase is the important phase in the attribute based encryption. It consists three elements. There are message, access policy and public key. These elements are used to do the encryption in attribute based encryption. Decrypt (Encrypt text, Private Key) Message. In this phase decryption can be take place. Decryption can be done by the attribute keys which are used to satisfy the access policy. If Access policy is satisfies with the private key attributes then the user will get the original message. 5. Proposed Scheme The above survey shows that most ABE algorithm can revoke the user s authority by doing update the keys again and again. But this is not efficient ABE algorithm because it doing the updating of keys each and every time. To improve attribute based encryption algorithm efficiency proposed the new ABE algorithm by using the proxy server. 5.1 Access Policy vs. Access tree Access tree is defined as set of access formulas which is used to ensure authorized users are accessing the data. Access tree consists of Boolean formulas which are defined by the attributes. Also access tree consists the threshold values. These threshold values are used to define the access policy. Root node consists polynomial a value which is shared by sub-nodes. Secret sharing scheme is can be represented formally for each attributes (Att) formally as (y,pol(y)) is one of the sub-node share of y th attribute. In the access tree consists of root node, and root node s values can be represented by Lagrange formula defined by, Pol(root) = xp(att ) Where is the coefficient which is calculated by the difference between two attributes s index represented formally by, Att j x = Att j Att i 148

5.2 Proposed ABE scheme Proposed new ABE algorithm which consists of proxy server to do the efficient revocation. This used to ensure the all security requirements in data sharing scheme. Revocation is done through the proxy server by changing the keys proxy server alone. Such that no need to change the entire public and private keys. Setting up public and private keys This is the first phase used to produce private and public keys. These public and private keys are used to produce the encryption and decryption. Attribute keys are also called as private keys which is used for each attribute. Here random groups G1, G2 are produced by the generator g1, g2. Then random key of a,b used to generate the public and private keys. Example public keys can be defined by Pub_key =(G1,G2,g1,g2, g β 2,e(g 1,g 2 ) α ) Example of master key can be defined by, Mas_key = (a,g α 2,P) Key generation for attributes Key Distribution Centre is responsible for provide the keys for each attributes. Secret key = (K,for all j S: (Kj,Kj1,Kj2) K = g1 (a+r)/b r, Kj = g 1.H(j) rjp(0) Kj1= g0 r Kj2 = (Kj1) P(0) Encryption Encryption is done through the data with access policies. Access policies are defined by Boolean formulas. To do the encryption access policies, data and public keys are used. Cipher texts = (Tree, Msge(g0,g1) as,h(att(j)) qj ) Proxy key generation Proxy key is defined as the key which has the revocation list that are all want to revoke from the existing groups. If want to revoke the particular user then want to add a user into the revocation list Proxy key =(User j, Revocation List) Decryption Decryption produces the original message by the attribute key also called as private key. If Attribute key is matching with the access policy then it produces the original message. If Access policy is not satisfy by the attribute key then user is unauthorized person. Through these access policies ensure the security in the data sharing. To do decryption user also needs the proxy key Message= (Encrypt text, Tree, Attribute key, Proxy key) 149

6. Conclusion The above proposed scheme is efficient compared to all existing attributes based encryption. That is it ensures the revocation, policy and attributes hiding and finally key-escrow property. References [1] Hongjiao LI, Shan WANG, Xiuxia TIAN, Weimin WEI, Chaochao SUN,Daming LIU, A Survey of Privacy-preserving Access Control in Cloud Computing,.in JCIS. [2] Guojun Wang,Qin Liu,jie Wu Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Storage Services, [3] Yanbin Lu and Gene Tsudik, Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-based Encryption, in IEEE 2013. [4] Fugeng Zeng, Predicate Encryption for Inner Product in Cloud Computing,. [5] Dan Boneh, and Amit Sahai and Brent Waters, Functional Encryption: Definitions and Challenges,. [6] Junbeom Hur and Dong Kun Noh Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems, IEEE 2011. [7] Ming Li, Authorized Private Keyword Search over Encrypted Data in Cloud Computing,. [8] Shucheng Yu, Cong Wang,Kui Ren and Wenjing Lou Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing, IEEE.2010. [9] Ming Li, Authorized Private Keyword Search over Encrypted Data in Cloud Computing, 150

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback