Achieving Secure and Scalable Data Access Control in Cloud Computing

Cloud computing enables remote data storage and application utilization without local hardware and software management. This paper addresses challenges related to data security and access control in cloud environments, emphasizing the need for fine-grained data access control. It discusses the complexities involved in managing data access privileges in cloud servers and the use of attribute-based encryption for secure data sharing.

• Cloud Computing
• Data Security
• Access Control
• Scalability
• Attribute-Based Encryption

harl Follow

Uploaded on Sep 20, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Achieving Secure, Scalable, And Fine-grained Data Access Control In Cloud Computing Authors Shucheng Yu, Cong Wang, Kui Ren, And Wenjing Lou Hussein Almulla

2. OUTLINE Introduction What This Paper Present Models And Assumptions Proposed Scheme Complexity Summary

3. INTRODUCTION Cloud computing allow users to remotely storage their data and utilize the could application without need to local hardware and software management. The resources of the computing infrastructure are provided as services over the Internet. Saving money, instead of paying their own storage, users can use cloud for their business. Amazon provide unlimited storage for about $60 per years. Cloud users are content (data) providers. Users publish data on cloud servers for sharing. Users need fine-grained data access control in terms of which user (data consumer) has the access privilege to which types of data.

4. CLOUD Challenging :data security and access control when users outsource sensitive data for sharing on cloud servers. Introduce a heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired. In the traditional access control, data owner and servers are in the same trusted domain, where the servers are fully entrusted. This assumption no longer holds in cloud computing because data owner and cloud servers are very usually in different domains. Also cloud servers are not allowed to access the outsourced data content for data confidentiality At same time, the data resources are not physically under the full control of the owner.

5. CLOUD Fine-grained access control of data stored on untrusted cloud servers encrypting data and give decryption keys only to authorized users. Unauthorized users, including cloud servers, they do not have the key. This introduce a high complexity on key management and data encryption.

6. NOTATION

7. KEY POLICY ATTRIBUTE-BASED ENCRYPTION (KP-ABE) Public key cryptography primitive The encryptor associates the set of attributes to the message by encrypting it with the corresponding public key components. Data are associated with attributes for each of which a public key component is defined. KP-ABE scheme is composed of four algorithms: setup, encryption, key generation, decryption.

8. ATTRIBUTE-BASED ENCRYPTION (ABE) KEY POLICY ATTRIBUTE-BASED ENCRYPTION (KP-ABE) If the document can be accessed only by a personnel who is satisfying the condition.

9. KEY POLICY ATTRIBUTE-BASED ENCRYPTION (KP-ABE) A KP-ABE scheme is composed of four algorithms which can be defined as follows: Setup: takes as input a security parameter and the attribute universe U = {1, 2, . . . ,N}. It defines a bilinear group G1 of prime order p with a generator g, a bilinear map e : G1 G1 G2 . It returns the public key PK as well as a system master key MK as follows: ?? ?1 ??? ?? ?? are for attribute 1 < ? < ?, and ? ?2 is public key component.

10. KEY POLICY ATTRIBUTE-BASED ENCRYPTION (KP-ABE) ??= ??? and ? = ? ?,??, ? ??. PK is publicly known to all the parties in the system, MK is kept as a secret by the authority party. Encryption This algorithm takes a message M, the public key PK, and a set of attributes I as input. It outputs the ciphertext E with the following format: ?, i and s is randomly chosen from Zp. ? ??? ? = ???,??= ??

11. KEY POLICY ATTRIBUTE-BASED ENCRYPTION (KP-ABE) Key Generation: takes as input an access tree T, the master key MK, and the public key PK. It outputs a user secret key SK. ?? = ??? ? ? , where L denotes the set of attributes attached to the leaf nodes of T and ???=? Decryption: takes as input the ciphertext E encrypted under the attribute set I, the user s secret key SK for access tree T, and the public key PK. ??(0) ?? . ??(0) is polynomial represent the node. Computes e(??,??? ) = ?(?,?)?? 0 ? for leaf nodes. Then, Finally, it may recover the blind factor ??= ?(?,?)?? and output the message M.

