Abstract
Cloud computing has encountered accelerated growth and technological advancements in recent times. However, Cloud computing is still perceived to be in its infancy and will unfold its hidden potential by augmenting its services with future technologies like Metaverse, Augmented Reality, and Virtual Reality. The demand for computing resources has also increased with the increase in the number of service users, thus, the data owners outsource their computational demands to the cloud servers configured at remote locations. Since the cloud offers multi-tenancy, the risk for unauthorized access and network attacks like Denial-of-Service attacks, and Sybil attacks, increases due to the consumption of shared resources and hypervisor exploitation. In order to protect the owner's data from unauthorized access, it needs to be encrypted before being outsourced. Conventional cryptosystems decrypt the encoded message before performing computations on the outsourced data, which increases the computational complexity of the system. Homomorphic Encryption permits the cloud service provider to perform computations on encrypted data without the need for decryption. Hence, in this paper, we introduce a layer of secure cipher gateway for user data. This work demonstrates an integrated scheme based on Partial Homomorphic Encryption and Role-Based Access Control policies to restrict unauthorized access. Data access is granted strictly as per the user-role mapping in the role-based hierarchy to ensure data integrity. The proposed model also suggests mitigation techniques for various cloud attacks. The work has been compared with its peers based on a secured communication channel for data transmission with reduced encryption and decryption time.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Abbreviations
- HE:
-
Homomorphic encryption
- IoT:
-
Internet-of-Things
- RBAC:
-
Role-based access control
- CSP:
-
Cloud service provider
- SP:
-
Service provider
- SU:
-
Service user
- SLA:
-
Service level agreement
- CPS:
-
Cyber physical systems
- ACL:
-
Access control list
- CCG:
-
Cipher cloud gateway
- GCD:
-
Greatest common divisor
- DES:
-
Data encryption standard
- AES:
-
Advanced encryption standard
- DoS:
-
Denial of service
References
Ajay (2023) “Has Homomorphic Encryption Finally Arrived or Is It Still A Distant Dream?”, HCL Tech, 03 February 2023. https://www.hcltech.com/blogs/has-homomorphic-encryption-finally-arrived-or-it-still-distant-dream
Alexandru AB, Morari M, & Pappas GJ (2018, December). Cloud-based MPC with encrypted data. In: 2018 IEEE Conference on Decision and Control (CDC) pp 5014–5019
Arun E, Reji A, Mohammed Shameem P, Shaji RS (2017) A novel algorithm for load balancing in mobile cloud networks: multi-objective optimization approach. Wirel Pers Commun 97:3125–3140
Bella, H. K., & Vasundra, S. (2022, January). A study of Security Threats and Attacks in Cloud Computing. In 2022 4th International Conference on Smart Systems and Inventive Technology (ICSSIT) (pp. 658–666). IEEE.
Besharati E, Naderan M, Namjoo E (2019) LR-HIDS: logistic regression host-based intrusion detection system for cloud environments. J Ambient Intell Humaniz Comput 10:3669–3692
Biham E, Shamir A (2012) Differential cryptanalysis of the data encryption standard. Springer, New York
Bodapati JD, Srilakshmi U, Veeranjaneyulu N (2022) FERNet: a deep CNN architecture for facial expression recognition in the wild. J Inst Eng Ser B 103(2):439–448
Boneh D, Goh E, Nissim K (2005) Evaluating 2-DNF formulas on ciphertexts. Second international conference on theory of cryptography, TCC, LNCS, vol 3378. Springer, Berlin, Heidelberg, pp 325–341
Brakerski Z, Vaikuntanathan V (2011) Fully homomorphic encryption from ring-LWE and security for key-dependent messages. In: 31st annual conference on advances in cryptology, CRYPTO, LNCS, vol 6841. Springer, Berlin, Heidelberg, pp 505–524
Chen HC (2016) A trusted user-to-role and role-to-key access control scheme. Soft Comput 20(5):1721–1733
Chen L, Tong Z, Liu W, & Gao C (2012) Non-interactive exponential homomorphic encryption algorithm. In: 2012 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery pp 224–227
Cheng X, Mou J, Shen X, de Vreede T, & Raianer A (2022) Call for paper: Opportunities and challenges in the Metaverse. Internet Research
Cheon JH, Lee HT, Seo JH (2014) A new additive homomorphic encryption based on the co-ACD problem. In: ACM SIGSAC conference on computer and communications security, CCS. ACM, New York, pp 287–298
Cheon JH, Kim A, Kim M, & Song Y (2017, December) Homomorphic encryption for arithmetic of approximate numbers. In: International Conference on the Theory and Application of Cryptology and Information Security. Springer, Cham (pp 409–437)
Coron J-S, Naccache D, Tibouchi M (2012) Public key compression and modulus switching for fully homomorphic encryption over the integers. 31st annual international conference on the theory and applications of cryptographic techniques, Eurocrypt, LNCS, vol 7237. Springer, Berlin, Heidelberg, pp 446–464
Daemen, J., &Rijmen, V. (2013). The design of Rijndael: AES-the advanced encryption standard Springer Science & Business Media.
