Improving Privacy and Security in Decentralizing Multi-Authority Attribute-Based Encryption in Cloud Computing
ABSTRACT
Decentralizing multi-authority Attribute-Based Encryption has been adopted for solving problems arising from sharing confidential corporate data in cloud computing. For decentralizing multi-authority Attribute-Based Encryption systems that do not rely on a central authority, collusion resistance can be achieved using a Global Identifier. Therefore, identity needs to be managed globally, which results in crucial problems of privacy and security. A scheme is developed that does not use a central authority to manage users and keys, and only simple trust relations need to be formed by sharing the public key between each Attribute Authority. User identities are unique by combining a user’s identity with the identity of the Attribute Authority where the user is located. Once a key request needs to be made to an authority outside the domain, the request needs to be performed by the authority in the current domain rather than by the users, so, user identities remain private to the Attribute Authority outside the domain, which will enhance privacy and security. In addition, the key issuing protocol between Attribute Authority is simple as result of the trust relationship of Attribute Authority. Moreover, extensibility for authorities is also supported by the scheme presented in this essay. The scheme is based on Composite Order Bilinear Groups. A proof of security is presented that uses the Dual System Encryption methodology.
EXISTING SYSTEM :
Cloud computing enables users to store their sensitive data into untrusted remotely cloud service providers to achieve scalable services on-demand. Prominent security requirements arising from this means of data storage and management include data security and privacy and require the use of strong encryption techniques with fine-grained access control for data security in cloud computing. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. With the emergence of sharing confidential corporate data on cloud servers, data are generated by several organizations, and access policies can be defined by several authorities. Single-authority ABE cannot meet the demands of decentralized distribution, and decentralizing multi-authority ABE have been proposed to solve those problems.
PROPOSED SYSTEM :
Our scheme is a decentralized multi-authority ABE that will dynamically enhance privacy and security. A central authority is not relied on to manage users and keys. Our scheme offers some improvements by combining a user’s identity with the identity of the Attribute Authority (AA) where the user is located. This leads to unique user identifiers globally, and the problem of collusion resistance is also solved. In addition, user identity management does not require support from a new management organization. In our scheme, when the user requests an attribute secret key, if the attributes are located outside the domain, the request by the source AA in the domain to the target AA is used rather than by requests by users them selves.So, user identities remain private to the AAs outside the domain, thus avoiding privacy disclosure. The key issuing protocol between AAs is simple as result of the trust relationship of AAs. On the other hand, using the AA instead of users to initialize attribute requests can greatly improve efficiency and security. In addition, some simple parameter exchanges only occur at the very early stage of the construction of each attribute authority. The trust relationship can also only be made by sharing the public key between each AA. User management and key distribution are conducted by the AA within the domain, and, therefore, the dynamic joining of AA is supported in our scheme. Dual system encryption has been used to test the security of our scheme.
CONCLUSIONS
Decentralizing multi-authority ABE can solve problems arising from security requirements of sharing confidential corporate data on cloud servers. For decentralized multi-authority ABE schemes with non-central authority, the collusion resistant can be solved using the GID. Therefore, the uniqueness of user identities needs to be managed globally, which results in crucial problems of privacy and security. In this essay, a scheme without a central authority to manage keys and users has been proposed, and privacy and security have been enhanced dynamically. User identities tend to be unique globally to achieve collusion resistant, but identities need not be published globally. Privacy has been enhanced. Moreover, user identity management does not need to be offered by related organizations.( When a user requests a user attribute key from an attribute authority outside the domain, the current authority, not the user, performs the task. Efficiency is improved and user privacy is protected. In addition, the possibility of cheating suffered by users is also decreased. To build trust relations, only global parameters and public key information need to be swapped between attribute authorities. Each attribute authority manages its own keys and users, and the attribute authorities therefore can be flexibly expanded.