12. PROXY RE-ENCRYPTION (PRE) Proxy Re-Encryption (PRE) is a cryptographic primitive in which a semi- trusted proxy is able to convert a ciphertext encrypted by A s public key into another ciphertext that can be opened by B s private key without seeing the underlying plaintext.

13. PROXY RE-ENCRYPTION (PRE)

14. WHAT THIS PAPER PRESENT This paper addresses this challenging. Defining and enforcing access policies based on data attributes, and, Allowing the data owner to delegate most of the computation tasks involved in fine- grained data access control to untrusted cloud servers without disclosing the underlying data contents Combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy re-encryption. Each data file can be associated with a set of attributes which are meaningful in the context of interest. Unique logic expression can be define from these attribute to give the access structure of each user.

15. WHAT THIS PAPER PRESENT For each attribute a public key component is defined. Data files are encrypted using public key components corresponding to their attributes. User secret keys are defined to reflect their access structures. In the proposed scheme a data owners are able to delegate tasks of data file re- encryption and user secret key update to cloud servers without disclosing data contents or user access privilege information. They used key policy attribute-based encryption (KP-ABE) and combine it with the technique of proxy re-encryption (PRE) and lazy re-encryption.

16. SYSTEM MODEL The system is composed of the following parties: Data Owner, many Data Consumers, many Cloud Servers, and a sometime Third Party Auditor. After the data owner put the data in the cloud server, userscandownload data files from Cloud Servers and then decrypt. The data owner and users do not to be always online. Cloud Servers are always online and operated by the Cloud Service Provider (CSP).

18. ASSUMPTION They assume Cloud Servers will try to find out as much secret information as possible. Also Cloud Servers are more interested in file contents and user access information. Cloud Servers might conspire with malicious users. Communication channel between the data owner/users and Cloud Servers are to be secured (such as SSL). Each party get its a public/private key pair in advance ( preload)

19. PROPOSED SCHEME They associate each data file with a set of attributes, and assign each user an expressive access structure which is defined over these attributes. They utilize KP-ABE to get data encryption keys of data files. For each data file the owner assigns a set of meaningful attributes which are necessary for access control. However, Revocation requires the data owner to re-encrypt all the data files that is accessible by the leaving user. To resolve that, they combine PRE with KP-ABE to enable the data owner to delegate most of the operations to Cloud Servers.

20. SCHEME DESCRIPTION System Level Operations: Setup: a owner chooses a security parameter, public parameter PK and the system master key MK. The data owner then signs each component of PK and sends PK along with these signatures to Cloud Servers. New File Creation Before uploading a file to Cloud Servers, the data owner processes the data file as follows: 1. select a unique ID for this data file; 2. randomly select a symmetric data encryption key and encrypt the data file; 3. define a set of attribute I for the data file and encrypt the key with I using KP- ABE.

21. SYSTEM LEVEL OPERATIONS New User Grant the data owner assigns an access structure and the corresponding secret key to the new user as follows: 1. Assign a unique identity w and an access structure P to the new user; 2. Generate a secret key SK for w. 3. Encrypt the tuple C=E(P, SK, PK, Sign(P,SK,PK)) with user w s public key. 4. Send the tuple (T,C, Sign(T,C)) to Cloud Servers, where T =(w, {j, skj}) j belong to Lp. When a Cloud Servers receive tuple (T,C, Sign(T,C), it processes as follows. 1. Verify Sign(T,C); 2. Store T in the system user list UL; 3. Forward C to the user.