Deng H, Qin Z, Wu Q, Guan Z, Deng RH, Wang Y, Zhou Y (2020) Identity-based encryption transformation for flexible sharing of encrypted data in public cloud. IEEE Trans Inf Forensics Secur 15:3168–3180
Duo W, Zhou M, Abusorrah A (2022) A survey of cyber attacks on cyber physical systems: recent advances and challenges. IEEE/CAA J Autom Sin 9(5):784–800
Dwivedi YK, Hughes L, Baabdullah AM, Ribeiro-Navarrete S, Giannakis M, Al-Debei MM, Wamba SF (2022) Metaverse beyond the hype: multidisciplinary perspectives on emerging challenges, opportunities, and agenda for research, practice and policy. Int J Inf Manag 66:102542
El Makkaoui A, Ezzati AB-H, Ouhmad S (2020) Fast cloud Paillier homomorphic schemes for protecting condentiality of sensitive data in cloud computing. J. Ambient Intell Humanized Comput. 11(6):2205–2214. https://doi.org/10.1007/s12652-019-01366-3
ElGamal T (1985) A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472
Elgendy I, Zhang W, Liu C, Hsu CH (2018) An efficient and secured framework for mobile cloud computing. IEEE Trans Cloud Comput 9:79–87
Farokhi F, Shames I, Batterham N (2017) Secure and private control using semi-homomorphic encryption. Control Eng Pract 67:13–20
Gentry C, Halevi S, Vaikuntanathan V (2010) A simple BGN-Type cryptosystem from LWE. In: 29th annual international conference on the theory and applications of cryptographic techniques, Eurocrypt, LNCS, vol 6110. Springer, Berlin, Heidelberg, pp 506–522.
Gentry C, Halevi S, Smart NP (2012) Fully homomorphic encryption with polylog overhead. In: 31st annual international conference on the theory and applications of cryptographic techniques, Eurocrypt, LNCS, vol 7237. Springer, Berlin, Heidelberg, pp 465–482
Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: 41st annual ACM symposium on theory of computing, STOC. ACM, New York, pp 169–178
Gundu SR, Panem CA, Thimmapuram A, Gad RS (2021) Emerging computational challenges in cloud computing and RTEAH algorithm based solution. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-021-03380-w
Gupta V, Mittal M (2019) QRS complex detection using STFT, chaos analysis, and PCA in standard and real-time ECG databases. J Inst Eng (india): Ser B 100:489–497
Gupta V, Mittal M (2020a) Arrhythmia detection in ECG signal using fractional wavelet transform with principal component analysis. J Inst Eng (india): Ser B 101(5):451–461
Gupta V, Mittal M (2020b) Efficient R-peak detection in electrocardiogram signal based on features extracted using Hilbert transform and Burg method. J Inst Eng (india): Ser B 101(1):23–34
Gupta V, Mittal M (2021) R-peak detection for improved analysis in health informatics. Int J Med Eng Inf 13(3):213–223
Gupta BB, Agrawal DP, Yamaguchi S (2019) Deep learning models for human centered computing in fog and mobile edge networks. J Ambient Intell Humaniz Comput 10:2907–2911
Gupta V, Mittal M, Mittal V (2020) Chaos theory: an emerging tool for arrhythmia detection. Sens Imaging 21:1–22
Gupta V, Mittal M, Mittal V (2021a) An efficient low computational cost method of R-peak detection. Wirel Pers Commun 118:359–381
Gupta V, Mittal M, Mittal V, Saxena NK (2021b) A critical review of feature extraction techniques for ECG signal analysis. J Inst of Eng (india): Ser B 102:1049–1060
Gupta V, Mittal M, Mittal V, Saxena NK (2021c) BP signal analysis using emerging techniques and its validation using ECG signal. Sens Imaging 22(1):25
