[9] addressed cloud computing service offer massive advantage; the largest problem in this .... In cloud data there is so many security issues. We have proposed ...
Asian Research Consortium Asian Journal of Research in Social Sciences and Humanities Vol. 7, No. 1, January 2017, pp. 1000-1010. ISSN 2249-7315 A Journal Indexed in Indian Citation Index DOI NUMBER: 10.5958/2249-7315.2017.00038.7 Category:Science and Technology
Asian Journal of Research in Social Sciences and Humanities www.aijsh.com
Secure Wireless Cloud Data Storage using HierarchicalAttribute based Encryption with Identity Based Encryption N. Jayapandian*, A. M. J. Md. Zubair Rahman** /*Assistant Professor, Department of Computer Science & Engineering, Knowledge Institute of Technology, Salem, India. **Principal, Al-Ameen Engineering College, Erode, India.
Abstract Cloud Computing is a new paradigm for the provisioning of every network accessible Storage as a Service (SaaS). In these services provided by cloud, we consider Storage-as-a-Service which offered by cloud computing allows the user to outsource their sensitive data on cloud servers. When the users are outsourcing their data on the cloud, they want their data to be guaranteed with Confidentiality, Integrity and proper access control. In the present work we focus on a cloud based storage system where users can benefit from the facilities offered by the encryption algorithm. In cloud computing cloud users and cloud services providers are almost differ from trust domains. Wired data storage does not have that much authentication than wireless. Wireless have more interactive with everyone. We have proposed wireless cloud storage, it accessed by authenticated user only. In this paper, we are going to analysis various encryption algorithm for privacy and more security. It have more possible solutions for their limitations, that consist of Attribute based encryption (ABE), KP (key policy)-ABE, CP (cipher text)-ABE, H(Hierarchical)-ABE. This technique is more secured even though the storage of cloud is not trustworthy. The existing system which is Attribute Based Encryption systems which labels the encoded data into user’s keys. The proposed design supports continued safe and efficient dynamic activities, including block modification, deletion and append. The proposed system is very effective against data modification attack using H-ABE with combination of Identity Based Encryption (IBE).
1000
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
Keywords: Attribute Based Encryption, Cloud Computing, Encryption, Hierarchical-ABE, Identity Based Encryption.
1. Introduction Cloud computing is used to storage the data in online it’s named as storage computing. In this system the network is either private or public. The main advantage of cloud is increase the system performance and cut the cost. Cloud computing have Internet cloud of resource can be either centralized or distributed. Cloud can be creating with physical or virtualized resources over large data centers that are centralized or distributed. The cluster nodes are used to compute nodes. A node few control nodes are used to manage and cloud activities. The scheduling of user jobs requires that you assign work to virtual clusters created for users. The gateway nodes present the access points of the service from the external world. These gateway nodes can be also used for security control of the entire cloud platform. Clouds are designed to handle fluctuating workloads, and thus demand variable resources dynamically. Private clouds will satisfy this demand if properly designed and managed. Pasupuleti et al. [9] addressed cloud computing service offer massive advantage; the largest problem in this environment is data outsourcing. Suppose we use encryption methods to this outsource data the operational cost is high compare to the service cost. The cloud models have different levels of performance, data protection and security enforcement. Private clouds are easier to secure and more trustworthy within company or organization. Once private clouds become mature and better secured, they could be open or converted into public clouds. Therefore, the boundary between Public and private clouds could be blurred in the future. Most likely, most future clouds will be hybrid in nature. The basic concept of cloud computing is recycling of IT abilities. The attribute based encryption used to encrypt the cloud data. Here we addressed the problem notation of ABE [11]. ABE is a nothing but it has new public key based one-to-many encryption. The Encryption key enables access control over encrypted information with access policies and ascribed attributes. All the attributes associated with private keys and cipher texts. In ABE system two types named as CP-ABE and KP-ABE [1][5][7]. KP-ABE scheme is classical model. The user attributes are constructed by access tree structures. All the nodes are called threshold gates in the access tree. The attributes represent like that leaf node in structure. The secret key of the user defined by access structures and it can reflect. Cipher text is labeled with set of attributes and private key. These are all represented by monotonic access structures as well as control the cipher text key which is able to decrypt by user. This scheme is designed for one to many communications. The advantage of the KP-ABE the data owner not sure, that who can decrypt the cipher text apart from choosing the collection of attributes. In a situation, the data owner fully trusts the key issue and it does not express the negative attributes. Because this scheme express the pattern to monotonic structure. Zhang et al. [14] Proposes truthful online sales design in cloud computing environment, it focuses on heterogeneous demand in cloud. Hong et al. Proposed Key-insulated ABE algorithm without
1001
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
