Munsyi, Sudarsono, Amang, Harun Al Rasvid, M. Udin.
2018.
An Implementation of Data Exchange in Environmental Monitoring Using Authenticated Attribute-Based Encryption with Revocation. 2018 International Electronics Symposium on Knowledge Creation and Intelligent Computing (IES-KCIC). :359—366.
Internet of things era grown very rapidly in Industrial Revolution 4.0, there are many researchers use the Wireless Sensor Network (WSN) technology to obtain the data for environmental monitoring. The data obtained from WSN will be sent to the Data Center, where users can view and collect all of data from the Data Center using end devices such as personal computer, laptop, and mobile phone. The Data Center would be very dangerous, because everyone can intercept, track and even modify the data. Security requirement to ensure the confidentiality all of stored data in the data center and give the authenticity in data has not changed during the collection process. Ciphertext Policy Attribute-Based Encryption (CP-ABE) can become a solution to secure the confidentiality for all of data. Only users with appropriate rule of policy can get the original data. To guarantee there is no changes during the collection process of the data then require the time stamp digital signature for securing the data integrity. To protect the confidentiality and data integrity, we propose a security mechanism using CP-ABE with user revocation and Time Stamp Digital Signature using Elliptic Curve Cryptography (ECC) 384 bits. Our system can do the revocation for the users who did the illegal access. Our system is not only securing the data but also providing the guarantee that is no changes during the collection process of the data from the Data Center.
Chennam, KrishnaKeerthi, Muddana, Lakshmi.
2018.
Improving Privacy and Security with Fine Grained Access Control Policy using Two Stage Encryption with Partial Shuffling in Cloud. 2018 3rd IEEE International Conference on Recent Trends in Electronics, Information Communication Technology (RTEICT). :686—690.
In a computer world, to identify anyone by doing a job or to authenticate by checking their identification and give access to computer. Access Control model comes in to picture when require to grant the permissions to individual and complete the duties. The access control models cannot give complete security when dealing with cloud computing area, where access control model failed to handle the attributes which are requisite to inhibit access based on time and location. When the data outsourced in the cloud, the information holders expect the security and confidentiality for their outsourced data. The data will be encrypted before outsourcing on cloud, still they want control on data in cloud server, where simple encryption is not a complete solution. To irradiate these issues, unlike access control models proposed Attribute Based Encryption standards (ABE). In ABE schemes there are different types like Key Policy-ABE (KP-ABE), Cipher Text-ABE (CP-ABE) and so on. The proposed method applied the access control policy of CP-ABE with Advanced Encryption Standard and used elliptic curve for key generation by using multi stage encryption which divides the users into two domains, public and private domains and shuffling the data base records to protect from inference attacks.
Liu, Zechao, Jiang, Zoe L., Wang, Xuan, Wu, Yulin, Yiu, S.M..
2018.
Multi-Authority Ciphertext Policy Attribute-Based Encryption Scheme on Ideal Lattices. 2018 IEEE Intl Conf on Parallel Distributed Processing with Applications, Ubiquitous Computing Communications, Big Data Cloud Computing, Social Computing Networking, Sustainable Computing Communications (ISPA/IUCC/BDCloud/SocialCom/SustainCom). :1003—1008.
Ciphertext policy attribute-based encryption (CP-ABE) is a promising cryptographic technology that provides fine-grained access control as well as data confidentiality. It enables one sender to encrypt the data for more receivers, and to specify a policy on who can decrypt the ciphertext using his/her attributes alone. However, most existing ABE schemes are constructed on bilinear maps and they cannot resist quantum attacks. In this paper, we propose a multi-authority CP-ABE (MA-CPABE) scheme on ideal lattices which is still secure in post-quantum era. On one hand, multiple attribute authorities are required when user's attributes cannot be managed by a central authority. On the other hand, compared with generic lattice, the ideal lattice has extra algebraic structure and can be used to construct more efficient cryptographic applications. By adding some virtual attributes for each authority, our scheme can support flexible threshold access policy. Security analysis shows that the proposed scheme is secure against chosen plaintext attack (CPA) in the standard model under the ring learning with errors (R-LWE) assumption.
Dong, Qiuxiang, Huang, Dijiang, Luo, Jim, Kang, Myong.
2018.
Achieving Fine-Grained Access Control with Discretionary User Revocation over Cloud Data. 2018 IEEE Conference on Communications and Network Security (CNS). :1—9.
