Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds

Authors

  • Mrs. B. Sathyabama  Assistant Professor, PG and Research Department of Computer Applications, Hindusthan College of Arts and Science, Coimbatore, Tamil Nadu, India
  • C. SureshKumar  PG Scholar, PG and Research Department of Computer Applications, Hindusthan College of Arts and Science, Coimbatore, Tamil Nadu, India
  • K. Kesau  PG Scholar, PG and Research Department of Computer Applications, Hindusthan College of Arts and Science, Coimbatore, Tamil Nadu, India
  • R. Karthikeyan  PG Scholar, PG and Research Department of Computer Applications, Hindusthan College of Arts and Science, Coimbatore, Tamil Nadu, India

DOI:

https://doi.org//10.32628/IJSRST196476

Keywords:

Dependable Cloud Storage, Decentralized Access Control Scheme.

Abstract

The paper proposes a new decentralized access control scheme for secure data storage in clouds that supports anonymous authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user's identity before storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also address user revocation. Moreover, our authentication and access control scheme are decentralized and robust, unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable to centralized approaches.

References

Journal Papers:

  1. S. Ruj, M. Stojmenovic, and A. Nayak, “Privacy Preserving Access Control with Authentication for Securing Data in Clouds,” Proc. IEEE/ACM Int’l Symp. Cluster, Cloud and Grid Computing, pp. 556-563, 2012.
  2. C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou, “Toward Secure and Dependable Storage Services in Cloud Computing,” IEEE Trans. Services Computing, vol. 5, no. 2, pp. 220-232, Apr.-June 2012.
  3. J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, “Fuzzy Keyword Search Over Encrypted Data in Cloud Computing,” Proc. IEEE INFOCOM, pp. 441-445, 2010.
  4. D.R. Kuhn, E.J. Coyne, and T.R. Weil, “Adding Attributes to Role- Based Access Control,” IEEE Computer, vol. 43, no. 6, pp. 79-81, June 2010.
  5. H.K. Maji, M. Prabhakaran, and M. Rosulek, “Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance,” IACR Cryptology ePrint Archive, 2008.
  6. H.K. Maji, M. Prabhakaran, and M. Rosulek, “Attribute-Based Signatures,” Topics in Cryptology - CT-RSA, vol. 6558, pp. 376-392, 2011.
  7. K. Yang, X. Jia, and K. Ren, “DAC-MACS: Effective Data Access Control for Multi-Authority Cloud Storage Systems,” IACR Cryptology ePrint Archive, p. 419, 2012.
  8. A.B. Lewko and B. Waters, “Decentralizing Attribute-Based Encryption,” Proc. Ann. Int’l Conf. Advances in Cryptology (EUROCRYPT), pp. 568-588, 2011.
  9. J. Hur and D. Kun Noh, “Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems,” IEEE Trans. Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, July 2011.

Proceedings Papers:

