scholarly journals IMPLEMENTING CLOUD REVOCATION AUTHORITY WITH IDENTITY BASED ENCRYPTION AND ITS APPLICATIONS

2017 ◽  
Vol 5 (4RACSIT) ◽  
pp. 38-40
Author(s):  
Andal S. ◽  
Tahera Tasneem ◽  
Meghana Mary ◽  
Ranjitha G. C. ◽  
Deepak N.A.
Keyword(s):  
Security Analysis ◽  
Cloud Service ◽  
Critical Issue ◽  
Cloud Services ◽  
Public Key ◽  
Cloud Service Provider ◽  
Identity Based Encryption ◽  
Computation Technique ◽  
Diffie Hellman ◽  
Identity Based

Identity-based encryption(IBE) is a public key cryptosystem(encoding and decoding) and eliminates the demands of public key infrastructure(PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, a revocable IBE scheme with a key-update cloud service provider (KU-CSP) was proposed.However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally,we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.

scholarly journals Identity based Encryption with Cloud Revocation Authority

2019 ◽  
Vol 9 (1S2) ◽  
pp. 36-38
Keyword(s):  
Associate Degree ◽  
Cloud Service ◽  
Public Key Infrastructure ◽  
Key Exchange ◽  
Public Key ◽  
Computation Techniques ◽  
Identity Based Encryption ◽  
Diffie Hellman ◽  
Identity Based ◽  
Diffie Hellman Key Exchange

Identity-based coding/encryption (IBE) is a public key encrypted system that take outs the strain of public key infrastructure (PKI) and certified administration in standard crypto public key settings. In this public key system is not used, the downside may be a crucial thing in IBE settings. Many IBE schemes are proposed relating to this issue. Recently, by embedding associate degree computation techniques has been into IBE, Li et al. proposed an Identity-based encryption theme along with a keyupdate cloud service supplier. Their theme has 2 things one is that the computation overhead and other is communication prices are more than previous IBE schemes. The defect is lack of quantify ability within the sense that the key-update cloud service supplier should keep a secret worth for every user. With this article, we have a tendency to propose a replacement rescindable IBE theme with a cloud revocation authority (CRA) to solve the problems of 2 short things. The work is drastically improved and also the cloud revocation authority holds a secret for all users. For security purpose, we have a tendency to show that the proposed theme is totally secure beneath the additive Diffie-Hellman key Exchange (DBDH) assumption. Finally, we have a tendency to extend the proposed Identity-based encryption theme to gift a CRA cloud revocation authority authentication theme with limited privileges for an oversized range of assorted cloud technique services.

An Efficient Identity Based Encryption in Cloud Computing with Outsourced Revocation

2020 ◽  
pp. 72-82
Author(s):  
U. Vijay Sankar ◽  
M. Pavithra ◽  
R Suganya
Keyword(s):  
Cloud Computing ◽  
Cloud Service ◽  
Public Key Infrastructure ◽  
Third Party ◽  
Public Key ◽  
Public Key Encryption ◽  
Private Key ◽  
Identity Based Encryption ◽  
Identity Based ◽  
Key Update

Identity-Based Encryption (IBE) which simplifies the public key and certificate management at Public Key Infrastructure (PKI) is an important alternative to public key encryption. However, one of the main efficiency drawbacks of IBE is the overhead computation at Private Key Generator (PKG) during user revocation. Efficient revocation has been well studied in traditional PKI setting, but the cumbersome management of certificates is precisely the burden that IBE strives to alleviate [2]. It aiming at tackling the critical issue of identity revocation, we introduce outsourcing computation into IBE for the first time and propose a revocable IBE scheme in the server-aided setting. Our scheme offloads most of the key generation related operations during key-issuing and key-update processes to a Key Update Cloud Service Provider, leaving only a constant number of simple operations for PKG and users to perform locally [3]. This goal is achieved by utilizing a novel collusion-resistant technique: we employ a hybrid private key for each user, in which an AND gate is involved to connect and bound the identity component and the time component [4]. Furthermore, we propose another construction which is provable secure under the recently formulized Refereed Delegation of Computation model. Finally, we provide extensive experimental results to demonstrate the efficiency of our proposed construction. In public key encryption every user must have a pair of keys, public key and private key, for encrypting and decrypting messages. An Identity-based encryption (IBE) eliminates the need for a Public Key Infrastructure (PKI). IBE uses the human intelligible identities (e.g., unique name, email address, IP address, etc) as public keys [5]. The sender using IBE encrypts message with the receivers’ identity rather than looking for receivers’ public key and corresponding certificate. Accordingly, receiver decrypts ciphertext using private key associated with the corresponding identity [6]. The private keys of users are obtained from a trusted third party called as Private Key Generator (PKG). The motivation of this paper is to study and review an efficient and secure Identity based encryption scheme with outsourced revocation for cloud computing [7].

