Data Security In Cloud Computing

Pradeep Deshmukh

Data Security In Cloud Computing

Ensuring Data Privacy and Access Control in Cloud Computing

by Pradeep Deshmukh*,

- Published in Journal of Advances in Science and Technology, E-ISSN: 2230-9659

Volume 2, Issue No. 1, Aug 2011, Pages 0 - 0 (0)

Published by: Ignited Minds Journals

ABSTRACT

Cloud computing sees a technical and cultural shift of computing service provision from being provided locally to being provided remotely, and en masse, by third-party service providers. Data that was once housed under the security domain of the service user has now been placed under the protection of the service provider. Users have lost control over the protection of their data: No longer is our data kept under our own watchful eyes. This thesis investigates how Predicate Based Encryption (PBE) could be leveraged within the Cloud to protect data. PBE is a novel family of asymmetric encryption schemes in which decryption of ciphertext is dependent upon a set of attributes satisfying a certain predicate, allowing for selective ﬁne-grained access control to be speciﬁedover cipher-texts. It is argued that obfuscation of one’s data is notenough when seeking to protect data. The control of how one’s data is used andthe trust aﬀordedto service providers is equally as important. To this end, three archetypalscenarios are described that illustrate ways in which service users couldspecify precisely with whom they wish to share their data, for what purpose,and for how long. Furthermore, two additional scenarios are presented thatwould allow a service provider to facilitate keyword search over encrypted datausing expressive queries supporting conjunction and disjunction of terms.

KEYWORD

Data Security, Cloud Computing, Predicate Based Encryption, Access Control, Service Users, Service Providers, Fine-Grained, Obfuscation, Trust, Archetypal Scenarios, Keyword Search, Encrypted Data, Expressive Queries, Conjunction, Disjunction

Ratna Dutta, Rana Barua and Palash Sarkar. ‘Pairing-Based Cryptographic Protocols : A Survey’. Cryptology ePrint Archive. Version 20040624:121914. 2004. url: http://eprint.iacr.org/2004/064. [Men09] Alfred Menezes. ‘Recent Trends in Cryptography’. In: ed. by Ignacio Luengo. Vol. 477. American Mathematical Society and Real Sociedad Matem´atica Espa˜nola, 2009. Chap. An Introduction to Pairing-Based Cryptography, pp. 47–65.

PREDICATE BASED CRYPTOGRAPHY

[AL+10]

Joseph A. Akinyele, Christoph U. Lehmann et al. ‘Self-Protecting Electronic Medical Records Using Attribute-Based Encryption’. Cryptology ePrint Archive, Report 2010/565. Version 20101118:220821. 2010. url: http://eprint.iacr.org/2010/565.

[BBG05]

Dan Boneh, Xavier Boyrn and Eu-Jin Goh. ‘Hierarchical identity based encryption with constant size ciphertext’. In: Lecture Notes in Computer Science 3494 (2005). Anglais, p. 17. [BDC+04] Dan Boneh, Giovanni Di Crescenzo et al. ‘Public Key Encryption with Keyword Search’. In: Advances in Cryptology - EUROCRYPT 2004 3027/2004 (2004), pp. 506–522. url: http://www.springerlink.com/content/0hafhrbbvt2l7vn3.

[BF01]

Dan Boneh and Matt Franklin. ‘Identity-Based Encryption from the Weil Pairing’. In: Advances in Cryptology — CRYPTO 2001 2139/2001 (2001), pp. 213–229. doi: 10.1007/3-540-44647-8_13.

[BF+10]

Rakesh Bobba, Omid Fatemieh et al. ‘Attribute-Based Messaging: Access Control and Conﬁdentiality’. In: ACM Trans. Inf. Syst. Secur. 13 (4 Dec. 2010), 31:1–31:35. issn: 1094-9224. doi:http://doi.acm.org/10.1145/1880022.1880025. url:http://doi.acm.org/10.1145/1880022.1880025.

[BKP10]

Rakesh Bobba, Himanshu Khurana and Manoj Prabhakaran. ‘Attribute Sets: A Practically Motivated Enhancement to Attribute-Based Encryption’. In: Computer Security — ESORICS 2009 (2010), pp. 587–604. url:http://dx.doi.org/10.1007/978-3-642-04444-1_36.