MULTIPLE ATTRIBUTE AUTHORITIES BASED CLOUD DATA SECURITY USING SCP-ABE AND FILE AUDITING SCHEME

Author’s Name : Sneha George | T B Dharmaraj

Volume 01 Issue 04  Year 2014  ISSN No:  2349-3828  Page no:  1-4

Abstract:

Data access control is a challenging issue in public cloud storage systems. Cipher text-Policy Attribute-Based Encryption (CP- ABE) has been adopted as a promising technique to provide flexible, fine-grained and secure data access control for cloud storage with honest-but-curious cloud servers. However, in the existing CP-ABE schemes, the single attribute authority must execute the time-consuming user legitimacy verification and secret key distribution, and hence it results in a single-point performance bottleneck when a CP-ABE scheme is adopted in a large-scale cloud storage system. Users may be stuck in the waiting queue for a long period to obtain their secret keys, thereby resulting in low-efficiency of the system. Although multi authority access control schemes have been proposed, these schemes still cannot overcome the drawbacks of single-point bottleneck and low efficiency, due to the fact that each of the authorities still independently manages a disjoint attribute set .In this project, we propose a novel heterogeneous framework to remove the problem of single-point performance bottleneck and provide a more efficient access control scheme with an auditing mechanism. Our framework employs multiple attribute authorities to share the load of user legitimacy verification. Meanwhile, in our scheme, a CA (Central Authority) is introduced to generate secret keys for legitimacy verified users. Unlike other multi authority access control schemes, each of the authorities in our scheme manages the whole attribute set individually. To enhance security, we also propose an auditing mechanism to detect which AA (Attribute Authority) has incorrectly or maliciously performed the legitimacy verification procedure.

Keywords:

Cipher Text-Policy, Encryption, Bottleneck, Central Authority, Attribute Authority

References:

1. P. Mell and T. Grance, “The NIST definition of cloud computing,” National Institute of Standards and Technology Gaithersburg, 2011.
2. A. Lewko and B. Waters, “Decentralizing attribute-based encryption,” in Advances in Cryptology–EUROCRYPT 2011. Springer, 2011, pp. 568–588
3. Z. Fu, K. Ren, J. Shu, X. Sun, and F. Huang, “Enabling personalized search over encrypted outsourced data with efficiency improvement,” IEEE Transactions on Parallel & Distributed Systems, vol. 27, no. 9, pp. 2546–2559, 2016.
4. Z. Fu, X. Sun, S. Ji, and G. Xie, “Towards efficient content- aware search over encrypted outsourced data in cloud,” in in Proceedings of 2016 IEEE Conference on Computer Communications (INFOCOM 2016). IEEE, 2016, pp. 1–9.
5. K. Xue and P. Hong, “A dynamic secure group sharing framework in public cloud computing,” IEEE Transactions on Cloud Computing, vol. 2, no. 4, pp. 459–470, 2014.
6. Y. Wu, Z. Wei, and H. Deng, “Attribute-based access to scalable media in cloud-assisted content sharing,” IEEE Transactions on Multimedia, vol. 15, no. 4, pp. 778–788, 2013.
7. J. Hur, “Improving security and efficiency in attribute based data sharing,” IEEE Transactions on Knowledge and Data Engineering, vol. 25, no. 10, pp. 2271–2282, 2013.
8. J. Hur and D. K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214–1221, 2011.
9. J. Hong, K. Xue, W. Li, and Y. Xue, “TAFC: Time and attribute factors combined access control on time sensitive data in public cloud,” in Proceedings of 2015 IEEE Global Communications Conference (GLOBECOM 2015). IEEE, 2015, pp. 1–6.