103 Available online at www.ijiere.com
International Journal of Innovative and Emerging
Research in Engineering
e-ISSN: 2394 – 3343 p-ISSN: 2394 – 5494
Survey on Secure Data Sharing in Cloud Using Revocable
Storage Identity-Based Encryption
Dr. Prema T. Akkasaligar
1, Ramesh Patil
11Department of Computer Science and Engineering, B.L.D.E.A's Dr. P. G. Halakatti College of Engineering and
Technology, Vijayapur-586103, Karnataka, India.
ABSTRACT:
Distributed computing gives an adaptable and advantageous path for information sharing, which brings different advantages for both the general public and people. However, there exists a characteristic resistance for clients to straightforwardly outsource the mutual information to the cloud server since the information regularly contain profitable data. In this manner, it is important to put cryptographically upgraded get to control on the mutual information. Identity-based encryption is a apromising cryptographical primitive to build a practical data sharing system. However, access control is not static. That is, when some user’s authorization is expired, there should be a mechanism that can remove him/her from the system. Consequently, the revoked user cannot access both the previously and subsequently shared data.
Keywords: Cloud computing, data sharing, revocation, Identity-based encryption, ciphertext update, decryption key exposure.
I. INTRODUCTION
Cloud computing is a paradigm that provides massive computation capacity and huge memory space at a low cost. It enables users to get intended services irrespective of time and location across multiple platforms (e.g., mobile devices, personal computers), and thus brings great convenience to cloud users. Among numerous services provided by cloud computing, cloud storage service, such as Apple’s iCloud, Microsoft’s Azure and Amazon’s S3, can offer a more flexible and easy way to share data over the Internet, which provides various benefits for our society. A natural solution to conquer the aforementioned problem is to use cryptographically enforced access control such as identity-based encryption (IBE). Furthermore, to overcome the above security threats, such kind of identity-based access control placed on the shared data should meet the following security goals:
Unauthorized users should be prevented from accessing the plaintext of the shared data stored in the0cloud server. In addition, the cloud server, which is supposed to be honest but curious, should also be deterred from knowing plaintext of the shared data.
Backward secrecy means that, when a user’s authorization0is expired, or a user’s secret key is0compromised, he/she should be prevented from accessing the plaintext of the subsequently shared data that are still encrypted under his/her identity.
Forward secrecy means that, when a user’s authority is expired, or a user’s secret0key is compromised, he/she should be prevented from accessing the plaintext of the shared data that can be previously accessed by him/her.
104 Fig. 1.1 : Identity-Based Encryption
Fig. 1.1 : RIBE-based data sharing system.
II. LITERATURESURVEY
In [1], this paper says much respect for the Grid perspective, as it is every now and again mixed up for Cloud progresses. They in like manner delineate the associations and capabilities between the Grid and Cloud approaches.
In [2], Clients can be included different records as content, picture, sound, video and so forth through the program by utilizing encryption calculation in order to it have the capacity to put away on cloud. A homomorphism encryption calculation and also utilize intended for making single recognizable proof for the clients.
105 In [4], they proposed a novel open reviewing instrument for the0respectability0of imparted information to effective client renouncement as a primary concern. By using the possibility of0intermediary re-marks, they enable the cloud to re-sign squares for the benefit of existing clients amid client denial, so that current clients don't have to download and re-sign pieces without anyone else's input. In like manner, an open verifier is continually prepared to survey the reliability of shared data without0recouping the0entire data from0the cloud, paying little respect to the likelihood that some bit of shared data has0been re-set apart by the cloud.
In [5], they proposed the safe information stockpiling in mists for another decentralized get to. The cloud checks the realness of the arrangement without knowing the client's personality in the proposed plot. Their component is that exclusive legitimate clients can ready to unscramble the put away data. It keeps from the replay assault. This plan underpins creation, alteration, and perusing the information put away in the cloud and furthermore give the decentralized verification and cheerful.
In [6], they additionally improved the security of ID-based ring mark by giving forward security: On the off chance that a secret key of any customer has been exchanged off, all past made imprints that consolidate this customer still remain honest to goodness. This property is especially basic to any broad scale data sharing structure, as it is hard to ask all data proprietors to re-affirm their data paying little heed to the likelihood that a secret key of one single customer has been exchanged off.
