Achieve Effective Security Mechanisms and Self-contained Data Protection in Cloud Computing Environment

Authors(2) :-Y Srinivasa Rao, Rachakonda Sai

For big business frameworks running on open clouds in which the servers are outside the control area of the venture, access control that was customarily executed by reference screens conveyed on the framework servers can never again be trusted. Subsequently, an independent security plot is viewed as a successful path for protecting outsourced data. In any case, building such a plan, to the point that can execute the access control policy of the undertaking has turned into a vital test. In this paper, we propose an independent data protection component called RBAC-CPABE by incorporating role-based access control (RBAC), which is generally utilized in big business frameworks, with the ciphertext-policy attribute-based encryption (CP-ABE). To begin with, we introduce a data-centric RBAC (DC-RBAC) demonstrate that backings the detail of fine-grained access policy for every datum question improve RBAC's access control capacities. At that point, we combine DC-RBAC and CP-ABE by communicating DC-RBAC arrangements with the CP-ABE access tree and encode data utilizing CP-ABE. Since CP-ABE upholds both access control and unscrambling, access approval can be accomplished by the data itself. A security investigation and trial comes about demonstrate that RBAC-CPABE keeps up the security and proficiency properties of the CP-ABE plot on which it is based, however considerably enhances the access control capacity. At last, we show an actualized system for RBAC-CPABE to protect privacy and uphold access control for data put away in the cloud.

Authors and Affiliations

Y Srinivasa Rao
MCA Department, Vignan's Lara Institute of Technology and Science, Vadlamudi, Guntur, Andhra Pradesh, India
Rachakonda Sai

Role-based access control, ciphertext-policy attribute-based encryption, self-contained data protection, cloud computing

