International Journal of Software Computing and Testing

ABSTRACT

Cloud is providing various services and out of which storage is one such credential service. Many users are gaining benefits by storing their data in cloud because cloud provides unlimited storage, High speed Computations and better convenience. But the problem arises when the user has to store some critical data in the cloud. So, a promising Cryptographic scheme called as Attribute based encryption is needed which not only is showing potential in safeguarding the data privacy in the cloud but also finding the violations in the privacy. On the basis of various Security requirements of Access control mechanisms and Functional requirements of two primary techniques named as Key Policy and Ciphertext Policy Attribute Based Encryption, a detailed survey has been conducted in this paper and various loopholes and various feature of these two techniques are highlighted in a tabular form.

Keywords: Fine Grained Access Control, CP-ABE, KP-ABE, User Revocation, Single Authority, Multi Authority

REFERENCES

M. Armbrust, et al., “A view of cloud computing”, Communications of the ACM, vol.53, no.4, pp.50–58,2010.

R. Kui, W. Cong, W. Qian, “Security challenges for the public cloud”, IEEE Internet Computing, vol.16, no.1,pp.69–73,2012.

S. Subashini, V. Kavitha, “A survey on security issues in service de- livery models of cloud computing”, Journal of Network and Com-puter Applications, vol.34, no.1,pp.1–11, 2011.

D. Zissis, D. Lekkas, “Addressing cloud computing security issues”, Future Generation Computer Systems, vol. 28, no. 3, pp. 583–592, 2012.

A. Sahai, B. Waters, “Fuzzy identity-based encryption,” in Advances in Cryptology (EUROCRYPT’05), LNCS3494, pp.457–473, Springer, 2005.

V. Goyal, O. Pandey, A. Sahai, B. Waters, “Attribute-based encryp- tion for fine-grained access control of encrypted data,” in Proceed- ings of the 13th ACM Conference on Computer and Communications Security,pp.89–98, Alexandria, Virginia, USA, 2006.

J.Bethencourt, A.Sahai, B.Waters, “Ciphertext policy attribute-based encryption,” in Proceedings of the IEEE Symposium on Security and Privacy (SP’07), pp.321–334, California, USA, May 20-23, 2007.

G. R. Blakley, ‘‘Safeguarding cryptographic keys,’’ in Proc. AFIPS Conf., vol. 48. 1979, pp.313–317.

M. Ito, A. Saito, and T. Nishizeki, ‘‘Secret sharing schemes realizing general access structure,’’ in Proc. IEEE Global Telecommun. Conf., vol.87.Tokyo, Japan: IEEE Press, 1987, pp.99–102.

L. Li, T. Gu, L. Chang, Z. Xu, Y. Liu, and J. Qian, ‘‘A ciphertext- policy attribute-based encryption based on an ordered binary deci- sion diagram,’’ IEEE Access, vol. 5, pp. 1137–1145,2017.

D. F. Ferraiolo and D. R. Kuhn, ‘‘Role-based access controls,’’ Mar. 2009, arXiv:0903.2171. [Online]. Available:https://arxiv.org/abs/0903.2171

R. Ostrovsky, A. Sahai, and B. Waters, ‘‘Attribute-based encryption with non-mono tonic access structures,’’ in Proc. ACM Conf. Comput. Commun. Secur., New York, NY, USA, 2007, pp.195–203.

N. Attrapadung, J. Herranz, F. Laguillaumie, B. Libert, E. de Panafieu, and C. Ràfols, ‘‘Attribute-based encryption schemes with constant-size ciphertexts,’’ Theor. Comput. Sci., vol. 422, pp. 15–38, Mar. 2012.

X.Yao, Z.Chen, and Y.Tian, ‘‘A light weight attribute-based encryp- tion scheme for the Internet of Things,’’ Future Generat. Comput. Syst., vol.49,pp.104–112,Aug.2015.

L. Cheung and C. Newport, ‘‘Provably secure ciphertext policy ABE,’’ in Proc. ACM Conf. Comput. Commun. Secur. (CCS), 2007, pp.456–465.

J.Herranz,F.Laguillaumie,andC.Ràfols,‘‘Constant size ciphertexts in threshold attribute-based encryption,’’ in Public Key Cryptogra- phy, vol. 6056, P. Q. Nguyen and D. Pointcheval, Eds. Berlin, Ger- many: Springer, 2010, pp.19–34.

Z. Zhou, D. Huang, and Z. Wang, ‘‘Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryp-tion,’’IEEE Trans. Comput., vol.64, no.1,pp.126–138,Jan.2015.

C.-W. Liu, W.-F. Hsien, C.-C.Yang, and M.-S. Hwang, ‘‘A survey of attribute-based access control with user revocation in cloud data storage,’’ Int.J.Netw.Secur., vol.18, no.5, pp.900–916,Sep.2016.

S. Moffat, M. Hammoudeh, and R. Hegarty, ‘‘A survey on cipher- textpolicy attribute-based encryption (CP-ABE) approaches to data security on mobile devices and its application to IoT,’’ in Proc. Int. Conf. Future Netw. Distrib. Syst., 2017, p.34.

L. Pang, J. Yang, and Z. Jiang, ‘‘A survey of research progress and development tendency of attribute-based encryption,’’ Sci. World J., vol. 2014, Jul. 2014, Art. no.193426.

R.R.Al-Dahhan, Q.Shi, G.M.Lee, and K.Kifayat,‘‘Survey on revo-cation in ciphertext-policy attribute-based encryption,’’ Sensors, vol. 19, no. 7, p. 1695,2019.

Z. Qiao, S. Liang, S. Davis, and H. Jiang, ‘‘Survey of attribute based encryption,’’inProc.15thIEEE/ACISInt.Conf.Softw.Eng.,Artif.In- tell., Netw. Parallel/Distrib. Comput. (SNPD), Las Vegas, NV, USA, Jun./

Jul. 2014, pp.1–6.

C.-C. Lee, P.-S. Chung, and M.-S. Hwang, ‘‘A survey on attribute- based encryption schemes of access control in cloud environ- ments,’ ’Int.J.Netw.Secur.,vol.15, no.4, pp.231–240, Jul.2013.

Y.Cheng, Z.-Y.Wang, J.Ma,J.-J.Wu,S.-Z.Mei,andJ.-C.Ren,‘‘Effi- cient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage,’’ J. Zhejiang Univ. Sci. C, vol. 14, no.2, pp. 85–97,2013.