a hybrid authentication system for e-health cloud storage
TRANSCRIPT
A Hybrid Authentication System for E-Health Cloud Storage.
Kethireddy Dhanaram1, S V R Varaprasad2
1, PG Scholar, Department of Computer Science Engineering 2 Asst. Professor, Department of Computer Science Engineering
Avanthi Institute of Engineering &Technology, Makavarapalem, Narsipatnam, Vishakapatnam (Dt), AP, India.
Abstract
Storage of Data in Cloud has many challenges the main challenge is the security of data
storage and retrieval many sectorhave implemented many types of security process The privacy and
security to the personal information is one of the main challenge. With the rapid development of
cloud computing and mobile networking technologies, users tend to access their stored data from the
remote cloud storage with mobile devices. The main advantage of cloud storage is its ubiquitous user
accessibility and also its virtually unlimited data storage capabilities. due to malicious attack, theft or
internal errors This raises concern for many users/organizations as the outsourced data might contain
very sensitive personal organization. Several researches have addressed the issue of ensuring
confidentiality and privacy of cloud data without compromising the user functionality. Here,
confidentiality refers to the secrecy of the stored data so that only the client can read the contents of
the stored data To solve the problem of confidentiality, data encryption schemes can come in handy
to provide the users with some control over the secrecy of their stored data. This has been adopted
by many recent researches which allow users to encrypt their data before outsourcing to the cloud
The searchable encryption scheme is a technology to incorporate security protection and favourable
operability functions together, which can play an important role in the Maintaining of record
system In this paper, we introduce a novel cryptographic primitive named as key wrapping
encryption technique using sponge function for secures data storage and also time based
conjunctive keyword search for information Retrieval which and reduce the guessing attacks .
1. Introduction
Traditional storage devices such as flash drives, hard disks, and other forms of physical storage
devices are becoming increasingly out of date. The reason for this is that, on the business front, global
expansion of companies require data to be shared amongst employees for collaborative working. On
the personal front of the user, many users now have several devices, such as one or more smartphone /
cell Cloud storage thus provides a way of accessing personal data through all digital devices. As a
result, more and more people are turning towards the cloud's more flexible alternative for data storage.
The ability to access files from remote locations through a secure internet connection enables cloud
access to other storage options How cloud storage functions is it stores sensitive information of the
users on the database servers, and users are able to access their information from anywhere. All
consumer devices such as tablets, laptops, cell phones, desktop PCs and other technology gadgets can
be used to store files stored in the cloud and access them. Corporations may also take advantage of
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 129
cloud computing by being able to implement storage Another advantage of cloud storage is that users
are able to store all kinds of files, such as text documents, images, spreadsheets, videos, PDFs etc.
Various cloud service providers provide various types of features. In addition, cloud storage also
offers an opportunity to back up. If data is unintentionally deleted on one's local storage, or if one
loses the physical storage device like a Possibly, physical storage devices may arise. Another problem
is that it is possible to transfer a virus that might occupy one's device to the hard drive and corrupt the
digital data, or loss due to server errors, employee mistakes, natural disasters too. On an infrastructure
point of view, the cost of purchasing, installing and maintaining new servers is still considerably
higher than the a Cloud storage also helps in the immediate sharing of data, thereby providing several
people with access. That makes this service a great resource for both in-house and remote work.
Online cloud computing is also useful to all business types. Cloud storage is a more cost-effective tool
that doesn't require a big investment and can be used effectively to communicate and collaborate with
customers
Cloud computing was the use of computational resources (hardware and software) which are
distributed over a network (usually the Internet) as a service. The name derives from the traditional use
of a cloud-shaped symbol as an approximation to the complex network in system diagrams it includes.
Cloud technology entrusts data, information, and computation from a user to remote services. Cloud
computing consists of hardware and software resources which are made available as third-party
services operated on the Internet. These services usually provide access to sophisticated cloud
computer software applications and high-end networks.
Fig1. Structure of cloud computing
2. Literature Survey
The idea of hybrid cryptography helps to protect cloud storage network. Two different methods
are used to explain the difference between less stable systems and more stable ones. RSA and AES
algorithms are used in the first approach; RSA is used for key encryption, and AES is used for text
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 130
or data encryption. AES and Blowfish algorithms are used in the second or we might say more
secured approach. In the Background
[I]. The ECC(Elliptic Curve Cryptography) algorithm is implemented to make the centralized
cloud storage safer. This technique uses a single key for encryption and decryption, and on the
client side, the full process takes place. This technique performs such measures as: a.
