ISSN: 2319-2690
RAJESH* et al. International Journal for Research in Science & Advanced Technologies
Issue-1, Volume-1, 039-045
Enhanced Secure Data Access Model for Public Clouds M V Rajesh1, Soma Sekhar T2 and Siva Rama Krishna T3 1
Department of CSE,Pragati Engineering College, Andhra Pradesh, India
[email protected] 2
Department of IT, Pragati Engineering College, Andhra Pradesh, India
[email protected]
3
Department of CSE,Vishnu Institute of Technology, Andhra Pradesh, India
[email protected] Abstract: Cloud computing has emerged as a popular model in computing world in which resources of the computing infrastructure are provided as services over the Internet. A cloud computing platform dynamically provisions, configures, and deprovisions servers as needed. Promising as it is, this paradigm also brings forth many new challenges for data security and access control when users outsource sensitive data for sharing on cloud servers, which are not within the same trusted domain as data owners. Data security and access control is one of the most challenging ongoing research work in cloud computing. To keep sensitive user data confidential against untrusted servers and to mitigate their security and access control problems existing solutions use pure cryptographic techniques, this suffers from heavy computational overhead on the data owners as well as the cloud service provider for key distribution and management. In this paper we proposed a model for enhanced secure data access in cloud computing in two steps, in the first step authenticating the user using a two-step verification method and in second step providing data access using digital certificates. The proposed model is highly efficient and provably secures under existing security models. Keywords: Access Control, Attribute Certificate, Cloud Security, Cryptography, Identity Certificate, Two Step Authentication
I. Introduction Cloud computing is a class of the next generation highly scalable distributed computing platform in which computing resources are offered 'as a service' leveraging virtualization and Internet technologies. Cloud computing can also be defined as “a type of parallel and distributed system consisting of a collection of interconnected and virtualized computers that are dynamically provisioned and presented as one or more unified computing resources based on service-level agreements established through negotiation between the service provider and consumers”. Cloud-based services include various commercial models are developed that are described by “X as a Service (XaaS)” where X could be Infrastructure, Software, Platform or Education etc . Amazon's Elastic Compute Cloud (EC2) and IBM’s Blue Cloud are examples of cloud computing services. These cloud service providers allow users to instantiate cloud services on demand and thus purchase precisely the capacity they require
[Jul-Aug
2012 Edition]
when they require based on pay-per-use or subscription-based model. Although cloud computing provides a number of advantages that include economies of scale, dynamic provisioning, increased flexibility and low capital expenditures, it also introduces a range of new security risks. The biggest concerns about cloud computing are security and privacy. A client can log into Cloud from any location to access data and applications. Cloud computing will need to find ways to protect client privacy. One way is to use authentication techniques such as user names and passwords. Another is to employ an authorization format -- each user can access only the data and applications relevant to his or her job. Cloud has centralized server administration system. Centralized server administers the system, balances client supply, adjusts demands, and monitors traffic. In Cloud Computing it is very common to store data of multiple customers at one common location. Another concern is data access in cloud. These concerns originate from the fact that cloud servers are usually operated by commercial providers which are very likely to be outside of the trusted domain of users [9]. Cloud computing should have provide proper techniques for data security and confidentiality. In this paper we address a two-step verification method, an added extra layer of security for authenticating the user in order to provide cloud access and providing data accesses using RSA Tokens. The remainder of the paper is organized as follows. Section II reviews the Data Security Problem. Section III discusses early work. Section IV presents models and assumptions. In Section V presents the proposed scheme. In Section VI analyzes the scheme in terms of performance and strength Finally, Section VII concludes the paper and presents future research directions.