Cloud storage solutions have gained momentum in recent years. However, cloud servers can not be fully trusted. Data access control have becomes one of the main impediments for further adoption. One appealing approach is to incorporate the access control into encrypted data, thus removing the need to trust the cloud servers. Among existing cryptographic solutions, Ciphertext Policy Attribute-Based Encryption (CP-ABE) is well suited for fine-grained data access control in cloud storage. As promising as it is, user revocation is a cumbersome problem that impedes its wide application. To address this issue, we design an access control system called DUR-CP-ABE, which implements identity-based User Revocation in a data owner Discretionary way. In short, the proposed solution provides the following salient features. First, user revocation enforcement is based on the discretion of the data owner, thus providing more flexibility. Second, no private key updates are needed when user revocation occurs. Third, the proposed scheme allows for group revocation of affiliated users in a batch operation. To the best of our knowledge, DUR-CP-ABE is the first CP-ABE solution to provide affiliation- based batch revocation functionality, which fits naturally into organizations' Identity and Access Management (IAM) structure. The analysis shows that the proposed access control system is provably secure and efficient in terms of computation, communi- cation and storage.
Navya, J M, Sanjay, H A, Deepika, KM.
2018.
Securing smart grid data under key exposure and revocation in cloud computing. 2018 3rd International Conference on Circuits, Control, Communication and Computing (I4C). :1—4.
Smart grid systems data has been exposed to several threats and attacks from different perspectives and have resulted in several system failures. Obtaining security of data and key exposure and enhancing system ability in data collection and transmission process are challenging, on the grounds smart grid data is sensitive and enormous sum. In this paper we introduce smart grid data security method along with advanced Cipher text policy attribute based encryption (CP-ABE). Cloud supported IoT is widely used in smart grid systems. Smart IoT devices collect data and perform status management. Data obtained from the IOT devices will be divided into blocks and encrypted data will be stored in different cloud server with different encrypted keys even when one cloud server is assaulted and encrypted key is exposed data cannot be decrypted, thereby the transmission and encryption process are done in correspondingly. We protect access-tree structure information even after the data is shared to user by solving revocation problem in which cloud will inform data owner to revoke and update encryption key after user has downloaded the data, which preserves the data privacy from unauthorized users. The analysis of the system concludes that our proposed system can meet the security requirements in smart grid systems along with cloud-Internet of things.
Fugkeaw, Somchart, Sato, Hiroyuki.
2018.
Enabling Dynamic and Efficient Data Access Control in Cloud Computing Based on Attribute Certificate Management and CP-ABE. 2018 26th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP). :454—461.
In this paper, we propose an access control model featured with the efficient key update function in data outsourcing environment. Our access control is based on the combination of Ciphertext Policy - Attribute-based Encryption (CP-ABE) and Role-based Access Control (RBAC). The proposed scheme aims to improve the attribute and key update management of the original CP-ABE. In our scheme, a user's key is incorporated into the attribute certificate (AC) which will be used to decrypt the ciphertext encrypted with CP-ABE policy. If there is any change (update or revoke) of the attributes appearing in the key, the key in the AC will be updated upon the access request. This significantly reduces the overheads in updating and distributing keys of all users simultaneously compared to the existing CP-ABE based schemes. Finally, we conduct the experiment to evaluate the performance of our proposed scheme to show the efficiency of our proposed scheme.
Khuntia, Sucharita, Kumar, P. Syam.
2018.
New Hidden Policy CP-ABE for Big Data Access Control with Privacy-preserving Policy in Cloud Computing. 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.
Cloud offers flexible and cost effective storage for big data but the major challenge is access control of big data processing. CP-ABE is a desirable solution for data access control in cloud. However, in CP-ABE the access policy may leak user's private information. To address this issue, Hidden Policy CP-ABE schemes proposed but those schemes still causing data leakage problem because the access policies are partially hidden and create more computational cost. In this paper, we propose a New Hidden Policy Ciphertext Policy Attribute Based Encryption (HP-CP-ABE) to ensure Big Data Access Control with Privacy-preserving Policy in Cloud. In proposed method, we used Multi Secret Sharing Scheme(MSSS) to reduce the computational overhead, while encryption and decryption process. We also applied mask technique on each attribute in access policy and embed the access policy in ciphertext, to protect user's private information from access policy. The security analysis shows that HP-CP-ABE is more secure and preserve the access policy privacy. Performance evaluation shows that our schemes takes less computational cost than existing scheme.
Shelke, Vishakha M., Kenny, John.
2018.
Data Security in cloud computing using Hierarchical CP-ABE scheme with scalability and flexibility. 2018 International Conference on Smart City and Emerging Technology (ICSCET). :1—5.
