RAAC: Robust and Auditable Access Control with Multiple Attribute Authorities for Public Cloud Storage
Download as PPTX, PDF1 like1,228 views
This document proposes a robust and auditable access control system with multiple attribute authorities for public cloud storage. It addresses the single point of failure and low efficiency issues of existing ciphertext-policy attribute-based encryption (CP-ABE) schemes that rely on a single attribute authority. The proposed system employs multiple attribute authorities to share the user verification load and introduces a central authority to generate secret keys for legitimate users. It also includes an auditing mechanism to detect any attribute authority that incorrectly performs user verification.
RAAC: Robust and Auditable Access Control with Multiple Attribute Authorities for Public Cloud Storage
- 1. RAAC: Robust and Auditable Access Control with Multiple Attribute Authorities for Public Cloud Storage
- 2. ABSTRACT • Data access control is a challenging issue in public cloud storage systems. Ciphertext-policy attribute-based encryption (CP-ABE) has been adopted as a promising technique to provide flexible, fine-grained, and secure data access control for cloud storage with honest-but- curious cloud servers. • However, in the existing CP-ABE schemes, the single attribute authority must execute the time-consuming user legitimacy verification and secret key distribution, and hence, it results in a single-point performance bottleneck when a CP-ABE scheme is adopted in a large- scale cloud storage system.
- 3. CONTI.. • Users may be stuck in the waiting queue for a long period to obtain their secret keys, thereby resulting in low efficiency of the system. • Although multi-authority access control schemes have been proposed, these schemes still cannot overcome the drawbacks of single-point bottleneck and low efficiency, due to the fact that each of the authorities still independently manages a disjoint attribute set
- 4. EXISTING SYSTEM • To address the issue of data access control in cloud storage, there have been quite a few schemes proposed, among which Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is re- garded as one of the most promising techniques. • A salient feature of CP-ABE is that it grants data owners direct control power based on access policies, to provide flexible, fine-grained and secure access control for cloud storage systems. • In CP-ABE schemes, the access control is achieved by using cryptography, where an owner’s data is encrypted with an ac- cess structure over attributes, and a user’s secret key is labelled with his/her own attributes.
- 5. CONTI.. • Only if the attributes associated with the user’s secret key satisfy the access structure, can the user decrypt the corresponding ciphertext to obtain the plaintext.
- 6. PROPOSED SYSTEM • In this paper, we propose a novel heterogeneous framework to remove the problem of single-point performance bottleneck and provide a more efficient access control scheme with an auditing mechanism. Our framework employs multiple attribute authorities to share the load of user legitimacy verification. • Meanwhile, in our scheme, a central authority is introduced to generate secret keys for legitimacy verified users.
- 7. CONTI.. • Unlike other multi-authority access control schemes, each of the authorities in our scheme manages the whole attribute set individually. • To enhance security, we also propose an auditing mechanism to detect which attribute authority has incorrectly or maliciously performed the legitimacy verification procedure.
- 8. SYSTEM REQUIREMNTS • HARDWARE REQUIREMENS • System : Pentium IV 2.4 GHz. • Hard Disk : 40 GB. • Ram : 512 Mb. • SOFTWARE REQURIEMENTS • Operating system : Windows XP/7. • Coding Language: : JAVA/J2EE • IDE : Netbeans 7.4 • Database : MYSQL