scholarly journals A Novel Collaborative PKI Framework in Public Cloud

2020 ◽  
Vol 8 (5) ◽  
pp. 3135-3141
Keyword(s):  
Service Provider ◽  
Data Privacy ◽  
Cloud Service ◽  
Public Key Infrastructure ◽  
Cloud Services ◽  
Public Key ◽  
Public Cloud ◽  
Cloud Service Provider ◽  
Cloud Data ◽  
The Public

Public Key Infrastructure (PKI) is a repository and management system for digital certificates. It can be the centralized or decentralized PKI system for issuing, managing, storing, verifying and distributing the key pairs, public key and private key, or one of the public key certificates. In public cloud, Data Owners and Data Users can upload or download their encrypted data along with services, resources and infrastructures in the hands of Cloud Service Provider. It creates the big security concerns in terms of data security and data privacy for the user and Cloud Service Provider is the sole responsibility to provide the Access Control Policy to restrict the cloud services centrally. With the emergence of cloud computing, Public Key Infrastructure (PKI) technology enables the secure communications in between systems. X.509 certificates are based on the centralized PKI and suffers so many issues in the public cloud. Gnu Privacy Guard (GnuPG) certificates are based on the decentralized PKI system. Imagine a world with decentralized PKI system in which each Kerberos is also a Central Authority for issuing certificates to the system or users. This proposed collaborative PKI framework describes the use of PKI in public cloud, proposed algorithm for Kerberos SSO token and provides acquisition of Public Key certificates from the client via Kerberized Central Authorities.

Hierarchical Certificate-Based Encryption: Definition and an Efficient Construction

2014 ◽  
Vol 513-517 ◽  
pp. 1971-1974 ◽  
Author(s):  
Hai Lin Xu ◽  
Yang Lu
Keyword(s):  
Random Oracle Model ◽  
Random Oracle ◽  
Public Key ◽  
New Paradigm ◽  
Public Key Cryptosystems ◽  
Identity Based Encryption ◽  
Diffie Hellman ◽  
Efficient Construction ◽  
Identity Based ◽  
Definition Of

Certificate-based encryption is a new paradigm which was introduced by Gentry to address the complex public key revocation problem in traditional public key cryptosystems. It represents an interesting and potentially useful balance between traditional public-key encryption and identity-based encryption. In this paper, we introduce the notion of hierarchical certificate-based encryption that preserves the advantages of certificate-based encryption such as implicit certificate and key-escrow free while inheriting the properties of hierarchical identity-based encryption. We formalize the definition of hierarchical certificate-based encryption and also propose a concrete hierarchical certificate-based encryption scheme that is chosen-ciphertext secure under the hardness of bilinear Diffie-Hellman problem in the random oracle model.

scholarly journals A Generic Model for Identifying QoS Parameters Interrelations in Cloud Services Selection Ontology during Runtime

Symmetry ◽  
2021 ◽  
Vol 13 (4) ◽  
pp. 563
Author(s):  
Babu Rajendiran ◽  
Jayashree Kanniappan
Keyword(s):  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Operating Costs ◽  
Generic Model ◽  
Business Organizations ◽  
Cloud Environment ◽  
Cloud Service Provider ◽  
Qos Parameters ◽  
Computer Based

Nowadays, many business organizations are operating on the cloud environment in order to diminish their operating costs and to select the best service from many cloud providers. The increasing number of Cloud Services available on the market encourages the cloud consumer to be conscious in selecting the most apt Cloud Service Provider that satisfies functionality, as well as QoS parameters. Many disciplines of computer-based applications use standardized ontology to represent information in their fields that indicate the necessity of an ontology-based representation. The proposed generic model can help service consumers to identify QoS parameters interrelations in the cloud services selection ontology during run-time, and for service providers to enhance their business by interpreting the various relations. The ontology has been developed using the intended attributes of QoS from various service providers. A generic model has been developed and it is tested with the developed ontology.

scholarly journals IIBE: An Improved Identity-Based Encryption Algorithm for WSN Security

2021 ◽  
Vol 2021 ◽  
pp. 1-8
Author(s):  
ChunHua Cao ◽  
YaNa Tang ◽  
DeYan Huang ◽  
WeiMin Gan ◽  
Chunjiong Zhang
Keyword(s):  
Encryption Algorithm ◽  
Public Key ◽  
Generation Process ◽  
Key Generation ◽  
Public Key Encryption ◽  
Computing Power ◽  
Identity Based Encryption ◽  
Communication Ability ◽  
Limited Power ◽  
Identity Based