pairing scheme, this algorithm used to run bilinear pairing operation. In this KI-ABE-WP method provide high level security system while wireless data sharing [4]. The major disadvantage of ABE system is more mixing operation for encrypt and decrypt process. Recently, Wang et al. [13] proposed to this problem by introducing the notion of ABE with hierarchical decryption, which largely eliminates the decryption overhead for users. Rouselakis et al, Proposed multi-authority ABE scheme this encryption system is not a centralized authority it’s mainly focused on key distribution in different users [10]. We propose two ABE schemes based on “Authentication “and “Secure”. Through analysis we can give proposed system which is given more privacy and efficiency guarantees. The real world data set shows the proposed schemes indeed introduce low overhead computation and communication. In proposed system private key and user attributes are encrypted by hierarchical attribute based encryption (H-ABE) with combination of Identity based encryption (IBE) [5]. Sahai and water represented this scheme [11], it is called fuzzy Identity based encryption (FIBE).Identity means set of attributes which is measured by “set overlap” distance. In this scheme encryption and decryption are based on Identity performance. It is mainly used for error tolerance and making it suitable for use biometric identities. In IBE system the collusion restrict scheme is one among the top security level. Li et al, addressed Identity Base Encryption is simplify the public key generation and organizing the public key infrastructure it is another approach of encryption in public key [6]. The attributes are gradually increased based on their various parameters like computation and private key size. Hofheinz et al, proposed identity-based encryption system in tightly secure scheme. In this system implement in multi-instance and multi-ciphertext scheme it provides higher level of security in data sharing [3].
2. Material and Methods 2.1 Identity Based Encryption The IBE was introduced 1984, which is basic model ABE [8] [12]. In this scheme identity is main role of encryption and decryption. The IBE is a special case of ABE in which cipher texts are related with one attribute. Then every ciphertext have “identity” of the recipient, and a private key’s policy requires that one particular attribute, the key holder’s identity, for decryption. Main disadvantage of Attribute Based Encryption scheme is very cost effective for implementation [11]. Shamir introduced the idea of a more identity - based encryption system. The structure of the design is mentioned below. 2.2 Hierarchical Attribute-based Encryption HABE is derived by Wang et al which model Figure 1. The model consists of a root master (RM) that corresponds to the trusted third party (TTP), several domain masters (DMs) in which the toplevel DMs correspond to multiple endeavor users, and many users that communicate to all personnel in an enterprise. The Hierarchical attribute-based Encryption scheme to produce system keys in hierarchical Manner. The large numbers of data and document stored in cloud server. The storage service allows files and it provides result as similarity security to meet the efficient data retrieval need. For this 1002
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
purpose existing system have searchable encryption with help of Attribute Based Encryption.ABE focuses on more encrypted search, and rarely make different the search results. The disadvantages of existing system are authentication problem. It have only used in wired cloud storage which is used by one who access the file with permission It does not access globally. The security is not more expensive. The encryption handled by Using key policy algorithm and cipher text policy are still not fulfilling enterprise requirements of access control. These algorithms require considerable flexibility and efficiency. It does not have multiple authorities. CP-ABE has restrictions in terms of specifying policies and managing user attributes. The decryption keys only support for user attributes which is organized logically as a single set. Here the user can use the certain group which is possible in only one set. This scheme generates the encryption key based on set of attributes and cipher text key. Sahai and Waters [11] planned Attribute-Based Encryption as a new concept of encryption algorithms which is KP-ABE that allow the encrypted to set a policy describing who should be able to read the data. This scheme represented as monotonic access structure which is have access control for set of attributes and private key .Threshold gates maintained these are all things. The private keys are distributed by an authority are connected with sets of attributes and cipher texts are associated with formulas over attributes. It has some drawbacks like not more expensive decryption due to pairing operation. To overcome these are all problem we can choose hierarchical algorithm and implemented in proposed system for security growth.
Figure 1: Hierarchical attribute-based Encryption 3. H-ABE with IDE Scheme In cloud data there is so many security issues. We have proposed and solved these problems by using encryption method which increases the level of security. Among various ABE schemes, we choose the efficient encryption algorithm which is HABE with IBE. We have proposed wireless cloud storage instead of wired. Here Figure 2 shown for sharing of private key scheme in implementation phase. In proposed system data are stored in cloud storage that is data 1, data 2 and etc. All the data are encrypted using algorithm which is H-ABE with combination of IBE. Meanwhile the user can access the encrypted data from wireless. The storing data are formed as domain master. The root master scans the data and converted into secret key. The domain master 1003
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
checks the secret key whether that is eligible and managed by administrator itself. If so, the user attributes key and private key are secured in admin. Encryption and decryption key are stored and managed by admin. If the secret key matched with user private key, then it will going to H-ABE with combination of IBE. Here the secret key acts as an “Identity “based. The encryption is providing cipher text. HIBE is expanding the functionality of identity based encryption. The identity is representing as hierarchical structure which is identifies the secret key. The data are directly converted into identities which have the entire encryption key from H-ABE and generate user secret key. When data are stored in wireless storage, the user can access the data from storage with authenticated. We proposed the system, while user access the data, the key send to HABE model it convert into hierarchical model. The domain master checks the key which is eligible for user by administrator itself.