II. DATA SECURITY PROBLEM The first step in providing data security is avoiding unauthorized access, which can be done by validating the users. Authentication is the process of uniquely identifying a user by verifying his or her credentials. Validating that identity establishes a trust relationship for further interactions. User authentication is required when the user attempts to access the data or when the application makes a connection to
Page 39
ISSN: 2319-2690
RAJESH* et al. International Journal for Research in Science & Advanced Technologies
Issue-1, Volume-1, 039-045 a remote service or accesses locally held data. If an application or data is centrally deployed, securing the application or data is important, so that it can be accessed only by authorized users. These users must first be authenticated by the server, which checks to see if they are authorized to access the data or not. Most security-conscious enterprises today implement some form of authentication and authorization for accessing network resources. The benefits to this approach are clear – user permissions can be verified before granting access to resources, and user activity can be monitored through various logging mechanisms. Authentication can be implemented in many ways. The importance of selecting an appropriate authentication method is perhaps the most crucial decision in designing secure systems. Some authentication methods are plain password authentication, easily implemented but are in general weak and primitive. The fact that plain password authentication it is still by far the most widely used form of authentication, gives credence to the seriousness of the lack of security on both the Internet and within private networks. Other methods of authentication that may be complex and require more time to implement and maintain, but provides strong and reliable authentication (provided one keeps its secrets, i.e. private keys and phrases). There are some ways in which authentication fall into three categories, also known as factors of authentication. Each authentication factor covers a range of elements used to authenticate or verify a person's identity prior to being granted access, approving a transaction request, signing a document or other work product, granting authority to others, and establishing a chain of authority. The authentication factors are: Something the user has (e.g., wrist band, ID card, security token, software token, phone, or cell phone), knowledge factors: Something the user knows (e.g., a password, pass phrase, or personal identification number (PIN), challenge response (the user must answer a question)), inherence factors: Something the user is or does (e.g., fingerprint, retinal pattern, DNA sequence, signature, face, voice, unique bio-electric signals, or other biometric identifier). After authentication, authorization is another process which allows or limits the levels of access and action permitted to that entity, based on user’s identity. The fundamental goal of any access control mechanism is to provide a verifiable system for guaranteeing the protection of information from inappropriate access as by defining some security policies. In general, this security policy to access control implementation depends on the nature of the policy but involves the inclusion of at least one of the following controls: • Confidentiality- Control disclosure of information • Integrity - Control modification of information
III. EARLY WORK Depending on the resources there are different types of access control methods, which can also use cryptographic algorithms. Several cryptographic access methods has been defined and implemented in cloud computing. The work done in [8][10-11] propose cryptographic access control model as shown in Fig.1 which is also considered as the system
[Jul-Aug
2012 Edition]
model in our work. The model depicted in Fig.1 has three participants Data Owner (DO), Could Service Provider (CSP), and User. The DO places the data on the CSP which user wants to access. As the CSP is un-trusted, DO places encrypted data on CSP. Upon receiving a data access request from the user, DO sends required keys and a certificate to the user. User then presents the certificate to CSP and gets the encrypted data upon successful verification by CSP as shown in Fig.1. The model described in Fig.1 guarantees confidentiality, integrity and authentication, but the problem with this model is that the owner should be always online when the user wants to access the data [12]. The key management between all the communicating parties is also cumbersome. In some situations, an owner with poor computing capabilities becomes a bottleneck.
Fig.1: Cryptographic Access Control Model A few research efforts have directly tackled the issues of access control in cloud computing model. Yu et al. [9] proposed a scheme to achieve fine-grained, secure, and scalable access control in cloud computing by combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy re-encryption. A set of attributes are associated to a file that are meaningful in the context of interest. The access structure of each user is defined as a logical expression over these attributes, which reflects the scope of data file that the user is allowed to access. A public key component is defined for each attribute. Data files are encrypted using the public keys corresponding to their attributes. User secret keys are defined matching their access structures so that a user is able to decrypt a cipher text if and only if the data file attributes satisfy his access structure. The main issue with this scheme is that as the cloud servers store a vast amount of data, deriving a unique logical expression for every user using the attributes of every file will become computationally complex. Also, re-encryption becomes a problem as updating the user secret for all the users except the revoked one is a challenging process when the number of users is high. Ateniese et al. [14] proposed a secure distributed storage scheme based on proxy re-encryption. The data owner encrypts blocks of content with symmetric content keys. The content keys are all encrypted with a master public key. The data owner uses his master private key and user’s public key to generate proxy re-encryption keys, using which the semi-trusted server can then convert the cipher text into plaintext for a specific user. The issue with this scheme is that collaboration between a malicious server and any single malicious user would expose decryption keys of all the encrypted data and compromise data security of the system. Miklau et al. [16] presented a framework for access control on published XML documents by using different cryptographic keys over different portions of XML tree. They also introduced special metadata nodes in the structure to enforce access control. The complexity of this approach is XML tree generation and key management.
