Skip to main content
Top
Published in: Peer-to-Peer Networking and Applications 1/2022

04-08-2021

Decentralized access control technique with multi-tier authentication of user for cloud storage

Authors: S. Shiny, J. Jasper

Published in: Peer-to-Peer Networking and Applications | Issue 1/2022

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

The information kept in cloud is greatly sensitive. Security and privacy are two leading issues that often ascend in cloud computing. The objective of the research is to provide security and authentication of cloud data. So, we put forward with a novel decentralized access control scheme aimed at securely storing the data onto the cloud with multiple Key Distribution Center (KDC) based and multi-tier based authentication of user. In conjunction with cryptography to enrich the data security that is to be kept in the cloud we use steganography. In the proposed organization, irrespective of user’s identity the cloud confirms the genuineness of the sequence prior to data storage. Our work likewise has the additional element of access control where just legitimate clients can decrypt the kept data and view the equivalent. The scheme supports multiple writing of data into cloud and multiple reading of information kept in the cloud. As a novelty we have introduced hidden attributes, accordingly the Cloud Service Provider (CSP) along with the KDC is unaware of user details and also a multi-tier based authentication to expand the authentication of user.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
1.
go back to reference Sahai, A., & Waters, B. (2005, May). Fuzzy identity-based encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 457-473) Sahai, A., & Waters, B. (2005, May). Fuzzy identity-based encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 457-473)
2.
go back to reference Goyal, V., Pandey, O., Sahai, A., & Waters, B. (2006, October). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security (pp. 89-98) Goyal, V., Pandey, O., Sahai, A., & Waters, B. (2006, October). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security (pp. 89-98)
3.
go back to reference Liang, X., Cao, Z., Lin, H., & Xing, D. (2009, March). Provably secure and efficient bounded ciphertext policy attribute based encryption. In Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (pp. 343-352) Liang, X., Cao, Z., Lin, H., & Xing, D. (2009, March). Provably secure and efficient bounded ciphertext policy attribute based encryption. In Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (pp. 343-352)
4.
go back to reference Bethencourt, J., Sahai, A., & Waters, B. (2007, May). Ciphertext-policy attribute-based encryption. In 2007 IEEE symposium on security and privacy (SP'07) (pp. 321-334). IEEE Bethencourt, J., Sahai, A., & Waters, B. (2007, May). Ciphertext-policy attribute-based encryption. In 2007 IEEE symposium on security and privacy (SP'07) (pp. 321-334). IEEE
5.
go back to reference Chase, M. (2007, February). Multi-authority attribute based encryption. In theory of cryptography conference (pp. 515-534) Chase, M. (2007, February). Multi-authority attribute based encryption. In theory of cryptography conference (pp. 515-534)
6.
go back to reference Zhou Z, Huang D, Wang Z (2013) Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans Comput 64(1):126–138MathSciNetCrossRef Zhou Z, Huang D, Wang Z (2013) Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans Comput 64(1):126–138MathSciNetCrossRef
7.
go back to reference Lin, H., Cao, Z., Liang, X., & Shao, J. (2008, December). Secure threshold multi authority attribute based encryption without a central authority. In International Conference on Cryptology in India (pp. 426-436) Lin, H., Cao, Z., Liang, X., & Shao, J. (2008, December). Secure threshold multi authority attribute based encryption without a central authority. In International Conference on Cryptology in India (pp. 426-436)
8.
go back to reference Lewko, A., & Waters, B. (2011, May). Decentralizing attribute-based encryption. In Annual international conference on the theory and applications of cryptographic techniques (pp. 568-588). Springer, Berlin, Heidelberg Lewko, A., & Waters, B. (2011, May). Decentralizing attribute-based encryption. In Annual international conference on the theory and applications of cryptographic techniques (pp. 568-588). Springer, Berlin, Heidelberg
9.