Figure 1: Architecture of H-ABE with IBE
1004
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
If the keys are matched .then it create private key. Then all the private key and user attributes access as an “Identity “which have encryption key. The user key and identity matched the data retrieved from storage with riskless sharing. In system, the genuine user accesses multiple authorities with privacy secret sharing. In proposed have more security than existing. We can implement wireless storage. In existing have wired storage, it have access by countable authenticated user. But our system have multiple authenticated user access the data simultaneously the security level is flexible. Attribute based encryption scheme represented as monotonic access structure which have access control for set of attributes and private key. Threshold gates maintained these are all things. The private keys are distributed by an authority are connected with sets of attributes and cipher texts are associated with formulas over attributes. It has some drawbacks like not more expensive decryption due to pairing operation. Time complexity is higher than existing system. We have implemented literature on ways to provide secure environment where the storage can share data with multiple user at the same time. Auditing and Authenticating in the cloud is a potential for research in the data sharing in the cloud environment. To overcome prohibited process we can complete access control policy which depends on secret key. If the user access illegally, the access control policy should “lock” the data. The cloud system handles with huge amount of data. In proposed method it gives trust worthy while data transferring in cloud. In addition, our proposed system is malleable, which indicates it is not only able to efficiently support a large number of customers to share the data also able to handle multiple auditing tasks simultaneously with secret sharing. A future research direction would be to find ways for a data owner to hold secured any member that carries authenticated data in wireless.
4. Result and Discussion In this section, we demonstrate an experimental evaluation of the proposed system on a real world data set. Here randomly select different number of data set. The whole experiment system implemented in CloudSim java based language on a Linux server with Intel core i7 processor. The hardware requirements are 200GB hard disk and 16GB RAM. The performance of our technique is evaluated regarding the efficiency of two proposed hierarchical identity based scheme, as well as identity between security and privacy. 4.1 Throughput Analysis Throughput is the rate of production in system. When storage size increasing, the production rate or throughput execution time increases in H-ABE with IBE. The process works at directly propositional to storage size. If storage size is low, the level of execution time is decreases. But in the H-ABE schemes also same concept of IBE. But it does not satisfy that much level of execution time. As well as the increasing level in both schemes have slightly some differences it have, which the level of increasing time slightly lower than H-ABE with IBE schemes. In our proposed system execution time depends on data size it shown in Figure 3.
1005
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
Figure 3: Throughput Comparison 4.2 Encryption Time Analysis The ABE cipher text size and encryption time increase linearly as the cipher text grows. H-ABE with IBE encryption time is low which is slightly higher than IBE. When data storage level is increasing the level of encryption time is too high .After reach high level certainly the time will decrease. The H-ABE with IBE scheme requites one second per one attributes. If we want to encrypted more attributes. The level of encryption time is low. The generation of encryption key time will be low in wireless cloud storage it shows in Figure 4.
Figure 4: Encryption Time Comparison 1006
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
4.3 Decryption Time Analysis
Figure 5: Decryption Time Comparison As expected, outsourcing H-ABE schemes reduces the computation time. H-ABE with IBE schemes have decryption is not same level which is increase or decrease. Decryption time slightly lower than encryption due to checking the original key and H-ABE with IBE schemes have more security level it shows in Figure 5. In H-ABE schemes have decryption time is high due to the level of security level is not strong. For this problem, we can implement H-ABE with IBE schemes in our proposed system. 4.4 CPU Utilization
Figure 6: CPU Utilization Comparison
1007
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
If storage size increases, the percentage level of CPU utilization time is increase or decreases. It is inversely propositional to storage size. When the size of the storage increased, simultaneously the process of CPU utilization is high it shows in Figure 6. In ABE schemes have alternate process of H-ABE with IBE schemes. It has accessing more data in storage. The utilization percentage is too high. It works with proportionally.