Page 40
ISSN: 2319-2690
RAJESH* et al. International Journal for Research in Science & Advanced Technologies
Issue-1, Volume-1, 039-045 Vimercati et al. [17] proposed a solution for securing data storage on untrusted servers. Each file is encrypted with a symmetric key and each user is assigned a secret key. The data owner creates corresponding public tokens from which, together with his secret key, the user derives decryption keys. The data owner sends these public tokens to the semi-trusted server and also delegates the responsibility of distribution. Given these public tokens, the server is not able to derive the decryption key of any file. This approach introduced a minimal number of secret key per user and a minimal number of encryption key for each file. The issue with this scheme is that the complexity of operations of file creation and user grant or user revocation requests is linear to the number of users, because of which the scheme becomes non-scalable. Naor et al [18] proposed application of symmetric key primitives in an untrusted storage environment to ensure data confidentiality and access control. The scheme is based on pre-key distribution mechanisms using Blom [19] scheme that can reduce public key cryptography in the storage-as-a-service model. The issue in this work is that they have not evaluated the performance of their schemes and also, do not provide an expressive access control model.
IV. MODEL AND ASSUMPTIONS In our model, we assume that the system is composed of a Data Owner, many Data consumers called as Users, and a Cloud Service Provider. The users will get authenticated using a two-step verification method, after successfully authentication only data file that is stored on the CSP by the DO is accessed in a confidential manner using digital certificates . We also assume that neither the DO nor the User will be always online. DO comes online when a new user is to be registered or when the certificates is to be updated at CSP. CSP is always online. We also assume that the DO can also execute a binary application code at the CSP for managing his data files in addition to storing those in encrypted form. Communication between CSP and user or between user and DO is made secure using cryptographic primitives like RSA Encryption with Digital Certificate. We had chosen RSA Encryption between CSP and the user, because enabling RSA encryption will require all connections to create digital certificate which are unique to each user. With this we achieve the secure data exchange for every new session as RSA Encryption is more secure, efficient and digital certificate is also used to setup an encrypted session so that others cannot see the information, which is in transit over web. In our model, users cannot access other’s data files as there will be no capability granted by DO for these users.
[Jul-Aug
V. PROPOSED SCHEME In this section, we provide a proposed operational architecture and pseudo code of algorithms. The data access
without required security levels is shown in Fig.2, where CSP must be trust-worthy, so that it does not do any harm to the sensitive data, which is not guaranteed. As shown in the Fig.2, the DO must be online to access the new user request. A Controlled access mechanism must be implemented to access the Cloud data. Fig.2: A Scenario depicting unsecure and inefficient access to the outsourced data The User Credentials which are sent to the DO and the data which is obtained from CSP must be secured in transmit, to counter any security attacks. The proposed scheme will explain how we can achieve the security requirements and controlled access mechanism. Fig.3 shows user authentication. User will be authenticated using two – step verification, i.e when a user signs into CSP by giving his/her username and password, a access code (Random Number) will be sent to mobile which adds an extra layer of security for user account. By entering the access code, the user will be authenticated. After successful login in to CSP, each user obtains an identity certificate and attribute certificate from Certification Authority.
