Secure Data Storage in Cloud using Centralized Access Control with Anonymous Authentication
Athira R1, Lekshmy D Kumar2
1Athira R, Department of Computer Science, University of Kerala/ SCT College of Engineering, Trivandrum (Kerala), India.
2Lekshmy D Kumar, Department of Computer Science, University of Kerala / SCT College of Engineering, Trivandrum (Kerala), India.
Manuscript received on 15 October 2015 | Revised Manuscript received on 25 October 2015 | Manuscript Published on 30 October 2015 | PP: 97-101 | Volume-5 Issue-1, October 2015 | Retrieval Number: F4234084615/15©BEIESP
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Cloud computing’s multi-tenancy feature which provides privacy, security and access control challenges because of sharing of physical resources among untrusted tenants. Much of the data stored in clouds is highly sensitive particularly in the case of medical records and social networks. Security and privacy are very important issues in cloud computing. In one hand, the user should authenticate itself before initiating any transaction, and on the other hand, it must be ensured that the cloud does not tamper with the data that is outsourced. User privacy is also required so that the cloud or other users do not know the identity of the user. The validity of the user who stores the data is also verified. In order to achieve safe storage, a suitable encryption technique with key management should be applied before outsourcing the data. A new decentralized access control scheme is implemented for secure data storage in clouds, which supports anonymous authentication. In this scheme, the cloud verifies the authenticity of the user without knowing the user’s identity before storing data. The scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification and reading data stored in the cloud. User revocation is also addressed. Moreover, the authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized.
Keywords: Attribute Based Encryption, Access Control, Authentication.
Scope of the Article: Cloud Computing