Secure Data Control: Privacy and Security based on ABE for Access Control over Cloud
AbstractIn today's world, there is a strong requirement for sharing information over cloud. However, privacy and security remains a setback especially when working with bulk amounts of data in the Cloud. Data is abundantly stored outside the control of the data owner’s machine with lack of his knowledge to the data owner, how the data being used and where the data are being stored. So, there is a necessity for the data owner to have a more control over their data, similar to the level of control they possess when the data are being stored on their own machine. For example, when a data owner shares an important file with his colleague, he cannot trust what his colleague will do with his data. In this paper, we try to address this problem by monitoring and preventing unauthorized operations by the data consumer. We present a solution called Secure-Data, which bundles the data owner’s data and specified policy, based on XACML, in an object called Secure-Data object. Secure-Data enforces the policies set out by the data owner by communicating with the cloud based applications to disable certain operations and/or run a background process for monitoring the data. We define a software based protocol that will enable to secure the data in the cloud and will support the use of the android app for authentication purposes.
 Gellin (2012): Facebooks benefits make it worthwhile. Buffalo News (Buffalo NY). Dialog LLC. 2012. Retrieved May 07, 2013 from High-Beam Research: http://www.highbeam.com/doc/1P2-30776177.html
 G. Benedis-Grab (2011). Sharing digital data. Science and Children, 48(8), 42-46.
 T. Jones and K. Cuthrell. YouTube: Educational potentials and pitfalls. Computers in the Schools 28.1 (2011): 75-85.S.E. Fienberg, and M.E. Martin. Sharing research data. Natl Academy Pr, 1985.Library Hi Tech Newss, Vol. 27 Iss: 4/5: 12 - 14
 T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. Advances cryptology, 1985: 469 - 472
 Y. Yang, J. K. Liu, K. Liang, K. R. Choo, J. Zhou (2015): Extended Proxy-Assisted Approach: Achieving Revocable Fine-Grained Encryption of Cloud Data. In Proceedings of 20th European Symposium on Research in Computer Security (ESORICS 2015), Vienna, Austria, Lecture Notes in Computer Science, Springer-Verlag [In press]
 Squicciarini, G. Petracca, E. Bertino (2013): Adaptive Data Protection in Distributed Systems. Third ACM Conference on Data and Application Security and Privacy (CODASPY), February 2013: 365 - 376
 Y. Chen, P. A. Jamkhedkar, R. B. Lee (2012): A Software-Hardware Architecture for Self-Protecting Data. In Proceedings of the 19th ACM Conference on Computer and Communications Security, October 2012: 14 - 27
 J. Bethencourt, A. Sahai, B. Waters (2007): Ciphertext-Policy Attribute-Based Encryption. Security and Privacy, IEEE Symposium: 321 - 334
 A.V.D.M. Kayem (2010): On monitoring information flow of outsourced data. Information Security for South Africa (ISSA), 2010: 1-8
 M.S. Kirkpatrick, S. Kerr (2011): Enforcing physically restricted access control for remote data.ACM conference on Data and application security and privacy (CODASPY ’11): 203-212.
 Thilakanathan, S. Chen, S. Nepal, R.A. Calvo, L. Alem (2013): A Platform for Secure Monitoring and Sharing of Generic Health Data in the Cloud. Special Issue on Integration of Cloud Computing and Body Sensor Networks, Future Generation Computer Systems.
 D. Thilakanathan, S. Chen, S. Nepal, R.A. Calvo: Secure and Controlled Sharing of Data in Distributed Computing. 2nd IEEE International Conference on Big Data Science and Engineering (2013): 825 - 832.
 V. Goyal, O. Pandey, A. Sahai, B. Waters (2006): Attribute-based encryption for fine-grained access control of encrypted data. 13th ACM conference on Computer and communications security (CCS’06): 89 - 98
 S. Nepal, J. Zic, D. Liu, J. Jang (2011): A mobile and portable trusted computing platform. EURASIP J. Wireless Comm. and Networking 2011: 75.
 J. Zic, S. Nepal (2008): Implementing a portable trusted environment. Proceedings of the Future of Trust in Computing Conference: 17-29.
 A. Boldyreva, V. Goyal, and V. Kumar, ‘‘Identity-based encryption with efficient revocation,’’ in Proc. 15th ACM Conf. Comput. Commun. Secur. (CCS), 2008, pp. 417–426.
 A. Sahai and H. Seyalioglu, ‘‘Worry-free encryption: Functional encryption with public keys,’’ in Proc. 17th ACM Conf. Comput. Commun. Secur. (CCS), 2010, pp.t46
This work is licensed under a Creative Commons Attribution 4.0 International License.