Table 1: Comparison of different Encryption Schemes
Algorith ms
KP-ABE
Computati on Overhead
60%
Encryptio n and User revocatio n
50%
CPU utilizatio n ratio
Supports users with different attributes based on key policy Supports users with different attributes organized in single set Supports users with different attributes organized in single set in hierarchic al way Supports users with different attributes based on key policy Supports users with different attributes organized in Multi set hierarchic al way
40%
CP-ABE
70%
60%
60%
H-ABE
90%
92%
80%
IBE
92%
89%
80%
H-ABE with IBE
94%
93%
80%
Applicati on Relevancy
1008
Associati on of Attribute s
Associati on of Access Policy
With ciphertext
With Key
With key
With Cipher text
Attacke rs ratio
75%
70%
With key
With cipher text
80%
With key
With cipher text
75%
With key
With cipher text
62%
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
Here Our Proposed scheme has more flexible security and time complexity with help of experimental setup. Table 1 illustrate the comparison of difference encryption scheme with the analysis of security attacker’s ratio and CPU utilization percentage. Compare to traditional encryption algorithm our proposed encryption produce better result with same CPU utilization.
5. Conclusion In this paper, we considered a new requirement of H-ABE with identity based encryption. We modified the original model of ABE with encryption algorithm in wireless cloud storage. We also proposed an H-ABE with IBE scheme with verifiable that it is secure and verifiable. To assess the practicability of our scheme, we implemented it and conducted experiments in a simulated environment. As expected, the scheme substantially reduced the computation time required for resource-limited device recover plaintexts. Attribute based encryption is an extensively used technique for access control. It has been used to refine users from accessing information .The primary advantage of ABE is key strength, enabling users to have a stronger encryption, than other encryption. The paper has distinctly identified different ABE techniques and categorized according to its functionalities. The validation of the H-ABE with IBE algorithms is also done. We have also given a comparison table of different ABE based schemes based on various features such as computation overhead, decryption and user revocation efficiency, collusion resistant, application relevancy, association of attributes and association of access policy in a five scale rating form. We have done our survey upon extensive derivatives of ABE scheme.
References Gorbunov, S., Vaikuntanathan, V., & Wichs, D , 2015,Leveled fully homomorphic signatures from standard lattices. In Proceedings of the Forty-Seventh Annual ACM on Symposium on Theory of Computing, ACM , PP. 469-477. Goyal, V., Pandey, O., Sahai, A. & Waters, B, 2006, Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security, ACM, PP. 89-98. Hofheinz, D., Koch, J., & Striecks, C. 2015, Identity-based encryption with (almost) tight security in the multi-instance, multi-ciphertext setting, In IACR International Workshop on Public Key Cryptography, Springer Berlin Heidelberg,PP:799-822. Hong, H., & Sun, Z, 2016, High efficient key-insulated attribute based encryption scheme without bilinear pairing operations. SpringerPlus, 5(1), 1-12. Lewko, A., Okamoto, T., Sahai, A., Takashima, K., & Waters, B., 2010, fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption, In Annual International Conference on the Theory and Applications of Cryptographic Techniques,Springer Berlin Heidelberg. ,PP: 62-91. Li, J., Li, J., Chen, X., Jia, C., & Lou, W ,2015, Identity-based encryption with outsourced revocation in cloud computing. IEEE Transactions on computers, 64(2), 425-437. 1009
Jayapandian & Rahman (2017). Asian Journal of Research in Social Sciences and Humanities, Vol. 7, No.1, pp. 1000-1010.
Odelu, V., Das, A. K., Rao, Y. S., Kumari, S., Khan, M. K., & Choo, K. K. R. , 2016, Pairingbased CP-ABE with constant-size ciphertexts and secret keys for cloud environment, Computer Standards & Interfaces. Parno, B., Raykova, M., & Vaikuntanathan, V , 2012,How to delegate and verify in public: Verifiable computation from attribute-based encryption. In Theory of Cryptography Conference, Springer Berlin Heidelberg, PP: 422-439. Pasupuleti, S. K., Ramalingam, S., & Buyya, R, 2016, An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing, Journal of Network and Computer Applications, Elsevier, 64, 12-22. Rouselakis, Y., & Waters, B , 2015, Efficient statically-secure large-universe multi-authority attribute-based encryption. In International Conference on Financial Cryptography and Data Security, Springer Berlin Heidelberg, PP: 315-332. Sahai, A., & Waters, B , 2005, Fuzzy identity-based encryption, In Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer Berlin Heidelberg. (pp. 457-473). Shamir, A. 1984, Identity-based cryptosystems and signature schemes. In Workshop on the Theory and Application of Cryptographic Techniques, Springer Berlin Heidelberg, PP. 47-53. Wang, G., Liu, Q., & Wu, J. 2010, Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In Proceedings of the 17th ACM conference on Computer and communications security, ACM, PP. 735-737. Zhang, H., Jiang, H., Li, B., Liu, F., Vasilakos, A. V., & Liu, J, 2016, A framework for truthful online auctions in cloud computing with heterogeneous user demands. IEEE Transactions on Computers, 65(3), 805-818.
1010