Research on Access Control Based on CP-ABE Algorithm and Cloud Computing

2014 ◽  
Vol 513-517 ◽  
pp. 2273-2276
Author(s):  
Shao Min Zhang ◽  
Jun Ran ◽  
Bao Yi Wang
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Control Policy ◽  
Massive Data ◽  
Access Control Policy ◽  
Fine Grained ◽  
Network Bandwidth ◽  
Private Key ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Ciphertext-Policy Attribute-based encryption (CP-ABE) mechanism is an extension of attribute-based encryption which associates the ciphertext and user's private key with the attribute by taking the attribute as a public key. It makes the representation of the access control policy more flexible, thus greatly reduces the network bandwidth and processing overhead of sending node brought by fine-grained access control of data sharing. According to the principle of CP-ABE encryption mechanism for this mechanism, an improved cloud computing-based encryption algorithm was proposed in this paper to overcome the deficiencies of permission changing process under the massive data. Experimental results show that compared with traditional methods, the new mechanism significantly reduces time-consuming.

scholarly journals Fine Grained Access Control Policy with Advanced Encryption Standard in the Cloud Computing

2018 ◽  
Vol 7 (4.6) ◽  
pp. 1
Author(s):  
Krishna Keerthi Chennam ◽  
Lakshmi Mudda
Keyword(s):  
Access Control ◽  
Data Base ◽  
Control Policy ◽  
Third Party ◽  
Advanced Encryption Standard ◽  
Access Control Policy ◽  
Cloud Data ◽  
Storage Devices ◽  
Fine Grained ◽  
Attribute Based Encryption

The Data Base as a Service is a great example where the database engine and storage devices are in cloud data. This scheme allows customers to outsource data and store in cloud database on pay per user, scalable and flexible. But data confidentiality is in high risk when data is outsourced and stored in third party database. A trusted third party server must be maintaining the third party data base. There is a possibility of malicious administrator who can leaks the data which is stored in third party database. The best method is to encrypt the data and store in third party database but alone encryption is not sufficient. Even authorization is another problem that who can access the data. For data security and authorized of users, the fine grained access control policy Cipher text policy Attribute Based encryption (CP-ABE) is used to give access to authorized users only and the best symmetric encryption Advanced Encryption Standard(AES) is applied on data before outsourcing the data in cloud. 

scholarly journals Research on Ciphertext-Policy Attribute-Based Encryption with Attribute Level User Revocation in Cloud Storage

2017 ◽  
Vol 2017 ◽  
pp. 1-12 ◽  
Author(s):  
Guangbo Wang ◽  
Jianhua Wang
Keyword(s):  
Access Control ◽  
Cloud Storage ◽  
Control Policy ◽  
Attribute Level ◽  
Fine Grained ◽  
Computational Load ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Important Challenge ◽  
Ciphertext Policy

Attribute-based encryption (ABE) scheme is more and more widely used in the cloud storage, which can achieve fine-grained access control. However, it is an important challenge to solve dynamic user and attribute revocation in the original scheme. In order to solve this problem, this paper proposes a ciphertext-policy ABE (CP-ABE) scheme which can achieve attribute level user attribution. In this scheme, if some attribute is revoked, then the ciphertext corresponding to this attribute will be updated so that only the individuals whose attributes meet the access control policy and have not been revoked will be able to carry out the key updating and decrypt the ciphertext successfully. This scheme is proved selective-structure secure based on the q-Parallel Bilinear Diffie-Hellman Exponent (BDHE) assumption in the standard model. Finally, the performance analysis and experimental verification have been carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although our scheme increases the computational load of storage service provider (CSP) in order to achieve the attribute revocation, it does not need the participation of attribute authority (AA), which reduces the computational load of AA. Moreover, the user does not need any additional parameters to achieve the attribute revocation except for the private key, thus saving the storage space greatly.

