Implementation of Cypher Text- Policy Attribute- Set-Based Encryption (CP-ASBE) in Cloud

Authors

  • Suresh S., Rakesh Kumar Yadav

Keywords:

Revocation Mechanisms, Dynamic Access Control, Cryptographic Standards, Modern Tools, Java, Attribute-Based Encryption (ABE)

Abstract

This research seeks to explore the feasibility of using Attribute-Based Encryption (ABE) techniques, especially Comparative Policy-Based Attribute-Based Encryption (CP-ABE) and Comparative Policy-Attribute-Based Security Environment (CP-ASBE) for accurate access control in cloud computing. The comparison of CP-ABE and CP-ASBE is made based on the following aspects: access policy flexibility, scalability, efficiency, expressiveness, security, revocation mechanisms, and real-world uses. The proposed CP-ASBE architecture is based on dynamic access control at the attribute level. It employs up-to-date tools such as OpenSSL, Perceptome, AWS, Azure, Python, Java, Jenkins, and the ELK Stack. This makes the system scalable, efficient, and cryptographically compliant, which is a solution to cloud security problems. Some assessment methods are system testing, risk assessment, and continuous assessment to ensure the system works effectively and securely. Possible future research directions are the enhancement of homomorphic encryption, blockchain, AI security, and post-quantum cryptography. These developments aim to improve cloud security’s capacity to address new threats and the needs of various regulations, which in turn contributes to the advancement of data protection and privacy in the cloud.

Downloads

Download data is not yet available.

References

Wang, C., Wang, Q., Ren, K., Cao, N., & Lou, W. (2011). Toward Secure and Dependable Storage Services in Cloud Computing. IEEE Transactions on Services Computing, 5(2), 220-232.

Zhou, Z., Huang, D., & Wang, Z. (2011). Efficient Privacy-Preserving Cipher Text-Policy Attribute-Based Encryption in Cloud Computing. Proceedings of the 2011 IEEE International Conference on Computer and Information Technology, 17-25.

Yu, S., Ren, K., Lou, W., & Li, J. (2010). Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing. Proceedings of the IEEE INFOCOM 2010 Conference on Computer Communications, 1-9.

Mell, P., & Grance, T. (2011). The NIST Definition of Cloud Computing. National Institute of Standards and Technology, Special Publication 800-145.

McCarthy, J. (1961). Speech at the MIT Centennial. Massachusetts Institute of Technology.

Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J., & Brandic, I. (2009). Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems, 25(6), 599-616.

Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., ... & Zaharia, M. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50-58.

Vaquero, L. M., Rodero-Merino, L., Caceres, J., & Lindner, M. (2008). A break in the clouds: towards a cloud definition. ACM SIGCOMM Computer Communication Review, 39(1), 50-55.

Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., & Ghalsasi, A. (2011). Cloud computing—The business perspective. Decision Support Systems, 51(1), 176-189.

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1-11.

Popovic, K., & Hocenski, Z. (2010). Cloud computing security issues and challenges. Proceedings of the 33rd International Convention MIPRO, 344-349.

Zhang, Q., Cheng, L., & Boutaba, R. (2010). Cloud computing: state-of-the-art and research challenges. Journal of Internet Services and Applications, 1(1), 7-18.

Mohapi, L., & Mnkandla, E. (2018). Quantum computing: a review of the state of the art. Proceedings of the 2018 International Conference on Advances in Big Data, Computing and Data Communication Systems (icABCD).

Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The rise of “big data” on cloud computing: Review and open research issues. Information Systems, 47, 98-115.

Daemen, J., & Rijmen, V. (2001). The design of Rijndael: AES-the advanced encryption standard. Springer-Verlag.

FIPS PUB 46-3. (1999). Data Encryption Standard (DES). National Institute of Standards and Technology.

Schneier, B. (1996). Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley & Sons.

Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120-126.

Miller, V. S. (1985). Use of elliptic curves in cryptography. Advances in Cryptology—CRYPTO '85, 417, 417-426.

Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644-654.

Menezes, A. J., van Oorschot, P. C., & Vanstone, S. A. (1996). Handbook of Applied Cryptography. CRC Press.