Authentication, process of b. Key generation, c. Encryption, d. Decryption.
[2]. Three phase method is used in this proposed framework. Firstly, it uses Diffie Hellman to
swap keys. Authentication is subsequently performed using digital signature scheme. Finally
data is encrypted using AES and then uploaded to the required cloud system. For decryption
reverse procedure is implemented.
[3]. RSA algorithm and MD5 combined to ensure various security protections such as
confidentiality, data integrity, non-repudiation, etc. It uses RSA key generation algorithm for
generation of encrypted key for encryption and decryption process. MD5 digest is used for
accepting an input of length up to 128 bit and processing it and generating an output of padded
length for encryption and decrypt
[4]. . Implementation of Trusted Storage System using the Encrypted File System (EFS) and
NTFS file system drive with the aid of the data file protecting cache manager. EFS encrypts
stored files by automatically using cryptographic systems. The process takes place as follows,
firstly application writes files to NTFS which in turn places in cache and return backs to
NTFS.After this NTFS asks EFS to encrypt
[5]. Cloud Storage Protection Service uses different servers viz. User Input, Device Output and
Data Storage. Three separate servers are used to ensure the data is not affected by malfunction
on any of the servers. User Input server is used for storing user files and input data by
providing user authentication and making sure the data is not accessed by any of the
unauthorized means.
[6]Cloud computing reflects the most thrilling paradigm shift in Technology today. Security
and privacy are, however, viewed as the primary obstacles to its wide adoption. The authors
discuss some important security issues here and inspire further analysis of security strategies
for a secure cloud environment in the public sector.
[7]A user will only be able to access data in many distributed systems if a user has a certain set
of credentials or attributes. The only way to implement these policies now is to use a
trustworthy server to store the data and mediate access control. If any server that holds the data
is compromised, however, then the confidentiality of the data will be compromised.
[8]Throughout this paper we present a scheme which we call ciphertext-policy attribute-based
encryption for the realization of complex authentication on encrypted data. By using our
encrypted data techniques, even if the storage server is untrusted, data can be held
confidential; further, our methods are secure against conspiracy attacks. Prior attribute-based
encryption schemes used attributes to define the encrypted data and built policies into user
keys; while attributes are used to define credentials of a user in our program, and a party
encrypting data defines a policy on who may decrypt.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 131
[9]Our methods are thus conceptually similar to conventional forms of access control, such
as Roll-based Access Control (RBAC).
3 Characteristics and Services Models
The main features of cloud computing are described below, focusing on the interpretations
given by the National Institute of Standards and Terminology (NIST).
Self-service on demand: Customers can have computing resources directly, such as server
time and network storage, as required, immediately, without needing human contact with
each service provider.
• Wide network access: features are accessible on the network and accessed through
common frameworks facilitating the use of large and diverse thin or thick client frameworks
(e.g. cell phones, laptops, and PDAs).
• Resource pooling: The computing resources of the vendor are pooled to support multiple
users using a dual-tenant model, with various physical and virtual resources dynamically
delegated and reassigned to the customer demand. There can be a concept of location-
independence in why the customer typically has little power or information about the exact
position of the services offered but may be able to define position at a higher level of
abstraction (e.g., region, state, or data centre). Asset examples include storage, encoding,
memory, network bandwidth, and virtual machines.
• Rapid elasticity: Functionality can be given quickly and elastically, often automatically,
to quickly scale out and quickly release to quickly scale in. To the customer, the
provisioning capacities always seem limitless and can be purchased in any quantity at any
time.
