Secure Cloud Storage System by Integrating Trust with Role Based Access Control and Cryptographic Algorithm

  • Avdhut Suryakant BhiseEmail author
  • Patil M. Toushif Latif
Conference paper


Cloud computing is becoming the growing and advanced field in Information Technology. It is providing services to an organization over a network with the ability to increase and decrease their service requirements. These services are established and provided by a third party, who have their own infrastructure. It’s having a number of benefits but most organizations are worried due to security issues and challengesof the cloud. The security required at the bussiness level forces to design models that solve the organizational and dispense aspects of information usage. These models need to present the security policies plan to protect information against illegal access and modification stored in a cloud. The paper describes the way for designing the security requirements from the view of tasks done in an organization by using the cryptographic concepts to store data on the cloud in less time and cost for the process of encryption and decryption. In this paper, the RSA and AES algorithms are used for encryption and decryption of data. The role-based access control is used for providing accessibility according to the role assigned to the user. This system provides the rights for uploading to the user when that person is authorized by the Owner or Administrator.


Role based access control RSA AES Trust management Cloud computing 


  1. 1.
    Armbrust M, Fox A, Griffith R, Joseph AD, Katz RH, Konwinski A et al (2010) A view of cloud computing. Commun ACM 53(4):50–58CrossRefGoogle Scholar
  2. 2.
    Zhou L, Varadharajan V, Hitchens M (2011) Enforcing role-based access control for secure data storage in the cloud. Comput J 54(13):1675–1687CrossRefGoogle Scholar
  3. 3.
    Zhu Y, Hu H, Ahn G-J, Wang H, Wang S-B (2011) Provably secure role-based encryption with revocation mechanism. J Comput Sci Technol 26(4):697–710MathSciNetCrossRefGoogle Scholar
  4. 4.
    Akland SG, Taylor PD (1983) Cryptographic solution to a problem of access control in a hierarchy. ACM Trans Comput Syst 1(3):239–248CrossRefGoogle Scholar
  5. 5.
    Hassen HR, Bouabdallah A, Bettahar H, Challal Y (2007) Key management for content access control in a hierarchy. Comput Netw 51(11):3197–3219CrossRefGoogle Scholar
  6. 6.
    Bhise AS, Phursule RN (2015) A review of role based encryption system for secure cloud storage. Int J Comput Appl 109(14):15–20Google Scholar
  7. 7.
    Jayant B, Swapnaja U (2015) Secure cloud storage system by integrating trust and role based encryption scheme. In IJECS 4(5), MayGoogle Scholar
  8. 8.
    Abadi M, Fournet C (2003) Access control based on execution history. In: Proceedings of NDSSS’03, pp 107–121Google Scholar
  9. 9.
    Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, pp 89–98Google Scholar
  10. 10.
    Sandhu R, Zhang X (2005) Peer-to-peer access control architecture using trusted computing technology. In: Proceedings of the 10th ACM symposium on access control models and technologies (SACMAT’05), Stockholm, Sweeden, June, pp 147–158Google Scholar
  11. 11.
    Bethencourt J, Sahai A, Waters B (2007) Cipher text- policy attribute-based encryption. In: Proceedings of the IEEE symposium on security and privacy, pp 321–334Google Scholar
  12. 12.
    Anjali DV, Chandrashekara DSN (2016) Design and implementation of secure cloud storage system using hybrid cryptography algorithm with role based access control model. IJETR 5(1)Google Scholar
  13. 13.
    Singh SP, Maini R (2011) Comparison of data encryption algorithms. Int J Comput Sci Comm 2(1):125–127Google Scholar
  14. 14.
    Bokefode Jayant D, Ubale Swapnaja A (2015) Developing secure cloud storage system by applying AES and RSA cryptography algorithms with role based access control model. Int J Comput Appl 118(12)Google Scholar
  15. 15.
    Atulkhate (2009) Cryptography and network security, 2nd edn. Tata Mcgraw hill, pp 87–2004Google Scholar
  16. 16.
    Davis R (1978) The data encryption standard in perspective. In: Proceedings of communication society magazine, IEEE 16(6), November, pp 5–6Google Scholar
  17. 17.
    Ferraiolo D, Kuhn R (1992) Role-based access controls. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference, Bultimore, Maryland, USA, October, pp 554–56Google Scholar
  18. 18.
    Sandhu R, Coyne E, Feinstein H, Youman C (1996) Role-based access control models. IEEE Comput 29(2):38–47CrossRefGoogle Scholar
  19. 19.
    Ferraiolo D, Sandhu R, Gavrila S, Kuhn R, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur 4(3):224–274CrossRefGoogle Scholar
  20. 20.
    Edjlali G, Acharya A, Chaudhary V (1998) History-based access control for mobile code. In: Proceedings of the 5th ACM conference on Computer and Communication Security (CCS’98), San Francisco, California, USA, November, pp 38–48Google Scholar
  21. 21.
    Daemen J, Rijmen V (2001) Rijndael: the advanced encryption standard. Dr Dobb’s J 26(3):137–139zbMATHGoogle Scholar
  22. 22.
    Yang B, Jia X (2012) Attribute-based access control for multi-authority systems in cloud storage. In: Proceedings of the 32nd IEEE international conference on distributed computing systems, pp 536–545Google Scholar
  23. 23.
    Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126MathSciNetCrossRefGoogle Scholar
  24. 24.
    Ubale SA, Apte SS Comparison of ACL based security models for securing resources for windows operating system. IJSHRE 2(6):63Google Scholar
  25. 25.
    Di Vimercati SDC, Foresti S, Jajodia S, Paraboschi S, Samarati P (2007) Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the VLDB, September, pp 123–134Google Scholar
  26. 26.
    Blundo C, Cimato S, Di Vimercati SDC, Santis AD, Foresti S, Paraboschi S et al (2009) Efficient key management for enforcing access control in outsourced scenarios. In: SEC (IFIP), vol 297. Springer, New York, pp 364–375Google Scholar
  27. 27.
    Samarati P, Di Vimercati (2010) Data protection in outsourcing scenarios: issues and directions. In: Proceedings of the ASIACCS, April, pp 1–14Google Scholar
  28. 28.
    Gentry C, Silverberg A (2002) Hierarchical ID-based cryptography. In: ASIACRYPT (Lecture notes in computer science), vol 2501. Springer, New York, pp 548–566Google Scholar
  29. 29.
    Boneh D, Boyen X, Goh E-J (2005) Hierarchical identity based encryption with constant size ciphertext. In: EUROCRYPT (Lecture notes in computer science), vol 3494. Springer, New York, pp 440–456Google Scholar
  30. 30.
    Zhu Y, Ma D, Hu C, Huang D (2013) How to use attribute-based encryption to implement role-based access control in the cloud. In: Proceedings of the international workshop security cloud computing, pp 33–40Google Scholar
  31. 31.
    Ubale SA, Apte SS (2011) Bio-enable security for operating system by customizing Gina, high performance architecture and grid computing communications in computer and information science. 169:179–185Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Avdhut Suryakant Bhise
    • 1
    Email author
  • Patil M. Toushif Latif
    • 2
  1. 1.Department of Information TechnologySVERI’s COE (Poly.)PandharpurIndia
  2. 2.Department of Computer EngineeringA.G. Patil Polytechnic InstituteSolapurIndia

Personalised recommendations