A comprehensive Cloud Security Model with Enhanced Key Management, Access Control and Data Anonymization Features. | [International Journal of Communication Networks and Information Security • 2017]

Author(s):

1. GVenifa Mini: Department of Computer Science and Engineering, Noorul Islam University, Kumaracoil, India

2. KSAngel Viji: Department of Computer Science and Engineering, College of Engineering, Kidangoor, India

Abstract:

A disgusting problem in public cloud is to securely share data based on fine grained access control policies and unauthorized key management. Existing approaches to encrypt policies and data with different keys based on public key cryptosystem are Attribute Based Encryption and proxy reencryption. The weakness behind approaches is: It cannot efficiently handle policy changes and also problem in user revocation and attribute identification. Even though it is so popular, when employed in cloud it generate high computational and storage cost. More importantly, image encryption is some out complex in case of public key cryptosystem. On the publication of sensitive dataset, it does not preserve privacy of an individual. A direct application of a symmetric key cryptosystem, where users are served based on the policies they satisfy and unique keys are generated by Data Owner (DO). Based on this idea, we formalize a new key management scheme, called Symmetric Chaos Based key Management (SCBKM), and then give a secure construction of a SCBKM scheme. The idea is to give some secrets to Key Manager (KM) based on the identity attributes they have and later allow them to derive actual symmetric keys based on their secrets. Using our SCBKM construct, we propose an efficient approach for finegrained encryption-based access control for data stored in untrusted cloud storage.

Page(s): 263-273

DOI: DOI not available

Published: Journal: International Journal of Communication Networks and Information Security, Volume: 9, Issue: 2, Year: 2017

Keywords:

Keywords are not available for this article.

References:

[1] Kushida , Kenji E.,JonathanMurray,and JohnZysman, 2015."Cloud computing: from scarcity to abundance,",Journal of Industry, Competition and Trade 15 5 -19

[2] Lang , Bo, Jinmiao,Wang, 2017."Achieving Flexible and Self-contained Data Protection in Cloud Computing", -

[3] Rimal , Bhaskar,Prasad , Admela Jukan, Dimitrios Katsaros, and Yves,Goeleven, 2011."Architectural requirements for cloud computing systems: an enterprise cloud approach",Journal of Grid Computing 9 3 -26

[4] Rochwerger , Benny, David Breitgand, Eliezer Levy,KennethNagin, 2009."The reservoir model and architecture for open federated cloud computing",IBM Journal of Research and Development 53 4 -1

[5] Jaeger , Paul T.,JimmyLin,JustinM.,Grimes, 2008."Cloud computing and information policy: Computing in a policy cloud?,",Journal of Information Technology & Politics 5 269 -283

[6] Arinze , Bay, and Murugan,Anandarajan, 2012."Factors that determine the adoption of cloud computing: A global perspective",Enterprise Information Systems and Advancing Business Solutions: Emerging Models: Emerging Models 210 -223

[7] Armbrust , Michael, Armando Fox, Rean Griffith, Anthony D.,Joseph , Randy Katz, Andy Konwinski, Gunho,Lee, 2010."A view of cloud computing,",Communications of the ACM 53 50 -58

[8] Pearson , Siani, and Azzedine,Benameur, 2010."Privacy, security and trust issues arising from cloud computing,",IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom) 693 -702

[9] Karadsheh, 2012."Applying security policies and service level agreement to IaaS service model to enhance security and transition", computers & security, 3 315 -326

[10] Anand , Priya, Jungwoo,Ryoo, ."Addressing security challenges in cloud computing-a pattern-based approach" ,, -

[11] LanZhou, 2013.Secure Role-Based Access Control on Encrypted Data in Cloud Storage,”,IEEE Transactions on Information Forensics and Security 12 -

[12] J.Hur,D. K.Noh,August2017, 2011.Attribute-based access control with efficient revocation in data outsourcing systems",IEEE Transactions on Parallel and Distributed Systems 9 1214 -1221

[13] J.Hur, 2013.Improving security and efficiency in attributebased data sharing",IEEE Transactions on Knowledge and Data Engineering 25 2271 -2282

[14] J.Li,X.Chen,C.Jia, 2015.Identity-based encryption with outsourced revocation in cloud computing",IEEE Transactions on Computers 64 425 -437

[15] Karadsheh, 2012."Applying security policies and service level agreement to IaaS service model to enhance security and transition," computers & security, 31 315 -326

[16] Subashini , Subashini, and Veeraruna,Kavitha, 2011."A survey on security issues in service delivery models of cloud computing," Journal of network and computer applications, 34 1 -11

[17] Padhy , Rabi,Prasad, 2011.Manas Ranjan Patra, and Suresh Chandra Satapathy, "Cloud computing: security issues and research challenges,",International Journal of Computer Science and Information Technology & Security (IJCSITS) 1 136 -146

[18] Varadharajan , Vijay, and Udaya,Tupakula, 2014."Security as a service model for cloud environment,",IEEE Transactions on Network and Service Management 1 60 -75

[19] J.M.bohli , N.Gruschka, M.,Jensen , L.L.,Iacono and N.,Marnau, 2013.Security and privacy- enhancing multicloud architectures”,IEEE Trans. Dependable Sec. Comput. 10 212 -224

[20] Y.Wu,Z.Wei,R.H.Deng, 2013.Attribute-based access to scalable media in cloud assisted content sharing networks”,IEEE Trans. Multimedia 15 778 -788

[21] C.Wang,S.S.MChow,Q.Wang,K.Ren, 2013.Privacy-preserving public auditing for secure cloud storage”,IEEE Trans. Comput. 62 362 -375

[22] T.Yang,C. W.Wu,L. O.Chua, 1997.Cryptography based on chaotic system”,IEEE Transactions on Circuits & Systems I Fundamental theory & Applications 44 469 -472

[23] Khan , Abdul,Raouf, 2012."Access control in cloud computing environment,",ARPN Journal of Engineering and Applied Sciences 7 613 -615

[24] Ferraiolo , David, Rick,Kuhn , and Ravi,Sandhu, 2007."Rbac standard rationale: Comments on" a critique of the ansi standard on role-based access control",IEEE Security & Privacy 5 -

[25] K.Liang,W.Susilo,J. K.Liu, 2015.Privacy-preserving ciphertext multisharing control for big data storage,”,IEEE Trans. Inf. Forensics Security 10 1578 -1589

[26] Z.Zhou,D.Huang,Z.Wang, 2015.Efficient privacypreserving ciphertext-policy attribute based-encryption and broadcast encryption,”,IEEE Trans. Comput. 64 126 -138

[27] Yu,Kui Ren , and Wenjing,Lou, 2010."Achieving secure, scalable, and fine-grained data access control in cloud computing,",2010 proceedings IEEE 1 -9

[28] Feng , Bin, Xinzhu Ma, Cheng Guo, Hui Shi, Zhangjie,Fu , and Tie,Qiu, 2016."An Efficient Protocol With Bidirectional Verification for Storage Security in Cloud Computing,",IEEE Access 4 7899 -7911

[29] Chen, Xuexiu, Chi Chen, Yuan Tao, and Jiankun Hu, "A Cloud Security Assessment System Based on Classifying and Grading", IEEE Cloud Computing ,vol.2, no. 2 58-67,2015

Citations

Downloads

Views