In [7], the master key holder0can0discharge a consistent size total key for flexible decisions of ciphertext0set in0distributed storage. This reduced total key can be advantageously sent to other’s or be put0away in a shrewd card with extremely constrained secure stockpiling. they gave formal security investigation of our plans in the standard model. In [8], they proposed a completely useful (IBE) identity based encryption plot. The plan has picked ciphertext security in the irregular prophet show expecting a variation of the computational Die-Hellman issue.
In [9], they portrayed two0unequivocal0Subset-Cover repudiation calculations; these calculations are specially flexible and work for any0number of disavowed clients. They focus on the stateless beneficiary case, where the0clients don't refresh their state0from session to0session. they display a system called the ‘Subset-Cover0structure’,which abstracts0an assortment of repudiation0plans including some0beforehand known one.
In [10], they considered a practical risk, which they call unscrambling key presentation. they likewise demonstrate that all earlier RIBE developments aside from the Boneh-Franklin one are powerless against decoding key introduction. As the second commitment, they return to ways to deal with accomplish adaptable RIBE conspires, and propose a straightforward RIBE plot, which is the principal versatile RIBE plot with decoding key presentation resistance, and0is more effective than past adaptable RIBE plans.
In [11], they proposed the cloud-based0revocable revocable identity-based0proxy re-encryption conspire that backings client disavowal additionally appointment of decoding rights. Regardless of a client is disavowed or not, toward the finish of a given day and age the cloud going about as an intermediary will re-encode all ciphertext's of the client under the present day and age to whenever period. On the off chance that the client is disavowed in the approaching era, he can't unscramble the ciphertext's by utilizing the lapsed private key any longer.
In [12], They proposed a plan, changing a past particular CPA0secure proposition by Boneh, Gentry and0Waters. Our plan has consistent size mystery keys and ciphertext's and we demonstrate that it is particular picked ciphertext0secure in light of standard suspicions. This plan has ciphertext's that are shorter than0those of the past0CCA secure proposition. They propose a moment plan that gives the usefulness of both communicate encryption0and renouncement conspires all the while utilizing a similar arrangement of parameters.
In [13], In a forward-secure mark plot, a current uncovered secret key can be utilized to get future mystery keys which can prompt future marks invalid. They proposed another strategy called in reverse secure discovery to build forward-in reverse secure mark plans to keep away from this inadequacy.
In [14], they defined the problem of revocable storage and provide a fully secure construction. Core tool is a new procedure that they call ciphertext delegation. One can apply ciphertext delegation on a ciphertext0encrypted under a0certain access0policy to `re-encrypt' it to0a more restrictive0policy using only public0information. They identified and defined a simple property called piecewise0key generation which gives rise to efficient0revocation.
In [15], they displayed the primary productive Identity-Based Encryption (IBE) plot that is completely secure without irregular prophets. They initially displayed our IBE development and decrease the security0of0our plan to the decisional Bilinear0Diffie-Hellman (BDH) issue.
In [16], This paper portrays DBSTREAM, the primary miniaturized scale bunch based web based grouping segment that unequivocally catches the thickness between smaller scale groups through a common thickness chart. The thickness data in this chart is then misused for reclustering in view of real thickness between adjoining small scale bunches. They examined the space and time many-sided quality of keeping up the mutual thickness diagram. Investigates an extensive variety of manufactured and genuine informational collections highlight that utilizing shared thickness enhances grouping quality over other famous information stream bunching techniques which require the production of a bigger number of littler small scale groups to accomplish practically identical outcomes.
106 In [18], It provides0proxy-oriented data0uploading and remote data0integrity checking0model in identity-based public key0cryptography: identity-based0proxy-oriented data0uploading and remote0data-integrity checking0in public cloud. ID-PUIC convention can understand private remote information uprightness checking, appointed remote information respectability checking and open remote information trustworthiness checking.
In [19], they outlined a reviewing structure for distributed storage frameworks and propose a proficient and protection saving examining convention. At that point, they extended our evaluating convention to bolster dynamic information operations, which is proficient and has been turned out to be secure in the irregular prophet display. They extended our evaluating convention further to bolster bidirectional verification and factual examination.
