scholarly journals A Review of fine grained access control techniques

2018 ◽  
Vol 7 (2.7) ◽  
pp. 20 ◽  
Author(s):  
Rakesh Shirsath ◽  
Dr K. V. Daya Sagar
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Data Access ◽  
Control Approach ◽  
Access Policy ◽  
Fine Grained ◽  
Data Access Control ◽  
Encrypt Data ◽  
Cloud Server ◽  
Access Policies

Nowadays cloud computing is most demanding technology where computing resources are availed as per demand through Internet. Cloud computing model also brings many challenges for confidentiality, integrity, privacy of data and data access control. As cloud computing develops vigorously, an increasing number of enterprises and individuals are motivated to upload their data sources to the public cloud server for sharing. It is not entirely credible for enterprises and individuals to transfer data owing to the openness of the cloud server, so they must encrypt data before uploading and also loose direct control of data. Therefore, an elastic access control or fine-grained access control approach for data is urgently required and becomes a challenging open problem. In this paper, the issue of access control is discussed by defining traditional access policies. Attribute based access policy is analysed with its types. Finally, comparison is made among all policies with respect to various parameters.

scholarly journals A Secure and Fine-Grained Big Data Access Control Scheme for Cloud-Based Services

2020 ◽  
pp. 254-262
Author(s):  
Nisha J William ◽  
Nisha O S
Keyword(s):  
Cloud Computing ◽  
Big Data ◽  
Access Control ◽  
Data Access ◽  
End Users ◽  
Access Policy ◽  
Fine Grained ◽  
Data Access Control ◽  
Control Scheme ◽  
Access Policies

Cloud computing is the delivery of computing services including servers, storage, databases, networking, software, analytics, and intelligence over the Internet. Nowadays, access control is one of the most critical problems with cloud computing. Ciphertext-Policy Attribute Based Encryption (CP-ABE) is a promising encryption technique that enables end-users to encrypt their data under the access policies defined over some attributes of data consumers and only allows data consumers whose attributes satisfy the access policies to decrypt the data. In CP-ABE, the access policy is attached to the ciphertext in plaintext form, which may also leak some private information about end-users. Existing methods only partially hide the attribute values in the access policies, while the attribute names are still unprotected. This paper proposes an efficient and fine-grained big data access control scheme with privacy-preserving policy. Specifically, it hides the whole attribute (rather than only its values) in the access policies. To assist data decryption, it designs an algorithm called Attribute Bloom Filter to evaluate whether an attribute is in the access policy and locate the exact position in the access policy if it is in the access policy. The paper also deals with offline attribute guessing attack. Security analysis and performance evaluation show that this scheme can preserve the privacy from any LSSS access policy without employing much overhead.

scholarly journals Attribute-based encryption and sticky policies for data access control in a smart home scenario: a comparison on networked smart object middleware

2020 ◽  
Author(s):  
Sabrina Sicari ◽  
Alessandra Rizzardi ◽  
Gianluca Dini ◽  
Pericle Perazzo ◽  
Michele La Manna ◽  
...  
Keyword(s):  
Access Control ◽  
Smart Home ◽  
Data Access ◽  
Data Retrieval ◽  
Test Bed ◽  
Smart Object ◽  
Access Policy ◽  
Data Access Control ◽  
Attribute Based Encryption ◽  
Encrypt Data

AbstractRegulating the access to the Internet of Things (IoT) network’s resources is a complex-prone task, which requires to pay a great attention on how policies are defined, shared, and enforced. The present paper considers the specific context of a smart home, which represents one of the main IoT application domains, and it focuses on two solutions proposed in the literature to cope with the aforementioned issues. On the one side, approaches based on attribute-based encryption (ABE) allow one to encrypt data for multiple recipients, in such a way that only those recipients whose attributes satisfy a given access policy can decrypt afterward. ABE guarantees a high level of customization due to the variety of attributes which can be defined, and it is also flexible enough to be adapted to different kinds of scenarios. On the other side, approaches based on sticky policies allow to attach an access policy directly to the data itself, and to employ a trusted authority to evaluate and enforce the policy itself. Sticky policies also guarantee a highly distributed and customizable enforcement of access control rules. In this paper, we compare the advantages and the drawbacks in terms of performance and robustness of such two techniques by means of their integration within the prototype of an IoT middleware, named networked smart object. Hence, the effectiveness of the presented solutions is validated by means of a real test-bed in the smart home scenario, in terms of storage occupancy, CPU load, and data retrieval delay. The final goal is to reveal the best approach to be used depending on the application’s requirements.