• Monitored service: Cloud systems automatically monitor and optimize resource usage by
utilizing metering functionality at a certain level of service-specific abstraction (e.g.,
storage, processing, bandwidth and active user account). Usage of resources should be
handled, monitored and recorded to provide accountability for both provider and user of the
service used.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 132
Fig2 . Characteristics of cloud computing
3.1 CPRE Secure Against Chosen-Cipher text Attack
Re-encryption of proxies has found many functional applications, including encrypted email
routing, secure distributed le networks, and outsourced encrypted spam altering. As an
example, we use encrypted email forwarding to demonstrate the use of PRE, and also to
motivate our work. Imagine a department head, Alice, deciding to take a break. Assume a
department head, Alice, deciding to take a break. She delegates her secretary Bob to process
her routine emails. Some could be encrypted under Alice's public key, among the incoming
emails. Traditional schemes for public key encryption do not require Bob to process such
communications, following the safety principle that one's private key should never be
exchanged with another. With a PRE program, Alice can easily re-encrypt a key to the email
server. The email server (i.e., the proxy in PRE's jargon) turns it into a Bob encryption for an
incoming encrypted file. Bob then can use his hidden key to read this email. When Alice is
back she sends the email server instructions to avoid the transformation.
3.2 A DFA-Based Functional PRE
FUNCTIONAL Encryption (FE) is a useful cryptographic primitive that not only
guarantees data security but also improves data sharing versatility. It is a general extension
of PKE. In conventional PKE, data is encrypted to a specific user whose public key has
been recorded with a trusted Authority of Certificates. Nevertheless, FE offers more
flexibility that data can be encrypted under a name, and the encryption can be decrypted if
and only if there is a hidden key whose name b fits a. As described in and, a classic FE
example is Attribute-Based Encryption (ABE) that comes with two flavours: Key-Policy
ABE (KPABE) and Ciphertext-Policy ABE (CPABE). A former associates a hidden key to
an access scheme, so that the key can decrypt a ciphertext associated with scheme-
satisfying attributes. And the latter is complementary.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 133
3.3 IB-PRE-Without Random Oracles
A semi-trusted proxy can transform a ciphertext under Alice's identity into a ciphertext for
Bob in an identity-based proxy re-encryption (IB-PRE) scheme. The proxy knows neither
Alice nor Bob's secret key, nor the plaintext during the conversion. Some situations
therefore involve a fine grained delegation to treat. In this document, using the ID
encryption (IBE) technology. We are proposing a new identity-based conditional proxy re-
encoding scheme (IBCPRE) that allows Alice to enforce fi ne-grained decryption rights
delegation and is therefore more useful in many applications. In both computational and
communicational terms, our scheme has major advantages over the IBCPRE scheme by
Shao et al.
3.4 C-PRE With Chosen-Ciphertext Security
A semi-trusted proxy can convert a ciphertext under Alice's public key to a ciphertext for
Bob in a proxy re-encryption (PRE) scheme. The proxy knows neither Alice nor Bob's
secret key, nor the plaintext during the conversion. Conditional proxy re-encryption (C-
PRE) can enforce fine-grained decryption rights delegation, and is thus more useful in
many applications. Within this paper, we propose an efficient C-PRE scheme and
demonstrate its selected-ciphertext security under the random oracle model's decision-
making bilinear Diffie-Hellman (DBDH). In both computational and communicational
terms, our scheme has major advantages over previous schemes.
3.5 IBE Without Random Oracles
Identity-Based Encryption (IBE) offers a method for public-key encryption where a public
key is an arbitrary string, such as an email address or a phone number. A Private-Key
Generator (PKG) that has knowledge of a master secret can only produce the corresponding
private key. Users authenticate themselves to the PKG in an IBE program and obtain
private keys that suit their identities. The idea of identity-based encryption was first
introduced two decades ago and subsequently, several solutions were suggested in a few
predecessor papers. Nonetheless, it is just a few years ago that a structured security model
was introduced and a realistic implementation. Boneh and Franklin describe a security
model for identity-based encryption and give the Bilinear Diffie– Hellman construction.
3.6 Attribute-Based Encryption
Attribute-based encryption is one of Fuzzy identity-based encryption applications[7]. ABE
comes in two flavours, called KP-ABE[8],[11] and CP-ABE[12],[13]. The cipher text in
CP-ABE is associated with the access structure while a set of attributes is stored in the
private key. Bettencourt et al. suggested the first CPABEs cheme[12], their scheme's
downside scheme is that security proof was only constructed under the generic group
model.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 134
3.7 Secure Self-Destruction Scheme
A very well-known approach for addressing this problem is the safe deletion after
expiration of sensitive data when the data was used[19]. Recently, Cachin et al. used a
policy graph to explain the relationship between attributes and the security class, and
proposed a stable data delection scheme based on policies[20]. Reardon et al. Reardon et al.
leveraged grapht heory, B-tree structure and key wrapping and suggested a novel approach
to secure deletion or persistent storage devices design and analysis[21]. Because of the
properties of physical storage media, the above methods are not appropriate for cloud
computing environment as the deleted data can be easily retrieved from cloud servers[22].
