Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing

0
1658
Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing

Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing

Abstract

Outsourcing data to the cloud server attracts a lot of attention with the development of cloud computing. User revocation is the primary issue in ABE schemes, however. In this  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing article, we provide a CP-ABE (CP-ABE) attribute-based encryption scheme with efficient user revocation for cloud storage system.

Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing When any user leaves, the group manager will update the private keys of users except for revoked users. In addition, the CP-ABE scheme has heavy computation costs as it grows linearly with the complexity of the access structure. We outsource high computation load to cloud service providers without leaking file content and secret keys to reduce computation costs. Notably, our scheme can withstand collusion attacks performed by revoked users cooperating with existing users.

Advantages

  • Reduce the heavy computation burden on users.
  • We outsource most of computation load to E-CSP and D-CSP and leave very small computation cost to local devices.
  • Our scheme is efficient for resource constrained devices such as mobile phones.
  • Our scheme can be used in cloud storage system that requires the abilities of user revocation and fine-grained access control.

Disadvantages

  • It is expensive in communication and computation cost for users.
  • Unfortunately, ABE scheme requires high computation overhead during performing encryption and decryption operations. This defect becomes more severe for lightweight devices due to their constrained computing resources.
  • There is a major limitation to single-authority ABE as in IBE. Namely, each user authenticates him to the authority, proves that he has a certain attribute set, and then receives secret key associated with each of those attributes. Thus, the authority must be trusted to monitor all the attributes. It is unreasonable in practice and cumbersome for authority.

System Configuration

H/W System Configuration
Speed                   : 1.1 GHz
RAM                      : 256 MB(min)
Hard Disk              : 20 GB
Floppy Drive          : 1.44 MB
Key Board             : Standard Windows Keyboard
Mouse                  : Two or Three Button Mouse
Monitor                : SVGA
S/W System Configuration
Platform                     :  cloud computing
Operating system       : Windows Xp,7,
Server                       : WAMP/Apache
Working on                : Browser Like Firefox, IE

Conclusion

This paper introduces a semi-anonymous attribute-based privilege control scheme AnonyControl and a fully anonymous attribute-based privilege control scheme AnonyControl-F to address the privacy issue in a cloud storage server. Our proposed schemes achieve not only fine-grained privilege control but also identity anonymity by using the multiple authorities in the cloud computing system while controlling privilege control based on user identity information. More importantly, up to N −2 authority compromise can be accepted by our system, which is highly preferable especially in Internet-based cloud computing environment.