Gupta V, Mittal M, Mittal V (2021d) Chaos theory and ARTFA: emerging tools for interpreting ECG signals to diagnose cardiac arrhythmias. Wirel Pers Commun 118:3615–3646
Gupta V, Mittal M, Mittal V (2021e) FrWT-PPCA-based R-peak detection for improved management of healthcare system. IETE J Res. https://doi.org/10.1080/03772063.2021.1982412
Gupta RK, Almuzaini KK, Pateriya RK, Shah K, Shukla PK, Akwafo R (2022a) An improved secure key generation using enhanced identity-based encryption for cloud computing in large-scale 5G. Wirel Commun Mob Comput 2022:1–14
Gupta V, Saxena NK, Kanungo A, Kumar P, Diwania S (2022b) PCA as an effective tool for the detection of R-peaks in an ECG signal processing. Int J Syst Assur Eng Manag 13(5):2391–2403
Gupta V, Mittal M, Mittal V (2022c) A novel FrWT based arrhythmia detection in ECG signal using YWARA and PCA. Wirel Pers Commun. https://doi.org/10.1007/s11277-021-09403-1
Gupta V, Mittal M, Mittal V, Gupta A (2022d) An efficient AR modelling-based electrocardiogram signal analysis for health informatics. Int J Med Eng Inf 14(1):74–89
Gupta V, Mittal M, Mittal V, Chaturvedi Y (2022e) Detection of R-peaks using fractional fourier transform and principal component analysis. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-021-03484-3
Jyoti A, Shrimali M, Tiwari S, Singh HP (2020) Cloud computing using load balancing and service broker policy for IT service: a taxonomy and survey. J Ambient Intell Humaniz Comput 11:4785–4814
Karda K, Dubey N, Kanungo A, Gupta V (2022) Automation of noise sampling in deep reinforcement learning. Int J Appl Pattern Recognit 7(1):15–23
Kim J, Lee C, Shim H, Cheon JH, Kim A, Kim M, Song Y (2016) Encrypting controller using fully homomorphic encryption for the security of cyber-physical systems. IFAC-PapersOnLine 49(22):175–180
Kishida M (2019) Encrypted control system with quantiser. IET Control Theory Appl 13(1):146–151
Moon S, Lee Y (2020) An efficient encrypted floating-point representation using HEAAN and TFHE. Secur Commun Netw 2020:1–18
Nelli A, Jogdand R (2022) SLA-WS: SLA-based workload scheduling technique in multi-cloud platform. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-021-03666-z
Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: 28th annual international conference on the theory and applications of cryptographic techniques, Eurocrypt, LNCS, vol 1592. Springer, Berlin, Heidelberg, pp 223–238
Rabie AH, Saleh AI, Ali HA (2021) Smart electrical grids based on cloud, IoT, and big data technologies: state of the art. J Ambient Intell Humaniz Comput 12:9449–9480
Rajagopal TKP, Venkatesan M (2022) Energy efficient server with dynamic load balancing mechanism for cloud computing environment. Wirel Pers Commun 122(4):3127–3136
Rajagopal TKP, Venkatesan M, Rajivkannan A (2020) An improved efficient dynamic load balancing scheme under heterogeneous networks in hybrid cloud environment. Wirel Pers Commun 111:1837–1851
Ramaiah YG, & Kumari GV (2012, August) Efficient public key homomorphic encryption over integer plaintexts. In: International Conference on Information Security and Intelligent Control. pp 123–128
Rivest RL, Adleman L, Dertouzos ML (1978) On data banks and privacy homomorphisms. Found Secur Comput 4(11):169–180
Sangulagi P, Sutagundar A (2021) Fuzzy based load balancing in sensor cloud: multi-agent approach. Wirel Pers Commun 117(2):1685–1710
Satchidanandan B, Kumar PR (2016) Dynamic watermarking: active defense of networked cyber-physical systems. Proc IEEE 105(2):219–240