Efficient Attribute-Based Data Sharing Scheme with Hidden Access Structures

2019 ◽  
Vol 62 (12) ◽  
pp. 1748-1760 ◽  
Author(s):  
Yang Chen ◽  
Wenmin Li ◽  
Fei Gao ◽  
Wei Yin ◽  
Kaitai Liang ◽  
...  
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Inner Product ◽  
Access Structure ◽  
Online Data ◽  
Fine Grained ◽  
Access Structures ◽  
Attribute Based Encryption ◽  
And Performance ◽  
Ciphertext Policy

AbstractOnline data sharing has become a research hotspot while cloud computing is getting more and more popular. As a promising encryption technique to guarantee the security shared data and to realize flexible fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has drawn wide attentions. However, there is a drawback preventing CP-ABE from being applied to cloud applications. In CP-ABE, the access structure is included in the ciphertext, and it may disclose user’s privacy. In this paper, we find a more efficient method to connect ABE with inner product encryption and adopt several techniques to ensure the expressiveness of access structure, the efficiency and security of our scheme. We are the first to present a secure, efficient fine-grained access control scheme with hidden access structure, the access structure can be expressed as AND-gates on multi-valued attributes with wildcard. We conceal the entire attribute instead of only its values in the access structure. Besides, our scheme has obvious advantages in efficiency compared with related schemes. Our scheme can make data sharing secure and efficient, which can be verified from the analysis of security and performance.

A Trust-Aware Access Control Policy for Cloud Data Protection

2013 ◽  
Vol 411-414 ◽  
pp. 40-44
Author(s):  
Xiao Yong Tang ◽  
Jin Wei Li ◽  
Gui Ping Liao
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Data Privacy ◽  
Large Scale ◽  
Control Policy ◽  
Trust Model ◽  
Data Encryption ◽  
Access Control Policy ◽  
Cloud Users ◽  
Cloud User

The use of Cloud computing systems to run large-scale scientific, business and consumer based IT applications has increased rapidly in recent years. More and more Cloud users concern the data privacy protection and security in such systems. A natural way to tackle this problem is to adopt data encryption and access control policy. However, this solution is inevitably introduced a heavy computation overhead. In this paper, we first establish a trust model between Cloud servers and Cloud users. Then, we build the trust-aware attribute-based access control policies according to Cloud user trust level and Cloud request attributes. This technique can give different encryption and decryption data to Cloud user and substantive reduce the computation overhead of Cloud computing.

scholarly journals HASBE access control model with Secure Key Distribution and Efficient Domain Hierarchy for cloud computing

2016 ◽  
Vol 6 (2) ◽  
pp. 770
Author(s):  
RajaniKanth Aluvalu ◽  
Vanraj Kamliya ◽  
Lakshmi Muddana
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Key Distribution ◽  
Control Model ◽  
Huge Amount ◽  
Hierarchical Assembly ◽  
Fine Grained ◽  
Access Control Models ◽  
Access Control Policies ◽  
Attribute Based Encryption

Cloud computing refers to the application and service that run on a distributed system using virtualized resources and access by common internet protocol and networking standard. Cloud computing virtualizes system by pooling and sharing resources. System and resources can be monitored from central infrastructure as needed. It requires high security because now day’s companies are placing more essential and huge amount of data on cloud. Hence traditional access control models are not sufficient for cloud computing applications. So encryption based on Attribute (“ABE”-“Attribute based encryption”) has been offered for access control of subcontracted data in cloud computing with complex access control policies. Traditional HASBE provides Flexibility, scalability and fine-grained access control but does not support hierarchical domain structure. In this paper, we had enhanced “Hierarchical attribute-set-based encryption” (“HASBE”) access control with a hierarchical assembly of users, with flexible domain Hierarchy structure and Secure key distribution with predefined policy

HASBE access control model with Secure Key Distribution and Efficient Domain Hierarchy for cloud computing

2016 ◽  
Vol 6 (2) ◽  
pp. 770
Author(s):  
RajaniKanth Aluvalu ◽  
Vanraj Kamliya ◽  
Lakshmi Muddana
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Key Distribution ◽  
Control Model ◽  
Huge Amount ◽  
Hierarchical Assembly ◽  
Fine Grained ◽  
Access Control Models ◽  
Access Control Policies ◽  
Attribute Based Encryption

Cloud computing refers to the application and service that run on a distributed system using virtualized resources and access by common internet protocol and networking standard. Cloud computing virtualizes system by pooling and sharing resources. System and resources can be monitored from central infrastructure as needed. It requires high security because now day’s companies are placing more essential and huge amount of data on cloud. Hence traditional access control models are not sufficient for cloud computing applications. So encryption based on Attribute (“ABE”-“Attribute based encryption”) has been offered for access control of subcontracted data in cloud computing with complex access control policies. Traditional HASBE provides Flexibility, scalability and fine-grained access control but does not support hierarchical domain structure. In this paper, we had enhanced “Hierarchical attribute-set-based encryption” (“HASBE”) access control with a hierarchical assembly of users, with flexible domain Hierarchy structure and Secure key distribution with predefined policy

Sign in / Sign up

Export Citation Format

Share Document