2012 Edition] Page 41
ISSN: 2319-2690
RAJESH* et al. International Journal for Research in Science & Advanced Technologies
Issue-1, Volume-1, 039-045
Fig.3: Two – step authentication process When a new user is to be added, it needs to send a registration request with UID, FID, Nonce, Timestamp and access rights required for the data file to the data owner which is shown in Fig.4. Here, after receiving a request, data owner verifies if it is a valid request. For simplicity we assume that the DO has a separate procedure for verifying the genuineness of the client request. DO now update the new user information in the CSP. Now the CSP sends the registration reply to the user. The nonce and timestamps in the request and reply message serve the purpose of replay and man-in-the-middle attack avoidance.
using symmetric key, the file is encrypted with Public Key [PUOWN] of Data Owner. This in turn gives cryptographic strength much more than using the later one i.e. SHA-1. This ensures data confidentiality and integrity between owner and user. The algorithm for encryption is shown in Fig.5. Step – 1: Preparing encrypted data items 1.1 for each file fi € DSi Di MD5 ( fi); Oi EK0 ( fi, Di ); 1.2 for each Object Oi EOi EKPUSP ( EKPROWN( Oi )); Step – 2: Send data items to CSP Send ( EOi, EKPUSP ) Step – 3: Updating Attribute Certificates in CA. Fig.5: Algorithm for DO encrypting the data items to be outsourced and sending to CSP.
Fig.4: Scenario of Secure data access Fig.4 illustrates the proposed scheme. The following explains the set of operations for encrypting the data. The data owner computes a message digest using MD5 for every file belonging to the data set available with it. We have used a 128-bit MD5 hash over any other like SHA-1 (160-bit) for data integrity because we are encapsulating this digest along with the file using a symmetric key. After encrypting the file [Jul-Aug
2012 Edition]
DO then send everything encrypted using its private key first and then using public key of the CSP for the purpose of authentication and confidentiality between CSP and DO. The CSP will adopt when it receives encrypted data files from the DO. It uses its own private key and the public of DO to decrypt the message and store the encrypted data files in its storage. However, our model does not allow the CSP to know the actual data items as it does not know the K0 i.e. the shared symmetric key between user and DO. This achieves one of our design objectives where the data files only should be visible to the user and DO, not to the CSP as it is available over an untrusted domain. In order to achieve enhanced secure data access in cloud computing, we uniquely provide access control using a second kind of digital certificate, the attribute certificate. An attribute certificate (AC) has a data structure comparable to an
Page 42
ISSN: 2319-2690
RAJESH* et al. International Journal for Research in Science & Advanced Technologies
Issue-1, Volume-1, 039-045 identity certificate (IC). However, a major difference is that an attribute certificate does not contain a public key. It contains attributes that specify access control information associated with the AC holder. Although this kind of authorization information can be placed in extension fields of identity certificates, there are two fundamental reasons against doing this. Firstly, the certificate authorities who issue the identity certificates are not usually responsible for this sort of authorization information. As a result, certificate authorities must take additional steps to obtain access control information from the source. Secondly, the authorization information may give different lifetimes for the binding of the identity and the public key. Placing access control information in an IC extension shortens the lifetime of an identity certificate, while time/validity requirements for attribute certificates allow both long-lived and short-lived ACs. Typical validity periods might be measured in hours, as opposed to months and years for ICs. Short validity periods also allow ACs to be used without a revocation mechanism which means access permissions can be changed in a relatively flexible way. Longer-lived ACs may be particularly relevant for authorizations that are relatively static. In this case, if a common authority is responsible for identity and attributes certification, the attributes can be included within IC extension fields, but in most cases it is better to keep the authorization attributes separate from ICs.
Notations Description PU Public Key PR Private Key PUSP Public Key of Service Provider PRSP Private Key of Service Provider PUUSR Public Key of User PRUSR Public Key of Service Provider PUOWN Public Key of Owner PROWN Private Key of Owner DSi ithData Set fi ith file Di ith file Message Digest Oi ithObject EOi Encrypted form of ith object EK Encryption DK Decryption K0 Symmetric key of owner MD5 Hash Algorithm (Message Digest) DO Data Owner CSP Cloud Service Provider IC Identity Certificate AC Attribute Certificate
VI. ANALYSIS OF THE PROPOSED SCHEME In this section, we analyze security properties of the proposed scheme. A. Data confidentiality We analyze data confidentiality of our proposed scheme by comparing it with standard encryption algorithms like Data Encryption Standard or Advanced Encryption Standard that use symmetric keys. The CSP is not able to know the owners data and also the digest due to the fact that both are encrypted and the key is only shared between data owner and user. The EK0 is a symmetric key that is only known to DO and user. After encrypting the file using symmetric key, again the file is encrypted with Public Key of Data Owner, which can be decrypted using the Private Key of the DO. This concludes that data cannot be seen by CSP. B. Authentication and Integrity The communications from DO to CSP is authenticated by encrypting the scrambled data files using the private key of owner. At the time of adding a new user, user is authenticated at owner with his private key, and also data owner is authenticated at CSP by encrypting with DO private key. The communication between CSP and user is authenticated using a two – step authentication factor which is added extra layer of security. Integrity of the data file is ensured by using MD5 as the hashing algorithm. User computes a new hash and compares it with the one appended to the data file. If both do not match, then integrity violation is reported and a message is sent to the data owner.