Provably Secure Fine-Grained Data Access Control Over Multiple Cloud Servers in Mobile Cloud Computing Based Healthcare Applications

2019 ◽  
Vol 15 (1) ◽  
pp. 457-468 ◽  
Author(s):  
Sandip Roy ◽  
Ashok Kumar Das ◽  
Santanu Chatterjee ◽  
Neeraj Kumar ◽  
Samiran Chattopadhyay ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Mobile Cloud Computing ◽  
Data Access ◽  
Mobile Cloud ◽  
Healthcare Applications ◽  
Fine Grained ◽  
Data Access Control ◽  
Cloud Servers ◽  
Provably Secure

scholarly journals An efficient attribute-based hierarchical data access control scheme in cloud computing

2020 ◽  
Vol 10 (1) ◽  
Author(s):  
Heng He ◽  
Liang-han Zheng ◽  
Peng Li ◽  
Li Deng ◽  
Li Huang ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
High Performance ◽  
Data Access ◽  
Fine Grained ◽  
Security Issues ◽  
Access Structures ◽  
Data Access Control ◽  
Control Scheme ◽  
Access Requirement

AbstractSecurity issues in cloud computing have become a hot topic in academia and industry, and CP-ABE is an effective solution for managing and protecting data. When data is shared in cloud computing, they usually have multiple access structures that have hierarchical relationships. However, existing CP-ABE algorithms do not consider such relationships and just require data owners to generate multiple ciphertexts to meet the hierarchical access requirement, which would incur substantial computation overheads. To achieve fine-grained access control of multiple hierarchical files effectively, first we propose an efficient hierarchical CP-ABE algorithm whose access structure is linear secret sharing scheme. Moreover, we construct an attribute-based hierarchical access control scheme, namely AHAC. In our scheme, when a data visitor’s attributes match a part of the access control structure, he can decrypt the data that associate with this part. The experiments show that AHAC has good security and high performance. Furthermore, when the quantity of encrypted data files increases, the superiority of AHAC will be more significant.

scholarly journals Efficient Implementation of Big Data Access Control Scheme with Privacy-Preserving Policy

2019 ◽  
Vol 8 (10) ◽  
pp. 3385-3395
Keyword(s):  
Cloud Computing ◽  
Big Data ◽  
Access Control ◽  
Control Systems ◽  
Information Access ◽  
Bloom Filter ◽  
Data Access ◽  
Physical Control ◽  
Data Access Control ◽  
Cloud Server

In the time of big data, cloud computing, an immense measure of information can be created rapidly from different IT, non-IT related sources. Towards these big data, cloud computing, customary PC frameworks are not up to required skilled to store and process this information. Due to the adaptable and flexible figuring assets, distributed computing is a characteristic fit for putting away and preparing big data. With cloud computing, end-clients store their information into the cloud server and depend on the advanced cloud server to share their information to different clients. To share end-client's information to just approved clients, it is important to configuration access control systems as indicated by the prerequisites of end clients. When re-appropriating information into the cloud, end-clients free the physical control, virtual physical control of their information. In addition, cloud specialist co-ops are not completely trusted by end-clients, which make the entrance control additionally testing. on the off chance that the conventional access control systems (e.g., Access Control Lists) are connected, the cloud server turns into the judge to assess the entrance approach and settle on access choice. Subsequently, end-clients may stress that the cloud server may settle on wrong access choices purposefully or accidentally and uncover their information to some unapproved clients. To empower end-clients to control the entrance of their own information, a proficient and fine-grained huge information access control plot with protection saving strategy is proposed. In particular, the entire trait (as opposed to just its qualities) in the entrance strategies are scrambled. To help information decoding, encoding, a novel Attribute Bloom Filter is utilized [14][16] to assess whether a characteristic is in the entrance arrangement and find the accurate position in the entrance approach on the off chance that it is in the entrance strategy. Just the clients whose traits fulfill the entrance arrangement are qualified to unscramble the information.

Sign in / Sign up

Export Citation Format

Share Document