An Efficient and Secured Storage Delegated Access Control to Maintain confidentiality of Data

Download An Efficient and Secured Storage Delegated Access Control to Maintain confidentiality of Data

Post on 15-Apr-2017




5 download

Embed Size (px)


  • An Efficient and Secured Storage Delegated Access Control to Maintain confidentiality of Data


  • ABSTRACT Current approaches to enforce fine-grained access control on confidential data hosted in the cloud are based on fine-grained encryption of the data. Under such approaches, data owners are in charge of encrypting the data. Data owners thus incur high communication and computation costs. A better approach should delegate the enforcement of fine-grained access. We propose an approach, based on two layers of encryption, that addresses such requirement. In our approach, the data owner performs a coarse-grained encryption, whereas the cloud performs a fine-grained encryption on top of the owner encrypted data. A challenging issue is how to decompose access control policies (ACPs) such that the two layer encryption can be performed.


  • Outline Introduction Group Key Management (GKM) Attribute Based Systems and GKM Requirements Broadcast GKM (BGKM) Attribute-Based GKM (AB-GKM) Privacy Preserving SLE (Single Layer Encryption) Approach TLE (Two Layer Encryption) Approach

  • Before Data outsourcing

    Data BobAliceTimOrganization

  • In cloud computing Era


  • In cloud computing Era


    Encrupted & uploadDownload & decrypt

  • How to control Access ?Different users have access to different documents. Bob is a Doctor and has access to medical report .Alice is a Nurse & has access to clinical records. MR2MR1MR3MR4MR5CR1CR3CR2CR4AliceKey2Key1Bob


  • What cryptosystem to use ? Public key cryptosystem (PKC) public key infrastructure(PKI)Attribute based encryption (ABE)

    symmetric key cryptosystemGroup key management (GKM)

  • Traditional PKI

    PubA (CR1)PubB (MR1)PubT (MR1)PubA(CR1)PubB(MR1)PubA(CR1)PubT(MR1)PubB (MR1)PubT (MR1)organizationcloudBob



    (Doctor)PubB/PriBPubA/PriAPubT/Pri T

  • Attribute Based Encryption (ABE)

    Nurse (CR1)Doctor(MR1)Nurse(CR1)Doctor(MR1)Nurse(CR1)Doctor(MR1)Doctor(MR1)organizationcloudBob



    (Doctor) Pri B Pri A Pri T

  • Attribute Based systemUserAttributeLevel=seniorRole=DoctorAge=51Role=NurseLevel =seniorRole=DoctorLevel=juniorBobAliceTim

  • Broadcast GKM GC

    Public info

    +S1S2S3Instead of giving keys ,give some secrets to derive the key using public info.Contains the policy

  • How BGKM worksGCS1S3S2BobTimAliceKPIEk(Data)S1S3DATA(3)Upload encrypted data& PI(2)Using secrets genrate symmetric key & public info PI(1)Issue secretsPI(4)Download encrypted data & PI

    KDerive key using PIDerive key using PI

  • Attribute Based GKM(AB-GKM)ORANDLevel >= seniorRole=Doctor Level>=senior Role=NurseLevel =seniorRole=DoctorAge =51Level=seniorRole=NurseLevel=juniorRole=Doctors4s1s5s3s1s4s2x

  • Single layer encryptionUser IdPOwner User Cloud (3) Selectively encrypt & upload(1) Register identity tokens(5) Download to re-encrypt (2) Secrets (4) Download & decrypt(1)Identity attribute(2) Identity token

  • Privacy Preserving of Id. Attributes*Server I am a doctor Heres a secret Tim


  • Privacy Preserving of Id. AttributesServer I am a doctor Heres a secret Tim Privacy Preserving Registration*: CommitmentEnvelopeUnconditionally hiding and computationally binding

    An encrypted message *OCBE Oblivious Commitment Based Envelope

  • Extending the SLE Approach In the SLE approach

    1.The Owner has to manage all the identity attributes and perform the fine grained encryption

    2.If the user credentials or access control policies change, the owner has to download, decrypt, rekey, re-encrypt and upload .

  • Can we reduced the load at Owner? How can we delegate the access control enforcement to the cloud? Use two layer encryption A nave approach The owner encrypts each data item according to the ACPs The Cloud re-encrypts according to the ACPs again

  • Two Layer Dynamic Encryption Owner User cloud user IdP(1) Identity Attribute (2) Identity Token (5) Re-encrypt to enforce policies (1) Decompose policies (4) coarse-grained enc. & upload docs & modified policies (2) Register identity token (2) Register identity token (3) Secrets (3) Secrets (6) Download & Decrypt twice

  • Two Layer Encryption In order to reduce the load at the Owner, the ACPs should be decomposed to two such that The owner performs a coarse-grained encryption The cloud performs a fine-grained encryption At the same time The confidentiality of the data should be assured The two layers together should enforce the ACP ACP = ACP1 ACP2

    DATACloud Owner

  • Policy Decomposition Problem In order to minimize the load at the Owner The Owner should manage only the minimum of number of attributes Policy Cover Problem: Find the minimum number of attribute conditions in ACPs that assures the confidentiality from the Cloud.

  • A Simplified Example ACP1 = (role = doc (role = nur type >= junior), CI) ACP2 = (role = doc yos >= 5, BI) ACP3 = (role = doc ip = 2-out-4, CR) ACP4 = (role = nur type = senior, TR) Minimal ACC = {role = doc, role = nur } ACP11 = (role = doc role = nur, CI) ACP21 = ACP31 = (role = doc, BI, CR) ACP41 = (role = nur, TR) ACP12 = (role = doc type >= junior, CI) ACP22 = (yos >= 5, BI) ACP32 = (ip = 2-out-4, CR) ACP42 = (type = senior, TR)

    type > = junior type = senior role = doc role = nur ip = 2-out-4 yos >= 5 All ACPs

    Decomposed ACPs Policy Cover Owner enforced sub ACPs Cloud enforced sub ACPs Policy Graph 1 4 2 3

  • CONCLUSIONSCurrent approaches to enforce ACPs on outsourced data using selective encryption require organizations to manage all keys and encryptions and upload the encrypted data to the remote storage. Such approaches incur high communication and computation cost to manage keys and encryptions.In this paper, we proposed a two layer encryption based approach to solve this problem by delegating as much of the access control enforcement responsibilities as possible to the Cloud while minimizing the information risks due to colluding Usrs and Cloud.We showed how decomposition of ACPs are handle a minimum number of attribute conditions.



  • *