Leo Messi, profile picture
Uploaded byLeo Messi
PPTX, PDF17 views

Security cloudcomputing presentation_encryption_1

The document proposes a scheme to achieve secure, scalable, and fine-grained data access control in cloud computing. It combines key-policy attribute-based encryption (KP-ABE) and proxy re-encryption (PRE). When a new user joins, the data owner assigns them an access structure and secret key using KP-ABE. To revoke a user, the data is re-encrypted using PRE without needing to re-encrypt the entire data store or interact with the data owner. The proposed scheme provides fine-grained access control, confidentiality of user privileges, accountability of secret keys, and data confidentiality.

Embed presentation

Download to read offline
Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing Instructor: Dr. TRUONG TUAN ANH Presenter: NGUYEN THE CUONG 1
REFERENCES 1. S.C. Yu, C. Wang, K.I. Ren, and W.J. Lou, “Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing.” INFOCOM, 2010 Proceedings IEEE, pp.321-334, 2010. 2. Jeong-Min Do, You-Jin Song, and Namje Park, “Attribute based Proxy Re- Encryption for Data Confidentiality in Cloud Computing Environments.” 2011 First ACIS/JNU International Conference on Computers, Networks, Systems, and Industrial Engineering. 3. Key-Policy Attribute-Based Encryption and Public Key Encryption with Keyword Search (Lesson 8 ). Teacher : Benoit Libert. November 3, 2014. 4. http://mohamednabeel.blogspot.com/2011/03/proxy-re-encryption.html. 5. Internet. 2
CONTENTS 1. INTRODUCTION. 2. RELATED WORK. 3. PROPOSED SCHEME. 4. ANALYSIS OF PROPOSED SCHEME. 5. Q & A. 3
1. INTRODUCTION. • Business environment will move to cloud computing environment. • The problem of data confidentiality in computing environment begins from the untrustworthy cloud service provider. • The data owner (business ) re-encrypt all the data files accessible to the leaving user, or even needs the data owner to stay online to update secret keys for users. • In order to achieve secure, scalable and fine-grained access control on outsourced data in the cloud. 4
1. INTRODUCTION. 5
2. RELATED WORK. a. Key Policy Attribute-Based Encryption (KP- ABE). b. Proxy Re-Encryption (PRE). 6
2. RELATED WORK. a. Key Policy Attribute-Based Encryption (KP-ABE): is a public key cryptography primitive for one-to-many communications. The idea of a KP-ABE is to have the sender encrypt the message only once. It is the policy assigned to users' keys that will determine if these users will be allowed to decrypt: • Ciphertexts are labeled with a set w of descriptive attributes. • Private key corresponds to an access policy P. • Decryption works if and only if P(w) = 1. 7
2. RELATED WORK. a. Key Policy Attribute-Based Encryption (KP-ABE): 8
2. RELATED WORK. 9 a. KP-ABE Examples: • Attributes can be {Researcher, Teacher, Student, ENS Lyon, CNRS}. • M. Dupont is researcher at the CNRS. So, his policy will be : (Researcher AND CNRS). • Mme Dupre is researcher at the ENS Lyon and also teacher at the ENS Lyon. So her policy will be : ((Researcher OR Teacher) AND ENS Lyon). • M. Dupuis is researcher at the CNRS and also gives courses at the ENS Lyon. His policy is : ((Researcher AND CNRS) OR (Teacher AND ENS Lyon)). • Chloe is student at the ENS Lyon, her policy is : (Student AND ENS Lyon). If w = {Researcher, CNRS}, which means that only researchers at the CNRS should be able to decrypt the message, then only M. Dupont and M. Dupuis have the good policy to read the message. If w = Researcher, ENS Lyon, CNRSg, meaning that recipients must be all the research staff in both ENS Lyon and CNRS, then M. Dupont, Mme Dupre and M.Dupuis can all read the message.
2. RELATED WORK. b. Proxy Re-Encryption (PRE). An example would be Alice wants to temporarily forward her emails encrypted under her public key to Bob. So, she forwards her encrypted emails to a proxy and gets it to covert her encrypted emails to the ones encrypted under Bob's public key so that Bob can decrypt and read the emails. 1. The proxy cannot see the plaintext unless it colludes with Bob. 2. The proxy cannot derive the secret key of Alice (even when the proxy colludes with Bob). 10
3. PROPOSED SCHEME. 11
3. PROPOSED SCHEME.  New User Grant: When a new user wants to join the system, the data owner assigns an access structure and the corresponding secret key to this user as follows: (KP-ABE) 12
• KP-ABE: This algorithm takes a message M, the public key PK (Public Key), and a set of attributes i as input. It outputs the ciphertext E. (SK – Secret Key). 3. PROPOSED SCHEME. 13
3. PROPOSED SCHEME.  Revoke user: Proxy Re-Encryption (PRE). 14
4. ANALYSIS OF PROPOSED SCHEME. a)Fine – grained Access Control. b)User Access Privilege Confidentiality. c) User Secret Key Accountability. d)Data Confidentiality. 15
5. Question and Answer: Thanks for watching. 16