  1. S Alliance. (2011) Security guidance for critical areas of focus in cloud computing v3.0. [Online]. Available: https://downloads.
  2. D Boneh and M. Franklin, “Identity-based encryption from the weil pairing,” in Advances in Cryptology–CRYPTO. California, USA: Springer Berlin Heidelberg, 19-23 August 2001, pp. 213–229.
  3. Y Zhu, G.-J. Ahn, H. Hu, and H. Wang, “Cryptographic role-based security mechanisms based on role-key hierarchy,” in Proceedings of the 5th ACM Symposium on Information, Computer and Commu-nications Security. Beijing, China: ACM, 13-16 April 2010, pp. 314–319.
  4. Y Zhu, H.-X. Hu, G.-J. Ahn, H.-X. Wang, and S.-B. Wang, “Prov-ably secure role-based encryption with revocation mechanism,” Journal of Computer Science and Technology, vol. 26, no. 4, pp. 697– 710, 2011.
  5. Y Zhu, G. J. Ahn, H. Hu, D. Ma, and S. Wang, “Role-based cryptosystem: A new cryptographic rbac system based on role-key hierarchy,” IEEE Transactions on Information Forensics and Security, vol. 8, no. 12, pp. 2138–2153, 2013.
  6. A Sahai and B. Waters, “Fuzzy identity-based encryption,” in Advances in Cryptology–EUROCRYPT 2005, vol. 3494. Aarhus, Denmark: Springer Berlin Heidelberg, 22-26 May 2005, pp. 457– 473.
  7. V Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” in Proceedings of the 13th ACM conference on Computer and communi-cations security. Alexandria, Virginia, USA: ACM, 30 October-3 November 2006, pp. 89–98.
  8. J Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” in IEEE Symposium on Security and Privacy. Berkeley, CA: IEEE, 20-23 May 2007, pp. 321–334.
  9. Y Zhu, D. Huang, C. J. Hu, and X. Wang, “From rbac to abac: Con-structing flexible data access control for cloud storage services,” IEEE Transactions on Services Computing, vol. 8, no. 4, pp. 601–616, July 2015.
  10. B. Lang, R. Xu, and Y. Duan, “Extending the ciphertext-policy attribute based encryption scheme for supporting flexible access control,” in Proceedings of the 10th International Conference on Secu-rity and Cryptography. Reykjavik, Iceland: IEEE, 29-31 July 2013, pp. 1–11.
  11. “Self-contained data protection scheme based on cp-abe,” E-Business and Telecommunications, vol. 456, pp. 306–321, 2014.
  12. D. Ferraiolo and R. Kuhn, “Role-based access control,” in 15th National Computer Security Conference. Baltimore, Maryland: Na- tional Institute of Standards and Technology, 13-16 October 1992, p. 554lC563.
  13. J. Crampton, “Cryptographic enforcement of role-based access control,” in Formal Aspects of Security and Trust. Pisa, Italy: Springer Berlin Heidelberg, September 16-17 2011, pp. 191–205.
  14. L. Zhou, V. Varadharajan, and M. Hitchens, “Enforcing role-based access control for secure data storage in the cloud,” The Computer Journal, vol. 54, no. 10, pp. 1675–1687, 2011.
  15. C. Hong, Z. Lv, M. Zhang, and D. Feng, “A secure and efficient role-based access policy towards cryptographic cloud storage,” in 12th International Conference on Web–Age Information Management, vol. 6897. Wuhan, China: Springer Berlin Heidelberg, 14-16 September 2011, pp. 264–276.
  16. B. Waters, “Ciphertext-policy attribute-based encryption: An ex-pressive, efficient, and provably secure realization,” in Public Key Cryptography–PKC 2011. Taormina, Italy: Springer Berlin Heidel-berg, 6-9 March 2011, pp. 53–70.
  17. S. Hohenberger and B. Waters, “Attribute-based encryption with fast decryption,” in Public Key Cryptography. Nara, Japan: Springer Berlin Heidelberg, 26 FebruarylC1 March 2013, pp. 162–179.
  18. J. Herranz, F. Laguillaumie, and C. R A Fols, “Constant size ciphertexts in threshold attribute-based encryption,” in Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography. Paris, France: Springer Berlin Heidelberg, 26-28 May 2010, pp. 19–34.
  19. A. Ge, R. Zhang, C. Chen, C. Ma, and Z. Zhang, “Threshold ciphertext policy attribute-based encryption with constant size ciphertexts,” in 17th Australasian Conference on Information Security and Privacy. Wollongong, Australia: Springer Berlin Heidelberg, 9-11 July 2012, pp. 336–349.
  20. X. Liu, J. Ma, J. Xiong, Q. Li, T. Zhang, and H. Zhu, “Threshold attribute-based encryption with attribute hierarchy for lattices in the standard model,” IET Information Security, vol. 8, no. 4, pp. 217–223, 2014.
  21. L Cheung and C. Newport, “Provably secure ciphertext policy abe,” in Proceedings of the 14th ACM conference on Computer and communications security. Alexandria, Virginia, USA: ACM, 29 October-2 November 2007, pp. 456–465.
  22. T. Nishide, K. Yoneyama, and K. Ohta, “Attribute-based encryp-tion with partially hidden encryptor-specified access structures,” in Applied Cryptography and Network Security. New York, USA: Springer Berlin Heidelberg, 3-6 June 2008, pp. 111–129.
  23. K. Emura, A. Miyaji, A. Nomura, K. Omote, and M. Soshi, “A ciphertext-policy attribute-based encryption scheme with constant ciphertext length,” in Information Security Practice and Experience. Xi’an, China: Springer Berlin Heidelberg, 13-15 April 2009, pp. 13–23.
  24. F. Guo, Y. Mu, W. Susilo, D. S. Wong, and V. Varadharajan, “Cp-abe with constant-size keys for lightweight devices,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 5, pp. 763–771, 2014.
  25. P. Junod and A. Karlov, “An efficient public-key attribute-based broadcast encryption scheme allowing arbitrary access policies,” in Proceedings of the 10th annual ACM workshop on Digital rights management. Chicago, Illinois, USA: ACM, 04-08 October 2010, pp. 13–24.
  26. R. Ostrovsky, A. Sahai, and B. Waters, “Attribute-based encryption with non-monotonic access structures,” in Proceedings of the 14th ACM conference on Computer and communications security. Alexan-dria, Virginia, USA: ACM, 29 October-2 November 2007, pp. 195– 203.
  27. S. Xiaolin, W. Pengpian, and Z. Liwu, “Kp-abe based verifiable cloud access control scheme,” in 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). Melbourne, Australia: IEEE, 16-18 July 2013, pp. 34– 41.
  28. N. Attrapadung, J. Herranz, F. Laguillaumie, B. Libert, E. de Panafieu, and C. Rld’fols, “Attribute-based encryption schemes with constant-size ciphertexts,” Theoretical Computer Sci-ence, vol. 422, no. 9, pp. 15–38, 2012.
  29. A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Water-s, “Fully secure functional encryption: Attribute-based encryp-tion and (hierarchical) inner product encryption,” in Advances in Cryptology–EUROCRYPT 2010. Riviera, France: Springer Berlin Heidelberg, 30 MaylC3 June 2010, pp. 62–91.
  30. Y. Zhu, H. Hu, G.-J. Ahn, M. Yu, and H. Zhao, “Comparison-based encryption for fine-grained access control in clouds,” in Proceedings of the second ACM conference on Data and Application Security and Privacy. San Antonio, Texas, USA: ACM, 07-09 February 2012, pp. 105–116.
  31. B. Waters, “Functional encryption for regular languages,” in Ad-vances in Cryptology–CRYPTO 2012. Santa Barbara, USA: Springer Berlin Heidelberg, 19-23 August 2012, pp. 218–235.

Publication Details

Published in : Volume 4 | Issue 2 | March-April 2018
Date of Publication : 2018-04-30
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 95-100
Manuscript Number : CSEIT1833620
Publisher : Technoscience Academy

ISSN : 2456-3307

Cite This Article :

Y Srinivasa Rao, Rachakonda Sai, "Achieve Effective Security Mechanisms and Self-contained Data Protection in Cloud Computing Environment", International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 4, Issue 2, pp.95-100, March-April-2018.
Journal URL :

Article Preview