go back to reference Green, M., Hohenberger, S., & Waters, B. (2011, August). Outsourcing the decryption of abe ciphertexts. In USENIX security symposium (Vol. 2011, no. 3) Green, M., Hohenberger, S., & Waters, B. (2011, August). Outsourcing the decryption of abe ciphertexts. In USENIX security symposium (Vol. 2011, no. 3)
10.
go back to reference Yang K, Jia X, Ren K, Zhang B, Xie R (2013) DAC-MACS: effective data access control for multiauthority cloud storage systems. IEEE Transactions on Information Forensics and Security 8(11):1790–1801CrossRef Yang K, Jia X, Ren K, Zhang B, Xie R (2013) DAC-MACS: effective data access control for multiauthority cloud storage systems. IEEE Transactions on Information Forensics and Security 8(11):1790–1801CrossRef
11.
go back to reference Maji HK, Prabhakaran M, Rosulek M (2008) Attribute-based signatures: achieving attribute-privacy and collusion-resistance. IACR Cryptology ePrint Archive 2008:328 Maji HK, Prabhakaran M, Rosulek M (2008) Attribute-based signatures: achieving attribute-privacy and collusion-resistance. IACR Cryptology ePrint Archive 2008:328
12.
go back to reference Ruj S, Stojmenovic M, Nayak A (2013) Decentralized access control with anonymous authentication of data stored in clouds. IEEE Transactions on Parallel and Distributed Systems 25(2):384–394CrossRef Ruj S, Stojmenovic M, Nayak A (2013) Decentralized access control with anonymous authentication of data stored in clouds. IEEE Transactions on Parallel and Distributed Systems 25(2):384–394CrossRef
13.
go back to reference Yadav, U. C., & Ali, S. T. (2015, August). Ciphertext policy-hiding attribute-based encryption. In 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (pp. 2067-2071). IEEE Yadav, U. C., & Ali, S. T. (2015, August). Ciphertext policy-hiding attribute-based encryption. In 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (pp. 2067-2071). IEEE
14.
go back to reference Phuong TVX, Yang G, Susilo W (2015) Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans Inform Forens Secur 11(1):35–45CrossRef Phuong TVX, Yang G, Susilo W (2015) Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans Inform Forens Secur 11(1):35–45CrossRef
15.
go back to reference Xu R, Lang B (2015) A CP-ABE scheme with hidden policy and its application in cloud computing. Int J Cloud Comput 4(4):279–298MathSciNetCrossRef Xu R, Lang B (2015) A CP-ABE scheme with hidden policy and its application in cloud computing. Int J Cloud Comput 4(4):279–298MathSciNetCrossRef
16.
go back to reference Sowmiya, M., & Adimoolam, M. (2014, April). Secure cloud storage model with hidden policy attribute based access control. In 2014 International Conference on Recent Trends in Information Technology (pp. 1-6). IEEE Sowmiya, M., & Adimoolam, M. (2014, April). Secure cloud storage model with hidden policy attribute based access control. In 2014 International Conference on Recent Trends in Information Technology (pp. 1-6). IEEE
17.
go back to reference Ruj S, Nayak A, Stojmenovic I (2011, November) DACC: distributed access control in clouds. In 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (pp. 91-98). IEEE Ruj S, Nayak A, Stojmenovic I (2011, November) DACC: distributed access control in clouds. In 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (pp. 91-98). IEEE
18.
go back to reference Rewagad, P., & Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. In 2013 International Conference on Communication Systems and Network Technologies (pp. 437-439). IEEE Rewagad, P., & Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. In 2013 International Conference on Communication Systems and Network Technologies (pp. 437-439). IEEE
19.
go back to reference Chase, M., & Chow, S. S. (2009, November). Improving privacy and security in multi-authority attribute-based encryption. In Proceedings of the 16th ACM conference on Computer and communications security (pp. 121-130) Chase, M., & Chow, S. S. (2009, November). Improving privacy and security in multi-authority attribute-based encryption. In Proceedings of the 16th ACM conference on Computer and communications security (pp. 121-130)
20.
go back to reference Kalpana P, Singaraju S (2012) Data security in cloud computing using RSA algorithm. International Journal of research in computer and communication technology, IJRCCT, ISSN, pp 2278–5841 Kalpana P, Singaraju S (2012) Data security in cloud computing using RSA algorithm. International Journal of research in computer and communication technology, IJRCCT, ISSN, pp 2278–5841