Saxena UR, Alam T (2021) Role-based access control using identity and broadcast-based encryption for securing cloud data. J Comput Virol Hacking Tech. https://doi.org/10.1007/s11416-021-00402-1
Saxena UR, & Alam T (2022, May) Modified identify and broadcast-based encryption scheme to secure cloud. In: 2022 International Conference on Computational Intelligence and Sustainable Engineering Solutions (CISES) (pp 289–294). IEEE
Selvakanmani S, Sumathi M (2021) Fuzzy assisted fog and cloud computing with MIoT system for performance analysis of health surveillance system. J Ambient Intell Humaniz Comput 12:3423–3436
Tariq H, Agarwal P (2018) Secure keyword search using dual encryption in cloud computing. Int J Inf Technol. https://doi.org/10.1007/s41870-018-0091-6
Wei Z (2020) A pairing-based homomorphic encryption scheme for multi-user settings. Cryptogr Breakthr Res Pract. https://doi.org/10.4018/978-1-7998-1763-5.ch017
Yang J (2020) Low-latency cloud-fog network architecture and its load balancing strategy for medical big data. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-020-02245-y
Youn TY, Jho NS, Chang KY (2018) Design of additive homomorphic encryption with multiple message spaces for secure and practical storage services over encrypted data. J Supercomput 74(8):3620–3638
Zaraket C, Hariss K, Chamoun M, Nicolas T (2022) Cloud based private data analytic using secure computation over encrypted data. J King Saud Univ-Comput Inf Sci 34(8):4931–4942
Zhang H, Qi Y, Zhou H, Zhang J, Sun J (2017) Testing and defending methods against DoS attack in state estimation. Asian J Control 19(4):1295–1305
Zhou L, Varadharajan V, Hitchens M (2015) Trust enhanced cryptographic role-based access control for secure cloud data storage. IEEE Trans Inf Forensics Secur 10(11):2381–2395
Zhou X, Liu J, Liu W, & Wu Q (2016, May) Anonymous role-based access control on e-health records. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security (pp. 559–570).
Acknowledgements
The authors of the manuscript would like to thank the reviewers for their valuable comments and suggestions.
Funding
This research did not receive any specific grant from funding agencies in the public, commercial, or not-for-profit sectors.
Author information
Authors and Affiliations
Contributions
The authors of the manuscript Urvashi Rahul Saxena and Taj Alam confirm their contributions to the paper as follows: Author Urvashi Rahul Saxena performed the study and conceptualized the design of the proposed work. Author Taj Alam supervised and approved the framework design. The detailed analysis, preparation of the figures, implementation of the results and the draft manuscript was prepared by the Author Urvashi Rahul Saxena. Author Taj Alam reviewed the results, performed proof-reading of the paper, guided throughout the preparation of the manuscript and approved the final version of the manuscript.
Corresponding author
Ethics declarations
Conflict of interest
On behalf of all authors, the corresponding author states that there is no conflict of interest.
Human and animals participants
The authors declare that this research work does not involve any participation of human or animals.
Informed consent
Not Applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Saxena, U.R., Alam, T. Role-based access using partial homomorphic encryption for securing cloud data. Int J Syst Assur Eng Manag 14, 950–966 (2023). https://doi.org/10.1007/s13198-023-01896-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13198-023-01896-2