More Related Content

PPTX
Lesson4.7 u4 l2 network redundancy
byLexume1
 
PDF
Application of CP-ABE Scheme in Data Sharing System for confidentiality
byEditor IJMTER
 
PDF
Outsourced kp abe with chosen ciphertext security
bycsandit
 
PDF
B04010610
byIJMER
 
PDF
B04010610
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
PDF
CP-ABE Scheme with extended reliability factor and load balancing in distribu...
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
PPTX
Lesson4.9 b u4l3 ip addresses
byLexume1
 
PDF
IRJET- Data Centric Access Control Solution with Role baesd Proxy Re-Encryption
byIRJET Journal
 
Lesson4.7 u4 l2 network redundancy
byLexume1
 
Application of CP-ABE Scheme in Data Sharing System for confidentiality
byEditor IJMTER
 
Outsourced kp abe with chosen ciphertext security
bycsandit
 
B04010610
byIJMER
 
B04010610
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
CP-ABE Scheme with extended reliability factor and load balancing in distribu...
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
Lesson4.9 b u4l3 ip addresses
byLexume1
 
IRJET- Data Centric Access Control Solution with Role baesd Proxy Re-Encryption
byIRJET Journal
 

Similar to Security cloudcomputing presentation_encryption_1

PPTX
Cyber security workshop talk.pptx
bykamalakantas
 
PDF
Improved ciphertext-policy time using short elliptic curve Diffie–Hellman
byIJECEIAES
 
PDF
IJSRED-V2I3P52
byIJSRED
 
PDF
Enhancing Security in Dynamic Public Cloud Data Using Encryption
byAssociation of Scientists, Developers and Faculties
 
PDF
Securing Data retrieval using CPABE scheme with Two Party Computation in DTN ...
byIRJET Journal
 
PDF
A Survey on Access Control Mechanisms using Attribute Based Encryption in cloud
byijsrd.com
 
PDF
Ijcatr04051002
byEditor IJCATR
 
PDF
ijircee_Template
byijircee
 
PDF
Access Policy Management For OSN Using Network Relationships
byIJMTST Journal
 
PDF
IRJET- A Review Paper on an Efficient File Hierarchy Attribute Based Encr...
byIRJET Journal
 
PDF
Secure Data Sharing Algorithm for Data Retrieval In Military Based Networks
byIJTET Journal
 
PDF
IRJET- Compress and Secure Data Sharing for Mobile Cloud Computing
byIRJET Journal
 
DOCX
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
byCloudTechnologies
 
PDF
Ijcatr04051007
byEditor IJCATR
 
PPTX
Achieving Secure And Scalable Cloud computing
byKiran Girase
 
PDF
DECENTRALIZED ACCESS CONTROL OF DATA STORED IN CLOUD USING KEY POLICY ATTRIBU...
byMigrant Systems
 
DOCX
Decentralized access control of data stored in cloud using key policy attribu...
byAdz91 Digital Ads Pvt Ltd
 
PDF
IRJET- Integrity Verification and Attribute based Encryption for Cloud Storage
byIRJET Journal
 
PDF
IRJET- Secure Cloud Data Using Attribute Based Encryption
byIRJET Journal
 
PDF
IRJET- A Novel and Secure Approach to Control and Access Data in Cloud St...
byIRJET Journal
 
Cyber security workshop talk.pptx
bykamalakantas
 
Improved ciphertext-policy time using short elliptic curve Diffie–Hellman
byIJECEIAES
 
IJSRED-V2I3P52
byIJSRED
 
Enhancing Security in Dynamic Public Cloud Data Using Encryption
byAssociation of Scientists, Developers and Faculties
 
Securing Data retrieval using CPABE scheme with Two Party Computation in DTN ...
byIRJET Journal
 
A Survey on Access Control Mechanisms using Attribute Based Encryption in cloud
byijsrd.com
 
Ijcatr04051002
byEditor IJCATR
 
ijircee_Template
byijircee
 
Access Policy Management For OSN Using Network Relationships
byIJMTST Journal
 
IRJET- A Review Paper on an Efficient File Hierarchy Attribute Based Encr...
byIRJET Journal
 
Secure Data Sharing Algorithm for Data Retrieval In Military Based Networks
byIJTET Journal
 
IRJET- Compress and Secure Data Sharing for Mobile Cloud Computing
byIRJET Journal
 
Key aggregate searchable encryption (kase) for group data sharing via cloud s...
byCloudTechnologies
 
