Project Presentation

“Multiple Attribute Authorities for Public Cloud Storage using

a Robust Auditable Access Control”

Presented By
ShubhamPrakash (1DS14IS101) Under The Guidance Of
Nikhil Kumar Singh (1DS14IS063) Mrs. Chandrakala B.M
Prateek Kumar (1DS14IS072) Assistant Professor
Vishwendra Singh (1DS14IS120)

Department of ISE, DSCE

1
 CONTENTS

1. INTRODUCTION
2. MOTIVATION TO CHOOSE THE PROJECT
3. PROBLEM STATEMENT
4. OBJECTIVES TO BE ACHIEVED
5. EXISTING SYSTEM
6. LITERATURE SURVEY
7. PROPOSED SYSTEM
8. SYSTEM DESIGN AND ARCHITECTURE
9. CONCLUSION
10 PUBLICATION DETAILS
11. REFERENCES

Department of ISE, DSCE 2

 INTRODUCTION
➢ Cloud computing is a method for delivering IT services in which resources are
retrieved from the Internet through web-based tools .

➢ To address the issue of data access control in cloud storage i.e Ciphertext-Policy
Attribute-Based Encryption (CP-ABE) .

➢ Since there is only one authority in charge of all attributes in single-authority

schemes it makes all secret key requests unavailable during that period.

➢ Assigning multiple authorities to the existing will not only make the key generation
process more efficient but also shed the load of the previous authority.

Finally, we provide implementation of proposed scheme to demonstrate its practicability.

Department of ISE, DSCE 3

 MOTIVATION TO CHOOSE THE PROJECT
❖ User friendly and cost effiective-It allows the users to take benefit from the technology,
without the need for deep knowledge about or expertise with it and is aims to cut costs, and
helps the users focus on their core business instead of being impeded by IT obstacles.

❖ Future of technology - Cloud storage has become quite attractive due to its elasticity,
availability and scalability. However, the security issue has started to prevent public clouds from
getting even more popular.

❖ Scopes in Security and Performance related solutions - Traditional encryption

algorithms fail to help achieve effective secure cloud storage due to their severe issues such as
complex key management and heavy redundancy.

❖ Improvement of the existing model - Ciphertext-Policy Attribute Based Encryption (CP-

ABE) has been been the widely used model which has to perform both the user verification and
key distribution that results in the single point bottleneck situation that affects the performance.

Department of ISE, DSCE

4
 PROBLEM STATEMENT
● The inefficiency of the single attribute authority service results in single-point
performance bottleneck, which will cause system congestion.

● Single-point performance bottleneck problem affects the efficiency of secret key

generation service and immensely degrades the utility of the existing schemes to
conduct access control in large cloud storage systems.

Department of ISE, DSCE

5
 Objectives to be achieved

● To propose a novel heterogeneous framework to remove the problem of single-

point performance bottleneck and provide a more efficient access control scheme
with an auditing mechanism.

● To Achieve security requirements and great performance improvement in Cloud

storage and Access control.

Department of ISE, DSCE

6
 Literature Survey
● Kaiping Xue, Senior Member, IEEE, Yingjie Xue, Jianan Hong, Wei Li, Hao Yue,
Member, IEEE, David S.L. Wei, Senior Member, IEEE, and Peilin
Hong,”RAAC:Robust and Auditable Access Control with Multiple Attribute
Authorities for Public Cloud Storage”, IEEE 2017 (Base paper)

● Ciphertext-Policy Attribute-Based Encryption (CP-ABE) was first formulated by

V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute Based encryption for fine-
grained access control of encrypted data,” in Proceedings of the 13th ACM
Conference on Computer and Communications Security (CCS 2015).

● The first CP-ABE scheme was proposed by J. Bethencourt, A. Sahai, and B. Waters,
“Ciphertext Policy attribute-based encryption,” in Proceedings of IEEE Symposium
on Security and Privacy (S&P 2013).
But this scheme was proved secure only in the generic group model.

Department of ISE, DSCE 7

 EXISTING SYSTEM

● Ciphertext-Policy Attribute-Based Encryption (CP-ABE)

● In CP-ABE schemes, the access control is achieved by using cryptography,
where owner’s data is encrypted with an access structure over attributes, and a
user’s secret key is labelled with his/her own attributes.
● CP-ABE is divided into two categories: single authority and multi authority.
● Although existing CP-ABE access control schemes have a lot of attractive
features, they are neither robust nor efficient in key generation.

● Disadvantage of Existing System :

● Neither robust nor efficient in key generation
● Drawbacks of single-point bottleneck and low efficiency and low performance

Department of ISE, DSCE 8

EXISTING SYSTEM

Department of ISE, DSCE 9

 PROPOSED SYSTEM
1.) In this project, we proposed a new framework, named RAAC(Robust and
Auditable Access Control), to eliminate the single-point performance bottleneck of
the existing CP-ABE schemes.

2.) By effectively reformulating CP-ABE our proposed scheme provides a, robust

and efficient access control with one-CA/multi-AAs for public cloud storage.