21.
go back to reference Zhong H, Zhu W, Xu Y, Cui J (2018) Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Comput 22(1):243–251CrossRef Zhong H, Zhu W, Xu Y, Cui J (2018) Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Comput 22(1):243–251CrossRef
22.
go back to reference Jung, T., Li, X. Y., Wan, Z., & Wan, M. (2013, April). Privacy preserving cloud data access with multi-authorities. In 2013 Proceedings IEEE INFOCOM (pp. 2625-2633). IEEE Jung, T., Li, X. Y., Wan, Z., & Wan, M. (2013, April). Privacy preserving cloud data access with multi-authorities. In 2013 Proceedings IEEE INFOCOM (pp. 2625-2633). IEEE
23.
go back to reference Su, H., Zhu, Z., Sun, L., & Pan, N. (2016, October). Practical searchable CP-ABE in cloud storage. In 2016 2nd IEEE International Conference on Computer and Communications (ICCC) (pp. 180-185). IEEE Su, H., Zhu, Z., Sun, L., & Pan, N. (2016, October). Practical searchable CP-ABE in cloud storage. In 2016 2nd IEEE International Conference on Computer and Communications (ICCC) (pp. 180-185). IEEE
24.
go back to reference Sulochana, V., & Parimelazhagan, R. (2013). A puzzle based authentication scheme for cloud computing. Int J Comput Trends and, 210–213 Sulochana, V., & Parimelazhagan, R. (2013). A puzzle based authentication scheme for cloud computing. Int J Comput Trends and, 210–213
25.
go back to reference Dhamija, A., & Dhamija, D. (2016). SSQS and OTP based user authentication mechanism in cloud computing Dhamija, A., & Dhamija, D. (2016). SSQS and OTP based user authentication mechanism in cloud computing
26.
go back to reference Mo J, Hu Z, Chen H, Shen W (2019) An efficient and provably secure anonymous user authentication and key agreement for mobile cloud computing. Wirel Commun Mob Comput 2019:1–12CrossRef Mo J, Hu Z, Chen H, Shen W (2019) An efficient and provably secure anonymous user authentication and key agreement for mobile cloud computing. Wirel Commun Mob Comput 2019:1–12CrossRef
27.
go back to reference Singh M, Singh S (2012) Design and implementation of multi-tier authentication scheme in cloud. International Journal of Computer Science Issues (IJCSI) 9(5):181 Singh M, Singh S (2012) Design and implementation of multi-tier authentication scheme in cloud. International Journal of Computer Science Issues (IJCSI) 9(5):181
28.
go back to reference Dhamija A, Dhamija D (2015) A two tier reliable user authentication scheme for cloud environment. Int J Comput Appl 975:8887 Dhamija A, Dhamija D (2015) A two tier reliable user authentication scheme for cloud environment. Int J Comput Appl 975:8887
29.
go back to reference Ziyad S, Rehman S (2014) Critical review of authentication mechanisms in cloud computing. International Journal of Computer Science Issues (IJCSI) 11(3):145 Ziyad S, Rehman S (2014) Critical review of authentication mechanisms in cloud computing. International Journal of Computer Science Issues (IJCSI) 11(3):145
30.
go back to reference Kumar S, Ganpati A (2014) Multi-authentication for cloud security: a framework. Int J Comput Sci Eng Technol 5(4):295–303 Kumar S, Ganpati A (2014) Multi-authentication for cloud security: a framework. Int J Comput Sci Eng Technol 5(4):295–303
31.
go back to reference Arasu SE, Gowri B, Ananthi S (2013) Privacy-preserving public auditing in cloud using HMAC algorithm. International Journal of Recent Technology and Engineering (IJRTE) ISSN 2277(3878):149–152 Arasu SE, Gowri B, Ananthi S (2013) Privacy-preserving public auditing in cloud using HMAC algorithm. International Journal of Recent Technology and Engineering (IJRTE) ISSN 2277(3878):149–152
32.
go back to reference Govinda K, Gurunathaprasad V, Sathishkumar H (2012) Third party auditing for secure data storage in cloud through digital signature using RSA. Int J Adv Sci Tech Res 4(2):525–530 Govinda K, Gurunathaprasad V, Sathishkumar H (2012) Third party auditing for secure data storage in cloud through digital signature using RSA. Int J Adv Sci Tech Res 4(2):525–530
33.
go back to reference Chan CK, Cheng LM (2004) Hiding data in images by simple LSB substitution. Pattern Recogn 37(3):469–474CrossRef Chan CK, Cheng LM (2004) Hiding data in images by simple LSB substitution. Pattern Recogn 37(3):469–474CrossRef
34.