  1. S. Kamara and K. Lauter, “Cryptographic Cloud Storage,” Proc. 14th Int’l Conf. Financial Cryptography and Data Security, pp. 136- 149, 2010.
  2. H. Li, Y. Dai, L. Tian, and H. Yang, “Identity-Based Authentication for Cloud Computing,” Proc. First Int’l Conf. Cloud Computing (CloudCom), pp. 157-166, 2009.
  3. A.-R. Sadeghi, T. Schneider, and M. Winandy, “Token-Based Cloud Computing,” Proc. Third Int’l Conf. Trust and Trustworthy Computing (TRUST), pp. 417-429, 2010.
  4. R. Lu, X. Lin, X. Liang, and X. Shen, “Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing,” Proc. Fifth ACM Symp. Information, Computer and Comm. Security (ASIACCS), pp. 282-292, 2010.
  5. D.F. Ferraiolo and D.R. Kuhn, “Role-Based Access Controls,” Proc. 15th Nat’l Computer Security Conf., 1992.
  6. M. Li, S. Yu, K. Ren, and W. Lou, “Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-Owner Settings,” Proc. Sixth Int’l ICST Conf. Security and Privacy in Comm. Networks (SecureComm), pp. 89-106, 2010.
  7. S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute Based Data Sharing with Attribute Revocation,” Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), pp. 261-270, 2010.
  8. G. Wang, Q. Liu, and J. Wu, “Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Storage Services,” Proc. 17th ACM Conf. Computer and Comm. Security (CCS), pp. 735-737, 2010.
  9. F. Zhao, T. Nishide, and K. Sakurai, “Realizing Fine-Grained and Flexible Access Control to Outsourced Data with Attribute-Based Cryptosystems,” Proc. Seventh Int’l Conf. Information Security Practice and Experience (ISPEC), pp. 83-97, 2011.
  10. S. Ruj, A. Nayak, and I. Stojmenovic, “DACC: Distributed Access Control in Clouds,” Proc. IEEE 10th Int’l Conf. Trust, Security and Privacy in Computing and Communications (TrustCom), 2011.
  11. S. Jahid, P. Mittal, and N. Borisov, “EASiER: Encryption-Based Access Control in Social Networks with Efficient Revocation,” Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), 2011.
  12. R.L. Rivest, A. Shamir, and Y. Tauman, “How to Leak a Secret,” Proc. Seventh Int’l Conf. Theory and Application of Cryptology and Information Security (ASIACRYPT), pp. 552-565, 2001.
  13. X. Boyen, “Mesh Signatures,” Proc. 26th Ann. Int’l Conf. Advances in Cryptology (EUROCRYPT), pp. 210-227, 2007.
  14. D. Chaum and E.V. Heyst, “Group Signatures,” Proc. Ann. Int’l Conf. Advances in Cryptology (EUROCRYPT), pp. 257-265, 1991.
  15. A. Sahai and B. Waters, “Fuzzy Identity-Based Encryption,” Proc. Ann. Int’l Conf. Advances in Cryptology (EUROCRYPT), pp. 457-473, 2005.
  16. V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data,” Proc. ACM Conf. Computer and Comm. Security, pp. 89-98, 2006.
  17. J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-Policy Attribute-Based Encryption,” Proc. IEEE Symp. Security and Privacy, pp. 321-334, 2007.
  18. X. Liang, Z. Cao, H. Lin, and D. Xing, “Provably Secure and Efficient Bounded Ciphertext Policy Attribute Based Encryption,” Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), pp 343-352, 2009.
  19. M. Chase, “Multi-Authority Attribute Based Encryption,” Proc. Fourth Conf. Theory of Cryptography (TCC), pp. 515-534, 2007.
  20. H. Lin, Z. Cao, X. Liang, and J. Shao, “Secure Threshold Multi-Authority Attribute Based Encryption without a Central Authority,” Proc. Progress in Cryptology Conf. (INDOCRYPT), pp. 426-436, 2008.
  21. M. Chase and S.S.M. Chow, “Improving Privacy and Security in Multi-Authority Attribute-Based Encryption,” Proc. ACM Conf. Computer and Comm. Security, pp. 121-130, 2009.
  22. M. Green, S. Hohenberger, and B. Waters, “Outsourcing the Decryption of ABE Ciphertexts,” Proc. USENIX Security Symp., 2011.
  23. W. Wang, Z. Li, R. Owens, and B. Bhargava, “Secure and Efficient Access to Outsourced Data,” Proc. ACM Cloud Computing Security Workshop (CCSW), 2009.

Thesis:

  1. C. Gentry, “A Fully Homomorphic Encryption Scheme,” PhD dissertation, Stanford Univ., http://www.crypto.stanford.edu/ craig, 2009.
  2. R.K.L. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang, and B.S. Lee, “Trustcloud: A Framework for Accountability and Trust in Cloud Computing,” HP Technical Report HPL-2011-38, http://www.hpl.hp.com/techreports/2011/HPL-2011-38.html, 2013.
  3. A. Beimel, “Secure Schemes for Secret Sharing and Key Distribution,” PhD thesis, Technion, Haifa, 1996.

Web References:

  1. http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cs-01-en.pdf, 2013.
  2. http://securesoftwaredev.com/2012/08/20/xacml-in-the-cloud, 2013.
  3. http://crypto.stanford.edu/pbc/, 2013.
  4. “Libfenc: The Functional Encryption Library,”http://code. google.com/p/libfenc/, 2013.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2019-10-30

Issue

Volume 6, Issue 5, September-October-2019

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Mrs. B. Sathyabama, C. SureshKumar, K. Kesau, R. Karthikeyan, " Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds, International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011, Volume 6, Issue 5, pp.34-42, September-October-2019. Available at doi : https://doi.org/10.32628/IJSRST196476