Skip to main content
SpringerLink
Log in

Role based access control using identity and broadcast based encryption for securing cloud data

  • Original Paper
  • Published:
Journal of Computer Virology and Hacking Techniques Aims and scope Submit manuscript

Abstract

Since integrity of data on cloud cannot be assured, several clients and users hesitate to upload their crucial data to the cloud, which eventually hinders cloud storage development. One of the biggest challenges with respect to cloud security is to ensure data confidentiality and one of the solutions to this issue can be by restricting unauthorized access to user data stored on cloud. In due course of time much research has been proposed using cryptographic techniques along with access control model(s) to deal with security issues pertaining to untrusted cloud environments. This work illustrates Role-Based access control policies over user data and permits the owner of the data to store it in an encrypted pattern to the cloud, thereby, allowing only permissible roles to access the data. Hence, the proposed work is an amalgamation of Role-Based Encryption (RBE) scheme using Identity and Broadcast based Encryption scheme to ensure data integrity in public clouds. In this paper we discuss the usage of several algorithmic modules that demonstrates how roles are governed by the membership rights, user revocation, encryption and decryption processes. Finally, the proposed model is compared with its peers on the basis of encryption and decryption time.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Availability of data and material

Data transparency.

Code availability

Software application or custom code.

References

  1. Liu, Z., Chen Yang, J., et al.: New order preserving encryption model for outsourced databases in cloud environments. J. Netw. Comput. Appl. 59, 198–207 (2016)

    Article  Google Scholar 

  2. Xu, J., Wei, L., Zhang, Y., et al.: Dynamic fully homomorphic encryption-based Merkle tree for lightweight streaming authenticated data structures. J. Netw. Comput. Appl. 107, 113–124 (2018)

    Article  Google Scholar 

  3. Liu, Z., Huang, Y., et al.: DivORAM: towards a practical oblivious RAM with variable block size. Inf. Sci. 447, 1–11 (2018)

    Article  Google Scholar 

  4. Liu, Z., Li, B., Huang, Y., et al.: NewMCOS: towards a practical multi-cloud oblivious storage scheme. IEEE Trans. Knowl. Data Eng. (2019). https://doi.org/10.1109/TKDE.2019.2891581

    Article  Google Scholar 

  5. Yue, X., Chen, B., Wang, X., et al.: An efficient and secure anonymous authentication scheme for VANETs based on the framework of group signatures. IEEE Access 6, 62584–62600 (2018)

    Article  Google Scholar 

  6. Meyers, C.: https://lacework.com/top-cloud-breaches/ (2019)

  7. Sakai, R., Furukawa, J.: Identity-based broadcast encryption. IACR Cryptol. ePrint Arch. 2007, 217 (2007)

    Google Scholar 

  8. Delerablée, C.: Identity-based broadcast encryption with constant size ciphertexts and private keys. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 200–215. Springer, Berlin (2007)

  9. Zhu, Y., Hu, H.X., Ahn, G.J., Wang, H.X., Wang, S.B.: Provably secure role-based encryption with revocation mechanism. J. Comput. Sci. Technol. 26(4), 697–710 (2011)

    Article  MathSciNet  Google Scholar 

  10. Zhou, L., Varadharajan, V., Hitchens, M.: Enforcing role-based access control for secure data storage in the cloud. Comput. J. 54(10), 1675–1687 (2011)

    Article  Google Scholar 

  11. Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Trans. Comput. Syst. (TOCS) 1(3), 239–248 (1983)

    Article  Google Scholar 

  12. Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and efficient key management for access hierarchies. ACM Trans. Inf. Syst. Secur. (TISSEC) 12(3), 1–43 (2009)

    Article  Google Scholar 

  13. Hassen, H.R., Bouabdallah, A., Bettahar, H., Challal, Y.: Key management for content access control in a hierarchy. Comput. Netw. 51(11), 3197–3219 (2007)

    Article  Google Scholar 

  14. Di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 123–134 (2007)

  15. Blundo, C., Cimato, S., di Vimercati, S.D.C., De Santis, A., Foresti, S., Paraboschi, S., Samarati, P.: Efficient key management for enforcing access control in outsourced scenarios. In: IFIP International Information Security Conference, pp. 364–375. Springer, Berlin (2009)

  16. Samarati, P., Di Vimercati, S.D.C.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 1–14 (2010)

  17. Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 548–566. Springer, Berlin (2002)

  18. Boneh, D., Boyen, X., Goh, E.J.: Hierarchical identity based encryption with constant size ciphertext. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 440–456. Springer, Berlin (2005)

  19. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98 (2006)

  20. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 457–473. Springer, Berlin (2005)

  21. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: 2010 Proceedings IEEE INFOCOM, pp. 1–9. IEEE (2010)

  22. Zhu, Y., Ma, D., Hu, C.J., Huang, D.: How to use attribute-based encryption to implement role-based access control in the cloud. In: Proceedings of the 2013 International Workshop on Security in Cloud Computing, pp. 33–40 (2013)

  23. Goh, E.J., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: securing remote untrusted storage. In: NDSS, vol. 3, pp. 131–145 (2003).

  24. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. (TISSEC) 9(1), 1–30 (2006)

    Article  Google Scholar 

  25. Xu, J., Yu, Y., Meng, Q., Wu, Q., Zhou, F.: Role-based access control model for cloud storage using identity-based cryptosystem. Mob. Netw. Appl. (2020). https://doi.org/10.1007/s11036-019-01484-4

    Article  Google Scholar 

Download references

Funding

Not Applicable.

Author information

Authors and Affiliations

  1. Department of Computer Science & Engineering and Information Technology, Jaypee Institute of Information Technology, Noida, A-10, Sector-62, Noida, U.P, India

    Urvashi Rahul Saxena & Taj Alam

Authors
  1. Urvashi Rahul Saxena
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Taj Alam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Urvashi Rahul Saxena.

Ethics declarations

Conflict of interest

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Saxena, U.R., Alam, T. Role based access control using identity and broadcast based encryption for securing cloud data. J Comput Virol Hack Tech 18, 171–182 (2022). https://doi.org/10.1007/s11416-021-00402-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-021-00402-1

Keywords

Search

Navigation