• Nenhum resultado encontrado

KEY UPDATION FOR THE DYNAMIC ATTRIBUTES IN CLOUD COMPUTING FOR COMPETENT USER RETRACTION

N/A
N/A
Protected

Academic year: 2017

Share "KEY UPDATION FOR THE DYNAMIC ATTRIBUTES IN CLOUD COMPUTING FOR COMPETENT USER RETRACTION"

Copied!
9
0
0

Texto

(1)

KEY UPDATION FOR THE DYNAMIC ATTRIBUTES

IN CLOUD COMPUTING FOR COMPETENT USER

RETRACTION

ELAVARASI.P1

PG Scholar, Dept. of Computer Science and Engineering

K.Ramakrishnan College of Technology, Samayapuram, Tiruchirapalli, Tamil Nadu, India pelavarasi@gmail.com

PARIJATHAM.R*

Assistant Professor, Department of Computer Science and Engineering

K.Ramakrishnan College of Technology, Samayapuram, Tiruchirapalli, Tamil Nadu, India krctpari@gmail.com

Abstract : Companies are into the cloud and provide services on it. The increasing popularity of cloud computing draws attention to its security challenges, which are particularly worsen due to re source sharing. This technology is prone to security threats because of which the users want to trust their precious data. Several schemes are employed for access control of outsourced data. So, Hierarchical Attribute Set Based Encryption, an extension of Ciphertext policy attribute set- based encryption, has been proposed for its

ine grained access control with hierarchical structure of users. The user’s secret key is determined by the attributes. The attributes will often be updated in the real world scenario. So, eficient method for updating the key for the changing attributes with user revocation is proposed in this paper.

Keywords : Cloud computing; CP-ABE; Dynamic attributes.

1. Introduction

Cloud computing is a payment-based service where everyone can access computer services through internet. Cloud computing [4] allows consumers and businesses to use applications without installation and access their personal iles at any computer with internet access. With cloud computing, there is no need of any physical hardware or servers that supports the company’s computer system, internet services and networks. Because of this, cloud computing is also called as utility computing, or ‘IT on demand’. Many companies step into Cloud and provide services above on it. It will essentially reduce the expenses of the company allotted for the maintenance of the computer system. Once a cloud is established, how its services are deployed in terms of business models can differ depending on requirements. Cloud-computing follows a utility model in which service costs are based on actual consumption, you only pay for what you use. Once a cloud is established, how its services are deployed in terms of business models can differ depending on requirements. The primary service models being deployed are commonly known as:

Software as a Service (SaaS) — Consumers purchase the ability to access and use an application or service that is hosted in the cloud.

Platform as a Service (PaaS) — Consumers purchase access to the platforms, enabling them to deploy their own software and applications in the cloud.

Infrastructure as a Service (IaaS) — Consumers control and manage the systems in terms of the operating systems, applications, storage, and network connectivity, but do not themselves control the cloud infrastructure.

(2)

for any organization, and enterprise users will face serious consequences if its conidential data is disclosed to their business competitors or the public. Thus, cloud users in the irst place want to make sure that their data are kept conidential to outsiders, including the cloud provider and their potential competitors. Major cloud service providers are Amazon’s EC2, Microsoft’s Azure, Salesforce.com, Google’s AppEngine etc..

Access control [15] is an apprehension, because insider attacks are a major threat. A prospective hacker is someone who has been commended with approved entry to the cloud. Anyone using the cloud should know who is managing their data and what types of controls are applied to these individuals. The traditional model is application-centric access control, where each application keeps track of its collection of users and manages them, is not feasible in cloud based architectures. This is more so, because the user data maybe shared that can lead to data replication, creating mapping of users and their privileges a phenomenal task. Also, it needs the user to retain multiple accounts/passwords and maintain them. Cloud requires a user centric access control where every user request to any service provider is packed with the user identity and entitlement information. User identity will have identiiers or attributes that identity and deine the user. The identity is tied to a domain, but is transferable. User centric approach leaves the user with the ultimate control of their digital identities. User centric approach also implies that the system preserve a context of information for each and every user, so as to ind how to respond to in a given situation to a given user request.

