An efficient dynamic fine grained access control scheme for secure data access in cloud networks

To assign access privilege for a particular authorized user without disclosing his/her identity for accessing the relevant information and protecting sensitive information from unauthorized access, fine-grained access control for cloud networks is very much essential. Recently many fine grained access control schemes for cloud environments have been proposed in literature using a promising cryptographic solution called attribute-based encryption (ABE). But in a real time scenario, most of them inevitably suffer from lots of serious drawbacks as they are incapable to fulfil some essential security, performance and functionality requirements like user anonymity, users revocation, attributes revocation and user collusion resilience. Moreover these schemes use asymmetric key encryptions which required higher computational cost. In this paper, we present an efficient and secure fine grained access control scheme applicable for cloud networks using symmetric key encryption. Our scheme is able to fulfil fine-grained access control over any type of cloud networks and also ensures that any particular legitimate user can access only that information for which he/she is permitted to access them without compromising user identity. The proposed scheme is resilient against most of all strong attacks such as replay attack and user collusion resilience attack. Moreover our scheme has the provision for user and attributes revocation efficiently. Furthermore, our proposed scheme is light-weight because it uses symmetric key encryption and decryption algorithms. Finally we have shown that our scheme requires lower computation costs and provides higher security compare to other related schemes.

[1]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[2]  Yong Tang,et al.  Fine-Grained Data Access Control Systems with User Accountability in Cloud Computing , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[3]  Ivan Stojmenovic,et al.  DACC: Distributed Access Control in Clouds , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[4]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[5]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[6]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[7]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[8]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[9]  Sushmita Ruj,et al.  Privacy Preserving Access Control with Authentication for Securing Data in Clouds , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[10]  Sushmita Ruj,et al.  Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds , 2014, IEEE Transactions on Parallel and Distributed Systems.

[11]  Nikolay Borissov,et al.  Cloud Computing – A Classification, Business Models, and Research Directions , 2009, Bus. Inf. Syst. Eng..

[12]  Santanu Chatterjee,et al.  An efficient fine grained access control scheme based on attributes for enterprise class applications , 2014, 2014 International Conference on Signal Propagation and Computer Technology (ICSPCT 2014).