Nonetheless, when conventional TSE is used in the cloud computing setting, it is a tricky
problem: cloud computing environment requires a finegrained access control[17] that can
not be supported by traditional TSE schemes. It is important to explore how to achieve the
time-specified cipher text through a fine-grained level of access control.
4 Proposed Methodology
1. In this paper, we endeavor to solve the problem with a novel mechanism proposed to
automatically revoke the delegation right after a period of time designated by the data
owner previously.
2. It implies that all users including data owner are constrained by the time period. The
beauty of the proposed system is that there is no time limitation for the data owner because
the time information is embedded in the re-encryption phase. The data owner is capable to
preset diverse effective access time periods for different users when he appoints his
delegation right.
3. An effective time period set by the data owner can be expressed with a beginning and
closing time (for instance, 01/01/2014-12/01/ 2014). A time server is used in the system,
which is responsible to generate a time token for the users. After receiving an effective
time period T from the data owner, the time server generates a time seal ST by using his
own private key and the public key of the delegate. In that way, the time period T is
encapsulated in the time seal ST .
4. By the re-encryption algorithm executed by the proxy server, the time period T will be
embedded in the re-encrypted cipher text. It is the timing enabled proxy re-encryption
function. When the delegate issues a query request, he should generate a trapdoor for the
queried keywords using his private key and time seal ST. Only if the time period
encapsulated in the trapdoor matches with the effective time period embedded in the proxy
re-encrypted cipher text, the cloud service provider will respond to the search query.
Otherwise, the search request will be rejected. In that way, the access right of the delegate
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 135
will expire automatically. The data owner needs not to do any other operation for the
delegation revocation.
4.1 ADVANTAGES OF PROPOSED SYSTEM
1. The beauty of the proposed system is the re-encryption phase and sponge construction
which give more security in Data Storage information and Data Retrial and the re
encryption process is done by the proxy server witch give more valid security using key
Word Search for avoiding the attacks
2. To the best of our knowledge, this is the first work that enables automatic delegation
revoking based on timing in a searchable encryption system. A conjunctive keyword search
scheme with designated tester and timing enabled proxy RE-encryption function (Re-
dtPECK) is proposed, which has the following merits.
3. We design a novel searchable encryption scheme supporting secure conjunctive keyword
search and authorized delegation function. Compared with existing schemes, this work can
achieve timing enabled proxy re-encryption with effective delegation revocation.
4. Owner-enforced delegation timing preset is enabled. Distinct access time period can be
predefined for different delegate.
5. The proposed scheme is formally proved secure against chosen-keyword chosen-time
attack. Furthermore, offline keyword guessing attacks can be resisted too. The test
algorithm could not function without data server’s private key. Eavesdroppers could not
succeed in guessing keywords by the test algorithm.
6. The security of the scheme works based on the standard model rather than random oracle
model. This is the first primitive that supports above functions and is built in the standard
mode
7. To the best of our knowledge, this is the first work that enables automatic delegation
revoking based on timing in a searchable encryption system. A conjunctive keyword search
scheme with designated tester and timing enabled proxy RE-encryption function (Re-
dtPECK) is proposed, which has the following merits.
8. We design a novel searchable encryption scheme supporting secure conjunctive keyword
search and authorized delegation function. Compared with existing schemes, this work can
achieve timing enabled proxy re-encryption with effective delegation revocation.
9. Owner-enforced delegation timing preset is enabled. Distinct access time period can be
predefined for different delegate.
10. The proposed scheme is formally proved secure against chosen-keyword chosen-time
attack. Furthermore, offline keyword guessing attacks can be resisted too. The test
algorithm could not function without data server’s private key. Eavesdroppers could not
succeed in guessing keywords by the test algorithm.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 136
11. The security of the scheme works based on the standard model rather than random oracle
model. This is the first primitive that supports above functions and is built in the standard
mode.