To achieve lexible and ine-grained access control, a number of schemes are proposed very recently. But, these schemes are only applicable to systems in which data owners and the service providers are within the same trusted domain. Since data owners and service providers are usually not in the same trusted domain in cloud computing, a new access control scheme employing attribute-based encryption is proposed by Yu et al., which adopts the key-policy attribute-based encryption (KP-ABE) to enforce ine-grained access control. However, this scheme lacks lexibility in attribute management and lacks scalability in dealing with multiple-levels of attribute authorities. So Cipher-text ABE (CP-ABE) is appropriate for access control due to its expressiveness in describing access control policies. CP-ABE is abstractly nearer to traditional access control models such as Role-Based Access Control (RBAC). To mull over the revocation problem in a conventional CP-ABE design, limited choices are available. One is the revocation of a single attribute, which is not associated with users’ behaviors but expected a periodical update of entire attribute set of the whole system. Another possible solution is to revoke one attribute set equivalent to one speciic set of users. In this way, all the users’ access abilities will be revoked if they share out the same attribute set with the malicious user, which is unsuitable in the real application. Thus, it is likely to apply CP-ABE to enforce access control of encrypted data.

The Contribution is that the Domain authority extracts the old value from the secret key and changes the old value with the new value and gives the current secret key to the cloud user.

The rest of the paper is organized as follows. Section II provides the related work. Then we present our system model and assumptions in Section III. In Section IV, we describe the user revocation in detail. Lastly, we conclude the paper in Section V.

2. Related Work

In distributed systems users need to share sensitive objects with others based on the recipients’ ability to satisfy a policy. Attribute-Based Encryption (ABE) is a new paradigm introduced by Amit Sahai and Brent Waters. It is a type of public-key encryption in which the public key of a user and the ciphertext are dependent about attributes (e.g. the country he lives, the kind of subscription he has, ...). In a such system, The decryption of a ciphertext is possible only if the set of attributes of the user key matches the attributes of the ciphertext. Attribute based encryption can be used for log encryption. This primitive can also be used for broadcast encryption in order to decrease the number of key used. A generalization of IBE is attribute-based encryption (ABE). A major application of ABE is ine-grained cryptographic access control of data.

(3)

{Dept : CS, Role : Grad – Student,

{CourseID : 101, Role : TA},

{CourseID : 525, Role : Grad - Student}}

The above example represents a key structure assigned to a graduate student in CS department of a university, who is the TA for course 101 and has enrolled in course 525. It can be seen that the same attribute can be assigned multiple values, e.g., the attribute “Role” is assigned value “TA” and “Grad-Student” in different sets. This feature renders ASBE more versatile and lexible in supporting many practical scenarios. In this example, the graduate student holding such a private key should not be able to combine the attribute “Role: TA” with “CourseID: 525” so as to access course grades of other students who enroll in course 525. Such a feature cannot be implemented with the CP-ABE algorithm. ASBE can enforce dynamic constraints on combining attributes to satisfy a policy, which provides great lexibility in access control. Every student has a set of attributes (Course, Year, and Grade) for each course he has taken. CP-ABE is dificult when a student have taken multiple courses and obtained different grades in them. The encryptor will have to ensure the student cannot select and combine attributes from different sets to circumvent the policy. ASBE can enforce eficient ciphertext policy encryption for situations where existing ABE schemes are ineficient. Furthermore, ASBE’s capability of assigning multiple values to the same attribute enables it to solve the user revocation problem eficiently, which is dificult in CP-ABE.

Hierarchical Attribute-Based Encryption (HABE) [13] to achieve ine-grained access control in cloud storage services by combining Hierarchical Identity-Based Encryption (HIBE) and CP-ABE. This scheme also supports ine-grained access control and fully delegating computation to the cloud providers. However, HABE uses disjunctive normal form policy and assumes all attributes in one conjunctive clause are administrated by the same domain master. Thus the same attribute may be administrated by multiple domain masters according to speciic policies, which is dificult to implement in practice. Furthermore, compared with ASBE, this scheme cannot support compound attributes eficiently and does not support multiple value assignments.

3. Model

As depicted in Fig. 1, the cloud computing system under consideration consists of ive types of parties: a cloud service provider, data owners, data consumers, a number of domain authorities, and a trusted authority. The cloud service provider manages a cloud to provide data storage service. Data owners encrypt their data iles and store them in the cloud for sharing with data consumers. To access the shared data iles, data consumers download encrypted data iles of their interest from the cloud and then decrypt them.

Figure 1. System Model

Each data owner/consumer is administrated by a domain authority. A domain authority is managed by its parent domain authority or the trusted authority. Data owners, data consumers, domain authorities, and the trusted authority are organized in a hierarchical manner as shown in Fig. 1. The trusted authority is the root authority and responsible for managing top-level domain authorities. Each top-level domain authority corresponds to a top-level organization, such as a federated enterprise, while each lower-level domain authority corresponds to a lower-level organization, such as an afiliated company in a federated enterprise. Data owners/consumers may correspond to employees in an organization. Each domain authority is responsible for managing the domain authorities at the next level or the data owners/consumers in its domain.

