An Improved Authentication Scheme for Remote Data Access and Sharing Over Cloud Storage in Cyber-Physical-Social-Systems

Cyber-physical-social systems (CPSSs) epitomize an evolving paradigm, including the social, physical, and cyber world. The vital goal of CPSSs is to offer personalized, high-quality, and proactive services for the end-users. An ingenious framework for reliable services is required for CPSSs to achieve this purpose. In this regard, the cloud storage environment of cloud computing (having a great connection with the physical, cyber, and social world) requires a reliable framework for secure communication between cloud and users. Cloud storage provides various services that need scalable, cost-effective, and secure facilities of data management. Public cloud storage bound its users to maintain strict security considerations that are offered by cloud service providers. On the other hand, an opportunity for users is offered by private cloud storage to construct a controlled and self-managed model of data security. This mobile model is responsible for managing the sharing and accessing of data privately. Despite that, it induces new challenges of data security. One censorious problem is to ensure the authenticated and secure model of data-storage for accessing the data under the controlled environment of data accessibility. To tackle this challenge, many protocols have been developed. The problem is that all these protocols are unable to fulfill the required security efficiency and are susceptible to various security attacks. Recently, Tiwari et al. presented an authentication scheme for data sharing and access with a biometric feature. They claimed that their scheme resists significant security attacks. However, in this article, we show that the claim of Tiwari et al. for developing a secure scheme is not valid, and their protocol is insecure against user and server impersonation attacks. Moreover, the protocol of Tiwari et al. do not provide user anonymity. Therefore, we present an enhanced, secure, and convenient scheme for data access. Besides, in order to add the flexible distribution of data that is controlled by data-owner, our protocol provides proxy re-encryption in which the cloud server utilizes the proxy re-encryption key. Then, the data-owner generates the credential token during decryption for controlling user’s accessibility. The security analysis determines that our proposed protocol resists numerous security attacks. Furthermore, performance analysis determines that our protocol has practical computation, communication, and storage costs as compared to various related protocols. Consequently, our introduced protocol achieves not only the security goals but also has performance efficiency comparable to numerous relevant protocols of cloud storage.

[1]  Chen Yanli,et al.  Attribute-based access control for multi-authority systems with constant size ciphertext in cloud computing , 2016 .

[2]  Minyi Guo,et al.  Mobile Crowdsensing in Software Defined Opportunistic Networks , 2017, IEEE Communications Magazine.

[3]  Saru Kumari,et al.  Secure Remote User Mutual Authentication Scheme with Key Agreement for Cloud Environment , 2019, Mob. Networks Appl..

[4]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[5]  Laurence T. Yang,et al.  A Tensor-Based Big Service Framework for Enhanced Living Environments , 2016, IEEE Cloud Computing.

[6]  Yogesh Simmhan,et al.  Designing a secure storage repository for sharing scientific datasets using public clouds , 2011, DataCloud-SC '11.

[7]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[8]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[9]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[10]  Rajkumar Buyya,et al.  Dynamic remote data auditing for securing big data storage in cloud computing , 2017, Inf. Sci..

[11]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[12]  Jin Li,et al.  Enabling efficient and secure data sharing in cloud computing , 2014, Concurr. Comput. Pract. Exp..

[13]  Mukaddim Pathan,et al.  Security, Privacy and Trust in Cloud Systems , 2013 .

[14]  Shiping Chen,et al.  Secure Data Sharing in the Cloud , 2014 .

[15]  Zhenfeng Zhang,et al.  Secure and Efficient Data-Sharing in Clouds , 2013, 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies.

[16]  Wei Shen,et al.  An Efficient and Provably Secure Anonymous User Authentication and Key Agreement for Mobile Cloud Computing , 2019, Wirel. Commun. Mob. Comput..

[17]  Yong Tang,et al.  Trusted Data Sharing over Untrusted Cloud Storage Providers , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[18]  Jianhua Ma,et al.  A systematic methodology for augmenting quality of experience in smart space design , 2015, IEEE Wireless Communications.

[19]  Kakali Chatterjee,et al.  Cloud security issues and challenges: A survey , 2017, J. Netw. Comput. Appl..

[20]  Benoît Libert,et al.  Unidirectional Chosen-Ciphertext Secure Proxy Re-Encryption , 2008, IEEE Transactions on Information Theory.

[21]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[22]  Xingming Sun,et al.  Enabling Personalized Search over Encrypted Outsourced Data with Efficiency Improvement , 2016, IEEE Transactions on Parallel and Distributed Systems.

[23]  Lu Zhou,et al.  Lightweight IoT-based authentication scheme in cloud computing circumstance , 2019, Future Gener. Comput. Syst..

[24]  Nazatul Haque Sultan,et al.  ICAuth: A secure and scalable owner delegated inter-cloud authorization , 2018, Future Gener. Comput. Syst..

[25]  Wei Li,et al.  TMACS: A Robust and Verifiable Threshold Multi-Authority Access Control System in Public Cloud Storage , 2016, IEEE Transactions on Parallel and Distributed Systems.

[26]  G. R. Gangadharan,et al.  ACDAS: Authenticated controlled data access and sharing scheme for cloud storage , 2019, Int. J. Commun. Syst..

[27]  Jing Peng,et al.  A novel encryption scheme for data deduplication system , 2010, 2010 International Conference on Communications, Circuits and Systems (ICCCAS).

[28]  Victor I. Chang,et al.  A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment , 2018, Future Gener. Comput. Syst..

[29]  Tibor Juhas The use of elliptic curves in cryptography , 2007 .

[30]  Jie Wu,et al.  Time-based proxy re-encryption scheme for secure data sharing in a cloud environment , 2014, Inf. Sci..

[31]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[32]  Jianfeng Ma,et al.  Secure, efficient and revocable multi-authority access control system in cloud storage , 2016, Comput. Secur..