go back to reference Bloisi, D. D., & Iocchi, L. (2007, March). Image based steganography and cryptography. In VISAPP (1) (pp. 127-134) Bloisi, D. D., & Iocchi, L. (2007, March). Image based steganography and cryptography. In VISAPP (1) (pp. 127-134)
35.
go back to reference Gupta S, Goyal A, Bhushan B (2012) Information hiding using least significant bit steganography and cryptography. Int J Modern Educ Comput Sci 4(6):27–34CrossRef Gupta S, Goyal A, Bhushan B (2012) Information hiding using least significant bit steganography and cryptography. Int J Modern Educ Comput Sci 4(6):27–34CrossRef
36.
go back to reference Sarmah DK, Bajpai N (2010) Proposed system for data hiding using cryptography and steganography. Int J Comput Appl 8(9):7–1 Sarmah DK, Bajpai N (2010) Proposed system for data hiding using cryptography and steganography. Int J Comput Appl 8(9):7–1
37.
go back to reference Ren-Er, Y., Zhiwei, Z., Shun, T., & Shilei, D. (2014, January). Image steganography combined with DES encryption pre-processing. In 2014 Sixth International Conference on Measuring Technology and Mechatronics Automation (pp. 323-326). IEEE Ren-Er, Y., Zhiwei, Z., Shun, T., & Shilei, D. (2014, January). Image steganography combined with DES encryption pre-processing. In 2014 Sixth International Conference on Measuring Technology and Mechatronics Automation (pp. 323-326). IEEE
38.
go back to reference Muhammad K, Ahmad J, Rehman NU, Jan Z, Sajjad M (2017) CISSKA-LSB: color image steganography using stego key-directed adaptive LSB substitution method. Multimed Tools Appl 76(6):8597–8626CrossRef Muhammad K, Ahmad J, Rehman NU, Jan Z, Sajjad M (2017) CISSKA-LSB: color image steganography using stego key-directed adaptive LSB substitution method. Multimed Tools Appl 76(6):8597–8626CrossRef
39.
go back to reference Yang CH, Weng CY, Wang SJ, Sun HM (2008) Adaptive data hiding in edge areas of images with spatial LSB domain systems. IEEE Trans Inform Forens Secur 3(3):488–497CrossRef Yang CH, Weng CY, Wang SJ, Sun HM (2008) Adaptive data hiding in edge areas of images with spatial LSB domain systems. IEEE Trans Inform Forens Secur 3(3):488–497CrossRef
40.
go back to reference Liao X, Wen QY, Zhang J (2011) A steganographic method for digital images with four-pixel differencing and modified LSB substitution. J Vis Commun Image Represent 22(1):1–8CrossRef Liao X, Wen QY, Zhang J (2011) A steganographic method for digital images with four-pixel differencing and modified LSB substitution. J Vis Commun Image Represent 22(1):1–8CrossRef
41.
go back to reference Younes MAB, Jantan A (2008) A new steganography approach for images encryption exchange by using the least significant bit insertion. Int J Comput Sci Netw Secur 8(6):247–257 Younes MAB, Jantan A (2008) A new steganography approach for images encryption exchange by using the least significant bit insertion. Int J Comput Sci Netw Secur 8(6):247–257
42.
go back to reference Sheth, U., & Saxena, S. (2016, April). Image steganography using AES encryption and least significant nibble. In 2016 International Conference on Communication and Signal Processing (ICCSP) (pp. 0876-0879). IEEE Sheth, U., & Saxena, S. (2016, April). Image steganography using AES encryption and least significant nibble. In 2016 International Conference on Communication and Signal Processing (ICCSP) (pp. 0876-0879). IEEE
43.
go back to reference Das ML, Saxena A, Gulati VP (2004) A dynamic ID-based remote user authentication scheme. IEEE Trans Consum Electron 50(2):629–631CrossRef Das ML, Saxena A, Gulati VP (2004) A dynamic ID-based remote user authentication scheme. IEEE Trans Consum Electron 50(2):629–631CrossRef
44.
go back to reference Chien HY, Jan JK, Tseng YM (2002) An efficient and practical solution to remote authentication: smart card. Computers & Security 21(4):372–375CrossRef Chien HY, Jan JK, Tseng YM (2002) An efficient and practical solution to remote authentication: smart card. Computers & Security 21(4):372–375CrossRef
Metadata
Title
Decentralized access control technique with multi-tier authentication of user for cloud storage
Authors
S. Shiny
J. Jasper
Publication date
04-08-2021
Publisher
Springer US
Published in
Peer-to-Peer Networking and Applications / Issue 1/2022
Print ISSN: 1936-6442
Electronic ISSN: 1936-6450
DOI
https://doi.org/10.1007/s12083-021-01189-0

Other articles of this Issue 1/2022

Peer-to-Peer Networking and Applications 1/2022 Go to the issue

Premium Partner