(4)

3.1 Security Model:

We assume that the cloud server provider is not trusted in the sense that it may collude with malicious users (short for data owners/data consumers) to harvest ile contents stored in the cloud for its own beneit. In the hierarchical structure of the system users given in Fig. 1, each party is associated with a public key and a private key, with the latter being kept secretly by the party. The trusted authority acts as the root of trust and authorizes the top-level domain authorities. A domain authority is trusted by its subordinate domain authorities or users that it administrates, but may try to get the private keys of users outside its domain. Users may try to access data iles either within or outside the scope of their access privileges, so malicious users may collude with each other to get sensitive iles beyond their privileges. In addition, we assume that communication channels between all parties are secured using standard security protocols, such as SSL.

3.2 Access Tree:

Let T be a tree representing an access structure. Each non-leaf node of the tree represents a threshold gate, described by its children and a threshold value. If numx is the number of children of a node x and kx is its threshold value, then 0< kx ≤ numx. When kx = 1, the threshold gate is an OR gate and when kx = numx, it is an AND gate. Each leaf node x of the tree is described by an attribute and a threshold value kx = 1. The access tree can be represented in Fig. 2.

The access structure in Fig. 2 demands that only a student of a university and the same student can act as TA for another course ID or can act as student for a different course ID can access the data iles protected by the access policy. In CP-ABE schemes, a person who has private keys corresponding to attributes on the key structure would be able to access the data iles, which compromises the security of the access policy. Such problems are effectively prevented using attribute-set-based encryption which forbids combining attributes across multiple sets.

Figure 2. Access Structure

4. User Revocation

Whenever there is a user to be revoked, the system must make sure the revoked user cannot access the associated data iles any more. One way [4] to solve this problem is to re-encrypt all the associated data iles used to be accessed by the revoked user, but we must also ensure that the other users who still have access privileges to these data iles can access them correctly.

Secure communication is achieved with the hierarchical attribute-based encryption scheme which has hierarchical signature scheme. The major beneit of this scheme is to provide a method for a trusted authority to delegate the computation and delivery of user decryption keys to lower level authorities. Each user’s private key is given to user and to the domain authority. Thus the decryption is performed as a co-operation between a user and the associated domain authority. But the domain authority is associated with small number of users and can revoke the decryption privileges. The trusted authority will check for the hierarchical structure. The algorithms used are same but with the following enhancement:

• SetUP (d) : Here d is the depth of the key structure. It outputs the master secret key (MK) and public key (PK).

• KeyGen (MK,U,K) : This is done by the domain authority. The input is master secret key (MK), U is the set of attributes and K is the key structure and generates the secret key for the user.

• KeyUpdate (MK,old_value,new_value) : This is done by the domain authority. It takes the input as the master secret key, old attribute value, updates the secret key by updating old value with the new_value.

• Encrypt (PK,M,AS) : The message M, Public Key PK, and access structure AS are given as input and generates the ciphertext CT containing access structure in which the set of attributes satisfy the access policy can only decrypt.

(5)

key SK containing user attribute set U. If U satisies the access tree the algorithm decrypt the CT. Otherwise it outputs null.

4.1 Dynamic Attributes:

In the real world the attributes are never static. The person who worked as a student may work as a TA after years. So the attributes change often. This is shown in the Figure 2. Here the updated attribute is Role. It is necessary to deal with the dynamic attributes.

Figure 3. Dynamic attribute 4.2 Updating the Key:

We add an attribute expiration time to a user’s secret key, which indicates the time until which the key is considered to be valid. Then the policy associated with data iles can include a check on the expiration time. An attribute expiration time is provided by the domain authority to the data owners so that the data will not be available to the data owners the next time until it is revoked. The key will be valid until the expiration time. The keys are changed dynamically by the domain authority when the new attributes are updated with the old attributes with the master secret key.

5. System Model Implementation

Selecting group for the user

(6)

Login for the registered user

Figure 5. User Login For the changing attribute, the Key generation will be as follows.

(7)

The details are updated according to the user.

Figure 7. key updation If the details updated are incorrect to the following screen will appear.

(8)

After entering correct secret key, the new session key will appear and the decryption/encryption takes place accordingly.

Figure 9. Correct user

6. Conclusion and Future Work

In this paper, a better user revocation for the dynamic attributes is proposed. The updation of key is done for the existing attributes with the new attributes. This is done with the hierarchical structure of users. The Hierarchical attribute set based encryption, an extension of Ciphertext policy attribute set based encryption scheme is used. The keys are changed when the expiration time ends. Thus for the dynamic attributes, the new attributes are replaced with the old attributes. But, the differentiation between the old attributes and the new attributes are not done and has to be done in the future.