4.2 SYSTEM ARCHITECTURE FOR E-HEALTH
Our system model shows conjunctive keyword search scheme with designated tester and timing
enabled proxy reencryption function (Re-dtPECK) used for the E-health cloud Document system. E-
cloud framework show three entities data owner who had a authority to file or record of data ,users
who want to access the data, and data centre where the actual server store the file and using trapdoor
who generate the tokens when the user demand for particular file from the data storage centre
Fig 3 :-Data owner want to keep document or record of on third party storage system database
Now the whole file not store in encrypted form, encrypted for privacy purposes but only keyword get
encrypted. those file or document put in data storage server, server perform some form operations such
as insert,update, delete. Trapdoor use by user who provides his own secure key to access document
from the data server,from this search servers communicate with E-health Document storage,to check
the similarity document and returns those record in encrypted form. This timing enabled proxy Re-
Encryption searchable Encryption scheme highlight the implementation of the time span controlled
operation.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 137
Patient Verify user
Authentication Output
Data
storage
Fig 4 : model for secret sharing of health records
1. Delegator or (data owner) and Delegate (data user) communicate via proxy re-encryption
server used for E-health document retrieval from EHD storage server.
2. The proxy re-encryption scheme is used to provide reliable service to data userhence time seal
encapsulation technique, provide a time span and concealed by the secure key of the time span
server to access the document or record from the EHD storage server
3. The EHD cloud document server will not return the similarity Document up to when the most
appropriate time period encapsulated in plenty of your time and effort seal accords with plenty
of your amount of time in the re-encrypted cipher text, which is different from traditional
proxy re-encryption SE schemes.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 138
Upload patient data
Enter IDand
Secretekey
Data base Encrypt data &
store into server
USER
Verify physician
CSP
Provide treatment
Verify physician
Fig4. Level 1 flow diagram
Fig5. Level 2 flow diagram
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 139
Fig6. Level 3 flow diagram
4.2 Algorithm
Key wrapping schemes address the problem of key management in distributed
systems. Security architects often limit the lifespan of keys in order to reduce the risk of
the key compromise and lessen the amount of data encrypted on a single key. Hence keys
are regularly updated, and an update protocol using an insecure channel must be
carefully designed. Ideally, it should be simple and efficient. Practical constraints also
limit, if not forbid the use of additional mechanisms such as nonce or random number
generation.
We define scheme KWF formally as Π = (K,E[F],D[F]), where: K = {0,1}k— the key
space;
1. H = {0,1}0..t
— the associated data (AD) space with t ≤ 2k; M=
{0,1}1..(n−k−l−1)
— the message space; C = {0,1}n
— the cipher text space.
G : {0,1}0..t
−→ {0,1}l
— collision-resistant hash function for the associated data;
2. pad : {0,1}1..(n−k−l−1)
−→ {0,1}n−l
— invertible padding function; F:
{0,1}n−→ {0,1}
n — fixed permutation.
3. E[F] : K× H × M−→C —
encryption function (Figure 1):
if H 6= ∅;
4. D [F] : K × H × {0 ,1}n
−→ M ∪ {⊥} — decryption function.
DK[F](H,C) is computed asfollows:
(B) If X1..k 6= K, return⊥.∅
(C) If H = and Xk+1..k+l 6=0return ;
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 140
(D) H=6 and X =6 G(H) return.
Elseif
∅ k+1..k+l⊥
(E) Returnpad−1(Xk+l+1..n).
Fig 7: Our proposal: KWF.
H M
G pad
pad 0 G ( H ) [M ]
K L N − K −L
N
F
C K
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 141
5 Experiential Analyses
Fig 8: Registration form for data owner and doctor
Fig 9: details maintained about user and doctor in cloud
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 142
Fig 10: data stored in drive hq cloud in the folder called as kk
Fig 11: data owner login with secret key
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 143
Fig 12: user login with secret key
Fig 13: file stored in encrypted format
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 144
Fig 14: files in cloud server
6. Conclusion
Cloud computing brings great convenience for people. Particularly, it perfectly matches the
increased need of sharing data over the Internet to build a cost-effective and secure data sharing
system in cloud computing, Hence RS-IBE, which supports identity based revocation and ciphertext
update simultaneously such that a revoked user is prevented from accessing previously shared data, as
well as subsequently shared data. Furthermore, a concrete construction of RS-IBE is presented. The
RS-IBE scheme is proved adaptive-secure in the standard model, under the decisional ℓ-DBHE
assumption. The comparison results demonstrate that scheme has advantages in terms of efficiency
and functionality, and thus is more feasible for practical applications.