3.) The CA generates the secret key for the user on the basis of the received
intermediate key.
.
4.) AA’s is selected to verify the legitimacy of the user’s attribute and then it
generates an intermediate key to send to CA.

● Multiple AA can work in random parallely to share the load of time

consuming legitimacy verification.

Department of ISE, DSCE 10

System Design/Architecture

Department of ISE, DSCE 11

The system model of our design is shown in Model Diagram , which
involves five entities:

1) A central authority (CA)

2) Multiple attribute authorities (AAs)

3) Many data owners (Owners)

4) Many data consumers (Users), and

5) A cloud service provider with multiple cloud servers(here, we mention it as cloud

server)

Department of ISE, DSCE

Advantage of proposed System :

Auditing method to trace an attribute authority’s potential misbehavior

➢ Performance analysis based on queuing theory showed the superiority of our

scheme over the traditional CP-ABE based access control schemes for public
cloud storage.
➢ Not only guarantees the security requirements but also makes great performance
improvement on key generation.

Department of ISE, DSCE

CLASS DIAGRAM

Department of ISE, DSCE 14

 15
Department of ISE, DSCE
 SEQUENCE DIAGRAM -DOWNLOAD PROCESS

16
Department of ISE, DSCE
SYSTEM REQUIREMENTS

Department of ISE, DSCE 17

RESULT AND PERFORMANCE

Department of ISE, DSCE

Department of ISE, DSCE
CONCLUSION

❏ By effectively reformulating CP-ABE cryptographic technique into our novel

framework, our proposed scheme provides a fine-grained, robust and efficient
access control with one-CA/multi-AAs for public cloud storage. Our scheme
employs multiple AAs to share the load of the time-consuming legitimacy
verification and standby for serving new arrivals of users’ requests. The
security analysis shows that our scheme could effectively resist to individual
and colluded malicious users, as well as the honest-but-curious cloud servers.

Department of ISE, DSCE

References -:
[1] Kaiping Xue, Senior Member, IEEE, Yingjie Xue, Jianan Hong, Wei Li, Hao Yue, Member, IEEE, David S.L. Wei,
Senior Member, IEEE, and Peilin Hong,”RAAC:Robust and Auditable Access Control with Multiple Attribute Authoraties
for Public Cloud Storage”, IEEE 2018 (Base paper)

[2] P. Mell and T. Grance, “The NIST definition of cloud computing,” National Institute of Standards and Technology
Gaithersburg, 2011.

[3] Z. Fu, K. Ren, J. Shu, X. Sun, and F. Huang, “Enabling personalized search over encrypted outsourced data with
efficiency improvement,” IEEE Transactions on Parallel & Distributed Systems, vol. 27, no. 9, pp. 2546–2559, 2016.

[4] Z. Fu, X. Sun, S. Ji, and G. Xie, “Towards efficient content-aware search over encrypted outsourced data in cloud,” in
in Proceedings of 2016 IEEE Conference on Computer Communications (INFOCOM 2016). IEEE, 2016, pp. 1–9.

[5] K. Xue and P. Hong, “A dynamic secure group sharing framework in public cloud computing,” IEEE Transactions on
Cloud Computing, vol. 2, no. 4, pp. 459–470, 2014.

[6] Y. Wu, Z. Wei, and H. Deng, “Attribute-based access to scalable media in cloud-assisted content sharing,” IEEE
Transactions on Multimedia, vol. 15, no. 4, pp. 778–788, 2013.

[7] J. Hur, “Improving security and efficiency in attribute based data sharing,” IEEE Transactions on Knowledge and Data
Engineering, vol. 25, no. 10, pp. 2271–2282, 2013.

Department of ISE, DSCE 21

[8] J. Hur and D. K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,” IEEE
Transactions on Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214–1221, 2011.

[9] J. Hong, K. Xue, W. Li, and Y. Xue, “TAFC: Time and attribute factors combined access control on time sensitive data in
public cloud,” in Proceedings of 2015 IEEE Global Communications Conference (GLOBECOM 2015). IEEE, 2015, pp. 1–6.

[10] Y. Xue, J. Hong, W. Li, K. Xue, and P. Hong, “LABAC: A location-aware attribute-based access control scheme for cloud
storage,” in Proceedings of 2016 IEEE Global Communications Conference (GLOBECOM 2016). IEEE, 2016, pp. 1–6.

[11] A. Lewko and B. Waters, “Decentralizing attribute-based encryption,” in Advances in Cryptology–EUROCRYPT 2011.
Springer, 2011, pp. 568–588.

Department of ISE, DSCE

PUBLICATIONS

❏ Paper ID: 4090

❏ Paper Name: "MULTIPLE ATTRIBUTE AUTHORITY FOR PUBLIC CLOUD

STORAGE USING ROBUST AUDITABLE ACCESS CONTROL "

❏ Publishing Journal: International Journal Of Engineering And Computer

Science Volume 7 Issue 5 [May 2018]

Department of ISE, DSCE

Thank You