In [20], They proposed a protected information0sharing plan for element0individuals. Initially, they proposed a safe path for key circulation with no protected correspondence0channels, and the clients can safely get their private keys from gathering0administrator. Second, this plan can accomplish0fine-grained get to control, any client in the gathering can0utilize the0source in the cloud and0disavowed0clients can't get to the cloud0again after they are renounced. Third, they can shield the plan from intrigue assault, which implies that renounced clients can't get the first information record regardless of the possibility that they plot with the untrusted cloud.
In [21], Efficient Information Retrieval for Ranked Query (EIRQ) schemes to decrease questioning overhead caused on the0cloud. In0EIRQ, inquiries are ordered into different positions, where a higher positioned question can recover a higher rate of coordinated documents. A client can recover records on request by picking inquiries of various positions. This component is valuable when there are a substantial number of coordinated records, yet the client just needs a little subset0of them.
In [22], they portrayed DiploCloud, a proficient and adaptable disseminated RDF information administration0framework for the0cloud. In opposition to past0methodologies, DiploCloud0runs a physiological0investigation of both occasion and construction data preceding parceling the information. In this paper, they depicted the design of DiploCloud, its0fundamental information structures, and in addition the new calculations they used to parcel and disperse0information.
In [23], they made sense of the conspiracy assault in the leaving plan and give an effective open trustworthiness evaluating plan with secure gathering client denial in light of vector responsibility and verifier-neighborhood repudiation bunch signature. This plan bolsters people in general checking and productive client renouncement and furthermore some pleasant properties, for example, unhesitatingly, effectiveness, responsibility and traceability of secure gathering client disavowal.
In [24], they tended to this viable0issue, which is to a great extent0dismissed in the writing, by proposing the novel idea of Key-Aggregate Searchable Encryption (KASE) and instantiating the idea through a KASE scheme, in which an0information manager just0needs to disperse a private key to a0client for sharing countless,0and the client just needs0to present a private trapdoor to the0cloud for questioning0the mutual records.
In [25], they concentrated the issue of0integrity auditing and secure deduplicationoon cloud information. In particular, pointing achieving both information-integrity and ‘deduplication’ in cloud, they proposed two secure frameworks, to be specific0SecCloud and0SecCloud+. SecCloud0presents a reviewing element with a support of a MapReduce0cloud, which helps customers produce information0labels before transferring and review0the integrity of information0having0been put0away in cloud. Contrasted and past0work, the calculation0by client0in SecCloudois enormously0lessened amid the0record0transferring and0reviewing stages. SecCloud+0is0composed propelled by the0way that clients0dependablyoneed to scramble their information0before transferring,0and empowers honesty inspecting0and secure deduplication on encrypted0 information.
III. CONCLUSIONS
Cloud computing brings great convenience for people. Particularly, it perfectly matches the increased need of sharing data over the Internet. In this paper, to build a cost-effective and secure data sharing system in cloud computing, we proposed a notion called RS-IBE, which supports identity revocation and ciphertext update simultaneously such that a revoked user is prevented from accessing previously shared data, as well as subsequently shared data. Furthermore, a concrete construction of RS-IBE is presented. The proposed RS-IBE0scheme is proved adaptive-secure in the standard model, under0the decisional ℓ-DBHE assumption. The comparison results demonstrate that our scheme has0advantages in0terms of efficiency and functionality, and thus is more feasible0for practical applications.
REFERENCES
[1] Luis M. Vaquero , Luis Rodero-Merino , Juan Caceres, Maik Lindner Telefonica Investigacion y Desarrollo and SAP Research Madrid, Spain, EU and Belfast, “ A Break in the Clouds: Towards a Cloud Definition”, ACM SIGCOMM Computer Communication Review pp. 50-55, 2009.
107 [3] Yongjun Ren, Jian shen, Jin Wang, JainXu, and Liming Fang, “ Security Data Auditing Based on multifunction digital watermark for multimedia file in cloud storage”, International Journal of Advanced Technology and Innovative Research, pp. 231-240, 2014.
[4] Boyang Wang, Baochun Li, Member, IEEE, and Hui Li, Member, Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud, IEEE Transactions on computers, pp. 1-13, 2015.
[5] A.Vijayalakshmi 1, R.Arunapriya, “Authentication of data storage using decentralized access control in clouds”, Journal of Global Research in Computer Science, pp. 1-3, 2014.
