Policy-based Broadcast Access Authorization for Flexible Data Sharing in Clouds

      

ABSTARCT :

Cloud storage services allow data owners to outsource their potentially sensitive data (e.g., private genome data) to remote cloud servers in a ciphertext form. To enable data owners to further share the data encrypted in ciphertexts, many proxy re-encryption (PRE) schemes are proposed. However, most schemes only support single-recipient or coarse-grained re-encryption, which may limit the flexibility for data sharing. To address this issue, we propose a Policy-based Broadcast Access Authorization (PBAA) scheme by introducing the well-established identity-based broadcast encryption (IBBE) and key-policy attribute-based encryption into PRE. In our PBAA scheme, a data owner can apply IBBE to encrypt his data to a group of recipients. More importantly, the data owner can generate a delegation key with an access policy, and send this key to the cloud such that it can convert any initial ciphertext satisfying the access policy into a new ciphertext for a new group of recipients. With these features, cloud users can share their remote data in a secure and flexible way. Security analysis and performance evaluation show that the PBAA scheme is secure and efficient, respectively.

EXISTING SYSTEM :

? These algorithms become sublinear in the number of existing Usrs as they are executed with a logarithmic number of secrets to cover all existing Usrs. ? Such schemes assure forward and backward security by only changing the public information and without affecting secret shares given to existing users. ? The ability to derive the secret encryption/decryption keys using public values is a key point to achieve transparency in subscription handling. Most of the existing GKM schemes fail to achieve this objective. ? The rekey process is not transparent, thus shifting the burden of acquiring new keys on existing users when others leave or join.

DISADVANTAGE :

? This raises a serious problem when the encrypted data needs to be shared to more people beyond those initially designated by the data owner. ? To address this problem, we introduce and formalize an identity-based encryption transformation (IBET) model by seamlessly integrating two well-established encryption mechanisms, namely identity-based encryption (IBE) and identity-based broadcast encryption (IBBE). ? This paper attempts to solve such problem technically so that the authorities can transform the ciphertexts from one 2 encryption system to another, without handing over their decryption keys. ? This scheme requires the interaction between data owners and a key generator authority for each transformation, which may result an efficiency problem.

PROPOSED SYSTEM :

• The proposed key management scheme works efficiently even when there are thousands of Usrs. • The OCBE protocols, proposed by Li and Li, provide the capability of delivering information to qualified users in an oblivious way. • Based on our preliminary work , we propose a provably secure BGKM scheme, called ACVBGKM, and formalize the notion of BGKM. • Having identified these problems, our preliminary work , proposes an approach to make rekey transparent to users by not distributing actual keys during the registration phase. • We propose an efficient approach for finegrained encryption-based access control for documents stored in an untrusted cloud file storage.

ADVANTAGE :

? The performance of the asymmetric encryption is thus independent of the data size. ? We conducted a series of experiments to evaluate the performance of the IBET scheme. ? In particular, we implemented the efficient BB04 IBE scheme to compare its performance with ours in terms of file creation and file access. ? Many efforts have been made to improve efficiency and security of PRE and most of them focus on unidirectional PRE. ? Moreover, it enables users to first choose efficient identitybased encryption mechanisms to protect data, and then transform the encrypted data (if they like) so that users from a different (IBBE) encryption system can access.

Download DOC Download PPT

We have more than 145000 Documents , PPT and Research Papers

Have a question ?

Chat on WhatsApp