7. References
[1] K. Ren, C. Wang, and Q. Wang, “Security Challenges for the Public Cloud,” IEEE Internet
Computing, vol. 16, no. 1, pp. 69-73, 2012.
[2] C. Delerablée, “Identity-based Broadcast Encryption with Constant Size Ciphertexts and Private
Keys,” Proc. the 13th International Conference on the Theory and Application of Cryptology and
Information Security (ASIACRYPT 2007), pp. 200-215, 2007.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 145
[3] F. Beato, S. Meul, and B. Preneel, “Practical Identity-based Private Sharing for Online Social
Networks,” Computer Communications, vol. 73, pp. 243-250, 2016.
[4] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy Attribute based Encryption,” Proc. the
28th IEEE Symposium on Security and Privacy (S&P 2007), pp. 321-334, 2007.
[5] Z. Wan, J. Liu, and R. Deng, “HASBE: A Hierarchical Attribute-based Solution for Flexible and
Scalable Access Control in Cloud Computing,” IEEE Transactions on Information Forensics and
Security, vol. 7, no. 2, pp. 743-754, 2012.
[6] H. Hu, G. Ahn, and J. Jorgensen, “Multiparty Access Control for Online Social Networks: Model
and Mechanisms,” IEEE Transactions on Knowledge and Data Engineering, vol. 25, no. 7, pp. 1614-
1627, 2013.
[7] M. Blaze, G. Bleumer, and M. Strauss, “Divertible Protocols and Atomic Proxy Cryptography,”
Proc. Advances in Cryptology-EUROCRYPT 1998 (EUROCRYPT '98), pp.127-144, 1998.
[8] D. Tran, H. Nguyen, W. Zha, and W. Ng, “Towards Security in Sharing Data on Cloud-based
Social Networks,” Proc. the 8th International Conference on Information, Communications and Signal
Processing (ICICS2011), pp. 1-5, 2011.
[9] J. Weng, R. Deng, X. Ding, C. Chu, and J. Lai, “Conditional Proxy Re- Encryption Secure Against
Chosen-ciphertext Attack,” Proc. the 4th International Symposium on ACM Symposium on
Information, Computer and Communications Security (CCS 2009), pp. 322-332, 2009.
[10] P. Xu, T. Jiao, Q. Wu, W. Wang, and H. Jin, “Conditional Identity based Broadcast Proxy Re-
encryption and its Application to Cloud Email,” IEEE Transactions on Computers, vol. 65, no. 1, pp.
66-79, 2016.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 146
[11] Y. Yang, H. Lu, J. Weng, Y. Zhang, and K. Sakurai, “Fine-grained Conditional Proxy Re-
encryption and Application,” Proc. the 8th International Conference on Provable Security (ProvSec
2014), pp. 206-222, 2014.
[12] J. Hong, K. Xue, W. Li, and Y. Xue, “TAFC: Time and Attribute Factors Combined Access
Control on Time-Sensitive Data in Public Cloud,” Proc. 2015 IEEE Global Communications
Conference (GLOBECOM 2015), pp. 1-6, 2015.
[13] R. Rivest, A. Shamir, and D. Wagner, “Time Lock Puzzles and Timed-release Crypto,”
Massachusetts Institute of Technology, MA, USA, 1996.
[14] J. Zhang, Z. Zhang, H. Guo, “Towards Secure Data Distribution Systems in Mobile Cloud
Computing,” IEEE Transactions on Mobile Computing, 2017, doi: 10.1109/TMC.2017.2687931
[15] Z. Qin, H. Xiong, S. Wu, and J. Batamuliza, “A Survey of Proxy Reencryption for Secure Data
Sharing in Cloud Computing,” IEEE Transactions on Services Computing, 2016, doi:
10.1109/TSC.2016.2551238.
Science, Technology and Development
Volume IX Issue VII JULY 2020
ISSN : 0950-0707
Page No : 147