Blockchain-Based Access Control and Data Sharing Mechanism in Cloud Decentralized Storage System

2021 ◽  
Author(s):  
Yogesh M Gajmal ◽  
R. Udayakumar
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Data Security ◽  
Cloud Storage ◽  
Control Method ◽  
Single Point ◽  
Storage System ◽  
Data Encryption ◽  
Data Owner ◽  
Data User

Access control is a major factor in enhancing data security in the cloud storage system. However, the existing data sharing and the access control method have privacy data leakage and key abuse, which is a major challenge in the research community. Therefore, an effective method named Blockchain-based access control and data sharing approach is developed in the cloud storage system to increase data security. The proposed Blockchain-based access control and data sharing approach effectively solve single-point failure in the cloud system. It provides more benefits by increasing the throughput and reducing the cost. The Data user (DU) makes the registration request using the ID and password and forwards it to the Data Owner (DO), which processes the request and authenticates the Data user. The information of the data owner is embedded in the transactional blockchain using the encrypted master key. The Data owner achieves the data encryption process, and encrypted files are uploaded to the Interplanetary File System (IPFS). Based on the encrypted file location and encrypted key, the Data owner generates the ciphertext metadata and is embedded in the transactional blockchain. The proposed Blockchain-based access control and data sharing approach achieved better performance using the metrics, like a better genuine user detection rate of 95% and lower responsiveness of 25sec with the blockchain of 100 sizes.

scholarly journals BSSPD: A Blockchain-Based Security Sharing Scheme for Personal Data with Fine-Grained Access Control

2021 ◽  
Vol 2021 ◽  
pp. 1-20
Author(s):  
Hongmin Gao ◽  
Zhaofeng Ma ◽  
Shoushan Luo ◽  
Yanping Xu ◽  
Zheng Wu
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Personal Data ◽  
Security And Privacy ◽  
Access Policy ◽  
Fine Grained ◽  
Sharing Scheme ◽  
Data Owner ◽  
Data User ◽  
Cloud Server

Privacy protection and open sharing are the core of data governance in the AI-driven era. A common data-sharing management platform is indispensable in the existing data-sharing solutions, and users upload their data to the cloud server for storage and dissemination. However, from the moment users upload the data to the server, they will lose absolute ownership of their data, and security and privacy will become a critical issue. Although data encryption and access control are considered up-and-coming technologies in protecting personal data security on the cloud server, they alleviate this problem to a certain extent. However, it still depends too much on a third-party organization’s credibility, the Cloud Service Provider (CSP). In this paper, we combined blockchain, ciphertext-policy attribute-based encryption (CP-ABE), and InterPlanetary File System (IPFS) to address this problem to propose a blockchain-based security sharing scheme for personal data named BSSPD. In this user-centric scheme, the data owner encrypts the sharing data and stores it on IPFS, which maximizes the scheme’s decentralization. The address and the decryption key of the shared data will be encrypted with CP-ABE according to the specific access policy, and the data owner uses blockchain to publish his data-related information and distribute keys for data users. Only the data user whose attributes meet the access policy can download and decrypt the data. The data owner has fine-grained access control over his data, and BSSPD supports an attribute-level revocation of a specific data user without affecting others. To further protect the data user’s privacy, the ciphertext keyword search is used when retrieving data. We analyzed the security of the BBSPD and simulated our scheme on the EOS blockchain, which proved that our scheme is feasible. Meanwhile, we provided a thorough analysis of the storage and computing overhead, which proved that BSSPD has a good performance.

scholarly journals Biometric Based User Authentication and Privacy Preserving In Cloud Environment

2021 ◽  
Vol 12 (2) ◽  
pp. 347-350
Author(s):  
Jaichandran R , Et. al.
Keyword(s):  
Data Security ◽  
Cloud Storage ◽  
User Authentication ◽  
Storage System ◽  
Data Availability ◽  
Data Outsourcing ◽  
File Access ◽  
Data Owner ◽  
Identity Based ◽  
And Storage

Cloud technology provides advantage of storage services for individuals and organizations thus making file access easy and simple irrespective of location. The major concern is the security while the file is been outsourced. Maintaining integrity, file unchanged, gaining confidentiality during file outsourced plays an important role. In this paper, we propose identity based data outsourcing technique to provide data security during authorization and storage. For data authorization we propose finger print based authentication. The fingerprint based authentication is performed using Minutae Map algorithm (MM). For data security we convert the data owner files to hash values using SHA algorithm. Finally in the cloud storage stage, data security and data availability is addressed using multiple cloud storage system. 

A New User-controlled and Efficient Encrypted Data Sharing Model in Cloud Storage

2019 ◽  
Vol 13 (4) ◽  
pp. 356-363
Author(s):  
Yuezhong Wu ◽  
Wei Chen ◽  
Shuhong Chen ◽  
Guojun Wang ◽  
Changyun Li
Keyword(s):  
Data Sharing ◽  
Data Security ◽  
Cloud Storage ◽  
Screening Program ◽  
Original Data ◽  
Third Party ◽  
Active System ◽  
Encrypted Data ◽  
Active User ◽  
User Data

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.

Implementasi Algoritma Merkle-Hellman Knapsack dalam Penyandian Record Database

2020 ◽  
pp. 162-165
Author(s):  
Reni Rahmadani ◽  
Harvei Desmon Hutahaean ◽  
Ressy Dwitias Sari
Keyword(s):  
Data Security ◽  
Public Key Cryptography ◽  
Data Encryption ◽  
Key Generation ◽  
Software Developers ◽  
Data Owner ◽  
Encryption And Decryption ◽  
User Data ◽  
Np Complete ◽  
Knapsack Algorithm

A lot of data is misused without the data owner being aware of it. Software developers must ensure the security user data on their system. Due to the size of the market that houses data, the security of record databases must be of great concern. Cryptographic systems or data encryption can be used for data security. The Merkle-Hellman Knapsack algorithm is included in public-key cryptography because it uses different keys for the encryption and decryption processes. This algorithm belongs to the NP-complete algorithm which cannot be solved in polynomial order time. This algorithm has stages of key generation, encryption, and decryption. The results of this study secure database records from theft by storing records in the form of ciphertext/password. Ciphertext generated by algorithmic encryption has a larger size than plaintext.

Research on Data Destruction Mechanism with Security Level in HDFS

2013 ◽  
Vol 834-836 ◽  
pp. 1795-1798
Author(s):  
Jun Qin ◽  
Ya Ping Zhang ◽  
Ping Zong
Keyword(s):  
Data Security ◽  
Cloud Storage ◽  
Storage System ◽  
Security Requirements ◽  
Security Level ◽  
Primary Concern ◽  
Simulation Experiments ◽  
Performance Requirements ◽  
Destruction Mechanism ◽  
And Performance

In cloud computing applications, the data security is a primary concern of user. In this paper, for the problem that data of the HDFS cannot be destroyed completely in open source cloud storage system, which may lead to data leakage, it designs a destruction mechanism of HDFS with multiple security level. This mechanism make data effectively destroyed by the method of data overwrite which makes a balance between security requirements and performance requirements. The Simulation experiments show that the mechanism can override a Block file in HDFS environment effectively to achieve the purpose of data destroying. At the same the overhead of different overwrite algorithm is different also which can ensure the security and efficiency is balanced.

Sign in / Sign up

Export Citation Format

Share Document