Figure.6: Notations used in Proposed Scheme. After user login successfully into CSP, CA issues identity certificate and attribute certificate, the actual data access request goes from user to CSP. When a user keeps a data access request to CSP, the CSP verifies the request by verifying the identity certificate and attribute certificate of user with the CA and provide access to the data. The requested encrypted data will be downloaded to user, now the user has to decrypt the data. In order to decrypt the data, user requires a decryption tool. The user can decrypt the data using decryption tool, which is available in his/her user account. To decrypt the data using decryption tool, a password is required [Jul-Aug
for it. User will get the password to his mobile, when user downloaded the data. To start decrypting the data, the user has to download the decryption tool and select the data ,enters the password which is sent to user mobile , then the tool generates the Private Key for the encrypted data, decrypts the data and calculates the digest by using the hash function .The newly calculated digest is then compared with the digest that is attached with the message to check the integrity of the message.
C. Access Control based on Attribute Certificates In our proposed scheme, access control is based on a second kind of digital certificate, the attribute certificate. The data owner is able to create identity certificate and attribute certificate in CA. Based on the user access request, the certificates are generated and issued to the user when logins into CSP. Earlier schemes [14-15] have used Access Control Lists (ACLs) for data access control, where as in our work we propose Attribute Certificate which contains data structure for controlling access to data files. In a cloud computing environment, creating an ACL for an object for the purpose of access control may not be practicable as we may find, in most probable cases, that the data files accessed by one user may not be needed by another. This is the reason that
2012 Edition] Page 43
ISSN: 2319-2690
RAJESH* et al. International Journal for Research in Science & Advanced Technologies
Issue-1, Volume-1, 039-045 why we selected attribute certificate for access control rather than ACLs or file groups as is done in literature.
VII. CONCLUSION This paper presented a set of security protocols to secure the data files of a data owner in the cloud infrastructure. In our proposed scheme, the combined approach of access control and cryptography is used to protect the outsourced data. We use a two – step authentication for authenticating user and a second kind of digital certificate, attribute certificate for access control mechanism along with public key encryption. The public key, hash, and private key ciphers that are proposed between cloud service provider, data owner, and user ensure an isolated and secure execution environment at the cloud. This paper also presented a proof of concept implementation of the cryptographic algorithms in a cloud computing environment. The proposed scheme empowers the data owner to outsource the security enforcement process on the outsourced data files without losing control over the process. Moreover, this scheme can also delegate most of the computation overhead to cloud servers. Future extensions will include enhancement in design decisions like inclusion of a trusted third party auditor which will have capabilities of assessing and exposing cloud service risks; key management and distribution scenarios, formal security proofs of proposed security protocols.