Wireless sensor networks (WSN) have problems such as limited power, weak computing power, poor communication ability, and vulnerability to attack. However, the existing encryption methods cannot effectively solve the above problems when applied to WSN. To this end, according to WSN’s characteristics and based on the identity-based encryption idea, an improved identity-based encryption algorithm (IIBE) is proposed, which can effectively simplify the key generation process, reduce the network traffic, and improve the network security. The design idea of this algorithm lies between the traditional public key encryption and identity-based public tweezers’ encryption. Compared with the traditional public key encryption, the algorithm does not need a public key certificate and avoids the management of the certificate. Compared with identity-based public key encryption, the algorithm addresses the key escrow and key revocation problems. The results of the actual network distribution experiments demonstrate that IIBE has low energy consumption and high security, which are suitable for application in WSN with high requirements on security.

Research on Identity-Based Encryption Scheme for Grid Computing System

2014 ◽  
Vol 543-547 ◽  
pp. 3156-3159
Author(s):  
Qing Hai Bai ◽  
Ying Zheng ◽  
Qing Hu Wang ◽  
Guo Li Wei ◽  
Hai Chun Zhao ◽  
...  
Keyword(s):  
Grid Computing ◽  
Data Transmission ◽  
Computing System ◽  
Grid Service ◽  
Encryption Scheme ◽  
Grid System ◽  
Identity Based Encryption ◽  
Diffie Hellman ◽  
Long Run ◽  
Identity Based

Grid system has secure requirements of confidential communication, data integrity and non-repudiation. According to the secure requirements for Grid service, the paper proposed an identity-based encryption scheme for Grid, which can solve a series of problem: the privacy of data transmission, validation of integrity of data, key update after long run time and non-repudiation. The scheme is constructed by bilinear paring on elliptic cures and its security can be reduced to the computational Bilinear Diffie-Hellman assumption. Finally, the authors analyses the security and efficiency of this scheme.

Kernel-Based Machine Learning Models to Predict Mitigation Time During Cloud Security Attacks

2021 ◽  
Vol 17 (4) ◽  
pp. 75-88
Author(s):  
Padmaja Kadiri ◽  
Seshadri Ravala
Keyword(s):  
Machine Learning ◽  
Service Provider ◽  
Predictive Models ◽  
Cloud Service ◽  
Cloud Services ◽  
Security Threats ◽  
Learning Models ◽  
Security Attacks ◽  
Cloud Service Provider ◽  
Machine Learning Models

Security threats are unforeseen attacks to the services provided by the cloud service provider. Depending on the type of attack, the cloud service and its associated features will be unavailable. The mitigation time is an integral part of attack recovery. This research paper explores the different parameters that will aid in predicting the mitigation time after an attack on cloud services. Further, the paper presents machine learning models that can predict the mitigation time. The paper presents the kernel-based machine learning models that can predict the average mitigation time during security attacks. The analysis of the results shows that the kernel-based models show 87% accuracy in predicting the mitigation time. Furthermore, the paper explores the performance of the kernel-based machine learning models based on the regression-based predictive models. The regression model is used as a benchmark model to analyze the performance of the machine learning-based predictive models in the prediction of mitigation time in the wake of an attack.

An Analysis on the Terms and Conditions of the Clickwrap Agreement and the Benefits of Maintaining the Click Wrap Agreement in Cloud Computing

2022 ◽  
pp. 205-224
Author(s):  
Dhiviya Ram
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
End User ◽  
Cloud Service Provider ◽  
Novel Approach ◽  
Cloud Service Providers ◽  
Provider Perspective

One of the most unique forms of contracting is apparent in cloud computing. Cloud computing, unlike other conventional methods, has adopted a different approach in the formation of binding contract that will be used for the governance of the cloud. This method is namely the clickwrap agreement. Click wrap agreement follows a take it or leave it basis in which the end users are provided with limited to no option in terms of having a say on the contract that binds them during the use of cloud services. The terms found in the contract are often cloud service provider friendly and will be less favourable to the end user. In this article, the authors examine the terms that are often found in the cloud computing agreement as well as study the benefit that is entailed in adopting this contracting method. This chapter has undertaken a qualitative study that comprises interviews of cloud service providers in Malaysia. Hence, this study is a novel approach that also provides insight in terms of the cloud service provider perspective regarding the click wrap agreement.

Sign in / Sign up

Export Citation Format

Share Document