7. Acknowledgement

The authors would like to acknowledge the valuable comments and technical opinions of Mrs.T.Vetriselvi and Mr.M.Sivakumar, the founders who are successfully leading the Department of Computer Science and Engineering of K.Ramakrishnan College of Technology, Samayapuram, Trichy,

References

[1] H. Khurana, M. Prabhakaran, and R. Bobba (2009) “Attribute-sets: A practically motivated enhancement to attribute-based encryp

-tion,” in Proc. ESORICS, Saint Malo, France, 2009.

[2] A. Sahai, B.Waters, and Bethencourt J (2007) ciphertext-policy attribute-based encryption. Proceedings of the 2007 IEEE Sympo

-sium on Security and Privacy (S&P 2007), Piscataway:IEEE, 2007: 321-334.

[3] A. Sahai and B. Waters, (2005) “Fuzzy identity based encryption,” in Proc. Advances in Cryptology—Eurocrypt, 2005, vol. 3494,

LNCS, pp. 457–473.

[4] C. ShinYeo, I. Brandic, J. Broberg and R. Buyya, ( 2009) “Cloud computing and emerging it platforms: Vision, hype, and reality for

delivering computing as the 5th utility,” Future Generation Comput. Syst., vol. 25, pp. 599–616.

[5] A. Sahai, B.Waters, O. Pandey, and V. Goyal (2006)“Attribute-based encryption for ine-grained access control of encrypted data,” in Proc. ACM Conf. Computer and Communications Security (ACM CCS), Alexandria, VA.

[6] C. Wang, K. Ren, S. Yu, and W. Lou,( 2010) “Achieving secure, scalable, and ine-grained data access control in cloud computing,” in Proc. IEEE INFOCOM 2010, pp. 534–542.

[7] Jun’e Liu, Robert H. Deng and Zhiguo Wan,( 2012) “HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing”, IEEE Transactions On Information Forensics And Security, VOL. 7, NO. 2.

[8] A. Miyaji, A. Nomura, K. Emura, K. Omote, and M. Soshi. (2009): A ciphertext-policy at-tribute-based encryption scheme with constant ciphertext length. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 13–23. Springer, Heidelberg. [9] K. Ohta, K. yoneyama, and T. Nishide (2008).: „Attribute-based encryption with partially hidden encryptor-speciied access struc

(9)

[10] Doshi Nand and Jinwala D “Updating attribute in CP-ABE: A New Approach”. http://eprint.iacr.org/2012/496.pdf

[11] Dijiang H. and Zhibin Z., On Eficient Ciphertext-Policy Attribute Based Encryption and Broadcast Encryption. http://eprint.iacr.

org/2010/395.pdf.

[12] Luan Ibraimi, Pieter Hartel, Qiang Tang, and Willem Jonker (2009). Eficient and Provable Secure 1Ciphertext-Policy

Attribute-Based Encryption Schemes. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 1–12. Springer, Heidelberg.

[13] G.Wang, J.Wu and Q. Liu, (2010) , “Hierachical attibute-based encryption for ine grained access control in cloud storage devices.” in Proc. ACM Conf. Computer and Communications Security (ACM CCS), Chicago, IL.

[14] S.G.Weber,(2009) “Securing irst response coordination with dynamic attribute-based encryption,” in Proceedings of 2009 world

congress on privacy, Security, Trust and the Management of e-Business (CONGRESS 2009). IEEE Computer Society, pp. 58 – 69.

[15] Hyo-Jin Shin, Young- Gi Min andYoung-Hwan Bang. (2012) , “Cloud Computing Security Issues and Access Control Solutions”

Imagem

Figure 1. System Model
Figure 2. Access Structure
Figure 4. Select group
Figure 5. User Login
+3

Referências

Documentos relacionados

Optimal cloud security practices should include encryption of sensitive data used by cloud- based virtual machines; centralized key management that allows the user

Resultados: por meio desta pesquisa foi possível compreender que a avaliação do perfil epidemiológico, principalmente relacionadas ao controle e prevenção das

Temporal Attribute-based Access Control (TAAC) is proposed to provide the efficient data access control schemes in multi authority cloud storage systems on attribute level.. In

The cloud computing security based on fully Homomorphic encryption, is a new concept of security which enables providing results of calculations on encrypted

proposed model that is, “Quality based Enhancing the user data protection via fuzzy rule based systems in cloud environment ”, will helps to the cloud clients by

Another problem in cloud computing is that huge amount of logs make the system administarator hard to analyse them.In this paper we proposed the method that enables cloud

Keywords: Searchable Symmetric Encryption; Trusted Hardware; Cloud Computing; Privacy; Secure Boolean Querying; Secure Content-Based Image

With this in mind, the cloud computing system (OpenStack) described in this chapter aims to provide the core features of a cloud computing architecture, On-demand self- service