References [1] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Kon-winski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia,“Above the clouds: A berkeley view of cloud computing,” University ofCalifornia, Berkeley, Tech. Rep. USB-EECS-2009-28, Feb 2009. [2] Amazon Web Services (AWS), http://aws. amazon.com.
available at
[3] Google App Engine, available http://code.google.com/appengine/.
at
[4] Windows Azure Certificate Services, available at http://msdn.microsoft.com/en-us/library/ee758713.a spx [5] Two-factor authentication by Wikipedia, available at http://en.wikipedia.org/wiki/Two-factor_authenticat ion [6] Google 2-step verification, available at https://support.google.com/accounts/bin/answer.py? hl=en&answer=180744 [7] Access Control based on Attribute Certificates for Medical Intranet Applications, available at http://www.jmir.org/2001/1/e9/ [8] S. D. C. diVimercati, S. Foresti, S. Jajodia, S. Paraboschi, andP.Samarati, “A Data Outsourcing Architecture Combining Cryptographyand Access [Jul-Aug
2012 Edition]
Page 44
Control,” in Proc. of ACM Workshop on ComputerSecurity Architecture (CSAW’07), Nov 2007, USA. [9] S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving Secure, Scalable,and Fine-grained Data Access Control in Cloud Computing,” in Proc.of IEEE INFOCOM 2010, 2010. [10] W. Wang, Z. Li, R. Owens, and B. Bhargava, “Secure and efficientaccess to outsourced data,” in Proc. of ACM Cloud ComputingSecurity Workshop 2009, pp. 55-65, 2009. [11] S. Kamara, and K. Lauter, “Cryptographic Cloud Storage,” in Proc. Of Financial Cryptography: Workshop on real life cryptographic protocolsand standardization, 2010, fromhttp://research.microsoft.com/pubs/112576/cry pto-cloud.pdf [12] Z. Dai, and Q. Zhou, “A PKI-based Mechanism for Secure and Efficient Access to Outsourced Data,” in Proc. of International Conference on Networking and Digital Society, 2010, pp. 640-643. [13] J. Anderson, “Computer Security Technology Planning Study,” Air Force Electronic Systems Division, report ESD-TR-73-51, 1972, from http://seclab.cs.ucdavis.edu/projects/history/ [14] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved proxy re-encryption schemes with applications to secure distributed storage,” in Proc. of NDSS’05, 2005. [15] S. D. C. diVimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, “Over-encryption: Management of access control evolutionon outsourced data,” in Proc. of VLDB’07, 2007. [16] G. Miklau, and D. Suciu, Controlling access to published data using cryptography, Proc. 29th VLDB,Germany, Sept 2003, pp. 898-909. [17] E. Goh, H. Shacham, N. Modadugu, and D. Boneh, Sirius: Securing remote untrusted storage, Proc.Network and Distributed Systems Security Symposium (NDSS’03), San Diego, California, USA, 2003, pp.131-145. [18] Dalit Naor, A. Shenhav, and A. Wool, Towardsecuring untrusted storage without public-key operations, Proc. 2005 ACM Workshop on Storage Security and Survivability (StorageSS), Virginia,USA, Nov 2005, pp. 51-56. [19] Rolf Blom, An optimal class of symmetric key generation systems, Proc. EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques, Springer Verlag, NY, USA, 1985, pp. 335-338. [20] L. M. Vaquero, L. Rodero-Merino, J. Caceres, and M. Lindner, A Break in the Clouds: Towards a Cloud Definition, Proc. ACM SIGCOMM Computer Communication Review, 39(1), Jan 2009, pp. 50-55.
ISSN: 2319-2690
RAJESH* et al. International Journal for Research in Science & Advanced Technologies
Issue-1, Volume-1, 039-045
Author Biographies Mr. M.V.Rajesh is an Associate Professor in the department of Computer Science Engineering,Pragati Engineering College. He is a postgraduate in Computer Science and Engineering and had 6 years of teaching and research experience, 5 years of industry experience. His research interests include Cloud Computing, Parallel Programming , Program Slicing and Object Oriented Design. Mr. T.Soma Sekhar is an Assistant Professor in the department of Information Technology, Pragati Engineering College. He is graduated in Computer Science and Engineering and had 4 years of teaching and research experience. His research interests include Network Security, Cloud Computing and Virtualization.
Mr. Siva Rama Krishna T is anAssistant Professor in the department ofComputer Science and Engineering,Vishnu Institute of Technology. He is a postgraduate in Computer Networks andhad 3 years of teaching and researchexperience. His research interests includedata mining, cloud computing andsecurity protocols
[Jul-Aug
2012 Edition] Page 45