22. SYSTEM LEVEL OPERATIONS After receiving C: 1. The user will decrypts it using his / her private key. 2. The user verifies the signature Sign(P,SK,PK). 3. If the signature is correct, the user accepts (P, SK, PK) as his access structure, secret key, and the system public key. Cloud Servers store all the secret key components of SK allows Cloud Servers to update these secret key components during user revocation

23. SYSTEM LEVEL OPERATIONS: User Revocation: Data owner updates the attributes that without it the leaving user cannot access to the data file. Data owner can do that by redefining the system master key components in MK, public key components of all these updated attributes in PK, and update user secret key except the revoked users. Re-encrypt the data key with the latest version of PK. This process requires overhead computation and the data owner must be online. So the author use proxy re-encryption with KP-ABE. The data owner send the user s ID, the minimal attribute set, the PRE keys, the updated public key components, along with his signatures to Cloud Servers. Cloud Servers remove the revoked user from the system user list UL and store the updated components.

24. SYSTEM LEVEL OPERATIONS File Access: Cloud Servers respond to the request of user on data file access. 1. Cloud Servers verify requesting user to check if he/she a valid user in UL. 2. If yes, Servers update the user s secret key components to the latest version 3. re-encrypt the DEKs of requested data files using the latest version of PK. 4. Cloud Servers send updated secret key components and ciphertexts of the requested data files to the user. Cloud Servers will not update/re-encrypt if secret key components/data files are already of the latest version.

25. SYSTEM LEVEL OPERATIONS When the user receive the response: 1. The user verifies if the received version of each attribute is newer 2. The user verifies the data owner s signatures. If necessary, user update the information, and decrypt the data file. File Deletion: Deleting file only request by the data owner. To delete a file, the data owner sends the file s unique ID with his/her signature on this ID to Cloud Servers.

26. ALGORITHM LEVEL OPERATIONS Include eight algorithms: 1. Asetup: input a security parameter and the attribute universe, return public key PK as well as a system master key MK 2. Aencrypt: input M, the public key PK, and a set of attributes I, and return ciphertext. 3. AKeyGen: input an access tree T, the master key MK, and the public key PK, and return a user secret key SK 4. Adecrypt: input the ciphertext, user s secret key SK, and the public key PK, and return plaintext.

27. ALGORITHM LEVEL OPERATIONS 5. AUpdateAtt: updates an attribute to a new version by redefining system master key and public key component. It output a proxy re-encryption key between the old version and the new version of the attribute. 6. AUpdateSK: translates the ciphertext component of an attribute i of a file from an old version into the latest version. 7. AUpdateAtt4File: translates the secret key component of attribute i in the user secret key SK from an old version into the latest version. 8. AMinimalSet: determines a minimal set of attributes without which an access tree will never be satisfied.

28. SECURITY ANALYSIS Cloud Servers just know the leaf node of a user access tree. As interior nodes of an access tree can be any threshold gates and they are unknown to Cloud Servers. So it is hard for Cloud Servers to figure out the access structure in order to know user access privilege information. Security of this scheme is relied on the security of KP-ABE. The standard KP-ABE is provably secure under given the Decisional Bilinear Diffie- Hellman (DBDH) problem

29. COMPUTATION COMPLEXITY In System Setup, the main computation overhead is the generation of PK and MK. In New File Creation, the main computation overhead is the encryption the data file using the symmetric and the encryption of the asymmetric using KPABE. In New User Grant, the computation overhead : For the data owner is generation of the user secret key and encryption of the user secret key using the user s public key. For Cloud Servers is one signature verification. For the user needs two PKC operations: data decryption and signature verification. In User Revocation, The computation overhead for the data owner is caused by the execution of AMinimalSet, AUpdateAtt, and the generation of the signatures for the public key components. In File Access, the main computation overhead for Cloud Servers is caused by the execution of algorithm AUpdateSK and algorithm AUpdateAtt4File.

30. COMPUTATION COMPLEXITY

31. SUMMARY They encrypt data files using symmetric key and encrypt the key with KP-ABE. They combine the technique of proxy re-encryption with KP-ABE and delegate most of the computational task to Cloud Servers (Cloud Servers keep a partial copy of each user s secret key). When the data owner redefines a certain set of attributes, owner generates proxy re- encryption keys and sends them to Cloud Servers. Then Cloud Servers can update user secret key components and re-encrypt data files without knowing the plaintexts of data files. So that will reduce the computation overhead on user revocation from the data owner.

32. THANK YOU