Ijcatr04051007
byEditor IJCATR
 
Achieving Secure And Scalable Cloud computing
byKiran Girase
 
DECENTRALIZED ACCESS CONTROL OF DATA STORED IN CLOUD USING KEY POLICY ATTRIBU...
byMigrant Systems
 
Decentralized access control of data stored in cloud using key policy attribu...
byAdz91 Digital Ads Pvt Ltd
 
IRJET- Integrity Verification and Attribute based Encryption for Cloud Storage
byIRJET Journal
 
IRJET- Secure Cloud Data Using Attribute Based Encryption
byIRJET Journal
 
IRJET- A Novel and Secure Approach to Control and Access Data in Cloud St...
byIRJET Journal
 

Recently uploaded

PDF
Edge AI vs Cloud AI: Why Frontend Developers Must Master On-Device Machine Le...
byWorkfall hire developers
 
PDF
Malware_Detection_A_Framework_for_Reverse_Engineered_Android_Applications_Thr...
byKiritiyadavGoskula
 
PDF
IoT/OT Security: Penetration Testing for an Expanding Attack Surface.pdf
byCybernetic Global Intelligence
 
PPTX
apidays Australia 2025 | Advanced GraphQL Security with AI Driven Threat Dete...
byapidays
 
PDF
A Complete Guide to Progressive Web App and Their Development
byMaxtra Technologies
 
PDF
Gojek Clone Business Strategy: From Launch to Scale
byV3CUBE TECHNOLABS
 
PDF
Projectlify: Everything You Need to Get Things Done
byRafal Ksiazek
 
PPTX
apidays Australia 2025 | Hey man, which one will deploy much faster, API or kid?
byapidays
 
PDF
contusion pulmonar y antibiotico en el atls
byMARIAPETRONILAMONTAO
 
PDF
09920-2 JE40CP MB 48.4GY02.021 Schematic Acer Aspire 4741.pdf
bydakjuel1
 
PDF
Salesforce Careers in 2026_ Trends, Certifications, and Must-Have Skills
byDele Amefo
 
PDF
apidays Australia 2025 | Designing with workflows: Using Arazzo and OpenAPI f...
byapidays
 
PDF
apidays Australia 2025 | APIs in Government: A blueprint to automating Busine...
byapidays
 
PPTX
wAIred_RabobankWRProducts__22012026.pptx
bySimonedeGijt
 
PDF
Introduction to Microsoft 365 Security and Compliance.pdf
byjohnsonsouza5
 
PDF
What-Every-Tech-Leader-Needs-to-Know-About-AI-in-2025.pdf
byrishabhxbohra
 
PPTX
Anomalies in Relational Database Management systems.pptx
byamutham12
 
PDF
Postmates Clone App Delivery Service Business Solution.pdf
byV3CUBE TECHNOLABS
 
Edge AI vs Cloud AI: Why Frontend Developers Must Master On-Device Machine Le...
byWorkfall hire developers
 
Malware_Detection_A_Framework_for_Reverse_Engineered_Android_Applications_Thr...
byKiritiyadavGoskula
 
IoT/OT Security: Penetration Testing for an Expanding Attack Surface.pdf
byCybernetic Global Intelligence
 
apidays Australia 2025 | Advanced GraphQL Security with AI Driven Threat Dete...
byapidays
 
A Complete Guide to Progressive Web App and Their Development
byMaxtra Technologies
 
Gojek Clone Business Strategy: From Launch to Scale
byV3CUBE TECHNOLABS
 
Projectlify: Everything You Need to Get Things Done
byRafal Ksiazek
 
apidays Australia 2025 | Hey man, which one will deploy much faster, API or kid?
byapidays
 
contusion pulmonar y antibiotico en el atls
byMARIAPETRONILAMONTAO
 
09920-2 JE40CP MB 48.4GY02.021 Schematic Acer Aspire 4741.pdf
bydakjuel1
 
Salesforce Careers in 2026_ Trends, Certifications, and Must-Have Skills
byDele Amefo
 
apidays Australia 2025 | Designing with workflows: Using Arazzo and OpenAPI f...
byapidays
 
apidays Australia 2025 | APIs in Government: A blueprint to automating Busine...
byapidays
 
