Abstract
Nowadays, cloud computing is the main core of IT development. Due to its security issues and lack of security mechanisms, users are delaying the fast adoption of this technology. The privacy of data is usually limited by access policies for resources provided by cloud vendors, but nobody can confirm that only authorized entities have access to them. The present paper provides a practical solution to important security issues encountered in the cloud: privacy, confidentiality and access control. For preventing unauthorized access, the data is encrypted using Key-Aggregate Algorithm before being uploaded to the cloud. Commutative encryption is used for Key Management. There are also third party services that handle keeping the keys safe and controlling the access policies.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cloud Computing. https://en.wikipedia.org/wiki/Cloud_computing
Mell, P., Grance, T.: The NIST Definition of Cloud Computing. Special Publication 800–145, September 2011
ISACA Issues Six Principles for Effective Cloud Computing. ISACA (2012). http://www.isaca.org/About-ISACA/Press-room/News-Releases/2012/Pages/ISACA-IssuesSix-Principles-for-Effective-Cloud-Computing.aspx
Aich, A., Sen, A.: Study on cloud security risk and remedy. Int. J. Grid Distrib. Comput. 8, 155–156 (2015)
Box, J.W., et al.: Elliptic Curve Cryptography in Practice, Eprint IACR (2013). http://eprint.iacr.org/
Chu, C.-K., Chow, S.S.M., Tzeng, W.-G., Zhou, J., Deng, R.H.: Key-Aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(2), 468–477 (2013)
Bobba, R., Khurana, H., Prabhakaran, M.: AttributeSets: a practically motivated enhancement to attribute-based encryption, computer security. In: 14th European Symposium on Research in Computer Security, ESORICS 2009, vol. 5789, pp. 587–604 (2009)
RSA Data Protection Manager for cloud. http://india.emc.com/collateral/white-papers/h11748-rsa-data-protectionmanager-afore-cloudlink-seucre-vsa.pdf
Maui, H.I.: Policy management as a service: an approach to manage policy heterogeneity in cloud computing environment. In: 2012 45th Hawaii International Conference on System Science (HICSS), pp. 5500–5508. IEEE, 4–7 January 2012
Lenin, G., Vanitha, B., Vijayalakshm, C.K.: Secure data storage using decentralized access. Int. J. Innov. Res. Comput. 3 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Ghimeş, AM., Patriciu, V.V. (2016). Proposed Scheme for Data Confidentiality and Access Control in Cloud Computing. In: Bica, I., Reyhanitabar, R. (eds) Innovative Security Solutions for Information Technology and Communications. SECITC 2016. Lecture Notes in Computer Science(), vol 10006. Springer, Cham. https://doi.org/10.1007/978-3-319-47238-6_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-47238-6_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-47237-9
Online ISBN: 978-3-319-47238-6
eBook Packages: Computer ScienceComputer Science (R0)