ICISS 2011: Information Systems Security pp 175-189 | Cite as

Secured Cloud Storage Scheme Using ECC Based Key Management in User Hierarchy

  • Atanu Basu
  • Indranil Sengupta
  • Jamuna Kanta Sing
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7093)

Abstract

In our proposed scheme, the data owner outsources huge volume of data to a cloud storage provider and the end users request data to the data owner. The data owner encrypts the data before sending it to the cloud service provider and does over-encryption proposed by Vimercati et al. [4] to the outsourced encrypted data before sending it to the users. We incorporate an existing Elliptic Curve Cryptography (ECC) based key management scheme in user hierarchy proposed by Nikooghadam et al. [11] in our scheme which classifies users in security classes and efficiently helps to derive the secret keys of the lower order security classes. The cloud storage component of our scheme will not have to perform any extra work except storing data and this reduces the cost of the data owner as per pay-per-use pricing policy of the cloud service provider. Our scheme incurs low overhead for key generation as well as for its storage and the end users can use wireless mobile devices. The scheme is useful in owner-write-users-read applications and it is secured from the adversaries.

Keywords

Cloud storage data owner trusted dealer ECC adversary 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    CSA (Cloud Security Alliance): Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, http://www.cloudsecurityalliance.org/guidance (December 2009)
  2. 2.
    Mell, P., Grance, T.: The NIST Definition of Cloud Computing Version 15. Information Technology Laboratory, NIST (National Institute of Standards and Technology) (October 2009), http://csrc.nist.gov/groups/SNS/cloud-computing
  3. 3.
    Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) FC 2010 Workshop. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Vimercati, S.D.C.D., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: International Conference on Very Large Databases, September 23-28, pp. 123–134 (2007)Google Scholar
  5. 5.
    Vimercati, S.D.C.D., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: A data outsourcing architecture combining cryptography and access control. In: ACM Workshop on Computer Security Architecture, November 02, pp. 63–69 (2007)Google Scholar
  6. 6.
    Damiani, E., Vimercati, S.D.C.D., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: An Experimental Evaluation of Multi-Key Strategies for Data Outsourcing. In: New Approaches for Security, Privacy and Trust in Complex Environments. IFIP International Federation for Information Processing, vol. 232, pp. 385–396. Springer, Heidelberg (2007)Google Scholar
  7. 7.
    Wang, W., Li, Z., Owens, R., Bhargava, B.: Secure and efficient access to outsourced data. In: ACM workshop on Cloud Computing Security, pp. 55–66 (2009)Google Scholar
  8. 8.
    Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Heidelberg (2004)MATHGoogle Scholar
  9. 9.
    SEC 1: Elliptic Curve Cryptography, Standards for Efficient Cryptography 1 (SEC1), Working Draft, Version 1.9, (August 22, 2008)Google Scholar
  10. 10.
    Vanstone, S.A.: Elliptic curve cryptosystem - The Answer to Strong, Fast Publickey Cryptography for Securing Constrained Environments. Information Security Technical Report 12(2), 78–87 (1997)CrossRefGoogle Scholar
  11. 11.
    Nikooghadam, M., Zakerolhosseini, A., Moghaddam, M.E.: Efficient utilization of elliptic curve cryptosystem for hierarchical access control. The Journal of Systems and Software 83(10), 1917–1929 (2010)CrossRefGoogle Scholar
  12. 12.
    Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and ecient key management for access hierarchies. ACM Trans. Inf. Syst. Secur. 12(3), 1–43 (2009)CrossRefGoogle Scholar
  13. 13.
    Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: USENIX Conference on File and Storage Technologies, pp. 29–42 (2003)Google Scholar
  14. 14.
    Akl, S.G., Taylor, P.D.: Cryptographic solution to a multilevel security problem. In: Proceeding Advances in Cryptology, pp. 237–249 (1982)Google Scholar
  15. 15.
    Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transaction on Computer Systems 1(3), 239–248 (1983)CrossRefGoogle Scholar
  16. 16.
    Chang, C.C., Hwang, R.J., Wu, T.C.: Cryptographic key assignment scheme for access control in a hierarchy. Information Systems 17(3), 243–247 (1992)CrossRefGoogle Scholar
  17. 17.
    Shen, V.R.L., Chen, T.: A novel key management scheme based on discrete logarithms and polynomial interpolations. Computers & Security 21(2), 164–171 (2002)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Chang, C.C., Lin, I.C., Tsai, H.M., Wang, H.H.: A key assignment scheme for controlling access in partially ordered user hierarchies. In: 18th IEEE International Conference on Advanced Information Networking and Applications (AINA 2004), Fukuoka, Japan, vol. 2, pp. 376–379 (March 2004)Google Scholar
  19. 19.
    Jeng, F.G., Wang, C.M.: An efficient key-management scheme for hierarchical access control based on elliptic curve cryptosystem. The Journal of Systems and Software, 1161–1167 (2006)Google Scholar
  20. 20.
    Chung, Y.F., Lee, H.H., Lai, F., Chen, T.S.: Access control in user hierarchy based on elliptic curve cryptosystem. Information Sciences 178, 230–243 (2008)MathSciNetCrossRefMATHGoogle Scholar
  21. 21.
    Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: International Conference on Very large Data Bases (VLDB 2007), pp. 782–793. ACM (2007)Google Scholar
  22. 22.
    Goodrich, M.T., Papamanthou, C., Tamassia, R., Triandopoulos, N.: Athos: Efficient Authentication of Outsourced File Systems. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 80–96. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  23. 23.
    Bowers, K.D., Juels, A., Oprea, A.: HAIL: A High-availability and Integrity Layer for Cloud Storage. In: 16th ACM Conference on Computer and Communications Security, pp. 187–198. ACM (2009)Google Scholar
  24. 24.
    Hasegawa, T., Nakajima, J., Matsui, M.: A Practical Implementation of Elliptic Curve Cryptosystems over GF(p) on a 16-Bit Microcomputer. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 182–194. Springer, Heidelberg (1998)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Atanu Basu
    • 1
  • Indranil Sengupta
    • 1
  • Jamuna Kanta Sing
    • 2
  1. 1.Department of Computer Science and EngineeringIndian Institute of TechnologyKharagpurIndia
  2. 2.Department of Computer Science and EngineeringJadavpur UniversityKolkataIndia

Personalised recommendations