Bernstein, D. J., Buchmann, J., & Dahmen, E. (2009). Post-quantum cryptography. Springer-Verlag.

Bethencourt, J., Sahai, A., & Waters, B. (2007). Ciphertext-policy attribute-based encryption. 2007 IEEE Symposium on Security and Privacy (SP '07), 321-334.

Goyal, V., Pandey, O., Sahai, A., & Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS '06), 89-98.

Chase, M. (2007). Multi-authority attribute-based encryption. Proceedings of the 4th Theory of Cryptography Conference (TCC '07), 515-534.

Lewko, A., & Waters, B. (2011). Decentralizing attribute-based encryption. Advances in Cryptology – EUROCRYPT 2011, 568-588.

Waters, B. (2011). Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. Public Key Cryptography – PKC 2011, 53-70.

Boldyreva, A., Goyal, V., & Kumar, V. (2008). Identity-based encryption with efficient revocation. Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS '08), 417-426.

Boneh, D., & Boyen, X. (2004). Efficient selective-ID secure identity-based encryption without random oracles. Advances in Cryptology – EUROCRYPT 2004, 223-238.

Sahai, A., & Waters, B. (2005). Fuzzy identity-based encryption. Advances in Cryptology – EUROCRYPT 2005, 457-473.

Li, M., Yu, S., Zheng, Y., Ren, K., & Lou, W. (2013). Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, 24(1), 131-143.

Yang, K., Jia, X., Ren, K., Zhang, B., & Xie, R. (2013). DAC-MACS: Effective data access control for multiauthority cloud storage systems. IEEE Transactions on Information Forensics and Security, 8(11), 1790-1801.

Wan, Z., Liu, J., & Deng, R. H. (2012). HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing. IEEE Transactions on Information Forensics and Security, 7(2), 743-754.

Boneh, D., Gentry, C., Halevi, S., & Vaikuntanathan, V. (2009). Fully homomorphic encryption without bootstrapping. Proceedings of the 41st Annual ACM Symposium on Theory of Computing, 169-178.

Liu, J. K., Au, M. H., Huang, X., & Susilo, W. (2018). Practical privacy-preserving access control over encrypted data in cloud computing with limited key leakage. IEEE Transactions on Information Forensics and Security, 10(8), 1590-1601.

Amazon Web Services. (2021). AWS. Retrieved from https://aws.amazon.com/

Elastic. (2021). Elastic Stack: Elasticsearch, Kibana, Beats, and Logstash. Retrieved from https://www.elastic.co/

GitLab. (2021). GitLab CI. Retrieved from https://about.gitlab.com/stages-devops-lifecycle/continuous-integration/

Jenkins. (2021). Jenkins. Retrieved from https://www.jenkins.io/

Microsoft Azure. (2021). Azure. Retrieved from https://azure.microsoft.com/

Oracle. (2021). Java. Retrieved from https://www.oracle.com/java/

Prometheus. (2021). Prometheus. Retrieved from https://prometheus.io/

Python Software Foundation. (2021). Python. Retrieved from https://www.python.org/

Raghav, H., & Harit, A. (2020). PyCryptodome: A Python cryptographic library. Journal of Open Source Software, 5(47), 1956. https://doi.org/10.21105/joss.01956

Choi, J., Park, J., & Lee, H. (2018). Effective access control scheme using attribute-based encryption in cloud computing. Journal of Supercomputing, 74(8), 3493-3508. https://doi.org/10.1007/s11227-018-2437-1

EU GDPR. (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Union. Retrieved from https://eur-lex.europa.eu/eli/reg/2016/679/oj

NIST. (2021). NIST Special Publication 800-175B: Guideline for using attribute-based access control (ABAC) in information sharing environments (ISE). National Institute of Standards and Technology. Retrieved from https://csrc.nist.gov/publications/detail/sp/800-175B/final

Downloads

Published

06.08.2024

How to Cite

Suresh S. (2024). Implementation of Cypher Text- Policy Attribute- Set-Based Encryption (CP-ASBE) in Cloud. International Journal of Intelligent Systems and Applications in Engineering, 12(23s), 228 –. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/6729

Issue

Section

Research Article