Secure Data Sharing in Cloud Computing Using Revocable-Storage Identity-Based Encryption
Abstract
Cloud computing provides a flexible and convenient way for data sharing, which brings various benefits for both the society and individuals. Secure Data Sharing in Cloud Computing Using Revocable-Storage Identity-Based Encryption But there exists a natural resistance for users to directly outsource the shared data to the cloud server since the data often contain valuable information. Thus, it is necessary to place cryptographically enhanced access control on the shared data. Secure Data Sharing in Cloud Computing Using Revocable-Storage Identity-Based Encryption is a promising primitive cryptographic to build a practical data sharing system. Access control is not static, however. That is, when the authorization of some user has expired, there should be a mechanism that can remove him / her from the system. Consequently, the revoked user can not access the previously and subsequently shared data. To this end, we propose a notion called revocable-storage identity-based encryption (RS-IBE), which can provide forward/backward security of ciphertext by simultaneously introducing user revocation and ciphertext update functionalities.
Advantages
- We provide formal definitions for RS-IBE and its corresponding security model;
- We present a concrete construction of RS-IBE.
- The proposed scheme can provide confidentiality and backward/forward2 secrecy simultaneously
- We prove the security of the proposed scheme in the standard model, under the decisional ℓ-Bilinear Diffie-Hellman Exponent (ℓ-BDHE) assumption. In addition, the proposed scheme can withstand decryption key exposure
- The procedure of ciphertext update only needs public information. Note that no previous identity-based encryption schemes in the literature can provide this feature;
Disadvantages
- Unfortunately, existing solution is not scalable, since it requires the key authority to perform linear work in the number of non-revoked users. In addition, a secure channel is essential for the key authority and nonrevoked users to transmit new keys.
- However, existing scheme only achieves selective security.
- This kind of revocation method cannot resist the collusion of revoked users and malicious non-revoked users as malicious non-revoked users can share the update key with those revoked users.
- Furthermore, to update the ciphertext, the key authority in their scheme needs to maintain a table for each user to produce the re-encryption key for each time period, which significantly increases the key authority’s workload.
System Configuration
H/W System Configuration
Speed : 1.1 GHz
RAM : 256 MB(min)
Hard Disk : 20 GB
Floppy Drive : 1.44 MB
Key Board : Standard Windows Keyboard
Mouse : Two or Three Button Mouse
Monitor : SVGA
S/W System Configuration
Platform : cloud computing
Operating system : Windows Xp,7,
Server : WAMP/Apache
Working on : Browser Like Firefox, IE
Conclusion
Cloud computing brings great convenience for people. Particularly, it perfectly matches the increased need of sharing data over the Internet. In this paper, to build a costeffective and secure data sharing system in cloud computing, we proposed a notion called RS-IBE, which supports identity revocation and Cipher Text update simultaneously such that a revoked user is prevented from accessing previously shared data, as well as subsequently shared data. Furthermore, a concrete construction of RS-IBE is presented.