[6] Xinyi Huang, Joseph K. Liu, Shaohua Tang, Member, IEEE, Yang Xiang, Senior Member, IEEE, Kaitai Liang, Li Xu, Member, IEEE, and Jianying Zhou, “Cost-Effective Authentic and Anonymous Data Sharing with Forward Security”, IEEE Transactions on computers, pp. 971-982, 2015.
[7] Cheng-Kang Chu, Sherman S. M. Chow, Wen-Guey Tzeng, Jianying Zhou, and Robert H. Deng, Senior Member, IEEE, “Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage”, IEEE transactions on computer, pp, 1-11, 2014.
[8] Dan Boneh, Matthew Franklin, “Identity-Based Encryption from the Weil Pairing”, SIAM J. of Computing, pp. 1-24, 2003.
[9] Dalit Naor, Moni Naor, and Je Lotspiech, “Revocation and Tracing Schemes for Stateless Receivers”, IACR Crypto Archive, pp. 1-10, 2000.
[10] Jae Hong Seoy and Keita Emura, “Revocable Identity-Based Encryption Revisited: Security Model and Construction”, 16th International Conference on Practice and Theory in Public Key Cryptography, pp. 1-17, 2013.
[11] Kaitai Liang, Joseph K. Liu2, Duncan S. Wong1, Willy Susilo, “An Efficient Cloud-based Revocable Identity-based Proxy Re-encryption Scheme for Public Clouds Data Sharing”, IEEE Transactions on computer, pp. 1-8, 2003.
[12] Duong-Hieu Phan, David Pointcheval, Siamak F. Shahandashti, and Mario Streer, “Adaptive CCA Broadcast Encryption with Constant-Size Secret Keys and Ciphertext’s”, International Journal of Information Security, pp. 1-99, 2013.
[13] Liangliang Wang, Kefei Chen, Xianping Mao, and Yongtao Wang, “On the Security of a Forward-backward Secure Signature Scheme”, International Journal of Network Security, pp. 307-310, 2015.
[14] Amit Sahai, Hakan Seyaliogluy, “Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption”, IEEE Transactions on computer, pp. 1-36, 2012.
[15] Brent Waters, “Efficient Identity-Based Encryption Without Random Oracles”, IEEE Transactions on computer, pp. 1-13, 2005.
[16] Michael Hahsler, and Matthew Bola˜nos, “Clustering Data Streams Based on Shared Density Between Micro-Clusters”, IEEE Transactions on knowledge and data engineering, pp. 6-13, 2015.
[17] Rongmao Chen, Yi Mu, Senior Member, Guomin Yang, Member, IEEE, Fuchun Guo, Xinyi Huang, Xiaofen Wang and Yongjun Wang, “Server-Aided Public Key Encryption with Keyword Search”, IEEE transactions on information forensics and security, pp. 1-16, 2016.
[18] Huaqun Wang, Debiao He, Shaohua Tang, “Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud”, IEEE Transactions on Information Forensics and Security, pp. 1-18, 2016. [19] Bin Feng, Xinzhu Ma, Cheng Guo, Hui Shi, Zhangjie Fu, Tie Qiu, “An Efficient Protocol with Bidirectional
Verification for Storage Security in Cloud Computing”, IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, pp. 1-11, 2016.
[20] Zhongma Zhu and Ruin Jiang, “A Secure Anti-Collusion Data Sharing Scheme for Dynamic Groups in the Cloud”, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, pp. 1-12, 2016.
[21] Qin Liu, Chiu C. Tan, Member, Jie Wu, Fellow, IEEE and Guojun Wang, Member, “Towards Differential Query Services in Cost-Efficient Clouds”, IEEE Transactions on Parallel and Distributed Systems, pp. 40-50, 2016.
[22] Marcin Wylot and Philippe Cudr´e-Mauroux, “DiploCloud: Efficient and Scalable Management of RDF Data in the Cloud”, IEEE Transactions on Parallel and Distributed Systems, pp. 1-11, 2015.
[23] Tao Jiang, Xiaofeng Chen, and Jianfeng Ma, “Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revocation”, IEEE Transactions on Computers, pp. 1-12, 2015.
[24] Baojiang Cui, Zheli Liu and Lingyu Wang, “Key-Aggregate Searchable Encryption (KASE) for Group Data Sharing via Cloud Storage”, IEEE Transactions on Computers, pp, 1-10, 2015.