wAIred_RabobankWRProducts__22012026.pptx
bySimonedeGijt
 
Introduction to Microsoft 365 Security and Compliance.pdf
byjohnsonsouza5
 
What-Every-Tech-Leader-Needs-to-Know-About-AI-in-2025.pdf
byrishabhxbohra
 
Anomalies in Relational Database Management systems.pptx
byamutham12
 
Postmates Clone App Delivery Service Business Solution.pdf
byV3CUBE TECHNOLABS
 

Security cloudcomputing presentation_encryption_1

  • 1.
    Achieving Secure, Scalable,and Fine-grained Data Access Control in Cloud Computing Instructor: Dr. TRUONG TUAN ANH Presenter: NGUYEN THE CUONG 1
  • 2.
    REFERENCES 1. S.C. Yu,C. Wang, K.I. Ren, and W.J. Lou, “Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing.” INFOCOM, 2010 Proceedings IEEE, pp.321-334, 2010. 2. Jeong-Min Do, You-Jin Song, and Namje Park, “Attribute based Proxy Re- Encryption for Data Confidentiality in Cloud Computing Environments.” 2011 First ACIS/JNU International Conference on Computers, Networks, Systems, and Industrial Engineering. 3. Key-Policy Attribute-Based Encryption and Public Key Encryption with Keyword Search (Lesson 8 ). Teacher : Benoit Libert. November 3, 2014. 4. http://mohamednabeel.blogspot.com/2011/03/proxy-re-encryption.html. 5. Internet. 2
  • 3.
    CONTENTS 1. INTRODUCTION. 2. RELATEDWORK. 3. PROPOSED SCHEME. 4. ANALYSIS OF PROPOSED SCHEME. 5. Q & A. 3
  • 4.
    1. INTRODUCTION. • Businessenvironment will move to cloud computing environment. • The problem of data confidentiality in computing environment begins from the untrustworthy cloud service provider. • The data owner (business ) re-encrypt all the data files accessible to the leaving user, or even needs the data owner to stay online to update secret keys for users. • In order to achieve secure, scalable and fine-grained access control on outsourced data in the cloud. 4
  • 5.
  • 6.
    2. RELATED WORK. a.Key Policy Attribute-Based Encryption (KP- ABE). b. Proxy Re-Encryption (PRE). 6
  • 7.
    2. RELATED WORK. a.Key Policy Attribute-Based Encryption (KP-ABE): is a public key cryptography primitive for one-to-many communications. The idea of a KP-ABE is to have the sender encrypt the message only once. It is the policy assigned to users' keys that will determine if these users will be allowed to decrypt: • Ciphertexts are labeled with a set w of descriptive attributes. • Private key corresponds to an access policy P. • Decryption works if and only if P(w) = 1. 7
  • 8.
    2. RELATED WORK. a.Key Policy Attribute-Based Encryption (KP-ABE): 8
  • 9.
    2. RELATED WORK. 9 a.KP-ABE Examples: • Attributes can be {Researcher, Teacher, Student, ENS Lyon, CNRS}. • M. Dupont is researcher at the CNRS. So, his policy will be : (Researcher AND CNRS). • Mme Dupre is researcher at the ENS Lyon and also teacher at the ENS Lyon. So her policy will be : ((Researcher OR Teacher) AND ENS Lyon). • M. Dupuis is researcher at the CNRS and also gives courses at the ENS Lyon. His policy is : ((Researcher AND CNRS) OR (Teacher AND ENS Lyon)). • Chloe is student at the ENS Lyon, her policy is : (Student AND ENS Lyon). If w = {Researcher, CNRS}, which means that only researchers at the CNRS should be able to decrypt the message, then only M. Dupont and M. Dupuis have the good policy to read the message. If w = Researcher, ENS Lyon, CNRSg, meaning that recipients must be all the research staff in both ENS Lyon and CNRS, then M. Dupont, Mme Dupre and M.Dupuis can all read the message.
  • 10.
    2. RELATED WORK. b.Proxy Re-Encryption (PRE). An example would be Alice wants to temporarily forward her emails encrypted under her public key to Bob. So, she forwards her encrypted emails to a proxy and gets it to covert her encrypted emails to the ones encrypted under Bob's public key so that Bob can decrypt and read the emails. 1. The proxy cannot see the plaintext unless it colludes with Bob. 2. The proxy cannot derive the secret key of Alice (even when the proxy colludes with Bob). 10
  • 11.
  • 12.
    3. PROPOSED SCHEME. New User Grant: When a new user wants to join the system, the data owner assigns an access structure and the corresponding secret key to this user as follows: (KP-ABE) 12
  • 13.
    • KP-ABE: Thisalgorithm takes a message M, the public key PK (Public Key), and a set of attributes i as input. It outputs the ciphertext E. (SK – Secret Key). 3. PROPOSED SCHEME. 13
  • 14.
    3. PROPOSED SCHEME. Revoke user: Proxy Re-Encryption (PRE). 14
  • 15.
    4. ANALYSIS OFPROPOSED SCHEME. a)Fine – grained Access Control. b)User Access Privilege Confidentiality. c) User Secret Key Accountability. d)Data Confidentiality. 15
  • 16.
    5. Question andAnswer: Thanks for watching. 16