nach oben

Mobile Networks and Applications

Erschienen in:

11.01.2020

Role-Based Access Control Model for Cloud Storage Using Identity-Based Cryptosystem

verfasst von: Jian Xu, Yanbo Yu, Qingyu Meng, Qiyu Wu, Fucai Zhou

Erschienen in: Mobile Networks and Applications | Ausgabe 4/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

As the security of cloud storage cannot be effectively guaranteed, many users are reluctant to upload their key data to the cloud for storage, which seriously hinders the development of cloud storage. Since ensuring the confidentiality of user data and avoiding unauthorized access is the key to solving the security problems of cloud storage, there has been much cryptographic research proposing the use of the combination of cryptography technologies and access control model to guarantee the data security on untrusted cloud providers. However, the vast majority of existing access control schemes for ciphertext in cloud storage do not support the dynamic update of access control policies, and the computational overhead is also very large. This is contrary to the needs of most practical applications, which leverage dynamic data and need low computation cost. To solve this problem, combined with identity-based cryptosystem (IBC) and role-based access control (RBAC) model, we propose an RBAC (In this paper we use RBAC₁ model which is richer access control model)) scheme for ciphertext in cloud storage. We also give the formal definitions of our scheme, a detailed description of four tuple used to represent access control strategy, the hybrid encryption strategy and write-time re-encryption strategy, which are designed for improving the system efficiency. The detailed construction processes of our scheme which. Include system initialization, add and delete users, add and delete permissions, add and delete roles, add and delete role inheritance, assign and remove user, assign and remove permission, read and write file algorithm are also given. Finally, we analyze the scheme and prove that it is correct,

access control preserving (AC- preserving) and secure.

Vorheriger Artikel Intrusion Detection System for IoT Heterogeneous Perceptual Network

Nächster Artikel A Timestamp-Regulating VoLTE Covert Channel against Statistical Analysis

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

Jetzt informieren

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

Jetzt informieren

Liu Z, Chen X, Yang J et al (2016) New order preserving encryption model for outsourced databases in cloud environments. J Netw Comput Appl 59:198–207CrossRef

Xu J, Wei L, Zhang Y et al (2018) Dynamic fully Homomorphic encryption-based Merkle tree for lightweight streaming authenticated data structures. J Netw Comput Appl 107:113–124CrossRef

Liu Z, Huang Y et al (2018) DivORAM: towards a practical oblivious RAM with variable block size. Inf Sci 447:1–11CrossRef

Liu Z, Li B, Huang Y et al (2019) NewMCOS: towards a practical multi-cloud oblivious storage scheme. IEEE Trans Knowl Data Eng. https://doi.org/10.1109/TKDE.2019.2891581

Yue X, Chen B, Wang X et al (2018) An efficient and secure anonymous authentication scheme for VANETs based on the framework of group signatures. IEEE Access 6:62584–62600CrossRef

Wang C, Chow S, Wang Q et al (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375MathSciNetCrossRef

Jung Y, Chung M (2010) Adaptive security management model in the cloud computing environment. In: The 12th international conference on advanced communication technology (ICACT), Phoenix Park, South Korea, pp 1664–1669

Freudenthal E, Pesin T, Port L et al (2002) dRBAC: distributed role-based access control for dynamic coalition environments. In: The 22nd international conference on distributed computing systems (ICDCD), Vienna, Austria, pp 411–420

Choi C, Choi J, Kim P (2014) Ontology-based access control model for security policy reasoning in cloud computing. J Supercomput 67(3):711–722CrossRef

10.

Chen D, Huang X, Ren X (2009) Access control of cloud service based on UCON. In: IEEE international conference on cloud computing (CloudCom), Beijing, China, pp 559–564

11.

Krautsevich L, Lazouski A, Martinelli F et al (2010) Risk-aware usage decision making in highly dynamic systems. In: 5th international conference on internet monitoring and protection (ICIMP), Barcelona, Spain, pp 29–34

12.

Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: International conference on theory and applications of cryptographic techniques (EUROCRYPT), Aarhus, Denmark, pp 457–473

13.

Goyal V, Pandey O, Sahai A et al (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the ACM conference on computer and communications security (CCS), Alexandria, Virginia, USA, pp 89–98

14.

Ostrovsky R, Sahai A, Waters B (2007) Attribute-based encryption with non-monotonic access structures. In: Acm conference on computer and communications security (CCS), Alexandria, Virginia, USA, pp 195–203

15.

Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE symposium on security and privacy (SP), Berkeley, CA, USA, pp 321–334CrossRef

16.

Sun G, Yu D, Yun L (2011) CP-ABE based data access control for cloud storage. J Commun 32(7):146–152

17.

Goyal V, Jain A, Pandey O et al (2008) Bounded Ciphertext policy attribute based encryption. In: The 35th international colloquium on automata, languages and programming, Reykjavik, Iceland, pp 579–591CrossRef

18.

Jung T, Li X, Wan Z et al (2013) Privacy preserving cloud data access with multi-authorities. In: 2013 IEEE INFOCOM, Turin, Italy, pp 2625–2633CrossRef

19.

Ruj S, Stojmenovic M, Nayak A (2012) Privacy preserving access control with authentication for securing data in clouds. In: 12th IEEE/ACM international symposium on cluster, cloud and grid computing (CCGRID), Ottawa, ON, Canada, pp 556–563

20.

Yu S, Wang C, Ren K et al (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: 2010 IEEE INFOCOM, San Diego, CA, USA, pp 1–9

21.

Hur J, Dong K (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221CrossRef

22.

Chen D, Shao J, Fan X et al (2014) MAH-ABE based privacy access control in cloud computing. Acta Electron Sin 42(4):821–827

23.

Garrison W, Shull A, Myers S et al (2016) On the practicality of cryptographically enforcing dynamic access control policies in the cloud. In: 2016 IEEE symposium on security and privacy (SP), San Jose, CA, USA, pp 819–838CrossRef

24.

Hinrichs T, Martinoia D, Garrison W et al (2013) Application-sensitive access control evaluation using parameterized expressiveness. In: IEEE 26th computer security foundations symposium, New Orleans, LA, USA, pp 145–160

25.

Ene A, Horne W, Milosavljevic N et al (2008) Fast exact and heuristic methods for role minimization problems. In: The 13th ACM symposium on access control models and technologies (SACMAT), Estes Park, CO, USA, pp 1–10

Titel: Role-Based Access Control Model for Cloud Storage Using Identity-Based Cryptosystem
verfasst von: Jian Xu
Yanbo Yu
Qingyu Meng
Qiyu Wu
Fucai Zhou
Publikationsdatum: 11.01.2020
Verlag: Springer US
Erschienen in: Mobile Networks and Applications / Ausgabe 4/2021
Print ISSN: 1383-469X
Elektronische ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-019-01484-4

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Jonas Klose/© Pine Valley Capital GmbH, Carina Kießling von der Strategieberatung Roland Berger/© Monika Walther Fotografie | ATZ, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Weitere Artikel der Ausgabe 4/2021

Energy efficiency of full-duplex cognitive radio in low-power regimes under imperfect spectrum sensing

Privacy-Preserving Top-k Location-based Services Retrieval in Mobile Internet

Evaluating the Performance of Full-Duplex Energy Harvesting Vehicle-to-Vehicle Communication System over Double Rayleigh Fading Channels

Accurate and Cognitive Intrusion Detection System (ACIDS): a Novel Black Hole Detection Mechanism in Mobile Ad Hoc Networks

A Confidence-Guided Evaluation for Log Parsers Inner Quality

A Privacy-sensitive Service Selection Method Based on Artificial Fish Swarm Algorithm in the Internet of Things

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.