Visible to the public Data Security in cloud computing using Hierarchical CP-ABE scheme with scalability and flexibility

TitleData Security in cloud computing using Hierarchical CP-ABE scheme with scalability and flexibility
Publication TypeConference Paper
Year of Publication2018
AuthorsShelke, Vishakha M., Kenny, John
Conference Name2018 International Conference on Smart City and Emerging Technology (ICSCET)
Date PublishedJan. 2018
ISBN Number978-1-5386-1185-2
KeywordsAttribute key, authorisation, Authorization, authorization mechanisms, Cipher Text Policy-Attribute Based Encryption (CP-ABE), CipherText Policy Attribute Based Encryption, cloud computing, cloud service provider, Collaboration, CP-ABE, cryptography, Data security, Encryption, fine grained access control, Hierarchical CP-ABE, hierarchical CP-ABE scheme, key policy attribute based encryption, KP-ABE, Organizations, policy-based governance, pubcrawl, quality of service, Scalability, scalable access control, SQL Injection, SQL injection attack

Cloud computing has a major role in the development of commercial systems. It enables companies like Microsoft, Amazon, IBM and Google to deliver their services on a large scale to its users. A cloud service provider manages cloud computing based services and applications. For any organization a cloud service provider (CSP) is an entity which works within it. So it suffers from vulnerabilities associated with organization, including internal and external attacks. So its challenge to organization to secure a cloud service provider while providing quality of service. Attribute based encryption can be used to provide data security with Key policy attribute based encryption (KP-ABE) or ciphertext policy attribute based encryption (CP-ABE). But these schemes has lack of scalability and flexibility. Hierarchical CP-ABE scheme is proposed here to provide fine grained access control. Data security is achieved using encryption, authentication and authorization mechanisms. Attribute key generation is proposed for implementing authorization of users. The proposed system is prevented by SQL Injection attack.

Citation Keyshelke_data_2018