Open Access Open Access  Restricted Access Subscription Access

Capability-Based Cryptographic Data Access Control in Cloud Computing


Affiliations
1 Department of Computer Science & Information Systems, BITS Pilani Hyderabad Campus, Hyderabad, India
2 Information Security Group, School of Engineering & Mathematical Sciences, City University, United Kingdom
3 BT Innovate and Design, British Telecommunications, Suffolk IP5 3RE, United Kingdom
 

Cloud computing has emerged as a popular model in computing world to support processing large volumetric data using clusters of commodity computers. It is the latest effort in delivering computing resources as a service. It is used to describe both a platform and a type of application. A cloud computing platform dynamically provisions, configures, and deprovisions servers as needed. Cloud computing also describes applications that are extended to be accessible through the Internet. Data security and access control is one of the most challenging ongoing research work in cloud computing, because of users outsourcing their sensitive data to cloud providers. Existing solutions that use pure cryptographic techniques to mitigate these security and access control problems suffer from heavy computational overhead on the data owner as well as the cloud service provider for key distribution and management. This paper addresses this challenging open problem using capability based access control technique that ensures only valid users will access the outsourced data. This work also proposes a modified Diffie-Hellman key exchange protocol between cloud service provider and the user for secretly sharing a symmetric key for secure data access that alleviates the problem of key distribution and management at cloud service provider. The simulation run and analysis shows that the proposed approach is highly efficient and secure under existing security models.

Keywords

Cloud Computing, Cryptography, Access Control, Capability, Security.
User
Notifications
Font Size

Abstract Views: 178

PDF Views: 0




  • Capability-Based Cryptographic Data Access Control in Cloud Computing

Abstract Views: 178  |  PDF Views: 0

Authors

Chittaranjan Hota
Department of Computer Science & Information Systems, BITS Pilani Hyderabad Campus, Hyderabad, India
Sunil Sanka
Department of Computer Science & Information Systems, BITS Pilani Hyderabad Campus, Hyderabad, India
Muttukrishnan Rajarajan
Information Security Group, School of Engineering & Mathematical Sciences, City University, United Kingdom
Srijith K. Nair
BT Innovate and Design, British Telecommunications, Suffolk IP5 3RE, United Kingdom

Abstract


Cloud computing has emerged as a popular model in computing world to support processing large volumetric data using clusters of commodity computers. It is the latest effort in delivering computing resources as a service. It is used to describe both a platform and a type of application. A cloud computing platform dynamically provisions, configures, and deprovisions servers as needed. Cloud computing also describes applications that are extended to be accessible through the Internet. Data security and access control is one of the most challenging ongoing research work in cloud computing, because of users outsourcing their sensitive data to cloud providers. Existing solutions that use pure cryptographic techniques to mitigate these security and access control problems suffer from heavy computational overhead on the data owner as well as the cloud service provider for key distribution and management. This paper addresses this challenging open problem using capability based access control technique that ensures only valid users will access the outsourced data. This work also proposes a modified Diffie-Hellman key exchange protocol between cloud service provider and the user for secretly sharing a symmetric key for secure data access that alleviates the problem of key distribution and management at cloud service provider. The simulation run and analysis shows that the proposed approach is highly efficient and secure under existing security models.

Keywords


Cloud Computing, Cryptography, Access Control, Capability, Security.