Attribute-Based Encryption for Access Control in Cloud Ecosystems

<p>We introduce a distributed, fine-granuled, policy-based resource access control protocol leveraging on Attribute-Based Encryption. The protocol secures the whole access control procedure from the authorization issuer to the resource server providing grant confidentiality, proof of possession, antiforgery and may be implemented through a common web token exchange flow plus a HTTP basic authentication. As such, it may easily map to Cloud computing SaaS paradigms, enabling services integration into a single authorization-centric ecosystem even across multiple identity domains. We also present the results of a performance evaluation on a first prototype implementation.</p>

Ciphertext-Policy Attribute-Based Encryption for Cloud Storage: Toward Data Privacy and Authentication in AI-Enabled IoT System

People can store their data on servers in cloud computing and allow public users to access data via data centers. One of the most difficult tasks is to provide security for the access policy of data, which is also needed to be stored at cloud servers. The access structure (policy) itself may reveal partial information about what the ciphertext contains. To provide security for the access policy of data, a number of encryption schemes are available. Among these, CP-ABE (Ciphertext-Policy Attribute-Based Encryption) scheme is very significant because it helps to protect, broadcast, and control the access of information. The access policy that is sent as plaintext in the existing CP-ABE scheme along with a ciphertext may leak user privacy and data privacy. To resolve this problem, we hereby introduce a new technique, which hides the access policy using a hashing algorithm and provides security against insider attack using a signature verification scheme. The proposed system is compared with existing CP-ABE schemes in terms of computation and expressive policies. In addition, we can test the functioning of any access control that could be implemented in the Internet of Things (IoT). Additionally, security against indistinguishable adaptive chosen ciphertext attacks is also analyzed for the proposed work.

Light Weight Cryptography based Medical Data and Image Encryption Scheme

Many medical companies use cloud technology to collect, distribute and transmit medical records. Given the need for medical information, confidentiality is a key issue. In this study, we propose an encrypted scheme based on encrypted data for an electronic healthcare environment. We use hybrid Attribute based encryption and Triple DES encryption technique (ABETDES) scheme, including identity-based cryptography (IBC), to ensure data privacy through communication channels և to improve the reliability of cloud computing. There are also limited indicators of light processing and storage resources. This solves a serious maintenance problem and ensures that a private key is created where it is not blind. The introduction of a security option, a comprehensive security analysis to protect ciphertext, shows that our program is effective against many known attacks and compared to existing methods.

Data Confidentiality in Cloud Storage. A Survey

In cloud computing security, privacy and data confidentiality plays important role when popularity in terms of cloud computing services is consider. Till now there are various schemes, protocols and architecture for cloud computing privacy and data protection are proposed which are based on data confidentiality, cryptographic solution, cipher text blocks, various transforms, symmetric encryption schemes, attribute-based encryption, trust and reputation, access control, etc., but they are scattered and lacking uniformity without proper security logic. This paper systematically reviews as well as analyze research done in this relevant area. First various shortcomings in cloud computing, architectures, framework and schemes proposed for data confidentiality will be discussed; then existing cryptographic schemes, encryption functions, linear transform, grid storage system, key exposure, secret sharing, AONT (All or Nothing Transform), dispersed storage, trust, block encryption mechanism, attribute-based encryption, access control will be discussed; thirdly propose future direction with research challenges for data confidentiality in cloud computing; finally focus is on concern data confidentiality scheme to overcome the technical deficiency and existing schemes.

Attribute-Based Encryption for Access Control in Cloud Ecosystems

<p>We introduce a distributed, fine-granuled, policy-based resource access control protocol leveraging on Attribute-Based Encryption. The protocol secures the whole access control procedure from the authorization issuer to the resource server providing grant confidentiality, proof of possession, antiforgery and may be implemented through a common web token exchange flow plus a HTTP basic authentication. As such, it may easily map to Cloud computing SaaS paradigms, enabling services integration into a single authorization-centric ecosystem even across multiple identity domains. We also present the results of a performance evaluation on a first prototype implementation.</p>

Ciphertext-Policy Attribute-Based Encryption with Outsourced Set Intersection in Multimedia Cloud Computing

In a multimedia cloud computing system, suppose all cloud users outsource their own data sets to the cloud in the encrypted form. Each outsourced set is associated with an access structure such that a valid data user, Bob, with the credentials satisfying the access structure is able to conduct computing over outsourced encrypted set (e.g., decryption or other kinds of computing function). Suppose Bob needs to compute the set intersection over a data owner Alice’s and his own outsourced encrypted sets. Bob’s simple solution is to download Alice’s and Bob’s outsourced encrypted sets, perform set intersection operation, and decrypt the set intersection ciphertexts. A better solution is for Bob to delegate the cloud to calculate the set intersection, without giving the cloud any ability in breaching the secrecy of the sets. To solve this problem, this work introduces a novel primitive called ciphertext-policy attribute-based encryption with outsourced set intersection for multimedia cloud computing. It is the first cryptographic algorithm supporting a fully outsourced encrypted storage, computation delegation, fine-grained authorization security for ciphertext-policy model, without relying on an online trusted authority or data owners, and multi-elements set, simultaneously. We construct a scheme that provably satisfies the desirable security properties, and analyze its efficiency.