Cloud computing has a major role in the development of commercial systems. It enables companies like Microsoft, Amazon, IBM and Google to deliver their services on a large scale to its users. A cloud service provider manages cloud computing based services and applications. For any organization a cloud service provider (CSP) is an entity which works within it. So it suffers from vulnerabilities associated with organization, including internal and external attacks. So its challenge to organization to secure a cloud service provider while providing quality of service. Attribute based encryption can be used to provide data security with Key policy attribute based encryption (KP-ABE) or ciphertext policy attribute based encryption (CP-ABE). But these schemes has lack of scalability and flexibility. Hierarchical CP-ABE scheme is proposed here to provide fine grained access control. Data security is achieved using encryption, authentication and authorization mechanisms. Attribute key generation is proposed for implementing authorization of users. The proposed system is prevented by SQL Injection attack.
Wang, Wei, Zhang, Guidong, Shen, Yongjun.
2018.
A CP-ABE Scheme Supporting Attribute Revocation and Policy Hiding in Outsourced Environment. 2018 IEEE 9th International Conference on Software Engineering and Service Science (ICSESS). :96—99.
Aiming at the increasing popularity of mobile terminals, a CP-ABE scheme adapted to lightweight decryption at the mobile end is proposed. The scheme has the function of supporting timely attributes revocation and policy hiding. Firstly, we will introduce the related knowledge of attribute base encryption. After that, we will give a specific CP-ABE solution. Finally, in the part of the algorithm analysis, we will give analysis performance and related security, and compare this algorithm with other algorithms.
Li, Chunhua, He, Jinbiao, Lei, Cheng, Guo, Chan, Zhou, Ke.
2018.
Achieving Privacy-Preserving CP-ABE Access Control with Multi-Cloud. 2018 IEEE Intl Conf on Parallel Distributed Processing with Applications, Ubiquitous Computing Communications, Big Data Cloud Computing, Social Computing Networking, Sustainable Computing Communications (ISPA/IUCC/BDCloud/SocialCom/SustainCom). :801—808.
Cloud storage service makes it very convenient for people to access and share data. At the same time, the confidentiality and privacy of user data is also facing great challenges. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme is widely considered to be the most suitable security access control technology for cloud storage environment. Aiming at the problem of privacy leakage caused by single-cloud CP-ABE which is commonly adopted in the current schemes, this paper proposes a privacy-preserving CP-ABE access control scheme using multi-cloud architecture. By improving the traditional CP-ABE algorithm and introducing a proxy to cut the user's private key, it can ensure that only a part of the user attribute set can be obtained by a single cloud, which effectively protects the privacy of user attributes. Meanwhile, the intermediate logical structure of the access policy tree is stored in proxy, and only the leaf node information is stored in the ciphertext, which effectively protects the privacy of the access policy. Security analysis shows that our scheme is effective against replay and man-in-the-middle attacks, as well as user collusion attack. Experimental results also demonstrates that the multi-cloud CP-ABE does not significantly increase the overhead of storage and encryption compared to the single cloud scheme, but the access control overhead decreases as the number of clouds increases. When the access policy is expressed with a AND gate structure, the decryption overhead is obviously less than that of a single cloud environment.
Reshma, V., Gladwin, S. Joseph, Thiruvenkatesan, C..
2019.
Pairing-Free CP-ABE based Cryptography Combined with Steganography for Multimedia Applications. 2019 International Conference on Communication and Signal Processing (ICCSP). :0501—0505.
Technology development has led to rapid increase in demands for multimedia applications. Due to this demand, digital archives are increasingly used to store these multimedia contents. Cloud is the commonly used archive to store, transmit, receive and share multimedia contents. Cloud makes use of internet to perform these tasks due to which data becomes more prone to attacks. Data security and privacy are compromised. This can be avoided by limiting data access to authenticated users and by hiding the data from cloud services that cannot be trusted. Hiding data from the cloud services involves encrypting the data before storing it into the cloud. Data to be shared with other users can be encrypted by utilizing Cipher Text-Policy Attribute Based Encryption (CP-ABE). CP-ABE is used which is a cryptographic technique that controls access to the encrypted data. The pairing-based computation based on bilinearity is used in ABE due to which the requirements for resources like memory and power supply increases rapidly. Most of the devices that we use today have limited memory. Therefore, an efficient pairing free CP- ABE access control scheme using elliptic curve cryptography has been used. Pairing based computation is replaced with scalar product on elliptic curves that reduces the necessary memory and resource requirements for the users. Even though pairing free CP-ABE is used, it is easier to retrieve the plaintext of a secret message if cryptanalysis is used. Therefore, this paper proposes to combine cryptography with steganography in such a way by embedding crypto text into an image to provide increased level of data security and data ownership for sub-optimal multimedia applications. It makes it harder for a cryptanalyst to retrieve the plaintext of a secret message from a stego-object if steganalysis were not used. This scheme significantly improved the data security as well as data privacy.